1 /*************************************************
2 * Perl-Compatible Regular Expressions *
3 *************************************************/
4
5 /* PCRE is a library of functions to support regular expressions whose syntax
6 and semantics are as close as possible to those of the Perl 5 language.
7
8 Written by Philip Hazel
9 Copyright (c) 1997-2014 University of Cambridge
10
11 -----------------------------------------------------------------------------
12 Redistribution and use in source and binary forms, with or without
13 modification, are permitted provided that the following conditions are met:
14
15 * Redistributions of source code must retain the above copyright notice,
16 this list of conditions and the following disclaimer.
17
18 * Redistributions in binary form must reproduce the above copyright
19 notice, this list of conditions and the following disclaimer in the
20 documentation and/or other materials provided with the distribution.
21
22 * Neither the name of the University of Cambridge nor the names of its
23 contributors may be used to endorse or promote products derived from
24 this software without specific prior written permission.
25
26 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
27 AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
30 LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
31 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
32 SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
33 INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
34 CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
35 ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
36 POSSIBILITY OF SUCH DAMAGE.
37 -----------------------------------------------------------------------------
38 */
39
40
41 /* This module contains the external function pcre_compile(), along with
42 supporting internal functions that are not used by other modules. */
43
44
45 #ifdef HAVE_CONFIG_H
46 #include "config.h"
47 #endif
48
49 #define NLBLOCK cd /* Block containing newline information */
50 #define PSSTART start_pattern /* Field containing pattern start */
51 #define PSEND end_pattern /* Field containing pattern end */
52
53 #include "pcre_internal.h"
54
55
56 /* When PCRE_DEBUG is defined, we need the pcre(16|32)_printint() function, which
57 is also used by pcretest. PCRE_DEBUG is not defined when building a production
58 library. We do not need to select pcre16_printint.c specially, because the
59 COMPILE_PCREx macro will already be appropriately set. */
60
61 #ifdef PCRE_DEBUG
62 /* pcre_printint.c should not include any headers */
63 #define PCRE_INCLUDED
64 #include "pcre_printint.c"
65 #undef PCRE_INCLUDED
66 #endif
67
68
69 /* Macro for setting individual bits in class bitmaps. */
70
71 #define SETBIT(a,b) a[(b)/8] |= (1 << ((b)&7))
72
73 /* Maximum length value to check against when making sure that the integer that
74 holds the compiled pattern length does not overflow. We make it a bit less than
75 INT_MAX to allow for adding in group terminating bytes, so that we don't have
76 to check them every time. */
77
78 #define OFLOW_MAX (INT_MAX - 20)
79
80 /* Definitions to allow mutual recursion */
81
82 static int
83 add_list_to_class(pcre_uint8 *, pcre_uchar **, int, compile_data *,
84 const pcre_uint32 *, unsigned int);
85
86 static BOOL
87 compile_regex(int, pcre_uchar **, const pcre_uchar **, int *, BOOL, BOOL, int, int,
88 pcre_uint32 *, pcre_int32 *, pcre_uint32 *, pcre_int32 *, branch_chain *,
89 compile_data *, int *);
90
91
92
93 /*************************************************
94 * Code parameters and static tables *
95 *************************************************/
96
97 /* This value specifies the size of stack workspace that is used during the
98 first pre-compile phase that determines how much memory is required. The regex
99 is partly compiled into this space, but the compiled parts are discarded as
100 soon as they can be, so that hopefully there will never be an overrun. The code
101 does, however, check for an overrun. The largest amount I've seen used is 218,
102 so this number is very generous.
103
104 The same workspace is used during the second, actual compile phase for
105 remembering forward references to groups so that they can be filled in at the
106 end. Each entry in this list occupies LINK_SIZE bytes, so even when LINK_SIZE
107 is 4 there is plenty of room for most patterns. However, the memory can get
108 filled up by repetitions of forward references, for example patterns like
109 /(?1){0,1999}(b)/, and one user did hit the limit. The code has been changed so
110 that the workspace is expanded using malloc() in this situation. The value
111 below is therefore a minimum, and we put a maximum on it for safety. The
112 minimum is now also defined in terms of LINK_SIZE so that the use of malloc()
113 kicks in at the same number of forward references in all cases. */
114
115 #define COMPILE_WORK_SIZE (2048*LINK_SIZE)
116 #define COMPILE_WORK_SIZE_MAX (100*COMPILE_WORK_SIZE)
117
118 /* This value determines the size of the initial vector that is used for
119 remembering named groups during the pre-compile. It is allocated on the stack,
120 but if it is too small, it is expanded using malloc(), in a similar way to the
121 workspace. The value is the number of slots in the list. */
122
123 #define NAMED_GROUP_LIST_SIZE 20
124
125 /* The overrun tests check for a slightly smaller size so that they detect the
126 overrun before it actually does run off the end of the data block. */
127
128 #define WORK_SIZE_SAFETY_MARGIN (100)
129
130 /* Private flags added to firstchar and reqchar. */
131
132 #define REQ_CASELESS (1 << 0) /* Indicates caselessness */
133 #define REQ_VARY (1 << 1) /* Reqchar followed non-literal item */
134 /* Negative values for the firstchar and reqchar flags */
135 #define REQ_UNSET (-2)
136 #define REQ_NONE (-1)
137
138 /* Repeated character flags. */
139
140 #define UTF_LENGTH 0x10000000l /* The char contains its length. */
141
142 /* Table for handling escaped characters in the range '0'-'z'. Positive returns
143 are simple data values; negative values are for special things like \d and so
144 on. Zero means further processing is needed (for things like \x), or the escape
145 is invalid. */
146
147 #ifndef EBCDIC
148
149 /* This is the "normal" table for ASCII systems or for EBCDIC systems running
150 in UTF-8 mode. */
151
152 static const short int escapes[] = {
153 0, 0,
154 0, 0,
155 0, 0,
156 0, 0,
157 0, 0,
158 CHAR_COLON, CHAR_SEMICOLON,
159 CHAR_LESS_THAN_SIGN, CHAR_EQUALS_SIGN,
160 CHAR_GREATER_THAN_SIGN, CHAR_QUESTION_MARK,
161 CHAR_COMMERCIAL_AT, -ESC_A,
162 -ESC_B, -ESC_C,
163 -ESC_D, -ESC_E,
164 0, -ESC_G,
165 -ESC_H, 0,
166 0, -ESC_K,
167 0, 0,
168 -ESC_N, 0,
169 -ESC_P, -ESC_Q,
170 -ESC_R, -ESC_S,
171 0, 0,
172 -ESC_V, -ESC_W,
173 -ESC_X, 0,
174 -ESC_Z, CHAR_LEFT_SQUARE_BRACKET,
175 CHAR_BACKSLASH, CHAR_RIGHT_SQUARE_BRACKET,
176 CHAR_CIRCUMFLEX_ACCENT, CHAR_UNDERSCORE,
177 CHAR_GRAVE_ACCENT, ESC_a,
178 -ESC_b, 0,
179 -ESC_d, ESC_e,
180 ESC_f, 0,
181 -ESC_h, 0,
182 0, -ESC_k,
183 0, 0,
184 ESC_n, 0,
185 -ESC_p, 0,
186 ESC_r, -ESC_s,
187 ESC_tee, 0,
188 -ESC_v, -ESC_w,
189 0, 0,
190 -ESC_z
191 };
192
193 #else
194
195 /* This is the "abnormal" table for EBCDIC systems without UTF-8 support. */
196
197 static const short int escapes[] = {
198 /* 48 */ 0, 0, 0, '.', '<', '(', '+', '|',
199 /* 50 */ '&', 0, 0, 0, 0, 0, 0, 0,
200 /* 58 */ 0, 0, '!', '$', '*', ')', ';', '~',
201 /* 60 */ '-', '/', 0, 0, 0, 0, 0, 0,
202 /* 68 */ 0, 0, '|', ',', '%', '_', '>', '?',
203 /* 70 */ 0, 0, 0, 0, 0, 0, 0, 0,
204 /* 78 */ 0, '`', ':', '#', '@', '\'', '=', '"',
205 /* 80 */ 0, ESC_a, -ESC_b, 0, -ESC_d, ESC_e, ESC_f, 0,
206 /* 88 */-ESC_h, 0, 0, '{', 0, 0, 0, 0,
207 /* 90 */ 0, 0, -ESC_k, 0, 0, ESC_n, 0, -ESC_p,
208 /* 98 */ 0, ESC_r, 0, '}', 0, 0, 0, 0,
209 /* A0 */ 0, '~', -ESC_s, ESC_tee, 0,-ESC_v, -ESC_w, 0,
210 /* A8 */ 0,-ESC_z, 0, 0, 0, '[', 0, 0,
211 /* B0 */ 0, 0, 0, 0, 0, 0, 0, 0,
212 /* B8 */ 0, 0, 0, 0, 0, ']', '=', '-',
213 /* C0 */ '{',-ESC_A, -ESC_B, -ESC_C, -ESC_D,-ESC_E, 0, -ESC_G,
214 /* C8 */-ESC_H, 0, 0, 0, 0, 0, 0, 0,
215 /* D0 */ '}', 0, -ESC_K, 0, 0,-ESC_N, 0, -ESC_P,
216 /* D8 */-ESC_Q,-ESC_R, 0, 0, 0, 0, 0, 0,
217 /* E0 */ '\\', 0, -ESC_S, 0, 0,-ESC_V, -ESC_W, -ESC_X,
218 /* E8 */ 0,-ESC_Z, 0, 0, 0, 0, 0, 0,
219 /* F0 */ 0, 0, 0, 0, 0, 0, 0, 0,
220 /* F8 */ 0, 0, 0, 0, 0, 0, 0, 0
221 };
222
223 /* We also need a table of characters that may follow \c in an EBCDIC
224 environment for characters 0-31. */
225
226 static unsigned char ebcdic_escape_c[] = "@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_";
227
228 #endif
229
230
231 /* Table of special "verbs" like (*PRUNE). This is a short table, so it is
232 searched linearly. Put all the names into a single string, in order to reduce
233 the number of relocations when a shared library is dynamically linked. The
234 string is built from string macros so that it works in UTF-8 mode on EBCDIC
235 platforms. */
236
237 typedef struct verbitem {
238 int len; /* Length of verb name */
239 int op; /* Op when no arg, or -1 if arg mandatory */
240 int op_arg; /* Op when arg present, or -1 if not allowed */
241 } verbitem;
242
243 static const char verbnames[] =
244 "\0" /* Empty name is a shorthand for MARK */
245 STRING_MARK0
246 STRING_ACCEPT0
247 STRING_COMMIT0
248 STRING_F0
249 STRING_FAIL0
250 STRING_PRUNE0
251 STRING_SKIP0
252 STRING_THEN;
253
254 static const verbitem verbs[] = {
255 { 0, -1, OP_MARK },
256 { 4, -1, OP_MARK },
257 { 6, OP_ACCEPT, -1 },
258 { 6, OP_COMMIT, -1 },
259 { 1, OP_FAIL, -1 },
260 { 4, OP_FAIL, -1 },
261 { 5, OP_PRUNE, OP_PRUNE_ARG },
262 { 4, OP_SKIP, OP_SKIP_ARG },
263 { 4, OP_THEN, OP_THEN_ARG }
264 };
265
266 static const int verbcount = sizeof(verbs)/sizeof(verbitem);
267
268
269 /* Substitutes for [[:<:]] and [[:>:]], which mean start and end of word in
270 another regex library. */
271
272 static const pcre_uchar sub_start_of_word[] = {
273 CHAR_BACKSLASH, CHAR_b, CHAR_LEFT_PARENTHESIS, CHAR_QUESTION_MARK,
274 CHAR_EQUALS_SIGN, CHAR_BACKSLASH, CHAR_w, CHAR_RIGHT_PARENTHESIS, '\0' };
275
276 static const pcre_uchar sub_end_of_word[] = {
277 CHAR_BACKSLASH, CHAR_b, CHAR_LEFT_PARENTHESIS, CHAR_QUESTION_MARK,
278 CHAR_LESS_THAN_SIGN, CHAR_EQUALS_SIGN, CHAR_BACKSLASH, CHAR_w,
279 CHAR_RIGHT_PARENTHESIS, '\0' };
280
281
282 /* Tables of names of POSIX character classes and their lengths. The names are
283 now all in a single string, to reduce the number of relocations when a shared
284 library is dynamically loaded. The list of lengths is terminated by a zero
285 length entry. The first three must be alpha, lower, upper, as this is assumed
286 for handling case independence. The indices for graph, print, and punct are
287 needed, so identify them. */
288
289 static const char posix_names[] =
290 STRING_alpha0 STRING_lower0 STRING_upper0 STRING_alnum0
291 STRING_ascii0 STRING_blank0 STRING_cntrl0 STRING_digit0
292 STRING_graph0 STRING_print0 STRING_punct0 STRING_space0
293 STRING_word0 STRING_xdigit;
294
295 static const pcre_uint8 posix_name_lengths[] = {
296 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };
297
298 #define PC_GRAPH 8
299 #define PC_PRINT 9
300 #define PC_PUNCT 10
301
302
303 /* Table of class bit maps for each POSIX class. Each class is formed from a
304 base map, with an optional addition or removal of another map. Then, for some
305 classes, there is some additional tweaking: for [:blank:] the vertical space
306 characters are removed, and for [:alpha:] and [:alnum:] the underscore
307 character is removed. The triples in the table consist of the base map offset,
308 second map offset or -1 if no second map, and a non-negative value for map
309 addition or a negative value for map subtraction (if there are two maps). The
310 absolute value of the third field has these meanings: 0 => no tweaking, 1 =>
311 remove vertical space characters, 2 => remove underscore. */
312
313 static const int posix_class_maps[] = {
314 cbit_word, cbit_digit, -2, /* alpha */
315 cbit_lower, -1, 0, /* lower */
316 cbit_upper, -1, 0, /* upper */
317 cbit_word, -1, 2, /* alnum - word without underscore */
318 cbit_print, cbit_cntrl, 0, /* ascii */
319 cbit_space, -1, 1, /* blank - a GNU extension */
320 cbit_cntrl, -1, 0, /* cntrl */
321 cbit_digit, -1, 0, /* digit */
322 cbit_graph, -1, 0, /* graph */
323 cbit_print, -1, 0, /* print */
324 cbit_punct, -1, 0, /* punct */
325 cbit_space, -1, 0, /* space */
326 cbit_word, -1, 0, /* word - a Perl extension */
327 cbit_xdigit,-1, 0 /* xdigit */
328 };
329
330 /* Table of substitutes for \d etc when PCRE_UCP is set. They are replaced by
331 Unicode property escapes. */
332
333 #ifdef SUPPORT_UCP
334 static const pcre_uchar string_PNd[] = {
335 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
336 CHAR_N, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
337 static const pcre_uchar string_pNd[] = {
338 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
339 CHAR_N, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
340 static const pcre_uchar string_PXsp[] = {
341 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
342 CHAR_X, CHAR_s, CHAR_p, CHAR_RIGHT_CURLY_BRACKET, '\0' };
343 static const pcre_uchar string_pXsp[] = {
344 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
345 CHAR_X, CHAR_s, CHAR_p, CHAR_RIGHT_CURLY_BRACKET, '\0' };
346 static const pcre_uchar string_PXwd[] = {
347 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
348 CHAR_X, CHAR_w, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
349 static const pcre_uchar string_pXwd[] = {
350 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
351 CHAR_X, CHAR_w, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
352
353 static const pcre_uchar *substitutes[] = {
354 string_PNd, /* \D */
355 string_pNd, /* \d */
356 string_PXsp, /* \S */ /* Xsp is Perl space, but from 8.34, Perl */
357 string_pXsp, /* \s */ /* space and POSIX space are the same. */
358 string_PXwd, /* \W */
359 string_pXwd /* \w */
360 };
361
362 /* The POSIX class substitutes must be in the order of the POSIX class names,
363 defined above, and there are both positive and negative cases. NULL means no
364 general substitute of a Unicode property escape (\p or \P). However, for some
365 POSIX classes (e.g. graph, print, punct) a special property code is compiled
366 directly. */
367
368 static const pcre_uchar string_pL[] = {
369 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
370 CHAR_L, CHAR_RIGHT_CURLY_BRACKET, '\0' };
371 static const pcre_uchar string_pLl[] = {
372 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
373 CHAR_L, CHAR_l, CHAR_RIGHT_CURLY_BRACKET, '\0' };
374 static const pcre_uchar string_pLu[] = {
375 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
376 CHAR_L, CHAR_u, CHAR_RIGHT_CURLY_BRACKET, '\0' };
377 static const pcre_uchar string_pXan[] = {
378 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
379 CHAR_X, CHAR_a, CHAR_n, CHAR_RIGHT_CURLY_BRACKET, '\0' };
380 static const pcre_uchar string_h[] = {
381 CHAR_BACKSLASH, CHAR_h, '\0' };
382 static const pcre_uchar string_pXps[] = {
383 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
384 CHAR_X, CHAR_p, CHAR_s, CHAR_RIGHT_CURLY_BRACKET, '\0' };
385 static const pcre_uchar string_PL[] = {
386 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
387 CHAR_L, CHAR_RIGHT_CURLY_BRACKET, '\0' };
388 static const pcre_uchar string_PLl[] = {
389 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
390 CHAR_L, CHAR_l, CHAR_RIGHT_CURLY_BRACKET, '\0' };
391 static const pcre_uchar string_PLu[] = {
392 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
393 CHAR_L, CHAR_u, CHAR_RIGHT_CURLY_BRACKET, '\0' };
394 static const pcre_uchar string_PXan[] = {
395 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
396 CHAR_X, CHAR_a, CHAR_n, CHAR_RIGHT_CURLY_BRACKET, '\0' };
397 static const pcre_uchar string_H[] = {
398 CHAR_BACKSLASH, CHAR_H, '\0' };
399 static const pcre_uchar string_PXps[] = {
400 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
401 CHAR_X, CHAR_p, CHAR_s, CHAR_RIGHT_CURLY_BRACKET, '\0' };
402
403 static const pcre_uchar *posix_substitutes[] = {
404 string_pL, /* alpha */
405 string_pLl, /* lower */
406 string_pLu, /* upper */
407 string_pXan, /* alnum */
408 NULL, /* ascii */
409 string_h, /* blank */
410 NULL, /* cntrl */
411 string_pNd, /* digit */
412 NULL, /* graph */
413 NULL, /* print */
414 NULL, /* punct */
415 string_pXps, /* space */ /* Xps is POSIX space, but from 8.34 */
416 string_pXwd, /* word */ /* Perl and POSIX space are the same */
417 NULL, /* xdigit */
418 /* Negated cases */
419 string_PL, /* ^alpha */
420 string_PLl, /* ^lower */
421 string_PLu, /* ^upper */
422 string_PXan, /* ^alnum */
423 NULL, /* ^ascii */
424 string_H, /* ^blank */
425 NULL, /* ^cntrl */
426 string_PNd, /* ^digit */
427 NULL, /* ^graph */
428 NULL, /* ^print */
429 NULL, /* ^punct */
430 string_PXps, /* ^space */ /* Xps is POSIX space, but from 8.34 */
431 string_PXwd, /* ^word */ /* Perl and POSIX space are the same */
432 NULL /* ^xdigit */
433 };
434 #define POSIX_SUBSIZE (sizeof(posix_substitutes) / sizeof(pcre_uchar *))
435 #endif
436
437 #define STRING(a) # a
438 #define XSTRING(s) STRING(s)
439
440 /* The texts of compile-time error messages. These are "char *" because they
441 are passed to the outside world. Do not ever re-use any error number, because
442 they are documented. Always add a new error instead. Messages marked DEAD below
443 are no longer used. This used to be a table of strings, but in order to reduce
444 the number of relocations needed when a shared library is loaded dynamically,
445 it is now one long string. We cannot use a table of offsets, because the
446 lengths of inserts such as XSTRING(MAX_NAME_SIZE) are not known. Instead, we
447 simply count through to the one we want - this isn't a performance issue
448 because these strings are used only when there is a compilation error.
449
450 Each substring ends with \0 to insert a null character. This includes the final
451 substring, so that the whole string ends with \0\0, which can be detected when
452 counting through. */
453
454 static const char error_texts[] =
455 "no error\0"
456 "\\ at end of pattern\0"
457 "\\c at end of pattern\0"
458 "unrecognized character follows \\\0"
459 "numbers out of order in {} quantifier\0"
460 /* 5 */
461 "number too big in {} quantifier\0"
462 "missing terminating ] for character class\0"
463 "invalid escape sequence in character class\0"
464 "range out of order in character class\0"
465 "nothing to repeat\0"
466 /* 10 */
467 "internal error: invalid forward reference offset\0"
468 "internal error: unexpected repeat\0"
469 "unrecognized character after (? or (?-\0"
470 "POSIX named classes are supported only within a class\0"
471 "missing )\0"
472 /* 15 */
473 "reference to non-existent subpattern\0"
474 "erroffset passed as NULL\0"
475 "unknown option bit(s) set\0"
476 "missing ) after comment\0"
477 "parentheses nested too deeply\0" /** DEAD **/
478 /* 20 */
479 "regular expression is too large\0"
480 "failed to get memory\0"
481 "unmatched parentheses\0"
482 "internal error: code overflow\0"
483 "unrecognized character after (?<\0"
484 /* 25 */
485 "lookbehind assertion is not fixed length\0"
486 "malformed number or name after (?(\0"
487 "conditional group contains more than two branches\0"
488 "assertion expected after (?(\0"
489 "(?R or (?[+-]digits must be followed by )\0"
490 /* 30 */
491 "unknown POSIX class name\0"
492 "POSIX collating elements are not supported\0"
493 "this version of PCRE is compiled without UTF support\0"
494 "spare error\0" /** DEAD **/
495 "character value in \\x{} or \\o{} is too large\0"
496 /* 35 */
497 "invalid condition (?(0)\0"
498 "\\C not allowed in lookbehind assertion\0"
499 "PCRE does not support \\L, \\l, \\N{name}, \\U, or \\u\0"
500 "number after (?C is > 255\0"
501 "closing ) for (?C expected\0"
502 /* 40 */
503 "recursive call could loop indefinitely\0"
504 "unrecognized character after (?P\0"
505 "syntax error in subpattern name (missing terminator)\0"
506 "two named subpatterns have the same name\0"
507 "invalid UTF-8 string\0"
508 /* 45 */
509 "support for \\P, \\p, and \\X has not been compiled\0"
510 "malformed \\P or \\p sequence\0"
511 "unknown property name after \\P or \\p\0"
512 "subpattern name is too long (maximum " XSTRING(MAX_NAME_SIZE) " characters)\0"
513 "too many named subpatterns (maximum " XSTRING(MAX_NAME_COUNT) ")\0"
514 /* 50 */
515 "repeated subpattern is too long\0" /** DEAD **/
516 "octal value is greater than \\377 in 8-bit non-UTF-8 mode\0"
517 "internal error: overran compiling workspace\0"
518 "internal error: previously-checked referenced subpattern not found\0"
519 "DEFINE group contains more than one branch\0"
520 /* 55 */
521 "repeating a DEFINE group is not allowed\0" /** DEAD **/
522 "inconsistent NEWLINE options\0"
523 "\\g is not followed by a braced, angle-bracketed, or quoted name/number or by a plain number\0"
524 "a numbered reference must not be zero\0"
525 "an argument is not allowed for (*ACCEPT), (*FAIL), or (*COMMIT)\0"
526 /* 60 */
527 "(*VERB) not recognized or malformed\0"
528 "number is too big\0"
529 "subpattern name expected\0"
530 "digit expected after (?+\0"
531 "] is an invalid data character in JavaScript compatibility mode\0"
532 /* 65 */
533 "different names for subpatterns of the same number are not allowed\0"
534 "(*MARK) must have an argument\0"
535 "this version of PCRE is not compiled with Unicode property support\0"
536 #ifndef EBCDIC
537 "\\c must be followed by an ASCII character\0"
538 #else
539 "\\c must be followed by a letter or one of [\\]^_?\0"
540 #endif
541 "\\k is not followed by a braced, angle-bracketed, or quoted name\0"
542 /* 70 */
543 "internal error: unknown opcode in find_fixedlength()\0"
544 "\\N is not supported in a class\0"
545 "too many forward references\0"
546 "disallowed Unicode code point (>= 0xd800 && <= 0xdfff)\0"
547 "invalid UTF-16 string\0"
548 /* 75 */
549 "name is too long in (*MARK), (*PRUNE), (*SKIP), or (*THEN)\0"
550 "character value in \\u.... sequence is too large\0"
551 "invalid UTF-32 string\0"
552 "setting UTF is disabled by the application\0"
553 "non-hex character in \\x{} (closing brace missing?)\0"
554 /* 80 */
555 "non-octal character in \\o{} (closing brace missing?)\0"
556 "missing opening brace after \\o\0"
557 "parentheses are too deeply nested\0"
558 "invalid range in character class\0"
559 "group name must start with a non-digit\0"
560 /* 85 */
561 "parentheses are too deeply nested (stack check)\0"
562 "digits missing in \\x{} or \\o{}\0"
563 ;
564
565 /* Table to identify digits and hex digits. This is used when compiling
566 patterns. Note that the tables in chartables are dependent on the locale, and
567 may mark arbitrary characters as digits - but the PCRE compiling code expects
568 to handle only 0-9, a-z, and A-Z as digits when compiling. That is why we have
569 a private table here. It costs 256 bytes, but it is a lot faster than doing
570 character value tests (at least in some simple cases I timed), and in some
571 applications one wants PCRE to compile efficiently as well as match
572 efficiently.
573
574 For convenience, we use the same bit definitions as in chartables:
575
576 0x04 decimal digit
577 0x08 hexadecimal digit
578
579 Then we can use ctype_digit and ctype_xdigit in the code. */
580
581 /* Using a simple comparison for decimal numbers rather than a memory read
582 is much faster, and the resulting code is simpler (the compiler turns it
583 into a subtraction and unsigned comparison). */
584
585 #define IS_DIGIT(x) ((x) >= CHAR_0 && (x) <= CHAR_9)
586
587 #ifndef EBCDIC
588
589 /* This is the "normal" case, for ASCII systems, and EBCDIC systems running in
590 UTF-8 mode. */
591
592 static const pcre_uint8 digitab[] =
593 {
594 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 0- 7 */
595 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 8- 15 */
596 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 16- 23 */
597 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */
598 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - ' */
599 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ( - / */
600 0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c, /* 0 - 7 */
601 0x0c,0x0c,0x00,0x00,0x00,0x00,0x00,0x00, /* 8 - ? */
602 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* @ - G */
603 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* H - O */
604 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* P - W */
605 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* X - _ */
606 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* ` - g */
607 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* h - o */
608 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* p - w */
609 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* x -127 */
610 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 128-135 */
611 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 136-143 */
612 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 144-151 */
613 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 152-159 */
614 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 160-167 */
615 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 168-175 */
616 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 176-183 */
617 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
618 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 192-199 */
619 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 200-207 */
620 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 208-215 */
621 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 216-223 */
622 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 224-231 */
623 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 232-239 */
624 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 240-247 */
625 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};/* 248-255 */
626
627 #else
628
629 /* This is the "abnormal" case, for EBCDIC systems not running in UTF-8 mode. */
630
631 static const pcre_uint8 digitab[] =
632 {
633 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 0- 7 0 */
634 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 8- 15 */
635 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 16- 23 10 */
636 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */
637 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 32- 39 20 */
638 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 40- 47 */
639 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 48- 55 30 */
640 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 56- 63 */
641 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - 71 40 */
642 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 72- | */
643 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* & - 87 50 */
644 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 88- 95 */
645 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - -103 60 */
646 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 104- ? */
647 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 70 */
648 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 120- " */
649 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* 128- g 80 */
650 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* h -143 */
651 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 144- p 90 */
652 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* q -159 */
653 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 160- x A0 */
654 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* y -175 */
655 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ^ -183 B0 */
656 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
657 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* { - G C0 */
658 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* H -207 */
659 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* } - P D0 */
660 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* Q -223 */
661 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* \ - X E0 */
662 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* Y -239 */
663 0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c, /* 0 - 7 F0 */
664 0x0c,0x0c,0x00,0x00,0x00,0x00,0x00,0x00};/* 8 -255 */
665
666 static const pcre_uint8 ebcdic_chartab[] = { /* chartable partial dup */
667 0x80,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /* 0- 7 */
668 0x00,0x00,0x00,0x00,0x01,0x01,0x00,0x00, /* 8- 15 */
669 0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /* 16- 23 */
670 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */
671 0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /* 32- 39 */
672 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 40- 47 */
673 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 48- 55 */
674 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 56- 63 */
675 0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - 71 */
676 0x00,0x00,0x00,0x80,0x00,0x80,0x80,0x80, /* 72- | */
677 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* & - 87 */
678 0x00,0x00,0x00,0x80,0x80,0x80,0x00,0x00, /* 88- 95 */
679 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - -103 */
680 0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x80, /* 104- ? */
681 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 */
682 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 120- " */
683 0x00,0x1a,0x1a,0x1a,0x1a,0x1a,0x1a,0x12, /* 128- g */
684 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* h -143 */
685 0x00,0x12,0x12,0x12,0x12,0x12,0x12,0x12, /* 144- p */
686 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* q -159 */
687 0x00,0x00,0x12,0x12,0x12,0x12,0x12,0x12, /* 160- x */
688 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* y -175 */
689 0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ^ -183 */
690 0x00,0x00,0x80,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
691 0x80,0x1a,0x1a,0x1a,0x1a,0x1a,0x1a,0x12, /* { - G */
692 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* H -207 */
693 0x00,0x12,0x12,0x12,0x12,0x12,0x12,0x12, /* } - P */
694 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* Q -223 */
695 0x00,0x00,0x12,0x12,0x12,0x12,0x12,0x12, /* \ - X */
696 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* Y -239 */
697 0x1c,0x1c,0x1c,0x1c,0x1c,0x1c,0x1c,0x1c, /* 0 - 7 */
698 0x1c,0x1c,0x00,0x00,0x00,0x00,0x00,0x00};/* 8 -255 */
699 #endif
700
701
702 /* This table is used to check whether auto-possessification is possible
703 between adjacent character-type opcodes. The left-hand (repeated) opcode is
704 used to select the row, and the right-hand opcode is use to select the column.
705 A value of 1 means that auto-possessification is OK. For example, the second
706 value in the first row means that \D+\d can be turned into \D++\d.
707
708 The Unicode property types (\P and \p) have to be present to fill out the table
709 because of what their opcode values are, but the table values should always be
710 zero because property types are handled separately in the code. The last four
711 columns apply to items that cannot be repeated, so there is no need to have
712 rows for them. Note that OP_DIGIT etc. are generated only when PCRE_UCP is
713 *not* set. When it is set, \d etc. are converted into OP_(NOT_)PROP codes. */
714
715 #define APTROWS (LAST_AUTOTAB_LEFT_OP - FIRST_AUTOTAB_OP + 1)
716 #define APTCOLS (LAST_AUTOTAB_RIGHT_OP - FIRST_AUTOTAB_OP + 1)
717
718 static const pcre_uint8 autoposstab[APTROWS][APTCOLS] = {
719 /* \D \d \S \s \W \w . .+ \C \P \p \R \H \h \V \v \X \Z \z $ $M */
720 { 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0 }, /* \D */
721 { 1, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1 }, /* \d */
722 { 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1 }, /* \S */
723 { 0, 1, 1, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0 }, /* \s */
724 { 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0 }, /* \W */
725 { 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1 }, /* \w */
726 { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 1, 0, 0 }, /* . */
727 { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0 }, /* .+ */
728 { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0 }, /* \C */
729 { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* \P */
730 { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* \p */
731 { 0, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0 }, /* \R */
732 { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0 }, /* \H */
733 { 0, 1, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 0, 0, 1, 0, 0 }, /* \h */
734 { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 1, 0, 0 }, /* \V */
735 { 0, 1, 1, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 0, 1, 0, 0 }, /* \v */
736 { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0 } /* \X */
737 };
738
739
740 /* This table is used to check whether auto-possessification is possible
741 between adjacent Unicode property opcodes (OP_PROP and OP_NOTPROP). The
742 left-hand (repeated) opcode is used to select the row, and the right-hand
743 opcode is used to select the column. The values are as follows:
744
745 0 Always return FALSE (never auto-possessify)
746 1 Character groups are distinct (possessify if both are OP_PROP)
747 2 Check character categories in the same group (general or particular)
748 3 TRUE if the two opcodes are not the same (PROP vs NOTPROP)
749
750 4 Check left general category vs right particular category
751 5 Check right general category vs left particular category
752
753 6 Left alphanum vs right general category
754 7 Left space vs right general category
755 8 Left word vs right general category
756
757 9 Right alphanum vs left general category
758 10 Right space vs left general category
759 11 Right word vs left general category
760
761 12 Left alphanum vs right particular category
762 13 Left space vs right particular category
763 14 Left word vs right particular category
764
765 15 Right alphanum vs left particular category
766 16 Right space vs left particular category
767 17 Right word vs left particular category
768 */
769
770 static const pcre_uint8 propposstab[PT_TABSIZE][PT_TABSIZE] = {
771 /* ANY LAMP GC PC SC ALNUM SPACE PXSPACE WORD CLIST UCNC */
772 { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* PT_ANY */
773 { 0, 3, 0, 0, 0, 3, 1, 1, 0, 0, 0 }, /* PT_LAMP */
774 { 0, 0, 2, 4, 0, 9, 10, 10, 11, 0, 0 }, /* PT_GC */
775 { 0, 0, 5, 2, 0, 15, 16, 16, 17, 0, 0 }, /* PT_PC */
776 { 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0 }, /* PT_SC */
777 { 0, 3, 6, 12, 0, 3, 1, 1, 0, 0, 0 }, /* PT_ALNUM */
778 { 0, 1, 7, 13, 0, 1, 3, 3, 1, 0, 0 }, /* PT_SPACE */
779 { 0, 1, 7, 13, 0, 1, 3, 3, 1, 0, 0 }, /* PT_PXSPACE */
780 { 0, 0, 8, 14, 0, 0, 1, 1, 3, 0, 0 }, /* PT_WORD */
781 { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* PT_CLIST */
782 { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3 } /* PT_UCNC */
783 };
784
785 /* This table is used to check whether auto-possessification is possible
786 between adjacent Unicode property opcodes (OP_PROP and OP_NOTPROP) when one
787 specifies a general category and the other specifies a particular category. The
788 row is selected by the general category and the column by the particular
789 category. The value is 1 if the particular category is not part of the general
790 category. */
791
792 static const pcre_uint8 catposstab[7][30] = {
793 /* Cc Cf Cn Co Cs Ll Lm Lo Lt Lu Mc Me Mn Nd Nl No Pc Pd Pe Pf Pi Po Ps Sc Sk Sm So Zl Zp Zs */
794 { 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 }, /* C */
795 { 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 }, /* L */
796 { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 }, /* M */
797 { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 }, /* N */
798 { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1 }, /* P */
799 { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1, 1, 1 }, /* S */
800 { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0 } /* Z */
801 };
802
803 /* This table is used when checking ALNUM, (PX)SPACE, SPACE, and WORD against
804 a general or particular category. The properties in each row are those
805 that apply to the character set in question. Duplication means that a little
806 unnecessary work is done when checking, but this keeps things much simpler
807 because they can all use the same code. For more details see the comment where
808 this table is used.
809
810 Note: SPACE and PXSPACE used to be different because Perl excluded VT from
811 "space", but from Perl 5.18 it's included, so both categories are treated the
812 same here. */
813
814 static const pcre_uint8 posspropstab[3][4] = {
815 { ucp_L, ucp_N, ucp_N, ucp_Nl }, /* ALNUM, 3rd and 4th values redundant */
816 { ucp_Z, ucp_Z, ucp_C, ucp_Cc }, /* SPACE and PXSPACE, 2nd value redundant */
817 { ucp_L, ucp_N, ucp_P, ucp_Po } /* WORD */
818 };
819
820 /* This table is used when converting repeating opcodes into possessified
821 versions as a result of an explicit possessive quantifier such as ++. A zero
822 value means there is no possessified version - in those cases the item in
823 question must be wrapped in ONCE brackets. The table is truncated at OP_CALLOUT
824 because all relevant opcodes are less than that. */
825
826 static const pcre_uint8 opcode_possessify[] = {
827 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0 - 15 */
828 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 16 - 31 */
829
830 0, /* NOTI */
831 OP_POSSTAR, 0, /* STAR, MINSTAR */
832 OP_POSPLUS, 0, /* PLUS, MINPLUS */
833 OP_POSQUERY, 0, /* QUERY, MINQUERY */
834 OP_POSUPTO, 0, /* UPTO, MINUPTO */
835 0, /* EXACT */
836 0, 0, 0, 0, /* POS{STAR,PLUS,QUERY,UPTO} */
837
838 OP_POSSTARI, 0, /* STARI, MINSTARI */
839 OP_POSPLUSI, 0, /* PLUSI, MINPLUSI */
840 OP_POSQUERYI, 0, /* QUERYI, MINQUERYI */
841 OP_POSUPTOI, 0, /* UPTOI, MINUPTOI */
842 0, /* EXACTI */
843 0, 0, 0, 0, /* POS{STARI,PLUSI,QUERYI,UPTOI} */
844
845 OP_NOTPOSSTAR, 0, /* NOTSTAR, NOTMINSTAR */
846 OP_NOTPOSPLUS, 0, /* NOTPLUS, NOTMINPLUS */
847 OP_NOTPOSQUERY, 0, /* NOTQUERY, NOTMINQUERY */
848 OP_NOTPOSUPTO, 0, /* NOTUPTO, NOTMINUPTO */
849 0, /* NOTEXACT */
850 0, 0, 0, 0, /* NOTPOS{STAR,PLUS,QUERY,UPTO} */
851
852 OP_NOTPOSSTARI, 0, /* NOTSTARI, NOTMINSTARI */
853 OP_NOTPOSPLUSI, 0, /* NOTPLUSI, NOTMINPLUSI */
854 OP_NOTPOSQUERYI, 0, /* NOTQUERYI, NOTMINQUERYI */
855 OP_NOTPOSUPTOI, 0, /* NOTUPTOI, NOTMINUPTOI */
856 0, /* NOTEXACTI */
857 0, 0, 0, 0, /* NOTPOS{STARI,PLUSI,QUERYI,UPTOI} */
858
859 OP_TYPEPOSSTAR, 0, /* TYPESTAR, TYPEMINSTAR */
860 OP_TYPEPOSPLUS, 0, /* TYPEPLUS, TYPEMINPLUS */
861 OP_TYPEPOSQUERY, 0, /* TYPEQUERY, TYPEMINQUERY */
862 OP_TYPEPOSUPTO, 0, /* TYPEUPTO, TYPEMINUPTO */
863 0, /* TYPEEXACT */
864 0, 0, 0, 0, /* TYPEPOS{STAR,PLUS,QUERY,UPTO} */
865
866 OP_CRPOSSTAR, 0, /* CRSTAR, CRMINSTAR */
867 OP_CRPOSPLUS, 0, /* CRPLUS, CRMINPLUS */
868 OP_CRPOSQUERY, 0, /* CRQUERY, CRMINQUERY */
869 OP_CRPOSRANGE, 0, /* CRRANGE, CRMINRANGE */
870 0, 0, 0, 0, /* CRPOS{STAR,PLUS,QUERY,RANGE} */
871
872 0, 0, 0, /* CLASS, NCLASS, XCLASS */
873 0, 0, /* REF, REFI */
874 0, 0, /* DNREF, DNREFI */
875 0, 0 /* RECURSE, CALLOUT */
876 };
877
878
879
880 /*************************************************
881 * Find an error text *
882 *************************************************/
883
884 /* The error texts are now all in one long string, to save on relocations. As
885 some of the text is of unknown length, we can't use a table of offsets.
886 Instead, just count through the strings. This is not a performance issue
887 because it happens only when there has been a compilation error.
888
889 Argument: the error number
890 Returns: pointer to the error string
891 */
892
893 static const char *
find_error_text(int n)894 find_error_text(int n)
895 {
896 const char *s = error_texts;
897 for (; n > 0; n--)
898 {
899 while (*s++ != CHAR_NULL) {};
900 if (*s == CHAR_NULL) return "Error text not found (please report)";
901 }
902 return s;
903 }
904
905
906
907 /*************************************************
908 * Expand the workspace *
909 *************************************************/
910
911 /* This function is called during the second compiling phase, if the number of
912 forward references fills the existing workspace, which is originally a block on
913 the stack. A larger block is obtained from malloc() unless the ultimate limit
914 has been reached or the increase will be rather small.
915
916 Argument: pointer to the compile data block
917 Returns: 0 if all went well, else an error number
918 */
919
920 static int
expand_workspace(compile_data * cd)921 expand_workspace(compile_data *cd)
922 {
923 pcre_uchar *newspace;
924 int newsize = cd->workspace_size * 2;
925
926 if (newsize > COMPILE_WORK_SIZE_MAX) newsize = COMPILE_WORK_SIZE_MAX;
927 if (cd->workspace_size >= COMPILE_WORK_SIZE_MAX ||
928 newsize - cd->workspace_size < WORK_SIZE_SAFETY_MARGIN)
929 return ERR72;
930
931 newspace = (PUBL(malloc))(IN_UCHARS(newsize));
932 if (newspace == NULL) return ERR21;
933 memcpy(newspace, cd->start_workspace, cd->workspace_size * sizeof(pcre_uchar));
934 cd->hwm = (pcre_uchar *)newspace + (cd->hwm - cd->start_workspace);
935 if (cd->workspace_size > COMPILE_WORK_SIZE)
936 (PUBL(free))((void *)cd->start_workspace);
937 cd->start_workspace = newspace;
938 cd->workspace_size = newsize;
939 return 0;
940 }
941
942
943
944 /*************************************************
945 * Check for counted repeat *
946 *************************************************/
947
948 /* This function is called when a '{' is encountered in a place where it might
949 start a quantifier. It looks ahead to see if it really is a quantifier or not.
950 It is only a quantifier if it is one of the forms {ddd} {ddd,} or {ddd,ddd}
951 where the ddds are digits.
952
953 Arguments:
954 p pointer to the first char after '{'
955
956 Returns: TRUE or FALSE
957 */
958
959 static BOOL
is_counted_repeat(const pcre_uchar * p)960 is_counted_repeat(const pcre_uchar *p)
961 {
962 if (!IS_DIGIT(*p)) return FALSE;
963 p++;
964 while (IS_DIGIT(*p)) p++;
965 if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
966
967 if (*p++ != CHAR_COMMA) return FALSE;
968 if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
969
970 if (!IS_DIGIT(*p)) return FALSE;
971 p++;
972 while (IS_DIGIT(*p)) p++;
973
974 return (*p == CHAR_RIGHT_CURLY_BRACKET);
975 }
976
977
978
979 /*************************************************
980 * Handle escapes *
981 *************************************************/
982
983 /* This function is called when a \ has been encountered. It either returns a
984 positive value for a simple escape such as \n, or 0 for a data character which
985 will be placed in chptr. A backreference to group n is returned as negative n.
986 When UTF-8 is enabled, a positive value greater than 255 may be returned in
987 chptr. On entry, ptr is pointing at the \. On exit, it is on the final
988 character of the escape sequence.
989
990 Arguments:
991 ptrptr points to the pattern position pointer
992 chptr points to a returned data character
993 errorcodeptr points to the errorcode variable
994 bracount number of previous extracting brackets
995 options the options bits
996 isclass TRUE if inside a character class
997
998 Returns: zero => a data character
999 positive => a special escape sequence
1000 negative => a back reference
1001 on error, errorcodeptr is set
1002 */
1003
1004 static int
check_escape(const pcre_uchar ** ptrptr,pcre_uint32 * chptr,int * errorcodeptr,int bracount,int options,BOOL isclass)1005 check_escape(const pcre_uchar **ptrptr, pcre_uint32 *chptr, int *errorcodeptr,
1006 int bracount, int options, BOOL isclass)
1007 {
1008 /* PCRE_UTF16 has the same value as PCRE_UTF8. */
1009 BOOL utf = (options & PCRE_UTF8) != 0;
1010 const pcre_uchar *ptr = *ptrptr + 1;
1011 pcre_uint32 c;
1012 int escape = 0;
1013 int i;
1014
1015 GETCHARINCTEST(c, ptr); /* Get character value, increment pointer */
1016 ptr--; /* Set pointer back to the last byte */
1017
1018 /* If backslash is at the end of the pattern, it's an error. */
1019
1020 if (c == CHAR_NULL) *errorcodeptr = ERR1;
1021
1022 /* Non-alphanumerics are literals. For digits or letters, do an initial lookup
1023 in a table. A non-zero result is something that can be returned immediately.
1024 Otherwise further processing may be required. */
1025
1026 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1027 /* Not alphanumeric */
1028 else if (c < CHAR_0 || c > CHAR_z) {}
1029 else if ((i = escapes[c - CHAR_0]) != 0)
1030 { if (i > 0) c = (pcre_uint32)i; else escape = -i; }
1031
1032 #else /* EBCDIC coding */
1033 /* Not alphanumeric */
1034 else if (c < CHAR_a || (!MAX_255(c) || (ebcdic_chartab[c] & 0x0E) == 0)) {}
1035 else if ((i = escapes[c - 0x48]) != 0) { if (i > 0) c = (pcre_uint32)i; else escape = -i; }
1036 #endif
1037
1038 /* Escapes that need further processing, or are illegal. */
1039
1040 else
1041 {
1042 const pcre_uchar *oldptr;
1043 BOOL braced, negated, overflow;
1044 int s;
1045
1046 switch (c)
1047 {
1048 /* A number of Perl escapes are not handled by PCRE. We give an explicit
1049 error. */
1050
1051 case CHAR_l:
1052 case CHAR_L:
1053 *errorcodeptr = ERR37;
1054 break;
1055
1056 case CHAR_u:
1057 if ((options & PCRE_JAVASCRIPT_COMPAT) != 0)
1058 {
1059 /* In JavaScript, \u must be followed by four hexadecimal numbers.
