/[pcre]/code/branches/pcre16/pcre_compile.c
ViewVC logotype

Diff of /code/branches/pcre16/pcre_compile.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 93 by nigel, Sat Feb 24 21:41:42 2007 UTC revision 514 by ph10, Mon May 3 12:54:22 2010 UTC
# Line 6  Line 6 
6  and semantics are as close as possible to those of the Perl 5 language.  and semantics are as close as possible to those of the Perl 5 language.
7    
8                         Written by Philip Hazel                         Written by Philip Hazel
9             Copyright (c) 1997-2006 University of Cambridge             Copyright (c) 1997-2010 University of Cambridge
10    
11  -----------------------------------------------------------------------------  -----------------------------------------------------------------------------
12  Redistribution and use in source and binary forms, with or without  Redistribution and use in source and binary forms, with or without
# Line 42  POSSIBILITY OF SUCH DAMAGE. Line 42  POSSIBILITY OF SUCH DAMAGE.
42  supporting internal functions that are not used by other modules. */  supporting internal functions that are not used by other modules. */
43    
44    
45    #ifdef HAVE_CONFIG_H
46    #include "config.h"
47    #endif
48    
49  #define NLBLOCK cd             /* Block containing newline information */  #define NLBLOCK cd             /* Block containing newline information */
50  #define PSSTART start_pattern  /* Field containing processed string start */  #define PSSTART start_pattern  /* Field containing processed string start */
51  #define PSEND   end_pattern    /* Field containing processed string end */  #define PSEND   end_pattern    /* Field containing processed string end */
52    
   
53  #include "pcre_internal.h"  #include "pcre_internal.h"
54    
55    
56  /* When DEBUG is defined, we need the pcre_printint() function, which is also  /* When PCRE_DEBUG is defined, we need the pcre_printint() function, which is
57  used by pcretest. DEBUG is not defined when building a production library. */  also used by pcretest. PCRE_DEBUG is not defined when building a production
58    library. */
59    
60  #ifdef DEBUG  #ifdef PCRE_DEBUG
61  #include "pcre_printint.src"  #include "pcre_printint.src"
62  #endif  #endif
63    
64    
65    /* Macro for setting individual bits in class bitmaps. */
66    
67    #define SETBIT(a,b) a[b/8] |= (1 << (b%8))
68    
69    /* Maximum length value to check against when making sure that the integer that
70    holds the compiled pattern length does not overflow. We make it a bit less than
71    INT_MAX to allow for adding in group terminating bytes, so that we don't have
72    to check them every time. */
73    
74    #define OFLOW_MAX (INT_MAX - 20)
75    
76    
77  /*************************************************  /*************************************************
78  *      Code parameters and static tables         *  *      Code parameters and static tables         *
79  *************************************************/  *************************************************/
# Line 76  is 4 there is plenty of room. */ Line 92  is 4 there is plenty of room. */
92    
93  #define COMPILE_WORK_SIZE (4096)  #define COMPILE_WORK_SIZE (4096)
94    
95    /* The overrun tests check for a slightly smaller size so that they detect the
96    overrun before it actually does run off the end of the data block. */
97    
98    #define WORK_SIZE_CHECK (COMPILE_WORK_SIZE - 100)
99    
100    
101  /* Table for handling escaped characters in the range '0'-'z'. Positive returns  /* Table for handling escaped characters in the range '0'-'z'. Positive returns
102  are simple data values; negative values are for special things like \d and so  are simple data values; negative values are for special things like \d and so
103  on. Zero means further processing is needed (for things like \x), or the escape  on. Zero means further processing is needed (for things like \x), or the escape
104  is invalid. */  is invalid. */
105    
106  #if !EBCDIC   /* This is the "normal" table for ASCII systems */  #ifndef EBCDIC
107    
108    /* This is the "normal" table for ASCII systems or for EBCDIC systems running
109    in UTF-8 mode. */
110    
111  static const short int escapes[] = {  static const short int escapes[] = {
112       0,      0,      0,      0,      0,      0,      0,      0,   /* 0 - 7 */       0,                       0,
113       0,      0,    ':',    ';',    '<',    '=',    '>',    '?',   /* 8 - ? */       0,                       0,
114     '@', -ESC_A, -ESC_B, -ESC_C, -ESC_D, -ESC_E,      0, -ESC_G,   /* @ - G */       0,                       0,
115       0,      0,      0,      0,      0,      0,      0,      0,   /* H - O */       0,                       0,
116  -ESC_P, -ESC_Q, -ESC_R, -ESC_S,      0,      0,      0, -ESC_W,   /* P - W */       0,                       0,
117  -ESC_X,      0, -ESC_Z,    '[',   '\\',    ']',    '^',    '_',   /* X - _ */       CHAR_COLON,              CHAR_SEMICOLON,
118     '`',      7, -ESC_b,      0, -ESC_d,  ESC_e,  ESC_f,      0,   /* ` - g */       CHAR_LESS_THAN_SIGN,     CHAR_EQUALS_SIGN,
119       0,      0,      0, -ESC_k,      0,      0,  ESC_n,      0,   /* h - o */       CHAR_GREATER_THAN_SIGN,  CHAR_QUESTION_MARK,
120  -ESC_p,      0,  ESC_r, -ESC_s,  ESC_tee,    0,      0, -ESC_w,   /* p - w */       CHAR_COMMERCIAL_AT,      -ESC_A,
121       0,      0, -ESC_z                                            /* x - z */       -ESC_B,                  -ESC_C,
122         -ESC_D,                  -ESC_E,
123         0,                       -ESC_G,
124         -ESC_H,                  0,
125         0,                       -ESC_K,
126         0,                       0,
127         -ESC_N,                  0,
128         -ESC_P,                  -ESC_Q,
129         -ESC_R,                  -ESC_S,
130         0,                       0,
131         -ESC_V,                  -ESC_W,
132         -ESC_X,                  0,
133         -ESC_Z,                  CHAR_LEFT_SQUARE_BRACKET,
134         CHAR_BACKSLASH,          CHAR_RIGHT_SQUARE_BRACKET,
135         CHAR_CIRCUMFLEX_ACCENT,  CHAR_UNDERSCORE,
136         CHAR_GRAVE_ACCENT,       7,
137         -ESC_b,                  0,
138         -ESC_d,                  ESC_e,
139         ESC_f,                   0,
140         -ESC_h,                  0,
141         0,                       -ESC_k,
142         0,                       0,
143         ESC_n,                   0,
144         -ESC_p,                  0,
145         ESC_r,                   -ESC_s,
146         ESC_tee,                 0,
147         -ESC_v,                  -ESC_w,
148         0,                       0,
149         -ESC_z
150  };  };
151    
152  #else         /* This is the "abnormal" table for EBCDIC systems */  #else
153    
154    /* This is the "abnormal" table for EBCDIC systems without UTF-8 support. */
155    
156  static const short int escapes[] = {  static const short int escapes[] = {
157  /*  48 */     0,     0,      0,     '.',    '<',   '(',    '+',    '|',  /*  48 */     0,     0,      0,     '.',    '<',   '(',    '+',    '|',
158  /*  50 */   '&',     0,      0,       0,      0,     0,      0,      0,  /*  50 */   '&',     0,      0,       0,      0,     0,      0,      0,
# Line 106  static const short int escapes[] = { Line 162  static const short int escapes[] = {
162  /*  70 */     0,     0,      0,       0,      0,     0,      0,      0,  /*  70 */     0,     0,      0,       0,      0,     0,      0,      0,
163  /*  78 */     0,   '`',    ':',     '#',    '@',  '\'',    '=',    '"',  /*  78 */     0,   '`',    ':',     '#',    '@',  '\'',    '=',    '"',
164  /*  80 */     0,     7, -ESC_b,       0, -ESC_d, ESC_e,  ESC_f,      0,  /*  80 */     0,     7, -ESC_b,       0, -ESC_d, ESC_e,  ESC_f,      0,
165  /*  88 */     0,     0,      0,     '{',      0,     0,      0,      0,  /*  88 */-ESC_h,     0,      0,     '{',      0,     0,      0,      0,
166  /*  90 */     0,     0, -ESC_k,     'l',      0, ESC_n,      0, -ESC_p,  /*  90 */     0,     0, -ESC_k,     'l',      0, ESC_n,      0, -ESC_p,
167  /*  98 */     0, ESC_r,      0,     '}',      0,     0,      0,      0,  /*  98 */     0, ESC_r,      0,     '}',      0,     0,      0,      0,
168  /*  A0 */     0,   '~', -ESC_s, ESC_tee,      0,     0, -ESC_w,      0,  /*  A0 */     0,   '~', -ESC_s, ESC_tee,      0,-ESC_v, -ESC_w,      0,
169  /*  A8 */     0,-ESC_z,      0,       0,      0,   '[',      0,      0,  /*  A8 */     0,-ESC_z,      0,       0,      0,   '[',      0,      0,
170  /*  B0 */     0,     0,      0,       0,      0,     0,      0,      0,  /*  B0 */     0,     0,      0,       0,      0,     0,      0,      0,
171  /*  B8 */     0,     0,      0,       0,      0,   ']',    '=',    '-',  /*  B8 */     0,     0,      0,       0,      0,   ']',    '=',    '-',
172  /*  C0 */   '{',-ESC_A, -ESC_B,  -ESC_C, -ESC_D,-ESC_E,      0, -ESC_G,  /*  C0 */   '{',-ESC_A, -ESC_B,  -ESC_C, -ESC_D,-ESC_E,      0, -ESC_G,
173  /*  C8 */     0,     0,      0,       0,      0,     0,      0,      0,  /*  C8 */-ESC_H,     0,      0,       0,      0,     0,      0,      0,
174  /*  D0 */   '}',     0,      0,       0,      0,     0,      0, -ESC_P,  /*  D0 */   '}',     0, -ESC_K,       0,      0,-ESC_N,      0, -ESC_P,
175  /*  D8 */-ESC_Q,-ESC_R,      0,       0,      0,     0,      0,      0,  /*  D8 */-ESC_Q,-ESC_R,      0,       0,      0,     0,      0,      0,
176  /*  E0 */  '\\',     0, -ESC_S,       0,      0,     0, -ESC_W, -ESC_X,  /*  E0 */  '\\',     0, -ESC_S,       0,      0,-ESC_V, -ESC_W, -ESC_X,
177  /*  E8 */     0,-ESC_Z,      0,       0,      0,     0,      0,      0,  /*  E8 */     0,-ESC_Z,      0,       0,      0,     0,      0,      0,
178  /*  F0 */     0,     0,      0,       0,      0,     0,      0,      0,  /*  F0 */     0,     0,      0,       0,      0,     0,      0,      0,
179  /*  F8 */     0,     0,      0,       0,      0,     0,      0,      0  /*  F8 */     0,     0,      0,       0,      0,     0,      0,      0
# Line 125  static const short int escapes[] = { Line 181  static const short int escapes[] = {
181  #endif  #endif
182    
183    
184  /* Tables of names of POSIX character classes and their lengths. The list is  /* Table of special "verbs" like (*PRUNE). This is a short table, so it is
185  terminated by a zero length entry. The first three must be alpha, lower, upper,  searched linearly. Put all the names into a single string, in order to reduce
186  as this is assumed for handling case independence. */  the number of relocations when a shared library is dynamically linked. The
187    string is built from string macros so that it works in UTF-8 mode on EBCDIC
188  static const char *const posix_names[] = {  platforms. */
189    "alpha", "lower", "upper",  
190    "alnum", "ascii", "blank", "cntrl", "digit", "graph",  typedef struct verbitem {
191    "print", "punct", "space", "word",  "xdigit" };    int   len;                 /* Length of verb name */
192      int   op;                  /* Op when no arg, or -1 if arg mandatory */
193      int   op_arg;              /* Op when arg present, or -1 if not allowed */
194    } verbitem;
195    
196    static const char verbnames[] =
197      "\0"                       /* Empty name is a shorthand for MARK */
198      STRING_MARK0
199      STRING_ACCEPT0
200      STRING_COMMIT0
201      STRING_F0
202      STRING_FAIL0
203      STRING_PRUNE0
204      STRING_SKIP0
205      STRING_THEN;
206    
207    static const verbitem verbs[] = {
208      { 0, -1,        OP_MARK },
209      { 4, -1,        OP_MARK },
210      { 6, OP_ACCEPT, -1 },
211      { 6, OP_COMMIT, -1 },
212      { 1, OP_FAIL,   -1 },
213      { 4, OP_FAIL,   -1 },
214      { 5, OP_PRUNE,  OP_PRUNE_ARG },
215      { 4, OP_SKIP,   OP_SKIP_ARG  },
216      { 4, OP_THEN,   OP_THEN_ARG  }
217    };
218    
219    static const int verbcount = sizeof(verbs)/sizeof(verbitem);
220    
221    
222    /* Tables of names of POSIX character classes and their lengths. The names are
223    now all in a single string, to reduce the number of relocations when a shared
224    library is dynamically loaded. The list of lengths is terminated by a zero
225    length entry. The first three must be alpha, lower, upper, as this is assumed
226    for handling case independence. */
227    
228    static const char posix_names[] =
229      STRING_alpha0 STRING_lower0 STRING_upper0 STRING_alnum0
230      STRING_ascii0 STRING_blank0 STRING_cntrl0 STRING_digit0
231      STRING_graph0 STRING_print0 STRING_punct0 STRING_space0
232      STRING_word0  STRING_xdigit;
233    
234  static const uschar posix_name_lengths[] = {  static const uschar posix_name_lengths[] = {
235    5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };    5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };
# Line 171  static const int posix_class_maps[] = { Line 268  static const int posix_class_maps[] = {
268  /* The texts of compile-time error messages. These are "char *" because they  /* The texts of compile-time error messages. These are "char *" because they
269  are passed to the outside world. Do not ever re-use any error number, because  are passed to the outside world. Do not ever re-use any error number, because
270  they are documented. Always add a new error instead. Messages marked DEAD below  they are documented. Always add a new error instead. Messages marked DEAD below
271  are no longer used. */  are no longer used. This used to be a table of strings, but in order to reduce
272    the number of relocations needed when a shared library is loaded dynamically,
273  static const char *error_texts[] = {  it is now one long string. We cannot use a table of offsets, because the
274    "no error",  lengths of inserts such as XSTRING(MAX_NAME_SIZE) are not known. Instead, we
275    "\\ at end of pattern",  simply count through to the one we want - this isn't a performance issue
276    "\\c at end of pattern",  because these strings are used only when there is a compilation error.
