[pcre/f19] Fix compiler crash for zero-repeated groups with a recursive back reference
Petr Pisar
ppisar at fedoraproject.org
Mon Jul 14 15:16:16 UTC 2014
commit 34476c89760fcce4c2ca16ebd3b528b02e71bf93
Author: Petr Písař <ppisar at redhat.com>
Date: Mon Jul 14 14:04:45 2014 +0200
Fix compiler crash for zero-repeated groups with a recursive back reference
...r-crash-misbehaviour-for-zero-repeated-gr.patch | 206 ++++++++++++++++++++
pcre.spec | 6 +
2 files changed, 212 insertions(+), 0 deletions(-)
---
diff --git a/pcre-8.32-Fix-compiler-crash-misbehaviour-for-zero-repeated-gr.patch b/pcre-8.32-Fix-compiler-crash-misbehaviour-for-zero-repeated-gr.patch
new file mode 100644
index 0000000..22c535c
--- /dev/null
+++ b/pcre-8.32-Fix-compiler-crash-misbehaviour-for-zero-repeated-gr.patch
@@ -0,0 +1,206 @@
+From e4bbdb923748889a2d9d74187e4d3b7f88b5866b Mon Sep 17 00:00:00 2001
+From: ph10 <ph10 at 2f5784b3-3f2a-0410-8824-cb99058d5e15>
+Date: Sat, 12 Jul 2014 18:22:54 +0000
+Subject: [PATCH] Fix compiler crash/misbehaviour for zero-repeated groups that
+ include a recursive back reference.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1495 2f5784b3-3f2a-0410-8824-cb99058d5e15
+
+Petr Pisar: Ported to 8.32.
+Note: The testoutput2 expect 'a?+', while it returns 'a?'. I raised
+the anomaly to the upstream
+<http://bugs.exim.org/show_bug.cgi?id=1503#c4>.
+
+Signed-off-by: Petr Písař <ppisar at redhat.com>
+---
+ pcre_compile.c | 6 +++++-
+ testdata/testinput11 | 2 ++
+ testdata/testinput2 | 2 ++
+ testdata/testoutput11-16 | 24 ++++++++++++++++++++++++
+ testdata/testoutput11-32 | 24 ++++++++++++++++++++++++
+ testdata/testoutput11-8 | 24 ++++++++++++++++++++++++
+ testdata/testoutput2 | 24 ++++++++++++++++++++++++
+ 7 files changed, 105 insertions(+), 1 deletion(-)
+
+diff --git a/pcre_compile.c b/pcre_compile.c
+index 8926099..0de3747 100644
+--- a/pcre_compile.c
++++ b/pcre_compile.c
+@@ -7316,12 +7316,16 @@ for (;;)
+
+ /* If it was a capturing subpattern, check to see if it contained any
+ recursive back references. If so, we must wrap it in atomic brackets.
+- In any event, remove the block from the chain. */
++ Because we are moving code along, we must ensure that any pending recursive
++ references are updated. In any event, remove the block from the chain. */
+
+ if (capnumber > 0)
+ {
+ if (cd->open_caps->flag)
+ {
++ *code = OP_END;
++ adjust_recurse(start_bracket, 1 + LINK_SIZE,
++ (options & PCRE_UTF8) != 0, cd, cd->hwm);
+ memmove(start_bracket + 1 + LINK_SIZE, start_bracket,
+ IN_UCHARS(code - start_bracket));
+ *start_bracket = OP_ONCE;
+diff --git a/testdata/testinput11 b/testdata/testinput11
+index 391ada7..7e8e542 100644
+--- a/testdata/testinput11
++++ b/testdata/testinput11
+@@ -132,4 +132,6 @@ is required for these tests. --/
+
+ /abc(d|e)(*THEN)x(123(*THEN)4|567(b|q)(*THEN)xx)/B
+
++/(((a\2)|(a*)\g<-1>))*a?/B
++
+ /-- End of testinput11 --/
+diff --git a/testdata/testinput2 b/testdata/testinput2
+index 9670104..662270c 100644
+--- a/testdata/testinput2
++++ b/testdata/testinput2
+@@ -3810,4 +3810,6 @@ settings of the anchored and startline bits. --/
+
+ /.?/S!I
+
++/(((a\2)|(a*)\g<-1>))*a?/BZ
++
+ /-- End of testinput2 --/
+diff --git a/testdata/testoutput11-16 b/testdata/testoutput11-16
+index dff72b9..de64e37 100644
+--- a/testdata/testoutput11-16
++++ b/testdata/testoutput11-16
+@@ -710,4 +710,28 @@ Memory allocation (code space): 14
+ 62 End
+ ------------------------------------------------------------------
+
++/(((a\2)|(a*)\g<-1>))*a?/B
++------------------------------------------------------------------
++ 0 39 Bra
++ 2 Brazero
++ 3 32 SCBra 1
++ 6 27 Once
++ 8 12 CBra 2
++ 11 7 CBra 3
++ 14 a
++ 16 \2
++ 18 7 Ket
++ 20 11 Alt
++ 22 5 CBra 4
++ 25 a*
++ 27 5 Ket
++ 29 22 Recurse
++ 31 23 Ket
++ 33 27 Ket
++ 35 32 KetRmax
++ 37 a?