1060 Otherwise it is a lowercase u letter. */
1061 if (MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0
1062 && MAX_255(ptr[2]) && (digitab[ptr[2]] & ctype_xdigit) != 0
1063 && MAX_255(ptr[3]) && (digitab[ptr[3]] & ctype_xdigit) != 0
1064 && MAX_255(ptr[4]) && (digitab[ptr[4]] & ctype_xdigit) != 0)
1065 {
1066 c = 0;
1067 for (i = 0; i < 4; ++i)
1068 {
1069 register pcre_uint32 cc = *(++ptr);
1070 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1071 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
1072 c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1073 #else /* EBCDIC coding */
1074 if (cc >= CHAR_a && cc <= CHAR_z) cc += 64; /* Convert to upper case */
1075 c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1076 #endif
1077 }
1078
1079 #if defined COMPILE_PCRE8
1080 if (c > (utf ? 0x10ffffU : 0xffU))
1081 #elif defined COMPILE_PCRE16
1082 if (c > (utf ? 0x10ffffU : 0xffffU))
1083 #elif defined COMPILE_PCRE32
1084 if (utf && c > 0x10ffffU)
1085 #endif
1086 {
1087 *errorcodeptr = ERR76;
1088 }
1089 else if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;
1090 }
1091 }
1092 else
1093 *errorcodeptr = ERR37;
1094 break;
1095
1096 case CHAR_U:
1097 /* In JavaScript, \U is an uppercase U letter. */
1098 if ((options & PCRE_JAVASCRIPT_COMPAT) == 0) *errorcodeptr = ERR37;
1099 break;
1100
1101 /* In a character class, \g is just a literal "g". Outside a character
1102 class, \g must be followed by one of a number of specific things:
1103
1104 (1) A number, either plain or braced. If positive, it is an absolute
1105 backreference. If negative, it is a relative backreference. This is a Perl
1106 5.10 feature.
1107
1108 (2) Perl 5.10 also supports \g{name} as a reference to a named group. This
1109 is part of Perl's movement towards a unified syntax for back references. As
1110 this is synonymous with \k{name}, we fudge it up by pretending it really
1111 was \k.
1112
1113 (3) For Oniguruma compatibility we also support \g followed by a name or a
1114 number either in angle brackets or in single quotes. However, these are
1115 (possibly recursive) subroutine calls, _not_ backreferences. Just return
1116 the ESC_g code (cf \k). */
1117
1118 case CHAR_g:
1119 if (isclass) break;
1120 if (ptr[1] == CHAR_LESS_THAN_SIGN || ptr[1] == CHAR_APOSTROPHE)
1121 {
1122 escape = ESC_g;
1123 break;
1124 }
1125
1126 /* Handle the Perl-compatible cases */
1127
1128 if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
1129 {
1130 const pcre_uchar *p;
1131 for (p = ptr+2; *p != CHAR_NULL && *p != CHAR_RIGHT_CURLY_BRACKET; p++)
1132 if (*p != CHAR_MINUS && !IS_DIGIT(*p)) break;
1133 if (*p != CHAR_NULL && *p != CHAR_RIGHT_CURLY_BRACKET)
1134 {
1135 escape = ESC_k;
1136 break;
1137 }
1138 braced = TRUE;
1139 ptr++;
1140 }
1141 else braced = FALSE;
1142
1143 if (ptr[1] == CHAR_MINUS)
1144 {
1145 negated = TRUE;
1146 ptr++;
1147 }
1148 else negated = FALSE;
1149
1150 /* The integer range is limited by the machine's int representation. */
1151 s = 0;
1152 overflow = FALSE;
1153 while (IS_DIGIT(ptr[1]))
1154 {
1155 if (s > INT_MAX / 10 - 1) /* Integer overflow */
1156 {
1157 overflow = TRUE;
1158 break;
1159 }
1160 s = s * 10 + (int)(*(++ptr) - CHAR_0);
1161 }
1162 if (overflow) /* Integer overflow */
1163 {
1164 while (IS_DIGIT(ptr[1]))
1165 ptr++;
1166 *errorcodeptr = ERR61;
1167 break;
1168 }
1169
1170 if (braced && *(++ptr) != CHAR_RIGHT_CURLY_BRACKET)
1171 {
1172 *errorcodeptr = ERR57;
1173 break;
1174 }
1175
1176 if (s == 0)
1177 {
1178 *errorcodeptr = ERR58;
1179 break;
1180 }
1181
1182 if (negated)
1183 {
1184 if (s > bracount)
1185 {
1186 *errorcodeptr = ERR15;
1187 break;
1188 }
1189 s = bracount - (s - 1);
1190 }
1191
1192 escape = -s;
1193 break;
1194
1195 /* The handling of escape sequences consisting of a string of digits
1196 starting with one that is not zero is not straightforward. Perl has changed
1197 over the years. Nowadays \g{} for backreferences and \o{} for octal are
1198 recommended to avoid the ambiguities in the old syntax.
1199
1200 Outside a character class, the digits are read as a decimal number. If the
1201 number is less than 8 (used to be 10), or if there are that many previous
1202 extracting left brackets, then it is a back reference. Otherwise, up to
1203 three octal digits are read to form an escaped byte. Thus \123 is likely to
1204 be octal 123 (cf \0123, which is octal 012 followed by the literal 3). If
1205 the octal value is greater than 377, the least significant 8 bits are
1206 taken. \8 and \9 are treated as the literal characters 8 and 9.
1207
1208 Inside a character class, \ followed by a digit is always either a literal
1209 8 or 9 or an octal number. */
1210
1211 case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4: case CHAR_5:
1212 case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
1213
1214 if (!isclass)
1215 {
1216 oldptr = ptr;
1217 /* The integer range is limited by the machine's int representation. */
1218 s = (int)(c -CHAR_0);
1219 overflow = FALSE;
1220 while (IS_DIGIT(ptr[1]))
1221 {
1222 if (s > INT_MAX / 10 - 1) /* Integer overflow */
1223 {
1224 overflow = TRUE;
1225 break;
1226 }
1227 s = s * 10 + (int)(*(++ptr) - CHAR_0);
1228 }
1229 if (overflow) /* Integer overflow */
1230 {
1231 while (IS_DIGIT(ptr[1]))
1232 ptr++;
1233 *errorcodeptr = ERR61;
1234 break;
1235 }
1236 if (s < 8 || s <= bracount) /* Check for back reference */
1237 {
1238 escape = -s;
1239 break;
1240 }
1241 ptr = oldptr; /* Put the pointer back and fall through */
1242 }
1243
1244 /* Handle a digit following \ when the number is not a back reference. If
1245 the first digit is 8 or 9, Perl used to generate a binary zero byte and
1246 then treat the digit as a following literal. At least by Perl 5.18 this
1247 changed so as not to insert the binary zero. */
1248
1249 if ((c = *ptr) >= CHAR_8) break;
1250
1251 /* Fall through with a digit less than 8 */
1252
1253 /* \0 always starts an octal number, but we may drop through to here with a
1254 larger first octal digit. The original code used just to take the least
1255 significant 8 bits of octal numbers (I think this is what early Perls used
1256 to do). Nowadays we allow for larger numbers in UTF-8 mode and 16-bit mode,
1257 but no more than 3 octal digits. */
1258
1259 case CHAR_0:
1260 c -= CHAR_0;
1261 while(i++ < 2 && ptr[1] >= CHAR_0 && ptr[1] <= CHAR_7)
1262 c = c * 8 + *(++ptr) - CHAR_0;
1263 #ifdef COMPILE_PCRE8
1264 if (!utf && c > 0xff) *errorcodeptr = ERR51;
1265 #endif
1266 break;
1267
1268 /* \o is a relatively new Perl feature, supporting a more general way of
1269 specifying character codes in octal. The only supported form is \o{ddd}. */
1270
1271 case CHAR_o:
1272 if (ptr[1] != CHAR_LEFT_CURLY_BRACKET) *errorcodeptr = ERR81; else
1273 if (ptr[2] == CHAR_RIGHT_CURLY_BRACKET) *errorcodeptr = ERR86; else
1274 {
1275 ptr += 2;
1276 c = 0;
1277 overflow = FALSE;
1278 while (*ptr >= CHAR_0 && *ptr <= CHAR_7)
1279 {
1280 register pcre_uint32 cc = *ptr++;
1281 if (c == 0 && cc == CHAR_0) continue; /* Leading zeroes */
1282 #ifdef COMPILE_PCRE32
1283 if (c >= 0x20000000l) { overflow = TRUE; break; }
1284 #endif
1285 c = (c << 3) + cc - CHAR_0 ;
1286 #if defined COMPILE_PCRE8
1287 if (c > (utf ? 0x10ffffU : 0xffU)) { overflow = TRUE; break; }
1288 #elif defined COMPILE_PCRE16
1289 if (c > (utf ? 0x10ffffU : 0xffffU)) { overflow = TRUE; break; }
1290 #elif defined COMPILE_PCRE32
1291 if (utf && c > 0x10ffffU) { overflow = TRUE; break; }
1292 #endif
1293 }
1294 if (overflow)
1295 {
1296 while (*ptr >= CHAR_0 && *ptr <= CHAR_7) ptr++;
1297 *errorcodeptr = ERR34;
1298 }
1299 else if (*ptr == CHAR_RIGHT_CURLY_BRACKET)
1300 {
1301 if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;
1302 }
1303 else *errorcodeptr = ERR80;
1304 }
1305 break;
1306
1307 /* \x is complicated. In JavaScript, \x must be followed by two hexadecimal
1308 numbers. Otherwise it is a lowercase x letter. */
1309
1310 case CHAR_x:
1311 if ((options & PCRE_JAVASCRIPT_COMPAT) != 0)
1312 {
1313 if (MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0
1314 && MAX_255(ptr[2]) && (digitab[ptr[2]] & ctype_xdigit) != 0)
1315 {
1316 c = 0;
1317 for (i = 0; i < 2; ++i)
1318 {
1319 register pcre_uint32 cc = *(++ptr);
1320 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1321 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
1322 c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1323 #else /* EBCDIC coding */
1324 if (cc >= CHAR_a && cc <= CHAR_z) cc += 64; /* Convert to upper case */
1325 c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1326 #endif
1327 }
1328 }
1329 } /* End JavaScript handling */
1330
1331 /* Handle \x in Perl's style. \x{ddd} is a character number which can be
1332 greater than 0xff in utf or non-8bit mode, but only if the ddd are hex
1333 digits. If not, { used to be treated as a data character. However, Perl
1334 seems to read hex digits up to the first non-such, and ignore the rest, so
1335 that, for example \x{zz} matches a binary zero. This seems crazy, so PCRE
1336 now gives an error. */
1337
1338 else
1339 {
1340 if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
1341 {
1342 ptr += 2;
1343 if (*ptr == CHAR_RIGHT_CURLY_BRACKET)
1344 {
1345 *errorcodeptr = ERR86;
1346 break;
1347 }
1348 c = 0;
1349 overflow = FALSE;
1350 while (MAX_255(*ptr) && (digitab[*ptr] & ctype_xdigit) != 0)
1351 {
1352 register pcre_uint32 cc = *ptr++;
1353 if (c == 0 && cc == CHAR_0) continue; /* Leading zeroes */
1354
1355 #ifdef COMPILE_PCRE32
1356 if (c >= 0x10000000l) { overflow = TRUE; break; }
1357 #endif
1358
1359 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1360 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
1361 c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1362 #else /* EBCDIC coding */
1363 if (cc >= CHAR_a && cc <= CHAR_z) cc += 64; /* Convert to upper case */
1364 c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1365 #endif
1366
1367 #if defined COMPILE_PCRE8
1368 if (c > (utf ? 0x10ffffU : 0xffU)) { overflow = TRUE; break; }
1369 #elif defined COMPILE_PCRE16
1370 if (c > (utf ? 0x10ffffU : 0xffffU)) { overflow = TRUE; break; }
1371 #elif defined COMPILE_PCRE32
1372 if (utf && c > 0x10ffffU) { overflow = TRUE; break; }
1373 #endif
1374 }
1375
1376 if (overflow)
1377 {
1378 while (MAX_255(*ptr) && (digitab[*ptr] & ctype_xdigit) != 0) ptr++;
1379 *errorcodeptr = ERR34;
1380 }
1381
1382 else if (*ptr == CHAR_RIGHT_CURLY_BRACKET)
1383 {
1384 if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;
1385 }
1386
1387 /* If the sequence of hex digits does not end with '}', give an error.
1388 We used just to recognize this construct and fall through to the normal
1389 \x handling, but nowadays Perl gives an error, which seems much more
1390 sensible, so we do too. */
1391
1392 else *errorcodeptr = ERR79;
1393 } /* End of \x{} processing */
1394
1395 /* Read a single-byte hex-defined char (up to two hex digits after \x) */
1396
1397 else
1398 {
1399 c = 0;
1400 while (i++ < 2 && MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0)
1401 {
1402 pcre_uint32 cc; /* Some compilers don't like */
1403 cc = *(++ptr); /* ++ in initializers */
1404 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1405 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
1406 c = c * 16 + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1407 #else /* EBCDIC coding */
1408 if (cc <= CHAR_z) cc += 64; /* Convert to upper case */
1409 c = c * 16 + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1410 #endif
1411 }
1412 } /* End of \xdd handling */
1413 } /* End of Perl-style \x handling */
1414 break;
1415
1416 /* For \c, a following letter is upper-cased; then the 0x40 bit is flipped.
1417 An error is given if the byte following \c is not an ASCII character. This
1418 coding is ASCII-specific, but then the whole concept of \cx is
1419 ASCII-specific. (However, an EBCDIC equivalent has now been added.) */
1420
1421 case CHAR_c:
1422 c = *(++ptr);
1423 if (c == CHAR_NULL)
1424 {
1425 *errorcodeptr = ERR2;
1426 break;
1427 }
1428 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1429 if (c > 127) /* Excludes all non-ASCII in either mode */
1430 {
1431 *errorcodeptr = ERR68;
1432 break;
1433 }
1434 if (c >= CHAR_a && c <= CHAR_z) c -= 32;
1435 c ^= 0x40;
1436 #else /* EBCDIC coding */
1437 if (c >= CHAR_a && c <= CHAR_z) c += 64;
1438 if (c == CHAR_QUESTION_MARK)
1439 c = ('\\' == 188 && '`' == 74)? 0x5f : 0xff;
1440 else
1441 {
1442 for (i = 0; i < 32; i++)
1443 {
1444 if (c == ebcdic_escape_c[i]) break;
1445 }
1446 if (i < 32) c = i; else *errorcodeptr = ERR68;
1447 }
1448 #endif
1449 break;
1450
1451 /* PCRE_EXTRA enables extensions to Perl in the matter of escapes. Any
1452 other alphanumeric following \ is an error if PCRE_EXTRA was set;
1453 otherwise, for Perl compatibility, it is a literal. This code looks a bit
1454 odd, but there used to be some cases other than the default, and there may
1455 be again in future, so I haven't "optimized" it. */
1456
1457 default:
1458 if ((options & PCRE_EXTRA) != 0) switch(c)
1459 {
1460 default:
1461 *errorcodeptr = ERR3;
1462 break;
1463 }
1464 break;
1465 }
1466 }
1467
1468 /* Perl supports \N{name} for character names, as well as plain \N for "not
1469 newline". PCRE does not support \N{name}. However, it does support
1470 quantification such as \N{2,3}. */
1471
1472 if (escape == ESC_N && ptr[1] == CHAR_LEFT_CURLY_BRACKET &&
1473 !is_counted_repeat(ptr+2))
1474 *errorcodeptr = ERR37;
1475
1476 /* If PCRE_UCP is set, we change the values for \d etc. */
1477
1478 if ((options & PCRE_UCP) != 0 && escape >= ESC_D && escape <= ESC_w)
1479 escape += (ESC_DU - ESC_D);
1480
1481 /* Set the pointer to the final character before returning. */
1482
1483 *ptrptr = ptr;
1484 *chptr = c;
1485 return escape;
1486 }
1487
1488
1489
1490 #ifdef SUPPORT_UCP
1491 /*************************************************
1492 * Handle \P and \p *
1493 *************************************************/
1494
1495 /* This function is called after \P or \p has been encountered, provided that
1496 PCRE is compiled with support for Unicode properties. On entry, ptrptr is
1497 pointing at the P or p. On exit, it is pointing at the final character of the
1498 escape sequence.
1499
1500 Argument:
1501 ptrptr points to the pattern position pointer
1502 negptr points to a boolean that is set TRUE for negation else FALSE
1503 ptypeptr points to an unsigned int that is set to the type value
1504 pdataptr points to an unsigned int that is set to the detailed property value
1505 errorcodeptr points to the error code variable
1506
1507 Returns: TRUE if the type value was found, or FALSE for an invalid type
1508 */
1509
1510 static BOOL
get_ucp(const pcre_uchar ** ptrptr,BOOL * negptr,unsigned int * ptypeptr,unsigned int * pdataptr,int * errorcodeptr)1511 get_ucp(const pcre_uchar **ptrptr, BOOL *negptr, unsigned int *ptypeptr,
1512 unsigned int *pdataptr, int *errorcodeptr)
1513 {
1514 pcre_uchar c;
1515 int i, bot, top;
1516 const pcre_uchar *ptr = *ptrptr;
1517 pcre_uchar name[32];
1518
1519 c = *(++ptr);
1520 if (c == CHAR_NULL) goto ERROR_RETURN;
1521
1522 *negptr = FALSE;
1523
1524 /* \P or \p can be followed by a name in {}, optionally preceded by ^ for
1525 negation. */
1526
1527 if (c == CHAR_LEFT_CURLY_BRACKET)
1528 {
1529 if (ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
1530 {
1531 *negptr = TRUE;
1532 ptr++;
1533 }
1534 for (i = 0; i < (int)(sizeof(name) / sizeof(pcre_uchar)) - 1; i++)
1535 {
1536 c = *(++ptr);
1537 if (c == CHAR_NULL) goto ERROR_RETURN;
1538 if (c == CHAR_RIGHT_CURLY_BRACKET) break;
1539 name[i] = c;
1540 }
1541 if (c != CHAR_RIGHT_CURLY_BRACKET) goto ERROR_RETURN;
1542 name[i] = 0;
1543 }
1544
1545 /* Otherwise there is just one following character */
1546
1547 else
1548 {
1549 name[0] = c;
1550 name[1] = 0;
1551 }
1552
1553 *ptrptr = ptr;
1554
1555 /* Search for a recognized property name using binary chop */
1556
1557 bot = 0;
1558 top = PRIV(utt_size);
1559
1560 while (bot < top)
1561 {
1562 int r;
1563 i = (bot + top) >> 1;
1564 r = STRCMP_UC_C8(name, PRIV(utt_names) + PRIV(utt)[i].name_offset);
1565 if (r == 0)
1566 {
1567 *ptypeptr = PRIV(utt)[i].type;
1568 *pdataptr = PRIV(utt)[i].value;
1569 return TRUE;
1570 }
1571 if (r > 0) bot = i + 1; else top = i;
1572 }
1573
1574 *errorcodeptr = ERR47;
1575 *ptrptr = ptr;
1576 return FALSE;
1577
1578 ERROR_RETURN:
1579 *errorcodeptr = ERR46;
1580 *ptrptr = ptr;
1581 return FALSE;
1582 }
1583 #endif
1584
1585
1586
1587 /*************************************************
1588 * Read repeat counts *
1589 *************************************************/
1590
1591 /* Read an item of the form {n,m} and return the values. This is called only
1592 after is_counted_repeat() has confirmed that a repeat-count quantifier exists,
1593 so the syntax is guaranteed to be correct, but we need to check the values.
1594
1595 Arguments:
1596 p pointer to first char after '{'
1597 minp pointer to int for min
1598 maxp pointer to int for max
1599 returned as -1 if no max
1600 errorcodeptr points to error code variable
1601
1602 Returns: pointer to '}' on success;
1603 current ptr on error, with errorcodeptr set non-zero
1604 */
1605
1606 static const pcre_uchar *
read_repeat_counts(const pcre_uchar * p,int * minp,int * maxp,int * errorcodeptr)1607 read_repeat_counts(const pcre_uchar *p, int *minp, int *maxp, int *errorcodeptr)
1608 {
1609 int min = 0;
1610 int max = -1;
1611
1612 while (IS_DIGIT(*p))
1613 {
1614 min = min * 10 + (int)(*p++ - CHAR_0);
1615 if (min > 65535)
1616 {
1617 *errorcodeptr = ERR5;
1618 return p;
1619 }
1620 }
1621
1622 if (*p == CHAR_RIGHT_CURLY_BRACKET) max = min; else
1623 {
1624 if (*(++p) != CHAR_RIGHT_CURLY_BRACKET)
1625 {
1626 max = 0;
1627 while(IS_DIGIT(*p))
1628 {
1629 max = max * 10 + (int)(*p++ - CHAR_0);
1630 if (max > 65535)
1631 {
1632 *errorcodeptr = ERR5;
1633 return p;
1634 }
1635 }
1636 if (max < min)
1637 {
1638 *errorcodeptr = ERR4;
1639 return p;
1640 }
1641 }
1642 }
1643
1644 *minp = min;
1645 *maxp = max;
1646 return p;
1647 }
1648
1649
1650
1651 /*************************************************
1652 * Find first significant op code *
1653 *************************************************/
1654
1655 /* This is called by several functions that scan a compiled expression looking
1656 for a fixed first character, or an anchoring op code etc. It skips over things
1657 that do not influence this. For some calls, it makes sense to skip negative
1658 forward and all backward assertions, and also the \b assertion; for others it
1659 does not.
1660
1661 Arguments:
1662 code pointer to the start of the group
1663 skipassert TRUE if certain assertions are to be skipped
1664
1665 Returns: pointer to the first significant opcode
1666 */
1667
1668 static const pcre_uchar*
first_significant_code(const pcre_uchar * code,BOOL skipassert)1669 first_significant_code(const pcre_uchar *code, BOOL skipassert)
1670 {
1671 for (;;)
1672 {
1673 switch ((int)*code)
1674 {
1675 case OP_ASSERT_NOT:
1676 case OP_ASSERTBACK:
1677 case OP_ASSERTBACK_NOT:
1678 if (!skipassert) return code;
1679 do code += GET(code, 1); while (*code == OP_ALT);
1680 code += PRIV(OP_lengths)[*code];
1681 break;
1682
1683 case OP_WORD_BOUNDARY:
1684 case OP_NOT_WORD_BOUNDARY:
1685 if (!skipassert) return code;
1686 /* Fall through */
1687
1688 case OP_CALLOUT:
1689 case OP_CREF:
1690 case OP_DNCREF:
1691 case OP_RREF:
1692 case OP_DNRREF:
1693 case OP_DEF:
1694 code += PRIV(OP_lengths)[*code];
1695 break;
1696
1697 default:
1698 return code;
1699 }
1700 }
1701 /* Control never reaches here */
1702 }
1703
1704
1705
1706 /*************************************************
1707 * Find the fixed length of a branch *
1708 *************************************************/
1709
1710 /* Scan a branch and compute the fixed length of subject that will match it,
1711 if the length is fixed. This is needed for dealing with backward assertions.
1712 In UTF8 mode, the result is in characters rather than bytes. The branch is
1713 temporarily terminated with OP_END when this function is called.
1714
1715 This function is called when a backward assertion is encountered, so that if it
1716 fails, the error message can point to the correct place in the pattern.
1717 However, we cannot do this when the assertion contains subroutine calls,
1718 because they can be forward references. We solve this by remembering this case
1719 and doing the check at the end; a flag specifies which mode we are running in.
1720
1721 Arguments:
1722 code points to the start of the pattern (the bracket)
1723 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
1724 atend TRUE if called when the pattern is complete
1725 cd the "compile data" structure
1726 recurses chain of recurse_check to catch mutual recursion
1727
1728 Returns: the fixed length,
1729 or -1 if there is no fixed length,
1730 or -2 if \C was encountered (in UTF-8 mode only)
1731 or -3 if an OP_RECURSE item was encountered and atend is FALSE
1732 or -4 if an unknown opcode was encountered (internal error)
1733 */
1734
1735 static int
find_fixedlength(pcre_uchar * code,BOOL utf,BOOL atend,compile_data * cd,recurse_check * recurses)1736 find_fixedlength(pcre_uchar *code, BOOL utf, BOOL atend, compile_data *cd,
1737 recurse_check *recurses)
1738 {
1739 int length = -1;
1740 recurse_check this_recurse;
1741 register int branchlength = 0;
1742 register pcre_uchar *cc = code + 1 + LINK_SIZE;
1743
1744 /* Scan along the opcodes for this branch. If we get to the end of the
1745 branch, check the length against that of the other branches. */
1746
1747 for (;;)
1748 {
1749 int d;
1750 pcre_uchar *ce, *cs;
1751 register pcre_uchar op = *cc;
1752
1753 switch (op)
1754 {
1755 /* We only need to continue for OP_CBRA (normal capturing bracket) and
1756 OP_BRA (normal non-capturing bracket) because the other variants of these
1757 opcodes are all concerned with unlimited repeated groups, which of course
1758 are not of fixed length. */
1759
1760 case OP_CBRA:
1761 case OP_BRA:
1762 case OP_ONCE:
1763 case OP_ONCE_NC:
1764 case OP_COND:
1765 d = find_fixedlength(cc + ((op == OP_CBRA)? IMM2_SIZE : 0), utf, atend, cd,
1766 recurses);
1767 if (d < 0) return d;
1768 branchlength += d;
1769 do cc += GET(cc, 1); while (*cc == OP_ALT);
1770 cc += 1 + LINK_SIZE;
1771 break;
1772
1773 /* Reached end of a branch; if it's a ket it is the end of a nested call.
1774 If it's ALT it is an alternation in a nested call. An ACCEPT is effectively
1775 an ALT. If it is END it's the end of the outer call. All can be handled by
1776 the same code. Note that we must not include the OP_KETRxxx opcodes here,
1777 because they all imply an unlimited repeat. */
1778
1779 case OP_ALT:
1780 case OP_KET:
1781 case OP_END:
1782 case OP_ACCEPT:
1783 case OP_ASSERT_ACCEPT:
1784 if (length < 0) length = branchlength;
1785 else if (length != branchlength) return -1;
1786 if (*cc != OP_ALT) return length;
1787 cc += 1 + LINK_SIZE;
1788 branchlength = 0;
1789 break;
1790
1791 /* A true recursion implies not fixed length, but a subroutine call may
1792 be OK. If the subroutine is a forward reference, we can't deal with
1793 it until the end of the pattern, so return -3. */
1794
1795 case OP_RECURSE:
1796 if (!atend) return -3;
1797 cs = ce = (pcre_uchar *)cd->start_code + GET(cc, 1); /* Start subpattern */
1798 do ce += GET(ce, 1); while (*ce == OP_ALT); /* End subpattern */
1799 if (cc > cs && cc < ce) return -1; /* Recursion */
1800 else /* Check for mutual recursion */
1801 {
1802 recurse_check *r = recurses;
1803 for (r = recurses; r != NULL; r = r->prev) if (r->group == cs) break;
1804 if (r != NULL) return -1; /* Mutual recursion */
1805 }
1806 this_recurse.prev = recurses;
1807 this_recurse.group = cs;
1808 d = find_fixedlength(cs + IMM2_SIZE, utf, atend, cd, &this_recurse);
1809 if (d < 0) return d;
1810 branchlength += d;
1811 cc += 1 + LINK_SIZE;
1812 break;
1813
1814 /* Skip over assertive subpatterns */
1815
1816 case OP_ASSERT:
1817 case OP_ASSERT_NOT:
1818 case OP_ASSERTBACK:
1819 case OP_ASSERTBACK_NOT:
1820 do cc += GET(cc, 1); while (*cc == OP_ALT);
1821 cc += 1 + LINK_SIZE;
1822 break;
1823
1824 /* Skip over things that don't match chars */
1825
1826 case OP_MARK:
1827 case OP_PRUNE_ARG:
1828 case OP_SKIP_ARG:
1829 case OP_THEN_ARG:
1830 cc += cc[1] + PRIV(OP_lengths)[*cc];
1831 break;
1832
1833 case OP_CALLOUT:
1834 case OP_CIRC:
1835 case OP_CIRCM:
1836 case OP_CLOSE:
1837 case OP_COMMIT:
1838 case OP_CREF:
1839 case OP_DEF:
1840 case OP_DNCREF:
1841 case OP_DNRREF:
1842 case OP_DOLL:
1843 case OP_DOLLM:
1844 case OP_EOD:
1845 case OP_EODN:
1846 case OP_FAIL:
1847 case OP_NOT_WORD_BOUNDARY:
1848 case OP_PRUNE:
1849 case OP_REVERSE:
1850 case OP_RREF:
1851 case OP_SET_SOM:
1852 case OP_SKIP:
1853 case OP_SOD:
1854 case OP_SOM:
1855 case OP_THEN:
1856 case OP_WORD_BOUNDARY:
1857 cc += PRIV(OP_lengths)[*cc];
1858 break;
1859
1860 /* Handle literal characters */
1861
1862 case OP_CHAR:
1863 case OP_CHARI:
1864 case OP_NOT:
1865 case OP_NOTI:
1866 branchlength++;
1867 cc += 2;
1868 #ifdef SUPPORT_UTF
1869 if (utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]);
1870 #endif
1871 break;
1872
1873 /* Handle exact repetitions. The count is already in characters, but we
1874 need to skip over a multibyte character in UTF8 mode. */
1875
1876 case OP_EXACT:
1877 case OP_EXACTI:
1878 case OP_NOTEXACT:
1879 case OP_NOTEXACTI:
1880 branchlength += (int)GET2(cc,1);
1881 cc += 2 + IMM2_SIZE;
1882 #ifdef SUPPORT_UTF
1883 if (utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]);
1884 #endif
1885 break;
1886
1887 case OP_TYPEEXACT:
1888 branchlength += GET2(cc,1);
1889 if (cc[1 + IMM2_SIZE] == OP_PROP || cc[1 + IMM2_SIZE] == OP_NOTPROP)
1890 cc += 2;
1891 cc += 1 + IMM2_SIZE + 1;
1892 break;
1893
1894 /* Handle single-char matchers */
1895
1896 case OP_PROP:
1897 case OP_NOTPROP:
1898 cc += 2;
1899 /* Fall through */
1900
1901 case OP_HSPACE:
1902 case OP_VSPACE:
1903 case OP_NOT_HSPACE:
1904 case OP_NOT_VSPACE:
1905 case OP_NOT_DIGIT:
1906 case OP_DIGIT:
1907 case OP_NOT_WHITESPACE:
1908 case OP_WHITESPACE:
1909 case OP_NOT_WORDCHAR:
1910 case OP_WORDCHAR:
1911 case OP_ANY:
1912 case OP_ALLANY:
1913 branchlength++;
1914 cc++;
1915 break;
1916
1917 /* The single-byte matcher isn't allowed. This only happens in UTF-8 mode;
1918 otherwise \C is coded as OP_ALLANY. */
1919
1920 case OP_ANYBYTE:
1921 return -2;
1922
1923 /* Check a class for variable quantification */
1924
1925 case OP_CLASS:
1926 case OP_NCLASS:
1927 #if defined SUPPORT_UTF || defined COMPILE_PCRE16 || defined COMPILE_PCRE32
1928 case OP_XCLASS:
1929 /* The original code caused an unsigned overflow in 64 bit systems,
1930 so now we use a conditional statement. */
1931 if (op == OP_XCLASS)
1932 cc += GET(cc, 1);
1933 else
1934 cc += PRIV(OP_lengths)[OP_CLASS];
1935 #else
1936 cc += PRIV(OP_lengths)[OP_CLASS];
1937 #endif
1938
1939 switch (*cc)
1940 {
1941 case OP_CRSTAR:
1942 case OP_CRMINSTAR:
1943 case OP_CRPLUS:
1944 case OP_CRMINPLUS:
1945 case OP_CRQUERY:
1946 case OP_CRMINQUERY:
1947 case OP_CRPOSSTAR:
1948 case OP_CRPOSPLUS:
1949 case OP_CRPOSQUERY:
1950 return -1;
1951
1952 case OP_CRRANGE:
1953 case OP_CRMINRANGE:
1954 case OP_CRPOSRANGE:
1955 if (GET2(cc,1) != GET2(cc,1+IMM2_SIZE)) return -1;
1956 branchlength += (int)GET2(cc,1);
1957 cc += 1 + 2 * IMM2_SIZE;
1958 break;
1959
1960 default:
1961 branchlength++;
1962 }
1963 break;
1964
1965 /* Anything else is variable length */
1966
1967 case OP_ANYNL:
1968 case OP_BRAMINZERO:
1969 case OP_BRAPOS:
1970 case OP_BRAPOSZERO:
1971 case OP_BRAZERO:
1972 case OP_CBRAPOS:
1973 case OP_EXTUNI:
1974 case OP_KETRMAX:
1975 case OP_KETRMIN:
1976 case OP_KETRPOS:
1977 case OP_MINPLUS:
1978 case OP_MINPLUSI:
1979 case OP_MINQUERY:
1980 case OP_MINQUERYI:
1981 case OP_MINSTAR:
1982 case OP_MINSTARI:
1983 case OP_MINUPTO:
1984 case OP_MINUPTOI:
1985 case OP_NOTMINPLUS:
1986 case OP_NOTMINPLUSI:
1987 case OP_NOTMINQUERY:
1988 case OP_NOTMINQUERYI:
1989 case OP_NOTMINSTAR:
1990 case OP_NOTMINSTARI:
1991 case OP_NOTMINUPTO:
1992 case OP_NOTMINUPTOI:
1993 case OP_NOTPLUS:
1994 case OP_NOTPLUSI:
1995 case OP_NOTPOSPLUS:
1996 case OP_NOTPOSPLUSI:
1997 case OP_NOTPOSQUERY:
1998 case OP_NOTPOSQUERYI:
1999 case OP_NOTPOSSTAR:
2000 case OP_NOTPOSSTARI:
2001 case OP_NOTPOSUPTO:
2002 case OP_NOTPOSUPTOI:
2003 case OP_NOTQUERY:
2004 case OP_NOTQUERYI:
2005 case OP_NOTSTAR:
2006 case OP_NOTSTARI:
2007 case OP_NOTUPTO:
2008 case OP_NOTUPTOI:
2009 case OP_PLUS:
2010 case OP_PLUSI:
2011 case OP_POSPLUS:
2012 case OP_POSPLUSI:
2013 case OP_POSQUERY:
2014 case OP_POSQUERYI:
2015 case OP_POSSTAR:
2016 case OP_POSSTARI:
2017 case OP_POSUPTO:
2018 case OP_POSUPTOI:
2019 case OP_QUERY:
2020 case OP_QUERYI:
2021 case OP_REF:
2022 case OP_REFI:
2023 case OP_DNREF:
2024 case OP_DNREFI:
2025 case OP_SBRA:
2026 case OP_SBRAPOS:
2027 case OP_SCBRA:
2028 case OP_SCBRAPOS:
2029 case OP_SCOND:
2030 case OP_SKIPZERO:
2031 case OP_STAR:
2032 case OP_STARI:
2033 case OP_TYPEMINPLUS:
2034 case OP_TYPEMINQUERY:
2035 case OP_TYPEMINSTAR:
2036 case OP_TYPEMINUPTO:
2037 case OP_TYPEPLUS:
2038 case OP_TYPEPOSPLUS:
2039 case OP_TYPEPOSQUERY:
2040 case OP_TYPEPOSSTAR:
2041 case OP_TYPEPOSUPTO:
2042 case OP_TYPEQUERY:
2043 case OP_TYPESTAR:
2044 case OP_TYPEUPTO:
2045 case OP_UPTO:
2046 case OP_UPTOI:
2047 return -1;
2048
2049 /* Catch unrecognized opcodes so that when new ones are added they
2050 are not forgotten, as has happened in the past. */
2051
2052 default:
2053 return -4;
2054 }
2055 }
2056 /* Control never gets here */
2057 }
2058
2059
2060
2061 /*************************************************
2062 * Scan compiled regex for specific bracket *
2063 *************************************************/
2064
2065 /* This little function scans through a compiled pattern until it finds a
2066 capturing bracket with the given number, or, if the number is negative, an
2067 instance of OP_REVERSE for a lookbehind. The function is global in the C sense
2068 so that it can be called from pcre_study() when finding the minimum matching
2069 length.
2070
2071 Arguments:
2072 code points to start of expression
2073 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
2074 number the required bracket number or negative to find a lookbehind
2075
2076 Returns: pointer to the opcode for the bracket, or NULL if not found
2077 */
2078
2079 const pcre_uchar *
PRIV(find_bracket)2080 PRIV(find_bracket)(const pcre_uchar *code, BOOL utf, int number)
2081 {
2082 for (;;)
2083 {
2084 register pcre_uchar c = *code;
2085
2086 if (c == OP_END) return NULL;
2087
2088 /* XCLASS is used for classes that cannot be represented just by a bit
2089 map. This includes negated single high-valued characters. The length in
2090 the table is zero; the actual length is stored in the compiled code. */
2091
2092 if (c == OP_XCLASS) code += GET(code, 1);
2093
2094 /* Handle recursion */
2095
2096 else if (c == OP_REVERSE)
2097 {
2098 if (number < 0) return (pcre_uchar *)code;
2099 code += PRIV(OP_lengths)[c];
2100 }
2101
2102 /* Handle capturing bracket */
2103
2104 else if (c == OP_CBRA || c == OP_SCBRA ||
2105 c == OP_CBRAPOS || c == OP_SCBRAPOS)
2106 {
2107 int n = (int)GET2(code, 1+LINK_SIZE);
2108 if (n == number) return (pcre_uchar *)code;
2109 code += PRIV(OP_lengths)[c];
2110 }
2111
2112 /* Otherwise, we can get the item's length from the table, except that for
2113 repeated character types, we have to test for \p and \P, which have an extra
2114 two bytes of parameters, and for MARK/PRUNE/SKIP/THEN with an argument, we
2115 must add in its length. */
2116
2117 else
2118 {
2119 switch(c)
2120 {
2121 case OP_TYPESTAR:
2122 case OP_TYPEMINSTAR:
2123 case OP_TYPEPLUS:
2124 case OP_TYPEMINPLUS:
2125 case OP_TYPEQUERY:
2126 case OP_TYPEMINQUERY:
2127 case OP_TYPEPOSSTAR:
2128 case OP_TYPEPOSPLUS:
2129 case OP_TYPEPOSQUERY:
2130 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2131 break;
2132
2133 case OP_TYPEUPTO:
2134 case OP_TYPEMINUPTO:
2135 case OP_TYPEEXACT:
2136 case OP_TYPEPOSUPTO:
2137 if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2138 code += 2;
2139 break;
2140
2141 case OP_MARK:
2142 case OP_PRUNE_ARG:
2143 case OP_SKIP_ARG:
2144 case OP_THEN_ARG:
2145 code += code[1];
2146 break;
2147 }
2148
2149 /* Add in the fixed length from the table */
2150
2151 code += PRIV(OP_lengths)[c];
2152
2153 /* In UTF-8 mode, opcodes that are followed by a character may be followed by
2154 a multi-byte character. The length in the table is a minimum, so we have to
2155 arrange to skip the extra bytes. */
2156
2157 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2158 if (utf) switch(c)
2159 {
2160 case OP_CHAR:
2161 case OP_CHARI:
2162 case OP_NOT:
2163 case OP_NOTI:
2164 case OP_EXACT:
2165 case OP_EXACTI:
2166 case OP_NOTEXACT:
2167 case OP_NOTEXACTI:
2168 case OP_UPTO:
2169 case OP_UPTOI:
2170 case OP_NOTUPTO:
2171 case OP_NOTUPTOI:
2172 case OP_MINUPTO:
2173 case OP_MINUPTOI:
2174 case OP_NOTMINUPTO:
2175 case OP_NOTMINUPTOI:
2176 case OP_POSUPTO:
2177 case OP_POSUPTOI:
2178 case OP_NOTPOSUPTO:
2179 case OP_NOTPOSUPTOI:
2180 case OP_STAR:
2181 case OP_STARI:
2182 case OP_NOTSTAR:
2183 case OP_NOTSTARI:
2184 case OP_MINSTAR:
2185 case OP_MINSTARI:
2186 case OP_NOTMINSTAR:
2187 case OP_NOTMINSTARI:
2188 case OP_POSSTAR:
2189 case OP_POSSTARI:
2190 case OP_NOTPOSSTAR:
2191 case OP_NOTPOSSTARI:
2192 case OP_PLUS:
2193 case OP_PLUSI:
2194 case OP_NOTPLUS:
2195 case OP_NOTPLUSI:
2196 case OP_MINPLUS:
2197 case OP_MINPLUSI:
2198 case OP_NOTMINPLUS:
2199 case OP_NOTMINPLUSI:
2200 case OP_POSPLUS:
2201 case OP_POSPLUSI:
2202 case OP_NOTPOSPLUS:
2203 case OP_NOTPOSPLUSI:
2204 case OP_QUERY:
2205 case OP_QUERYI:
2206 case OP_NOTQUERY:
2207 case OP_NOTQUERYI:
2208 case OP_MINQUERY:
2209 case OP_MINQUERYI:
2210 case OP_NOTMINQUERY:
2211 case OP_NOTMINQUERYI:
2212 case OP_POSQUERY:
2213 case OP_POSQUERYI:
2214 case OP_NOTPOSQUERY:
2215 case OP_NOTPOSQUERYI:
2216 if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);
2217 break;
2218 }
2219 #else
2220 (void)(utf); /* Keep compiler happy by referencing function argument */
2221 #endif
2222 }
2223 }
2224 }
2225
2226
2227
2228 /*************************************************
2229 * Scan compiled regex for recursion reference *
2230 *************************************************/
2231
2232 /* This little function scans through a compiled pattern until it finds an
2233 instance of OP_RECURSE.
2234
2235 Arguments:
2236 code points to start of expression
2237 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
2238
2239 Returns: pointer to the opcode for OP_RECURSE, or NULL if not found
2240 */
2241
2242 static const pcre_uchar *
find_recurse(const pcre_uchar * code,BOOL utf)2243 find_recurse(const pcre_uchar *code, BOOL utf)
2244 {
2245 for (;;)
2246 {
2247 register pcre_uchar c = *code;
2248 if (c == OP_END) return NULL;
2249 if (c == OP_RECURSE) return code;
2250
2251 /* XCLASS is used for classes that cannot be represented just by a bit
2252 map. This includes negated single high-valued characters. The length in
2253 the table is zero; the actual length is stored in the compiled code. */
2254
2255 if (c == OP_XCLASS) code += GET(code, 1);
2256
2257 /* Otherwise, we can get the item's length from the table, except that for
2258 repeated character types, we have to test for \p and \P, which have an extra
2259 two bytes of parameters, and for MARK/PRUNE/SKIP/THEN with an argument, we
2260 must add in its length. */
2261
2262 else
2263 {
2264 switch(c)
2265 {
2266 case OP_TYPESTAR:
2267 case OP_TYPEMINSTAR:
2268 case OP_TYPEPLUS:
2269 case OP_TYPEMINPLUS:
2270 case OP_TYPEQUERY:
2271 case OP_TYPEMINQUERY:
2272 case OP_TYPEPOSSTAR:
2273 case OP_TYPEPOSPLUS:
2274 case OP_TYPEPOSQUERY:
2275 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2276 break;
2277
2278 case OP_TYPEPOSUPTO:
2279 case OP_TYPEUPTO:
2280 case OP_TYPEMINUPTO:
2281 case OP_TYPEEXACT:
2282 if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2283 code += 2;
2284 break;
2285
2286 case OP_MARK:
2287 case OP_PRUNE_ARG:
2288 case OP_SKIP_ARG:
2289 case OP_THEN_ARG:
2290 code += code[1];
2291 break;
2292 }
2293
2294 /* Add in the fixed length from the table */
2295
2296 code += PRIV(OP_lengths)[c];
2297
2298 /* In UTF-8 mode, opcodes that are followed by a character may be followed
2299 by a multi-byte character. The length in the table is a minimum, so we have
2300 to arrange to skip the extra bytes. */
2301
2302 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2303 if (utf) switch(c)
2304 {
2305 case OP_CHAR:
2306 case OP_CHARI:
2307 case OP_NOT:
2308 case OP_NOTI:
2309 case OP_EXACT:
2310 case OP_EXACTI:
2311 case OP_NOTEXACT:
2312 case OP_NOTEXACTI:
2313 case OP_UPTO:
2314 case OP_UPTOI:
2315 case OP_NOTUPTO:
2316 case OP_NOTUPTOI:
2317 case OP_MINUPTO:
2318 case OP_MINUPTOI:
2319 case OP_NOTMINUPTO:
2320 case OP_NOTMINUPTOI:
2321 case OP_POSUPTO:
2322 case OP_POSUPTOI:
2323 case OP_NOTPOSUPTO:
2324 case OP_NOTPOSUPTOI:
2325 case OP_STAR:
2326 case OP_STARI:
2327 case OP_NOTSTAR:
2328 case OP_NOTSTARI:
2329 case OP_MINSTAR:
2330 case OP_MINSTARI:
2331 case OP_NOTMINSTAR:
2332 case OP_NOTMINSTARI:
2333 case OP_POSSTAR:
2334 case OP_POSSTARI:
2335 case OP_NOTPOSSTAR:
2336 case OP_NOTPOSSTARI:
2337 case OP_PLUS:
2338 case OP_PLUSI:
2339 case OP_NOTPLUS:
2340 case OP_NOTPLUSI:
2341 case OP_MINPLUS:
2342 case OP_MINPLUSI:
2343 case OP_NOTMINPLUS:
2344 case OP_NOTMINPLUSI:
2345 case OP_POSPLUS:
2346 case OP_POSPLUSI:
2347 case OP_NOTPOSPLUS:
2348 case OP_NOTPOSPLUSI:
2349 case OP_QUERY:
2350 case OP_QUERYI:
2351 case OP_NOTQUERY:
2352 case OP_NOTQUERYI:
2353 case OP_MINQUERY:
2354 case OP_MINQUERYI:
2355 case OP_NOTMINQUERY:
2356 case OP_NOTMINQUERYI:
2357 case OP_POSQUERY:
2358 case OP_POSQUERYI:
2359 case OP_NOTPOSQUERY:
2360 case OP_NOTPOSQUERYI:
2361 if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);
2362 break;
2363 }
2364 #else
2365 (void)(utf); /* Keep compiler happy by referencing function argument */
2366 #endif
2367 }
2368 }
2369 }
2370
2371
2372
2373 /*************************************************
2374 * Scan compiled branch for non-emptiness *
2375 *************************************************/
2376
2377 /* This function scans through a branch of a compiled pattern to see whether it
2378 can match the empty string or not. It is called from could_be_empty()
2379 below and from compile_branch() when checking for an unlimited repeat of a
2380 group that can match nothing. Note that first_significant_code() skips over
2381 backward and negative forward assertions when its final argument is TRUE. If we
2382 hit an unclosed bracket, we return "empty" - this means we've struck an inner
2383 bracket whose current branch will already have been scanned.