277    "unrecognized character follows \\",  
278    "numbers out of order in {} quantifier",  Each substring ends with \0 to insert a null character. This includes the final
279    substring, so that the whole string ends with \0\0, which can be detected when
280    counting through. */
281    
282    static const char error_texts[] =
283      "no error\0"
284      "\\ at end of pattern\0"
285      "\\c at end of pattern\0"
286      "unrecognized character follows \\\0"
287      "numbers out of order in {} quantifier\0"
288    /* 5 */    /* 5 */
289    "number too big in {} quantifier",    "number too big in {} quantifier\0"
290    "missing terminating ] for character class",    "missing terminating ] for character class\0"
291    "invalid escape sequence in character class",    "invalid escape sequence in character class\0"
292    "range out of order in character class",    "range out of order in character class\0"
293    "nothing to repeat",    "nothing to repeat\0"
294    /* 10 */    /* 10 */
295    "operand of unlimited repeat could match the empty string",  /** DEAD **/    "operand of unlimited repeat could match the empty string\0"  /** DEAD **/
296    "internal error: unexpected repeat",    "internal error: unexpected repeat\0"
297    "unrecognized character after (?",    "unrecognized character after (? or (?-\0"
298    "POSIX named classes are supported only within a class",    "POSIX named classes are supported only within a class\0"
299    "missing )",    "missing )\0"
300    /* 15 */    /* 15 */
301    "reference to non-existent subpattern",    "reference to non-existent subpattern\0"
302    "erroffset passed as NULL",    "erroffset passed as NULL\0"
303    "unknown option bit(s) set",    "unknown option bit(s) set\0"
304    "missing ) after comment",    "missing ) after comment\0"
305    "parentheses nested too deeply",  /** DEAD **/    "parentheses nested too deeply\0"  /** DEAD **/
306    /* 20 */    /* 20 */
307    "regular expression too large",    "regular expression is too large\0"
308    "failed to get memory",    "failed to get memory\0"
309    "unmatched parentheses",    "unmatched parentheses\0"
310    "internal error: code overflow",    "internal error: code overflow\0"
311    "unrecognized character after (?<",    "unrecognized character after (?<\0"
312    /* 25 */    /* 25 */
313    "lookbehind assertion is not fixed length",    "lookbehind assertion is not fixed length\0"
314    "malformed number or name after (?(",    "malformed number or name after (?(\0"
315    "conditional group contains more than two branches",    "conditional group contains more than two branches\0"
316    "assertion expected after (?(",    "assertion expected after (?(\0"
317    "(?R or (?digits must be followed by )",    "(?R or (?[+-]digits must be followed by )\0"
318    /* 30 */    /* 30 */
319    "unknown POSIX class name",    "unknown POSIX class name\0"
320    "POSIX collating elements are not supported",    "POSIX collating elements are not supported\0"
321    "this version of PCRE is not compiled with PCRE_UTF8 support",    "this version of PCRE is not compiled with PCRE_UTF8 support\0"
322    "spare error",  /** DEAD **/    "spare error\0"  /** DEAD **/
323    "character value in \\x{...} sequence is too large",    "character value in \\x{...} sequence is too large\0"
324    /* 35 */    /* 35 */
325    "invalid condition (?(0)",    "invalid condition (?(0)\0"
326    "\\C not allowed in lookbehind assertion",    "\\C not allowed in lookbehind assertion\0"
327    "PCRE does not support \\L, \\l, \\N, \\U, or \\u",    "PCRE does not support \\L, \\l, \\N{name}, \\U, or \\u\0"
328    "number after (?C is > 255",    "number after (?C is > 255\0"
329    "closing ) for (?C expected",    "closing ) for (?C expected\0"
330    /* 40 */    /* 40 */
331    "recursive call could loop indefinitely",    "recursive call could loop indefinitely\0"
332    "unrecognized character after (?P",    "unrecognized character after (?P\0"
333    "syntax error in subpattern name (missing terminator)",    "syntax error in subpattern name (missing terminator)\0"
334    "two named subpatterns have the same name",    "two named subpatterns have the same name\0"
335    "invalid UTF-8 string",    "invalid UTF-8 string\0"
336    /* 45 */    /* 45 */
337    "support for \\P, \\p, and \\X has not been compiled",    "support for \\P, \\p, and \\X has not been compiled\0"
338    "malformed \\P or \\p sequence",    "malformed \\P or \\p sequence\0"
339    "unknown property name after \\P or \\p",    "unknown property name after \\P or \\p\0"
340    "subpattern name is too long (maximum " XSTRING(MAX_NAME_SIZE) " characters)",    "subpattern name is too long (maximum " XSTRING(MAX_NAME_SIZE) " characters)\0"
341    "too many named subpatterns (maximum " XSTRING(MAX_NAME_COUNT) ")",    "too many named subpatterns (maximum " XSTRING(MAX_NAME_COUNT) ")\0"
342    /* 50 */    /* 50 */
343    "repeated subpattern is too long",    "repeated subpattern is too long\0"    /** DEAD **/
344    "octal value is greater than \\377 (not in UTF-8 mode)",    "octal value is greater than \\377 (not in UTF-8 mode)\0"
345    "internal error: overran compiling workspace",    "internal error: overran compiling workspace\0"
346    "internal error: previously-checked referenced subpattern not found",    "internal error: previously-checked referenced subpattern not found\0"
347    "DEFINE group contains more than one branch",    "DEFINE group contains more than one branch\0"
348    /* 55 */    /* 55 */
349    "repeating a DEFINE group is not allowed",    "repeating a DEFINE group is not allowed\0"
350    "inconsistent NEWLINE options",    "inconsistent NEWLINE options\0"
351    "\\g is not followed by an (optionally braced) non-zero number"    "\\g is not followed by a braced, angle-bracketed, or quoted name/number or by a plain number\0"
352  };    "a numbered reference must not be zero\0"
353      "an argument is not allowed for (*ACCEPT), (*FAIL), or (*COMMIT)\0"
354      /* 60 */
355      "(*VERB) not recognized\0"
356      "number is too big\0"
357      "subpattern name expected\0"
358      "digit expected after (?+\0"
359      "] is an invalid data character in JavaScript compatibility mode\0"
360      /* 65 */
361      "different names for subpatterns of the same number are not allowed\0"
362      "(*MARK) must have an argument\0"
363      ;
364    
365  /* Table to identify digits and hex digits. This is used when compiling  /* Table to identify digits and hex digits. This is used when compiling
366  patterns. Note that the tables in chartables are dependent on the locale, and  patterns. Note that the tables in chartables are dependent on the locale, and
# Line 262  For convenience, we use the same bit def Line 378  For convenience, we use the same bit def
378    
379  Then we can use ctype_digit and ctype_xdigit in the code. */  Then we can use ctype_digit and ctype_xdigit in the code. */
380    
381  #if !EBCDIC    /* This is the "normal" case, for ASCII systems */  #ifndef EBCDIC
382    
383    /* This is the "normal" case, for ASCII systems, and EBCDIC systems running in
384    UTF-8 mode. */
385    
386  static const unsigned char digitab[] =  static const unsigned char digitab[] =
387    {    {
388    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7 */
# Line 298  static const unsigned char digitab[] = Line 418  static const unsigned char digitab[] =
418    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 240-247 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 240-247 */
419    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};/* 248-255 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};/* 248-255 */
420    
421  #else          /* This is the "abnormal" case, for EBCDIC systems */  #else
422    
423    /* This is the "abnormal" case, for EBCDIC systems not running in UTF-8 mode. */
424    
425  static const unsigned char digitab[] =  static const unsigned char digitab[] =
426    {    {
427    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7  0 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7  0 */
# Line 312  static const unsigned char digitab[] = Line 435  static const unsigned char digitab[] =
435    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*    - 71 40 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*    - 71 40 */
436    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  72- |     */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  72- |     */
437    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  & - 87 50 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  & - 87 50 */
438    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  88-     */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  88- 95    */
439    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  - -103 60 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  - -103 60 */
440    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 104- ?     */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 104- ?     */
441    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 70 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 70 */
# Line 346  static const unsigned char ebcdic_charta Line 469  static const unsigned char ebcdic_charta
469    0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*    - 71 */    0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*    - 71 */
470    0x00,0x00,0x00,0x80,0x00,0x80,0x80,0x80, /*  72- |  */    0x00,0x00,0x00,0x80,0x00,0x80,0x80,0x80, /*  72- |  */
471    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  & - 87 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  & - 87 */
472    0x00,0x00,0x00,0x80,0x80,0x80,0x00,0x00, /*  88-  */    0x00,0x00,0x00,0x80,0x80,0x80,0x00,0x00, /*  88- 95 */
473    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  - -103 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  - -103 */
474    0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x80, /* 104- ?  */    0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x80, /* 104- ?  */
475    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 */
# Line 373  static const unsigned char ebcdic_charta Line 496  static const unsigned char ebcdic_charta
496  /* Definition to allow mutual recursion */  /* Definition to allow mutual recursion */
497    
498  static BOOL  static BOOL
499    compile_regex(int, int, uschar **, const uschar **, int *, BOOL, int, int *,    compile_regex(int, int, uschar **, const uschar **, int *, BOOL, BOOL, int,
500      int *, branch_chain *, compile_data *, int *);      int *, int *, branch_chain *, compile_data *, int *);
501    
502    
503    
504  /*************************************************  /*************************************************
505    *            Find an error text                  *
506    *************************************************/
507    
508    /* The error texts are now all in one long string, to save on relocations. As
509    some of the text is of unknown length, we can't use a table of offsets.
510    Instead, just count through the strings. This is not a performance issue
511    because it happens only when there has been a compilation error.
512    
513    Argument:   the error number
514    Returns:    pointer to the error string
515    */
516    
517    static const char *
518    find_error_text(int n)
519    {
520    const char *s = error_texts;
521    for (; n > 0; n--)
522      {
523      while (*s++ != 0) {};
524      if (*s == 0) return "Error text not found (please report)";
525      }
526    return s;
527    }
528    
529    
530    /*************************************************
531  *            Handle escapes                      *  *            Handle escapes                      *
532  *************************************************/  *************************************************/
533    
# Line 399  Arguments: Line 548  Arguments:
548    
549  Returns:         zero or positive => a data character  Returns:         zero or positive => a data character
550                   negative => a special escape sequence                   negative => a special escape sequence
551                   on error, errorptr is set                   on error, errorcodeptr is set
552  */  */
553    
554  static int  static int
# Line 417  ptr--;                            /* Set Line 566  ptr--;                            /* Set
566    
567  if (c == 0) *errorcodeptr = ERR1;  if (c == 0) *errorcodeptr = ERR1;
568    
569  /* Non-alphamerics are literals. For digits or letters, do an initial lookup in  /* Non-alphanumerics are literals. For digits or letters, do an initial lookup
570  a table. A non-zero result is something that can be returned immediately.  in a table. A non-zero result is something that can be returned immediately.
571  Otherwise further processing may be required. */  Otherwise further processing may be required. */
572    
573  #if !EBCDIC    /* ASCII coding */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
574  else if (c < '0' || c > 'z') {}                           /* Not alphameric */  else if (c < CHAR_0 || c > CHAR_z) {}                     /* Not alphanumeric */
575  else if ((i = escapes[c - '0']) != 0) c = i;  else if ((i = escapes[c - CHAR_0]) != 0) c = i;
576    
577  #else          /* EBCDIC coding */  #else           /* EBCDIC coding */
578  else if (c < 'a' || (ebcdic_chartab[c] & 0x0E) == 0) {}   /* Not alphameric */  else if (c < 'a' || (ebcdic_chartab[c] & 0x0E) == 0) {}   /* Not alphanumeric */
579  else if ((i = escapes[c - 0x48]) != 0)  c = i;  else if ((i = escapes[c - 0x48]) != 0)  c = i;
580  #endif  #endif
581    
# Line 442  else Line 591  else
591      /* A number of Perl escapes are not handled by PCRE. We give an explicit      /* A number of Perl escapes are not handled by PCRE. We give an explicit
592      error. */      error. */
593    
594      case 'l':      case CHAR_l:
595      case 'L':      case CHAR_L:
596      case 'N':      case CHAR_u:
597      case 'u':      case CHAR_U:
     case 'U':  
598      *errorcodeptr = ERR37;      *errorcodeptr = ERR37;
599      break;      break;
600    
601      /* \g must be followed by a number, either plain or braced. If positive, it      /* \g must be followed by one of a number of specific things:
     is an absolute backreference. If negative, it is a relative backreference.  
     This is a Perl 5.10 feature. */  
602    
603      case 'g':      (1) A number, either plain or braced. If positive, it is an absolute
604      if (ptr[1] == '{')      backreference. If negative, it is a relative backreference. This is a Perl
605        5.10 feature.
606    
607        (2) Perl 5.10 also supports \g{name} as a reference to a named group. This
608        is part of Perl's movement towards a unified syntax for back references. As
609        this is synonymous with \k{name}, we fudge it up by pretending it really
610        was \k.
611    
612        (3) For Oniguruma compatibility we also support \g followed by a name or a
613        number either in angle brackets or in single quotes. However, these are
614        (possibly recursive) subroutine calls, _not_ backreferences. Just return
615        the -ESC_g code (cf \k). */
616    
617        case CHAR_g:
618        if (ptr[1] == CHAR_LESS_THAN_SIGN || ptr[1] == CHAR_APOSTROPHE)
619        {        {
620          c = -ESC_g;
621          break;
622          }
623    
624        /* Handle the Perl-compatible cases */
625    
626        if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
627          {
628          const uschar *p;
629          for (p = ptr+2; *p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET; p++)
630            if (*p != CHAR_MINUS && (digitab[*p] & ctype_digit) == 0) break;
631          if (*p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET)
632            {
633            c = -ESC_k;
634            break;
635            }
636        braced = TRUE;        braced = TRUE;
637        ptr++;        ptr++;
638        }        }
639      else braced = FALSE;      else braced = FALSE;
640    
641      if (ptr[1] == '-')      if (ptr[1] == CHAR_MINUS)
642        {        {
643        negated = TRUE;        negated = TRUE;
644        ptr++;        ptr++;
# Line 471  else Line 647  else
647    
648      c = 0;      c = 0;
649      while ((digitab[ptr[1]] & ctype_digit) != 0)      while ((digitab[ptr[1]] & ctype_digit) != 0)
650        c = c * 10 + *(++ptr) - '0';        c = c * 10 + *(++ptr) - CHAR_0;
651    
652      if (c == 0 || (braced && *(++ptr) != '}'))      if (c < 0)   /* Integer overflow */
653          {
654          *errorcodeptr = ERR61;
655          break;
656          }
657    
658        if (braced && *(++ptr) != CHAR_RIGHT_CURLY_BRACKET)
659        {        {
660        *errorcodeptr = ERR57;        *errorcodeptr = ERR57;
661        return 0;        break;
662          }
663    
664        if (c == 0)
665          {
666          *errorcodeptr = ERR58;
667          break;
668        }        }
669    
670      if (negated)      if (negated)
# Line 484  else Line 672  else
672        if (c > bracount)        if (c > bracount)
673          {          {
674          *errorcodeptr = ERR15;          *errorcodeptr = ERR15;
675          return 0;          break;
676          }          }
677        c = bracount - (c - 1);        c = bracount - (c - 1);
678        }        }
# Line 504  else Line 692  else
692      value is greater than 377, the least significant 8 bits are taken. Inside a      value is greater than 377, the least significant 8 bits are taken. Inside a
693      character class, \ followed by a digit is always an octal number. */      character class, \ followed by a digit is always an octal number. */
694    
695      case '1': case '2': case '3': case '4': case '5':      case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4: case CHAR_5:
696      case '6': case '7': case '8': case '9':      case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
697    
698      if (!isclass)      if (!isclass)
699        {        {
700        oldptr = ptr;        oldptr = ptr;
701        c -= '0';        c -= CHAR_0;
702        while ((digitab[ptr[1]] & ctype_digit) != 0)        while ((digitab[ptr[1]] & ctype_digit) != 0)
703          c = c * 10 + *(++ptr) - '0';          c = c * 10 + *(++ptr) - CHAR_0;
704          if (c < 0)    /* Integer overflow */
705            {
706            *errorcodeptr = ERR61;
707            break;
708            }
709        if (c < 10 || c <= bracount)        if (c < 10 || c <= bracount)
710          {          {
711          c = -(ESC_REF + c);          c = -(ESC_REF + c);
# Line 525  else Line 718  else
718      generates a binary zero byte and treats the digit as a following literal.      generates a binary zero byte and treats the digit as a following literal.