++ 39 39 Ket
++ 41 End
++------------------------------------------------------------------
++
+ /-- End of testinput11 --/
+diff --git a/testdata/testoutput11-32 b/testdata/testoutput11-32
+index 8335fb8..0d32e2f 100644
+--- a/testdata/testoutput11-32
++++ b/testdata/testoutput11-32
+@@ -710,4 +710,28 @@ Memory allocation (code space): 28
+ 62 End
+ ------------------------------------------------------------------
+
++/(((a\2)|(a*)\g<-1>))*a?/B
++------------------------------------------------------------------
++ 0 39 Bra
++ 2 Brazero
++ 3 32 SCBra 1
++ 6 27 Once
++ 8 12 CBra 2
++ 11 7 CBra 3
++ 14 a
++ 16 \2
++ 18 7 Ket
++ 20 11 Alt
++ 22 5 CBra 4
++ 25 a*
++ 27 5 Ket
++ 29 22 Recurse
++ 31 23 Ket
++ 33 27 Ket
++ 35 32 KetRmax
++ 37 a?
++ 39 39 Ket
++ 41 End
++------------------------------------------------------------------
++
+ /-- End of testinput11 --/
+diff --git a/testdata/testoutput11-8 b/testdata/testoutput11-8
+index c1c85f9..9447fb6 100644
+--- a/testdata/testoutput11-8
++++ b/testdata/testoutput11-8
+@@ -710,4 +710,28 @@ Memory allocation (code space): 10
+ 76 End
+ ------------------------------------------------------------------
+
++/(((a\2)|(a*)\g<-1>))*a?/B
++------------------------------------------------------------------
++ 0 57 Bra
++ 3 Brazero
++ 4 48 SCBra 1
++ 9 40 Once
++ 12 18 CBra 2
++ 17 10 CBra 3
++ 22 a
++ 24 \2
++ 27 10 Ket
++ 30 16 Alt
++ 33 7 CBra 4
++ 38 a*
++ 40 7 Ket
++ 43 33 Recurse
++ 46 34 Ket
++ 49 40 Ket
++ 52 48 KetRmax
++ 55 a?
++ 57 57 Ket
++ 60 End
++------------------------------------------------------------------
++
+ /-- End of testinput11 --/
+diff --git a/testdata/testoutput2 b/testdata/testoutput2
+index e9cddf8..2ada80f 100644
+--- a/testdata/testoutput2
++++ b/testdata/testoutput2
+@@ -12481,4 +12481,28 @@ No need char
+ Subject length lower bound = -1
+ No set of starting bytes
+
++/(((a\2)|(a*)\g<-1>))*a?/BZ
++------------------------------------------------------------------
++ Bra
++ Brazero
++ SCBra 1
++ Once
++ CBra 2
++ CBra 3
++ a
++ \2
++ Ket
++ Alt
++ CBra 4
++ a*
++ Ket
++ Recurse
++ Ket
++ Ket
++ KetRmax
++ a?
++ Ket
++ End
++------------------------------------------------------------------
++
+ /-- End of testinput2 --/
+--
+1.9.3
+
diff --git a/pcre.spec b/pcre.spec
index 353c832..0c1a2b7 100644
--- a/pcre.spec
+++ b/pcre.spec
@@ -39,6 +39,9 @@ Patch10: pcre-8.33-Fix-empty-matching-possessive-zero-repeat-groups-bug.patch
# Fix memory leaks in pcregrep, bug #1119257, upstream bug #1502,
# in upstream after 8.35
Patch11: pcre-8.35-Fixed-several-memory-leaks-in-pcregrep.patch
+# Fix compiler crash for zero-repeated groups with a recursive back reference,
+# bug #1119272, upstream bug #1503, in upstream after 8.35
+Patch12: pcre-8.32-Fix-compiler-crash-misbehaviour-for-zero-repeated-gr.patch
BuildRequires: readline-devel
# New libtool to get rid of rpath
BuildRequires: autoconf, automake, libtool
@@ -90,6 +93,7 @@ Utilities demonstrating PCRE capabilities like pcregrep or pcretest.
%patch9 -p1 -b .class_with_literal
%patch10 -p1 -b .empty_zero_repeat_group
%patch11 -p1 -b .pcregrep_leak
+%patch12 -p1 -b .compiler_crash_zero_group
# Because of rpath patch
libtoolize --copy --force && autoreconf -vif
# One contributor's name is non-UTF-8
@@ -157,6 +161,8 @@ make check
- Fix empty-matching possessive zero-repeat groups in interpreted mode
(bug #1119241)
- Fix memory leaks in pcregrep (bug #1119257)
+- Fix compiler crash for zero-repeated groups with a recursive back reference
+ (bug #1119272)
* Thu Jun 19 2014 Petr Pisar <ppisar at redhat.com> - 8.32-9
- Fix bad starting data when char with more than one other case follows
More information about the scm-commits
mailing list