2384
2385 Arguments:
2386 code points to start of search
2387 endcode points to where to stop
2388 utf TRUE if in UTF-8 / UTF-16 / UTF-32 mode
2389 cd contains pointers to tables etc.
2390 recurses chain of recurse_check to catch mutual recursion
2391
2392 Returns: TRUE if what is matched could be empty
2393 */
2394
2395 static BOOL
could_be_empty_branch(const pcre_uchar * code,const pcre_uchar * endcode,BOOL utf,compile_data * cd,recurse_check * recurses)2396 could_be_empty_branch(const pcre_uchar *code, const pcre_uchar *endcode,
2397 BOOL utf, compile_data *cd, recurse_check *recurses)
2398 {
2399 register pcre_uchar c;
2400 recurse_check this_recurse;
2401
2402 for (code = first_significant_code(code + PRIV(OP_lengths)[*code], TRUE);
2403 code < endcode;
2404 code = first_significant_code(code + PRIV(OP_lengths)[c], TRUE))
2405 {
2406 const pcre_uchar *ccode;
2407
2408 c = *code;
2409
2410 /* Skip over forward assertions; the other assertions are skipped by
2411 first_significant_code() with a TRUE final argument. */
2412
2413 if (c == OP_ASSERT)
2414 {
2415 do code += GET(code, 1); while (*code == OP_ALT);
2416 c = *code;
2417 continue;
2418 }
2419
2420 /* For a recursion/subroutine call, if its end has been reached, which
2421 implies a backward reference subroutine call, we can scan it. If it's a
2422 forward reference subroutine call, we can't. To detect forward reference
2423 we have to scan up the list that is kept in the workspace. This function is
2424 called only when doing the real compile, not during the pre-compile that
2425 measures the size of the compiled pattern. */
2426
2427 if (c == OP_RECURSE)
2428 {
2429 const pcre_uchar *scode = cd->start_code + GET(code, 1);
2430 const pcre_uchar *endgroup = scode;
2431 BOOL empty_branch;
2432
2433 /* Test for forward reference or uncompleted reference. This is disabled
2434 when called to scan a completed pattern by setting cd->start_workspace to
2435 NULL. */
2436
2437 if (cd->start_workspace != NULL)
2438 {
2439 const pcre_uchar *tcode;
2440 for (tcode = cd->start_workspace; tcode < cd->hwm; tcode += LINK_SIZE)
2441 if ((int)GET(tcode, 0) == (int)(code + 1 - cd->start_code)) return TRUE;
2442 if (GET(scode, 1) == 0) return TRUE; /* Unclosed */
2443 }
2444
2445 /* If the reference is to a completed group, we need to detect whether this
2446 is a recursive call, as otherwise there will be an infinite loop. If it is
2447 a recursion, just skip over it. Simple recursions are easily detected. For
2448 mutual recursions we keep a chain on the stack. */
2449
2450 do endgroup += GET(endgroup, 1); while (*endgroup == OP_ALT);
2451 if (code >= scode && code <= endgroup) continue; /* Simple recursion */
2452 else
2453 {
2454 recurse_check *r = recurses;
2455 for (r = recurses; r != NULL; r = r->prev)
2456 if (r->group == scode) break;
2457 if (r != NULL) continue; /* Mutual recursion */
2458 }
2459
2460 /* Completed reference; scan the referenced group, remembering it on the
2461 stack chain to detect mutual recursions. */
2462
2463 empty_branch = FALSE;
2464 this_recurse.prev = recurses;
2465 this_recurse.group = scode;
2466
2467 do
2468 {
2469 if (could_be_empty_branch(scode, endcode, utf, cd, &this_recurse))
2470 {
2471 empty_branch = TRUE;
2472 break;
2473 }
2474 scode += GET(scode, 1);
2475 }
2476 while (*scode == OP_ALT);
2477
2478 if (!empty_branch) return FALSE; /* All branches are non-empty */
2479 continue;
2480 }
2481
2482 /* Groups with zero repeats can of course be empty; skip them. */
2483
2484 if (c == OP_BRAZERO || c == OP_BRAMINZERO || c == OP_SKIPZERO ||
2485 c == OP_BRAPOSZERO)
2486 {
2487 code += PRIV(OP_lengths)[c];
2488 do code += GET(code, 1); while (*code == OP_ALT);
2489 c = *code;
2490 continue;
2491 }
2492
2493 /* A nested group that is already marked as "could be empty" can just be
2494 skipped. */
2495
2496 if (c == OP_SBRA || c == OP_SBRAPOS ||
2497 c == OP_SCBRA || c == OP_SCBRAPOS)
2498 {
2499 do code += GET(code, 1); while (*code == OP_ALT);
2500 c = *code;
2501 continue;
2502 }
2503
2504 /* For other groups, scan the branches. */
2505
2506 if (c == OP_BRA || c == OP_BRAPOS ||
2507 c == OP_CBRA || c == OP_CBRAPOS ||
2508 c == OP_ONCE || c == OP_ONCE_NC ||
2509 c == OP_COND || c == OP_SCOND)
2510 {
2511 BOOL empty_branch;
2512 if (GET(code, 1) == 0) return TRUE; /* Hit unclosed bracket */
2513
2514 /* If a conditional group has only one branch, there is a second, implied,
2515 empty branch, so just skip over the conditional, because it could be empty.
2516 Otherwise, scan the individual branches of the group. */
2517
2518 if (c == OP_COND && code[GET(code, 1)] != OP_ALT)
2519 code += GET(code, 1);
2520 else
2521 {
2522 empty_branch = FALSE;
2523 do
2524 {
2525 if (!empty_branch && could_be_empty_branch(code, endcode, utf, cd,
2526 recurses)) empty_branch = TRUE;
2527 code += GET(code, 1);
2528 }
2529 while (*code == OP_ALT);
2530 if (!empty_branch) return FALSE; /* All branches are non-empty */
2531 }
2532
2533 c = *code;
2534 continue;
2535 }
2536
2537 /* Handle the other opcodes */
2538
2539 switch (c)
2540 {
2541 /* Check for quantifiers after a class. XCLASS is used for classes that
2542 cannot be represented just by a bit map. This includes negated single
2543 high-valued characters. The length in PRIV(OP_lengths)[] is zero; the
2544 actual length is stored in the compiled code, so we must update "code"
2545 here. */
2546
2547 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
2548 case OP_XCLASS:
2549 ccode = code += GET(code, 1);
2550 goto CHECK_CLASS_REPEAT;
2551 #endif
2552
2553 case OP_CLASS:
2554 case OP_NCLASS:
2555 ccode = code + PRIV(OP_lengths)[OP_CLASS];
2556
2557 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
2558 CHECK_CLASS_REPEAT:
2559 #endif
2560
2561 switch (*ccode)
2562 {
2563 case OP_CRSTAR: /* These could be empty; continue */
2564 case OP_CRMINSTAR:
2565 case OP_CRQUERY:
2566 case OP_CRMINQUERY:
2567 case OP_CRPOSSTAR:
2568 case OP_CRPOSQUERY:
2569 break;
2570
2571 default: /* Non-repeat => class must match */
2572 case OP_CRPLUS: /* These repeats aren't empty */
2573 case OP_CRMINPLUS:
2574 case OP_CRPOSPLUS:
2575 return FALSE;
2576
2577 case OP_CRRANGE:
2578 case OP_CRMINRANGE:
2579 case OP_CRPOSRANGE:
2580 if (GET2(ccode, 1) > 0) return FALSE; /* Minimum > 0 */
2581 break;
2582 }
2583 break;
2584
2585 /* Opcodes that must match a character */
2586
2587 case OP_ANY:
2588 case OP_ALLANY:
2589 case OP_ANYBYTE:
2590
2591 case OP_PROP:
2592 case OP_NOTPROP:
2593 case OP_ANYNL:
2594
2595 case OP_NOT_HSPACE:
2596 case OP_HSPACE:
2597 case OP_NOT_VSPACE:
2598 case OP_VSPACE:
2599 case OP_EXTUNI:
2600
2601 case OP_NOT_DIGIT:
2602 case OP_DIGIT:
2603 case OP_NOT_WHITESPACE:
2604 case OP_WHITESPACE:
2605 case OP_NOT_WORDCHAR:
2606 case OP_WORDCHAR:
2607
2608 case OP_CHAR:
2609 case OP_CHARI:
2610 case OP_NOT:
2611 case OP_NOTI:
2612
2613 case OP_PLUS:
2614 case OP_PLUSI:
2615 case OP_MINPLUS:
2616 case OP_MINPLUSI:
2617
2618 case OP_NOTPLUS:
2619 case OP_NOTPLUSI:
2620 case OP_NOTMINPLUS:
2621 case OP_NOTMINPLUSI:
2622
2623 case OP_POSPLUS:
2624 case OP_POSPLUSI:
2625 case OP_NOTPOSPLUS:
2626 case OP_NOTPOSPLUSI:
2627
2628 case OP_EXACT:
2629 case OP_EXACTI:
2630 case OP_NOTEXACT:
2631 case OP_NOTEXACTI:
2632
2633 case OP_TYPEPLUS:
2634 case OP_TYPEMINPLUS:
2635 case OP_TYPEPOSPLUS:
2636 case OP_TYPEEXACT:
2637
2638 return FALSE;
2639
2640 /* These are going to continue, as they may be empty, but we have to
2641 fudge the length for the \p and \P cases. */
2642
2643 case OP_TYPESTAR:
2644 case OP_TYPEMINSTAR:
2645 case OP_TYPEPOSSTAR:
2646 case OP_TYPEQUERY:
2647 case OP_TYPEMINQUERY:
2648 case OP_TYPEPOSQUERY:
2649 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2650 break;
2651
2652 /* Same for these */
2653
2654 case OP_TYPEUPTO:
2655 case OP_TYPEMINUPTO:
2656 case OP_TYPEPOSUPTO:
2657 if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2658 code += 2;
2659 break;
2660
2661 /* End of branch */
2662
2663 case OP_KET:
2664 case OP_KETRMAX:
2665 case OP_KETRMIN:
2666 case OP_KETRPOS:
2667 case OP_ALT:
2668 return TRUE;
2669
2670 /* In UTF-8 mode, STAR, MINSTAR, POSSTAR, QUERY, MINQUERY, POSQUERY, UPTO,
2671 MINUPTO, and POSUPTO and their caseless and negative versions may be
2672 followed by a multibyte character. */
2673
2674 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2675 case OP_STAR:
2676 case OP_STARI:
2677 case OP_NOTSTAR:
2678 case OP_NOTSTARI:
2679
2680 case OP_MINSTAR:
2681 case OP_MINSTARI:
2682 case OP_NOTMINSTAR:
2683 case OP_NOTMINSTARI:
2684
2685 case OP_POSSTAR:
2686 case OP_POSSTARI:
2687 case OP_NOTPOSSTAR:
2688 case OP_NOTPOSSTARI:
2689
2690 case OP_QUERY:
2691 case OP_QUERYI:
2692 case OP_NOTQUERY:
2693 case OP_NOTQUERYI:
2694
2695 case OP_MINQUERY:
2696 case OP_MINQUERYI:
2697 case OP_NOTMINQUERY:
2698 case OP_NOTMINQUERYI:
2699
2700 case OP_POSQUERY:
2701 case OP_POSQUERYI:
2702 case OP_NOTPOSQUERY:
2703 case OP_NOTPOSQUERYI:
2704
2705 if (utf && HAS_EXTRALEN(code[1])) code += GET_EXTRALEN(code[1]);
2706 break;
2707
2708 case OP_UPTO:
2709 case OP_UPTOI:
2710 case OP_NOTUPTO:
2711 case OP_NOTUPTOI:
2712
2713 case OP_MINUPTO:
2714 case OP_MINUPTOI:
2715 case OP_NOTMINUPTO:
2716 case OP_NOTMINUPTOI:
2717
2718 case OP_POSUPTO:
2719 case OP_POSUPTOI:
2720 case OP_NOTPOSUPTO:
2721 case OP_NOTPOSUPTOI:
2722
2723 if (utf && HAS_EXTRALEN(code[1 + IMM2_SIZE])) code += GET_EXTRALEN(code[1 + IMM2_SIZE]);
2724 break;
2725 #endif
2726
2727 /* MARK, and PRUNE/SKIP/THEN with an argument must skip over the argument
2728 string. */
2729
2730 case OP_MARK:
2731 case OP_PRUNE_ARG:
2732 case OP_SKIP_ARG:
2733 case OP_THEN_ARG:
2734 code += code[1];
2735 break;
2736
2737 /* None of the remaining opcodes are required to match a character. */
2738
2739 default:
2740 break;
2741 }
2742 }
2743
2744 return TRUE;
2745 }
2746
2747
2748
2749 /*************************************************
2750 * Scan compiled regex for non-emptiness *
2751 *************************************************/
2752
2753 /* This function is called to check for left recursive calls. We want to check
2754 the current branch of the current pattern to see if it could match the empty
2755 string. If it could, we must look outwards for branches at other levels,
2756 stopping when we pass beyond the bracket which is the subject of the recursion.
2757 This function is called only during the real compile, not during the
2758 pre-compile.
2759
2760 Arguments:
2761 code points to start of the recursion
2762 endcode points to where to stop (current RECURSE item)
2763 bcptr points to the chain of current (unclosed) branch starts
2764 utf TRUE if in UTF-8 / UTF-16 / UTF-32 mode
2765 cd pointers to tables etc
2766
2767 Returns: TRUE if what is matched could be empty
2768 */
2769
2770 static BOOL
could_be_empty(const pcre_uchar * code,const pcre_uchar * endcode,branch_chain * bcptr,BOOL utf,compile_data * cd)2771 could_be_empty(const pcre_uchar *code, const pcre_uchar *endcode,
2772 branch_chain *bcptr, BOOL utf, compile_data *cd)
2773 {
2774 while (bcptr != NULL && bcptr->current_branch >= code)
2775 {
2776 if (!could_be_empty_branch(bcptr->current_branch, endcode, utf, cd, NULL))
2777 return FALSE;
2778 bcptr = bcptr->outer;
2779 }
2780 return TRUE;
2781 }
2782
2783
2784
2785 /*************************************************
2786 * Base opcode of repeated opcodes *
2787 *************************************************/
2788
2789 /* Returns the base opcode for repeated single character type opcodes. If the
2790 opcode is not a repeated character type, it returns with the original value.
2791
2792 Arguments: c opcode
2793 Returns: base opcode for the type
2794 */
2795
2796 static pcre_uchar
get_repeat_base(pcre_uchar c)2797 get_repeat_base(pcre_uchar c)
2798 {
2799 return (c > OP_TYPEPOSUPTO)? c :
2800 (c >= OP_TYPESTAR)? OP_TYPESTAR :
2801 (c >= OP_NOTSTARI)? OP_NOTSTARI :
2802 (c >= OP_NOTSTAR)? OP_NOTSTAR :
2803 (c >= OP_STARI)? OP_STARI :
2804 OP_STAR;
2805 }
2806
2807
2808
2809 #ifdef SUPPORT_UCP
2810 /*************************************************
2811 * Check a character and a property *
2812 *************************************************/
2813
2814 /* This function is called by check_auto_possessive() when a property item
2815 is adjacent to a fixed character.
2816
2817 Arguments:
2818 c the character
2819 ptype the property type
2820 pdata the data for the type
2821 negated TRUE if it's a negated property (\P or \p{^)
2822
2823 Returns: TRUE if auto-possessifying is OK
2824 */
2825
2826 static BOOL
check_char_prop(pcre_uint32 c,unsigned int ptype,unsigned int pdata,BOOL negated)2827 check_char_prop(pcre_uint32 c, unsigned int ptype, unsigned int pdata,
2828 BOOL negated)
2829 {
2830 const pcre_uint32 *p;
2831 const ucd_record *prop = GET_UCD(c);
2832
2833 switch(ptype)
2834 {
2835 case PT_LAMP:
2836 return (prop->chartype == ucp_Lu ||
2837 prop->chartype == ucp_Ll ||
2838 prop->chartype == ucp_Lt) == negated;
2839
2840 case PT_GC:
2841 return (pdata == PRIV(ucp_gentype)[prop->chartype]) == negated;
2842
2843 case PT_PC:
2844 return (pdata == prop->chartype) == negated;
2845
2846 case PT_SC:
2847 return (pdata == prop->script) == negated;
2848
2849 /* These are specials */
2850
2851 case PT_ALNUM:
2852 return (PRIV(ucp_gentype)[prop->chartype] == ucp_L ||
2853 PRIV(ucp_gentype)[prop->chartype] == ucp_N) == negated;
2854
2855 /* Perl space used to exclude VT, but from Perl 5.18 it is included, which
2856 means that Perl space and POSIX space are now identical. PCRE was changed
2857 at release 8.34. */
2858
2859 case PT_SPACE: /* Perl space */
2860 case PT_PXSPACE: /* POSIX space */
2861 switch(c)
2862 {
2863 HSPACE_CASES:
2864 VSPACE_CASES:
2865 return negated;
2866
2867 default:
2868 return (PRIV(ucp_gentype)[prop->chartype] == ucp_Z) == negated;
2869 }
2870 break; /* Control never reaches here */
2871
2872 case PT_WORD:
2873 return (PRIV(ucp_gentype)[prop->chartype] == ucp_L ||
2874 PRIV(ucp_gentype)[prop->chartype] == ucp_N ||
2875 c == CHAR_UNDERSCORE) == negated;
2876
2877 case PT_CLIST:
2878 p = PRIV(ucd_caseless_sets) + prop->caseset;
2879 for (;;)
2880 {
2881 if (c < *p) return !negated;
2882 if (c == *p++) return negated;
2883 }
2884 break; /* Control never reaches here */
2885 }
2886
2887 return FALSE;
2888 }
2889 #endif /* SUPPORT_UCP */
2890
2891
2892
2893 /*************************************************
2894 * Fill the character property list *
2895 *************************************************/
2896
2897 /* Checks whether the code points to an opcode that can take part in auto-
2898 possessification, and if so, fills a list with its properties.
2899
2900 Arguments:
2901 code points to start of expression
2902 utf TRUE if in UTF-8 / UTF-16 / UTF-32 mode
2903 fcc points to case-flipping table
2904 list points to output list
2905 list[0] will be filled with the opcode
2906 list[1] will be non-zero if this opcode
2907 can match an empty character string
2908 list[2..7] depends on the opcode
2909
2910 Returns: points to the start of the next opcode if *code is accepted
2911 NULL if *code is not accepted
2912 */
2913
2914 static const pcre_uchar *
get_chr_property_list(const pcre_uchar * code,BOOL utf,const pcre_uint8 * fcc,pcre_uint32 * list)2915 get_chr_property_list(const pcre_uchar *code, BOOL utf,
2916 const pcre_uint8 *fcc, pcre_uint32 *list)
2917 {
2918 pcre_uchar c = *code;
2919 pcre_uchar base;
2920 const pcre_uchar *end;
2921 pcre_uint32 chr;
2922
2923 #ifdef SUPPORT_UCP
2924 pcre_uint32 *clist_dest;
2925 const pcre_uint32 *clist_src;
2926 #else
2927 utf = utf; /* Suppress "unused parameter" compiler warning */
2928 #endif
2929
2930 list[0] = c;
2931 list[1] = FALSE;
2932 code++;
2933
2934 if (c >= OP_STAR && c <= OP_TYPEPOSUPTO)
2935 {
2936 base = get_repeat_base(c);
2937 c -= (base - OP_STAR);
2938
2939 if (c == OP_UPTO || c == OP_MINUPTO || c == OP_EXACT || c == OP_POSUPTO)
2940 code += IMM2_SIZE;
2941
2942 list[1] = (c != OP_PLUS && c != OP_MINPLUS && c != OP_EXACT && c != OP_POSPLUS);
2943
2944 switch(base)
2945 {
2946 case OP_STAR:
2947 list[0] = OP_CHAR;
2948 break;
2949
2950 case OP_STARI:
2951 list[0] = OP_CHARI;
2952 break;
2953
2954 case OP_NOTSTAR:
2955 list[0] = OP_NOT;
2956 break;
2957
2958 case OP_NOTSTARI:
2959 list[0] = OP_NOTI;
2960 break;
2961
2962 case OP_TYPESTAR:
2963 list[0] = *code;
2964 code++;
2965 break;
2966 }
2967 c = list[0];
2968 }
2969
2970 switch(c)
2971 {
2972 case OP_NOT_DIGIT:
2973 case OP_DIGIT:
2974 case OP_NOT_WHITESPACE:
2975 case OP_WHITESPACE:
2976 case OP_NOT_WORDCHAR:
2977 case OP_WORDCHAR:
2978 case OP_ANY:
2979 case OP_ALLANY:
2980 case OP_ANYNL:
2981 case OP_NOT_HSPACE:
2982 case OP_HSPACE:
2983 case OP_NOT_VSPACE:
2984 case OP_VSPACE:
2985 case OP_EXTUNI:
2986 case OP_EODN:
2987 case OP_EOD:
2988 case OP_DOLL:
2989 case OP_DOLLM:
2990 return code;
2991
2992 case OP_CHAR:
2993 case OP_NOT:
2994 GETCHARINCTEST(chr, code);
2995 list[2] = chr;
2996 list[3] = NOTACHAR;
2997 return code;
2998
2999 case OP_CHARI:
3000 case OP_NOTI:
3001 list[0] = (c == OP_CHARI) ? OP_CHAR : OP_NOT;
3002 GETCHARINCTEST(chr, code);
3003 list[2] = chr;
3004
3005 #ifdef SUPPORT_UCP
3006 if (chr < 128 || (chr < 256 && !utf))
3007 list[3] = fcc[chr];
3008 else
3009 list[3] = UCD_OTHERCASE(chr);
3010 #elif defined SUPPORT_UTF || !defined COMPILE_PCRE8
3011 list[3] = (chr < 256) ? fcc[chr] : chr;
3012 #else
3013 list[3] = fcc[chr];
3014 #endif
3015
3016 /* The othercase might be the same value. */
3017
3018 if (chr == list[3])
3019 list[3] = NOTACHAR;
3020 else
3021 list[4] = NOTACHAR;
3022 return code;
3023
3024 #ifdef SUPPORT_UCP
3025 case OP_PROP:
3026 case OP_NOTPROP:
3027 if (code[0] != PT_CLIST)
3028 {
3029 list[2] = code[0];
3030 list[3] = code[1];
3031 return code + 2;
3032 }
3033
3034 /* Convert only if we have enough space. */
3035
3036 clist_src = PRIV(ucd_caseless_sets) + code[1];
3037 clist_dest = list + 2;
3038 code += 2;
3039
3040 do {
3041 if (clist_dest >= list + 8)
3042 {
3043 /* Early return if there is not enough space. This should never
3044 happen, since all clists are shorter than 5 character now. */
3045 list[2] = code[0];
3046 list[3] = code[1];
3047 return code;
3048 }
3049 *clist_dest++ = *clist_src;
3050 }
3051 while(*clist_src++ != NOTACHAR);
3052
3053 /* All characters are stored. The terminating NOTACHAR
3054 is copied form the clist itself. */
3055
3056 list[0] = (c == OP_PROP) ? OP_CHAR : OP_NOT;
3057 return code;
3058 #endif
3059
3060 case OP_NCLASS:
3061 case OP_CLASS:
3062 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3063 case OP_XCLASS:
3064 if (c == OP_XCLASS)
3065 end = code + GET(code, 0) - 1;
3066 else
3067 #endif
3068 end = code + 32 / sizeof(pcre_uchar);
3069
3070 switch(*end)
3071 {
3072 case OP_CRSTAR:
3073 case OP_CRMINSTAR:
3074 case OP_CRQUERY:
3075 case OP_CRMINQUERY:
3076 case OP_CRPOSSTAR:
3077 case OP_CRPOSQUERY:
3078 list[1] = TRUE;
3079 end++;
3080 break;
3081
3082 case OP_CRPLUS:
3083 case OP_CRMINPLUS:
3084 case OP_CRPOSPLUS:
3085 end++;
3086 break;
3087
3088 case OP_CRRANGE:
3089 case OP_CRMINRANGE:
3090 case OP_CRPOSRANGE:
3091 list[1] = (GET2(end, 1) == 0);
3092 end += 1 + 2 * IMM2_SIZE;
3093 break;
3094 }
3095 list[2] = (pcre_uint32)(end - code);
3096 return end;
3097 }
3098 return NULL; /* Opcode not accepted */
3099 }
3100
3101
3102
3103 /*************************************************
3104 * Scan further character sets for match *
3105 *************************************************/
3106
3107 /* Checks whether the base and the current opcode have a common character, in
3108 which case the base cannot be possessified.
3109
3110 Arguments:
3111 code points to the byte code
3112 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
3113 cd static compile data
3114 base_list the data list of the base opcode
3115
3116 Returns: TRUE if the auto-possessification is possible
3117 */
3118
3119 static BOOL
compare_opcodes(const pcre_uchar * code,BOOL utf,const compile_data * cd,const pcre_uint32 * base_list,const pcre_uchar * base_end,int * rec_limit)3120 compare_opcodes(const pcre_uchar *code, BOOL utf, const compile_data *cd,
3121 const pcre_uint32 *base_list, const pcre_uchar *base_end, int *rec_limit)
3122 {
3123 pcre_uchar c;
3124 pcre_uint32 list[8];
3125 const pcre_uint32 *chr_ptr;
3126 const pcre_uint32 *ochr_ptr;
3127 const pcre_uint32 *list_ptr;
3128 const pcre_uchar *next_code;
3129 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3130 const pcre_uchar *xclass_flags;
3131 #endif
3132 const pcre_uint8 *class_bitset;
3133 const pcre_uint8 *set1, *set2, *set_end;
3134 pcre_uint32 chr;
3135 BOOL accepted, invert_bits;
3136 BOOL entered_a_group = FALSE;
3137
3138 if (*rec_limit == 0) return FALSE;
3139 --(*rec_limit);
3140
3141 /* Note: the base_list[1] contains whether the current opcode has greedy
3142 (represented by a non-zero value) quantifier. This is a different from
3143 other character type lists, which stores here that the character iterator
3144 matches to an empty string (also represented by a non-zero value). */
3145
3146 for(;;)
3147 {
3148 /* All operations move the code pointer forward.
3149 Therefore infinite recursions are not possible. */
3150
3151 c = *code;
3152
3153 /* Skip over callouts */
3154
3155 if (c == OP_CALLOUT)
3156 {
3157 code += PRIV(OP_lengths)[c];
3158 continue;
3159 }
3160
3161 if (c == OP_ALT)
3162 {
3163 do code += GET(code, 1); while (*code == OP_ALT);
3164 c = *code;
3165 }
3166
3167 switch(c)
3168 {
3169 case OP_END:
3170 case OP_KETRPOS:
3171 /* TRUE only in greedy case. The non-greedy case could be replaced by
3172 an OP_EXACT, but it is probably not worth it. (And note that OP_EXACT
3173 uses more memory, which we cannot get at this stage.) */
3174
3175 return base_list[1] != 0;
3176
3177 case OP_KET:
3178 /* If the bracket is capturing, and referenced by an OP_RECURSE, or
3179 it is an atomic sub-pattern (assert, once, etc.) the non-greedy case
3180 cannot be converted to a possessive form. */
3181
3182 if (base_list[1] == 0) return FALSE;
3183
3184 switch(*(code - GET(code, 1)))
3185 {
3186 case OP_ASSERT:
3187 case OP_ASSERT_NOT:
3188 case OP_ASSERTBACK:
3189 case OP_ASSERTBACK_NOT:
3190 case OP_ONCE:
3191 case OP_ONCE_NC:
3192 /* Atomic sub-patterns and assertions can always auto-possessify their
3193 last iterator. However, if the group was entered as a result of checking
3194 a previous iterator, this is not possible. */
3195
3196 return !entered_a_group;
3197 }
3198
3199 code += PRIV(OP_lengths)[c];
3200 continue;
3201
3202 case OP_ONCE:
3203 case OP_ONCE_NC:
3204 case OP_BRA:
3205 case OP_CBRA:
3206 next_code = code + GET(code, 1);
3207 code += PRIV(OP_lengths)[c];
3208
3209 while (*next_code == OP_ALT)
3210 {
3211 if (!compare_opcodes(code, utf, cd, base_list, base_end, rec_limit))
3212 return FALSE;
3213 code = next_code + 1 + LINK_SIZE;
3214 next_code += GET(next_code, 1);
3215 }
3216
3217 entered_a_group = TRUE;
3218 continue;
3219
3220 case OP_BRAZERO:
3221 case OP_BRAMINZERO:
3222
3223 next_code = code + 1;
3224 if (*next_code != OP_BRA && *next_code != OP_CBRA
3225 && *next_code != OP_ONCE && *next_code != OP_ONCE_NC) return FALSE;
3226
3227 do next_code += GET(next_code, 1); while (*next_code == OP_ALT);
3228
3229 /* The bracket content will be checked by the
3230 OP_BRA/OP_CBRA case above. */
3231 next_code += 1 + LINK_SIZE;
3232 if (!compare_opcodes(next_code, utf, cd, base_list, base_end, rec_limit))
3233 return FALSE;
3234
3235 code += PRIV(OP_lengths)[c];
3236 continue;
3237
3238 default:
3239 break;
3240 }
3241
3242 /* Check for a supported opcode, and load its properties. */
3243
3244 code = get_chr_property_list(code, utf, cd->fcc, list);
3245 if (code == NULL) return FALSE; /* Unsupported */
3246
3247 /* If either opcode is a small character list, set pointers for comparing
3248 characters from that list with another list, or with a property. */
3249
3250 if (base_list[0] == OP_CHAR)
3251 {
3252 chr_ptr = base_list + 2;
3253 list_ptr = list;
3254 }
3255 else if (list[0] == OP_CHAR)
3256 {
3257 chr_ptr = list + 2;
3258 list_ptr = base_list;
3259 }
3260
3261 /* Character bitsets can also be compared to certain opcodes. */
3262
3263 else if (base_list[0] == OP_CLASS || list[0] == OP_CLASS
3264 #ifdef COMPILE_PCRE8
3265 /* In 8 bit, non-UTF mode, OP_CLASS and OP_NCLASS are the same. */
3266 || (!utf && (base_list[0] == OP_NCLASS || list[0] == OP_NCLASS))
3267 #endif
3268 )
3269 {
3270 #ifdef COMPILE_PCRE8
3271 if (base_list[0] == OP_CLASS || (!utf && base_list[0] == OP_NCLASS))
3272 #else
3273 if (base_list[0] == OP_CLASS)
3274 #endif
3275 {
3276 set1 = (pcre_uint8 *)(base_end - base_list[2]);
3277 list_ptr = list;
3278 }
3279 else
3280 {
3281 set1 = (pcre_uint8 *)(code - list[2]);
3282 list_ptr = base_list;
3283 }
3284
3285 invert_bits = FALSE;
3286 switch(list_ptr[0])
3287 {
3288 case OP_CLASS:
3289 case OP_NCLASS:
3290 set2 = (pcre_uint8 *)
3291 ((list_ptr == list ? code : base_end) - list_ptr[2]);
3292 break;
3293
3294 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3295 case OP_XCLASS:
3296 xclass_flags = (list_ptr == list ? code : base_end) - list_ptr[2] + LINK_SIZE;
3297 if ((*xclass_flags & XCL_HASPROP) != 0) return FALSE;
3298 if ((*xclass_flags & XCL_MAP) == 0)
3299 {
3300 /* No bits are set for characters < 256. */
3301 if (list[1] == 0) return TRUE;
3302 /* Might be an empty repeat. */
3303 continue;
3304 }
3305 set2 = (pcre_uint8 *)(xclass_flags + 1);
3306 break;
3307 #endif
3308
3309 case OP_NOT_DIGIT:
3310 invert_bits = TRUE;
3311 /* Fall through */
3312 case OP_DIGIT:
3313 set2 = (pcre_uint8 *)(cd->cbits + cbit_digit);
3314 break;
3315
3316 case OP_NOT_WHITESPACE:
3317 invert_bits = TRUE;
3318 /* Fall through */
3319 case OP_WHITESPACE:
3320 set2 = (pcre_uint8 *)(cd->cbits + cbit_space);
3321 break;
3322
3323 case OP_NOT_WORDCHAR:
3324 invert_bits = TRUE;
3325 /* Fall through */
3326 case OP_WORDCHAR:
3327 set2 = (pcre_uint8 *)(cd->cbits + cbit_word);
3328 break;
3329
3330 default:
3331 return FALSE;
3332 }
3333
3334 /* Because the sets are unaligned, we need
3335 to perform byte comparison here. */
3336 set_end = set1 + 32;
3337 if (invert_bits)
3338 {
3339 do
3340 {
3341 if ((*set1++ & ~(*set2++)) != 0) return FALSE;
3342 }
3343 while (set1 < set_end);
3344 }
3345 else
3346 {
3347 do
3348 {
3349 if ((*set1++ & *set2++) != 0) return FALSE;
3350 }
3351 while (set1 < set_end);
3352 }
3353
3354 if (list[1] == 0) return TRUE;
3355 /* Might be an empty repeat. */
3356 continue;
3357 }
3358
3359 /* Some property combinations also acceptable. Unicode property opcodes are
3360 processed specially; the rest can be handled with a lookup table. */
3361
3362 else
3363 {
3364 pcre_uint32 leftop, rightop;
3365
3366 leftop = base_list[0];
3367 rightop = list[0];
3368
3369 #ifdef SUPPORT_UCP
3370 accepted = FALSE; /* Always set in non-unicode case. */
3371 if (leftop == OP_PROP || leftop == OP_NOTPROP)
3372 {
3373 if (rightop == OP_EOD)
3374 accepted = TRUE;
3375 else if (rightop == OP_PROP || rightop == OP_NOTPROP)
3376 {
3377 int n;
3378 const pcre_uint8 *p;
3379 BOOL same = leftop == rightop;
3380 BOOL lisprop = leftop == OP_PROP;
3381 BOOL risprop = rightop == OP_PROP;
3382 BOOL bothprop = lisprop && risprop;
3383
3384 /* There's a table that specifies how each combination is to be
3385 processed:
3386 0 Always return FALSE (never auto-possessify)
3387 1 Character groups are distinct (possessify if both are OP_PROP)
3388 2 Check character categories in the same group (general or particular)
3389 3 Return TRUE if the two opcodes are not the same
3390 ... see comments below
3391 */
3392
3393 n = propposstab[base_list[2]][list[2]];
3394 switch(n)
3395 {
3396 case 0: break;
3397 case 1: accepted = bothprop; break;
3398 case 2: accepted = (base_list[3] == list[3]) != same; break;
3399 case 3: accepted = !same; break;
3400
3401 case 4: /* Left general category, right particular category */
3402 accepted = risprop && catposstab[base_list[3]][list[3]] == same;
3403 break;
3404
3405 case 5: /* Right general category, left particular category */
3406 accepted = lisprop && catposstab[list[3]][base_list[3]] == same;
3407 break;
3408
3409 /* This code is logically tricky. Think hard before fiddling with it.
3410 The posspropstab table has four entries per row. Each row relates to
3411 one of PCRE's special properties such as ALNUM or SPACE or WORD.
3412 Only WORD actually needs all four entries, but using repeats for the
3413 others means they can all use the same code below.
3414
3415 The first two entries in each row are Unicode general categories, and
3416 apply always, because all the characters they include are part of the
3417 PCRE character set. The third and fourth entries are a general and a
3418 particular category, respectively, that include one or more relevant
3419 characters. One or the other is used, depending on whether the check
3420 is for a general or a particular category. However, in both cases the
3421 category contains more characters than the specials that are defined
3422 for the property being tested against. Therefore, it cannot be used
3423 in a NOTPROP case.
3424
3425 Example: the row for WORD contains ucp_L, ucp_N, ucp_P, ucp_Po.
3426 Underscore is covered by ucp_P or ucp_Po. */
3427
3428 case 6: /* Left alphanum vs right general category */
3429 case 7: /* Left space vs right general category */
3430 case 8: /* Left word vs right general category */
3431 p = posspropstab[n-6];
3432 accepted = risprop && lisprop ==
3433 (list[3] != p[0] &&
3434 list[3] != p[1] &&
3435 (list[3] != p[2] || !lisprop));
3436 break;
3437
3438 case 9: /* Right alphanum vs left general category */
3439 case 10: /* Right space vs left general category */
3440 case 11: /* Right word vs left general category */
3441 p = posspropstab[n-9];
3442 accepted = lisprop && risprop ==
3443 (base_list[3] != p[0] &&
3444 base_list[3] != p[1] &&
3445 (base_list[3] != p[2] || !risprop));
3446 break;
3447
3448 case 12: /* Left alphanum vs right particular category */
3449 case 13: /* Left space vs right particular category */
3450 case 14: /* Left word vs right particular category */
3451 p = posspropstab[n-12];
3452 accepted = risprop && lisprop ==
3453 (catposstab[p[0]][list[3]] &&
3454 catposstab[p[1]][list[3]] &&
3455 (list[3] != p[3] || !lisprop));
3456 break;
3457
3458 case 15: /* Right alphanum vs left particular category */
3459 case 16: /* Right space vs left particular category */
3460 case 17: /* Right word vs left particular category */
3461 p = posspropstab[n-15];
3462 accepted = lisprop && risprop ==
3463 (catposstab[p[0]][base_list[3]] &&
3464 catposstab[p[1]][base_list[3]] &&
3465 (base_list[3] != p[3] || !risprop));
3466 break;
3467 }
3468 }
3469 }
3470
3471 else
3472 #endif /* SUPPORT_UCP */
3473
3474 accepted = leftop >= FIRST_AUTOTAB_OP && leftop <= LAST_AUTOTAB_LEFT_OP &&
3475 rightop >= FIRST_AUTOTAB_OP && rightop <= LAST_AUTOTAB_RIGHT_OP &&
3476 autoposstab[leftop - FIRST_AUTOTAB_OP][rightop - FIRST_AUTOTAB_OP];
3477
3478 if (!accepted) return FALSE;
3479
3480 if (list[1] == 0) return TRUE;
3481 /* Might be an empty repeat. */
3482 continue;
3483 }
3484
3485 /* Control reaches here only if one of the items is a small character list.
3486 All characters are checked against the other side. */
3487
3488 do
3489 {
3490 chr = *chr_ptr;
3491
3492 switch(list_ptr[0])
3493 {
3494 case OP_CHAR:
3495 ochr_ptr = list_ptr + 2;
3496 do
3497 {
3498 if (chr == *ochr_ptr) return FALSE;
3499 ochr_ptr++;
3500 }
3501 while(*ochr_ptr != NOTACHAR);
3502 break;
3503
3504 case OP_NOT:
3505 ochr_ptr = list_ptr + 2;
3506 do
3507 {
3508 if (chr == *ochr_ptr)
3509 break;
3510 ochr_ptr++;
3511 }
3512 while(*ochr_ptr != NOTACHAR);
3513 if (*ochr_ptr == NOTACHAR) return FALSE; /* Not found */
3514 break;
3515
3516 /* Note that OP_DIGIT etc. are generated only when PCRE_UCP is *not*
3517 set. When it is set, \d etc. are converted into OP_(NOT_)PROP codes. */
3518
3519 case OP_DIGIT:
3520 if (chr < 256 && (cd->ctypes[chr] & ctype_digit) != 0) return FALSE;
3521 break;
3522
3523 case OP_NOT_DIGIT:
3524 if (chr > 255 || (cd->ctypes[chr] & ctype_digit) == 0) return FALSE;
3525 break;
3526
3527 case OP_WHITESPACE:
3528 if (chr < 256 && (cd->ctypes[chr] & ctype_space) != 0) return FALSE;
3529 break;
3530
3531 case OP_NOT_WHITESPACE:
3532 if (chr > 255 || (cd->ctypes[chr] & ctype_space) == 0) return FALSE;
3533 break;
3534
3535 case OP_WORDCHAR:
3536 if (chr < 255 && (cd->ctypes[chr] & ctype_word) != 0) return FALSE;
3537 break;
3538
3539 case OP_NOT_WORDCHAR:
3540 if (chr > 255 || (cd->ctypes[chr] & ctype_word) == 0) return FALSE;
3541 break;
3542
3543 case OP_HSPACE:
3544 switch(chr)
3545 {
3546 HSPACE_CASES: return FALSE;
3547 default: break;
3548 }
3549 break;
3550
3551 case OP_NOT_HSPACE:
3552 switch(chr)
3553 {
3554 HSPACE_CASES: break;
3555 default: return FALSE;
3556 }
3557 break;
3558
3559 case OP_ANYNL:
3560 case OP_VSPACE:
3561 switch(chr)
3562 {
3563 VSPACE_CASES: return FALSE;
3564 default: break;
3565 }
3566 break;
3567
3568 case OP_NOT_VSPACE:
3569 switch(chr)
3570 {
3571 VSPACE_CASES: break;
3572 default: return FALSE;
3573 }
3574 break;
3575
3576 case OP_DOLL:
3577 case OP_EODN:
3578 switch (chr)
3579 {
3580 case CHAR_CR:
3581 case CHAR_LF:
3582 case CHAR_VT:
3583 case CHAR_FF:
3584 case CHAR_NEL:
3585 #ifndef EBCDIC
3586 case 0x2028:
3587 case 0x2029:
3588 #endif /* Not EBCDIC */
3589 return FALSE;
3590 }
3591 break;
3592
3593 case OP_EOD: /* Can always possessify before \z */
3594 break;
3595
3596 #ifdef SUPPORT_UCP
3597 case OP_PROP:
3598 case OP_NOTPROP:
3599 if (!check_char_prop(chr, list_ptr[2], list_ptr[3],
3600 list_ptr[0] == OP_NOTPROP))
3601 return FALSE;
3602 break;
3603 #endif
3604
3605 case OP_NCLASS:
3606 if (chr > 255) return FALSE;
3607 /* Fall through */
3608
3609 case OP_CLASS:
3610 if (chr > 255) break;
3611 class_bitset = (pcre_uint8 *)
3612 ((list_ptr == list ? code : base_end) - list_ptr[2]);
3613 if ((class_bitset[chr >> 3] & (1 << (chr & 7))) != 0) return FALSE;
3614 break;
3615
3616 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3617 case OP_XCLASS:
3618 if (PRIV(xclass)(chr, (list_ptr == list ? code : base_end) -
3619 list_ptr[2] + LINK_SIZE, utf)) return FALSE;
3620 break;
3621 #endif
3622
3623 default:
3624 return FALSE;
3625 }
3626
3627 chr_ptr++;
3628 }
3629 while(*chr_ptr != NOTACHAR);
3630
3631 /* At least one character must be matched from this opcode. */
3632
3633 if (list[1] == 0) return TRUE;
3634 }
3635
3636 /* Control never reaches here. There used to be a fail-save return FALSE; here,
3637 but some compilers complain about an unreachable statement. */
3638
3639 }
3640
3641
3642
3643 /*************************************************
3644 * Scan compiled regex for auto-possession *
3645 *************************************************/
3646
3647 /* Replaces single character iterations with their possessive alternatives
3648 if appropriate. This function modifies the compiled opcode!
3649
3650 Arguments:
3651 code points to start of the byte code
3652 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
3653 cd static compile data
3654
3655 Returns: nothing
3656 */
3657
3658 static void
auto_possessify(pcre_uchar * code,BOOL utf,const compile_data * cd)3659 auto_possessify(pcre_uchar *code, BOOL utf, const compile_data *cd)
3660 {
3661 register pcre_uchar c;
3662 const pcre_uchar *end;
3663 pcre_uchar *repeat_opcode;
3664 pcre_uint32 list[8];
3665 int rec_limit;
3666
3667 for (;;)
3668 {
3669 c = *code;
3670
3671 /* When a pattern with bad UTF-8 encoding is compiled with NO_UTF_CHECK,
3672 it may compile without complaining, but may get into a loop here if the code
3673 pointer points to a bad value. This is, of course a documentated possibility,
3674 when NO_UTF_CHECK is set, so it isn't a bug, but we can detect this case and
3675 just give up on this optimization. */
3676
3677 if (c >= OP_TABLE_LENGTH) return;
3678
3679 if (c >= OP_STAR && c <= OP_TYPEPOSUPTO)
3680 {
3681 c -= get_repeat_base(c) - OP_STAR;
3682 end = (c <= OP_MINUPTO) ?