719      Thus we have to pull back the pointer by one. */      Thus we have to pull back the pointer by one. */
720    
721      if ((c = *ptr) >= '8')      if ((c = *ptr) >= CHAR_8)
722        {        {
723        ptr--;        ptr--;
724        c = 0;        c = 0;
# Line 538  else Line 731  else
731      to do). Nowadays we allow for larger numbers in UTF-8 mode, but no more      to do). Nowadays we allow for larger numbers in UTF-8 mode, but no more
732      than 3 octal digits. */      than 3 octal digits. */
733    
734      case '0':      case CHAR_0:
735      c -= '0';      c -= CHAR_0;
736      while(i++ < 2 && ptr[1] >= '0' && ptr[1] <= '7')      while(i++ < 2 && ptr[1] >= CHAR_0 && ptr[1] <= CHAR_7)
737          c = c * 8 + *(++ptr) - '0';          c = c * 8 + *(++ptr) - CHAR_0;
738      if (!utf8 && c > 255) *errorcodeptr = ERR51;      if (!utf8 && c > 255) *errorcodeptr = ERR51;
739      break;      break;
740    
# Line 549  else Line 742  else
742      than 0xff in utf8 mode, but only if the ddd are hex digits. If not, { is      than 0xff in utf8 mode, but only if the ddd are hex digits. If not, { is
743      treated as a data character. */      treated as a data character. */
744    
745      case 'x':      case CHAR_x:
746      if (ptr[1] == '{')      if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
747        {        {
748        const uschar *pt = ptr + 2;        const uschar *pt = ptr + 2;
749        int count = 0;        int count = 0;
# Line 559  else Line 752  else
752        while ((digitab[*pt] & ctype_xdigit) != 0)        while ((digitab[*pt] & ctype_xdigit) != 0)
753          {          {
754          register int cc = *pt++;          register int cc = *pt++;
755          if (c == 0 && cc == '0') continue;     /* Leading zeroes */          if (c == 0 && cc == CHAR_0) continue;     /* Leading zeroes */
756          count++;          count++;
757    
758  #if !EBCDIC    /* ASCII coding */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
759          if (cc >= 'a') cc -= 32;               /* Convert to upper case */          if (cc >= CHAR_a) cc -= 32;               /* Convert to upper case */
760          c = (c << 4) + cc - ((cc < 'A')? '0' : ('A' - 10));          c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
761  #else          /* EBCDIC coding */  #else           /* EBCDIC coding */
762          if (cc >= 'a' && cc <= 'z') cc += 64;  /* Convert to upper case */          if (cc >= CHAR_a && cc <= CHAR_z) cc += 64;  /* Convert to upper case */
763          c = (c << 4) + cc - ((cc >= '0')? '0' : ('A' - 10));          c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
764  #endif  #endif
765          }          }
766    
767        if (*pt == '}')        if (*pt == CHAR_RIGHT_CURLY_BRACKET)
768          {          {
769          if (c < 0 || count > (utf8? 8 : 2)) *errorcodeptr = ERR34;          if (c < 0 || count > (utf8? 8 : 2)) *errorcodeptr = ERR34;
770          ptr = pt;          ptr = pt;
# Line 587  else Line 780  else
780      c = 0;      c = 0;
781      while (i++ < 2 && (digitab[ptr[1]] & ctype_xdigit) != 0)      while (i++ < 2 && (digitab[ptr[1]] & ctype_xdigit) != 0)
782        {        {
783        int cc;                               /* Some compilers don't like ++ */        int cc;                                  /* Some compilers don't like */
784        cc = *(++ptr);                        /* in initializers */        cc = *(++ptr);                           /* ++ in initializers */
785  #if !EBCDIC    /* ASCII coding */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
786        if (cc >= 'a') cc -= 32;              /* Convert to upper case */        if (cc >= CHAR_a) cc -= 32;              /* Convert to upper case */
787        c = c * 16 + cc - ((cc < 'A')? '0' : ('A' - 10));        c = c * 16 + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
788  #else          /* EBCDIC coding */  #else           /* EBCDIC coding */
789        if (cc <= 'z') cc += 64;              /* Convert to upper case */        if (cc <= CHAR_z) cc += 64;              /* Convert to upper case */
790        c = c * 16 + cc - ((cc >= '0')? '0' : ('A' - 10));        c = c * 16 + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
791  #endif  #endif
792        }        }
793      break;      break;
# Line 603  else Line 796  else
796      This coding is ASCII-specific, but then the whole concept of \cx is      This coding is ASCII-specific, but then the whole concept of \cx is
797      ASCII-specific. (However, an EBCDIC equivalent has now been added.) */      ASCII-specific. (However, an EBCDIC equivalent has now been added.) */
798    
799      case 'c':      case CHAR_c:
800      c = *(++ptr);      c = *(++ptr);
801      if (c == 0)      if (c == 0)
802        {        {
803        *errorcodeptr = ERR2;        *errorcodeptr = ERR2;
804        return 0;        break;
805        }        }
806    
807  #if !EBCDIC    /* ASCII coding */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
808      if (c >= 'a' && c <= 'z') c -= 32;      if (c >= CHAR_a && c <= CHAR_z) c -= 32;
809      c ^= 0x40;      c ^= 0x40;
810  #else          /* EBCDIC coding */  #else           /* EBCDIC coding */
811      if (c >= 'a' && c <= 'z') c += 64;      if (c >= CHAR_a && c <= CHAR_z) c += 64;
812      c ^= 0xC0;      c ^= 0xC0;
813  #endif  #endif
814      break;      break;
815    
816      /* PCRE_EXTRA enables extensions to Perl in the matter of escapes. Any      /* PCRE_EXTRA enables extensions to Perl in the matter of escapes. Any
817      other alphameric following \ is an error if PCRE_EXTRA was set; otherwise,      other alphanumeric following \ is an error if PCRE_EXTRA was set;
818      for Perl compatibility, it is a literal. This code looks a bit odd, but      otherwise, for Perl compatibility, it is a literal. This code looks a bit
819      there used to be some cases other than the default, and there may be again      odd, but there used to be some cases other than the default, and there may
820      in future, so I haven't "optimized" it. */      be again in future, so I haven't "optimized" it. */
821    
822      default:      default:
823      if ((options & PCRE_EXTRA) != 0) switch(c)      if ((options & PCRE_EXTRA) != 0) switch(c)
# Line 636  else Line 829  else
829      break;      break;
830      }      }
831    }    }
832    
833    /* Perl supports \N{name} for character names, as well as plain \N for "not
834    newline". PCRE does not support \N{name}. */
835    
836    if (c == -ESC_N && ptr[1] == CHAR_LEFT_CURLY_BRACKET)
837      *errorcodeptr = ERR37;
838    
839  *ptrptr = ptr;  *ptrptr = ptr;
840  return c;  return c;
# Line 677  if (c == 0) goto ERROR_RETURN; Line 876  if (c == 0) goto ERROR_RETURN;
876  /* \P or \p can be followed by a name in {}, optionally preceded by ^ for  /* \P or \p can be followed by a name in {}, optionally preceded by ^ for
877  negation. */  negation. */
878    
879  if (c == '{')  if (c == CHAR_LEFT_CURLY_BRACKET)
880    {    {
881    if (ptr[1] == '^')    if (ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
882      {      {
883      *negptr = TRUE;      *negptr = TRUE;
884      ptr++;      ptr++;
885      }      }
886    for (i = 0; i < sizeof(name) - 1; i++)    for (i = 0; i < (int)sizeof(name) - 1; i++)
887      {      {
888      c = *(++ptr);      c = *(++ptr);
889      if (c == 0) goto ERROR_RETURN;      if (c == 0) goto ERROR_RETURN;
890      if (c == '}') break;      if (c == CHAR_RIGHT_CURLY_BRACKET) break;
891      name[i] = c;      name[i] = c;
892      }      }
893    if (c !='}') goto ERROR_RETURN;    if (c != CHAR_RIGHT_CURLY_BRACKET) goto ERROR_RETURN;
894    name[i] = 0;    name[i] = 0;
895    }    }
896    
# Line 713  top = _pcre_utt_size; Line 912  top = _pcre_utt_size;
912  while (bot < top)  while (bot < top)
913    {    {
914    i = (bot + top) >> 1;    i = (bot + top) >> 1;
915    c = strcmp(name, _pcre_utt[i].name);    c = strcmp(name, _pcre_utt_names + _pcre_utt[i].name_offset);
916    if (c == 0)    if (c == 0)
917      {      {
918      *dptr = _pcre_utt[i].value;      *dptr = _pcre_utt[i].value;
# Line 756  is_counted_repeat(const uschar *p) Line 955  is_counted_repeat(const uschar *p)
955  {  {
956  if ((digitab[*p++] & ctype_digit) == 0) return FALSE;  if ((digitab[*p++] & ctype_digit) == 0) return FALSE;
957  while ((digitab[*p] & ctype_digit) != 0) p++;  while ((digitab[*p] & ctype_digit) != 0) p++;
958  if (*p == '}') return TRUE;  if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
959    
960  if (*p++ != ',') return FALSE;  if (*p++ != CHAR_COMMA) return FALSE;
961  if (*p == '}') return TRUE;  if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
962    
963  if ((digitab[*p++] & ctype_digit) == 0) return FALSE;  if ((digitab[*p++] & ctype_digit) == 0) return FALSE;
964  while ((digitab[*p] & ctype_digit) != 0) p++;  while ((digitab[*p] & ctype_digit) != 0) p++;
965    
966  return (*p == '}');  return (*p == CHAR_RIGHT_CURLY_BRACKET);
967  }  }
968    
969    
# Line 797  int max = -1; Line 996  int max = -1;
996  /* Read the minimum value and do a paranoid check: a negative value indicates  /* Read the minimum value and do a paranoid check: a negative value indicates
997  an integer overflow. */  an integer overflow. */
998    
999  while ((digitab[*p] & ctype_digit) != 0) min = min * 10 + *p++ - '0';  while ((digitab[*p] & ctype_digit) != 0) min = min * 10 + *p++ - CHAR_0;
1000  if (min < 0 || min > 65535)  if (min < 0 || min > 65535)
1001    {    {
1002    *errorcodeptr = ERR5;    *errorcodeptr = ERR5;
# Line 807  if (min < 0 || min > 65535) Line 1006  if (min < 0 || min > 65535)
1006  /* Read the maximum value if there is one, and again do a paranoid on its size.  /* Read the maximum value if there is one, and again do a paranoid on its size.
1007  Also, max must not be less than min. */  Also, max must not be less than min. */
1008    
1009  if (*p == '}') max = min; else  if (*p == CHAR_RIGHT_CURLY_BRACKET) max = min; else
1010    {    {
1011    if (*(++p) != '}')    if (*(++p) != CHAR_RIGHT_CURLY_BRACKET)
1012      {      {
1013      max = 0;      max = 0;
1014      while((digitab[*p] & ctype_digit) != 0) max = max * 10 + *p++ - '0';      while((digitab[*p] & ctype_digit) != 0) max = max * 10 + *p++ - CHAR_0;
1015      if (max < 0 || max > 65535)      if (max < 0 || max > 65535)
1016        {        {
1017        *errorcodeptr = ERR5;        *errorcodeptr = ERR5;
# Line 837  return p; Line 1036  return p;
1036    
1037    
1038  /*************************************************  /*************************************************
1039  *       Find forward referenced subpattern       *  *  Subroutine for finding forward reference      *
1040  *************************************************/  *************************************************/
1041    
1042  /* This function scans along a pattern's text looking for capturing  /* This recursive function is called only from find_parens() below. The
1043    top-level call starts at the beginning of the pattern. All other calls must
1044    start at a parenthesis. It scans along a pattern's text looking for capturing
1045  subpatterns, and counting them. If it finds a named pattern that matches the  subpatterns, and counting them. If it finds a named pattern that matches the
1046  name it is given, it returns its number. Alternatively, if the name is NULL, it  name it is given, it returns its number. Alternatively, if the name is NULL, it
1047  returns when it reaches a given numbered subpattern. This is used for forward  returns when it reaches a given numbered subpattern. We know that if (?P< is
1048  references to subpatterns. We know that if (?P< is encountered, the name will  encountered, the name will be terminated by '>' because that is checked in the
1049  be terminated by '>' because that is checked in the first pass.  first pass. Recursion is used to keep track of subpatterns that reset the
1050    capturing group numbers - the (?| feature.
