|
 |
81223b1 |
From 3c570a60f7386ec026ef5dcafd54200d85826604 Mon Sep 17 00:00:00 2001
|
|
|
81223b1 |
From: ph10 <ph10@6239d852-aaf2-0410-a92c-79f79f948069>
|
|
|
81223b1 |
Date: Tue, 2 Feb 2016 17:22:55 +0000
|
|
|
81223b1 |
Subject: [PATCH] Detect unmatched closing parentheses in the pre-scan to avoid
|
|
|
81223b1 |
giving incorrect error messages.
|
|
|
81223b1 |
MIME-Version: 1.0
|
|
|
81223b1 |
Content-Type: text/plain; charset=UTF-8
|
|
|
81223b1 |
Content-Transfer-Encoding: 8bit
|
|
|
81223b1 |
|
|
|
81223b1 |
git-svn-id: svn://vcs.exim.org/pcre2/code/trunk@484 6239d852-aaf2-0410-a92c-79f79f948069
|
|
|
81223b1 |
|
|
|
81223b1 |
Petr Písař: Ported to 10.21.
|
|
|
81223b1 |
|
|
|
81223b1 |
Signed-off-by: Petr Písař <ppisar@redhat.com>
|
|
|
81223b1 |
---
|
|
|
81223b1 |
src/pcre2_compile.c | 43 +++++++++++++++++++++----------------------
|
|
|
81223b1 |
testdata/testinput2 | 2 ++
|
|
|
81223b1 |
testdata/testoutput2 | 3 +++
|
|
|
81223b1 |
3 files changed, 26 insertions(+), 22 deletions(-)
|
|
|
81223b1 |
|
|
|
81223b1 |
diff --git a/src/pcre2_compile.c b/src/pcre2_compile.c
|
|
|
81223b1 |
index d852837..e33d620 100644
|
|
|
81223b1 |
--- a/src/pcre2_compile.c
|
|
|
81223b1 |
+++ b/src/pcre2_compile.c
|
|
|
81223b1 |
@@ -3377,27 +3377,24 @@ for (; ptr < cb->end_pattern; ptr++)
|
|
|
81223b1 |
if ((options & PCRE2_NO_AUTO_CAPTURE) == 0) cb->bracount++;
|
|
|
81223b1 |
}
|
|
|
81223b1 |
|
|
|
81223b1 |
- /* (*something) - just skip to closing ket unless PCRE2_ALT_VERBNAMES is
|
|
|
81223b1 |
- set, in which case we have to process escapes in the string after the
|
|
|
81223b1 |
- name. */
|
|
|
81223b1 |
+ /* (*something) - skip over a name, and then just skip to closing ket
|
|
|
81223b1 |
+ unless PCRE2_ALT_VERBNAMES is set, in which case we have to process
|
|
|
81223b1 |
+ escapes in the string after a verb name terminated by a colon. */
|
|
|
81223b1 |
|
|
|
81223b1 |
else
|
|
|
81223b1 |
{
|
|
|
81223b1 |
ptr += 2;
|
|
|
81223b1 |
while (MAX_255(*ptr) && (cb->ctypes[*ptr] & ctype_word) != 0) ptr++;
|
|
|
81223b1 |
- if (*ptr == CHAR_COLON)
|
|
|
81223b1 |
+ if (*ptr == CHAR_COLON && (options & PCRE2_ALT_VERBNAMES) != 0)
|
|
|
81223b1 |
{
|
|
|
81223b1 |
ptr++;
|
|
|
81223b1 |
- if ((options & PCRE2_ALT_VERBNAMES) != 0)
|
|
|
81223b1 |
- {
|
|
|
81223b1 |
- if (process_verb_name(&ptr, NULL, &errorcode, options, utf, cb) < 0)
|
|
|
81223b1 |
- goto FAILED;
|
|
|
81223b1 |
- }
|
|
|
81223b1 |
- else
|
|
|
81223b1 |
- {
|
|
|
81223b1 |
- while (ptr < cb->end_pattern && *ptr != CHAR_RIGHT_PARENTHESIS)
|
|
|
81223b1 |
- ptr++;
|
|
|
81223b1 |
- }
|
|
|
81223b1 |
+ if (process_verb_name(&ptr, NULL, &errorcode, options, utf, cb) < 0)
|
|
|
81223b1 |
+ goto FAILED;
|
|
|
81223b1 |
+ }
|
|
|
81223b1 |
+ else
|
|
|
81223b1 |
+ {
|
|
|
81223b1 |
+ while (ptr < cb->end_pattern && *ptr != CHAR_RIGHT_PARENTHESIS)
|
|
|
81223b1 |
+ ptr++;