3683 get_chr_property_list(code, utf, cd->fcc, list) : NULL;
3684 list[1] = c == OP_STAR || c == OP_PLUS || c == OP_QUERY || c == OP_UPTO;
3685
3686 rec_limit = 1000;
3687 if (end != NULL && compare_opcodes(end, utf, cd, list, end, &rec_limit))
3688 {
3689 switch(c)
3690 {
3691 case OP_STAR:
3692 *code += OP_POSSTAR - OP_STAR;
3693 break;
3694
3695 case OP_MINSTAR:
3696 *code += OP_POSSTAR - OP_MINSTAR;
3697 break;
3698
3699 case OP_PLUS:
3700 *code += OP_POSPLUS - OP_PLUS;
3701 break;
3702
3703 case OP_MINPLUS:
3704 *code += OP_POSPLUS - OP_MINPLUS;
3705 break;
3706
3707 case OP_QUERY:
3708 *code += OP_POSQUERY - OP_QUERY;
3709 break;
3710
3711 case OP_MINQUERY:
3712 *code += OP_POSQUERY - OP_MINQUERY;
3713 break;
3714
3715 case OP_UPTO:
3716 *code += OP_POSUPTO - OP_UPTO;
3717 break;
3718
3719 case OP_MINUPTO:
3720 *code += OP_POSUPTO - OP_MINUPTO;
3721 break;
3722 }
3723 }
3724 c = *code;
3725 }
3726 else if (c == OP_CLASS || c == OP_NCLASS || c == OP_XCLASS)
3727 {
3728 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3729 if (c == OP_XCLASS)
3730 repeat_opcode = code + GET(code, 1);
3731 else
3732 #endif
3733 repeat_opcode = code + 1 + (32 / sizeof(pcre_uchar));
3734
3735 c = *repeat_opcode;
3736 if (c >= OP_CRSTAR && c <= OP_CRMINRANGE)
3737 {
3738 /* end must not be NULL. */
3739 end = get_chr_property_list(code, utf, cd->fcc, list);
3740
3741 list[1] = (c & 1) == 0;
3742
3743 rec_limit = 1000;
3744 if (compare_opcodes(end, utf, cd, list, end, &rec_limit))
3745 {
3746 switch (c)
3747 {
3748 case OP_CRSTAR:
3749 case OP_CRMINSTAR:
3750 *repeat_opcode = OP_CRPOSSTAR;
3751 break;
3752
3753 case OP_CRPLUS:
3754 case OP_CRMINPLUS:
3755 *repeat_opcode = OP_CRPOSPLUS;
3756 break;
3757
3758 case OP_CRQUERY:
3759 case OP_CRMINQUERY:
3760 *repeat_opcode = OP_CRPOSQUERY;
3761 break;
3762
3763 case OP_CRRANGE:
3764 case OP_CRMINRANGE:
3765 *repeat_opcode = OP_CRPOSRANGE;
3766 break;
3767 }
3768 }
3769 }
3770 c = *code;
3771 }
3772
3773 switch(c)
3774 {
3775 case OP_END:
3776 return;
3777
3778 case OP_TYPESTAR:
3779 case OP_TYPEMINSTAR:
3780 case OP_TYPEPLUS:
3781 case OP_TYPEMINPLUS:
3782 case OP_TYPEQUERY:
3783 case OP_TYPEMINQUERY:
3784 case OP_TYPEPOSSTAR:
3785 case OP_TYPEPOSPLUS:
3786 case OP_TYPEPOSQUERY:
3787 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
3788 break;
3789
3790 case OP_TYPEUPTO:
3791 case OP_TYPEMINUPTO:
3792 case OP_TYPEEXACT:
3793 case OP_TYPEPOSUPTO:
3794 if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
3795 code += 2;
3796 break;
3797
3798 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3799 case OP_XCLASS:
3800 code += GET(code, 1);
3801 break;
3802 #endif
3803
3804 case OP_MARK:
3805 case OP_PRUNE_ARG:
3806 case OP_SKIP_ARG:
3807 case OP_THEN_ARG:
3808 code += code[1];
3809 break;
3810 }
3811
3812 /* Add in the fixed length from the table */
3813
3814 code += PRIV(OP_lengths)[c];
3815
3816 /* In UTF-8 mode, opcodes that are followed by a character may be followed by
3817 a multi-byte character. The length in the table is a minimum, so we have to
3818 arrange to skip the extra bytes. */
3819
3820 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
3821 if (utf) switch(c)
3822 {
3823 case OP_CHAR:
3824 case OP_CHARI:
3825 case OP_NOT:
3826 case OP_NOTI:
3827 case OP_STAR:
3828 case OP_MINSTAR:
3829 case OP_PLUS:
3830 case OP_MINPLUS:
3831 case OP_QUERY:
3832 case OP_MINQUERY:
3833 case OP_UPTO:
3834 case OP_MINUPTO:
3835 case OP_EXACT:
3836 case OP_POSSTAR:
3837 case OP_POSPLUS:
3838 case OP_POSQUERY:
3839 case OP_POSUPTO:
3840 case OP_STARI:
3841 case OP_MINSTARI:
3842 case OP_PLUSI:
3843 case OP_MINPLUSI:
3844 case OP_QUERYI:
3845 case OP_MINQUERYI:
3846 case OP_UPTOI:
3847 case OP_MINUPTOI:
3848 case OP_EXACTI:
3849 case OP_POSSTARI:
3850 case OP_POSPLUSI:
3851 case OP_POSQUERYI:
3852 case OP_POSUPTOI:
3853 case OP_NOTSTAR:
3854 case OP_NOTMINSTAR:
3855 case OP_NOTPLUS:
3856 case OP_NOTMINPLUS:
3857 case OP_NOTQUERY:
3858 case OP_NOTMINQUERY:
3859 case OP_NOTUPTO:
3860 case OP_NOTMINUPTO:
3861 case OP_NOTEXACT:
3862 case OP_NOTPOSSTAR:
3863 case OP_NOTPOSPLUS:
3864 case OP_NOTPOSQUERY:
3865 case OP_NOTPOSUPTO:
3866 case OP_NOTSTARI:
3867 case OP_NOTMINSTARI:
3868 case OP_NOTPLUSI:
3869 case OP_NOTMINPLUSI:
3870 case OP_NOTQUERYI:
3871 case OP_NOTMINQUERYI:
3872 case OP_NOTUPTOI:
3873 case OP_NOTMINUPTOI:
3874 case OP_NOTEXACTI:
3875 case OP_NOTPOSSTARI:
3876 case OP_NOTPOSPLUSI:
3877 case OP_NOTPOSQUERYI:
3878 case OP_NOTPOSUPTOI:
3879 if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);
3880 break;
3881 }
3882 #else
3883 (void)(utf); /* Keep compiler happy by referencing function argument */
3884 #endif
3885 }
3886 }
3887
3888
3889
3890 /*************************************************
3891 * Check for POSIX class syntax *
3892 *************************************************/
3893
3894 /* This function is called when the sequence "[:" or "[." or "[=" is
3895 encountered in a character class. It checks whether this is followed by a
3896 sequence of characters terminated by a matching ":]" or ".]" or "=]". If we
3897 reach an unescaped ']' without the special preceding character, return FALSE.
3898
3899 Originally, this function only recognized a sequence of letters between the
3900 terminators, but it seems that Perl recognizes any sequence of characters,
3901 though of course unknown POSIX names are subsequently rejected. Perl gives an
3902 "Unknown POSIX class" error for [:f\oo:] for example, where previously PCRE
3903 didn't consider this to be a POSIX class. Likewise for [:1234:].
3904
3905 The problem in trying to be exactly like Perl is in the handling of escapes. We
3906 have to be sure that [abc[:x\]pqr] is *not* treated as containing a POSIX
3907 class, but [abc[:x\]pqr:]] is (so that an error can be generated). The code
3908 below handles the special cases \\ and \], but does not try to do any other
3909 escape processing. This makes it different from Perl for cases such as
3910 [:l\ower:] where Perl recognizes it as the POSIX class "lower" but PCRE does
3911 not recognize "l\ower". This is a lesser evil than not diagnosing bad classes
3912 when Perl does, I think.
3913
3914 A user pointed out that PCRE was rejecting [:a[:digit:]] whereas Perl was not.
3915 It seems that the appearance of a nested POSIX class supersedes an apparent
3916 external class. For example, [:a[:digit:]b:] matches "a", "b", ":", or
3917 a digit.
3918
3919 In Perl, unescaped square brackets may also appear as part of class names. For
3920 example, [:a[:abc]b:] gives unknown POSIX class "[:abc]b:]". However, for
3921 [:a[:abc]b][b:] it gives unknown POSIX class "[:abc]b][b:]", which does not
3922 seem right at all. PCRE does not allow closing square brackets in POSIX class
3923 names.
3924
3925 Arguments:
3926 ptr pointer to the initial [
3927 endptr where to return the end pointer
3928
3929 Returns: TRUE or FALSE
3930 */
3931
3932 static BOOL
check_posix_syntax(const pcre_uchar * ptr,const pcre_uchar ** endptr)3933 check_posix_syntax(const pcre_uchar *ptr, const pcre_uchar **endptr)
3934 {
3935 pcre_uchar terminator; /* Don't combine these lines; the Solaris cc */
3936 terminator = *(++ptr); /* compiler warns about "non-constant" initializer. */
3937 for (++ptr; *ptr != CHAR_NULL; ptr++)
3938 {
3939 if (*ptr == CHAR_BACKSLASH &&
3940 (ptr[1] == CHAR_RIGHT_SQUARE_BRACKET ||
3941 ptr[1] == CHAR_BACKSLASH))
3942 ptr++;
3943 else if ((*ptr == CHAR_LEFT_SQUARE_BRACKET && ptr[1] == terminator) ||
3944 *ptr == CHAR_RIGHT_SQUARE_BRACKET) return FALSE;
3945 else if (*ptr == terminator && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
3946 {
3947 *endptr = ptr;
3948 return TRUE;
3949 }
3950 }
3951 return FALSE;
3952 }
3953
3954
3955
3956
3957 /*************************************************
3958 * Check POSIX class name *
3959 *************************************************/
3960
3961 /* This function is called to check the name given in a POSIX-style class entry
3962 such as [:alnum:].
3963
3964 Arguments:
3965 ptr points to the first letter
3966 len the length of the name
3967
3968 Returns: a value representing the name, or -1 if unknown
3969 */
3970
3971 static int
check_posix_name(const pcre_uchar * ptr,int len)3972 check_posix_name(const pcre_uchar *ptr, int len)
3973 {
3974 const char *pn = posix_names;
3975 register int yield = 0;
3976 while (posix_name_lengths[yield] != 0)
3977 {
3978 if (len == posix_name_lengths[yield] &&
3979 STRNCMP_UC_C8(ptr, pn, (unsigned int)len) == 0) return yield;
3980 pn += posix_name_lengths[yield] + 1;
3981 yield++;
3982 }
3983 return -1;
3984 }
3985
3986
3987 /*************************************************
3988 * Adjust OP_RECURSE items in repeated group *
3989 *************************************************/
3990
3991 /* OP_RECURSE items contain an offset from the start of the regex to the group
3992 that is referenced. This means that groups can be replicated for fixed
3993 repetition simply by copying (because the recursion is allowed to refer to
3994 earlier groups that are outside the current group). However, when a group is
3995 optional (i.e. the minimum quantifier is zero), OP_BRAZERO or OP_SKIPZERO is
3996 inserted before it, after it has been compiled. This means that any OP_RECURSE
3997 items within it that refer to the group itself or any contained groups have to
3998 have their offsets adjusted. That one of the jobs of this function. Before it
3999 is called, the partially compiled regex must be temporarily terminated with
4000 OP_END.
4001
4002 This function has been extended to cope with forward references for recursions
4003 and subroutine calls. It must check the list of such references for the
4004 group we are dealing with. If it finds that one of the recursions in the
4005 current group is on this list, it does not adjust the value in the reference
4006 (which is a group number). After the group has been scanned, all the offsets in
4007 the forward reference list for the group are adjusted.
4008
4009 Arguments:
4010 group points to the start of the group
4011 adjust the amount by which the group is to be moved
4012 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
4013 cd contains pointers to tables etc.
4014 save_hwm_offset the hwm forward reference offset at the start of the group
4015
4016 Returns: nothing
4017 */
4018
4019 static void
adjust_recurse(pcre_uchar * group,int adjust,BOOL utf,compile_data * cd,size_t save_hwm_offset)4020 adjust_recurse(pcre_uchar *group, int adjust, BOOL utf, compile_data *cd,
4021 size_t save_hwm_offset)
4022 {
4023 int offset;
4024 pcre_uchar *hc;
4025 pcre_uchar *ptr = group;
4026
4027 while ((ptr = (pcre_uchar *)find_recurse(ptr, utf)) != NULL)
4028 {
4029 for (hc = (pcre_uchar *)cd->start_workspace + save_hwm_offset; hc < cd->hwm;
4030 hc += LINK_SIZE)
4031 {
4032 offset = (int)GET(hc, 0);
4033 if (cd->start_code + offset == ptr + 1) break;
4034 }
4035
4036 /* If we have not found this recursion on the forward reference list, adjust
4037 the recursion's offset if it's after the start of this group. */
4038
4039 if (hc >= cd->hwm)
4040 {
4041 offset = (int)GET(ptr, 1);
4042 if (cd->start_code + offset >= group) PUT(ptr, 1, offset + adjust);
4043 }
4044
4045 ptr += 1 + LINK_SIZE;
4046 }
4047
4048 /* Now adjust all forward reference offsets for the group. */
4049
4050 for (hc = (pcre_uchar *)cd->start_workspace + save_hwm_offset; hc < cd->hwm;
4051 hc += LINK_SIZE)
4052 {
4053 offset = (int)GET(hc, 0);
4054 PUT(hc, 0, offset + adjust);
4055 }
4056 }
4057
4058
4059
4060 /*************************************************
4061 * Insert an automatic callout point *
4062 *************************************************/
4063
4064 /* This function is called when the PCRE_AUTO_CALLOUT option is set, to insert
4065 callout points before each pattern item.
4066
4067 Arguments:
4068 code current code pointer
4069 ptr current pattern pointer
4070 cd pointers to tables etc
4071
4072 Returns: new code pointer
4073 */
4074
4075 static pcre_uchar *
auto_callout(pcre_uchar * code,const pcre_uchar * ptr,compile_data * cd)4076 auto_callout(pcre_uchar *code, const pcre_uchar *ptr, compile_data *cd)
4077 {
4078 *code++ = OP_CALLOUT;
4079 *code++ = 255;
4080 PUT(code, 0, (int)(ptr - cd->start_pattern)); /* Pattern offset */
4081 PUT(code, LINK_SIZE, 0); /* Default length */
4082 return code + 2 * LINK_SIZE;
4083 }
4084
4085
4086
4087 /*************************************************
4088 * Complete a callout item *
4089 *************************************************/
4090
4091 /* A callout item contains the length of the next item in the pattern, which
4092 we can't fill in till after we have reached the relevant point. This is used
4093 for both automatic and manual callouts.
4094
4095 Arguments:
4096 previous_callout points to previous callout item
4097 ptr current pattern pointer
4098 cd pointers to tables etc
4099
4100 Returns: nothing
4101 */
4102
4103 static void
complete_callout(pcre_uchar * previous_callout,const pcre_uchar * ptr,compile_data * cd)4104 complete_callout(pcre_uchar *previous_callout, const pcre_uchar *ptr, compile_data *cd)
4105 {
4106 int length = (int)(ptr - cd->start_pattern - GET(previous_callout, 2));
4107 PUT(previous_callout, 2 + LINK_SIZE, length);
4108 }
4109
4110
4111
4112 #ifdef SUPPORT_UCP
4113 /*************************************************
4114 * Get othercase range *
4115 *************************************************/
4116
4117 /* This function is passed the start and end of a class range, in UTF-8 mode
4118 with UCP support. It searches up the characters, looking for ranges of
4119 characters in the "other" case. Each call returns the next one, updating the
4120 start address. A character with multiple other cases is returned on its own
4121 with a special return value.
4122
4123 Arguments:
4124 cptr points to starting character value; updated
4125 d end value
4126 ocptr where to put start of othercase range
4127 odptr where to put end of othercase range
4128
4129 Yield: -1 when no more
4130 0 when a range is returned
4131 >0 the CASESET offset for char with multiple other cases
4132 in this case, ocptr contains the original
4133 */
4134
4135 static int
get_othercase_range(pcre_uint32 * cptr,pcre_uint32 d,pcre_uint32 * ocptr,pcre_uint32 * odptr)4136 get_othercase_range(pcre_uint32 *cptr, pcre_uint32 d, pcre_uint32 *ocptr,
4137 pcre_uint32 *odptr)
4138 {
4139 pcre_uint32 c, othercase, next;
4140 unsigned int co;
4141
4142 /* Find the first character that has an other case. If it has multiple other
4143 cases, return its case offset value. */
4144
4145 for (c = *cptr; c <= d; c++)
4146 {
4147 if ((co = UCD_CASESET(c)) != 0)
4148 {
4149 *ocptr = c++; /* Character that has the set */
4150 *cptr = c; /* Rest of input range */
4151 return (int)co;
4152 }
4153 if ((othercase = UCD_OTHERCASE(c)) != c) break;
4154 }
4155
4156 if (c > d) return -1; /* Reached end of range */
4157
4158 /* Found a character that has a single other case. Search for the end of the
4159 range, which is either the end of the input range, or a character that has zero
4160 or more than one other cases. */
4161
4162 *ocptr = othercase;
4163 next = othercase + 1;
4164
4165 for (++c; c <= d; c++)
4166 {
4167 if ((co = UCD_CASESET(c)) != 0 || UCD_OTHERCASE(c) != next) break;
4168 next++;
4169 }
4170
4171 *odptr = next - 1; /* End of othercase range */
4172 *cptr = c; /* Rest of input range */
4173 return 0;
4174 }
4175 #endif /* SUPPORT_UCP */
4176
4177
4178
4179 /*************************************************
4180 * Add a character or range to a class *
4181 *************************************************/
4182
4183 /* This function packages up the logic of adding a character or range of
4184 characters to a class. The character values in the arguments will be within the
4185 valid values for the current mode (8-bit, 16-bit, UTF, etc). This function is
4186 mutually recursive with the function immediately below.
4187
4188 Arguments:
4189 classbits the bit map for characters < 256
4190 uchardptr points to the pointer for extra data
4191 options the options word
4192 cd contains pointers to tables etc.
4193 start start of range character
4194 end end of range character
4195
4196 Returns: the number of < 256 characters added
4197 the pointer to extra data is updated
4198 */
4199
4200 static int
add_to_class(pcre_uint8 * classbits,pcre_uchar ** uchardptr,int options,compile_data * cd,pcre_uint32 start,pcre_uint32 end)4201 add_to_class(pcre_uint8 *classbits, pcre_uchar **uchardptr, int options,
4202 compile_data *cd, pcre_uint32 start, pcre_uint32 end)
4203 {
4204 pcre_uint32 c;
4205 pcre_uint32 classbits_end = (end <= 0xff ? end : 0xff);
4206 int n8 = 0;
4207
4208 /* If caseless matching is required, scan the range and process alternate
4209 cases. In Unicode, there are 8-bit characters that have alternate cases that
4210 are greater than 255 and vice-versa. Sometimes we can just extend the original
4211 range. */
4212
4213 if ((options & PCRE_CASELESS) != 0)
4214 {
4215 #ifdef SUPPORT_UCP
4216 if ((options & PCRE_UTF8) != 0)
4217 {
4218 int rc;
4219 pcre_uint32 oc, od;
4220
4221 options &= ~PCRE_CASELESS; /* Remove for recursive calls */
4222 c = start;
4223
4224 while ((rc = get_othercase_range(&c, end, &oc, &od)) >= 0)
4225 {
4226 /* Handle a single character that has more than one other case. */
4227
4228 if (rc > 0) n8 += add_list_to_class(classbits, uchardptr, options, cd,
4229 PRIV(ucd_caseless_sets) + rc, oc);
4230
4231 /* Do nothing if the other case range is within the original range. */
4232
4233 else if (oc >= start && od <= end) continue;
4234
4235 /* Extend the original range if there is overlap, noting that if oc < c, we
4236 can't have od > end because a subrange is always shorter than the basic
4237 range. Otherwise, use a recursive call to add the additional range. */
4238
4239 else if (oc < start && od >= start - 1) start = oc; /* Extend downwards */
4240 else if (od > end && oc <= end + 1)
4241 {
4242 end = od; /* Extend upwards */
4243 if (end > classbits_end) classbits_end = (end <= 0xff ? end : 0xff);
4244 }
4245 else n8 += add_to_class(classbits, uchardptr, options, cd, oc, od);
4246 }
4247 }
4248 else
4249 #endif /* SUPPORT_UCP */
4250
4251 /* Not UTF-mode, or no UCP */
4252
4253 for (c = start; c <= classbits_end; c++)
4254 {
4255 SETBIT(classbits, cd->fcc[c]);
4256 n8++;
4257 }
4258 }
4259
4260 /* Now handle the original range. Adjust the final value according to the bit
4261 length - this means that the same lists of (e.g.) horizontal spaces can be used
4262 in all cases. */
4263
4264 #if defined COMPILE_PCRE8
4265 #ifdef SUPPORT_UTF
4266 if ((options & PCRE_UTF8) == 0)
4267 #endif
4268 if (end > 0xff) end = 0xff;
4269
4270 #elif defined COMPILE_PCRE16
4271 #ifdef SUPPORT_UTF
4272 if ((options & PCRE_UTF16) == 0)
4273 #endif
4274 if (end > 0xffff) end = 0xffff;
4275
4276 #endif /* COMPILE_PCRE[8|16] */
4277
4278 /* Use the bitmap for characters < 256. Otherwise use extra data.*/
4279
4280 for (c = start; c <= classbits_end; c++)
4281 {
4282 /* Regardless of start, c will always be <= 255. */
4283 SETBIT(classbits, c);
4284 n8++;
4285 }
4286
4287 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4288 if (start <= 0xff) start = 0xff + 1;
4289
4290 if (end >= start)
4291 {
4292 pcre_uchar *uchardata = *uchardptr;
4293 #ifdef SUPPORT_UTF
4294 if ((options & PCRE_UTF8) != 0) /* All UTFs use the same flag bit */
4295 {
4296 if (start < end)
4297 {
4298 *uchardata++ = XCL_RANGE;
4299 uchardata += PRIV(ord2utf)(start, uchardata);
4300 uchardata += PRIV(ord2utf)(end, uchardata);
4301 }
4302 else if (start == end)
4303 {
4304 *uchardata++ = XCL_SINGLE;
4305 uchardata += PRIV(ord2utf)(start, uchardata);
4306 }
4307 }
4308 else
4309 #endif /* SUPPORT_UTF */
4310
4311 /* Without UTF support, character values are constrained by the bit length,
4312 and can only be > 256 for 16-bit and 32-bit libraries. */
4313
4314 #ifdef COMPILE_PCRE8
4315 {}
4316 #else
4317 if (start < end)
4318 {
4319 *uchardata++ = XCL_RANGE;
4320 *uchardata++ = start;
4321 *uchardata++ = end;
4322 }
4323 else if (start == end)
4324 {
4325 *uchardata++ = XCL_SINGLE;
4326 *uchardata++ = start;
4327 }
4328 #endif
4329
4330 *uchardptr = uchardata; /* Updata extra data pointer */
4331 }
4332 #endif /* SUPPORT_UTF || !COMPILE_PCRE8 */
4333
4334 return n8; /* Number of 8-bit characters */
4335 }
4336
4337
4338
4339
4340 /*************************************************
4341 * Add a list of characters to a class *
4342 *************************************************/
4343
4344 /* This function is used for adding a list of case-equivalent characters to a
4345 class, and also for adding a list of horizontal or vertical whitespace. If the
4346 list is in order (which it should be), ranges of characters are detected and
4347 handled appropriately. This function is mutually recursive with the function
4348 above.
4349
4350 Arguments:
4351 classbits the bit map for characters < 256
4352 uchardptr points to the pointer for extra data
4353 options the options word
4354 cd contains pointers to tables etc.
4355 p points to row of 32-bit values, terminated by NOTACHAR
4356 except character to omit; this is used when adding lists of
4357 case-equivalent characters to avoid including the one we
4358 already know about
4359
4360 Returns: the number of < 256 characters added
4361 the pointer to extra data is updated
4362 */
4363
4364 static int
add_list_to_class(pcre_uint8 * classbits,pcre_uchar ** uchardptr,int options,compile_data * cd,const pcre_uint32 * p,unsigned int except)4365 add_list_to_class(pcre_uint8 *classbits, pcre_uchar **uchardptr, int options,
4366 compile_data *cd, const pcre_uint32 *p, unsigned int except)
4367 {
4368 int n8 = 0;
4369 while (p[0] < NOTACHAR)
4370 {
4371 int n = 0;
4372 if (p[0] != except)
4373 {
4374 while(p[n+1] == p[0] + n + 1) n++;
4375 n8 += add_to_class(classbits, uchardptr, options, cd, p[0], p[n]);
4376 }
4377 p += n + 1;
4378 }
4379 return n8;
4380 }
4381
4382
4383
4384 /*************************************************
4385 * Add characters not in a list to a class *
4386 *************************************************/
4387
4388 /* This function is used for adding the complement of a list of horizontal or
4389 vertical whitespace to a class. The list must be in order.
4390
4391 Arguments:
4392 classbits the bit map for characters < 256
4393 uchardptr points to the pointer for extra data
4394 options the options word
4395 cd contains pointers to tables etc.
4396 p points to row of 32-bit values, terminated by NOTACHAR
4397
4398 Returns: the number of < 256 characters added
4399 the pointer to extra data is updated
4400 */
4401
4402 static int
add_not_list_to_class(pcre_uint8 * classbits,pcre_uchar ** uchardptr,int options,compile_data * cd,const pcre_uint32 * p)4403 add_not_list_to_class(pcre_uint8 *classbits, pcre_uchar **uchardptr,
4404 int options, compile_data *cd, const pcre_uint32 *p)
4405 {
4406 BOOL utf = (options & PCRE_UTF8) != 0;
4407 int n8 = 0;
4408 if (p[0] > 0)
4409 n8 += add_to_class(classbits, uchardptr, options, cd, 0, p[0] - 1);
4410 while (p[0] < NOTACHAR)
4411 {
4412 while (p[1] == p[0] + 1) p++;
4413 n8 += add_to_class(classbits, uchardptr, options, cd, p[0] + 1,
4414 (p[1] == NOTACHAR) ? (utf ? 0x10ffffu : 0xffffffffu) : p[1] - 1);
4415 p++;
4416 }
4417 return n8;
4418 }
4419
4420
4421
4422 /*************************************************
4423 * Compile one branch *
4424 *************************************************/
4425
4426 /* Scan the pattern, compiling it into the a vector. If the options are
4427 changed during the branch, the pointer is used to change the external options
4428 bits. This function is used during the pre-compile phase when we are trying
4429 to find out the amount of memory needed, as well as during the real compile
4430 phase. The value of lengthptr distinguishes the two phases.
4431
4432 Arguments:
4433 optionsptr pointer to the option bits
4434 codeptr points to the pointer to the current code point
4435 ptrptr points to the current pattern pointer
4436 errorcodeptr points to error code variable
4437 firstcharptr place to put the first required character
4438 firstcharflagsptr place to put the first character flags, or a negative number
4439 reqcharptr place to put the last required character
4440 reqcharflagsptr place to put the last required character flags, or a negative number
4441 bcptr points to current branch chain
4442 cond_depth conditional nesting depth
4443 cd contains pointers to tables etc.
4444 lengthptr NULL during the real compile phase
4445 points to length accumulator during pre-compile phase
4446
4447 Returns: TRUE on success
4448 FALSE, with *errorcodeptr set non-zero on error
4449 */
4450
4451 static BOOL
compile_branch(int * optionsptr,pcre_uchar ** codeptr,const pcre_uchar ** ptrptr,int * errorcodeptr,pcre_uint32 * firstcharptr,pcre_int32 * firstcharflagsptr,pcre_uint32 * reqcharptr,pcre_int32 * reqcharflagsptr,branch_chain * bcptr,int cond_depth,compile_data * cd,int * lengthptr)4452 compile_branch(int *optionsptr, pcre_uchar **codeptr,
4453 const pcre_uchar **ptrptr, int *errorcodeptr,
4454 pcre_uint32 *firstcharptr, pcre_int32 *firstcharflagsptr,
4455 pcre_uint32 *reqcharptr, pcre_int32 *reqcharflagsptr,
4456 branch_chain *bcptr, int cond_depth,
4457 compile_data *cd, int *lengthptr)
4458 {
4459 int repeat_type, op_type;
4460 int repeat_min = 0, repeat_max = 0; /* To please picky compilers */
4461 int bravalue = 0;
4462 int greedy_default, greedy_non_default;
4463 pcre_uint32 firstchar, reqchar;
4464 pcre_int32 firstcharflags, reqcharflags;
4465 pcre_uint32 zeroreqchar, zerofirstchar;
4466 pcre_int32 zeroreqcharflags, zerofirstcharflags;
4467 pcre_int32 req_caseopt, reqvary, tempreqvary;
4468 int options = *optionsptr; /* May change dynamically */
4469 int after_manual_callout = 0;
4470 int length_prevgroup = 0;
4471 register pcre_uint32 c;
4472 int escape;
4473 register pcre_uchar *code = *codeptr;
4474 pcre_uchar *last_code = code;
4475 pcre_uchar *orig_code = code;
4476 pcre_uchar *tempcode;
4477 BOOL inescq = FALSE;
4478 BOOL groupsetfirstchar = FALSE;
4479 const pcre_uchar *ptr = *ptrptr;
4480 const pcre_uchar *tempptr;
4481 const pcre_uchar *nestptr = NULL;
4482 pcre_uchar *previous = NULL;
4483 pcre_uchar *previous_callout = NULL;
4484 size_t item_hwm_offset = 0;
4485 pcre_uint8 classbits[32];
4486
4487 /* We can fish out the UTF-8 setting once and for all into a BOOL, but we
4488 must not do this for other options (e.g. PCRE_EXTENDED) because they may change
4489 dynamically as we process the pattern. */
4490
4491 #ifdef SUPPORT_UTF
4492 /* PCRE_UTF[16|32] have the same value as PCRE_UTF8. */
4493 BOOL utf = (options & PCRE_UTF8) != 0;
4494 #ifndef COMPILE_PCRE32
4495 pcre_uchar utf_chars[6];
4496 #endif
4497 #else
4498 BOOL utf = FALSE;
4499 #endif
4500
4501 /* Helper variables for OP_XCLASS opcode (for characters > 255). We define
4502 class_uchardata always so that it can be passed to add_to_class() always,
4503 though it will not be used in non-UTF 8-bit cases. This avoids having to supply
4504 alternative calls for the different cases. */
4505
4506 pcre_uchar *class_uchardata;
4507 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4508 BOOL xclass;
4509 pcre_uchar *class_uchardata_base;
4510 #endif
4511
4512 #ifdef PCRE_DEBUG
4513 if (lengthptr != NULL) DPRINTF((">> start branch\n"));
4514 #endif
4515
4516 /* Set up the default and non-default settings for greediness */
4517
4518 greedy_default = ((options & PCRE_UNGREEDY) != 0);
4519 greedy_non_default = greedy_default ^ 1;
4520
4521 /* Initialize no first byte, no required byte. REQ_UNSET means "no char
4522 matching encountered yet". It gets changed to REQ_NONE if we hit something that
4523 matches a non-fixed char first char; reqchar just remains unset if we never
4524 find one.
4525
4526 When we hit a repeat whose minimum is zero, we may have to adjust these values
4527 to take the zero repeat into account. This is implemented by setting them to
4528 zerofirstbyte and zeroreqchar when such a repeat is encountered. The individual
4529 item types that can be repeated set these backoff variables appropriately. */
4530
4531 firstchar = reqchar = zerofirstchar = zeroreqchar = 0;
4532 firstcharflags = reqcharflags = zerofirstcharflags = zeroreqcharflags = REQ_UNSET;
4533
4534 /* The variable req_caseopt contains either the REQ_CASELESS value
4535 or zero, according to the current setting of the caseless flag. The
4536 REQ_CASELESS leaves the lower 28 bit empty. It is added into the
4537 firstchar or reqchar variables to record the case status of the
4538 value. This is used only for ASCII characters. */
4539
4540 req_caseopt = ((options & PCRE_CASELESS) != 0)? REQ_CASELESS:0;
4541
4542 /* Switch on next character until the end of the branch */
4543
4544 for (;; ptr++)
4545 {
4546 BOOL negate_class;
4547 BOOL should_flip_negation;
4548 BOOL possessive_quantifier;
4549 BOOL is_quantifier;
4550 BOOL is_recurse;
4551 BOOL reset_bracount;
4552 int class_has_8bitchar;
4553 int class_one_char;
4554 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4555 BOOL xclass_has_prop;
4556 #endif
4557 int newoptions;
4558 int recno;
4559 int refsign;
4560 int skipbytes;
4561 pcre_uint32 subreqchar, subfirstchar;
4562 pcre_int32 subreqcharflags, subfirstcharflags;
4563 int terminator;
4564 unsigned int mclength;
4565 unsigned int tempbracount;
4566 pcre_uint32 ec;
4567 pcre_uchar mcbuffer[8];
4568
4569 /* Get next character in the pattern */
4570
4571 c = *ptr;
4572
4573 /* If we are at the end of a nested substitution, revert to the outer level
4574 string. Nesting only happens one level deep. */
4575
4576 if (c == CHAR_NULL && nestptr != NULL)
4577 {
4578 ptr = nestptr;
4579 nestptr = NULL;
4580 c = *ptr;
4581 }
4582
4583 /* If we are in the pre-compile phase, accumulate the length used for the
4584 previous cycle of this loop. */
4585
4586 if (lengthptr != NULL)
4587 {
4588 #ifdef PCRE_DEBUG
4589 if (code > cd->hwm) cd->hwm = code; /* High water info */
4590 #endif
4591 if (code > cd->start_workspace + cd->workspace_size -
4592 WORK_SIZE_SAFETY_MARGIN) /* Check for overrun */
4593 {
4594 *errorcodeptr = ERR52;
4595 goto FAILED;
4596 }
4597
4598 /* There is at least one situation where code goes backwards: this is the
4599 case of a zero quantifier after a class (e.g. [ab]{0}). At compile time,
4600 the class is simply eliminated. However, it is created first, so we have to
4601 allow memory for it. Therefore, don't ever reduce the length at this point.
4602 */
4603
4604 if (code < last_code) code = last_code;
4605
4606 /* Paranoid check for integer overflow */
4607
4608 if (OFLOW_MAX - *lengthptr < code - last_code)
4609 {
4610 *errorcodeptr = ERR20;
4611 goto FAILED;
4612 }
4613
4614 *lengthptr += (int)(code - last_code);
4615 DPRINTF(("length=%d added %d c=%c (0x%x)\n", *lengthptr,
4616 (int)(code - last_code), c, c));
4617
4618 /* If "previous" is set and it is not at the start of the work space, move
4619 it back to there, in order to avoid filling up the work space. Otherwise,
4620 if "previous" is NULL, reset the current code pointer to the start. */
4621
4622 if (previous != NULL)
4623 {
4624 if (previous > orig_code)
4625 {
4626 memmove(orig_code, previous, IN_UCHARS(code - previous));
4627 code -= previous - orig_code;
4628 previous = orig_code;
4629 }
4630 }
4631 else code = orig_code;
4632
4633 /* Remember where this code item starts so we can pick up the length
4634 next time round. */
4635
4636 last_code = code;
4637 }
4638
4639 /* In the real compile phase, just check the workspace used by the forward
4640 reference list. */
4641
4642 else if (cd->hwm > cd->start_workspace + cd->workspace_size)
4643 {
4644 *errorcodeptr = ERR52;
4645 goto FAILED;
4646 }
4647
4648 /* If in \Q...\E, check for the end; if not, we have a literal */
4649
4650 if (inescq && c != CHAR_NULL)
4651 {
4652 if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E)
4653 {
4654 inescq = FALSE;
4655 ptr++;
4656 continue;
4657 }
4658 else
4659 {
4660 if (previous_callout != NULL)
4661 {
4662 if (lengthptr == NULL) /* Don't attempt in pre-compile phase */
4663 complete_callout(previous_callout, ptr, cd);
4664 previous_callout = NULL;
4665 }
4666 if ((options & PCRE_AUTO_CALLOUT) != 0)
4667 {
4668 previous_callout = code;
4669 code = auto_callout(code, ptr, cd);
4670 }
4671 goto NORMAL_CHAR;
4672 }
4673 /* Control does not reach here. */
4674 }
4675
4676 /* In extended mode, skip white space and comments. We need a loop in order
4677 to check for more white space and more comments after a comment. */
4678
4679 if ((options & PCRE_EXTENDED) != 0)
4680 {
4681 for (;;)
4682 {
4683 while (MAX_255(c) && (cd->ctypes[c] & ctype_space) != 0) c = *(++ptr);
4684 if (c != CHAR_NUMBER_SIGN) break;
4685 ptr++;
4686 while (*ptr != CHAR_NULL)
4687 {
4688 if (IS_NEWLINE(ptr)) /* For non-fixed-length newline cases, */
4689 { /* IS_NEWLINE sets cd->nllen. */
4690 ptr += cd->nllen;
4691 break;
4692 }
4693 ptr++;
4694 #ifdef SUPPORT_UTF
4695 if (utf) FORWARDCHAR(ptr);
4696 #endif
4697 }
4698 c = *ptr; /* Either NULL or the char after a newline */
4699 }
4700 }
4701
4702 /* See if the next thing is a quantifier. */
4703
4704 is_quantifier =
4705 c == CHAR_ASTERISK || c == CHAR_PLUS || c == CHAR_QUESTION_MARK ||
4706 (c == CHAR_LEFT_CURLY_BRACKET && is_counted_repeat(ptr+1));
4707
4708 /* Fill in length of a previous callout, except when the next thing is a
4709 quantifier or when processing a property substitution string in UCP mode. */
4710
4711 if (!is_quantifier && previous_callout != NULL && nestptr == NULL &&
4712 after_manual_callout-- <= 0)
4713 {
4714 if (lengthptr == NULL) /* Don't attempt in pre-compile phase */
4715 complete_callout(previous_callout, ptr, cd);
4716 previous_callout = NULL;
4717 }
4718
4719 /* Create auto callout, except for quantifiers, or while processing property
4720 strings that are substituted for \w etc in UCP mode. */
4721
4722 if ((options & PCRE_AUTO_CALLOUT) != 0 && !is_quantifier && nestptr == NULL)
4723 {
4724 previous_callout = code;
4725 code = auto_callout(code, ptr, cd);
4726 }
4727
4728 /* Process the next pattern item. */
4729
4730 switch(c)
4731 {
4732 /* ===================================================================*/
4733 case CHAR_NULL: /* The branch terminates at string end */
4734 case CHAR_VERTICAL_LINE: /* or | or ) */
4735 case CHAR_RIGHT_PARENTHESIS:
4736 *firstcharptr = firstchar;
4737 *firstcharflagsptr = firstcharflags;
4738 *reqcharptr = reqchar;
4739 *reqcharflagsptr = reqcharflags;
4740 *codeptr = code;
4741 *ptrptr = ptr;
4742 if (lengthptr != NULL)
4743 {
4744 if (OFLOW_MAX - *lengthptr < code - last_code)
4745 {
4746 *errorcodeptr = ERR20;
4747 goto FAILED;
4748 }
4749 *lengthptr += (int)(code - last_code); /* To include callout length */
4750 DPRINTF((">> end branch\n"));
4751 }
4752 return TRUE;
4753
4754
4755 /* ===================================================================*/
4756 /* Handle single-character metacharacters. In multiline mode, ^ disables
4757 the setting of any following char as a first character. */
4758
4759 case CHAR_CIRCUMFLEX_ACCENT:
4760 previous = NULL;
4761 if ((options & PCRE_MULTILINE) != 0)
4762 {
4763 if (firstcharflags == REQ_UNSET)
4764 zerofirstcharflags = firstcharflags = REQ_NONE;
4765 *code++ = OP_CIRCM;
4766 }
4767 else *code++ = OP_CIRC;
4768 break;
4769
4770 case CHAR_DOLLAR_SIGN:
4771 previous = NULL;
4772 *code++ = ((options & PCRE_MULTILINE) != 0)? OP_DOLLM : OP_DOLL;
4773 break;
4774
4775 /* There can never be a first char if '.' is first, whatever happens about
4776 repeats. The value of reqchar doesn't change either. */
4777
4778 case CHAR_DOT:
4779 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
4780 zerofirstchar = firstchar;
4781 zerofirstcharflags = firstcharflags;
4782 zeroreqchar = reqchar;
4783 zeroreqcharflags = reqcharflags;
4784 previous = code;
4785 item_hwm_offset = cd->hwm - cd->start_workspace;
4786 *code++ = ((options & PCRE_DOTALL) != 0)? OP_ALLANY: OP_ANY;
4787 break;
4788
4789
4790 /* ===================================================================*/
4791 /* Character classes. If the included characters are all < 256, we build a
4792 32-byte bitmap of the permitted characters, except in the special case
4793 where there is only one such character. For negated classes, we build the
4794 map as usual, then invert it at the end. However, we use a different opcode
4795 so that data characters > 255 can be handled correctly.
4796
4797 If the class contains characters outside the 0-255 range, a different
4798 opcode is compiled. It may optionally have a bit map for characters < 256,
4799 but those above are are explicitly listed afterwards. A flag byte tells
4800 whether the bitmap is present, and whether this is a negated class or not.