1051    
1052  Arguments:  Arguments:
1053    ptr          current position in the pattern    ptrptr       address of the current character pointer (updated)
1054    count        current count of capturing parens so far encountered    cd           compile background data
1055    name         name to seek, or NULL if seeking a numbered subpattern    name         name to seek, or NULL if seeking a numbered subpattern
1056    lorn         name length, or subpattern number if name is NULL    lorn         name length, or subpattern number if name is NULL
1057    xmode        TRUE if we are in /x mode    xmode        TRUE if we are in /x mode
1058      count        pointer to the current capturing subpattern number (updated)
1059    
1060  Returns:       the number of the named subpattern, or -1 if not found  Returns:       the number of the named subpattern, or -1 if not found
1061  */  */
1062    
1063  static int  static int
1064  find_parens(const uschar *ptr, int count, const uschar *name, int lorn,  find_parens_sub(uschar **ptrptr, compile_data *cd, const uschar *name, int lorn,
1065    BOOL xmode)    BOOL xmode, int *count)
1066  {  {
1067  const uschar *thisname;  uschar *ptr = *ptrptr;
1068    int start_count = *count;
1069    int hwm_count = start_count;
1070    BOOL dup_parens = FALSE;
1071    
1072  for (; *ptr != 0; ptr++)  /* If the first character is a parenthesis, check on the type of group we are
1073    dealing with. The very first call may not start with a parenthesis. */
1074    
1075    if (ptr[0] == CHAR_LEFT_PARENTHESIS)
1076    {    {
1077    int term;    if (ptr[1] == CHAR_QUESTION_MARK &&
1078          ptr[2] == CHAR_VERTICAL_LINE)
1079        {
1080        ptr += 3;
1081        dup_parens = TRUE;
1082        }
1083    
1084      /* Handle a normal, unnamed capturing parenthesis */
1085    
1086      else if (ptr[1] != CHAR_QUESTION_MARK && ptr[1] != CHAR_ASTERISK)
1087        {
1088        *count += 1;
1089        if (name == NULL && *count == lorn) return *count;
1090        ptr++;
1091        }
1092    
1093      /* Handle a condition. If it is an assertion, just carry on so that it
1094      is processed as normal. If not, skip to the closing parenthesis of the
1095      condition (there can't be any nested parens. */
1096    
1097      else if (ptr[2] == CHAR_LEFT_PARENTHESIS)
1098        {
1099        ptr += 2;
1100        if (ptr[1] != CHAR_QUESTION_MARK)
1101          {
1102          while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
1103          if (*ptr != 0) ptr++;
1104          }
1105        }
1106    
1107      /* We have either (? or (* and not a condition */
1108    
1109      else
1110        {
1111        ptr += 2;
1112        if (*ptr == CHAR_P) ptr++;                      /* Allow optional P */
1113    
1114        /* We have to disambiguate (?<! and (?<= from (?<name> for named groups */
1115    
1116        if ((*ptr == CHAR_LESS_THAN_SIGN && ptr[1] != CHAR_EXCLAMATION_MARK &&
1117            ptr[1] != CHAR_EQUALS_SIGN) || *ptr == CHAR_APOSTROPHE)
1118          {
1119          int term;
1120          const uschar *thisname;
1121          *count += 1;
1122          if (name == NULL && *count == lorn) return *count;
1123          term = *ptr++;
1124          if (term == CHAR_LESS_THAN_SIGN) term = CHAR_GREATER_THAN_SIGN;
1125          thisname = ptr;
1126          while (*ptr != term) ptr++;
1127          if (name != NULL && lorn == ptr - thisname &&
1128              strncmp((const char *)name, (const char *)thisname, lorn) == 0)
1129            return *count;
1130          term++;
1131          }
1132        }
1133      }
1134    
1135    /* Past any initial parenthesis handling, scan for parentheses or vertical
1136    bars. */
1137    
1138    for (; *ptr != 0; ptr++)
1139      {
1140    /* Skip over backslashed characters and also entire \Q...\E */    /* Skip over backslashed characters and also entire \Q...\E */
1141    
1142    if (*ptr == '\\')    if (*ptr == CHAR_BACKSLASH)
1143      {      {
1144      if (*(++ptr) == 0) return -1;      if (*(++ptr) == 0) goto FAIL_EXIT;
1145      if (*ptr == 'Q') for (;;)      if (*ptr == CHAR_Q) for (;;)
1146        {        {
1147        while (*(++ptr) != 0 && *ptr != '\\');        while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};
1148        if (*ptr == 0) return -1;        if (*ptr == 0) goto FAIL_EXIT;
1149        if (*(++ptr) == 'E') break;        if (*(++ptr) == CHAR_E) break;
1150        }        }
1151      continue;      continue;
1152      }      }
1153    
1154    /* Skip over character classes */    /* Skip over character classes; this logic must be similar to the way they
1155      are handled for real. If the first character is '^', skip it. Also, if the
1156      first few characters (either before or after ^) are \Q\E or \E we skip them
1157      too. This makes for compatibility with Perl. Note the use of STR macros to
1158      encode "Q\\E" so that it works in UTF-8 on EBCDIC platforms. */
1159    
1160    if (*ptr == '[')    if (*ptr == CHAR_LEFT_SQUARE_BRACKET)
1161      {      {
1162      while (*(++ptr) != ']')      BOOL negate_class = FALSE;
1163        for (;;)
1164        {        {
1165        if (*ptr == '\\')        if (ptr[1] == CHAR_BACKSLASH)
1166            {
1167            if (ptr[2] == CHAR_E)
1168              ptr+= 2;
1169            else if (strncmp((const char *)ptr+2,
1170                     STR_Q STR_BACKSLASH STR_E, 3) == 0)
1171              ptr += 4;
1172            else
1173              break;
1174            }
1175          else if (!negate_class && ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
1176            {
1177            negate_class = TRUE;
1178            ptr++;
1179            }
1180          else break;
1181          }
1182    
1183        /* If the next character is ']', it is a data character that must be
1184        skipped, except in JavaScript compatibility mode. */
1185    
1186        if (ptr[1] == CHAR_RIGHT_SQUARE_BRACKET &&
1187            (cd->external_options & PCRE_JAVASCRIPT_COMPAT) == 0)
1188          ptr++;
1189    
1190        while (*(++ptr) != CHAR_RIGHT_SQUARE_BRACKET)
1191          {
1192          if (*ptr == 0) return -1;
1193          if (*ptr == CHAR_BACKSLASH)
1194          {          {
1195          if (*(++ptr) == 0) return -1;          if (*(++ptr) == 0) goto FAIL_EXIT;
1196          if (*ptr == 'Q') for (;;)          if (*ptr == CHAR_Q) for (;;)
1197            {            {
1198            while (*(++ptr) != 0 && *ptr != '\\');            while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};
1199            if (*ptr == 0) return -1;            if (*ptr == 0) goto FAIL_EXIT;
1200            if (*(++ptr) == 'E') break;            if (*(++ptr) == CHAR_E) break;
1201            }            }
1202          continue;          continue;
1203          }          }
# Line 904  for (; *ptr != 0; ptr++) Line 1207  for (; *ptr != 0; ptr++)
1207    
1208    /* Skip comments in /x mode */    /* Skip comments in /x mode */
1209    
1210    if (xmode && *ptr == '#')    if (xmode && *ptr == CHAR_NUMBER_SIGN)
1211      {      {
1212      while (*(++ptr) != 0 && *ptr != '\n');      while (*(++ptr) != 0 && *ptr != CHAR_NL) {};
1213      if (*ptr == 0) return -1;      if (*ptr == 0) goto FAIL_EXIT;
1214      continue;      continue;
1215      }      }
1216    
1217    /* An opening parens must now be a real metacharacter */    /* Check for the special metacharacters */
1218    
1219    if (*ptr != '(') continue;    if (*ptr == CHAR_LEFT_PARENTHESIS)
   if (ptr[1] != '?')  
1220      {      {
1221      count++;      int rc = find_parens_sub(&ptr, cd, name, lorn, xmode, count);
1222      if (name == NULL && count == lorn) return count;      if (rc > 0) return rc;
1223      continue;      if (*ptr == 0) goto FAIL_EXIT;
1224        }
1225    
1226      else if (*ptr == CHAR_RIGHT_PARENTHESIS)
1227        {
1228        if (dup_parens && *count < hwm_count) *count = hwm_count;
1229        *ptrptr = ptr;
1230        return -1;
1231        }
1232    
1233      else if (*ptr == CHAR_VERTICAL_LINE && dup_parens)
1234        {
1235        if (*count > hwm_count) hwm_count = *count;
1236        *count = start_count;
1237      }      }
1238      }
1239    
1240    ptr += 2;  FAIL_EXIT:
1241    if (*ptr == 'P') ptr++;                      /* Allow optional P */  *ptrptr = ptr;
1242    return -1;
1243    }
1244    
   /* We have to disambiguate (?<! and (?<= from (?<name> */  
1245    
   if ((*ptr != '<' || ptr[1] == '!' || ptr[1] == '=') &&  
        *ptr != '\'')  
     continue;  
1246    
   count++;  
1247    
1248    if (name == NULL && count == lorn) return count;  /*************************************************
1249    term = *ptr++;  *       Find forward referenced subpattern       *
1250    if (term == '<') term = '>';  *************************************************/
1251    thisname = ptr;  
1252    while (*ptr != term) ptr++;  /* This function scans along a pattern's text looking for capturing
1253    if (name != NULL && lorn == ptr - thisname &&  subpatterns, and counting them. If it finds a named pattern that matches the
1254        strncmp((const char *)name, (const char *)thisname, lorn) == 0)  name it is given, it returns its number. Alternatively, if the name is NULL, it
1255      return count;  returns when it reaches a given numbered subpattern. This is used for forward
1256    references to subpatterns. We used to be able to start this scan from the
1257    current compiling point, using the current count value from cd->bracount, and
1258    do it all in a single loop, but the addition of the possibility of duplicate
1259    subpattern numbers means that we have to scan from the very start, in order to
1260    take account of such duplicates, and to use a recursive function to keep track
1261    of the different types of group.
1262    
1263    Arguments:
1264      cd           compile background data
1265      name         name to seek, or NULL if seeking a numbered subpattern
1266      lorn         name length, or subpattern number if name is NULL
1267      xmode        TRUE if we are in /x mode
1268    
1269    Returns:       the number of the found subpattern, or -1 if not found
1270    */
1271    
1272    static int
1273    find_parens(compile_data *cd, const uschar *name, int lorn, BOOL xmode)
1274    {
1275    uschar *ptr = (uschar *)cd->start_pattern;
1276    int count = 0;
1277    int rc;
1278    
1279    /* If the pattern does not start with an opening parenthesis, the first call
1280    to find_parens_sub() will scan right to the end (if necessary). However, if it
1281    does start with a parenthesis, find_parens_sub() will return when it hits the
1282    matching closing parens. That is why we have to have a loop. */
1283    
1284    for (;;)
1285      {
1286      rc = find_parens_sub(&ptr, cd, name, lorn, xmode, &count);
1287      if (rc > 0 || *ptr++ == 0) break;
1288    }    }
1289    
1290  return -1;  return rc;
1291  }  }
1292    
1293    
1294    
1295    
1296  /*************************************************  /*************************************************
1297  *      Find first significant op code            *  *      Find first significant op code            *
1298  *************************************************/  *************************************************/
# Line 996  for (;;) Line 1342  for (;;)
1342    
1343      case OP_CALLOUT:      case OP_CALLOUT:
1344      case OP_CREF:      case OP_CREF:
1345        case OP_NCREF:
1346      case OP_RREF:      case OP_RREF:
1347        case OP_NRREF:
1348      case OP_DEF:      case OP_DEF:
1349      code += _pcre_OP_lengths[*code];      code += _pcre_OP_lengths[*code];
1350      break;      break;
# Line 1012  for (;;) Line 1360  for (;;)
1360    
1361    
1362  /*************************************************  /*************************************************
1363  *        Find the fixed length of a pattern      *  *        Find the fixed length of a branch       *
1364  *************************************************/  *************************************************/
1365    
1366  /* Scan a pattern and compute the fixed length of subject that will match it,  /* Scan a branch and compute the fixed length of subject that will match it,
1367  if the length is fixed. This is needed for dealing with backward assertions.  if the length is fixed. This is needed for dealing with backward assertions.
1368  In UTF8 mode, the result is in characters rather than bytes.  In UTF8 mode, the result is in characters rather than bytes. The branch is
1369    temporarily terminated with OP_END when this function is called.
1370    
1371    This function is called when a backward assertion is encountered, so that if it
1372    fails, the error message can point to the correct place in the pattern.
1373    However, we cannot do this when the assertion contains subroutine calls,
1374    because they can be forward references. We solve this by remembering this case
1375    and doing the check at the end; a flag specifies which mode we are running in.
1376    
1377  Arguments:  Arguments:
1378    code     points to the start of the pattern (the bracket)    code     points to the start of the pattern (the bracket)
1379    options  the compiling options    options  the compiling options
1380      atend    TRUE if called when the pattern is complete
1381      cd       the "compile data" structure
1382    
1383  Returns:   the fixed length, or -1 if there is no fixed length,  Returns:   the fixed length,
1384                 or -1 if there is no fixed length,
1385               or -2 if \C was encountered               or -2 if \C was encountered
1386                 or -3 if an OP_RECURSE item was encountered and atend is FALSE
1387  */  */
1388    
1389  static int  static int
1390  find_fixedlength(uschar *code, int options)  find_fixedlength(uschar *code, int options, BOOL atend, compile_data *cd)
1391  {  {
1392  int length = -1;  int length = -1;
1393    
# Line 1041  branch, check the length against that of Line 1400  branch, check the length against that of
1400  for (;;)  for (;;)
1401    {    {
1402    int d;    int d;
1403      uschar *ce, *cs;
1404    register int op = *cc;    register int op = *cc;
   
1405    switch (op)    switch (op)
1406      {      {
1407      case OP_CBRA:      case OP_CBRA:
1408      case OP_BRA:      case OP_BRA:
1409      case OP_ONCE:      case OP_ONCE:
1410      case OP_COND:      case OP_COND:
1411      d = find_fixedlength(cc + ((op == OP_CBRA)? 2:0), options);      d = find_fixedlength(cc + ((op == OP_CBRA)? 2:0), options, atend, cd);
1412      if (d < 0) return d;      if (d < 0) return d;
1413      branchlength += d;      branchlength += d;
1414      do cc += GET(cc, 1); while (*cc == OP_ALT);      do cc += GET(cc, 1); while (*cc == OP_ALT);
# Line 1072  for (;;) Line 1431  for (;;)
1431      branchlength = 0;      branchlength = 0;
1432      break;      break;
1433    
1434        /* A true recursion implies not fixed length, but a subroutine call may
1435        be OK. If the subroutine is a forward reference, we can't deal with
1436        it until the end of the pattern, so return -3. */
1437    
1438        case OP_RECURSE:
1439        if (!atend) return -3;
1440        cs = ce = (uschar *)cd->start_code + GET(cc, 1);  /* Start subpattern */
1441        do ce += GET(ce, 1); while (*ce == OP_ALT);       /* End subpattern */
1442        if (cc > cs && cc < ce) return -1;                /* Recursion */
1443        d = find_fixedlength(cs + 2, options, atend, cd);
1444        if (d < 0) return d;
1445        branchlength += d;
1446        cc += 1 + LINK_SIZE;
1447        break;
1448    
1449      /* Skip over assertive subpatterns */      /* Skip over assertive subpatterns */
1450    
1451      case OP_ASSERT:      case OP_ASSERT:
# Line 1085  for (;;) Line 1459  for (;;)
1459    
1460      case OP_REVERSE:      case OP_REVERSE:
1461      case OP_CREF:      case OP_CREF:
1462        case OP_NCREF:
1463      case OP_RREF:      case OP_RREF:
1464        case OP_NRREF:
1465      case OP_DEF:      case OP_DEF:
1466      case OP_OPT:      case OP_OPT:
1467      case OP_CALLOUT:      case OP_CALLOUT:
1468      case OP_SOD:      case OP_SOD:
1469      case OP_SOM:      case OP_SOM:
1470        case OP_SET_SOM:
1471      case OP_EOD:      case OP_EOD:
1472      case OP_EODN:      case OP_EODN:
1473      case OP_CIRC:      case OP_CIRC:
# Line 1108  for (;;) Line 1485  for (;;)
1485      branchlength++;      branchlength++;
1486      cc += 2;      cc += 2;
1487  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
1488      if ((options & PCRE_UTF8) != 0)      if ((options & PCRE_UTF8) != 0 && cc[-1] >= 0xc0)
1489        {        cc += _pcre_utf8_table4[cc[-1] & 0x3f];
       while ((*cc & 0xc0) == 0x80) cc++;  
       }  
1490  #endif  #endif
1491      break;      break;
1492    
# Line 1122  for (;;) Line 1497  for (;;)
1497      branchlength += GET2(cc,1);      branchlength += GET2(cc,1);
1498      cc += 4;      cc += 4;
1499  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
1500      if ((options & PCRE_UTF8) != 0)      if ((options & PCRE_UTF8) != 0 && cc[-1] >= 0xc0)
1501        {        cc += _pcre_utf8_table4[cc[-1] & 0x3f];
       while((*cc & 0x80) == 0x80) cc++;  
       }  
1502  #endif  #endif
1503      break;      break;
1504    
1505      case OP_TYPEEXACT:      case OP_TYPEEXACT:
1506      branchlength += GET2(cc,1);      branchlength += GET2(cc,1);
1507        if (cc[3] == OP_PROP || cc[3] == OP_NOTPROP) cc += 2;
1508      cc += 4;      cc += 4;
1509      break;      break;
1510    
# Line 1148  for (;;) Line 1522  for (;;)
1522      case OP_NOT_WORDCHAR:      case OP_NOT_WORDCHAR:
1523      case OP_WORDCHAR:      case OP_WORDCHAR:
1524      case OP_ANY:      case OP_ANY:
1525        case OP_ALLANY:
1526      branchlength++;      branchlength++;
1527      cc++;      cc++;
1528      break;      break;
# Line 1202  for (;;) Line 1577  for (;;)
1577    
1578    
1579  /*************************************************  /*************************************************
1580  *    Scan compiled regex for numbered bracket    *  *    Scan compiled regex for specific bracket    *
1581  *************************************************/  *************************************************/
1582    
1583  /* This little function scans through a compiled pattern until it finds a  /* This little function scans through a compiled pattern until it finds a
1584  capturing bracket with the given number.  capturing bracket with the given number, or, if the number is negative, an
1585    instance of OP_REVERSE for a lookbehind. The function is global in the C sense
1586    so that it can be called from pcre_study() when finding the minimum matching
1587    length.