|
|
|
81223b1 |
}
|
|
|
81223b1 |
nest_depth--;
|
|
|
81223b1 |
}
|
|
|
81223b1 |
@@ -3748,7 +3745,12 @@ for (; ptr < cb->end_pattern; ptr++)
|
|
|
81223b1 |
if (top_nest == (nest_save *)(cb->start_workspace)) top_nest = NULL;
|
|
|
81223b1 |
else top_nest--;
|
|
|
81223b1 |
}
|
|
|
81223b1 |
- if (nest_depth > 0) nest_depth--; /* Can be 0 for unmatched ) */
|
|
|
81223b1 |
+ if (nest_depth == 0) /* Unmatched closing parenthesis */
|
|
|
81223b1 |
+ {
|
|
|
81223b1 |
+ errorcode = ERR22;
|
|
|
81223b1 |
+ goto FAILED;
|
|
|
81223b1 |
+ }
|
|
|
81223b1 |
+ nest_depth--;
|
|
|
81223b1 |
break;
|
|
|
81223b1 |
}
|
|
|
81223b1 |
}
|
|
|
81223b1 |
@@ -8704,14 +8706,11 @@ if (cb.had_accept)
|
|
|
81223b1 |
reqcuflags = REQ_NONE;
|
|
|
81223b1 |
}
|
|
|
81223b1 |
|
|
|
81223b1 |
-/* If we have not reached end of pattern after a successful compile, there's an
|
|
|
81223b1 |
-excess bracket. Fill in the final opcode and check for disastrous overflow.
|
|
|
81223b1 |
-If no overflow, but the estimated length exceeds the really used length, adjust
|
|
|
81223b1 |
-the value of re->blocksize, and if valgrind support is configured, mark the
|
|
|
81223b1 |
-extra allocated memory as unaddressable, so that any out-of-bound reads can be
|
|
|
81223b1 |
-detected. */
|
|
|
81223b1 |
+/* Fill in the final opcode and check for disastrous overflow. If no overflow,
|
|
|
81223b1 |
+but the estimated length exceeds the really used length, adjust the value of
|
|
|
81223b1 |
+re->blocksize, and if valgrind support is configured, mark the extra allocated
|
|
|
81223b1 |
+memory as unaddressable, so that any out-of-bound reads can be detected. */
|
|
|
81223b1 |
|
|
|
81223b1 |
-if (errorcode == 0 && ptr < cb.end_pattern) errorcode = ERR22;
|
|
|
81223b1 |
*code++ = OP_END;
|
|
|
81223b1 |
usedlength = code - codestart;
|
|
|
81223b1 |
if (usedlength > length) errorcode = ERR23; else
|
|
|
81223b1 |
diff --git a/testdata/testinput2 b/testdata/testinput2
|
|
|
81223b1 |
index 071cca1..86c149d 100644
|
|
|
81223b1 |
--- a/testdata/testinput2
|
|
|
81223b1 |
+++ b/testdata/testinput2
|
|
|
81223b1 |
@@ -4800,4 +4800,6 @@ a)"xI
|
|
|
81223b1 |
/28 2a 4d 41 52 4b 3a 41 00 62 29/mark,hex,alt_verbnames
|
|
|
81223b1 |
abc
|
|
|
81223b1 |
|
|
|
81223b1 |
+/(?J)(?'a'))(?'a')/
|
|
|
81223b1 |
+
|
|
|
81223b1 |
# End of testinput2
|
|
|
81223b1 |
diff --git a/testdata/testoutput2 b/testdata/testoutput2
|
|
|
81223b1 |
index 7178410..87c7204 100644
|
|
|
81223b1 |
--- a/testdata/testoutput2
|
|
|
81223b1 |
+++ b/testdata/testoutput2
|
|
|
81223b1 |
@@ -15158,4 +15158,7 @@ MK: A\x00b
|
|
|
81223b1 |
0:
|
|
|
81223b1 |
MK: A\x00b
|
|
|
81223b1 |
|
|
|
81223b1 |
+/(?J)(?'a'))(?'a')/
|
|
|
81223b1 |
+Failed: error 122 at offset 10: unmatched closing parenthesis
|
|
|
81223b1 |
+
|
|
|
81223b1 |
# End of testinput2
|
|
|
81223b1 |
--
|
|
|
81223b1 |
2.5.0
|
|
|
81223b1 |
|