4801
4802 In JavaScript compatibility mode, an isolated ']' causes an error. In
4803 default (Perl) mode, it is treated as a data character. */
4804
4805 case CHAR_RIGHT_SQUARE_BRACKET:
4806 if ((cd->external_options & PCRE_JAVASCRIPT_COMPAT) != 0)
4807 {
4808 *errorcodeptr = ERR64;
4809 goto FAILED;
4810 }
4811 goto NORMAL_CHAR;
4812
4813 /* In another (POSIX) regex library, the ugly syntax [[:<:]] and [[:>:]] is
4814 used for "start of word" and "end of word". As these are otherwise illegal
4815 sequences, we don't break anything by recognizing them. They are replaced
4816 by \b(?=\w) and \b(?<=\w) respectively. Sequences like [a[:<:]] are
4817 erroneous and are handled by the normal code below. */
4818
4819 case CHAR_LEFT_SQUARE_BRACKET:
4820 if (STRNCMP_UC_C8(ptr+1, STRING_WEIRD_STARTWORD, 6) == 0)
4821 {
4822 nestptr = ptr + 7;
4823 ptr = sub_start_of_word - 1;
4824 continue;
4825 }
4826
4827 if (STRNCMP_UC_C8(ptr+1, STRING_WEIRD_ENDWORD, 6) == 0)
4828 {
4829 nestptr = ptr + 7;
4830 ptr = sub_end_of_word - 1;
4831 continue;
4832 }
4833
4834 /* Handle a real character class. */
4835
4836 previous = code;
4837 item_hwm_offset = cd->hwm - cd->start_workspace;
4838
4839 /* PCRE supports POSIX class stuff inside a class. Perl gives an error if
4840 they are encountered at the top level, so we'll do that too. */
4841
4842 if ((ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
4843 ptr[1] == CHAR_EQUALS_SIGN) &&
4844 check_posix_syntax(ptr, &tempptr))
4845 {
4846 *errorcodeptr = (ptr[1] == CHAR_COLON)? ERR13 : ERR31;
4847 goto FAILED;
4848 }
4849
4850 /* If the first character is '^', set the negation flag and skip it. Also,
4851 if the first few characters (either before or after ^) are \Q\E or \E we
4852 skip them too. This makes for compatibility with Perl. */
4853
4854 negate_class = FALSE;
4855 for (;;)
4856 {
4857 c = *(++ptr);
4858 if (c == CHAR_BACKSLASH)
4859 {
4860 if (ptr[1] == CHAR_E)
4861 ptr++;
4862 else if (STRNCMP_UC_C8(ptr + 1, STR_Q STR_BACKSLASH STR_E, 3) == 0)
4863 ptr += 3;
4864 else
4865 break;
4866 }
4867 else if (!negate_class && c == CHAR_CIRCUMFLEX_ACCENT)
4868 negate_class = TRUE;
4869 else break;
4870 }
4871
4872 /* Empty classes are allowed in JavaScript compatibility mode. Otherwise,
4873 an initial ']' is taken as a data character -- the code below handles
4874 that. In JS mode, [] must always fail, so generate OP_FAIL, whereas
4875 [^] must match any character, so generate OP_ALLANY. */
4876
4877 if (c == CHAR_RIGHT_SQUARE_BRACKET &&
4878 (cd->external_options & PCRE_JAVASCRIPT_COMPAT) != 0)
4879 {
4880 *code++ = negate_class? OP_ALLANY : OP_FAIL;
4881 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
4882 zerofirstchar = firstchar;
4883 zerofirstcharflags = firstcharflags;
4884 break;
4885 }
4886
4887 /* If a class contains a negative special such as \S, we need to flip the
4888 negation flag at the end, so that support for characters > 255 works
4889 correctly (they are all included in the class). */
4890
4891 should_flip_negation = FALSE;
4892
4893 /* Extended class (xclass) will be used when characters > 255
4894 might match. */
4895
4896 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4897 xclass = FALSE;
4898 class_uchardata = code + LINK_SIZE + 2; /* For XCLASS items */
4899 class_uchardata_base = class_uchardata; /* Save the start */
4900 #endif
4901
4902 /* For optimization purposes, we track some properties of the class:
4903 class_has_8bitchar will be non-zero if the class contains at least one <
4904 256 character; class_one_char will be 1 if the class contains just one
4905 character; xclass_has_prop will be TRUE if unicode property checks
4906 are present in the class. */
4907
4908 class_has_8bitchar = 0;
4909 class_one_char = 0;
4910 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4911 xclass_has_prop = FALSE;
4912 #endif
4913
4914 /* Initialize the 32-char bit map to all zeros. We build the map in a
4915 temporary bit of memory, in case the class contains fewer than two
4916 8-bit characters because in that case the compiled code doesn't use the bit
4917 map. */
4918
4919 memset(classbits, 0, 32 * sizeof(pcre_uint8));
4920
4921 /* Process characters until ] is reached. By writing this as a "do" it
4922 means that an initial ] is taken as a data character. At the start of the
4923 loop, c contains the first byte of the character. */
4924
4925 if (c != CHAR_NULL) do
4926 {
4927 const pcre_uchar *oldptr;
4928
4929 #ifdef SUPPORT_UTF
4930 if (utf && HAS_EXTRALEN(c))
4931 { /* Braces are required because the */
4932 GETCHARLEN(c, ptr, ptr); /* macro generates multiple statements */
4933 }
4934 #endif
4935
4936 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4937 /* In the pre-compile phase, accumulate the length of any extra
4938 data and reset the pointer. This is so that very large classes that
4939 contain a zillion > 255 characters no longer overwrite the work space
4940 (which is on the stack). We have to remember that there was XCLASS data,
4941 however. */
4942
4943 if (class_uchardata > class_uchardata_base) xclass = TRUE;
4944
4945 if (lengthptr != NULL && class_uchardata > class_uchardata_base)
4946 {
4947 *lengthptr += (int)(class_uchardata - class_uchardata_base);
4948 class_uchardata = class_uchardata_base;
4949 }
4950 #endif
4951
4952 /* Inside \Q...\E everything is literal except \E */
4953
4954 if (inescq)
4955 {
4956 if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E) /* If we are at \E */
4957 {
4958 inescq = FALSE; /* Reset literal state */
4959 ptr++; /* Skip the 'E' */
4960 continue; /* Carry on with next */
4961 }
4962 goto CHECK_RANGE; /* Could be range if \E follows */
4963 }
4964
4965 /* Handle POSIX class names. Perl allows a negation extension of the
4966 form [:^name:]. A square bracket that doesn't match the syntax is
4967 treated as a literal. We also recognize the POSIX constructions
4968 [.ch.] and [=ch=] ("collating elements") and fault them, as Perl
4969 5.6 and 5.8 do. */
4970
4971 if (c == CHAR_LEFT_SQUARE_BRACKET &&
4972 (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
4973 ptr[1] == CHAR_EQUALS_SIGN) && check_posix_syntax(ptr, &tempptr))
4974 {
4975 BOOL local_negate = FALSE;
4976 int posix_class, taboffset, tabopt;
4977 register const pcre_uint8 *cbits = cd->cbits;
4978 pcre_uint8 pbits[32];
4979
4980 if (ptr[1] != CHAR_COLON)
4981 {
4982 *errorcodeptr = ERR31;
4983 goto FAILED;
4984 }
4985
4986 ptr += 2;
4987 if (*ptr == CHAR_CIRCUMFLEX_ACCENT)
4988 {
4989 local_negate = TRUE;
4990 should_flip_negation = TRUE; /* Note negative special */
4991 ptr++;
4992 }
4993
4994 posix_class = check_posix_name(ptr, (int)(tempptr - ptr));
4995 if (posix_class < 0)
4996 {
4997 *errorcodeptr = ERR30;
4998 goto FAILED;
4999 }
5000
5001 /* If matching is caseless, upper and lower are converted to
5002 alpha. This relies on the fact that the class table starts with
5003 alpha, lower, upper as the first 3 entries. */
5004
5005 if ((options & PCRE_CASELESS) != 0 && posix_class <= 2)
5006 posix_class = 0;
5007
5008 /* When PCRE_UCP is set, some of the POSIX classes are converted to
5009 different escape sequences that use Unicode properties \p or \P. Others
5010 that are not available via \p or \P generate XCL_PROP/XCL_NOTPROP
5011 directly. */
5012
5013 #ifdef SUPPORT_UCP
5014 if ((options & PCRE_UCP) != 0)
5015 {
5016 unsigned int ptype = 0;
5017 int pc = posix_class + ((local_negate)? POSIX_SUBSIZE/2 : 0);
5018
5019 /* The posix_substitutes table specifies which POSIX classes can be
5020 converted to \p or \P items. */
5021
5022 if (posix_substitutes[pc] != NULL)
5023 {
5024 nestptr = tempptr + 1;
5025 ptr = posix_substitutes[pc] - 1;
5026 continue;
5027 }
5028
5029 /* There are three other classes that generate special property calls
5030 that are recognized only in an XCLASS. */
5031
5032 else switch(posix_class)
5033 {
5034 case PC_GRAPH:
5035 ptype = PT_PXGRAPH;
5036 /* Fall through */
5037 case PC_PRINT:
5038 if (ptype == 0) ptype = PT_PXPRINT;
5039 /* Fall through */
5040 case PC_PUNCT:
5041 if (ptype == 0) ptype = PT_PXPUNCT;
5042 *class_uchardata++ = local_negate? XCL_NOTPROP : XCL_PROP;
5043 *class_uchardata++ = ptype;
5044 *class_uchardata++ = 0;
5045 xclass_has_prop = TRUE;
5046 ptr = tempptr + 1;
5047 continue;
5048
5049 /* For the other POSIX classes (ascii, xdigit) we are going to fall
5050 through to the non-UCP case and build a bit map for characters with
5051 code points less than 256. If we are in a negated POSIX class
5052 within a non-negated overall class, characters with code points
5053 greater than 255 must all match. In the special case where we have
5054 not yet generated any xclass data, and this is the final item in
5055 the overall class, we need do nothing: later on, the opcode
5056 OP_NCLASS will be used to indicate that characters greater than 255
5057 are acceptable. If we have already seen an xclass item or one may
5058 follow (we have to assume that it might if this is not the end of
5059 the class), explicitly match all wide codepoints. */
5060
5061 default:
5062 if (!negate_class && local_negate &&
5063 (xclass || tempptr[2] != CHAR_RIGHT_SQUARE_BRACKET))
5064 {
5065 *class_uchardata++ = XCL_RANGE;
5066 class_uchardata += PRIV(ord2utf)(0x100, class_uchardata);
5067 class_uchardata += PRIV(ord2utf)(0x10ffff, class_uchardata);
5068 }
5069 break;
5070 }
5071 }
5072 #endif
5073 /* In the non-UCP case, or when UCP makes no difference, we build the
5074 bit map for the POSIX class in a chunk of local store because we may be
5075 adding and subtracting from it, and we don't want to subtract bits that
5076 may be in the main map already. At the end we or the result into the
5077 bit map that is being built. */
5078
5079 posix_class *= 3;
5080
5081 /* Copy in the first table (always present) */
5082
5083 memcpy(pbits, cbits + posix_class_maps[posix_class],
5084 32 * sizeof(pcre_uint8));
5085
5086 /* If there is a second table, add or remove it as required. */
5087
5088 taboffset = posix_class_maps[posix_class + 1];
5089 tabopt = posix_class_maps[posix_class + 2];
5090
5091 if (taboffset >= 0)
5092 {
5093 if (tabopt >= 0)
5094 for (c = 0; c < 32; c++) pbits[c] |= cbits[c + taboffset];
5095 else
5096 for (c = 0; c < 32; c++) pbits[c] &= ~cbits[c + taboffset];
5097 }
5098
5099 /* Now see if we need to remove any special characters. An option
5100 value of 1 removes vertical space and 2 removes underscore. */
5101
5102 if (tabopt < 0) tabopt = -tabopt;
5103 if (tabopt == 1) pbits[1] &= ~0x3c;
5104 else if (tabopt == 2) pbits[11] &= 0x7f;
5105
5106 /* Add the POSIX table or its complement into the main table that is
5107 being built and we are done. */
5108
5109 if (local_negate)
5110 for (c = 0; c < 32; c++) classbits[c] |= ~pbits[c];
5111 else
5112 for (c = 0; c < 32; c++) classbits[c] |= pbits[c];
5113
5114 ptr = tempptr + 1;
5115 /* Every class contains at least one < 256 character. */
5116 class_has_8bitchar = 1;
5117 /* Every class contains at least two characters. */
5118 class_one_char = 2;
5119 continue; /* End of POSIX syntax handling */
5120 }
5121
5122 /* Backslash may introduce a single character, or it may introduce one
5123 of the specials, which just set a flag. The sequence \b is a special
5124 case. Inside a class (and only there) it is treated as backspace. We
5125 assume that other escapes have more than one character in them, so
5126 speculatively set both class_has_8bitchar and class_one_char bigger
5127 than one. Unrecognized escapes fall through and are either treated
5128 as literal characters (by default), or are faulted if
5129 PCRE_EXTRA is set. */
5130
5131 if (c == CHAR_BACKSLASH)
5132 {
5133 escape = check_escape(&ptr, &ec, errorcodeptr, cd->bracount, options,
5134 TRUE);
5135 if (*errorcodeptr != 0) goto FAILED;
5136 if (escape == 0) c = ec;
5137 else if (escape == ESC_b) c = CHAR_BS; /* \b is backspace in a class */
5138 else if (escape == ESC_N) /* \N is not supported in a class */
5139 {
5140 *errorcodeptr = ERR71;
5141 goto FAILED;
5142 }
5143 else if (escape == ESC_Q) /* Handle start of quoted string */
5144 {
5145 if (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
5146 {
5147 ptr += 2; /* avoid empty string */
5148 }
5149 else inescq = TRUE;
5150 continue;
5151 }
5152 else if (escape == ESC_E) continue; /* Ignore orphan \E */
5153
5154 else
5155 {
5156 register const pcre_uint8 *cbits = cd->cbits;
5157 /* Every class contains at least two < 256 characters. */
5158 class_has_8bitchar++;
5159 /* Every class contains at least two characters. */
5160 class_one_char += 2;
5161
5162 switch (escape)
5163 {
5164 #ifdef SUPPORT_UCP
5165 case ESC_du: /* These are the values given for \d etc */
5166 case ESC_DU: /* when PCRE_UCP is set. We replace the */
5167 case ESC_wu: /* escape sequence with an appropriate \p */
5168 case ESC_WU: /* or \P to test Unicode properties instead */
5169 case ESC_su: /* of the default ASCII testing. */
5170 case ESC_SU:
5171 nestptr = ptr;
5172 ptr = substitutes[escape - ESC_DU] - 1; /* Just before substitute */
5173 class_has_8bitchar--; /* Undo! */
5174 continue;
5175 #endif
5176 case ESC_d:
5177 for (c = 0; c < 32; c++) classbits[c] |= cbits[c+cbit_digit];
5178 continue;
5179
5180 case ESC_D:
5181 should_flip_negation = TRUE;
5182 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_digit];
5183 continue;
5184
5185 case ESC_w:
5186 for (c = 0; c < 32; c++) classbits[c] |= cbits[c+cbit_word];
5187 continue;
5188
5189 case ESC_W:
5190 should_flip_negation = TRUE;
5191 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_word];
5192 continue;
5193
5194 /* Perl 5.004 onwards omitted VT from \s, but restored it at Perl
5195 5.18. Before PCRE 8.34, we had to preserve the VT bit if it was
5196 previously set by something earlier in the character class.
5197 Luckily, the value of CHAR_VT is 0x0b in both ASCII and EBCDIC, so
5198 we could just adjust the appropriate bit. From PCRE 8.34 we no
5199 longer treat \s and \S specially. */
5200
5201 case ESC_s:
5202 for (c = 0; c < 32; c++) classbits[c] |= cbits[c+cbit_space];
5203 continue;
5204
5205 case ESC_S:
5206 should_flip_negation = TRUE;
5207 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_space];
5208 continue;
5209
5210 /* The rest apply in both UCP and non-UCP cases. */
5211
5212 case ESC_h:
5213 (void)add_list_to_class(classbits, &class_uchardata, options, cd,
5214 PRIV(hspace_list), NOTACHAR);
5215 continue;
5216
5217 case ESC_H:
5218 (void)add_not_list_to_class(classbits, &class_uchardata, options,
5219 cd, PRIV(hspace_list));
5220 continue;
5221
5222 case ESC_v:
5223 (void)add_list_to_class(classbits, &class_uchardata, options, cd,
5224 PRIV(vspace_list), NOTACHAR);
5225 continue;
5226
5227 case ESC_V:
5228 (void)add_not_list_to_class(classbits, &class_uchardata, options,
5229 cd, PRIV(vspace_list));
5230 continue;
5231
5232 case ESC_p:
5233 case ESC_P:
5234 #ifdef SUPPORT_UCP
5235 {
5236 BOOL negated;
5237 unsigned int ptype = 0, pdata = 0;
5238 if (!get_ucp(&ptr, &negated, &ptype, &pdata, errorcodeptr))
5239 goto FAILED;
5240 *class_uchardata++ = ((escape == ESC_p) != negated)?
5241 XCL_PROP : XCL_NOTPROP;
5242 *class_uchardata++ = ptype;
5243 *class_uchardata++ = pdata;
5244 xclass_has_prop = TRUE;
5245 class_has_8bitchar--; /* Undo! */
5246 continue;
5247 }
5248 #else
5249 *errorcodeptr = ERR45;
5250 goto FAILED;
5251 #endif
5252 /* Unrecognized escapes are faulted if PCRE is running in its
5253 strict mode. By default, for compatibility with Perl, they are
5254 treated as literals. */
5255
5256 default:
5257 if ((options & PCRE_EXTRA) != 0)
5258 {
5259 *errorcodeptr = ERR7;
5260 goto FAILED;
5261 }
5262 class_has_8bitchar--; /* Undo the speculative increase. */
5263 class_one_char -= 2; /* Undo the speculative increase. */
5264 c = *ptr; /* Get the final character and fall through */
5265 break;
5266 }
5267 }
5268
5269 /* Fall through if the escape just defined a single character (c >= 0).
5270 This may be greater than 256. */
5271
5272 escape = 0;
5273
5274 } /* End of backslash handling */
5275
5276 /* A character may be followed by '-' to form a range. However, Perl does
5277 not permit ']' to be the end of the range. A '-' character at the end is
5278 treated as a literal. Perl ignores orphaned \E sequences entirely. The
5279 code for handling \Q and \E is messy. */
5280
5281 CHECK_RANGE:
5282 while (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
5283 {
5284 inescq = FALSE;
5285 ptr += 2;
5286 }
5287 oldptr = ptr;
5288
5289 /* Remember if \r or \n were explicitly used */
5290
5291 if (c == CHAR_CR || c == CHAR_NL) cd->external_flags |= PCRE_HASCRORLF;
5292
5293 /* Check for range */
5294
5295 if (!inescq && ptr[1] == CHAR_MINUS)
5296 {
5297 pcre_uint32 d;
5298 ptr += 2;
5299 while (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_E) ptr += 2;
5300
5301 /* If we hit \Q (not followed by \E) at this point, go into escaped
5302 mode. */
5303
5304 while (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_Q)
5305 {
5306 ptr += 2;
5307 if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_E)
5308 { ptr += 2; continue; }
5309 inescq = TRUE;
5310 break;
5311 }
5312
5313 /* Minus (hyphen) at the end of a class is treated as a literal, so put
5314 back the pointer and jump to handle the character that preceded it. */
5315
5316 if (*ptr == CHAR_NULL || (!inescq && *ptr == CHAR_RIGHT_SQUARE_BRACKET))
5317 {
5318 ptr = oldptr;
5319 goto CLASS_SINGLE_CHARACTER;
5320 }
5321
5322 /* Otherwise, we have a potential range; pick up the next character */
5323
5324 #ifdef SUPPORT_UTF
5325 if (utf)
5326 { /* Braces are required because the */
5327 GETCHARLEN(d, ptr, ptr); /* macro generates multiple statements */
5328 }
5329 else
5330 #endif
5331 d = *ptr; /* Not UTF-8 mode */
5332
5333 /* The second part of a range can be a single-character escape
5334 sequence, but not any of the other escapes. Perl treats a hyphen as a
5335 literal in such circumstances. However, in Perl's warning mode, a
5336 warning is given, so PCRE now faults it as it is almost certainly a
5337 mistake on the user's part. */
5338
5339 if (!inescq)
5340 {
5341 if (d == CHAR_BACKSLASH)
5342 {
5343 int descape;
5344 descape = check_escape(&ptr, &d, errorcodeptr, cd->bracount, options, TRUE);
5345 if (*errorcodeptr != 0) goto FAILED;
5346
5347 /* 0 means a character was put into d; \b is backspace; any other
5348 special causes an error. */
5349
5350 if (descape != 0)
5351 {
5352 if (descape == ESC_b) d = CHAR_BS; else
5353 {
5354 *errorcodeptr = ERR83;
5355 goto FAILED;
5356 }
5357 }
5358 }
5359
5360 /* A hyphen followed by a POSIX class is treated in the same way. */
5361
5362 else if (d == CHAR_LEFT_SQUARE_BRACKET &&
5363 (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
5364 ptr[1] == CHAR_EQUALS_SIGN) &&
5365 check_posix_syntax(ptr, &tempptr))
5366 {
5367 *errorcodeptr = ERR83;
5368 goto FAILED;
5369 }
5370 }
5371
5372 /* Check that the two values are in the correct order. Optimize
5373 one-character ranges. */
5374
5375 if (d < c)
5376 {
5377 *errorcodeptr = ERR8;
5378 goto FAILED;
5379 }
5380 if (d == c) goto CLASS_SINGLE_CHARACTER; /* A few lines below */
5381
5382 /* We have found a character range, so single character optimizations
5383 cannot be done anymore. Any value greater than 1 indicates that there
5384 is more than one character. */
5385
5386 class_one_char = 2;
5387
5388 /* Remember an explicit \r or \n, and add the range to the class. */
5389
5390 if (d == CHAR_CR || d == CHAR_NL) cd->external_flags |= PCRE_HASCRORLF;
5391
5392 class_has_8bitchar +=
5393 add_to_class(classbits, &class_uchardata, options, cd, c, d);
5394
5395 continue; /* Go get the next char in the class */
5396 }
5397
5398 /* Handle a single character - we can get here for a normal non-escape
5399 char, or after \ that introduces a single character or for an apparent
5400 range that isn't. Only the value 1 matters for class_one_char, so don't
5401 increase it if it is already 2 or more ... just in case there's a class
5402 with a zillion characters in it. */
5403
5404 CLASS_SINGLE_CHARACTER:
5405 if (class_one_char < 2) class_one_char++;
5406
5407 /* If xclass_has_prop is false and class_one_char is 1, we have the first
5408 single character in the class, and there have been no prior ranges, or
5409 XCLASS items generated by escapes. If this is the final character in the
5410 class, we can optimize by turning the item into a 1-character OP_CHAR[I]
5411 if it's positive, or OP_NOT[I] if it's negative. In the positive case, it
5412 can cause firstchar to be set. Otherwise, there can be no first char if
5413 this item is first, whatever repeat count may follow. In the case of
5414 reqchar, save the previous value for reinstating. */
5415
5416 if (!inescq &&
5417 #ifdef SUPPORT_UCP
5418 !xclass_has_prop &&
5419 #endif
5420 class_one_char == 1 && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
5421 {
5422 ptr++;
5423 zeroreqchar = reqchar;
5424 zeroreqcharflags = reqcharflags;
5425
5426 if (negate_class)
5427 {
5428 #ifdef SUPPORT_UCP
5429 int d;
5430 #endif
5431 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
5432 zerofirstchar = firstchar;
5433 zerofirstcharflags = firstcharflags;
5434
5435 /* For caseless UTF-8 mode when UCP support is available, check
5436 whether this character has more than one other case. If so, generate
5437 a special OP_NOTPROP item instead of OP_NOTI. */
5438
5439 #ifdef SUPPORT_UCP
5440 if (utf && (options & PCRE_CASELESS) != 0 &&
5441 (d = UCD_CASESET(c)) != 0)
5442 {
5443 *code++ = OP_NOTPROP;
5444 *code++ = PT_CLIST;
5445 *code++ = d;
5446 }
5447 else
5448 #endif
5449 /* Char has only one other case, or UCP not available */
5450
5451 {
5452 *code++ = ((options & PCRE_CASELESS) != 0)? OP_NOTI: OP_NOT;
5453 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
5454 if (utf && c > MAX_VALUE_FOR_SINGLE_CHAR)
5455 code += PRIV(ord2utf)(c, code);
5456 else
5457 #endif
5458 *code++ = c;
5459 }
5460
5461 /* We are finished with this character class */
5462
5463 goto END_CLASS;
5464 }
5465
5466 /* For a single, positive character, get the value into mcbuffer, and
5467 then we can handle this with the normal one-character code. */
5468
5469 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
5470 if (utf && c > MAX_VALUE_FOR_SINGLE_CHAR)
5471 mclength = PRIV(ord2utf)(c, mcbuffer);
5472 else
5473 #endif
5474 {
5475 mcbuffer[0] = c;
5476 mclength = 1;
5477 }
5478 goto ONE_CHAR;
5479 } /* End of 1-char optimization */
5480
5481 /* There is more than one character in the class, or an XCLASS item
5482 has been generated. Add this character to the class. */
5483
5484 class_has_8bitchar +=
5485 add_to_class(classbits, &class_uchardata, options, cd, c, c);
5486 }
5487
5488 /* Loop until ']' reached. This "while" is the end of the "do" far above.
5489 If we are at the end of an internal nested string, revert to the outer
5490 string. */
5491
5492 while (((c = *(++ptr)) != CHAR_NULL ||
5493 (nestptr != NULL &&
5494 (ptr = nestptr, nestptr = NULL, c = *(++ptr)) != CHAR_NULL)) &&
5495 (c != CHAR_RIGHT_SQUARE_BRACKET || inescq));
5496
5497 /* Check for missing terminating ']' */
5498
5499 if (c == CHAR_NULL)
5500 {
5501 *errorcodeptr = ERR6;
5502 goto FAILED;
5503 }
5504
5505 /* We will need an XCLASS if data has been placed in class_uchardata. In
5506 the second phase this is a sufficient test. However, in the pre-compile
5507 phase, class_uchardata gets emptied to prevent workspace overflow, so it
5508 only if the very last character in the class needs XCLASS will it contain
5509 anything at this point. For this reason, xclass gets set TRUE above when
5510 uchar_classdata is emptied, and that's why this code is the way it is here
5511 instead of just doing a test on class_uchardata below. */
5512
5513 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
5514 if (class_uchardata > class_uchardata_base) xclass = TRUE;
5515 #endif
5516
5517 /* If this is the first thing in the branch, there can be no first char
5518 setting, whatever the repeat count. Any reqchar setting must remain
5519 unchanged after any kind of repeat. */
5520
5521 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
5522 zerofirstchar = firstchar;
5523 zerofirstcharflags = firstcharflags;
5524 zeroreqchar = reqchar;
5525 zeroreqcharflags = reqcharflags;
5526
5527 /* If there are characters with values > 255, we have to compile an
5528 extended class, with its own opcode, unless there was a negated special
5529 such as \S in the class, and PCRE_UCP is not set, because in that case all
5530 characters > 255 are in the class, so any that were explicitly given as
5531 well can be ignored. If (when there are explicit characters > 255 that must
5532 be listed) there are no characters < 256, we can omit the bitmap in the
5533 actual compiled code. */
5534
5535 #ifdef SUPPORT_UTF
5536 if (xclass && (xclass_has_prop || !should_flip_negation ||
5537 (options & PCRE_UCP) != 0))
5538 #elif !defined COMPILE_PCRE8
5539 if (xclass && (xclass_has_prop || !should_flip_negation))
5540 #endif
5541 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
5542 {
5543 *class_uchardata++ = XCL_END; /* Marks the end of extra data */
5544 *code++ = OP_XCLASS;
5545 code += LINK_SIZE;
5546 *code = negate_class? XCL_NOT:0;
5547 if (xclass_has_prop) *code |= XCL_HASPROP;
5548
5549 /* If the map is required, move up the extra data to make room for it;
5550 otherwise just move the code pointer to the end of the extra data. */
5551
5552 if (class_has_8bitchar > 0)
5553 {
5554 *code++ |= XCL_MAP;
5555 memmove(code + (32 / sizeof(pcre_uchar)), code,
5556 IN_UCHARS(class_uchardata - code));
5557 if (negate_class && !xclass_has_prop)
5558 for (c = 0; c < 32; c++) classbits[c] = ~classbits[c];
5559 memcpy(code, classbits, 32);
5560 code = class_uchardata + (32 / sizeof(pcre_uchar));
5561 }
5562 else code = class_uchardata;
5563
5564 /* Now fill in the complete length of the item */
5565
5566 PUT(previous, 1, (int)(code - previous));
5567 break; /* End of class handling */
5568 }
5569
5570 /* Even though any XCLASS list is now discarded, we must allow for
5571 its memory. */
5572
5573 if (lengthptr != NULL)
5574 *lengthptr += (int)(class_uchardata - class_uchardata_base);
5575 #endif
5576
5577 /* If there are no characters > 255, or they are all to be included or
5578 excluded, set the opcode to OP_CLASS or OP_NCLASS, depending on whether the
5579 whole class was negated and whether there were negative specials such as \S
5580 (non-UCP) in the class. Then copy the 32-byte map into the code vector,
5581 negating it if necessary. */
5582
5583 *code++ = (negate_class == should_flip_negation) ? OP_CLASS : OP_NCLASS;
5584 if (lengthptr == NULL) /* Save time in the pre-compile phase */
5585 {
5586 if (negate_class)
5587 for (c = 0; c < 32; c++) classbits[c] = ~classbits[c];
5588 memcpy(code, classbits, 32);
5589 }
5590 code += 32 / sizeof(pcre_uchar);
5591
5592 END_CLASS:
5593 break;
5594
5595
5596 /* ===================================================================*/
5597 /* Various kinds of repeat; '{' is not necessarily a quantifier, but this
5598 has been tested above. */
5599
5600 case CHAR_LEFT_CURLY_BRACKET:
5601 if (!is_quantifier) goto NORMAL_CHAR;
5602 ptr = read_repeat_counts(ptr+1, &repeat_min, &repeat_max, errorcodeptr);
5603 if (*errorcodeptr != 0) goto FAILED;
5604 goto REPEAT;
5605
5606 case CHAR_ASTERISK:
5607 repeat_min = 0;
5608 repeat_max = -1;
5609 goto REPEAT;
5610
5611 case CHAR_PLUS:
5612 repeat_min = 1;
5613 repeat_max = -1;
5614 goto REPEAT;
5615
5616 case CHAR_QUESTION_MARK:
5617 repeat_min = 0;
5618 repeat_max = 1;
5619
5620 REPEAT:
5621 if (previous == NULL)
5622 {
5623 *errorcodeptr = ERR9;
5624 goto FAILED;
5625 }
5626
5627 if (repeat_min == 0)
5628 {
5629 firstchar = zerofirstchar; /* Adjust for zero repeat */
5630 firstcharflags = zerofirstcharflags;
5631 reqchar = zeroreqchar; /* Ditto */
5632 reqcharflags = zeroreqcharflags;
5633 }
5634
5635 /* Remember whether this is a variable length repeat */
5636
5637 reqvary = (repeat_min == repeat_max)? 0 : REQ_VARY;
5638
5639 op_type = 0; /* Default single-char op codes */
5640 possessive_quantifier = FALSE; /* Default not possessive quantifier */
5641
5642 /* Save start of previous item, in case we have to move it up in order to
5643 insert something before it. */
5644
5645 tempcode = previous;
5646
5647 /* Before checking for a possessive quantifier, we must skip over
5648 whitespace and comments in extended mode because Perl allows white space at
5649 this point. */
5650
5651 if ((options & PCRE_EXTENDED) != 0)
5652 {
5653 const pcre_uchar *p = ptr + 1;
5654 for (;;)
5655 {
5656 while (MAX_255(*p) && (cd->ctypes[*p] & ctype_space) != 0) p++;
5657 if (*p != CHAR_NUMBER_SIGN) break;
5658 p++;
5659 while (*p != CHAR_NULL)
5660 {
5661 if (IS_NEWLINE(p)) /* For non-fixed-length newline cases, */
5662 { /* IS_NEWLINE sets cd->nllen. */
5663 p += cd->nllen;
5664 break;
5665 }
5666 p++;
5667 #ifdef SUPPORT_UTF
5668 if (utf) FORWARDCHAR(p);
5669 #endif
5670 } /* Loop for comment characters */
5671 } /* Loop for multiple comments */
5672 ptr = p - 1; /* Character before the next significant one. */
5673 }
5674
5675 /* If the next character is '+', we have a possessive quantifier. This
5676 implies greediness, whatever the setting of the PCRE_UNGREEDY option.
5677 If the next character is '?' this is a minimizing repeat, by default,
5678 but if PCRE_UNGREEDY is set, it works the other way round. We change the
5679 repeat type to the non-default. */
5680
5681 if (ptr[1] == CHAR_PLUS)
5682 {
5683 repeat_type = 0; /* Force greedy */
5684 possessive_quantifier = TRUE;
5685 ptr++;
5686 }
5687 else if (ptr[1] == CHAR_QUESTION_MARK)
5688 {
5689 repeat_type = greedy_non_default;
5690 ptr++;
5691 }
5692 else repeat_type = greedy_default;
5693
5694 /* If previous was a recursion call, wrap it in atomic brackets so that
5695 previous becomes the atomic group. All recursions were so wrapped in the
5696 past, but it no longer happens for non-repeated recursions. In fact, the
5697 repeated ones could be re-implemented independently so as not to need this,
5698 but for the moment we rely on the code for repeating groups. */
5699
5700 if (*previous == OP_RECURSE)
5701 {
5702 memmove(previous + 1 + LINK_SIZE, previous, IN_UCHARS(1 + LINK_SIZE));
5703 *previous = OP_ONCE;
5704 PUT(previous, 1, 2 + 2*LINK_SIZE);
5705 previous[2 + 2*LINK_SIZE] = OP_KET;
5706 PUT(previous, 3 + 2*LINK_SIZE, 2 + 2*LINK_SIZE);
5707 code += 2 + 2 * LINK_SIZE;
5708 length_prevgroup = 3 + 3*LINK_SIZE;
5709
5710 /* When actually compiling, we need to check whether this was a forward
5711 reference, and if so, adjust the offset. */
5712
5713 if (lengthptr == NULL && cd->hwm >= cd->start_workspace + LINK_SIZE)
5714 {
5715 int offset = GET(cd->hwm, -LINK_SIZE);
5716 if (offset == previous + 1 - cd->start_code)
5717 PUT(cd->hwm, -LINK_SIZE, offset + 1 + LINK_SIZE);
5718 }
5719 }
5720
5721 /* Now handle repetition for the different types of item. */
5722
5723 /* If previous was a character or negated character match, abolish the item
5724 and generate a repeat item instead. If a char item has a minimum of more
5725 than one, ensure that it is set in reqchar - it might not be if a sequence
5726 such as x{3} is the first thing in a branch because the x will have gone
5727 into firstchar instead. */
5728
5729 if (*previous == OP_CHAR || *previous == OP_CHARI
5730 || *previous == OP_NOT || *previous == OP_NOTI)
5731 {
5732 switch (*previous)
5733 {
5734 default: /* Make compiler happy. */
5735 case OP_CHAR: op_type = OP_STAR - OP_STAR; break;
5736 case OP_CHARI: op_type = OP_STARI - OP_STAR; break;
5737 case OP_NOT: op_type = OP_NOTSTAR - OP_STAR; break;
5738 case OP_NOTI: op_type = OP_NOTSTARI - OP_STAR; break;
5739 }
5740
5741 /* Deal with UTF characters that take up more than one character. It's
5742 easier to write this out separately than try to macrify it. Use c to
5743 hold the length of the character in bytes, plus UTF_LENGTH to flag that
5744 it's a length rather than a small character. */
5745
5746 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
5747 if (utf && NOT_FIRSTCHAR(code[-1]))
5748 {
5749 pcre_uchar *lastchar = code - 1;
5750 BACKCHAR(lastchar);
5751 c = (int)(code - lastchar); /* Length of UTF-8 character */
5752 memcpy(utf_chars, lastchar, IN_UCHARS(c)); /* Save the char */
5753 c |= UTF_LENGTH; /* Flag c as a length */
5754 }
5755 else
5756 #endif /* SUPPORT_UTF */
5757
5758 /* Handle the case of a single charater - either with no UTF support, or
5759 with UTF disabled, or for a single character UTF character. */
5760 {
5761 c = code[-1];
5762 if (*previous <= OP_CHARI && repeat_min > 1)
5763 {
5764 reqchar = c;
5765 reqcharflags = req_caseopt | cd->req_varyopt;
5766 }
5767 }
5768
5769 goto OUTPUT_SINGLE_REPEAT; /* Code shared with single character types */
5770 }
5771
5772 /* If previous was a character type match (\d or similar), abolish it and
5773 create a suitable repeat item. The code is shared with single-character
5774 repeats by setting op_type to add a suitable offset into repeat_type. Note
5775 the the Unicode property types will be present only when SUPPORT_UCP is
5776 defined, but we don't wrap the little bits of code here because it just
5777 makes it horribly messy. */
5778
5779 else if (*previous < OP_EODN)
5780 {
5781 pcre_uchar *oldcode;
5782 int prop_type, prop_value;
5783 op_type = OP_TYPESTAR - OP_STAR; /* Use type opcodes */
5784 c = *previous;
5785
5786 OUTPUT_SINGLE_REPEAT:
5787 if (*previous == OP_PROP || *previous == OP_NOTPROP)
5788 {
5789 prop_type = previous[1];
5790 prop_value = previous[2];
5791 }
5792 else prop_type = prop_value = -1;
5793
5794 oldcode = code;
5795 code = previous; /* Usually overwrite previous item */
5796
5797 /* If the maximum is zero then the minimum must also be zero; Perl allows
5798 this case, so we do too - by simply omitting the item altogether. */
5799
5800 if (repeat_max == 0) goto END_REPEAT;
5801
5802 /* Combine the op_type with the repeat_type */
5803
5804 repeat_type += op_type;
5805
5806 /* A minimum of zero is handled either as the special case * or ?, or as
5807 an UPTO, with the maximum given. */
5808
5809 if (repeat_min == 0)
5810 {
5811 if (repeat_max == -1) *code++ = OP_STAR + repeat_type;
5812 else if (repeat_max == 1) *code++ = OP_QUERY + repeat_type;
5813 else
5814 {
5815 *code++ = OP_UPTO + repeat_type;
5816 PUT2INC(code, 0, repeat_max);
5817 }
5818 }
5819
5820 /* A repeat minimum of 1 is optimized into some special cases. If the
5821 maximum is unlimited, we use OP_PLUS. Otherwise, the original item is
5822 left in place and, if the maximum is greater than 1, we use OP_UPTO with
5823 one less than the maximum. */
5824
5825 else if (repeat_min == 1)
5826 {
5827 if (repeat_max == -1)
5828 *code++ = OP_PLUS + repeat_type;
5829 else
5830 {
5831 code = oldcode; /* leave previous item in place */
5832 if (repeat_max == 1) goto END_REPEAT;
5833 *code++ = OP_UPTO + repeat_type;
5834 PUT2INC(code, 0, repeat_max - 1);
5835 }
5836 }
5837
5838 /* The case {n,n} is just an EXACT, while the general case {n,m} is
5839 handled as an EXACT followed by an UPTO. */
5840
5841 else
5842 {
5843 *code++ = OP_EXACT + op_type; /* NB EXACT doesn't have repeat_type */
5844 PUT2INC(code, 0, repeat_min);
5845
5846 /* If the maximum is unlimited, insert an OP_STAR. Before doing so,
5847 we have to insert the character for the previous code. For a repeated
5848 Unicode property match, there are two extra bytes that define the
5849 required property. In UTF-8 mode, long characters have their length in
5850 c, with the UTF_LENGTH bit as a flag. */
5851
5852 if (repeat_max < 0)
5853 {
5854 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
5855 if (utf && (c & UTF_LENGTH) != 0)
5856 {
5857 memcpy(code, utf_chars, IN_UCHARS(c & 7));
5858 code += c & 7;
5859 }
5860 else
5861 #endif
5862 {
5863 *code++ = c;
5864 if (prop_type >= 0)
5865 {
5866 *code++ = prop_type;
5867 *code++ = prop_value;
5868 }
5869 }
5870 *code++ = OP_STAR + repeat_type;
5871 }
5872
5873 /* Else insert an UPTO if the max is greater than the min, again
5874 preceded by the character, for the previously inserted code. If the
5875 UPTO is just for 1 instance, we can use QUERY instead. */
5876
5877 else if (repeat_max != repeat_min)
5878 {
5879 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
5880 if (utf && (c & UTF_LENGTH) != 0)
5881 {
5882 memcpy(code, utf_chars, IN_UCHARS(c & 7));
5883 code += c & 7;
5884 }
5885 else
5886 #endif
5887 *code++ = c;
5888 if (prop_type >= 0)
5889 {
5890 *code++ = prop_type;
5891 *code++ = prop_value;
5892 }
5893 repeat_max -= repeat_min;
5894
5895 if (repeat_max == 1)
5896 {
5897 *code++ = OP_QUERY + repeat_type;
5898 }
5899 else
5900 {
5901 *code++ = OP_UPTO + repeat_type;
5902 PUT2INC(code, 0, repeat_max);
5903 }
5904 }
5905 }
5906
5907 /* The character or character type itself comes last in all cases. */
5908
5909 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
5910 if (utf && (c & UTF_LENGTH) != 0)
5911 {
5912 memcpy(code, utf_chars, IN_UCHARS(c & 7));
5913 code += c & 7;
5914 }
5915 else
5916 #endif
5917 *code++ = c;
5918
5919 /* For a repeated Unicode property match, there are two extra bytes that
5920 define the required property. */
5921
5922 #ifdef SUPPORT_UCP
5923 if (prop_type >= 0)
5924 {
5925 *code++ = prop_type;
5926 *code++ = prop_value;
5927 }
5928 #endif
5929 }
5930
5931 /* If previous was a character class or a back reference, we put the repeat
5932 stuff after it, but just skip the item if the repeat was {0,0}. */
5933
5934 else if (*previous == OP_CLASS || *previous == OP_NCLASS ||
5935 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
5936 *previous == OP_XCLASS ||
5937 #endif
5938 *previous == OP_REF || *previous == OP_REFI ||
5939 *previous == OP_DNREF || *previous == OP_DNREFI)
5940 {
5941 if (repeat_max == 0)
5942 {
5943 code = previous;
5944 goto END_REPEAT;
5945 }
5946
5947 if (repeat_min == 0 && repeat_max == -1)
5948 *code++ = OP_CRSTAR + repeat_type;
5949 else if (repeat_min == 1 && repeat_max == -1)
5950 *code++ = OP_CRPLUS + repeat_type;
5951 else if (repeat_min == 0 && repeat_max == 1)
5952 *code++ = OP_CRQUERY + repeat_type;
5953 else
5954 {
5955 *code++ = OP_CRRANGE + repeat_type;
5956 PUT2INC(code, 0, repeat_min);
5957 if (repeat_max == -1) repeat_max = 0; /* 2-byte encoding for max */
5958 PUT2INC(code, 0, repeat_max);
5959 }
5960 }
5961
5962 /* If previous was a bracket group, we may have to replicate it in certain
5963 cases. Note that at this point we can encounter only the "basic" bracket
5964 opcodes such as BRA and CBRA, as this is the place where they get converted
5965 into the more special varieties such as BRAPOS and SBRA. A test for >=
5966 OP_ASSERT and <= OP_COND includes ASSERT, ASSERT_NOT, ASSERTBACK,
5967 ASSERTBACK_NOT, ONCE, ONCE_NC, BRA, BRAPOS, CBRA, CBRAPOS, and COND.
5968 Originally, PCRE did not allow repetition of assertions, but now it does,
5969 for Perl compatibility. */
5970
5971 else if (*previous >= OP_ASSERT && *previous <= OP_COND)
5972 {
5973 register int i;
5974 int len = (int)(code - previous);
5975 size_t base_hwm_offset = item_hwm_offset;
5976 pcre_uchar *bralink = NULL;
5977 pcre_uchar *brazeroptr = NULL;
5978
5979 /* Repeating a DEFINE group is pointless, but Perl allows the syntax, so
5980 we just ignore the repeat. */
5981
5982 if (*previous == OP_COND && previous[LINK_SIZE+1] == OP_DEF)
5983 goto END_REPEAT;
5984
5985 /* There is no sense in actually repeating assertions. The only potential
5986 use of repetition is in cases when the assertion is optional. Therefore,
5987 if the minimum is greater than zero, just ignore the repeat. If the
5988 maximum is not zero or one, set it to 1. */
5989
5990 if (*previous < OP_ONCE) /* Assertion */
5991 {
5992 if (repeat_min > 0) goto END_REPEAT;
5993 if (repeat_max < 0 || repeat_max > 1) repeat_max = 1;
5994 }
5995
5996 /* The case of a zero minimum is special because of the need to stick
5997 OP_BRAZERO in front of it, and because the group appears once in the
5998 data, whereas in other cases it appears the minimum number of times. For
5999 this reason, it is simplest to treat this case separately, as otherwise
6000 the code gets far too messy. There are several special subcases when the
6001 minimum is zero. */
6002
6003 if (repeat_min == 0)
6004 {
6005 /* If the maximum is also zero, we used to just omit the group from the
6006 output altogether, like this:
6007
6008 ** if (repeat_max == 0)
6009 ** {
6010 ** code = previous;
6011 ** goto END_REPEAT;
6012 ** }
6013
6014 However, that fails when a group or a subgroup within it is referenced
6015 as a subroutine from elsewhere in the pattern, so now we stick in
6016 OP_SKIPZERO in front of it so that it is skipped on execution. As we
6017 don't have a list of which groups are referenced, we cannot do this
6018 selectively.
6019
6020 If the maximum is 1 or unlimited, we just have to stick in the BRAZERO
6021 and do no more at this point. However, we do need to adjust any
6022 OP_RECURSE calls inside the group that refer to the group itself or any
6023 internal or forward referenced group, because the offset is from the
6024 start of the whole regex. Temporarily terminate the pattern while doing
6025 this. */
6026
6027 if (repeat_max <= 1) /* Covers 0, 1, and unlimited */
6028 {
6029 *code = OP_END;
6030 adjust_recurse(previous, 1, utf, cd, item_hwm_offset);
6031 memmove(previous + 1, previous, IN_UCHARS(len));
6032 code++;
6033 if (repeat_max == 0)
6034 {
6035 *previous++ = OP_SKIPZERO;
6036 goto END_REPEAT;
6037 }
6038 brazeroptr = previous; /* Save for possessive optimizing */
6039 *previous++ = OP_BRAZERO + repeat_type;
6040 }
6041
6042 /* If the maximum is greater than 1 and limited, we have to replicate
6043 in a nested fashion, sticking OP_BRAZERO before each set of brackets.
6044 The first one has to be handled carefully because it's the original
6045 copy, which has to be moved up. The remainder can be handled by code
6046 that is common with the non-zero minimum case below. We have to
6047 adjust the value or repeat_max, since one less copy is required. Once
6048 again, we may have to adjust any OP_RECURSE calls inside the group. */
6049
6050 else
6051 {
6052 int offset;
6053 *code = OP_END;
6054 adjust_recurse(previous, 2 + LINK_SIZE, utf, cd, item_hwm_offset);
6055 memmove(previous + 2 + LINK_SIZE, previous, IN_UCHARS(len));
6056 code += 2 + LINK_SIZE;
6057 *previous++ = OP_BRAZERO + repeat_type;
6058 *previous++ = OP_BRA;
6059
6060 /* We chain together the bracket offset fields that have to be
6061 filled in later when the ends of the brackets are reached. */
6062
6063 offset = (bralink == NULL)? 0 : (int)(previous - bralink);
6064 bralink = previous;
6065 PUTINC(previous, 0, offset);
6066 }
6067
6068 repeat_max--;
6069 }
6070
6071 /* If the minimum is greater than zero, replicate the group as many
6072 times as necessary, and adjust the maximum to the number of subsequent
6073 copies that we need. If we set a first char from the group, and didn't
6074 set a required char, copy the latter from the former. If there are any
6075 forward reference subroutine calls in the group, there will be entries on
6076 the workspace list; replicate these with an appropriate increment. */
6077
6078 else
6079 {
6080 if (repeat_min > 1)
6081 {
6082 /* In the pre-compile phase, we don't actually do the replication. We
6083 just adjust the length as if we had. Do some paranoid checks for
6084 potential integer overflow. The INT64_OR_DOUBLE type is a 64-bit
6085 integer type when available, otherwise double. */
6086
6087 if (lengthptr != NULL)
6088 {
6089 int delta = (repeat_min - 1)*length_prevgroup;
6090 if ((INT64_OR_DOUBLE)(repeat_min - 1)*
6091 (INT64_OR_DOUBLE)length_prevgroup >
6092 (INT64_OR_DOUBLE)INT_MAX ||
6093 OFLOW_MAX - *lengthptr < delta)
6094 {
6095 *errorcodeptr = ERR20;
6096 goto FAILED;
6097 }
6098 *lengthptr += delta;
6099 }
6100
6101 /* This is compiling for real. If there is a set first byte for
6102 the group, and we have not yet set a "required byte", set it. Make
6103 sure there is enough workspace for copying forward references before
6104 doing the copy. */
6105
6106 else
6107 {
6108 if (groupsetfirstchar && reqcharflags < 0)
6109 {
6110 reqchar = firstchar;
6111 reqcharflags = firstcharflags;
6112 }
6113
6114 for (i = 1; i < repeat_min; i++)
6115 {
6116 pcre_uchar *hc;
6117 size_t this_hwm_offset = cd->hwm - cd->start_workspace;
6118 memcpy(code, previous, IN_UCHARS(len));
6119
6120 while (cd->hwm > cd->start_workspace + cd->workspace_size -
6121 WORK_SIZE_SAFETY_MARGIN -
6122 (this_hwm_offset - base_hwm_offset))
6123 {
6124 *errorcodeptr = expand_workspace(cd);
6125 if (*errorcodeptr != 0) goto FAILED;
6126 }
6127
6128 for (hc = (pcre_uchar *)cd->start_workspace + base_hwm_offset;
6129 hc < (pcre_uchar *)cd->start_workspace + this_hwm_offset;
6130 hc += LINK_SIZE)
6131 {
6132 PUT(cd->hwm, 0, GET(hc, 0) + len);
6133 cd->hwm += LINK_SIZE;
6134 }
6135 base_hwm_offset = this_hwm_offset;
6136 code += len;
6137 }
6138 }
6139 }
6140
6141 if (repeat_max > 0) repeat_max -= repeat_min;
6142 }
6143
6144 /* This code is common to both the zero and non-zero minimum cases. If
6145 the maximum is limited, it replicates the group in a nested fashion,
6146 remembering the bracket starts on a stack. In the case of a zero minimum,
6147 the first one was set up above. In all cases the repeat_max now specifies
6148 the number of additional copies needed. Again, we must remember to
6149 replicate entries on the forward reference list. */
6150
6151 if (repeat_max >= 0)
6152 {
6153 /* In the pre-compile phase, we don't actually do the replication. We
6154 just adjust the length as if we had. For each repetition we must add 1
6155 to the length for BRAZERO and for all but the last repetition we must
6156 add 2 + 2*LINKSIZE to allow for the nesting that occurs. Do some
6157 paranoid checks to avoid integer overflow. The INT64_OR_DOUBLE type is
6158 a 64-bit integer type when available, otherwise double. */
6159
6160 if (lengthptr != NULL && repeat_max > 0)
6161 {
6162 int delta = repeat_max * (length_prevgroup + 1 + 2 + 2*LINK_SIZE) -
6163 2 - 2*LINK_SIZE; /* Last one doesn't nest */
6164 if ((INT64_OR_DOUBLE)repeat_max *
6165 (INT64_OR_DOUBLE)(length_prevgroup + 1 + 2 + 2*LINK_SIZE)
6166 > (INT64_OR_DOUBLE)INT_MAX ||
6167 OFLOW_MAX - *lengthptr < delta)
6168 {
6169 *errorcodeptr = ERR20;
6170 goto FAILED;
6171 }
6172 *lengthptr += delta;
6173 }
6174
6175 /* This is compiling for real */
6176
6177 else for (i = repeat_max - 1; i >= 0; i--)
6178 {
6179 pcre_uchar *hc;
6180 size_t this_hwm_offset = cd->hwm - cd->start_workspace;
6181
6182 *code++ = OP_BRAZERO + repeat_type;
6183
6184 /* All but the final copy start a new nesting, maintaining the
6185 chain of brackets outstanding. */
6186
6187 if (i != 0)
6188 {
6189 int offset;
6190 *code++ = OP_BRA;
6191 offset = (bralink == NULL)? 0 : (int)(code - bralink);
6192 bralink = code;
6193 PUTINC(code, 0, offset);
6194 }
6195
6196 memcpy(code, previous, IN_UCHARS(len));
6197
6198 /* Ensure there is enough workspace for forward references before
6199 copying them. */
6200
6201 while (cd->hwm > cd->start_workspace + cd->workspace_size -
6202 WORK_SIZE_SAFETY_MARGIN -
6203 (this_hwm_offset - base_hwm_offset))
6204 {
6205 *errorcodeptr = expand_workspace(cd);
6206 if (*errorcodeptr != 0) goto FAILED;
6207 }
6208
6209 for (hc = (pcre_uchar *)cd->start_workspace + base_hwm_offset;
6210 hc < (pcre_uchar *)cd->start_workspace + this_hwm_offset;
6211 hc += LINK_SIZE)
6212 {
6213 PUT(cd->hwm, 0, GET(hc, 0) + len + ((i != 0)? 2+LINK_SIZE : 1));
6214 cd->hwm += LINK_SIZE;
6215 }
6216 base_hwm_offset = this_hwm_offset;
6217 code += len;
6218 }
6219
6220 /* Now chain through the pending brackets, and fill in their length
6221 fields (which are holding the chain links pro tem). */
6222
6223 while (bralink != NULL)
6224 {
6225 int oldlinkoffset;
6226 int offset = (int)(code - bralink + 1);
6227 pcre_uchar *bra = code - offset;
6228 oldlinkoffset = GET(bra, 1);
6229 bralink = (oldlinkoffset == 0)? NULL : bralink - oldlinkoffset;
6230 *code++ = OP_KET;
6231 PUTINC(code, 0, offset);
6232 PUT(bra, 1, offset);
6233 }
6234 }
6235
6236 /* If the maximum is unlimited, set a repeater in the final copy. For
6237 ONCE brackets, that's all we need to do. However, possessively repeated
6238 ONCE brackets can be converted into non-capturing brackets, as the
6239 behaviour of (?:xx)++ is the same as (?>xx)++ and this saves having to
6240 deal with possessive ONCEs specially.