1588    
1589  Arguments:  Arguments:
1590    code        points to start of expression    code        points to start of expression
1591    utf8        TRUE in UTF-8 mode    utf8        TRUE in UTF-8 mode
1592    number      the required bracket number    number      the required bracket number or negative to find a lookbehind
1593    
1594  Returns:      pointer to the opcode for the bracket, or NULL if not found  Returns:      pointer to the opcode for the bracket, or NULL if not found
1595  */  */
1596    
1597  static const uschar *  const uschar *
1598  find_bracket(const uschar *code, BOOL utf8, int number)  _pcre_find_bracket(const uschar *code, BOOL utf8, int number)
1599  {  {
1600  for (;;)  for (;;)
1601    {    {
# Line 1230  for (;;) Line 1608  for (;;)
1608    
1609    if (c == OP_XCLASS) code += GET(code, 1);    if (c == OP_XCLASS) code += GET(code, 1);
1610    
1611      /* Handle recursion */
1612    
1613      else if (c == OP_REVERSE)
1614        {
1615        if (number < 0) return (uschar *)code;
1616        code += _pcre_OP_lengths[c];
1617        }
1618    
1619    /* Handle capturing bracket */    /* Handle capturing bracket */
1620    
1621    else if (c == OP_CBRA)    else if (c == OP_CBRA)
# Line 1239  for (;;) Line 1625  for (;;)
1625      code += _pcre_OP_lengths[c];      code += _pcre_OP_lengths[c];
1626      }      }
1627    
1628    /* In UTF-8 mode, opcodes that are followed by a character may be followed by    /* Otherwise, we can get the item's length from the table, except that for
1629    a multi-byte character. The length in the table is a minimum, so we have to    repeated character types, we have to test for \p and \P, which have an extra
1630    arrange to skip the extra bytes. */    two bytes of parameters, and for MARK/PRUNE/SKIP/THEN with an argument, we
1631      must add in its length. */
1632    
1633    else    else
1634      {      {
1635        switch(c)
1636          {
1637          case OP_TYPESTAR:
1638          case OP_TYPEMINSTAR:
1639          case OP_TYPEPLUS:
1640          case OP_TYPEMINPLUS:
1641          case OP_TYPEQUERY:
1642          case OP_TYPEMINQUERY:
1643          case OP_TYPEPOSSTAR:
1644          case OP_TYPEPOSPLUS:
1645          case OP_TYPEPOSQUERY:
1646          if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
1647          break;
1648    
1649          case OP_TYPEUPTO:
1650          case OP_TYPEMINUPTO:
1651          case OP_TYPEEXACT:
1652          case OP_TYPEPOSUPTO:
1653          if (code[3] == OP_PROP || code[3] == OP_NOTPROP) code += 2;
1654          break;
1655    
1656          case OP_MARK:
1657          case OP_PRUNE_ARG:
1658          case OP_SKIP_ARG:
1659          case OP_THEN_ARG:
1660          code += code[1];
1661          break;
1662          }
1663    
1664        /* Add in the fixed length from the table */
1665    
1666      code += _pcre_OP_lengths[c];      code += _pcre_OP_lengths[c];
1667    
1668      /* In UTF-8 mode, opcodes that are followed by a character may be followed by
1669      a multi-byte character. The length in the table is a minimum, so we have to
1670      arrange to skip the extra bytes. */
1671    
1672    #ifdef SUPPORT_UTF8
1673      if (utf8) switch(c)      if (utf8) switch(c)
1674        {        {
1675        case OP_CHAR:        case OP_CHAR:
# Line 1266  for (;;) Line 1690  for (;;)
1690        if (code[-1] >= 0xc0) code += _pcre_utf8_table4[code[-1] & 0x3f];        if (code[-1] >= 0xc0) code += _pcre_utf8_table4[code[-1] & 0x3f];
1691        break;        break;
1692        }        }
1693    #else
1694        (void)(utf8);  /* Keep compiler happy by referencing function argument */
1695    #endif
1696      }      }
1697    }    }
1698  }  }
# Line 1301  for (;;) Line 1728  for (;;)
1728    
1729    if (c == OP_XCLASS) code += GET(code, 1);    if (c == OP_XCLASS) code += GET(code, 1);
1730    
1731    /* Otherwise, we get the item's length from the table. In UTF-8 mode, opcodes    /* Otherwise, we can get the item's length from the table, except that for
1732    that are followed by a character may be followed by a multi-byte character.    repeated character types, we have to test for \p and \P, which have an extra
1733    The length in the table is a minimum, so we have to arrange to skip the extra    two bytes of parameters, and for MARK/PRUNE/SKIP/THEN with an argument, we
1734    bytes. */    must add in its length. */
1735    
1736    else    else
1737      {      {
1738        switch(c)
1739          {
1740          case OP_TYPESTAR:
1741          case OP_TYPEMINSTAR:
1742          case OP_TYPEPLUS:
1743          case OP_TYPEMINPLUS:
1744          case OP_TYPEQUERY:
1745          case OP_TYPEMINQUERY:
1746          case OP_TYPEPOSSTAR:
1747          case OP_TYPEPOSPLUS:
1748          case OP_TYPEPOSQUERY:
1749          if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
1750          break;
1751    
1752          case OP_TYPEPOSUPTO:
1753          case OP_TYPEUPTO:
1754          case OP_TYPEMINUPTO:
1755          case OP_TYPEEXACT:
1756          if (code[3] == OP_PROP || code[3] == OP_NOTPROP) code += 2;
1757          break;
1758    
1759          case OP_MARK:
1760          case OP_PRUNE_ARG:
1761          case OP_SKIP_ARG:
1762          case OP_THEN_ARG:
1763          code += code[1];
1764          break;
1765          }
1766    
1767        /* Add in the fixed length from the table */
1768    
1769      code += _pcre_OP_lengths[c];      code += _pcre_OP_lengths[c];
1770    
1771        /* In UTF-8 mode, opcodes that are followed by a character may be followed
1772        by a multi-byte character. The length in the table is a minimum, so we have
1773        to arrange to skip the extra bytes. */
1774    
1775    #ifdef SUPPORT_UTF8
1776      if (utf8) switch(c)      if (utf8) switch(c)
1777        {        {
1778        case OP_CHAR:        case OP_CHAR:
# Line 1329  for (;;) Line 1793  for (;;)
1793        if (code[-1] >= 0xc0) code += _pcre_utf8_table4[code[-1] & 0x3f];        if (code[-1] >= 0xc0) code += _pcre_utf8_table4[code[-1] & 0x3f];
1794        break;        break;
1795        }        }
1796    #else
1797        (void)(utf8);  /* Keep compiler happy by referencing function argument */
1798    #endif
1799      }      }
1800    }    }
1801  }  }
# Line 1343  for (;;) Line 1810  for (;;)
1810  can match the empty string or not. It is called from could_be_empty()  can match the empty string or not. It is called from could_be_empty()
1811  below and from compile_branch() when checking for an unlimited repeat of a  below and from compile_branch() when checking for an unlimited repeat of a
1812  group that can match nothing. Note that first_significant_code() skips over  group that can match nothing. Note that first_significant_code() skips over
1813  assertions. If we hit an unclosed bracket, we return "empty" - this means we've  backward and negative forward assertions when its final argument is TRUE. If we
1814  struck an inner bracket whose current branch will already have been scanned.  hit an unclosed bracket, we return "empty" - this means we've struck an inner
1815    bracket whose current branch will already have been scanned.
1816    
1817  Arguments:  Arguments:
1818    code        points to start of search    code        points to start of search
1819    endcode     points to where to stop    endcode     points to where to stop
1820    utf8        TRUE if in UTF8 mode    utf8        TRUE if in UTF8 mode
1821      cd          contains pointers to tables etc.
1822    
1823  Returns:      TRUE if what is matched could be empty  Returns:      TRUE if what is matched could be empty
1824  */  */
1825    
1826  static BOOL  static BOOL
1827  could_be_empty_branch(const uschar *code, const uschar *endcode, BOOL utf8)  could_be_empty_branch(const uschar *code, const uschar *endcode, BOOL utf8,
1828      compile_data *cd)
1829  {  {
1830  register int c;  register int c;
1831  for (code = first_significant_code(code + _pcre_OP_lengths[*code], NULL, 0, TRUE);  for (code = first_significant_code(code + _pcre_OP_lengths[*code], NULL, 0, TRUE);
# Line 1366  for (code = first_significant_code(code Line 1836  for (code = first_significant_code(code
1836    
1837    c = *code;    c = *code;
1838    
1839    if (c == OP_BRA || c == OP_CBRA || c == OP_ONCE)    /* Skip over forward assertions; the other assertions are skipped by
1840      first_significant_code() with a TRUE final argument. */
1841    
1842      if (c == OP_ASSERT)
1843      {      {
1844      BOOL empty_branch;      do code += GET(code, 1); while (*code == OP_ALT);
1845      if (GET(code, 1) == 0) return TRUE;    /* Hit unclosed bracket */      c = *code;
1846        continue;
1847        }
1848    
1849      /* Scan a closed bracket */    /* Groups with zero repeats can of course be empty; skip them. */
1850    
1851      empty_branch = FALSE;    if (c == OP_BRAZERO || c == OP_BRAMINZERO || c == OP_SKIPZERO)
1852        {
1853        code += _pcre_OP_lengths[c];
1854        do code += GET(code, 1); while (*code == OP_ALT);
1855        c = *code;
1856        continue;
1857        }
1858    
1859      /* For a recursion/subroutine call, if its end has been reached, which
1860      implies a subroutine call, we can scan it. */
1861    
1862      if (c == OP_RECURSE)
1863        {
1864        BOOL empty_branch = FALSE;
1865        const uschar *scode = cd->start_code + GET(code, 1);
1866        if (GET(scode, 1) == 0) return TRUE;    /* Unclosed */
1867      do      do
1868        {        {
1869        if (!empty_branch && could_be_empty_branch(code, endcode, utf8))        if (could_be_empty_branch(scode, endcode, utf8, cd))
1870            {
1871          empty_branch = TRUE;          empty_branch = TRUE;
1872        code += GET(code, 1);          break;
1873            }
1874          scode += GET(scode, 1);
1875        }        }
1876      while (*code == OP_ALT);      while (*scode == OP_ALT);
1877      if (!empty_branch) return FALSE;   /* All branches are non-empty */      if (!empty_branch) return FALSE;  /* All branches are non-empty */
1878        continue;
1879        }
1880    
1881      /* Move past the KET and fudge things so that the increment in the "for"    /* For other groups, scan the branches. */
     above has no effect. */  
1882    
1883      c = OP_END;    if (c == OP_BRA || c == OP_CBRA || c == OP_ONCE || c == OP_COND)
1884      code += 1 + LINK_SIZE - _pcre_OP_lengths[c];      {
1885        BOOL empty_branch;
1886        if (GET(code, 1) == 0) return TRUE;    /* Hit unclosed bracket */
1887    
1888        /* If a conditional group has only one branch, there is a second, implied,
1889        empty branch, so just skip over the conditional, because it could be empty.
1890        Otherwise, scan the individual branches of the group. */
1891    
1892        if (c == OP_COND && code[GET(code, 1)] != OP_ALT)
1893          code += GET(code, 1);
1894        else
1895          {
1896          empty_branch = FALSE;
1897          do
1898            {
1899            if (!empty_branch && could_be_empty_branch(code, endcode, utf8, cd))
1900              empty_branch = TRUE;
1901            code += GET(code, 1);
1902            }
1903          while (*code == OP_ALT);
1904          if (!empty_branch) return FALSE;   /* All branches are non-empty */
1905          }
1906    
1907        c = *code;
1908      continue;      continue;
1909      }      }
1910    
# Line 1395  for (code = first_significant_code(code Line 1912  for (code = first_significant_code(code
1912    
1913    switch (c)    switch (c)
1914      {      {
1915      /* Check for quantifiers after a class */      /* Check for quantifiers after a class. XCLASS is used for classes that
1916        cannot be represented just by a bit map. This includes negated single
1917        high-valued characters. The length in _pcre_OP_lengths[] is zero; the
1918        actual length is stored in the compiled code, so we must update "code"
1919        here. */
1920    
1921  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
1922      case OP_XCLASS:      case OP_XCLASS:
1923      ccode = code + GET(code, 1);      ccode = code += GET(code, 1);
1924      goto CHECK_CLASS_REPEAT;      goto CHECK_CLASS_REPEAT;
1925  #endif  #endif
1926    
# Line 1443  for (code = first_significant_code(code Line 1964  for (code = first_significant_code(code
1964      case OP_NOT_WORDCHAR:      case OP_NOT_WORDCHAR:
1965      case OP_WORDCHAR:      case OP_WORDCHAR:
1966      case OP_ANY:      case OP_ANY:
1967        case OP_ALLANY:
1968      case OP_ANYBYTE:      case OP_ANYBYTE:
1969      case OP_CHAR:      case OP_CHAR:
1970      case OP_CHARNC:      case OP_CHARNC:
# Line 1461  for (code = first_significant_code(code Line 1983  for (code = first_significant_code(code
1983      case OP_TYPEEXACT:      case OP_TYPEEXACT:
1984      return FALSE;      return FALSE;
1985    
1986        /* These are going to continue, as they may be empty, but we have to
1987        fudge the length for the \p and \P cases. */
1988    
1989        case OP_TYPESTAR:
1990        case OP_TYPEMINSTAR:
1991        case OP_TYPEPOSSTAR:
1992        case OP_TYPEQUERY:
1993        case OP_TYPEMINQUERY:
1994        case OP_TYPEPOSQUERY:
1995        if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
1996        break;
1997    
1998        /* Same for these */
1999    
2000        case OP_TYPEUPTO:
2001        case OP_TYPEMINUPTO:
2002        case OP_TYPEPOSUPTO:
2003        if (code[3] == OP_PROP || code[3] == OP_NOTPROP) code += 2;
2004        break;
2005    
2006      /* End of branch */      /* End of branch */
2007    
2008      case OP_KET:      case OP_KET:
# Line 1479  for (code = first_significant_code(code Line 2021  for (code = first_significant_code(code
2021      case OP_QUERY:      case OP_QUERY:
2022      case OP_MINQUERY:      case OP_MINQUERY:
2023      case OP_POSQUERY:      case OP_POSQUERY:
2024        if (utf8 && code[1] >= 0xc0) code += _pcre_utf8_table4[code[1] & 0x3f];
2025        break;
2026    
2027      case OP_UPTO:      case OP_UPTO:
2028      case OP_MINUPTO:      case OP_MINUPTO:
2029      case OP_POSUPTO:      case OP_POSUPTO:
2030      if (utf8) while ((code[2] & 0xc0) == 0x80) code++;      if (utf8 && code[3] >= 0xc0) code += _pcre_utf8_table4[code[3] & 0x3f];
2031      break;      break;
2032  #endif  #endif
2033    
2034        /* MARK, and PRUNE/SKIP/THEN with an argument must skip over the argument
2035        string. */
2036    
2037        case OP_MARK:
2038        case OP_PRUNE_ARG:
2039        case OP_SKIP_ARG:
2040        case OP_THEN_ARG:
2041        code += code[1];
2042        break;
2043    
2044        /* None of the remaining opcodes are required to match a character. */
2045    
2046        default:
2047        break;
2048      }      }
2049    }    }
2050    
# Line 1507  Arguments: Line 2067  Arguments:
2067    endcode     points to where to stop (current RECURSE item)    endcode     points to where to stop (current RECURSE item)
2068    bcptr       points to the chain of current (unclosed) branch starts    bcptr       points to the chain of current (unclosed) branch starts
2069    utf8        TRUE if in UTF-8 mode    utf8        TRUE if in UTF-8 mode
2070      cd          pointers to tables etc
2071    
2072  Returns:      TRUE if what is matched could be empty  Returns:      TRUE if what is matched could be empty
2073  */  */
2074    
2075  static BOOL  static BOOL
2076  could_be_empty(const uschar *code, const uschar *endcode, branch_chain *bcptr,  could_be_empty(const uschar *code, const uschar *endcode, branch_chain *bcptr,
2077    BOOL utf8)    BOOL utf8, compile_data *cd)
2078  {  {
2079  while (bcptr != NULL && bcptr->current >= code)  while (bcptr != NULL && bcptr->current_branch >= code)
2080    {    {
2081    if (!could_be_empty_branch(bcptr->current, endcode, utf8)) return FALSE;    if (!could_be_empty_branch(bcptr->current_branch, endcode, utf8, cd))
2082        return FALSE;
2083    bcptr = bcptr->outer;    bcptr = bcptr->outer;
2084    }    }
2085  return TRUE;  return TRUE;
# Line 1530  return TRUE; Line 2092  return TRUE;
2092  *************************************************/  *************************************************/
2093    
2094  /* This function is called when the sequence "[:" or "[." or "[=" is  /* This function is called when the sequence "[:" or "[." or "[=" is
2095  encountered in a character class. It checks whether this is followed by an  encountered in a character class. It checks whether this is followed by a
2096  optional ^ and then a sequence of letters, terminated by a matching ":]" or  sequence of characters terminated by a matching ":]" or ".]" or "=]". If we
2097  ".]" or "=]".  reach an unescaped ']' without the special preceding character, return FALSE.