6241
6242 Otherwise, when we are doing the actual compile phase, check to see
6243 whether this group is one that could match an empty string. If so,
6244 convert the initial operator to the S form (e.g. OP_BRA -> OP_SBRA) so
6245 that runtime checking can be done. [This check is also applied to ONCE
6246 groups at runtime, but in a different way.]
6247
6248 Then, if the quantifier was possessive and the bracket is not a
6249 conditional, we convert the BRA code to the POS form, and the KET code to
6250 KETRPOS. (It turns out to be convenient at runtime to detect this kind of
6251 subpattern at both the start and at the end.) The use of special opcodes
6252 makes it possible to reduce greatly the stack usage in pcre_exec(). If
6253 the group is preceded by OP_BRAZERO, convert this to OP_BRAPOSZERO.
6254
6255 Then, if the minimum number of matches is 1 or 0, cancel the possessive
6256 flag so that the default action below, of wrapping everything inside
6257 atomic brackets, does not happen. When the minimum is greater than 1,
6258 there will be earlier copies of the group, and so we still have to wrap
6259 the whole thing. */
6260
6261 else
6262 {
6263 pcre_uchar *ketcode = code - 1 - LINK_SIZE;
6264 pcre_uchar *bracode = ketcode - GET(ketcode, 1);
6265
6266 /* Convert possessive ONCE brackets to non-capturing */
6267
6268 if ((*bracode == OP_ONCE || *bracode == OP_ONCE_NC) &&
6269 possessive_quantifier) *bracode = OP_BRA;
6270
6271 /* For non-possessive ONCE brackets, all we need to do is to
6272 set the KET. */
6273
6274 if (*bracode == OP_ONCE || *bracode == OP_ONCE_NC)
6275 *ketcode = OP_KETRMAX + repeat_type;
6276
6277 /* Handle non-ONCE brackets and possessive ONCEs (which have been
6278 converted to non-capturing above). */
6279
6280 else
6281 {
6282 /* In the compile phase, check for empty string matching. */
6283
6284 if (lengthptr == NULL)
6285 {
6286 pcre_uchar *scode = bracode;
6287 do
6288 {
6289 if (could_be_empty_branch(scode, ketcode, utf, cd, NULL))
6290 {
6291 *bracode += OP_SBRA - OP_BRA;
6292 break;
6293 }
6294 scode += GET(scode, 1);
6295 }
6296 while (*scode == OP_ALT);
6297 }
6298
6299 /* A conditional group with only one branch has an implicit empty
6300 alternative branch. */
6301
6302 if (*bracode == OP_COND && bracode[GET(bracode,1)] != OP_ALT)
6303 *bracode = OP_SCOND;
6304
6305 /* Handle possessive quantifiers. */
6306
6307 if (possessive_quantifier)
6308 {
6309 /* For COND brackets, we wrap the whole thing in a possessively
6310 repeated non-capturing bracket, because we have not invented POS
6311 versions of the COND opcodes. Because we are moving code along, we
6312 must ensure that any pending recursive references are updated. */
6313
6314 if (*bracode == OP_COND || *bracode == OP_SCOND)
6315 {
6316 int nlen = (int)(code - bracode);
6317 *code = OP_END;
6318 adjust_recurse(bracode, 1 + LINK_SIZE, utf, cd, item_hwm_offset);
6319 memmove(bracode + 1 + LINK_SIZE, bracode, IN_UCHARS(nlen));
6320 code += 1 + LINK_SIZE;
6321 nlen += 1 + LINK_SIZE;
6322 *bracode = (*bracode == OP_COND)? OP_BRAPOS : OP_SBRAPOS;
6323 *code++ = OP_KETRPOS;
6324 PUTINC(code, 0, nlen);
6325 PUT(bracode, 1, nlen);
6326 }
6327
6328 /* For non-COND brackets, we modify the BRA code and use KETRPOS. */
6329
6330 else
6331 {
6332 *bracode += 1; /* Switch to xxxPOS opcodes */
6333 *ketcode = OP_KETRPOS;
6334 }
6335
6336 /* If the minimum is zero, mark it as possessive, then unset the
6337 possessive flag when the minimum is 0 or 1. */
6338
6339 if (brazeroptr != NULL) *brazeroptr = OP_BRAPOSZERO;
6340 if (repeat_min < 2) possessive_quantifier = FALSE;
6341 }
6342
6343 /* Non-possessive quantifier */
6344
6345 else *ketcode = OP_KETRMAX + repeat_type;
6346 }
6347 }
6348 }
6349
6350 /* If previous is OP_FAIL, it was generated by an empty class [] in
6351 JavaScript mode. The other ways in which OP_FAIL can be generated, that is
6352 by (*FAIL) or (?!) set previous to NULL, which gives a "nothing to repeat"
6353 error above. We can just ignore the repeat in JS case. */
6354
6355 else if (*previous == OP_FAIL) goto END_REPEAT;
6356
6357 /* Else there's some kind of shambles */
6358
6359 else
6360 {
6361 *errorcodeptr = ERR11;
6362 goto FAILED;
6363 }
6364
6365 /* If the character following a repeat is '+', possessive_quantifier is
6366 TRUE. For some opcodes, there are special alternative opcodes for this
6367 case. For anything else, we wrap the entire repeated item inside OP_ONCE
6368 brackets. Logically, the '+' notation is just syntactic sugar, taken from
6369 Sun's Java package, but the special opcodes can optimize it.
6370
6371 Some (but not all) possessively repeated subpatterns have already been
6372 completely handled in the code just above. For them, possessive_quantifier
6373 is always FALSE at this stage. Note that the repeated item starts at
6374 tempcode, not at previous, which might be the first part of a string whose
6375 (former) last char we repeated. */
6376
6377 if (possessive_quantifier)
6378 {
6379 int len;
6380
6381 /* Possessifying an EXACT quantifier has no effect, so we can ignore it.
6382 However, QUERY, STAR, or UPTO may follow (for quantifiers such as {5,6},
6383 {5,}, or {5,10}). We skip over an EXACT item; if the length of what
6384 remains is greater than zero, there's a further opcode that can be
6385 handled. If not, do nothing, leaving the EXACT alone. */
6386
6387 switch(*tempcode)
6388 {
6389 case OP_TYPEEXACT:
6390 tempcode += PRIV(OP_lengths)[*tempcode] +
6391 ((tempcode[1 + IMM2_SIZE] == OP_PROP
6392 || tempcode[1 + IMM2_SIZE] == OP_NOTPROP)? 2 : 0);
6393 break;
6394
6395 /* CHAR opcodes are used for exacts whose count is 1. */
6396
6397 case OP_CHAR:
6398 case OP_CHARI:
6399 case OP_NOT:
6400 case OP_NOTI:
6401 case OP_EXACT:
6402 case OP_EXACTI:
6403 case OP_NOTEXACT:
6404 case OP_NOTEXACTI:
6405 tempcode += PRIV(OP_lengths)[*tempcode];
6406 #ifdef SUPPORT_UTF
6407 if (utf && HAS_EXTRALEN(tempcode[-1]))
6408 tempcode += GET_EXTRALEN(tempcode[-1]);
6409 #endif
6410 break;
6411
6412 /* For the class opcodes, the repeat operator appears at the end;
6413 adjust tempcode to point to it. */
6414
6415 case OP_CLASS:
6416 case OP_NCLASS:
6417 tempcode += 1 + 32/sizeof(pcre_uchar);
6418 break;
6419
6420 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
6421 case OP_XCLASS:
6422 tempcode += GET(tempcode, 1);
6423 break;
6424 #endif
6425 }
6426
6427 /* If tempcode is equal to code (which points to the end of the repeated
6428 item), it means we have skipped an EXACT item but there is no following
6429 QUERY, STAR, or UPTO; the value of len will be 0, and we do nothing. In
6430 all other cases, tempcode will be pointing to the repeat opcode, and will
6431 be less than code, so the value of len will be greater than 0. */
6432
6433 len = (int)(code - tempcode);
6434 if (len > 0)
6435 {
6436 unsigned int repcode = *tempcode;
6437
6438 /* There is a table for possessifying opcodes, all of which are less
6439 than OP_CALLOUT. A zero entry means there is no possessified version.
6440 */
6441
6442 if (repcode < OP_CALLOUT && opcode_possessify[repcode] > 0)
6443 *tempcode = opcode_possessify[repcode];
6444
6445 /* For opcode without a special possessified version, wrap the item in
6446 ONCE brackets. Because we are moving code along, we must ensure that any
6447 pending recursive references are updated. */
6448
6449 else
6450 {
6451 *code = OP_END;
6452 adjust_recurse(tempcode, 1 + LINK_SIZE, utf, cd, item_hwm_offset);
6453 memmove(tempcode + 1 + LINK_SIZE, tempcode, IN_UCHARS(len));
6454 code += 1 + LINK_SIZE;
6455 len += 1 + LINK_SIZE;
6456 tempcode[0] = OP_ONCE;
6457 *code++ = OP_KET;
6458 PUTINC(code, 0, len);
6459 PUT(tempcode, 1, len);
6460 }
6461 }
6462
6463 #ifdef NEVER
6464 if (len > 0) switch (*tempcode)
6465 {
6466 case OP_STAR: *tempcode = OP_POSSTAR; break;
6467 case OP_PLUS: *tempcode = OP_POSPLUS; break;
6468 case OP_QUERY: *tempcode = OP_POSQUERY; break;
6469 case OP_UPTO: *tempcode = OP_POSUPTO; break;
6470
6471 case OP_STARI: *tempcode = OP_POSSTARI; break;
6472 case OP_PLUSI: *tempcode = OP_POSPLUSI; break;
6473 case OP_QUERYI: *tempcode = OP_POSQUERYI; break;
6474 case OP_UPTOI: *tempcode = OP_POSUPTOI; break;
6475
6476 case OP_NOTSTAR: *tempcode = OP_NOTPOSSTAR; break;
6477 case OP_NOTPLUS: *tempcode = OP_NOTPOSPLUS; break;
6478 case OP_NOTQUERY: *tempcode = OP_NOTPOSQUERY; break;
6479 case OP_NOTUPTO: *tempcode = OP_NOTPOSUPTO; break;
6480
6481 case OP_NOTSTARI: *tempcode = OP_NOTPOSSTARI; break;
6482 case OP_NOTPLUSI: *tempcode = OP_NOTPOSPLUSI; break;
6483 case OP_NOTQUERYI: *tempcode = OP_NOTPOSQUERYI; break;
6484 case OP_NOTUPTOI: *tempcode = OP_NOTPOSUPTOI; break;
6485
6486 case OP_TYPESTAR: *tempcode = OP_TYPEPOSSTAR; break;
6487 case OP_TYPEPLUS: *tempcode = OP_TYPEPOSPLUS; break;
6488 case OP_TYPEQUERY: *tempcode = OP_TYPEPOSQUERY; break;
6489 case OP_TYPEUPTO: *tempcode = OP_TYPEPOSUPTO; break;
6490
6491 case OP_CRSTAR: *tempcode = OP_CRPOSSTAR; break;
6492 case OP_CRPLUS: *tempcode = OP_CRPOSPLUS; break;
6493 case OP_CRQUERY: *tempcode = OP_CRPOSQUERY; break;
6494 case OP_CRRANGE: *tempcode = OP_CRPOSRANGE; break;
6495
6496 /* Because we are moving code along, we must ensure that any
6497 pending recursive references are updated. */
6498
6499 default:
6500 *code = OP_END;
6501 adjust_recurse(tempcode, 1 + LINK_SIZE, utf, cd, item_hwm_offset);
6502 memmove(tempcode + 1 + LINK_SIZE, tempcode, IN_UCHARS(len));
6503 code += 1 + LINK_SIZE;
6504 len += 1 + LINK_SIZE;
6505 tempcode[0] = OP_ONCE;
6506 *code++ = OP_KET;
6507 PUTINC(code, 0, len);
6508 PUT(tempcode, 1, len);
6509 break;
6510 }
6511 #endif
6512 }
6513
6514 /* In all case we no longer have a previous item. We also set the
6515 "follows varying string" flag for subsequently encountered reqchars if
6516 it isn't already set and we have just passed a varying length item. */
6517
6518 END_REPEAT:
6519 previous = NULL;
6520 cd->req_varyopt |= reqvary;
6521 break;
6522
6523
6524 /* ===================================================================*/
6525 /* Start of nested parenthesized sub-expression, or comment or lookahead or
6526 lookbehind or option setting or condition or all the other extended
6527 parenthesis forms. */
6528
6529 case CHAR_LEFT_PARENTHESIS:
6530 ptr++;
6531
6532 /* First deal with comments. Putting this code right at the start ensures
6533 that comments have no bad side effects. */
6534
6535 if (ptr[0] == CHAR_QUESTION_MARK && ptr[1] == CHAR_NUMBER_SIGN)
6536 {
6537 ptr += 2;
6538 while (*ptr != CHAR_NULL && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
6539 if (*ptr == CHAR_NULL)
6540 {
6541 *errorcodeptr = ERR18;
6542 goto FAILED;
6543 }
6544 continue;
6545 }
6546
6547 /* Now deal with various "verbs" that can be introduced by '*'. */
6548
6549 if (ptr[0] == CHAR_ASTERISK && (ptr[1] == ':'
6550 || (MAX_255(ptr[1]) && ((cd->ctypes[ptr[1]] & ctype_letter) != 0))))
6551 {
6552 int i, namelen;
6553 int arglen = 0;
6554 const char *vn = verbnames;
6555 const pcre_uchar *name = ptr + 1;
6556 const pcre_uchar *arg = NULL;
6557 previous = NULL;
6558 ptr++;
6559 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_letter) != 0) ptr++;
6560 namelen = (int)(ptr - name);
6561
6562 /* It appears that Perl allows any characters whatsoever, other than
6563 a closing parenthesis, to appear in arguments, so we no longer insist on
6564 letters, digits, and underscores. */
6565
6566 if (*ptr == CHAR_COLON)
6567 {
6568 arg = ++ptr;
6569 while (*ptr != CHAR_NULL && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
6570 arglen = (int)(ptr - arg);
6571 if ((unsigned int)arglen > MAX_MARK)
6572 {
6573 *errorcodeptr = ERR75;
6574 goto FAILED;
6575 }
6576 }
6577
6578 if (*ptr != CHAR_RIGHT_PARENTHESIS)
6579 {
6580 *errorcodeptr = ERR60;
6581 goto FAILED;
6582 }
6583
6584 /* Scan the table of verb names */
6585
6586 for (i = 0; i < verbcount; i++)
6587 {
6588 if (namelen == verbs[i].len &&
6589 STRNCMP_UC_C8(name, vn, namelen) == 0)
6590 {
6591 int setverb;
6592
6593 /* Check for open captures before ACCEPT and convert it to
6594 ASSERT_ACCEPT if in an assertion. */
6595
6596 if (verbs[i].op == OP_ACCEPT)
6597 {
6598 open_capitem *oc;
6599 if (arglen != 0)
6600 {
6601 *errorcodeptr = ERR59;
6602 goto FAILED;
6603 }
6604 cd->had_accept = TRUE;
6605 for (oc = cd->open_caps; oc != NULL; oc = oc->next)
6606 {
6607 *code++ = OP_CLOSE;
6608 PUT2INC(code, 0, oc->number);
6609 }
6610 setverb = *code++ =
6611 (cd->assert_depth > 0)? OP_ASSERT_ACCEPT : OP_ACCEPT;
6612
6613 /* Do not set firstchar after *ACCEPT */
6614 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
6615 }
6616
6617 /* Handle other cases with/without an argument */
6618
6619 else if (arglen == 0)
6620 {
6621 if (verbs[i].op < 0) /* Argument is mandatory */
6622 {
6623 *errorcodeptr = ERR66;
6624 goto FAILED;
6625 }
6626 setverb = *code++ = verbs[i].op;
6627 }
6628
6629 else
6630 {
6631 if (verbs[i].op_arg < 0) /* Argument is forbidden */
6632 {
6633 *errorcodeptr = ERR59;
6634 goto FAILED;
6635 }
6636 setverb = *code++ = verbs[i].op_arg;
6637 if (lengthptr != NULL) /* In pass 1 just add in the length */
6638 { /* to avoid potential workspace */
6639 *lengthptr += arglen; /* overflow. */
6640 *code++ = 0;
6641 }
6642 else
6643 {
6644 *code++ = arglen;
6645 memcpy(code, arg, IN_UCHARS(arglen));
6646 code += arglen;
6647 }
6648 *code++ = 0;
6649 }
6650
6651 switch (setverb)
6652 {
6653 case OP_THEN:
6654 case OP_THEN_ARG:
6655 cd->external_flags |= PCRE_HASTHEN;
6656 break;
6657
6658 case OP_PRUNE:
6659 case OP_PRUNE_ARG:
6660 case OP_SKIP:
6661 case OP_SKIP_ARG:
6662 cd->had_pruneorskip = TRUE;
6663 break;
6664 }
6665
6666 break; /* Found verb, exit loop */
6667 }
6668
6669 vn += verbs[i].len + 1;
6670 }
6671
6672 if (i < verbcount) continue; /* Successfully handled a verb */
6673 *errorcodeptr = ERR60; /* Verb not recognized */
6674 goto FAILED;
6675 }
6676
6677 /* Initialize for "real" parentheses */
6678
6679 newoptions = options;
6680 skipbytes = 0;
6681 bravalue = OP_CBRA;
6682 item_hwm_offset = cd->hwm - cd->start_workspace;
6683 reset_bracount = FALSE;
6684
6685 /* Deal with the extended parentheses; all are introduced by '?', and the
6686 appearance of any of them means that this is not a capturing group. */
6687
6688 if (*ptr == CHAR_QUESTION_MARK)
6689 {
6690 int i, set, unset, namelen;
6691 int *optset;
6692 const pcre_uchar *name;
6693 pcre_uchar *slot;
6694
6695 switch (*(++ptr))
6696 {
6697 /* ------------------------------------------------------------ */
6698 case CHAR_VERTICAL_LINE: /* Reset capture count for each branch */
6699 reset_bracount = TRUE;
6700 cd->dupgroups = TRUE; /* Record (?| encountered */
6701 /* Fall through */
6702
6703 /* ------------------------------------------------------------ */
6704 case CHAR_COLON: /* Non-capturing bracket */
6705 bravalue = OP_BRA;
6706 ptr++;
6707 break;
6708
6709
6710 /* ------------------------------------------------------------ */
6711 case CHAR_LEFT_PARENTHESIS:
6712 bravalue = OP_COND; /* Conditional group */
6713 tempptr = ptr;
6714
6715 /* A condition can be an assertion, a number (referring to a numbered
6716 group's having been set), a name (referring to a named group), or 'R',
6717 referring to recursion. R<digits> and R&name are also permitted for
6718 recursion tests.
6719
6720 There are ways of testing a named group: (?(name)) is used by Python;
6721 Perl 5.10 onwards uses (?(<name>) or (?('name')).
6722
6723 There is one unfortunate ambiguity, caused by history. 'R' can be the
6724 recursive thing or the name 'R' (and similarly for 'R' followed by
6725 digits). We look for a name first; if not found, we try the other case.
6726
6727 For compatibility with auto-callouts, we allow a callout to be
6728 specified before a condition that is an assertion. First, check for the
6729 syntax of a callout; if found, adjust the temporary pointer that is
6730 used to check for an assertion condition. That's all that is needed! */
6731
6732 if (ptr[1] == CHAR_QUESTION_MARK && ptr[2] == CHAR_C)
6733 {
6734 for (i = 3;; i++) if (!IS_DIGIT(ptr[i])) break;
6735 if (ptr[i] == CHAR_RIGHT_PARENTHESIS)
6736 tempptr += i + 1;
6737 }
6738
6739 /* For conditions that are assertions, check the syntax, and then exit
6740 the switch. This will take control down to where bracketed groups,
6741 including assertions, are processed. */
6742
6743 if (tempptr[1] == CHAR_QUESTION_MARK &&
6744 (tempptr[2] == CHAR_EQUALS_SIGN ||
6745 tempptr[2] == CHAR_EXCLAMATION_MARK ||
6746 (tempptr[2] == CHAR_LESS_THAN_SIGN &&
6747 (tempptr[3] == CHAR_EQUALS_SIGN ||
6748 tempptr[3] == CHAR_EXCLAMATION_MARK))))
6749 {
6750 cd->iscondassert = TRUE;
6751 break;
6752 }
6753
6754 /* Other conditions use OP_CREF/OP_DNCREF/OP_RREF/OP_DNRREF, and all
6755 need to skip at least 1+IMM2_SIZE bytes at the start of the group. */
6756
6757 code[1+LINK_SIZE] = OP_CREF;
6758 skipbytes = 1+IMM2_SIZE;
6759 refsign = -1; /* => not a number */
6760 namelen = -1; /* => not a name; must set to avoid warning */
6761 name = NULL; /* Always set to avoid warning */
6762 recno = 0; /* Always set to avoid warning */
6763
6764 /* Check for a test for recursion in a named group. */
6765
6766 ptr++;
6767 if (*ptr == CHAR_R && ptr[1] == CHAR_AMPERSAND)
6768 {
6769 terminator = -1;
6770 ptr += 2;
6771 code[1+LINK_SIZE] = OP_RREF; /* Change the type of test */
6772 }
6773
6774 /* Check for a test for a named group's having been set, using the Perl
6775 syntax (?(<name>) or (?('name'), and also allow for the original PCRE
6776 syntax of (?(name) or for (?(+n), (?(-n), and just (?(n). */
6777
6778 else if (*ptr == CHAR_LESS_THAN_SIGN)
6779 {
6780 terminator = CHAR_GREATER_THAN_SIGN;
6781 ptr++;
6782 }
6783 else if (*ptr == CHAR_APOSTROPHE)
6784 {
6785 terminator = CHAR_APOSTROPHE;
6786 ptr++;
6787 }
6788 else
6789 {
6790 terminator = CHAR_NULL;
6791 if (*ptr == CHAR_MINUS || *ptr == CHAR_PLUS) refsign = *ptr++;
6792 else if (IS_DIGIT(*ptr)) refsign = 0;
6793 }
6794
6795 /* Handle a number */
6796
6797 if (refsign >= 0)
6798 {
6799 while (IS_DIGIT(*ptr))
6800 {
6801 if (recno > INT_MAX / 10 - 1) /* Integer overflow */
6802 {
6803 while (IS_DIGIT(*ptr)) ptr++;
6804 *errorcodeptr = ERR61;
6805 goto FAILED;
6806 }
6807 recno = recno * 10 + (int)(*ptr - CHAR_0);
6808 ptr++;
6809 }
6810 }
6811
6812 /* Otherwise we expect to read a name; anything else is an error. When
6813 a name is one of a number of duplicates, a different opcode is used and
6814 it needs more memory. Unfortunately we cannot tell whether a name is a
6815 duplicate in the first pass, so we have to allow for more memory. */
6816
6817 else
6818 {
6819 if (IS_DIGIT(*ptr))
6820 {
6821 *errorcodeptr = ERR84;
6822 goto FAILED;
6823 }
6824 if (!MAX_255(*ptr) || (cd->ctypes[*ptr] & ctype_word) == 0)
6825 {
6826 *errorcodeptr = ERR28; /* Assertion expected */
6827 goto FAILED;
6828 }
6829 name = ptr++;
6830 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_word) != 0)
6831 {
6832 ptr++;
6833 }
6834 namelen = (int)(ptr - name);
6835 if (lengthptr != NULL) skipbytes += IMM2_SIZE;
6836 }
6837
6838 /* Check the terminator */
6839
6840 if ((terminator > 0 && *ptr++ != (pcre_uchar)terminator) ||
6841 *ptr++ != CHAR_RIGHT_PARENTHESIS)
6842 {
6843 ptr--; /* Error offset */
6844 *errorcodeptr = ERR26; /* Malformed number or name */
6845 goto FAILED;
6846 }
6847
6848 /* Do no further checking in the pre-compile phase. */
6849
6850 if (lengthptr != NULL) break;
6851
6852 /* In the real compile we do the work of looking for the actual
6853 reference. If refsign is not negative, it means we have a number in
6854 recno. */
6855
6856 if (refsign >= 0)
6857 {
6858 if (recno <= 0)
6859 {
6860 *errorcodeptr = ERR35;
6861 goto FAILED;
6862 }
6863 if (refsign != 0) recno = (refsign == CHAR_MINUS)?
6864 cd->bracount - recno + 1 : recno + cd->bracount;
6865 if (recno <= 0 || recno > cd->final_bracount)
6866 {
6867 *errorcodeptr = ERR15;
6868 goto FAILED;
6869 }
6870 PUT2(code, 2+LINK_SIZE, recno);
6871 if (recno > cd->top_backref) cd->top_backref = recno;
6872 break;
6873 }
6874
6875 /* Otherwise look for the name. */
6876
6877 slot = cd->name_table;
6878 for (i = 0; i < cd->names_found; i++)
6879 {
6880 if (STRNCMP_UC_UC(name, slot+IMM2_SIZE, namelen) == 0) break;
6881 slot += cd->name_entry_size;
6882 }
6883
6884 /* Found the named subpattern. If the name is duplicated, add one to
6885 the opcode to change CREF/RREF into DNCREF/DNRREF and insert
6886 appropriate data values. Otherwise, just insert the unique subpattern
6887 number. */
6888
6889 if (i < cd->names_found)
6890 {
6891 int offset = i++;
6892 int count = 1;
6893 recno = GET2(slot, 0); /* Number from first found */
6894 if (recno > cd->top_backref) cd->top_backref = recno;
6895 for (; i < cd->names_found; i++)
6896 {
6897 slot += cd->name_entry_size;
6898 if (STRNCMP_UC_UC(name, slot+IMM2_SIZE, namelen) != 0 ||
6899 (slot+IMM2_SIZE)[namelen] != 0) break;
6900 count++;
6901 }
6902
6903 if (count > 1)
6904 {
6905 PUT2(code, 2+LINK_SIZE, offset);
6906 PUT2(code, 2+LINK_SIZE+IMM2_SIZE, count);
6907 skipbytes += IMM2_SIZE;
6908 code[1+LINK_SIZE]++;
6909 }
6910 else /* Not a duplicated name */
6911 {
6912 PUT2(code, 2+LINK_SIZE, recno);
6913 }
6914 }
6915
6916 /* If terminator == CHAR_NULL it means that the name followed directly
6917 after the opening parenthesis [e.g. (?(abc)...] and in this case there
6918 are some further alternatives to try. For the cases where terminator !=
6919 CHAR_NULL [things like (?(<name>... or (?('name')... or (?(R&name)... ]
6920 we have now checked all the possibilities, so give an error. */
6921
6922 else if (terminator != CHAR_NULL)
6923 {
6924 *errorcodeptr = ERR15;
6925 goto FAILED;
6926 }
6927
6928 /* Check for (?(R) for recursion. Allow digits after R to specify a
6929 specific group number. */
6930
6931 else if (*name == CHAR_R)
6932 {
6933 recno = 0;
6934 for (i = 1; i < namelen; i++)
6935 {
6936 if (!IS_DIGIT(name[i]))
6937 {
6938 *errorcodeptr = ERR15;
6939 goto FAILED;
6940 }
6941 if (recno > INT_MAX / 10 - 1) /* Integer overflow */
6942 {
6943 *errorcodeptr = ERR61;
6944 goto FAILED;
6945 }
6946 recno = recno * 10 + name[i] - CHAR_0;
6947 }
6948 if (recno == 0) recno = RREF_ANY;
6949 code[1+LINK_SIZE] = OP_RREF; /* Change test type */
6950 PUT2(code, 2+LINK_SIZE, recno);
6951 }
6952
6953 /* Similarly, check for the (?(DEFINE) "condition", which is always
6954 false. */
6955
6956 else if (namelen == 6 && STRNCMP_UC_C8(name, STRING_DEFINE, 6) == 0)
6957 {
6958 code[1+LINK_SIZE] = OP_DEF;
6959 skipbytes = 1;
6960 }
6961
6962 /* Reference to an unidentified subpattern. */
6963
6964 else
6965 {
6966 *errorcodeptr = ERR15;
6967 goto FAILED;
6968 }
6969 break;
6970
6971
6972 /* ------------------------------------------------------------ */
6973 case CHAR_EQUALS_SIGN: /* Positive lookahead */
6974 bravalue = OP_ASSERT;
6975 cd->assert_depth += 1;
6976 ptr++;
6977 break;
6978
6979 /* Optimize (?!) to (*FAIL) unless it is quantified - which is a weird
6980 thing to do, but Perl allows all assertions to be quantified, and when
6981 they contain capturing parentheses there may be a potential use for
6982 this feature. Not that that applies to a quantified (?!) but we allow
6983 it for uniformity. */
6984
6985 /* ------------------------------------------------------------ */
6986 case CHAR_EXCLAMATION_MARK: /* Negative lookahead */
6987 ptr++;
6988 if (*ptr == CHAR_RIGHT_PARENTHESIS && ptr[1] != CHAR_ASTERISK &&
6989 ptr[1] != CHAR_PLUS && ptr[1] != CHAR_QUESTION_MARK &&
6990 (ptr[1] != CHAR_LEFT_CURLY_BRACKET || !is_counted_repeat(ptr+2)))
6991 {
6992 *code++ = OP_FAIL;
6993 previous = NULL;
6994 continue;
6995 }
6996 bravalue = OP_ASSERT_NOT;
6997 cd->assert_depth += 1;
6998 break;
6999
7000
7001 /* ------------------------------------------------------------ */
7002 case CHAR_LESS_THAN_SIGN: /* Lookbehind or named define */
7003 switch (ptr[1])
7004 {
7005 case CHAR_EQUALS_SIGN: /* Positive lookbehind */
7006 bravalue = OP_ASSERTBACK;
7007 cd->assert_depth += 1;
7008 ptr += 2;
7009 break;
7010
7011 case CHAR_EXCLAMATION_MARK: /* Negative lookbehind */
7012 bravalue = OP_ASSERTBACK_NOT;
7013 cd->assert_depth += 1;
7014 ptr += 2;
7015 break;
7016
7017 default: /* Could be name define, else bad */
7018 if (MAX_255(ptr[1]) && (cd->ctypes[ptr[1]] & ctype_word) != 0)
7019 goto DEFINE_NAME;
7020 ptr++; /* Correct offset for error */
7021 *errorcodeptr = ERR24;
7022 goto FAILED;
7023 }
7024 break;
7025
7026
7027 /* ------------------------------------------------------------ */
7028 case CHAR_GREATER_THAN_SIGN: /* One-time brackets */
7029 bravalue = OP_ONCE;
7030 ptr++;
7031 break;
7032
7033
7034 /* ------------------------------------------------------------ */
7035 case CHAR_C: /* Callout - may be followed by digits; */
7036 previous_callout = code; /* Save for later completion */
7037 after_manual_callout = 1; /* Skip one item before completing */
7038 *code++ = OP_CALLOUT;
7039 {
7040 int n = 0;
7041 ptr++;
7042 while(IS_DIGIT(*ptr))
7043 n = n * 10 + *ptr++ - CHAR_0;
7044 if (*ptr != CHAR_RIGHT_PARENTHESIS)
7045 {
7046 *errorcodeptr = ERR39;
7047 goto FAILED;
7048 }
7049 if (n > 255)
7050 {
7051 *errorcodeptr = ERR38;
7052 goto FAILED;
7053 }
7054 *code++ = n;
7055 PUT(code, 0, (int)(ptr - cd->start_pattern + 1)); /* Pattern offset */
7056 PUT(code, LINK_SIZE, 0); /* Default length */
7057 code += 2 * LINK_SIZE;
7058 }
7059 previous = NULL;
7060 continue;
7061
7062
7063 /* ------------------------------------------------------------ */
7064 case CHAR_P: /* Python-style named subpattern handling */
7065 if (*(++ptr) == CHAR_EQUALS_SIGN ||
7066 *ptr == CHAR_GREATER_THAN_SIGN) /* Reference or recursion */
7067 {
7068 is_recurse = *ptr == CHAR_GREATER_THAN_SIGN;
7069 terminator = CHAR_RIGHT_PARENTHESIS;
7070 goto NAMED_REF_OR_RECURSE;
7071 }
7072 else if (*ptr != CHAR_LESS_THAN_SIGN) /* Test for Python-style defn */
7073 {
7074 *errorcodeptr = ERR41;
7075 goto FAILED;
7076 }
7077 /* Fall through to handle (?P< as (?< is handled */
7078
7079
7080 /* ------------------------------------------------------------ */
7081 DEFINE_NAME: /* Come here from (?< handling */
7082 case CHAR_APOSTROPHE:
7083 terminator = (*ptr == CHAR_LESS_THAN_SIGN)?
7084 CHAR_GREATER_THAN_SIGN : CHAR_APOSTROPHE;
7085 name = ++ptr;
7086 if (IS_DIGIT(*ptr))
7087 {
7088 *errorcodeptr = ERR84; /* Group name must start with non-digit */
7089 goto FAILED;
7090 }
7091 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_word) != 0) ptr++;
7092 namelen = (int)(ptr - name);
7093
7094 /* In the pre-compile phase, do a syntax check, remember the longest
7095 name, and then remember the group in a vector, expanding it if
7096 necessary. Duplicates for the same number are skipped; other duplicates
7097 are checked for validity. In the actual compile, there is nothing to
7098 do. */
7099
7100 if (lengthptr != NULL)
7101 {
7102 named_group *ng;
7103 pcre_uint32 number = cd->bracount + 1;
7104
7105 if (*ptr != (pcre_uchar)terminator)
7106 {
7107 *errorcodeptr = ERR42;
7108 goto FAILED;
7109 }
7110
7111 if (cd->names_found >= MAX_NAME_COUNT)
7112 {
7113 *errorcodeptr = ERR49;
7114 goto FAILED;
7115 }
7116
7117 if (namelen + IMM2_SIZE + 1 > cd->name_entry_size)
7118 {
7119 cd->name_entry_size = namelen + IMM2_SIZE + 1;
7120 if (namelen > MAX_NAME_SIZE)
7121 {
7122 *errorcodeptr = ERR48;
7123 goto FAILED;
7124 }
7125 }
7126
7127 /* Scan the list to check for duplicates. For duplicate names, if the
7128 number is the same, break the loop, which causes the name to be
7129 discarded; otherwise, if DUPNAMES is not set, give an error.
7130 If it is set, allow the name with a different number, but continue
7131 scanning in case this is a duplicate with the same number. For
7132 non-duplicate names, give an error if the number is duplicated. */
7133
7134 ng = cd->named_groups;
7135 for (i = 0; i < cd->names_found; i++, ng++)
7136 {
7137 if (namelen == ng->length &&
7138 STRNCMP_UC_UC(name, ng->name, namelen) == 0)
7139 {
7140 if (ng->number == number) break;
7141 if ((options & PCRE_DUPNAMES) == 0)
7142 {
7143 *errorcodeptr = ERR43;
7144 goto FAILED;
7145 }
7146 cd->dupnames = TRUE; /* Duplicate names exist */
7147 }
7148 else if (ng->number == number)
7149 {
7150 *errorcodeptr = ERR65;
7151 goto FAILED;
7152 }
7153 }
7154
7155 if (i >= cd->names_found) /* Not a duplicate with same number */
7156 {
7157 /* Increase the list size if necessary */
7158
7159 if (cd->names_found >= cd->named_group_list_size)
7160 {
7161 int newsize = cd->named_group_list_size * 2;
7162 named_group *newspace = (PUBL(malloc))
7163 (newsize * sizeof(named_group));
7164
7165 if (newspace == NULL)
7166 {
7167 *errorcodeptr = ERR21;
7168 goto FAILED;
7169 }
7170
7171 memcpy(newspace, cd->named_groups,
7172 cd->named_group_list_size * sizeof(named_group));
7173 if (cd->named_group_list_size > NAMED_GROUP_LIST_SIZE)
7174 (PUBL(free))((void *)cd->named_groups);
7175 cd->named_groups = newspace;
7176 cd->named_group_list_size = newsize;
7177 }
7178
7179 cd->named_groups[cd->names_found].name = name;
7180 cd->named_groups[cd->names_found].length = namelen;
7181 cd->named_groups[cd->names_found].number = number;
7182 cd->names_found++;
7183 }
7184 }
7185
7186 ptr++; /* Move past > or ' in both passes. */
7187 goto NUMBERED_GROUP;
7188
7189
7190 /* ------------------------------------------------------------ */
7191 case CHAR_AMPERSAND: /* Perl recursion/subroutine syntax */
7192 terminator = CHAR_RIGHT_PARENTHESIS;
7193 is_recurse = TRUE;
7194 /* Fall through */
7195
7196 /* We come here from the Python syntax above that handles both
7197 references (?P=name) and recursion (?P>name), as well as falling
7198 through from the Perl recursion syntax (?&name). We also come here from
7199 the Perl \k<name> or \k'name' back reference syntax and the \k{name}
7200 .NET syntax, and the Oniguruma \g<...> and \g'...' subroutine syntax. */
7201
7202 NAMED_REF_OR_RECURSE:
7203 name = ++ptr;
7204 if (IS_DIGIT(*ptr))
7205 {
7206 *errorcodeptr = ERR84; /* Group name must start with non-digit */
7207 goto FAILED;
7208 }
7209 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_word) != 0) ptr++;
7210 namelen = (int)(ptr - name);
7211
7212 /* In the pre-compile phase, do a syntax check. We used to just set
7213 a dummy reference number, because it was not used in the first pass.
7214 However, with the change of recursive back references to be atomic,
7215 we have to look for the number so that this state can be identified, as
7216 otherwise the incorrect length is computed. If it's not a backwards
7217 reference, the dummy number will do. */
7218
7219 if (lengthptr != NULL)
7220 {
7221 named_group *ng;
7222 recno = 0;
7223
7224 if (namelen == 0)
7225 {
7226 *errorcodeptr = ERR62;
7227 goto FAILED;
7228 }
7229 if (*ptr != (pcre_uchar)terminator)
7230 {
7231 *errorcodeptr = ERR42;
7232 goto FAILED;
7233 }
7234 if (namelen > MAX_NAME_SIZE)
7235 {
7236 *errorcodeptr = ERR48;
7237 goto FAILED;
7238 }
7239
7240 /* Count named back references. */
7241
7242 if (!is_recurse) cd->namedrefcount++;
7243
7244 /* We have to allow for a named reference to a duplicated name (this
7245 cannot be determined until the second pass). This needs an extra
7246 16-bit data item. */
7247
7248 *lengthptr += IMM2_SIZE;
7249
7250 /* If this is a forward reference and we are within a (?|...) group,
7251 the reference may end up as the number of a group which we are
7252 currently inside, that is, it could be a recursive reference. In the
7253 real compile this will be picked up and the reference wrapped with
7254 OP_ONCE to make it atomic, so we must space in case this occurs. */
7255
7256 /* In fact, this can happen for a non-forward reference because
7257 another group with the same number might be created later. This
7258 issue is fixed "properly" in PCRE2. As PCRE1 is now in maintenance
7259 only mode, we finesse the bug by allowing more memory always. */
7260
7261 *lengthptr += 2 + 2*LINK_SIZE;
7262
7263 /* It is even worse than that. The current reference may be to an
7264 existing named group with a different number (so apparently not
7265 recursive) but which later on is also attached to a group with the
7266 current number. This can only happen if $(| has been previous
7267 encountered. In that case, we allow yet more memory, just in case.
7268 (Again, this is fixed "properly" in PCRE2. */
7269
7270 if (cd->dupgroups) *lengthptr += 4 + 4*LINK_SIZE;
7271
7272 /* Otherwise, check for recursion here. The name table does not exist
7273 in the first pass; instead we must scan the list of names encountered
7274 so far in order to get the number. If the name is not found, leave
7275 the value of recno as 0 for a forward reference. */
7276
7277 else
7278 {
7279 ng = cd->named_groups;
7280 for (i = 0; i < cd->names_found; i++, ng++)
7281 {
7282 if (namelen == ng->length &&
7283 STRNCMP_UC_UC(name, ng->name, namelen) == 0)
7284 {
7285 open_capitem *oc;
7286 recno = ng->number;
7287 if (is_recurse) break;
7288 for (oc = cd->open_caps; oc != NULL; oc = oc->next)
7289 {
7290 if (oc->number == recno)
7291 {
7292 oc->flag = TRUE;
7293 break;
7294 }
7295 }
7296 }
7297 }
7298 }
7299 }
7300
7301 /* In the real compile, search the name table. We check the name
7302 first, and then check that we have reached the end of the name in the
7303 table. That way, if the name is longer than any in the table, the
7304 comparison will fail without reading beyond the table entry. */
7305
7306 else
7307 {
7308 slot = cd->name_table;
7309 for (i = 0; i < cd->names_found; i++)
7310 {
7311 if (STRNCMP_UC_UC(name, slot+IMM2_SIZE, namelen) == 0 &&
7312 slot[IMM2_SIZE+namelen] == 0)
7313 break;
7314 slot += cd->name_entry_size;
7315 }
7316
7317 if (i < cd->names_found)
7318 {
7319 recno = GET2(slot, 0);
7320 }
7321 else
7322 {
7323 *errorcodeptr = ERR15;
7324 goto FAILED;
7325 }
7326 }
7327
7328 /* In both phases, for recursions, we can now go to the code than
7329 handles numerical recursion. */
7330
7331 if (is_recurse) goto HANDLE_RECURSION;
7332
7333 /* In the second pass we must see if the name is duplicated. If so, we
7334 generate a different opcode. */
7335
7336 if (lengthptr == NULL && cd->dupnames)
7337 {
7338 int count = 1;
7339 unsigned int index = i;
7340 pcre_uchar *cslot = slot + cd->name_entry_size;
7341
7342 for (i++; i < cd->names_found; i++)
7343 {
7344 if (STRCMP_UC_UC(slot + IMM2_SIZE, cslot + IMM2_SIZE) != 0) break;
7345 count++;
7346 cslot += cd->name_entry_size;
7347 }
7348
7349 if (count > 1)
7350 {
7351 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
7352 previous = code;
7353 item_hwm_offset = cd->hwm - cd->start_workspace;
7354 *code++ = ((options & PCRE_CASELESS) != 0)? OP_DNREFI : OP_DNREF;
7355 PUT2INC(code, 0, index);
7356 PUT2INC(code, 0, count);
7357
7358 /* Process each potentially referenced group. */
7359
7360 for (; slot < cslot; slot += cd->name_entry_size)
7361 {
7362 open_capitem *oc;
7363 recno = GET2(slot, 0);
7364 cd->backref_map |= (recno < 32)? (1 << recno) : 1;
7365 if (recno > cd->top_backref) cd->top_backref = recno;
7366
7367 /* Check to see if this back reference is recursive, that it, it
7368 is inside the group that it references. A flag is set so that the
7369 group can be made atomic. */
7370
7371 for (oc = cd->open_caps; oc != NULL; oc = oc->next)
7372 {
7373 if (oc->number == recno)
7374 {
7375 oc->flag = TRUE;
7376 break;
7377 }
7378 }
7379 }
7380
7381 continue; /* End of back ref handling */
7382 }
7383 }
7384
7385 /* First pass, or a non-duplicated name. */
7386
7387 goto HANDLE_REFERENCE;
7388
7389
7390 /* ------------------------------------------------------------ */
7391 case CHAR_R: /* Recursion, same as (?0) */
7392 recno = 0;
7393 if (*(++ptr) != CHAR_RIGHT_PARENTHESIS)
7394 {
7395 *errorcodeptr = ERR29;
7396 goto FAILED;
7397 }
7398 goto HANDLE_RECURSION;
7399
7400
7401 /* ------------------------------------------------------------ */
7402 case CHAR_MINUS: case CHAR_PLUS: /* Recursion or subroutine */
7403 case CHAR_0: case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4:
7404 case CHAR_5: case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
7405 {
7406 const pcre_uchar *called;
7407 terminator = CHAR_RIGHT_PARENTHESIS;
7408
7409 /* Come here from the \g<...> and \g'...' code (Oniguruma
7410 compatibility). However, the syntax has been checked to ensure that
7411 the ... are a (signed) number, so that neither ERR63 nor ERR29 will
7412 be called on this path, nor with the jump to OTHER_CHAR_AFTER_QUERY
7413 ever be taken. */
7414
7415 HANDLE_NUMERICAL_RECURSION:
7416
7417 if ((refsign = *ptr) == CHAR_PLUS)
7418 {
7419 ptr++;
7420 if (!IS_DIGIT(*ptr))
7421 {
7422 *errorcodeptr = ERR63;
7423 goto FAILED;
7424 }
7425 }
7426 else if (refsign == CHAR_MINUS)
7427 {
7428 if (!IS_DIGIT(ptr[1]))
7429 goto OTHER_CHAR_AFTER_QUERY;
7430 ptr++;
7431 }
7432
7433 recno = 0;
7434 while(IS_DIGIT(*ptr))
7435 {
7436 if (recno > INT_MAX / 10 - 1) /* Integer overflow */
7437 {
7438 while (IS_DIGIT(*ptr)) ptr++;
7439 *errorcodeptr = ERR61;
7440 goto FAILED;
7441 }
7442 recno = recno * 10 + *ptr++ - CHAR_0;
7443 }
7444
7445 if (*ptr != (pcre_uchar)terminator)
7446 {
7447 *errorcodeptr = ERR29;
7448 goto FAILED;
7449 }
7450
7451 if (refsign == CHAR_MINUS)
7452 {
7453 if (recno == 0)
7454 {
7455 *errorcodeptr = ERR58;
7456 goto FAILED;
7457 }
7458 recno = cd->bracount - recno + 1;
7459 if (recno <= 0)
7460 {
7461 *errorcodeptr = ERR15;
7462 goto FAILED;
7463 }
7464 }
7465 else if (refsign == CHAR_PLUS)
7466 {
7467 if (recno == 0)
7468 {
7469 *errorcodeptr = ERR58;
7470 goto FAILED;
7471 }
7472 recno += cd->bracount;
7473 }
7474
7475 /* Come here from code above that handles a named recursion */
7476
7477 HANDLE_RECURSION:
7478
7479 previous = code;
7480 item_hwm_offset = cd->hwm - cd->start_workspace;
7481 called = cd->start_code;
7482
7483 /* When we are actually compiling, find the bracket that is being
7484 referenced. Temporarily end the regex in case it doesn't exist before
7485 this point. If we end up with a forward reference, first check that
7486 the bracket does occur later so we can give the error (and position)
7487 now. Then remember this forward reference in the workspace so it can
7488 be filled in at the end. */
7489
7490 if (lengthptr == NULL)
7491 {
7492 *code = OP_END;
7493 if (recno != 0)
7494 called = PRIV(find_bracket)(cd->start_code, utf, recno);
7495
7496 /* Forward reference */
7497
7498 if (called == NULL)
7499 {
7500 if (recno > cd->final_bracount)
7501 {
7502 *errorcodeptr = ERR15;
7503 goto FAILED;
7504 }
7505
7506 /* Fudge the value of "called" so that when it is inserted as an
7507 offset below, what it actually inserted is the reference number
7508 of the group. Then remember the forward reference. */
7509
7510 called = cd->start_code + recno;
7511 if (cd->hwm >= cd->start_workspace + cd->workspace_size -
7512 WORK_SIZE_SAFETY_MARGIN)
7513 {
7514 *errorcodeptr = expand_workspace(cd);
7515 if (*errorcodeptr != 0) goto FAILED;
7516 }
7517 PUTINC(cd->hwm, 0, (int)(code + 1 - cd->start_code));
7518 }
7519
7520 /* If not a forward reference, and the subpattern is still open,
7521 this is a recursive call. We check to see if this is a left
7522 recursion that could loop for ever, and diagnose that case. We
7523 must not, however, do this check if we are in a conditional
7524 subpattern because the condition might be testing for recursion in
7525 a pattern such as /(?(R)a+|(?R)b)/, which is perfectly valid.