2098    
2099    Originally, this function only recognized a sequence of letters between the
2100    terminators, but it seems that Perl recognizes any sequence of characters,
2101    though of course unknown POSIX names are subsequently rejected. Perl gives an
2102    "Unknown POSIX class" error for [:f\oo:] for example, where previously PCRE
2103    didn't consider this to be a POSIX class. Likewise for [:1234:].
2104    
2105    The problem in trying to be exactly like Perl is in the handling of escapes. We
2106    have to be sure that [abc[:x\]pqr] is *not* treated as containing a POSIX
2107    class, but [abc[:x\]pqr:]] is (so that an error can be generated). The code
2108    below handles the special case of \], but does not try to do any other escape
2109    processing. This makes it different from Perl for cases such as [:l\ower:]
2110    where Perl recognizes it as the POSIX class "lower" but PCRE does not recognize
2111    "l\ower". This is a lesser evil that not diagnosing bad classes when Perl does,
2112    I think.
2113    
2114  Argument:  Arguments:
2115    ptr      pointer to the initial [    ptr      pointer to the initial [
2116    endptr   where to return the end pointer    endptr   where to return the end pointer
   cd       pointer to compile data  
2117    
2118  Returns:   TRUE or FALSE  Returns:   TRUE or FALSE
2119  */  */
2120    
2121  static BOOL  static BOOL
2122  check_posix_syntax(const uschar *ptr, const uschar **endptr, compile_data *cd)  check_posix_syntax(const uschar *ptr, const uschar **endptr)
2123  {  {
2124  int terminator;          /* Don't combine these lines; the Solaris cc */  int terminator;          /* Don't combine these lines; the Solaris cc */
2125  terminator = *(++ptr);   /* compiler warns about "non-constant" initializer. */  terminator = *(++ptr);   /* compiler warns about "non-constant" initializer. */
2126  if (*(++ptr) == '^') ptr++;  for (++ptr; *ptr != 0; ptr++)
 while ((cd->ctypes[*ptr] & ctype_letter) != 0) ptr++;  
 if (*ptr == terminator && ptr[1] == ']')  
2127    {    {
2128    *endptr = ptr;    if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET) ptr++; else
2129    return TRUE;      {
2130        if (*ptr == CHAR_RIGHT_SQUARE_BRACKET) return FALSE;
2131        if (*ptr == terminator && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
2132          {
2133          *endptr = ptr;
2134          return TRUE;
2135          }
2136        }
2137    }    }
2138  return FALSE;  return FALSE;
2139  }  }
# Line 1577  Returns:     a value representing the na Line 2158  Returns:     a value representing the na
2158  static int  static int
2159  check_posix_name(const uschar *ptr, int len)  check_posix_name(const uschar *ptr, int len)
2160  {  {
2161    const char *pn = posix_names;
2162  register int yield = 0;  register int yield = 0;
2163  while (posix_name_lengths[yield] != 0)  while (posix_name_lengths[yield] != 0)
2164    {    {
2165    if (len == posix_name_lengths[yield] &&    if (len == posix_name_lengths[yield] &&
2166      strncmp((const char *)ptr, posix_names[yield], len) == 0) return yield;      strncmp((const char *)ptr, pn, len) == 0) return yield;
2167      pn += posix_name_lengths[yield] + 1;
2168    yield++;    yield++;
2169    }    }
2170  return -1;  return -1;
# Line 1596  return -1; Line 2179  return -1;
2179  that is referenced. This means that groups can be replicated for fixed  that is referenced. This means that groups can be replicated for fixed
2180  repetition simply by copying (because the recursion is allowed to refer to  repetition simply by copying (because the recursion is allowed to refer to
2181  earlier groups that are outside the current group). However, when a group is  earlier groups that are outside the current group). However, when a group is
2182  optional (i.e. the minimum quantifier is zero), OP_BRAZERO is inserted before  optional (i.e. the minimum quantifier is zero), OP_BRAZERO or OP_SKIPZERO is
2183  it, after it has been compiled. This means that any OP_RECURSE items within it  inserted before it, after it has been compiled. This means that any OP_RECURSE
2184  that refer to the group itself or any contained groups have to have their  items within it that refer to the group itself or any contained groups have to
2185  offsets adjusted. That one of the jobs of this function. Before it is called,  have their offsets adjusted. That one of the jobs of this function. Before it
2186  the partially compiled regex must be temporarily terminated with OP_END.  is called, the partially compiled regex must be temporarily terminated with
2187    OP_END.
2188    
2189  This function has been extended with the possibility of forward references for  This function has been extended with the possibility of forward references for
2190  recursions and subroutine calls. It must also check the list of such references  recursions and subroutine calls. It must also check the list of such references
# Line 1623  adjust_recurse(uschar *group, int adjust Line 2207  adjust_recurse(uschar *group, int adjust
2207    uschar *save_hwm)    uschar *save_hwm)
2208  {  {
2209  uschar *ptr = group;  uschar *ptr = group;
2210    
2211  while ((ptr = (uschar *)find_recurse(ptr, utf8)) != NULL)  while ((ptr = (uschar *)find_recurse(ptr, utf8)) != NULL)
2212    {    {
2213    int offset;    int offset;
# Line 1734  get_othercase_range(unsigned int *cptr, Line 2319  get_othercase_range(unsigned int *cptr,
2319  unsigned int c, othercase, next;  unsigned int c, othercase, next;
2320    
2321  for (c = *cptr; c <= d; c++)  for (c = *cptr; c <= d; c++)
2322    { if ((othercase = _pcre_ucp_othercase(c)) != NOTACHAR) break; }    { if ((othercase = UCD_OTHERCASE(c)) != c) break; }
2323    
2324  if (c > d) return FALSE;  if (c > d) return FALSE;
2325    
# Line 1743  next = othercase + 1; Line 2328  next = othercase + 1;
2328    
2329  for (++c; c <= d; c++)  for (++c; c <= d; c++)
2330    {    {
2331    if (_pcre_ucp_othercase(c) != next) break;    if (UCD_OTHERCASE(c) != next) break;
2332    next++;    next++;
2333    }    }
2334    
# Line 1789  if ((options & PCRE_EXTENDED) != 0) Line 2374  if ((options & PCRE_EXTENDED) != 0)
2374    for (;;)    for (;;)
2375      {      {
2376      while ((cd->ctypes[*ptr] & ctype_space) != 0) ptr++;      while ((cd->ctypes[*ptr] & ctype_space) != 0) ptr++;
2377      if (*ptr == '#')      if (*ptr == CHAR_NUMBER_SIGN)
2378        {        {
2379        while (*(++ptr) != 0)        while (*(++ptr) != 0)
2380          if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }          if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }
# Line 1801  if ((options & PCRE_EXTENDED) != 0) Line 2386  if ((options & PCRE_EXTENDED) != 0)
2386  /* If the next item is one that we can handle, get its value. A non-negative  /* If the next item is one that we can handle, get its value. A non-negative
2387  value is a character, a negative value is an escape value. */  value is a character, a negative value is an escape value. */
2388    
2389  if (*ptr == '\\')  if (*ptr == CHAR_BACKSLASH)
2390    {    {
2391    int temperrorcode = 0;    int temperrorcode = 0;
2392    next = check_escape(&ptr, &temperrorcode, cd->bracount, options, FALSE);    next = check_escape(&ptr, &temperrorcode, cd->bracount, options, FALSE);
# Line 1826  if ((options & PCRE_EXTENDED) != 0) Line 2411  if ((options & PCRE_EXTENDED) != 0)
2411    for (;;)    for (;;)
2412      {      {
2413      while ((cd->ctypes[*ptr] & ctype_space) != 0) ptr++;      while ((cd->ctypes[*ptr] & ctype_space) != 0) ptr++;
2414      if (*ptr == '#')      if (*ptr == CHAR_NUMBER_SIGN)
2415        {        {
2416        while (*(++ptr) != 0)        while (*(++ptr) != 0)
2417          if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }          if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }
# Line 1837  if ((options & PCRE_EXTENDED) != 0) Line 2422  if ((options & PCRE_EXTENDED) != 0)
2422    
2423  /* If the next thing is itself optional, we have to give up. */  /* If the next thing is itself optional, we have to give up. */
2424    
2425  if (*ptr == '*' || *ptr == '?' || strncmp((char *)ptr, "{0,", 3) == 0)  if (*ptr == CHAR_ASTERISK || *ptr == CHAR_QUESTION_MARK ||
2426    return FALSE;    strncmp((char *)ptr, STR_LEFT_CURLY_BRACKET STR_0 STR_COMMA, 3) == 0)
2427        return FALSE;
2428    
2429  /* Now compare the next item with the previous opcode. If the previous is a  /* Now compare the next item with the previous opcode. If the previous is a
2430  positive single character match, "item" either contains the character or, if  positive single character match, "item" either contains the character or, if
# Line 1853  if (next >= 0) switch(op_code) Line 2439  if (next >= 0) switch(op_code)
2439    case OP_CHAR:    case OP_CHAR:
2440  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
2441    if (utf8 && item > 127) { GETCHAR(item, utf8_char); }    if (utf8 && item > 127) { GETCHAR(item, utf8_char); }
2442    #else
2443      (void)(utf8_char);  /* Keep compiler happy by referencing function argument */
2444  #endif  #endif
2445    return item != next;    return item != next;
2446    
# Line 1871  if (next >= 0) switch(op_code) Line 2459  if (next >= 0) switch(op_code)
2459      unsigned int othercase;      unsigned int othercase;
2460      if (next < 128) othercase = cd->fcc[next]; else      if (next < 128) othercase = cd->fcc[next]; else
2461  #ifdef SUPPORT_UCP  #ifdef SUPPORT_UCP
2462      othercase = _pcre_ucp_othercase((unsigned int)next);      othercase = UCD_OTHERCASE((unsigned int)next);
2463  #else  #else
2464      othercase = NOTACHAR;      othercase = NOTACHAR;
2465  #endif  #endif
# Line 1884  if (next >= 0) switch(op_code) Line 2472  if (next >= 0) switch(op_code)
2472    /* For OP_NOT, "item" must be a single-byte character. */    /* For OP_NOT, "item" must be a single-byte character. */
2473    
2474    case OP_NOT:    case OP_NOT:
   if (next < 0) return FALSE;  /* Not a character */  
2475    if (item == next) return TRUE;    if (item == next) return TRUE;
2476    if ((options & PCRE_CASELESS) == 0) return FALSE;    if ((options & PCRE_CASELESS) == 0) return FALSE;
2477  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
# Line 1893  if (next >= 0) switch(op_code) Line 2480  if (next >= 0) switch(op_code)
2480      unsigned int othercase;      unsigned int othercase;
2481      if (next < 128) othercase = cd->fcc[next]; else      if (next < 128) othercase = cd->fcc[next]; else
2482  #ifdef SUPPORT_UCP  #ifdef SUPPORT_UCP
2483      othercase = _pcre_ucp_othercase(next);      othercase = UCD_OTHERCASE(next);
2484  #else  #else
2485      othercase = NOTACHAR;      othercase = NOTACHAR;
2486  #endif  #endif
# Line 1921  if (next >= 0) switch(op_code) Line 2508  if (next >= 0) switch(op_code)
2508    case OP_NOT_WORDCHAR:    case OP_NOT_WORDCHAR:
2509    return next <= 127 && (cd->ctypes[next] & ctype_word) != 0;    return next <= 127 && (cd->ctypes[next] & ctype_word) != 0;
2510    
2511      case OP_HSPACE:
2512      case OP_NOT_HSPACE:
2513      switch(next)
2514        {
2515        case 0x09:
2516        case 0x20:
2517        case 0xa0:
2518        case 0x1680:
2519        case 0x180e:
2520        case 0x2000:
2521        case 0x2001:
2522        case 0x2002:
2523        case 0x2003:
2524        case 0x2004:
2525        case 0x2005:
2526        case 0x2006:
2527        case 0x2007:
2528        case 0x2008:
2529        case 0x2009:
2530        case 0x200A:
2531        case 0x202f:
2532        case 0x205f:
2533        case 0x3000:
2534        return op_code != OP_HSPACE;
2535        default:
2536        return op_code == OP_HSPACE;
2537        }
2538    
2539      case OP_VSPACE:
2540      case OP_NOT_VSPACE:
2541      switch(next)
2542        {
2543        case 0x0a:
2544        case 0x0b:
2545        case 0x0c:
2546        case 0x0d:
2547        case 0x85:
2548        case 0x2028:
2549        case 0x2029:
2550        return op_code != OP_VSPACE;
2551        default:
2552        return op_code == OP_VSPACE;
2553        }
2554    
2555    default:    default:
2556    return FALSE;    return FALSE;
2557    }    }
# Line 1955  switch(op_code) Line 2586  switch(op_code)
2586      case ESC_W:      case ESC_W:
2587      return item <= 127 && (cd->ctypes[item] & ctype_word) != 0;      return item <= 127 && (cd->ctypes[item] & ctype_word) != 0;
2588    
2589        case ESC_h:
2590        case ESC_H:
2591        switch(item)
2592          {
2593          case 0x09:
2594          case 0x20:
2595          case 0xa0:
2596          case 0x1680:
2597          case 0x180e:
2598          case 0x2000:
2599          case 0x2001:
2600          case 0x2002:
2601          case 0x2003:
2602          case 0x2004:
2603          case 0x2005:
2604          case 0x2006:
2605          case 0x2007:
2606          case 0x2008:
2607          case 0x2009:
2608          case 0x200A:
2609          case 0x202f:
2610          case 0x205f:
2611          case 0x3000:
2612          return -next != ESC_h;
2613          default:
2614          return -next == ESC_h;
2615          }
2616    
2617        case ESC_v:
2618        case ESC_V:
2619        switch(item)
2620          {
2621          case 0x0a:
2622          case 0x0b:
2623          case 0x0c:
2624          case 0x0d:
2625          case 0x85:
2626          case 0x2028:
2627          case 0x2029:
2628          return -next != ESC_v;
2629          default:
2630          return -next == ESC_v;
2631          }
2632    
2633      default:      default:
2634      return FALSE;      return FALSE;
2635      }      }
2636    
2637    case OP_DIGIT:    case OP_DIGIT:
2638    return next == -ESC_D || next == -ESC_s || next == -ESC_W;    return next == -ESC_D || next == -ESC_s || next == -ESC_W ||
2639             next == -ESC_h || next == -ESC_v;
2640    
2641    case OP_NOT_DIGIT:    case OP_NOT_DIGIT:
2642    return next == -ESC_d;    return next == -ESC_d;
# Line 1969  switch(op_code) Line 2645  switch(op_code)
2645    return next == -ESC_S || next == -ESC_d || next == -ESC_w;    return next == -ESC_S || next == -ESC_d || next == -ESC_w;
2646    
2647    case OP_NOT_WHITESPACE:    case OP_NOT_WHITESPACE:
2648    return next == -ESC_s;    return next == -ESC_s || next == -ESC_h || next == -ESC_v;
2649    
2650      case OP_HSPACE:
2651      return next == -ESC_S || next == -ESC_H || next == -ESC_d || next == -ESC_w;
2652    
2653      case OP_NOT_HSPACE:
2654      return next == -ESC_h;
2655    
2656      /* Can't have \S in here because VT matches \S (Perl anomaly) */
2657      case OP_VSPACE:
2658      return next == -ESC_V || next == -ESC_d || next == -ESC_w;
2659    
2660      case OP_NOT_VSPACE:
2661      return next == -ESC_v;
2662    
2663    case OP_WORDCHAR:    case OP_WORDCHAR:
2664    return next == -ESC_W || next == -ESC_s;    return next == -ESC_W || next == -ESC_s || next == -ESC_h || next == -ESC_v;
2665    
2666    case OP_NOT_WORDCHAR:    case OP_NOT_WORDCHAR:
2667    return next == -ESC_w || next == -ESC_d;    return next == -ESC_w || next == -ESC_d;
# Line 2045  uschar classbits[32]; Line 2734  uschar classbits[32];
2734  BOOL class_utf8;  BOOL class_utf8;
2735  BOOL utf8 = (options & PCRE_UTF8) != 0;  BOOL utf8 = (options & PCRE_UTF8) != 0;
2736  uschar *class_utf8data;  uschar *class_utf8data;
2737    uschar *class_utf8data_base;
2738  uschar utf8_char[6];  uschar utf8_char[6];
2739  #else  #else
2740  BOOL utf8 = FALSE;  BOOL utf8 = FALSE;
2741  uschar *utf8_char = NULL;  uschar *utf8_char = NULL;
2742  #endif  #endif
2743    
2744  #ifdef DEBUG  #ifdef PCRE_DEBUG
2745  if (lengthptr != NULL) DPRINTF((">> start branch\n"));  if (lengthptr != NULL) DPRINTF((">> start branch\n"));
2746  #endif  #endif
2747    
# Line 2084  req_caseopt = ((options & PCRE_CASELESS) Line 2774  req_caseopt = ((options & PCRE_CASELESS)
2774  for (;; ptr++)  for (;; ptr++)
2775    {    {
2776    BOOL negate_class;    BOOL negate_class;
2777      BOOL should_flip_negation;
2778    BOOL possessive_quantifier;    BOOL possessive_quantifier;
2779    BOOL is_quantifier;    BOOL is_quantifier;
2780    BOOL is_recurse;    BOOL is_recurse;
2781      BOOL reset_bracount;
2782    int class_charcount;    int class_charcount;
2783    int class_lastchar;    int class_lastchar;
2784    int newoptions;    int newoptions;
2785    int recno;    int recno;
2786      int refsign;
2787    int skipbytes;    int skipbytes;
2788    int subreqbyte;    int subreqbyte;
2789    int subfirstbyte;    int subfirstbyte;
# Line 2107  for (;; ptr++) Line 2800  for (;; ptr++)
2800    
2801    if (lengthptr != NULL)    if (lengthptr != NULL)
2802      {      {
2803  #ifdef DEBUG  #ifdef PCRE_DEBUG
2804      if (code > cd->hwm) cd->hwm = code;                 /* High water info */      if (code > cd->hwm) cd->hwm = code;                 /* High water info */
2805  #endif  #endif
2806      if (code > cd->start_workspace + COMPILE_WORK_SIZE) /* Check for overrun */      if (code > cd->start_workspace + WORK_SIZE_CHECK)   /* Check for overrun */
2807        {        {
2808        *errorcodeptr = ERR52;        *errorcodeptr = ERR52;
2809        goto FAILED;        goto FAILED;
# Line 2123  for (;; ptr++) Line 2816  for (;; ptr++)
2816      */      */
2817    
2818      if (code < last_code) code = last_code;      if (code < last_code) code = last_code;
2819    
2820        /* Paranoid check for integer overflow */
2821    
2822        if (OFLOW_MAX - *lengthptr < code - last_code)
2823          {
2824          *errorcodeptr = ERR20;
2825          goto FAILED;
2826          }
2827    
2828      *lengthptr += code - last_code;      *lengthptr += code - last_code;
2829      DPRINTF(("length=%d added %d c=%c\n", *lengthptr, code - last_code, c));      DPRINTF(("length=%d added %d c=%c\n", *lengthptr, code - last_code, c));
2830    
# Line 2150  for (;; ptr++) Line 2852  for (;; ptr++)
2852    /* In the real compile phase, just check the workspace used by the forward    /* In the real compile phase, just check the workspace used by the forward
2853    reference list. */    reference list. */
2854    
2855    else if (cd->hwm > cd->start_workspace + COMPILE_WORK_SIZE)    else if (cd->hwm > cd->start_workspace + WORK_SIZE_CHECK)
2856      {      {
2857      *errorcodeptr = ERR52;      *errorcodeptr = ERR52;
2858      goto FAILED;      goto FAILED;
# Line 2160  for (;; ptr++) Line 2862  for (;; ptr++)
2862    
2863    if (inescq && c != 0)    if (inescq && c != 0)
2864      {      {
2865      if (c == '\\' && ptr[1] == 'E')      if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E)
2866        {        {
2867        inescq = FALSE;        inescq = FALSE;
2868        ptr++;        ptr++;
# Line 2186  for (;; ptr++) Line 2888  for (;; ptr++)
2888    /* Fill in length of a previous callout, except when the next thing is    /* Fill in length of a previous callout, except when the next thing is
2889    a quantifier. */    a quantifier. */
2890    
2891    is_quantifier = c == '*' || c == '+' || c == '?' ||    is_quantifier =
2892      (c == '{' && is_counted_repeat(ptr+1));      c == CHAR_ASTERISK || c == CHAR_PLUS || c == CHAR_QUESTION_MARK ||
2893        (c == CHAR_LEFT_CURLY_BRACKET && is_counted_repeat(ptr+1));
2894    
2895    if (!is_quantifier && previous_callout != NULL &&    if (!is_quantifier && previous_callout != NULL &&
2896         after_manual_callout-- <= 0)         after_manual_callout-- <= 0)
# Line 2202  for (;; ptr++) Line 2905  for (;; ptr++)
2905    if ((options & PCRE_EXTENDED) != 0)    if ((options & PCRE_EXTENDED) != 0)
2906      {      {
2907      if ((cd->ctypes[c] & ctype_space) != 0) continue;      if ((cd->ctypes[c] & ctype_space) != 0) continue;
2908      if (c == '#')      if (c == CHAR_NUMBER_SIGN)
2909        {        {
2910        while (*(++ptr) != 0)        while (*(++ptr) != 0)
2911          {          {
# Line 2227  for (;; ptr++) Line 2930  for (;; ptr++)
2930      {      {
2931      /* ===================================================================*/      /* ===================================================================*/
2932      case 0:                        /* The branch terminates at string end */      case 0:                        /* The branch terminates at string end */
2933      case '|':                      /* or | or ) */      case CHAR_VERTICAL_LINE:       /* or | or ) */
2934      case ')':      case CHAR_RIGHT_PARENTHESIS:
2935      *firstbyteptr = firstbyte;      *firstbyteptr = firstbyte;
2936      *reqbyteptr = reqbyte;      *reqbyteptr = reqbyte;
2937      *codeptr = code;      *codeptr = code;
2938      *ptrptr = ptr;      *ptrptr = ptr;
2939      if (lengthptr != NULL)      if (lengthptr != NULL)
2940        {        {
2941          if (OFLOW_MAX - *lengthptr < code - last_code)
2942            {
2943            *errorcodeptr = ERR20;
2944            goto FAILED;
2945            }
2946        *lengthptr += code - last_code;   /* To include callout length */        *lengthptr += code - last_code;   /* To include callout length */
2947        DPRINTF((">> end branch\n"));        DPRINTF((">> end branch\n"));
2948        }        }
# Line 2245  for (;; ptr++) Line 2953  for (;; ptr++)
2953      /* Handle single-character metacharacters. In multiline mode, ^ disables      /* Handle single-character metacharacters. In multiline mode, ^ disables
2954      the setting of any following char as a first character. */      the setting of any following char as a first character. */
2955    
2956      case '^':      case CHAR_CIRCUMFLEX_ACCENT:
2957      if ((options & PCRE_MULTILINE) != 0)      if ((options & PCRE_MULTILINE) != 0)
2958        {        {
2959        if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;        if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;
# Line 2254  for (;; ptr++) Line 2962  for (;; ptr++)
2962      *code++ = OP_CIRC;      *code++ = OP_CIRC;
2963      break;      break;
2964    
2965      case '$':      case CHAR_DOLLAR_SIGN:
2966      previous = NULL;      previous = NULL;
2967      *code++ = OP_DOLL;      *code++ = OP_DOLL;
2968      break;      break;
# Line 2262  for (;; ptr++) Line 2970  for (;; ptr++)
2970      /* There can never be a first char if '.' is first, whatever happens about      /* There can never be a first char if '.' is first, whatever happens about
2971      repeats. The value of reqbyte doesn't change either. */      repeats. The value of reqbyte doesn't change either. */
2972    
2973      case '.':      case CHAR_DOT:
2974      if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;      if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;
2975      zerofirstbyte = firstbyte;      zerofirstbyte = firstbyte;
2976      zeroreqbyte = reqbyte;      zeroreqbyte = reqbyte;
2977      previous = code;      previous = code;
2978      *code++ = OP_ANY;      *code++ = ((options & PCRE_DOTALL) != 0)? OP_ALLANY: OP_ANY;
2979      break;      break;
2980    
2981    
# Line 2282  for (;; ptr++) Line 2990  for (;; ptr++)
2990      opcode is compiled. It may optionally have a bit map for characters < 256,      opcode is compiled. It may optionally have a bit map for characters < 256,
2991      but those above are are explicitly listed afterwards. A flag byte tells      but those above are are explicitly listed afterwards. A flag byte tells
2992      whether the bitmap is present, and whether this is a negated class or not.      whether the bitmap is present, and whether this is a negated class or not.