7526 Forever loops are also detected at runtime, so those that occur in
7527 conditional subpatterns will be picked up then. */
7528
7529 else if (GET(called, 1) == 0 && cond_depth <= 0 &&
7530 could_be_empty(called, code, bcptr, utf, cd))
7531 {
7532 *errorcodeptr = ERR40;
7533 goto FAILED;
7534 }
7535 }
7536
7537 /* Insert the recursion/subroutine item. It does not have a set first
7538 character (relevant if it is repeated, because it will then be
7539 wrapped with ONCE brackets). */
7540
7541 *code = OP_RECURSE;
7542 PUT(code, 1, (int)(called - cd->start_code));
7543 code += 1 + LINK_SIZE;
7544 groupsetfirstchar = FALSE;
7545 }
7546
7547 /* Can't determine a first byte now */
7548
7549 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
7550 continue;
7551
7552
7553 /* ------------------------------------------------------------ */
7554 default: /* Other characters: check option setting */
7555 OTHER_CHAR_AFTER_QUERY:
7556 set = unset = 0;
7557 optset = &set;
7558
7559 while (*ptr != CHAR_RIGHT_PARENTHESIS && *ptr != CHAR_COLON)
7560 {
7561 switch (*ptr++)
7562 {
7563 case CHAR_MINUS: optset = &unset; break;
7564
7565 case CHAR_J: /* Record that it changed in the external options */
7566 *optset |= PCRE_DUPNAMES;
7567 cd->external_flags |= PCRE_JCHANGED;
7568 break;
7569
7570 case CHAR_i: *optset |= PCRE_CASELESS; break;
7571 case CHAR_m: *optset |= PCRE_MULTILINE; break;
7572 case CHAR_s: *optset |= PCRE_DOTALL; break;
7573 case CHAR_x: *optset |= PCRE_EXTENDED; break;
7574 case CHAR_U: *optset |= PCRE_UNGREEDY; break;
7575 case CHAR_X: *optset |= PCRE_EXTRA; break;
7576
7577 default: *errorcodeptr = ERR12;
7578 ptr--; /* Correct the offset */
7579 goto FAILED;
7580 }
7581 }
7582
7583 /* Set up the changed option bits, but don't change anything yet. */
7584
7585 newoptions = (options | set) & (~unset);
7586
7587 /* If the options ended with ')' this is not the start of a nested
7588 group with option changes, so the options change at this level. If this
7589 item is right at the start of the pattern, the options can be
7590 abstracted and made external in the pre-compile phase, and ignored in
7591 the compile phase. This can be helpful when matching -- for instance in
7592 caseless checking of required bytes.
7593
7594 If the code pointer is not (cd->start_code + 1 + LINK_SIZE), we are
7595 definitely *not* at the start of the pattern because something has been
7596 compiled. In the pre-compile phase, however, the code pointer can have
7597 that value after the start, because it gets reset as code is discarded
7598 during the pre-compile. However, this can happen only at top level - if
7599 we are within parentheses, the starting BRA will still be present. At
7600 any parenthesis level, the length value can be used to test if anything
7601 has been compiled at that level. Thus, a test for both these conditions
7602 is necessary to ensure we correctly detect the start of the pattern in
7603 both phases.
7604
7605 If we are not at the pattern start, reset the greedy defaults and the
7606 case value for firstchar and reqchar. */
7607
7608 if (*ptr == CHAR_RIGHT_PARENTHESIS)
7609 {
7610 if (code == cd->start_code + 1 + LINK_SIZE &&
7611 (lengthptr == NULL || *lengthptr == 2 + 2*LINK_SIZE))
7612 {
7613 cd->external_options = newoptions;
7614 }
7615 else
7616 {
7617 greedy_default = ((newoptions & PCRE_UNGREEDY) != 0);
7618 greedy_non_default = greedy_default ^ 1;
7619 req_caseopt = ((newoptions & PCRE_CASELESS) != 0)? REQ_CASELESS:0;
7620 }
7621
7622 /* Change options at this level, and pass them back for use
7623 in subsequent branches. */
7624
7625 *optionsptr = options = newoptions;
7626 previous = NULL; /* This item can't be repeated */
7627 continue; /* It is complete */
7628 }
7629
7630 /* If the options ended with ':' we are heading into a nested group
7631 with possible change of options. Such groups are non-capturing and are
7632 not assertions of any kind. All we need to do is skip over the ':';
7633 the newoptions value is handled below. */
7634
7635 bravalue = OP_BRA;
7636 ptr++;
7637 } /* End of switch for character following (? */
7638 } /* End of (? handling */
7639
7640 /* Opening parenthesis not followed by '*' or '?'. If PCRE_NO_AUTO_CAPTURE
7641 is set, all unadorned brackets become non-capturing and behave like (?:...)
7642 brackets. */
7643
7644 else if ((options & PCRE_NO_AUTO_CAPTURE) != 0)
7645 {
7646 bravalue = OP_BRA;
7647 }
7648
7649 /* Else we have a capturing group. */
7650
7651 else
7652 {
7653 NUMBERED_GROUP:
7654 cd->bracount += 1;
7655 PUT2(code, 1+LINK_SIZE, cd->bracount);
7656 skipbytes = IMM2_SIZE;
7657 }
7658
7659 /* Process nested bracketed regex. First check for parentheses nested too
7660 deeply. */
7661
7662 if ((cd->parens_depth += 1) > PARENS_NEST_LIMIT)
7663 {
7664 *errorcodeptr = ERR82;
7665 goto FAILED;
7666 }
7667
7668 /* All assertions used not to be repeatable, but this was changed for Perl
7669 compatibility. All kinds can now be repeated except for assertions that are
7670 conditions (Perl also forbids these to be repeated). We copy code into a
7671 non-register variable (tempcode) in order to be able to pass its address
7672 because some compilers complain otherwise. At the start of a conditional
7673 group whose condition is an assertion, cd->iscondassert is set. We unset it
7674 here so as to allow assertions later in the group to be quantified. */
7675
7676 if (bravalue >= OP_ASSERT && bravalue <= OP_ASSERTBACK_NOT &&
7677 cd->iscondassert)
7678 {
7679 previous = NULL;
7680 cd->iscondassert = FALSE;
7681 }
7682 else
7683 {
7684 previous = code;
7685 item_hwm_offset = cd->hwm - cd->start_workspace;
7686 }
7687
7688 *code = bravalue;
7689 tempcode = code;
7690 tempreqvary = cd->req_varyopt; /* Save value before bracket */
7691 tempbracount = cd->bracount; /* Save value before bracket */
7692 length_prevgroup = 0; /* Initialize for pre-compile phase */
7693
7694 if (!compile_regex(
7695 newoptions, /* The complete new option state */
7696 &tempcode, /* Where to put code (updated) */
7697 &ptr, /* Input pointer (updated) */
7698 errorcodeptr, /* Where to put an error message */
7699 (bravalue == OP_ASSERTBACK ||
7700 bravalue == OP_ASSERTBACK_NOT), /* TRUE if back assert */
7701 reset_bracount, /* True if (?| group */
7702 skipbytes, /* Skip over bracket number */
7703 cond_depth +
7704 ((bravalue == OP_COND)?1:0), /* Depth of condition subpatterns */
7705 &subfirstchar, /* For possible first char */
7706 &subfirstcharflags,
7707 &subreqchar, /* For possible last char */
7708 &subreqcharflags,
7709 bcptr, /* Current branch chain */
7710 cd, /* Tables block */
7711 (lengthptr == NULL)? NULL : /* Actual compile phase */
7712 &length_prevgroup /* Pre-compile phase */
7713 ))
7714 goto FAILED;
7715
7716 cd->parens_depth -= 1;
7717
7718 /* If this was an atomic group and there are no capturing groups within it,
7719 generate OP_ONCE_NC instead of OP_ONCE. */
7720
7721 if (bravalue == OP_ONCE && cd->bracount <= tempbracount)
7722 *code = OP_ONCE_NC;
7723
7724 if (bravalue >= OP_ASSERT && bravalue <= OP_ASSERTBACK_NOT)
7725 cd->assert_depth -= 1;
7726
7727 /* At the end of compiling, code is still pointing to the start of the
7728 group, while tempcode has been updated to point past the end of the group.
7729 The pattern pointer (ptr) is on the bracket.
7730
7731 If this is a conditional bracket, check that there are no more than
7732 two branches in the group, or just one if it's a DEFINE group. We do this
7733 in the real compile phase, not in the pre-pass, where the whole group may
7734 not be available. */
7735
7736 if (bravalue == OP_COND && lengthptr == NULL)
7737 {
7738 pcre_uchar *tc = code;
7739 int condcount = 0;
7740
7741 do {
7742 condcount++;
7743 tc += GET(tc,1);
7744 }
7745 while (*tc != OP_KET);
7746
7747 /* A DEFINE group is never obeyed inline (the "condition" is always
7748 false). It must have only one branch. */
7749
7750 if (code[LINK_SIZE+1] == OP_DEF)
7751 {
7752 if (condcount > 1)
7753 {
7754 *errorcodeptr = ERR54;
7755 goto FAILED;
7756 }
7757 bravalue = OP_DEF; /* Just a flag to suppress char handling below */
7758 }
7759
7760 /* A "normal" conditional group. If there is just one branch, we must not
7761 make use of its firstchar or reqchar, because this is equivalent to an
7762 empty second branch. */
7763
7764 else
7765 {
7766 if (condcount > 2)
7767 {
7768 *errorcodeptr = ERR27;
7769 goto FAILED;
7770 }
7771 if (condcount == 1) subfirstcharflags = subreqcharflags = REQ_NONE;
7772 }
7773 }
7774
7775 /* Error if hit end of pattern */
7776
7777 if (*ptr != CHAR_RIGHT_PARENTHESIS)
7778 {
7779 *errorcodeptr = ERR14;
7780 goto FAILED;
7781 }
7782
7783 /* In the pre-compile phase, update the length by the length of the group,
7784 less the brackets at either end. Then reduce the compiled code to just a
7785 set of non-capturing brackets so that it doesn't use much memory if it is
7786 duplicated by a quantifier.*/
7787
7788 if (lengthptr != NULL)
7789 {
7790 if (OFLOW_MAX - *lengthptr < length_prevgroup - 2 - 2*LINK_SIZE)
7791 {
7792 *errorcodeptr = ERR20;
7793 goto FAILED;
7794 }
7795 *lengthptr += length_prevgroup - 2 - 2*LINK_SIZE;
7796 code++; /* This already contains bravalue */
7797 PUTINC(code, 0, 1 + LINK_SIZE);
7798 *code++ = OP_KET;
7799 PUTINC(code, 0, 1 + LINK_SIZE);
7800 break; /* No need to waste time with special character handling */
7801 }
7802
7803 /* Otherwise update the main code pointer to the end of the group. */
7804
7805 code = tempcode;
7806
7807 /* For a DEFINE group, required and first character settings are not
7808 relevant. */
7809
7810 if (bravalue == OP_DEF) break;
7811
7812 /* Handle updating of the required and first characters for other types of
7813 group. Update for normal brackets of all kinds, and conditions with two
7814 branches (see code above). If the bracket is followed by a quantifier with
7815 zero repeat, we have to back off. Hence the definition of zeroreqchar and
7816 zerofirstchar outside the main loop so that they can be accessed for the
7817 back off. */
7818
7819 zeroreqchar = reqchar;
7820 zeroreqcharflags = reqcharflags;
7821 zerofirstchar = firstchar;
7822 zerofirstcharflags = firstcharflags;
7823 groupsetfirstchar = FALSE;
7824
7825 if (bravalue >= OP_ONCE)
7826 {
7827 /* If we have not yet set a firstchar in this branch, take it from the
7828 subpattern, remembering that it was set here so that a repeat of more
7829 than one can replicate it as reqchar if necessary. If the subpattern has
7830 no firstchar, set "none" for the whole branch. In both cases, a zero
7831 repeat forces firstchar to "none". */
7832
7833 if (firstcharflags == REQ_UNSET)
7834 {
7835 if (subfirstcharflags >= 0)
7836 {
7837 firstchar = subfirstchar;
7838 firstcharflags = subfirstcharflags;
7839 groupsetfirstchar = TRUE;
7840 }
7841 else firstcharflags = REQ_NONE;
7842 zerofirstcharflags = REQ_NONE;
7843 }
7844
7845 /* If firstchar was previously set, convert the subpattern's firstchar
7846 into reqchar if there wasn't one, using the vary flag that was in
7847 existence beforehand. */
7848
7849 else if (subfirstcharflags >= 0 && subreqcharflags < 0)
7850 {
7851 subreqchar = subfirstchar;
7852 subreqcharflags = subfirstcharflags | tempreqvary;
7853 }
7854
7855 /* If the subpattern set a required byte (or set a first byte that isn't
7856 really the first byte - see above), set it. */
7857
7858 if (subreqcharflags >= 0)
7859 {
7860 reqchar = subreqchar;
7861 reqcharflags = subreqcharflags;
7862 }
7863 }
7864
7865 /* For a forward assertion, we take the reqchar, if set. This can be
7866 helpful if the pattern that follows the assertion doesn't set a different
7867 char. For example, it's useful for /(?=abcde).+/. We can't set firstchar
7868 for an assertion, however because it leads to incorrect effect for patterns
7869 such as /(?=a)a.+/ when the "real" "a" would then become a reqchar instead
7870 of a firstchar. This is overcome by a scan at the end if there's no
7871 firstchar, looking for an asserted first char. */
7872
7873 else if (bravalue == OP_ASSERT && subreqcharflags >= 0)
7874 {
7875 reqchar = subreqchar;
7876 reqcharflags = subreqcharflags;
7877 }
7878 break; /* End of processing '(' */
7879
7880
7881 /* ===================================================================*/
7882 /* Handle metasequences introduced by \. For ones like \d, the ESC_ values
7883 are arranged to be the negation of the corresponding OP_values in the
7884 default case when PCRE_UCP is not set. For the back references, the values
7885 are negative the reference number. Only back references and those types
7886 that consume a character may be repeated. We can test for values between
7887 ESC_b and ESC_Z for the latter; this may have to change if any new ones are
7888 ever created. */
7889
7890 case CHAR_BACKSLASH:
7891 tempptr = ptr;
7892 escape = check_escape(&ptr, &ec, errorcodeptr, cd->bracount, options, FALSE);
7893 if (*errorcodeptr != 0) goto FAILED;
7894
7895 if (escape == 0) /* The escape coded a single character */
7896 c = ec;
7897 else
7898 {
7899 if (escape == ESC_Q) /* Handle start of quoted string */
7900 {
7901 if (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
7902 ptr += 2; /* avoid empty string */
7903 else inescq = TRUE;
7904 continue;
7905 }
7906
7907 if (escape == ESC_E) continue; /* Perl ignores an orphan \E */
7908
7909 /* For metasequences that actually match a character, we disable the
7910 setting of a first character if it hasn't already been set. */
7911
7912 if (firstcharflags == REQ_UNSET && escape > ESC_b && escape < ESC_Z)
7913 firstcharflags = REQ_NONE;
7914
7915 /* Set values to reset to if this is followed by a zero repeat. */
7916
7917 zerofirstchar = firstchar;
7918 zerofirstcharflags = firstcharflags;
7919 zeroreqchar = reqchar;
7920 zeroreqcharflags = reqcharflags;
7921
7922 /* \g<name> or \g'name' is a subroutine call by name and \g<n> or \g'n'
7923 is a subroutine call by number (Oniguruma syntax). In fact, the value
7924 ESC_g is returned only for these cases. So we don't need to check for <
7925 or ' if the value is ESC_g. For the Perl syntax \g{n} the value is
7926 -n, and for the Perl syntax \g{name} the result is ESC_k (as
7927 that is a synonym for a named back reference). */
7928
7929 if (escape == ESC_g)
7930 {
7931 const pcre_uchar *p;
7932 pcre_uint32 cf;
7933
7934 item_hwm_offset = cd->hwm - cd->start_workspace; /* Normally this is set when '(' is read */
7935 terminator = (*(++ptr) == CHAR_LESS_THAN_SIGN)?
7936 CHAR_GREATER_THAN_SIGN : CHAR_APOSTROPHE;
7937
7938 /* These two statements stop the compiler for warning about possibly
7939 unset variables caused by the jump to HANDLE_NUMERICAL_RECURSION. In
7940 fact, because we do the check for a number below, the paths that
7941 would actually be in error are never taken. */
7942
7943 skipbytes = 0;
7944 reset_bracount = FALSE;
7945
7946 /* If it's not a signed or unsigned number, treat it as a name. */
7947
7948 cf = ptr[1];
7949 if (cf != CHAR_PLUS && cf != CHAR_MINUS && !IS_DIGIT(cf))
7950 {
7951 is_recurse = TRUE;
7952 goto NAMED_REF_OR_RECURSE;
7953 }
7954
7955 /* Signed or unsigned number (cf = ptr[1]) is known to be plus or minus
7956 or a digit. */
7957
7958 p = ptr + 2;
7959 while (IS_DIGIT(*p)) p++;
7960 if (*p != (pcre_uchar)terminator)
7961 {
7962 *errorcodeptr = ERR57;
7963 goto FAILED;
7964 }
7965 ptr++;
7966 goto HANDLE_NUMERICAL_RECURSION;
7967 }
7968
7969 /* \k<name> or \k'name' is a back reference by name (Perl syntax).
7970 We also support \k{name} (.NET syntax). */
7971
7972 if (escape == ESC_k)
7973 {
7974 if ((ptr[1] != CHAR_LESS_THAN_SIGN &&
7975 ptr[1] != CHAR_APOSTROPHE && ptr[1] != CHAR_LEFT_CURLY_BRACKET))
7976 {
7977 *errorcodeptr = ERR69;
7978 goto FAILED;
7979 }
7980 is_recurse = FALSE;
7981 terminator = (*(++ptr) == CHAR_LESS_THAN_SIGN)?
7982 CHAR_GREATER_THAN_SIGN : (*ptr == CHAR_APOSTROPHE)?
7983 CHAR_APOSTROPHE : CHAR_RIGHT_CURLY_BRACKET;
7984 goto NAMED_REF_OR_RECURSE;
7985 }
7986
7987 /* Back references are handled specially; must disable firstchar if
7988 not set to cope with cases like (?=(\w+))\1: which would otherwise set
7989 ':' later. */
7990
7991 if (escape < 0)
7992 {
7993 open_capitem *oc;
7994 recno = -escape;
7995
7996 /* Come here from named backref handling when the reference is to a
7997 single group (i.e. not to a duplicated name. */
7998
7999 HANDLE_REFERENCE:
8000 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
8001 previous = code;
8002 item_hwm_offset = cd->hwm - cd->start_workspace;
8003 *code++ = ((options & PCRE_CASELESS) != 0)? OP_REFI : OP_REF;
8004 PUT2INC(code, 0, recno);
8005 cd->backref_map |= (recno < 32)? (1 << recno) : 1;
8006 if (recno > cd->top_backref) cd->top_backref = recno;
8007
8008 /* Check to see if this back reference is recursive, that it, it
8009 is inside the group that it references. A flag is set so that the
8010 group can be made atomic. */
8011
8012 for (oc = cd->open_caps; oc != NULL; oc = oc->next)
8013 {
8014 if (oc->number == recno)
8015 {
8016 oc->flag = TRUE;
8017 break;
8018 }
8019 }
8020 }
8021
8022 /* So are Unicode property matches, if supported. */
8023
8024 #ifdef SUPPORT_UCP
8025 else if (escape == ESC_P || escape == ESC_p)
8026 {
8027 BOOL negated;
8028 unsigned int ptype = 0, pdata = 0;
8029 if (!get_ucp(&ptr, &negated, &ptype, &pdata, errorcodeptr))
8030 goto FAILED;
8031 previous = code;
8032 item_hwm_offset = cd->hwm - cd->start_workspace;
8033 *code++ = ((escape == ESC_p) != negated)? OP_PROP : OP_NOTPROP;
8034 *code++ = ptype;
8035 *code++ = pdata;
8036 }
8037 #else
8038
8039 /* If Unicode properties are not supported, \X, \P, and \p are not
8040 allowed. */
8041
8042 else if (escape == ESC_X || escape == ESC_P || escape == ESC_p)
8043 {
8044 *errorcodeptr = ERR45;
8045 goto FAILED;
8046 }
8047 #endif
8048
8049 /* For the rest (including \X when Unicode properties are supported), we
8050 can obtain the OP value by negating the escape value in the default
8051 situation when PCRE_UCP is not set. When it *is* set, we substitute
8052 Unicode property tests. Note that \b and \B do a one-character
8053 lookbehind, and \A also behaves as if it does. */
8054
8055 else
8056 {
8057 if ((escape == ESC_b || escape == ESC_B || escape == ESC_A) &&
8058 cd->max_lookbehind == 0)
8059 cd->max_lookbehind = 1;
8060 #ifdef SUPPORT_UCP
8061 if (escape >= ESC_DU && escape <= ESC_wu)
8062 {
8063 nestptr = ptr + 1; /* Where to resume */
8064 ptr = substitutes[escape - ESC_DU] - 1; /* Just before substitute */
8065 }
8066 else
8067 #endif
8068 /* In non-UTF-8 mode, we turn \C into OP_ALLANY instead of OP_ANYBYTE
8069 so that it works in DFA mode and in lookbehinds. */
8070
8071 {
8072 previous = (escape > ESC_b && escape < ESC_Z)? code : NULL;
8073 item_hwm_offset = cd->hwm - cd->start_workspace;
8074 *code++ = (!utf && escape == ESC_C)? OP_ALLANY : escape;
8075 }
8076 }
8077 continue;
8078 }
8079
8080 /* We have a data character whose value is in c. In UTF-8 mode it may have
8081 a value > 127. We set its representation in the length/buffer, and then
8082 handle it as a data character. */
8083
8084 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
8085 if (utf && c > MAX_VALUE_FOR_SINGLE_CHAR)
8086 mclength = PRIV(ord2utf)(c, mcbuffer);
8087 else
8088 #endif
8089
8090 {
8091 mcbuffer[0] = c;
8092 mclength = 1;
8093 }
8094 goto ONE_CHAR;
8095
8096
8097 /* ===================================================================*/
8098 /* Handle a literal character. It is guaranteed not to be whitespace or #
8099 when the extended flag is set. If we are in a UTF mode, it may be a
8100 multi-unit literal character. */
8101
8102 default:
8103 NORMAL_CHAR:
8104 mclength = 1;
8105 mcbuffer[0] = c;
8106
8107 #ifdef SUPPORT_UTF
8108 if (utf && HAS_EXTRALEN(c))
8109 ACROSSCHAR(TRUE, ptr[1], mcbuffer[mclength++] = *(++ptr));
8110 #endif
8111
8112 /* At this point we have the character's bytes in mcbuffer, and the length
8113 in mclength. When not in UTF-8 mode, the length is always 1. */
8114
8115 ONE_CHAR:
8116 previous = code;
8117 item_hwm_offset = cd->hwm - cd->start_workspace;
8118
8119 /* For caseless UTF-8 mode when UCP support is available, check whether
8120 this character has more than one other case. If so, generate a special
8121 OP_PROP item instead of OP_CHARI. */
8122
8123 #ifdef SUPPORT_UCP
8124 if (utf && (options & PCRE_CASELESS) != 0)
8125 {
8126 GETCHAR(c, mcbuffer);
8127 if ((c = UCD_CASESET(c)) != 0)
8128 {
8129 *code++ = OP_PROP;
8130 *code++ = PT_CLIST;
8131 *code++ = c;
8132 if (firstcharflags == REQ_UNSET)
8133 firstcharflags = zerofirstcharflags = REQ_NONE;
8134 break;
8135 }
8136 }
8137 #endif
8138
8139 /* Caseful matches, or not one of the multicase characters. */
8140
8141 *code++ = ((options & PCRE_CASELESS) != 0)? OP_CHARI : OP_CHAR;
8142 for (c = 0; c < mclength; c++) *code++ = mcbuffer[c];
8143
8144 /* Remember if \r or \n were seen */
8145
8146 if (mcbuffer[0] == CHAR_CR || mcbuffer[0] == CHAR_NL)
8147 cd->external_flags |= PCRE_HASCRORLF;
8148
8149 /* Set the first and required bytes appropriately. If no previous first
8150 byte, set it from this character, but revert to none on a zero repeat.
8151 Otherwise, leave the firstchar value alone, and don't change it on a zero
8152 repeat. */
8153
8154 if (firstcharflags == REQ_UNSET)
8155 {
8156 zerofirstcharflags = REQ_NONE;
8157 zeroreqchar = reqchar;
8158 zeroreqcharflags = reqcharflags;
8159
8160 /* If the character is more than one byte long, we can set firstchar
8161 only if it is not to be matched caselessly. */
8162
8163 if (mclength == 1 || req_caseopt == 0)
8164 {
8165 firstchar = mcbuffer[0] | req_caseopt;
8166 firstchar = mcbuffer[0];
8167 firstcharflags = req_caseopt;
8168
8169 if (mclength != 1)
8170 {
8171 reqchar = code[-1];
8172 reqcharflags = cd->req_varyopt;
8173 }
8174 }
8175 else firstcharflags = reqcharflags = REQ_NONE;
8176 }
8177
8178 /* firstchar was previously set; we can set reqchar only if the length is
8179 1 or the matching is caseful. */
8180
8181 else
8182 {
8183 zerofirstchar = firstchar;
8184 zerofirstcharflags = firstcharflags;
8185 zeroreqchar = reqchar;
8186 zeroreqcharflags = reqcharflags;
8187 if (mclength == 1 || req_caseopt == 0)
8188 {
8189 reqchar = code[-1];
8190 reqcharflags = req_caseopt | cd->req_varyopt;
8191 }
8192 }
8193
8194 break; /* End of literal character handling */
8195 }
8196 } /* end of big loop */
8197
8198
8199 /* Control never reaches here by falling through, only by a goto for all the
8200 error states. Pass back the position in the pattern so that it can be displayed
8201 to the user for diagnosing the error. */
8202
8203 FAILED:
8204 *ptrptr = ptr;
8205 return FALSE;
8206 }
8207
8208
8209
8210 /*************************************************
8211 * Compile sequence of alternatives *
8212 *************************************************/
8213
8214 /* On entry, ptr is pointing past the bracket character, but on return it
8215 points to the closing bracket, or vertical bar, or end of string. The code
8216 variable is pointing at the byte into which the BRA operator has been stored.
8217 This function is used during the pre-compile phase when we are trying to find
8218 out the amount of memory needed, as well as during the real compile phase. The
8219 value of lengthptr distinguishes the two phases.
8220
8221 Arguments:
8222 options option bits, including any changes for this subpattern
8223 codeptr -> the address of the current code pointer
8224 ptrptr -> the address of the current pattern pointer
8225 errorcodeptr -> pointer to error code variable
8226 lookbehind TRUE if this is a lookbehind assertion
8227 reset_bracount TRUE to reset the count for each branch
8228 skipbytes skip this many bytes at start (for brackets and OP_COND)
8229 cond_depth depth of nesting for conditional subpatterns
8230 firstcharptr place to put the first required character
8231 firstcharflagsptr place to put the first character flags, or a negative number
8232 reqcharptr place to put the last required character
8233 reqcharflagsptr place to put the last required character flags, or a negative number
8234 bcptr pointer to the chain of currently open branches
8235 cd points to the data block with tables pointers etc.
8236 lengthptr NULL during the real compile phase
8237 points to length accumulator during pre-compile phase
8238
8239 Returns: TRUE on success
8240 */
8241
8242 static BOOL
compile_regex(int options,pcre_uchar ** codeptr,const pcre_uchar ** ptrptr,int * errorcodeptr,BOOL lookbehind,BOOL reset_bracount,int skipbytes,int cond_depth,pcre_uint32 * firstcharptr,pcre_int32 * firstcharflagsptr,pcre_uint32 * reqcharptr,pcre_int32 * reqcharflagsptr,branch_chain * bcptr,compile_data * cd,int * lengthptr)8243 compile_regex(int options, pcre_uchar **codeptr, const pcre_uchar **ptrptr,
8244 int *errorcodeptr, BOOL lookbehind, BOOL reset_bracount, int skipbytes,
8245 int cond_depth,
8246 pcre_uint32 *firstcharptr, pcre_int32 *firstcharflagsptr,
8247 pcre_uint32 *reqcharptr, pcre_int32 *reqcharflagsptr,
8248 branch_chain *bcptr, compile_data *cd, int *lengthptr)
8249 {
8250 const pcre_uchar *ptr = *ptrptr;
8251 pcre_uchar *code = *codeptr;
8252 pcre_uchar *last_branch = code;
8253 pcre_uchar *start_bracket = code;
8254 pcre_uchar *reverse_count = NULL;
8255 open_capitem capitem;
8256 int capnumber = 0;
8257 pcre_uint32 firstchar, reqchar;
8258 pcre_int32 firstcharflags, reqcharflags;
8259 pcre_uint32 branchfirstchar, branchreqchar;
8260 pcre_int32 branchfirstcharflags, branchreqcharflags;
8261 int length;
8262 unsigned int orig_bracount;
8263 unsigned int max_bracount;
8264 branch_chain bc;
8265 size_t save_hwm_offset;
8266
8267 /* If set, call the external function that checks for stack availability. */
8268
8269 if (PUBL(stack_guard) != NULL && PUBL(stack_guard)())
8270 {
8271 *errorcodeptr= ERR85;
8272 return FALSE;
8273 }
8274
8275 /* Miscellaneous initialization */
8276
8277 bc.outer = bcptr;
8278 bc.current_branch = code;
8279
8280 firstchar = reqchar = 0;
8281 firstcharflags = reqcharflags = REQ_UNSET;
8282
8283 save_hwm_offset = cd->hwm - cd->start_workspace;
8284
8285 /* Accumulate the length for use in the pre-compile phase. Start with the
8286 length of the BRA and KET and any extra bytes that are required at the
8287 beginning. We accumulate in a local variable to save frequent testing of
8288 lenthptr for NULL. We cannot do this by looking at the value of code at the
8289 start and end of each alternative, because compiled items are discarded during
8290 the pre-compile phase so that the work space is not exceeded. */
8291
8292 length = 2 + 2*LINK_SIZE + skipbytes;
8293
8294 /* WARNING: If the above line is changed for any reason, you must also change
8295 the code that abstracts option settings at the start of the pattern and makes
8296 them global. It tests the value of length for (2 + 2*LINK_SIZE) in the
8297 pre-compile phase to find out whether anything has yet been compiled or not. */
8298
8299 /* If this is a capturing subpattern, add to the chain of open capturing items
8300 so that we can detect them if (*ACCEPT) is encountered. This is also used to
8301 detect groups that contain recursive back references to themselves. Note that
8302 only OP_CBRA need be tested here; changing this opcode to one of its variants,
8303 e.g. OP_SCBRAPOS, happens later, after the group has been compiled. */
8304
8305 if (*code == OP_CBRA)
8306 {
8307 capnumber = GET2(code, 1 + LINK_SIZE);
8308 capitem.number = capnumber;
8309 capitem.next = cd->open_caps;
8310 capitem.flag = FALSE;
8311 cd->open_caps = &capitem;
8312 }
8313
8314 /* Offset is set zero to mark that this bracket is still open */
8315
8316 PUT(code, 1, 0);
8317 code += 1 + LINK_SIZE + skipbytes;
8318
8319 /* Loop for each alternative branch */
8320
8321 orig_bracount = max_bracount = cd->bracount;
8322 for (;;)
8323 {
8324 /* For a (?| group, reset the capturing bracket count so that each branch
8325 uses the same numbers. */
8326
8327 if (reset_bracount) cd->bracount = orig_bracount;
8328
8329 /* Set up dummy OP_REVERSE if lookbehind assertion */
8330
8331 if (lookbehind)
8332 {
8333 *code++ = OP_REVERSE;
8334 reverse_count = code;
8335 PUTINC(code, 0, 0);
8336 length += 1 + LINK_SIZE;
8337 }
8338
8339 /* Now compile the branch; in the pre-compile phase its length gets added
8340 into the length. */
8341
8342 if (!compile_branch(&options, &code, &ptr, errorcodeptr, &branchfirstchar,
8343 &branchfirstcharflags, &branchreqchar, &branchreqcharflags, &bc,
8344 cond_depth, cd, (lengthptr == NULL)? NULL : &length))
8345 {
8346 *ptrptr = ptr;
8347 return FALSE;
8348 }
8349
8350 /* Keep the highest bracket count in case (?| was used and some branch
8351 has fewer than the rest. */
8352
8353 if (cd->bracount > max_bracount) max_bracount = cd->bracount;
8354
8355 /* In the real compile phase, there is some post-processing to be done. */
8356
8357 if (lengthptr == NULL)
8358 {
8359 /* If this is the first branch, the firstchar and reqchar values for the
8360 branch become the values for the regex. */
8361
8362 if (*last_branch != OP_ALT)
8363 {
8364 firstchar = branchfirstchar;
8365 firstcharflags = branchfirstcharflags;
8366 reqchar = branchreqchar;
8367 reqcharflags = branchreqcharflags;
8368 }
8369
8370 /* If this is not the first branch, the first char and reqchar have to
8371 match the values from all the previous branches, except that if the
8372 previous value for reqchar didn't have REQ_VARY set, it can still match,
8373 and we set REQ_VARY for the regex. */
8374
8375 else
8376 {
8377 /* If we previously had a firstchar, but it doesn't match the new branch,
8378 we have to abandon the firstchar for the regex, but if there was
8379 previously no reqchar, it takes on the value of the old firstchar. */
8380
8381 if (firstcharflags >= 0 &&
8382 (firstcharflags != branchfirstcharflags || firstchar != branchfirstchar))
8383 {
8384 if (reqcharflags < 0)
8385 {
8386 reqchar = firstchar;
8387 reqcharflags = firstcharflags;
8388 }
8389 firstcharflags = REQ_NONE;
8390 }
8391
8392 /* If we (now or from before) have no firstchar, a firstchar from the
8393 branch becomes a reqchar if there isn't a branch reqchar. */
8394
8395 if (firstcharflags < 0 && branchfirstcharflags >= 0 && branchreqcharflags < 0)
8396 {
8397 branchreqchar = branchfirstchar;
8398 branchreqcharflags = branchfirstcharflags;
8399 }
8400
8401 /* Now ensure that the reqchars match */
8402
8403 if (((reqcharflags & ~REQ_VARY) != (branchreqcharflags & ~REQ_VARY)) ||
8404 reqchar != branchreqchar)
8405 reqcharflags = REQ_NONE;
8406 else
8407 {
8408 reqchar = branchreqchar;
8409 reqcharflags |= branchreqcharflags; /* To "or" REQ_VARY */
8410 }
8411 }
8412
8413 /* If lookbehind, check that this branch matches a fixed-length string, and
8414 put the length into the OP_REVERSE item. Temporarily mark the end of the
8415 branch with OP_END. If the branch contains OP_RECURSE, the result is -3
8416 because there may be forward references that we can't check here. Set a
8417 flag to cause another lookbehind check at the end. Why not do it all at the
8418 end? Because common, erroneous checks are picked up here and the offset of
8419 the problem can be shown. */
8420
8421 if (lookbehind)
8422 {
8423 int fixed_length;
8424 *code = OP_END;
8425 fixed_length = find_fixedlength(last_branch, (options & PCRE_UTF8) != 0,
8426 FALSE, cd, NULL);
8427 DPRINTF(("fixed length = %d\n", fixed_length));
8428 if (fixed_length == -3)
8429 {
8430 cd->check_lookbehind = TRUE;
8431 }
8432 else if (fixed_length < 0)
8433 {
8434 *errorcodeptr = (fixed_length == -2)? ERR36 :
8435 (fixed_length == -4)? ERR70: ERR25;
8436 *ptrptr = ptr;
8437 return FALSE;
8438 }
8439 else
8440 {
8441 if (fixed_length > cd->max_lookbehind)
8442 cd->max_lookbehind = fixed_length;
8443 PUT(reverse_count, 0, fixed_length);
8444 }
8445 }
8446 }
8447
8448 /* Reached end of expression, either ')' or end of pattern. In the real
8449 compile phase, go back through the alternative branches and reverse the chain
8450 of offsets, with the field in the BRA item now becoming an offset to the
8451 first alternative. If there are no alternatives, it points to the end of the
8452 group. The length in the terminating ket is always the length of the whole
8453 bracketed item. Return leaving the pointer at the terminating char. */
8454
8455 if (*ptr != CHAR_VERTICAL_LINE)
8456 {
8457 if (lengthptr == NULL)
8458 {
8459 int branch_length = (int)(code - last_branch);
8460 do
8461 {
8462 int prev_length = GET(last_branch, 1);
8463 PUT(last_branch, 1, branch_length);
8464 branch_length = prev_length;
8465 last_branch -= branch_length;
8466 }
8467 while (branch_length > 0);
8468 }
8469
8470 /* Fill in the ket */
8471
8472 *code = OP_KET;
8473 PUT(code, 1, (int)(code - start_bracket));
8474 code += 1 + LINK_SIZE;
8475
8476 /* If it was a capturing subpattern, check to see if it contained any
8477 recursive back references. If so, we must wrap it in atomic brackets.
8478 Because we are moving code along, we must ensure that any pending recursive
8479 references are updated. In any event, remove the block from the chain. */
8480
8481 if (capnumber > 0)
8482 {
8483 if (cd->open_caps->flag)
8484 {
8485 *code = OP_END;
8486 adjust_recurse(start_bracket, 1 + LINK_SIZE,
8487 (options & PCRE_UTF8) != 0, cd, save_hwm_offset);
8488 memmove(start_bracket + 1 + LINK_SIZE, start_bracket,
8489 IN_UCHARS(code - start_bracket));
8490 *start_bracket = OP_ONCE;
8491 code += 1 + LINK_SIZE;
8492 PUT(start_bracket, 1, (int)(code - start_bracket));
8493 *code = OP_KET;
8494 PUT(code, 1, (int)(code - start_bracket));
8495 code += 1 + LINK_SIZE;
8496 length += 2 + 2*LINK_SIZE;
8497 }
8498 cd->open_caps = cd->open_caps->next;
8499 }
8500
8501 /* Retain the highest bracket number, in case resetting was used. */
8502
8503 cd->bracount = max_bracount;
8504
8505 /* Set values to pass back */
8506
8507 *codeptr = code;
8508 *ptrptr = ptr;
8509 *firstcharptr = firstchar;
8510 *firstcharflagsptr = firstcharflags;
8511 *reqcharptr = reqchar;
8512 *reqcharflagsptr = reqcharflags;
8513 if (lengthptr != NULL)
8514 {
8515 if (OFLOW_MAX - *lengthptr < length)
8516 {
8517 *errorcodeptr = ERR20;
8518 return FALSE;
8519 }
8520 *lengthptr += length;
8521 }
8522 return TRUE;
8523 }
8524
8525 /* Another branch follows. In the pre-compile phase, we can move the code
8526 pointer back to where it was for the start of the first branch. (That is,
8527 pretend that each branch is the only one.)
8528
8529 In the real compile phase, insert an ALT node. Its length field points back
8530 to the previous branch while the bracket remains open. At the end the chain
8531 is reversed. It's done like this so that the start of the bracket has a
8532 zero offset until it is closed, making it possible to detect recursion. */
8533
8534 if (lengthptr != NULL)
8535 {
8536 code = *codeptr + 1 + LINK_SIZE + skipbytes;
8537 length += 1 + LINK_SIZE;
8538 }
8539 else
8540 {
8541 *code = OP_ALT;
8542 PUT(code, 1, (int)(code - last_branch));
8543 bc.current_branch = last_branch = code;
8544 code += 1 + LINK_SIZE;
8545 }
8546
8547 ptr++;
8548 }
8549 /* Control never reaches here */
8550 }
8551
8552
8553
8554
8555 /*************************************************
8556 * Check for anchored expression *
8557 *************************************************/
8558
8559 /* Try to find out if this is an anchored regular expression. Consider each
8560 alternative branch. If they all start with OP_SOD or OP_CIRC, or with a bracket
8561 all of whose alternatives start with OP_SOD or OP_CIRC (recurse ad lib), then
8562 it's anchored. However, if this is a multiline pattern, then only OP_SOD will
8563 be found, because ^ generates OP_CIRCM in that mode.
8564
8565 We can also consider a regex to be anchored if OP_SOM starts all its branches.
8566 This is the code for \G, which means "match at start of match position, taking
8567 into account the match offset".
8568
8569 A branch is also implicitly anchored if it starts with .* and DOTALL is set,
8570 because that will try the rest of the pattern at all possible matching points,
8571 so there is no point trying again.... er ....
8572
8573 .... except when the .* appears inside capturing parentheses, and there is a
8574 subsequent back reference to those parentheses. We haven't enough information
8575 to catch that case precisely.
8576
8577 At first, the best we could do was to detect when .* was in capturing brackets
8578 and the highest back reference was greater than or equal to that level.
8579 However, by keeping a bitmap of the first 31 back references, we can catch some
8580 of the more common cases more precisely.
8581
8582 ... A second exception is when the .* appears inside an atomic group, because
8583 this prevents the number of characters it matches from being adjusted.
8584
8585 Arguments:
8586 code points to start of expression (the bracket)
8587 bracket_map a bitmap of which brackets we are inside while testing; this
8588 handles up to substring 31; after that we just have to take
8589 the less precise approach
8590 cd points to the compile data block
8591 atomcount atomic group level
8592
8593 Returns: TRUE or FALSE
8594 */
8595
8596 static BOOL
is_anchored(register const pcre_uchar * code,unsigned int bracket_map,compile_data * cd,int atomcount)8597 is_anchored(register const pcre_uchar *code, unsigned int bracket_map,
8598 compile_data *cd, int atomcount)
8599 {
8600 do {
8601 const pcre_uchar *scode = first_significant_code(
8602 code + PRIV(OP_lengths)[*code], FALSE);
8603 register int op = *scode;
8604
8605 /* Non-capturing brackets */
8606
8607 if (op == OP_BRA || op == OP_BRAPOS ||
8608 op == OP_SBRA || op == OP_SBRAPOS)
8609 {
8610 if (!is_anchored(scode, bracket_map, cd, atomcount)) return FALSE;
8611 }
8612
8613 /* Capturing brackets */
8614
8615 else if (op == OP_CBRA || op == OP_CBRAPOS ||
8616 op == OP_SCBRA || op == OP_SCBRAPOS)
8617 {
8618 int n = GET2(scode, 1+LINK_SIZE);
8619 int new_map = bracket_map | ((n < 32)? (1 << n) : 1);
8620 if (!is_anchored(scode, new_map, cd, atomcount)) return FALSE;
8621 }
8622
8623 /* Positive forward assertions and conditions */
8624
8625 else if (op == OP_ASSERT || op == OP_COND)
8626 {
8627 if (!is_anchored(scode, bracket_map, cd, atomcount)) return FALSE;
8628 }
8629
8630 /* Atomic groups */
8631
8632 else if (op == OP_ONCE || op == OP_ONCE_NC)
8633 {
8634 if (!is_anchored(scode, bracket_map, cd, atomcount + 1))
8635 return FALSE;
8636 }
8637
8638 /* .* is not anchored unless DOTALL is set (which generates OP_ALLANY) and
8639 it isn't in brackets that are or may be referenced or inside an atomic
8640 group. */
8641
8642 else if ((op == OP_TYPESTAR || op == OP_TYPEMINSTAR ||
8643 op == OP_TYPEPOSSTAR))
8644 {
8645 if (scode[1] != OP_ALLANY || (bracket_map & cd->backref_map) != 0 ||
8646 atomcount > 0 || cd->had_pruneorskip)
8647 return FALSE;
8648 }
8649
8650 /* Check for explicit anchoring */
8651
8652 else if (op != OP_SOD && op != OP_SOM && op != OP_CIRC) return FALSE;
8653
8654 code += GET(code, 1);
8655 }
8656 while (*code == OP_ALT); /* Loop for each alternative */
8657 return TRUE;
8658 }
8659
8660
8661
8662 /*************************************************
8663 * Check for starting with ^ or .* *
8664 *************************************************/
8665
8666 /* This is called to find out if every branch starts with ^ or .* so that
8667 "first char" processing can be done to speed things up in multiline
8668 matching and for non-DOTALL patterns that start with .* (which must start at
8669 the beginning or after \n). As in the case of is_anchored() (see above), we
8670 have to take account of back references to capturing brackets that contain .*
8671 because in that case we can't make the assumption. Also, the appearance of .*
8672 inside atomic brackets or in a pattern that contains *PRUNE or *SKIP does not
8673 count, because once again the assumption no longer holds.
8674
8675 Arguments:
8676 code points to start of expression (the bracket)
8677 bracket_map a bitmap of which brackets we are inside while testing; this
8678 handles up to substring 31; after that we just have to take
8679 the less precise approach
8680 cd points to the compile data
8681 atomcount atomic group level
8682
8683 Returns: TRUE or FALSE
8684 */
8685
8686 static BOOL
is_startline(const pcre_uchar * code,unsigned int bracket_map,compile_data * cd,int atomcount)8687 is_startline(const pcre_uchar *code, unsigned int bracket_map,
8688 compile_data *cd, int atomcount)
8689 {
8690 do {
8691 const pcre_uchar *scode = first_significant_code(
8692 code + PRIV(OP_lengths)[*code], FALSE);
8693 register int op = *scode;
8694
8695 /* If we are at the start of a conditional assertion group, *both* the
8696 conditional assertion *and* what follows the condition must satisfy the test
8697 for start of line. Other kinds of condition fail. Note that there may be an
8698 auto-callout at the start of a condition. */
8699
8700 if (op == OP_COND)
8701 {
8702 scode += 1 + LINK_SIZE;
8703 if (*scode == OP_CALLOUT) scode += PRIV(OP_lengths)[OP_CALLOUT];
8704 switch (*scode)
8705 {
8706 case OP_CREF:
8707 case OP_DNCREF:
8708 case OP_RREF:
8709 case OP_DNRREF:
8710 case OP_DEF:
8711 case OP_FAIL:
8712 return FALSE;
8713
8714 default: /* Assertion */
8715 if (!is_startline(scode, bracket_map, cd, atomcount)) return FALSE;
8716 do scode += GET(scode, 1); while (*scode == OP_ALT);
8717 scode += 1 + LINK_SIZE;
8718 break;
8719 }
8720 scode = first_significant_code(scode, FALSE);
8721 op = *scode;
8722 }
8723
8724 /* Non-capturing brackets */
8725
8726 if (op == OP_BRA || op == OP_BRAPOS ||
8727 op == OP_SBRA || op == OP_SBRAPOS)
8728 {
8729 if (!is_startline(scode, bracket_map, cd, atomcount)) return FALSE;
8730 }
8731
8732 /* Capturing brackets */
8733
8734 else if (op == OP_CBRA || op == OP_CBRAPOS ||
8735 op == OP_SCBRA || op == OP_SCBRAPOS)
8736 {
8737 int n = GET2(scode, 1+LINK_SIZE);
8738 int new_map = bracket_map | ((n < 32)? (1 << n) : 1);
8739 if (!is_startline(scode, new_map, cd, atomcount)) return FALSE;
8740 }
8741
8742 /* Positive forward assertions */
8743
8744 else if (op == OP_ASSERT)
8745 {
8746 if (!is_startline(scode, bracket_map, cd, atomcount)) return FALSE;
8747 }
8748
8749 /* Atomic brackets */
8750
8751 else if (op == OP_ONCE || op == OP_ONCE_NC)
8752 {
8753 if (!is_startline(scode, bracket_map, cd, atomcount + 1)) return FALSE;
8754 }
8755
8756 /* .* means "start at start or after \n" if it isn't in atomic brackets or
8757 brackets that may be referenced, as long as the pattern does not contain
8758 *PRUNE or *SKIP, because these break the feature. Consider, for example,
8759 /.*?a(*PRUNE)b/ with the subject "aab", which matches "ab", i.e. not at the
8760 start of a line. */
8761
8762 else if (op == OP_TYPESTAR || op == OP_TYPEMINSTAR || op == OP_TYPEPOSSTAR)
8763 {
8764 if (scode[1] != OP_ANY || (bracket_map & cd->backref_map) != 0 ||
8765 atomcount > 0 || cd->had_pruneorskip)
8766 return FALSE;
8767 }
8768
8769 /* Check for explicit circumflex; anything else gives a FALSE result. Note
8770 in particular that this includes atomic brackets OP_ONCE and OP_ONCE_NC
8771 because the number of characters matched by .* cannot be adjusted inside
8772 them. */
8773
8774 else if (op != OP_CIRC && op != OP_CIRCM) return FALSE;
8775
8776 /* Move on to the next alternative */
8777
8778 code += GET(code, 1);
8779 }
8780 while (*code == OP_ALT); /* Loop for each alternative */
8781 return TRUE;
8782 }
8783
8784
8785
8786 /*************************************************
8787 * Check for asserted fixed first char *
8788 *************************************************/
8789
8790 /* During compilation, the "first char" settings from forward assertions are
8791 discarded, because they can cause conflicts with actual literals that follow.
8792 However, if we end up without a first char setting for an unanchored pattern,
8793 it is worth scanning the regex to see if there is an initial asserted first
8794 char. If all branches start with the same asserted char, or with a
8795 non-conditional bracket all of whose alternatives start with the same asserted
8796 char (recurse ad lib), then we return that char, with the flags set to zero or
8797 REQ_CASELESS; otherwise return zero with REQ_NONE in the flags.
8798
8799 Arguments:
8800 code points to start of expression (the bracket)
8801 flags points to the first char flags, or to REQ_NONE
8802 inassert TRUE if in an assertion
8803
8804 Returns: the fixed first char, or 0 with REQ_NONE in flags
8805 */
8806
8807 static pcre_uint32
find_firstassertedchar(const pcre_uchar * code,pcre_int32 * flags,BOOL inassert)8808 find_firstassertedchar(const pcre_uchar *code, pcre_int32 *flags,
8809 BOOL inassert)
8810 {
8811 register pcre_uint32 c = 0;
8812 int cflags = REQ_NONE;
8813
8814 *flags = REQ_NONE;
8815 do {
8816 pcre_uint32 d;
8817 int dflags;
8818 int xl = (*code == OP_CBRA || *code == OP_SCBRA ||
8819 *code == OP_CBRAPOS || *code == OP_SCBRAPOS)? IMM2_SIZE:0;
8820 const pcre_uchar *scode = first_significant_code(code + 1+LINK_SIZE + xl,
8821 TRUE);
8822 register pcre_uchar op = *scode;
8823
8824 switch(op)
8825 {
8826 default:
8827 return 0;
8828
8829 case OP_BRA:
8830 case OP_BRAPOS:
8831 case OP_CBRA:
8832 case OP_SCBRA:
8833 case OP_CBRAPOS:
8834 case OP_SCBRAPOS:
8835 case OP_ASSERT:
8836 case OP_ONCE:
8837 case OP_ONCE_NC:
8838 d = find_firstassertedchar(scode, &dflags, op == OP_ASSERT);
8839 if (dflags < 0)
8840 return 0;
8841 if (cflags < 0) { c = d; cflags = dflags; } else if (c != d || cflags != dflags) return 0;
8842 break;
8843
8844 case OP_EXACT:
8845 scode += IMM2_SIZE;
8846 /* Fall through */
8847
8848 case OP_CHAR:
8849 case OP_PLUS:
8850 case OP_MINPLUS:
8851 case OP_POSPLUS:
8852 if (!inassert) return 0;
8853 if (cflags < 0) { c = scode[1]; cflags = 0; }
8854 else if (c != scode[1]) return 0;
8855 break;
8856
8857 case OP_EXACTI:
8858 scode += IMM2_SIZE;
8859 /* Fall through */
8860
8861 case OP_CHARI:
8862 case OP_PLUSI:
8863 case OP_MINPLUSI:
8864 case OP_POSPLUSI:
8865 if (!inassert) return 0;
8866 if (cflags < 0) { c = scode[1]; cflags = REQ_CASELESS; }
8867 else if (c != scode[1]) return 0;
8868 break;
8869 }
8870
8871 code += GET(code, 1);
8872 }
8873 while (*code == OP_ALT);
8874
8875 *flags = cflags;
8876 return c;
8877 }
8878
8879
8880
8881 /*************************************************
8882 * Add an entry to the name/number table *
8883 *************************************************/
8884
8885 /* This function is called between compiling passes to add an entry to the
8886 name/number table, maintaining alphabetical order. Checking for permitted
8887 and forbidden duplicates has already been done.
8888
8889 Arguments:
8890 cd the compile data block
8891 name the name to add
8892 length the length of the name
8893 groupno the group number
8894
8895 Returns: nothing
8896 */
8897
8898 static void
add_name(compile_data * cd,const pcre_uchar * name,int length,unsigned int groupno)8899 add_name(compile_data *cd, const pcre_uchar *name, int length,
8900 unsigned int groupno)
8901 {
8902 int i;
8903 pcre_uchar *slot = cd->name_table;
8904
8905 for (i = 0; i < cd->names_found; i++)
8906 {
8907 int crc = memcmp(name, slot+IMM2_SIZE, IN_UCHARS(length));
8908 if (crc == 0 && slot[IMM2_SIZE+length] != 0)
8909 crc = -1; /* Current name is a substring */
8910
8911 /* Make space in the table and break the loop for an earlier name. For a
8912 duplicate or later name, carry on. We do this for duplicates so that in the
8913 simple case (when ?(| is not used) they are in order of their numbers. In all
8914 cases they are in the order in which they appear in the pattern. */
8915
8916 if (crc < 0)
8917 {
8918 memmove(slot + cd->name_entry_size, slot,
8919 IN_UCHARS((cd->names_found - i) * cd->name_entry_size));
8920 break;
8921 }
8922
8923 /* Continue the loop for a later or duplicate name */
8924
8925 slot += cd->name_entry_size;
8926 }
8927
8928 PUT2(slot, 0, groupno);
8929 memcpy(slot + IMM2_SIZE, name, IN_UCHARS(length));
8930 slot[IMM2_SIZE + length] = 0;
8931 cd->names_found++;
8932 }
8933
8934
8935
8936 /*************************************************
8937 * Compile a Regular Expression *
8938 *************************************************/
8939
8940 /* This function takes a string and returns a pointer to a block of store
8941 holding a compiled version of the expression. The original API for this
8942 function had no error code return variable; it is retained for backwards
8943 compatibility. The new function is given a new name.
8944
8945 Arguments:
8946 pattern the regular expression
8947 options various option bits
8948 errorcodeptr pointer to error code variable (pcre_compile2() only)
8949 can be NULL if you don't want a code value
8950 errorptr pointer to pointer to error text
8951 erroroffset ptr offset in pattern where error was detected
8952 tables pointer to character tables or NULL
8953
8954 Returns: pointer to compiled data block, or NULL on error,
8955 with errorptr and erroroffset set
8956 */
8957
8958 #if defined COMPILE_PCRE8
8959 PCRE_EXP_DEFN pcre * PCRE_CALL_CONVENTION
pcre_compile(const char * pattern,int options,const char ** errorptr,int * erroroffset,const unsigned char * tables)8960 pcre_compile(const char *pattern, int options, const char **errorptr,
8961 int *erroroffset, const unsigned char *tables)
8962 #elif defined COMPILE_PCRE16
8963 PCRE_EXP_DEFN pcre16 * PCRE_CALL_CONVENTION
8964 pcre16_compile(PCRE_SPTR16 pattern, int options, const char **errorptr,
8965 int *erroroffset, const unsigned char *tables)
8966 #elif defined COMPILE_PCRE32
8967 PCRE_EXP_DEFN pcre32 * PCRE_CALL_CONVENTION
8968 pcre32_compile(PCRE_SPTR32 pattern, int options, const char **errorptr,
8969 int *erroroffset, const unsigned char *tables)
8970 #endif
8971 {
8972 #if defined COMPILE_PCRE8
8973 return pcre_compile2(pattern, options, NULL, errorptr, erroroffset, tables);
8974 #elif defined COMPILE_PCRE16
8975 return pcre16_compile2(pattern, options, NULL, errorptr, erroroffset, tables);
8976 #elif defined COMPILE_PCRE32
8977 return pcre32_compile2(pattern, options, NULL, errorptr, erroroffset, tables);
8978 #endif
8979 }
8980
8981
8982 #if defined COMPILE_PCRE8
8983 PCRE_EXP_DEFN pcre * PCRE_CALL_CONVENTION
pcre_compile2(const char * pattern,int options,int * errorcodeptr,const char ** errorptr,int * erroroffset,const unsigned char * tables)8984 pcre_compile2(const char *pattern, int options, int *errorcodeptr,
8985 const char **errorptr, int *erroroffset, const unsigned char *tables)
8986 #elif defined COMPILE_PCRE16
8987 PCRE_EXP_DEFN pcre16 * PCRE_CALL_CONVENTION
8988 pcre16_compile2(PCRE_SPTR16 pattern, int options, int *errorcodeptr,
8989 const char **errorptr, int *erroroffset, const unsigned char *tables)
8990 #elif defined COMPILE_PCRE32
8991 PCRE_EXP_DEFN pcre32 * PCRE_CALL_CONVENTION
8992 pcre32_compile2(PCRE_SPTR32 pattern, int options, int *errorcodeptr,
8993 const char **errorptr, int *erroroffset, const unsigned char *tables)
8994 #endif
8995 {
8996 REAL_PCRE *re;
8997 int length = 1; /* For final END opcode */
8998 pcre_int32 firstcharflags, reqcharflags;
8999 pcre_uint32 firstchar, reqchar;
9000 pcre_uint32 limit_match = PCRE_UINT32_MAX;
9001 pcre_uint32 limit_recursion = PCRE_UINT32_MAX;
9002 int newline;
9003 int errorcode = 0;
9004 int skipatstart = 0;
9005 BOOL utf;
9006 BOOL never_utf = FALSE;
9007 size_t size;
9008 pcre_uchar *code;
9009 const pcre_uchar *codestart;
9010 const pcre_uchar *ptr;
9011 compile_data compile_block;
9012 compile_data *cd = &compile_block;
9013
9014 /* This space is used for "compiling" into during the first phase, when we are
9015 computing the amount of memory that is needed. Compiled items are thrown away
9016 as soon as possible, so that a fairly large buffer should be sufficient for
9017 this purpose. The same space is used in the second phase for remembering where
9018 to fill in forward references to subpatterns. That may overflow, in which case
9019 new memory is obtained from malloc(). */
9020
9021 pcre_uchar cworkspace[COMPILE_WORK_SIZE];
9022
9023 /* This vector is used for remembering name groups during the pre-compile. In a
9024 similar way to cworkspace, it can be expanded using malloc() if necessary. */
9025
9026 named_group named_groups[NAMED_GROUP_LIST_SIZE];
9027
9028 /* Set this early so that early errors get offset 0. */
9029
9030 ptr = (const pcre_uchar *)pattern;
9031
9032 /* We can't pass back an error message if errorptr is NULL; I guess the best we
9033 can do is just return NULL, but we can set a code value if there is a code
9034 pointer. */
9035
9036 if (errorptr == NULL)
9037 {
9038 if (errorcodeptr != NULL) *errorcodeptr = 99;
9039 return NULL;
9040 }
9041
9042 *errorptr = NULL;
9043 if (errorcodeptr != NULL) *errorcodeptr = ERR0;
9044
9045 /* However, we can give a message for this error */
9046
9047 if (erroroffset == NULL)
9048 {
9049 errorcode = ERR16;
9050 goto PCRE_EARLY_ERROR_RETURN2;
9051 }
9052
9053 *erroroffset = 0;
9054
9055 /* Set up pointers to the individual character tables */
9056
9057 if (tables == NULL) tables = PRIV(default_tables);
9058 cd->lcc = tables + lcc_offset;
9059 cd->fcc = tables + fcc_offset;
9060 cd->cbits = tables + cbits_offset;
9061 cd->ctypes = tables + ctypes_offset;
9062
9063 /* Check that all undefined public option bits are zero */
9064
9065 if ((options & ~PUBLIC_COMPILE_OPTIONS) != 0)
9066 {
9067 errorcode = ERR17;
9068 goto PCRE_EARLY_ERROR_RETURN;
9069 }
9070
9071 /* If PCRE_NEVER_UTF is set, remember it. */
9072
9073 if ((options & PCRE_NEVER_UTF) != 0) never_utf = TRUE;
9074
9075 /* Check for global one-time settings at the start of the pattern, and remember
9076 the offset for later. */
9077
9078 cd->external_flags = 0; /* Initialize here for LIMIT_MATCH/RECURSION */
9079
9080 while (ptr[skipatstart] == CHAR_LEFT_PARENTHESIS &&
9081 ptr[skipatstart+1] == CHAR_ASTERISK)
9082 {
9083 int newnl = 0;
9084 int newbsr = 0;
9085
9086 /* For completeness and backward compatibility, (*UTFn) is supported in the
9087 relevant libraries, but (*UTF) is generic and always supported. Note that
9088 PCRE_UTF8 == PCRE_UTF16 == PCRE_UTF32. */
9089
9090 #ifdef COMPILE_PCRE8
9091 if (STRNCMP_UC_C8(ptr+skipatstart+2, STRING_UTF8_RIGHTPAR, 5) == 0)
9092 { skipatstart += 7; options |= PCRE_UTF8; continue; }
9093 #endif
9094 #ifdef COMPILE_PCRE16
9095 if (STRNCMP_UC_C8(ptr+skipatstart+2, STRING_UTF16_RIGHTPAR, 6) == 0)
9096 { skipatstart += 8; options |= PCRE_UTF16; continue; }
9097 #endif
9098 #ifdef COMPILE_PCRE32
9099 if (STRNCMP_UC_C8(ptr+skipatstart+2, STRING_UTF32_RIGHTPAR, 6) == 0)
9100 { skipatstart += 8; options |= PCRE_UTF32; continue; }
9101 #endif
9102
9103 else if (STRNCMP_UC_C8(ptr+skipatstart+2, STRING_UTF_RIGHTPAR, 4) == 0)
9104 { skipatstart += 6; options |= PCRE_UTF8; continue; }
9105 else if (STRNCMP_UC_C8(ptr+skipatstart+2, STRING_UCP_RIGHTPAR, 4) == 0)
9106 { skipatstart += 6; options |= PCRE_UCP; continue; }
9107 else if (STRNCMP_UC_C8(ptr+skipatstart+2, STRING_NO_AUTO_POSSESS_RIGHTPAR, 16) == 0)
9108 { skipatstart += 18; options |= PCRE_NO_AUTO_POSSESS; continue; }
9109 else if (STRNCMP_UC_C8(ptr+skipatstart+2, STRING_NO_START_OPT_RIGHTPAR, 13) == 0)
9110 { skipatstart += 15; options |= PCRE_NO_START_OPTIMIZE; continue; }
9111
9112 else if (STRNCMP_UC_C8(ptr+skipatstart+2, STRING_LIMIT_MATCH_EQ, 12) == 0)
9113 {
9114 pcre_uint32 c = 0;
9115 int p = skipatstart + 14;
9116 while (isdigit(ptr[p]))
9117 {
9118 if (c > PCRE_UINT32_MAX / 10 - 1) break; /* Integer overflow */
9119 c = c*10 + ptr[p++] - CHAR_0;
9120 }
9121 if (ptr[p++] != CHAR_RIGHT_PARENTHESIS) break;
9122 if (c < limit_match)
9123 {
9124 limit_match = c;
9125 cd->external_flags |= PCRE_MLSET;
9126 }
9127 skipatstart = p;
9128 continue;
9129 }
9130
9131 else if (STRNCMP_UC_C8(ptr+skipatstart+2, STRING_LIMIT_RECURSION_EQ, 16) == 0)
9132 {
9133 pcre_uint32 c = 0;
9134 int p = skipatstart + 18;
9135 while (isdigit(ptr[p]))
9136 {
9137 if (c > PCRE_UINT32_MAX / 10 - 1) break; /* Integer overflow check */
9138 c = c*10 + ptr[p++] - CHAR_0;
9139 }
9140 if (ptr[p++] != CHAR_RIGHT_PARENTHESIS) break;
9141 if (c < limit_recursion)
9142 {
9143 limit_recursion = c;
9144 cd->external_flags |= PCRE_RLSET;
9145 }
9146 skipatstart = p;
9147 continue;
9148 }
9149
9150 if (STRNCMP_UC_C8(ptr+skipatstart+2, STRING_CR_RIGHTPAR, 3) == 0)
9151 { skipatstart += 5; newnl = PCRE_NEWLINE_CR; }
9152 else if (STRNCMP_UC_C8(ptr+skipatstart+2, STRING_LF_RIGHTPAR, 3) == 0)
9153 { skipatstart += 5; newnl = PCRE_NEWLINE_LF; }
9154 else if (STRNCMP_UC_C8(ptr+skipatstart+2, STRING_CRLF_RIGHTPAR, 5) == 0)
9155 { skipatstart += 7; newnl = PCRE_NEWLINE_CR + PCRE_NEWLINE_LF; }
9156 else if (STRNCMP_UC_C8(ptr+skipatstart+2, STRING_ANY_RIGHTPAR, 4) == 0)
9157 { skipatstart += 6; newnl = PCRE_NEWLINE_ANY; }
9158 else if (STRNCMP_UC_C8(ptr+skipatstart+2, STRING_ANYCRLF_RIGHTPAR, 8) == 0)
9159 { skipatstart += 10; newnl = PCRE_NEWLINE_ANYCRLF; }
9160
9161 else if (STRNCMP_UC_C8(ptr+skipatstart+2, STRING_BSR_ANYCRLF_RIGHTPAR, 12) == 0)
9162 { skipatstart += 14; newbsr = PCRE_BSR_ANYCRLF; }
9163 else if (STRNCMP_UC_C8(ptr+skipatstart+2, STRING_BSR_UNICODE_RIGHTPAR, 12) == 0)
9164 { skipatstart += 14; newbsr = PCRE_BSR_UNICODE; }
9165
9166 if (newnl != 0)
9167 options = (options & ~PCRE_NEWLINE_BITS) | newnl;
9168 else if (newbsr != 0)
9169 options = (options & ~(PCRE_BSR_ANYCRLF|PCRE_BSR_UNICODE)) | newbsr;
9170 else break;
9171 }
9172
9173 /* PCRE_UTF(16|32) have the same value as PCRE_UTF8. */
9174 utf = (options & PCRE_UTF8) != 0;
9175 if (utf && never_utf)
9176 {
9177 errorcode = ERR78;
9178 goto PCRE_EARLY_ERROR_RETURN2;
9179 }
9180
9181 /* Can't support UTF unless PCRE has been compiled to include the code. The
9182 return of an error code from PRIV(valid_utf)() is a new feature, introduced in
9183 release 8.13. It is passed back from pcre_[dfa_]exec(), but at the moment is
9184 not used here. */
9185
9186 #ifdef SUPPORT_UTF
9187 if (utf && (options & PCRE_NO_UTF8_CHECK) == 0 &&
9188 (errorcode = PRIV(valid_utf)((PCRE_PUCHAR)pattern, -1, erroroffset)) != 0)
9189 {
9190 #if defined COMPILE_PCRE8
9191 errorcode = ERR44;
9192 #elif defined COMPILE_PCRE16
9193 errorcode = ERR74;
9194 #elif defined COMPILE_PCRE32
9195 errorcode = ERR77;
9196 #endif
9197 goto PCRE_EARLY_ERROR_RETURN2;
9198 }
9199 #else
9200 if (utf)
9201 {
9202 errorcode = ERR32;
9203 goto PCRE_EARLY_ERROR_RETURN;
9204 }
9205 #endif
9206
9207 /* Can't support UCP unless PCRE has been compiled to include the code. */
9208
9209 #ifndef SUPPORT_UCP
9210 if ((options & PCRE_UCP) != 0)
9211 {
9212 errorcode = ERR67;
9213 goto PCRE_EARLY_ERROR_RETURN;
9214 }
9215 #endif
9216
9217 /* Check validity of \R options. */
9218
9219 if ((options & (PCRE_BSR_ANYCRLF|PCRE_BSR_UNICODE)) ==
9220 (PCRE_BSR_ANYCRLF|PCRE_BSR_UNICODE))
9221 {
9222 errorcode = ERR56;
9223 goto PCRE_EARLY_ERROR_RETURN;
9224 }
9225
9226 /* Handle different types of newline. The three bits give seven cases. The
9227 current code allows for fixed one- or two-byte sequences, plus "any" and
9228 "anycrlf". */
9229
9230 switch (options & PCRE_NEWLINE_BITS)
9231 {
9232 case 0: newline = NEWLINE; break; /* Build-time default */
9233 case PCRE_NEWLINE_CR: newline = CHAR_CR; break;
9234 case PCRE_NEWLINE_LF: newline = CHAR_NL; break;
9235 case PCRE_NEWLINE_CR+
9236 PCRE_NEWLINE_LF: newline = (CHAR_CR << 8) | CHAR_NL; break;
9237 case PCRE_NEWLINE_ANY: newline = -1; break;
9238 case PCRE_NEWLINE_ANYCRLF: newline = -2; break;
9239 default: errorcode = ERR56; goto PCRE_EARLY_ERROR_RETURN;
9240 }
9241
9242 if (newline == -2)
9243 {
9244 cd->nltype = NLTYPE_ANYCRLF;
9245 }
9246 else if (newline < 0)
9247 {
9248 cd->nltype = NLTYPE_ANY;
9249 }
9250 else
9251 {
9252 cd->nltype = NLTYPE_FIXED;
9253 if (newline > 255)
9254 {
9255 cd->nllen = 2;
9256 cd->nl[0] = (newline >> 8) & 255;
9257 cd->nl[1] = newline & 255;
9258 }
9259 else
9260 {
9261 cd->nllen = 1;
9262 cd->nl[0] = newline;
9263 }
9264 }
9265
9266 /* Maximum back reference and backref bitmap. The bitmap records up to 31 back
9267 references to help in deciding whether (.*) can be treated as anchored or not.
9268 */
9269
9270 cd->top_backref = 0;
9271 cd->backref_map = 0;
9272
9273 /* Reflect pattern for debugging output */
9274
9275 DPRINTF(("------------------------------------------------------------------\n"));
9276 #ifdef PCRE_DEBUG
9277 print_puchar(stdout, (PCRE_PUCHAR)pattern);
9278 #endif
9279 DPRINTF(("\n"));
9280
9281 /* Pretend to compile the pattern while actually just accumulating the length
9282 of memory required. This behaviour is triggered by passing a non-NULL final
9283 argument to compile_regex(). We pass a block of workspace (cworkspace) for it
9284 to compile parts of the pattern into; the compiled code is discarded when it is
9285 no longer needed, so hopefully this workspace will never overflow, though there
9286 is a test for its doing so. */
9287
9288 cd->bracount = cd->final_bracount = 0;
9289 cd->names_found = 0;
9290 cd->name_entry_size = 0;
9291 cd->name_table = NULL;
9292 cd->dupnames = FALSE;
9293 cd->dupgroups = FALSE;
9294 cd->namedrefcount = 0;
9295 cd->start_code = cworkspace;
9296 cd->hwm = cworkspace;
9297 cd->iscondassert = FALSE;
9298 cd->start_workspace = cworkspace;
9299 cd->workspace_size = COMPILE_WORK_SIZE;
9300 cd->named_groups = named_groups;
9301 cd->named_group_list_size = NAMED_GROUP_LIST_SIZE;
9302 cd->start_pattern = (const pcre_uchar *)pattern;
9303 cd->end_pattern = (const pcre_uchar *)(pattern + STRLEN_UC((const pcre_uchar *)pattern));
9304 cd->req_varyopt = 0;
9305 cd->parens_depth = 0;
9306 cd->assert_depth = 0;
9307 cd->max_lookbehind = 0;
9308 cd->external_options = options;
9309 cd->open_caps = NULL;
9310
9311 /* Now do the pre-compile. On error, errorcode will be set non-zero, so we
9312 don't need to look at the result of the function here. The initial options have
9313 been put into the cd block so that they can be changed if an option setting is
9314 found within the regex right at the beginning. Bringing initial option settings
9315 outside can help speed up starting point checks. */
9316
9317 ptr += skipatstart;
9318 code = cworkspace;
9319 *code = OP_BRA;
9320
9321 (void)compile_regex(cd->external_options, &code, &ptr, &errorcode, FALSE,
9322 FALSE, 0, 0, &firstchar, &firstcharflags, &reqchar, &reqcharflags, NULL,
9323 cd, &length);
9324 if (errorcode != 0) goto PCRE_EARLY_ERROR_RETURN;
9325
9326 DPRINTF(("end pre-compile: length=%d workspace=%d\n", length,
9327 (int)(cd->hwm - cworkspace)));
9328
9329 if (length > MAX_PATTERN_SIZE)
9330 {
9331 errorcode = ERR20;
9332 goto PCRE_EARLY_ERROR_RETURN;
9333 }
9334
9335 /* Compute the size of the data block for storing the compiled pattern. Integer
9336 overflow should no longer be possible because nowadays we limit the maximum
9337 value of cd->names_found and cd->name_entry_size. */
9338
9339 size = sizeof(REAL_PCRE) +
9340 (length + cd->names_found * cd->name_entry_size) * sizeof(pcre_uchar);
9341
9342 /* Get the memory. */
9343
9344 re = (REAL_PCRE *)(PUBL(malloc))(size);
9345 if (re == NULL)
9346 {
9347 errorcode = ERR21;
9348 goto PCRE_EARLY_ERROR_RETURN;
9349 }
9350
9351 /* Put in the magic number, and save the sizes, initial options, internal
9352 flags, and character table pointer. NULL is used for the default character
9353 tables. The nullpad field is at the end; it's there to help in the case when a
9354 regex compiled on a system with 4-byte pointers is run on another with 8-byte
9355 pointers. */
9356
9357 re->magic_number = MAGIC_NUMBER;
9358 re->size = (int)size;
9359 re->options = cd->external_options;
9360 re->flags = cd->external_flags;
9361 re->limit_match = limit_match;
9362 re->limit_recursion = limit_recursion;
9363 re->first_char = 0;
9364 re->req_char = 0;
9365 re->name_table_offset = sizeof(REAL_PCRE) / sizeof(pcre_uchar);
9366 re->name_entry_size = cd->name_entry_size;
9367 re->name_count = cd->names_found;
9368 re->ref_count = 0;
9369 re->tables = (tables == PRIV(default_tables))? NULL : tables;
9370 re->nullpad = NULL;
9371 #ifdef COMPILE_PCRE32
9372 re->dummy = 0;
9373 #else
9374 re->dummy1 = re->dummy2 = re->dummy3 = 0;
9375 #endif
9376
9377 /* The starting points of the name/number translation table and of the code are
9378 passed around in the compile data block. The start/end pattern and initial
9379 options are already set from the pre-compile phase, as is the name_entry_size
9380 field. Reset the bracket count and the names_found field. Also reset the hwm
9381 field; this time it's used for remembering forward references to subpatterns.
9382 */
9383
9384 cd->final_bracount = cd->bracount; /* Save for checking forward references */
9385 cd->parens_depth = 0;
9386 cd->assert_depth = 0;
9387 cd->bracount = 0;
9388 cd->max_lookbehind = 0;
9389 cd->name_table = (pcre_uchar *)re + re->name_table_offset;
9390 codestart = cd->name_table + re->name_entry_size * re->name_count;
9391 cd->start_code = codestart;
9392 cd->hwm = (pcre_uchar *)(cd->start_workspace);
9393 cd->iscondassert = FALSE;
9394 cd->req_varyopt = 0;
9395 cd->had_accept = FALSE;
9396 cd->had_pruneorskip = FALSE;
9397 cd->check_lookbehind = FALSE;
9398 cd->open_caps = NULL;
9399
9400 /* If any named groups were found, create the name/number table from the list
9401 created in the first pass. */
9402
9403 if (cd->names_found > 0)
9404 {
9405 int i = cd->names_found;
9406 named_group *ng = cd->named_groups;
9407 cd->names_found = 0;
9408 for (; i > 0; i--, ng++)
9409 add_name(cd, ng->name, ng->length, ng->number);
9410 if (cd->named_group_list_size > NAMED_GROUP_LIST_SIZE)
9411 (PUBL(free))((void *)cd->named_groups);
9412 }
9413
9414 /* Set up a starting, non-extracting bracket, then compile the expression. On
9415 error, errorcode will be set non-zero, so we don't need to look at the result
9416 of the function here. */
9417
9418 ptr = (const pcre_uchar *)pattern + skipatstart;
9419 code = (pcre_uchar *)codestart;
9420 *code = OP_BRA;
9421 (void)compile_regex(re->options, &code, &ptr, &errorcode, FALSE, FALSE, 0, 0,
9422 &firstchar, &firstcharflags, &reqchar, &reqcharflags, NULL, cd, NULL);
9423 re->top_bracket = cd->bracount;
9424 re->top_backref = cd->top_backref;
9425 re->max_lookbehind = cd->max_lookbehind;
9426 re->flags = cd->external_flags | PCRE_MODE;
9427
9428 if (cd->had_accept)
9429 {
9430 reqchar = 0; /* Must disable after (*ACCEPT) */
9431 reqcharflags = REQ_NONE;
9432 }
9433
9434 /* If not reached end of pattern on success, there's an excess bracket. */
9435
9436 if (errorcode == 0 && *ptr != CHAR_NULL) errorcode = ERR22;
9437
9438 /* Fill in the terminating state and check for disastrous overflow, but
9439 if debugging, leave the test till after things are printed out. */
9440
9441 *code++ = OP_END;
9442
9443 #ifndef PCRE_DEBUG
9444 if (code - codestart > length) errorcode = ERR23;
9445 #endif
9446
9447 #ifdef SUPPORT_VALGRIND
9448 /* If the estimated length exceeds the really used length, mark the extra
9449 allocated memory as unaddressable, so that any out-of-bound reads can be
9450 detected. */
9451 VALGRIND_MAKE_MEM_NOACCESS(code, (length - (code - codestart)) * sizeof(pcre_uchar));
9452 #endif
9453
9454 /* Fill in any forward references that are required. There may be repeated
9455 references; optimize for them, as searching a large regex takes time. */
9456
9457 if (cd->hwm > cd->start_workspace)
9458 {
9459 int prev_recno = -1;
9460 const pcre_uchar *groupptr = NULL;
9461 while (errorcode == 0 && cd->hwm > cd->start_workspace)
9462 {
9463 int offset, recno;
9464 cd->hwm -= LINK_SIZE;
9465 offset = GET(cd->hwm, 0);
9466
9467 /* Check that the hwm handling hasn't gone wrong. This whole area is
9468 rewritten in PCRE2 because there are some obscure cases. */
9469
9470 if (offset == 0 || codestart[offset-1] != OP_RECURSE)
9471 {
9472 errorcode = ERR10;
9473 break;
9474 }
9475
9476 recno = GET(codestart, offset);
9477 if (recno != prev_recno)
9478 {
9479 groupptr = PRIV(find_bracket)(codestart, utf, recno);
9480 prev_recno = recno;
9481 }
9482 if (groupptr == NULL) errorcode = ERR53;
9483 else PUT(((pcre_uchar *)codestart), offset, (int)(groupptr - codestart));
9484 }
9485 }
9486
9487 /* If the workspace had to be expanded, free the new memory. Set the pointer to
9488 NULL to indicate that forward references have been filled in. */
9489
9490 if (cd->workspace_size > COMPILE_WORK_SIZE)
9491 (PUBL(free))((void *)cd->start_workspace);
9492 cd->start_workspace = NULL;
9493
9494 /* Give an error if there's back reference to a non-existent capturing
9495 subpattern. */
9496
9497 if (errorcode == 0 && re->top_backref > re->top_bracket) errorcode = ERR15;
9498
9499 /* Unless disabled, check whether any single character iterators can be
9500 auto-possessified. The function overwrites the appropriate opcode values, so
9501 the type of the pointer must be cast. NOTE: the intermediate variable "temp" is
9502 used in this code because at least one compiler gives a warning about loss of
9503 "const" attribute if the cast (pcre_uchar *)codestart is used directly in the
9504 function call. */
9505
9506 if (errorcode == 0 && (options & PCRE_NO_AUTO_POSSESS) == 0)
9507 {
9508 pcre_uchar *temp = (pcre_uchar *)codestart;
9509 auto_possessify(temp, utf, cd);
9510 }
9511
9512 /* If there were any lookbehind assertions that contained OP_RECURSE
9513 (recursions or subroutine calls), a flag is set for them to be checked here,
9514 because they may contain forward references. Actual recursions cannot be fixed
9515 length, but subroutine calls can. It is done like this so that those without
9516 OP_RECURSE that are not fixed length get a diagnosic with a useful offset. The
9517 exceptional ones forgo this. We scan the pattern to check that they are fixed
9518 length, and set their lengths. */
9519
9520 if (errorcode == 0 && cd->check_lookbehind)
9521 {
9522 pcre_uchar *cc = (pcre_uchar *)codestart;
9523
9524 /* Loop, searching for OP_REVERSE items, and process those that do not have
9525 their length set. (Actually, it will also re-process any that have a length
9526 of zero, but that is a pathological case, and it does no harm.) When we find
9527 one, we temporarily terminate the branch it is in while we scan it. */
9528
9529 for (cc = (pcre_uchar *)PRIV(find_bracket)(codestart, utf, -1);
9530 cc != NULL;
9531 cc = (pcre_uchar *)PRIV(find_bracket)(cc, utf, -1))
9532 {
9533 if (GET(cc, 1) == 0)
9534 {
9535 int fixed_length;
9536 pcre_uchar *be = cc - 1 - LINK_SIZE + GET(cc, -LINK_SIZE);
9537 int end_op = *be;
9538 *be = OP_END;
9539 fixed_length = find_fixedlength(cc, (re->options & PCRE_UTF8) != 0, TRUE,
9540 cd, NULL);
9541 *be = end_op;
9542 DPRINTF(("fixed length = %d\n", fixed_length));
9543 if (fixed_length < 0)
9544 {
9545 errorcode = (fixed_length == -2)? ERR36 :
9546 (fixed_length == -4)? ERR70 : ERR25;
9547 break;
9548 }
9549 if (fixed_length > cd->max_lookbehind) cd->max_lookbehind = fixed_length;
9550 PUT(cc, 1, fixed_length);
9551 }
9552 cc += 1 + LINK_SIZE;
9553 }
9554 }
9555
9556 /* Failed to compile, or error while post-processing */
9557
9558 if (errorcode != 0)
9559 {
9560 (PUBL(free))(re);
9561 PCRE_EARLY_ERROR_RETURN:
9562 *erroroffset = (int)(ptr - (const pcre_uchar *)pattern);
9563 PCRE_EARLY_ERROR_RETURN2:
9564 *errorptr = find_error_text(errorcode);
9565 if (errorcodeptr != NULL) *errorcodeptr = errorcode;
9566 return NULL;
9567 }
9568
9569 /* If the anchored option was not passed, set the flag if we can determine that
9570 the pattern is anchored by virtue of ^ characters or \A or anything else, such
9571 as starting with non-atomic .* when DOTALL is set and there are no occurrences
9572 of *PRUNE or *SKIP.
9573
9574 Otherwise, if we know what the first byte has to be, save it, because that
9575 speeds up unanchored matches no end. If not, see if we can set the
9576 PCRE_STARTLINE flag. This is helpful for multiline matches when all branches
9577 start with ^. and also when all branches start with non-atomic .* for
9578 non-DOTALL matches when *PRUNE and SKIP are not present. */
9579
9580 if ((re->options & PCRE_ANCHORED) == 0)
9581 {
9582 if (is_anchored(codestart, 0, cd, 0)) re->options |= PCRE_ANCHORED;
9583 else
9584 {
9585 if (firstcharflags < 0)
9586 firstchar = find_firstassertedchar(codestart, &firstcharflags, FALSE);
9587 if (firstcharflags >= 0) /* Remove caseless flag for non-caseable chars */
9588 {
9589 #if defined COMPILE_PCRE8
9590 re->first_char = firstchar & 0xff;
9591 #elif defined COMPILE_PCRE16
9592 re->first_char = firstchar & 0xffff;
9593 #elif defined COMPILE_PCRE32
9594 re->first_char = firstchar;
9595 #endif
9596 if ((firstcharflags & REQ_CASELESS) != 0)
9597 {
9598 #if defined SUPPORT_UCP && !(defined COMPILE_PCRE8)
9599 /* We ignore non-ASCII first chars in 8 bit mode. */
9600 if (utf)
9601 {
9602 if (re->first_char < 128)
9603 {
9604 if (cd->fcc[re->first_char] != re->first_char)
9605 re->flags |= PCRE_FCH_CASELESS;
9606 }
9607 else if (UCD_OTHERCASE(re->first_char) != re->first_char)
9608 re->flags |= PCRE_FCH_CASELESS;
9609 }
9610 else
9611 #endif
9612 if (MAX_255(re->first_char)
9613 && cd->fcc[re->first_char] != re->first_char)
9614 re->flags |= PCRE_FCH_CASELESS;
9615 }
9616
9617 re->flags |= PCRE_FIRSTSET;
9618 }
9619
9620 else if (is_startline(codestart, 0, cd, 0)) re->flags |= PCRE_STARTLINE;
9621 }
9622 }
9623
9624 /* For an anchored pattern, we use the "required byte" only if it follows a
9625 variable length item in the regex. Remove the caseless flag for non-caseable
9626 bytes. */
9627
9628 if (reqcharflags >= 0 &&
9629 ((re->options & PCRE_ANCHORED) == 0 || (reqcharflags & REQ_VARY) != 0))
9630 {
9631 #if defined COMPILE_PCRE8
9632 re->req_char = reqchar & 0xff;
9633 #elif defined COMPILE_PCRE16
9634 re->req_char = reqchar & 0xffff;
9635 #elif defined COMPILE_PCRE32
9636 re->req_char = reqchar;
9637 #endif
9638 if ((reqcharflags & REQ_CASELESS) != 0)
9639 {
9640 #if defined SUPPORT_UCP && !(defined COMPILE_PCRE8)
9641 /* We ignore non-ASCII first chars in 8 bit mode. */
9642 if (utf)
9643 {
9644 if (re->req_char < 128)
9645 {
9646 if (cd->fcc[re->req_char] != re->req_char)
9647 re->flags |= PCRE_RCH_CASELESS;
9648 }
9649 else if (UCD_OTHERCASE(re->req_char) != re->req_char)
9650 re->flags |= PCRE_RCH_CASELESS;
9651 }
9652 else
9653 #endif
9654 if (MAX_255(re->req_char) && cd->fcc[re->req_char] != re->req_char)
9655 re->flags |= PCRE_RCH_CASELESS;
9656 }
9657
9658 re->flags |= PCRE_REQCHSET;
9659 }
9660
9661 /* Print out the compiled data if debugging is enabled. This is never the
9662 case when building a production library. */
9663
9664 #ifdef PCRE_DEBUG
9665 printf("Length = %d top_bracket = %d top_backref = %d\n",
9666 length, re->top_bracket, re->top_backref);
9667
9668 printf("Options=%08x\n", re->options);
9669
9670 if ((re->flags & PCRE_FIRSTSET) != 0)
9671 {
9672 pcre_uchar ch = re->first_char;
9673 const char *caseless =
9674 ((re->flags & PCRE_FCH_CASELESS) == 0)? "" : " (caseless)";
9675 if (PRINTABLE(ch)) printf("First char = %c%s\n", ch, caseless);
9676 else printf("First char = \\x%02x%s\n", ch, caseless);
9677 }
9678
9679 if ((re->flags & PCRE_REQCHSET) != 0)
9680 {
9681 pcre_uchar ch = re->req_char;
9682 const char *caseless =
9683 ((re->flags & PCRE_RCH_CASELESS) == 0)? "" : " (caseless)";
9684 if (PRINTABLE(ch)) printf("Req char = %c%s\n", ch, caseless);
9685 else printf("Req char = \\x%02x%s\n", ch, caseless);
9686 }
9687
9688 #if defined COMPILE_PCRE8
9689 pcre_printint((pcre *)re, stdout, TRUE);
9690 #elif defined COMPILE_PCRE16
9691 pcre16_printint((pcre *)re, stdout, TRUE);
9692 #elif defined COMPILE_PCRE32
9693 pcre32_printint((pcre *)re, stdout, TRUE);
9694 #endif
9695
9696 /* This check is done here in the debugging case so that the code that
9697 was compiled can be seen. */
9698
9699 if (code - codestart > length)
9700 {
9701 (PUBL(free))(re);
9702 *errorptr = find_error_text(ERR23);
9703 *erroroffset = ptr - (pcre_uchar *)pattern;
9704 if (errorcodeptr != NULL) *errorcodeptr = ERR23;
9705 return NULL;
9706 }
9707 #endif /* PCRE_DEBUG */
9708
9709 /* Check for a pattern than can match an empty string, so that this information
9710 can be provided to applications. */
9711
9712 do
9713 {
9714 if (could_be_empty_branch(codestart, code, utf, cd, NULL))
9715 {
9716 re->flags |= PCRE_MATCH_EMPTY;
9717 break;
9718 }
9719 codestart += GET(codestart, 1);
9720 }
9721 while (*codestart == OP_ALT);
9722
9723 #if defined COMPILE_PCRE8
9724 return (pcre *)re;
9725 #elif defined COMPILE_PCRE16
9726 return (pcre16 *)re;
9727 #elif defined COMPILE_PCRE32
9728 return (pcre32 *)re;
9729 #endif
9730 }
9731
9732 /* End of pcre_compile.c */
9733