     */  
2993    
2994      case '[':      In JavaScript compatibility mode, an isolated ']' causes an error. In
2995        default (Perl) mode, it is treated as a data character. */
2996    
2997        case CHAR_RIGHT_SQUARE_BRACKET:
2998        if ((cd->external_options & PCRE_JAVASCRIPT_COMPAT) != 0)
2999          {
3000          *errorcodeptr = ERR64;
3001          goto FAILED;
3002          }
3003        goto NORMAL_CHAR;
3004    
3005        case CHAR_LEFT_SQUARE_BRACKET:
3006      previous = code;      previous = code;
3007    
3008      /* PCRE supports POSIX class stuff inside a class. Perl gives an error if      /* PCRE supports POSIX class stuff inside a class. Perl gives an error if
3009      they are encountered at the top level, so we'll do that too. */      they are encountered at the top level, so we'll do that too. */
3010    
3011      if ((ptr[1] == ':' || ptr[1] == '.' || ptr[1] == '=') &&      if ((ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
3012          check_posix_syntax(ptr, &tempptr, cd))           ptr[1] == CHAR_EQUALS_SIGN) &&
3013            check_posix_syntax(ptr, &tempptr))
3014        {        {
3015        *errorcodeptr = (ptr[1] == ':')? ERR13 : ERR31;        *errorcodeptr = (ptr[1] == CHAR_COLON)? ERR13 : ERR31;
3016        goto FAILED;        goto FAILED;
3017        }        }
3018    
3019      /* If the first character is '^', set the negation flag and skip it. */      /* If the first character is '^', set the negation flag and skip it. Also,
3020        if the first few characters (either before or after ^) are \Q\E or \E we
3021        skip them too. This makes for compatibility with Perl. */
3022    
3023      if ((c = *(++ptr)) == '^')      negate_class = FALSE;
3024        for (;;)
3025        {        {
       negate_class = TRUE;  
3026        c = *(++ptr);        c = *(++ptr);
3027          if (c == CHAR_BACKSLASH)
3028            {
3029            if (ptr[1] == CHAR_E)
3030              ptr++;
3031            else if (strncmp((const char *)ptr+1,
3032                              STR_Q STR_BACKSLASH STR_E, 3) == 0)
3033              ptr += 3;
3034            else
3035              break;
3036            }
3037          else if (!negate_class && c == CHAR_CIRCUMFLEX_ACCENT)
3038            negate_class = TRUE;
3039          else break;
3040        }        }
3041      else  
3042        /* Empty classes are allowed in JavaScript compatibility mode. Otherwise,
3043        an initial ']' is taken as a data character -- the code below handles
3044        that. In JS mode, [] must always fail, so generate OP_FAIL, whereas
3045        [^] must match any character, so generate OP_ALLANY. */
3046    
3047        if (c == CHAR_RIGHT_SQUARE_BRACKET &&
3048            (cd->external_options & PCRE_JAVASCRIPT_COMPAT) != 0)
3049        {        {
3050        negate_class = FALSE;        *code++ = negate_class? OP_ALLANY : OP_FAIL;
3051          if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;
3052          zerofirstbyte = firstbyte;
3053          break;
3054        }        }
3055    
3056        /* If a class contains a negative special such as \S, we need to flip the
3057        negation flag at the end, so that support for characters > 255 works
3058        correctly (they are all included in the class). */
3059    
3060        should_flip_negation = FALSE;
3061    
3062      /* Keep a count of chars with values < 256 so that we can optimize the case      /* Keep a count of chars with values < 256 so that we can optimize the case
3063      of just a single character (as long as it's < 256). However, For higher      of just a single character (as long as it's < 256). However, For higher
3064      valued UTF-8 characters, we don't yet do any optimization. */      valued UTF-8 characters, we don't yet do any optimization. */
# Line 2326  for (;; ptr++) Line 3076  for (;; ptr++)
3076  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
3077      class_utf8 = FALSE;                       /* No chars >= 256 */      class_utf8 = FALSE;                       /* No chars >= 256 */
3078      class_utf8data = code + LINK_SIZE + 2;    /* For UTF-8 items */      class_utf8data = code + LINK_SIZE + 2;    /* For UTF-8 items */
3079        class_utf8data_base = class_utf8data;     /* For resetting in pass 1 */
3080  #endif  #endif
3081    
3082      /* Process characters until ] is reached. By writing this as a "do" it      /* Process characters until ] is reached. By writing this as a "do" it
# Line 2341  for (;; ptr++) Line 3092  for (;; ptr++)
3092          {                           /* Braces are required because the */          {                           /* Braces are required because the */
3093          GETCHARLEN(c, ptr, ptr);    /* macro generates multiple statements */          GETCHARLEN(c, ptr, ptr);    /* macro generates multiple statements */
3094          }          }
3095    
3096          /* In the pre-compile phase, accumulate the length of any UTF-8 extra
3097          data and reset the pointer. This is so that very large classes that
3098          contain a zillion UTF-8 characters no longer overwrite the work space
3099          (which is on the stack). */
3100    
3101          if (lengthptr != NULL)
3102            {
3103            *lengthptr += class_utf8data - class_utf8data_base;
3104            class_utf8data = class_utf8data_base;
3105            }
3106    
3107  #endif  #endif
3108    
3109        /* Inside \Q...\E everything is literal except \E */        /* Inside \Q...\E everything is literal except \E */
3110    
3111        if (inescq)        if (inescq)
3112          {          {
3113          if (c == '\\' && ptr[1] == 'E')     /* If we are at \E */          if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E)  /* If we are at \E */
3114            {            {
3115            inescq = FALSE;                   /* Reset literal state */            inescq = FALSE;                   /* Reset literal state */
3116            ptr++;                            /* Skip the 'E' */            ptr++;                            /* Skip the 'E' */
# Line 2362  for (;; ptr++) Line 3125  for (;; ptr++)
3125        [.ch.] and [=ch=] ("collating elements") and fault them, as Perl        [.ch.] and [=ch=] ("collating elements") and fault them, as Perl
3126        5.6 and 5.8 do. */        5.6 and 5.8 do. */
3127    
3128        if (c == '[' &&        if (c == CHAR_LEFT_SQUARE_BRACKET &&
3129            (ptr[1] == ':' || ptr[1] == '.' || ptr[1] == '=') &&            (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
3130            check_posix_syntax(ptr, &tempptr, cd))             ptr[1] == CHAR_EQUALS_SIGN) && check_posix_syntax(ptr, &tempptr))
3131          {          {
3132          BOOL local_negate = FALSE;          BOOL local_negate = FALSE;
3133          int posix_class, taboffset, tabopt;          int posix_class, taboffset, tabopt;
3134          register const uschar *cbits = cd->cbits;          register const uschar *cbits = cd->cbits;
3135          uschar pbits[32];          uschar pbits[32];
3136    
3137          if (ptr[1] != ':')          if (ptr[1] != CHAR_COLON)
3138            {            {
3139            *errorcodeptr = ERR31;            *errorcodeptr = ERR31;
3140            goto FAILED;            goto FAILED;
3141            }            }
3142    
3143          ptr += 2;          ptr += 2;
3144          if (*ptr == '^')          if (*ptr == CHAR_CIRCUMFLEX_ACCENT)
3145            {            {
3146            local_negate = TRUE;            local_negate = TRUE;
3147              should_flip_negation = TRUE;  /* Note negative special */
3148            ptr++;            ptr++;
3149            }            }
3150    
# Line 2445  for (;; ptr++) Line 3209  for (;; ptr++)
3209    
3210        /* Backslash may introduce a single character, or it may introduce one        /* Backslash may introduce a single character, or it may introduce one
3211        of the specials, which just set a flag. The sequence \b is a special        of the specials, which just set a flag. The sequence \b is a special
3212        case. Inside a class (and only there) it is treated as backspace.        case. Inside a class (and only there) it is treated as backspace. We
3213        Elsewhere it marks a word boundary. Other escapes have preset maps ready        assume that other escapes have more than one character in them, so set
3214        to or into the one we are building. We assume they have more than one        class_charcount bigger than one. Unrecognized escapes fall through and
3215        character in them, so set class_charcount bigger than one. */        are either treated as literal characters (by default), or are faulted if
3216          PCRE_EXTRA is set. */
3217    
3218        if (c == '\\')        if (c == CHAR_BACKSLASH)
3219          {          {
3220          c = check_escape(&ptr, errorcodeptr, cd->bracount, options, TRUE);          c = check_escape(&ptr, errorcodeptr, cd->bracount, options, TRUE);
3221          if (*errorcodeptr != 0) goto FAILED;          if (*errorcodeptr != 0) goto FAILED;
3222    
3223          if (-c == ESC_b) c = '\b';       /* \b is backslash in a class */          if (-c == ESC_b) c = CHAR_BS;    /* \b is backspace in a class */
         else if (-c == ESC_X) c = 'X';   /* \X is literal X in a class */  
         else if (-c == ESC_R) c = 'R';   /* \R is literal R in a class */  
3224          else if (-c == ESC_Q)            /* Handle start of quoted string */          else if (-c == ESC_Q)            /* Handle start of quoted string */
3225            {            {
3226            if (ptr[1] == '\\' && ptr[2] == 'E')            if (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
3227              {              {
3228              ptr += 2; /* avoid empty string */              ptr += 2; /* avoid empty string */
3229              }              }
3230            else inescq = TRUE;            else inescq = TRUE;
3231            continue;            continue;
3232            }            }
3233            else if (-c == ESC_E) continue;  /* Ignore orphan \E */
3234    
3235          if (c < 0)          if (c < 0)
3236            {            {
# Line 2482  for (;; ptr++) Line 3246  for (;; ptr++)
3246              continue;              continue;
3247    
3248              case ESC_D:              case ESC_D:
3249                should_flip_negation = TRUE;
3250              for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_digit];              for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_digit];
3251              continue;              continue;
3252    
# Line 2490  for (;; ptr++) Line 3255  for (;; ptr++)
3255              continue;              continue;
3256    
3257              case ESC_W:              case ESC_W:
3258                should_flip_negation = TRUE;
3259              for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_word];              for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_word];
3260              continue;              continue;
3261    
# Line 2499  for (;; ptr++) Line 3265  for (;; ptr++)
3265              continue;              continue;
3266    
3267              case ESC_S:              case ESC_S:
3268                should_flip_negation = TRUE;
3269              for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_space];              for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_space];
3270              classbits[1] |= 0x08;    /* Perl 5.004 onwards omits VT from \s */              classbits[1] |= 0x08;    /* Perl 5.004 onwards omits VT from \s */
3271              continue;              continue;
3272    
             case ESC_E: /* Perl ignores an orphan \E */  
             continue;  
   
3273              default:    /* Not recognized; fall through */              default:    /* Not recognized; fall through */
3274              break;      /* Need "default" setting to stop compiler warning. */              break;      /* Need "default" setting to stop compiler warning. */
3275              }              }
# Line 2515  for (;; ptr++) Line 3279  for (;; ptr++)
3279            else if (c == -ESC_d || c == -ESC_D || c == -ESC_w ||            else if (c == -ESC_d || c == -ESC_D || c == -ESC_w ||
3280                     c == -ESC_W || c == -ESC_s || c == -ESC_S) continue;                     c == -ESC_W || c == -ESC_s || c == -ESC_S) continue;
3281    
3282              /* We need to deal with \H, \h, \V, and \v in both phases because
3283              they use extra memory. */
3284    
3285              if (-c == ESC_h)
3286                {
3287                SETBIT(classbits, 0x09); /* VT */
3288                SETBIT(classbits, 0x20); /* SPACE */
3289                SETBIT(classbits, 0xa0); /* NSBP */
3290    #ifdef SUPPORT_UTF8
3291                if (utf8)
3292                  {
3293                  class_utf8 = TRUE;
3294                  *class_utf8data++ = XCL_SINGLE;
3295                  class_utf8data += _pcre_ord2utf8(0x1680, class_utf8data);
3296                  *class_utf8data++ = XCL_SINGLE;
3297                  class_utf8data += _pcre_ord2utf8(0x180e, class_utf8data);
3298                  *class_utf8data++ = XCL_RANGE;
3299                  class_utf8data += _pcre_ord2utf8(0x2000, class_utf8data);
3300                  class_utf8data += _pcre_ord2utf8(0x200A, class_utf8data);
3301                  *class_utf8data++ = XCL_SINGLE;
3302                  class_utf8data += _pcre_ord2utf8(0x202f, class_utf8data);
3303                  *class_utf8data++ = XCL_SINGLE;
3304                  class_utf8data += _pcre_ord2utf8(0x205f, class_utf8data);
3305                  *class_utf8data++ = XCL_SINGLE;
3306                  class_utf8data += _pcre_ord2utf8(0x3000, class_utf8data);
3307                  }
3308    #endif
3309                continue;
3310                }
3311    
3312              if (-c == ESC_H)
3313                {
3314                for (c = 0; c < 32; c++)
3315                  {
3316                  int x = 0xff;
3317                  switch (c)
3318                    {
3319                    case 0x09/8: x ^= 1 << (0x09%8); break;
3320                    case 0x20/8: x ^= 1 << (0x20%8); break;
3321                    case 0xa0/8: x ^= 1 << (0xa0%8); break;
3322                    default: break;
3323                    }
3324                  classbits[c] |= x;
3325                  }
3326    
3327    #ifdef SUPPORT_UTF8
3328                if (utf8)
3329                  {
3330                  class_utf8 = TRUE;
3331                  *class_utf8data++ = XCL_RANGE;
3332                  class_utf8data += _pcre_ord2utf8(0x0100, class_utf8data);
3333                  class_utf8data += _pcre_ord2utf8(0x167f, class_utf8data);
3334                  *class_utf8data++ = XCL_RANGE;
3335                  class_utf8data += _pcre_ord2utf8(0x1681, class_utf8data);
3336                  class_utf8data += _pcre_ord2utf8(0x180d, class_utf8data);
3337                  *class_utf8data++ = XCL_RANGE;
3338                  class_utf8data += _pcre_ord2utf8(0x180f, class_utf8data);
3339                  class_utf8data += _pcre_ord2utf8(0x1fff, class_utf8data);
3340                  *class_utf8data++ = XCL_RANGE;
3341                  class_utf8data += _pcre_ord2utf8(0x200B, class_utf8data);
3342                  class_utf8data += _pcre_ord2utf8(0x202e, class_utf8data);
3343                  *class_utf8data++ = XCL_RANGE;
3344                  class_utf8data += _pcre_ord2utf8(0x2030, class_utf8data);
3345                  class_utf8data += _pcre_ord2utf8(0x205e, class_utf8data);
3346                  *class_utf8data++ = XCL_RANGE;
3347                  class_utf8data += _pcre_ord2utf8(0x2060, class_utf8data);
3348                  class_utf8data += _pcre_ord2utf8(0x2fff, class_utf8data);
3349                  *class_utf8data++ = XCL_RANGE;
3350                  class_utf8data += _pcre_ord2utf8(0x3001, class_utf8data);
3351                  class_utf8data += _pcre_ord2utf8(0x7fffffff, class_utf8data);
3352                  }
3353    #endif
3354                continue;
3355                }
3356    
3357              if (-c == ESC_v)
3358                {
3359                SETBIT(classbits, 0x0a); /* LF */
3360                SETBIT(classbits, 0x0b); /* VT */
3361                SETBIT(classbits, 0x0c); /* FF */
3362                SETBIT(classbits, 0x0d); /* CR */
3363                SETBIT(classbits, 0x85); /* NEL */
3364    #ifdef SUPPORT_UTF8
3365                if (utf8)
3366                  {
3367                  class_utf8 = TRUE;
3368                  *class_utf8data++ = XCL_RANGE;
3369                  class_utf8data += _pcre_ord2utf8(0x2028, class_utf8data);
3370                  class_utf8data += _pcre_ord2utf8(0x2029, class_utf8data);
3371                  }
3372    #endif
3373                continue;
3374                }
3375    
3376              if (-c == ESC_V)
3377                {
3378                for (c = 0; c < 32; c++)
3379                  {
3380                  int x = 0xff;
3381                  switch (c)
3382                    {
3383                    case 0x0a/8: x ^= 1 << (0x0a%8);
3384                                 x ^= 1 << (0x0b%8);
3385                                 x ^= 1 << (0x0c%8);
3386                                 x ^= 1 << (0x0d%8);
3387                                 break;
3388                    case 0x85/8: x ^= 1 << (0x85%8); break;
3389                    default: break;
3390                    }
3391                  classbits[c] |= x;
3392                  }
3393    
3394    #ifdef SUPPORT_UTF8
3395                if (utf8)
3396                  {
3397                  class_utf8 = TRUE;
3398                  *class_utf8data++ = XCL_RANGE;
3399                  class_utf8data += _pcre_ord2utf8(0x0100, class_utf8data);
3400                  class_utf8data += _pcre_ord2utf8(0x2027, class_utf8data);
3401                  *class_utf8data++ = XCL_RANGE;
3402                  class_utf8data += _pcre_ord2utf8(0x2029, class_utf8data);
3403                  class_utf8data += _pcre_ord2utf8(0x7fffffff, class_utf8data);
3404                  }
3405    #endif
3406                continue;
3407                }
3408    
3409            /* We need to deal with \P and \p in both phases. */            /* We need to deal with \P and \p in both phases. */
3410    
3411  #ifdef SUPPORT_UCP  #ifdef SUPPORT_UCP
# Line 2558  for (;; ptr++) Line 3449  for (;; ptr++)
3449        entirely. The code for handling \Q and \E is messy. */        entirely. The code for handling \Q and \E is messy. */
3450    
3451        CHECK_RANGE:        CHECK_RANGE:
3452        while (ptr[1] == '\\' && ptr[2] == 'E')        while (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
3453          {          {
3454          inescq = FALSE;          inescq = FALSE;
3455          ptr += 2;          ptr += 2;
# Line 2566  for (;; ptr++) Line 3457  for (;; ptr++)
3457    
3458        oldptr = ptr;        oldptr = ptr;
3459    
3460        if (!inescq && ptr[1] == '-')        /* Remember \r or \n */
3461    
3462          if (c == CHAR_CR || c == CHAR_NL) cd->external_flags |= PCRE_HASCRORLF;
3463    
3464          /* Check for range */
3465    
3466          if (!inescq && ptr[1] == CHAR_MINUS)
3467          {          {
3468          int d;          int d;
3469          ptr += 2;          ptr += 2;
3470          while (*ptr == '\\' && ptr[1] == 'E') ptr += 2;          while (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_E) ptr += 2;
3471    
3472          /* If we hit \Q (not followed by \E) at this point, go into escaped          /* If we hit \Q (not followed by \E) at this point, go into escaped
3473          mode. */          mode. */
3474    
3475          while (*ptr == '\\' && ptr[1] == 'Q')          while (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_Q)
3476            {            {
3477            ptr += 2;            ptr += 2;
3478            if (*ptr == '\\' && ptr[1] == 'E') { ptr += 2; continue; }            if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_E)
3479                { ptr += 2; continue; }
3480            inescq = TRUE;            inescq = TRUE;
3481            break;            break;
3482            }            }
3483    
3484          if (*ptr == 0 || (!inescq && *ptr == ']'))          if (*ptr == 0 || (!inescq && *ptr == CHAR_RIGHT_SQUARE_BRACKET))
3485            {            {
3486            ptr = oldptr;            ptr = oldptr;
3487            goto LONE_SINGLE_CHARACTER;            goto LONE_SINGLE_CHARACTER;
# Line 2602  for (;; ptr++) Line 3500  for (;; ptr++)
3500          not any of the other escapes. Perl 5.6 treats a hyphen as a literal          not any of the other escapes. Perl 5.6 treats a hyphen as a literal
3501          in such circumstances. */          in such circumstances. */
3502    
3503          if (!inescq && d == '\\')          if (!inescq && d == CHAR_BACKSLASH)
3504            {            {
3505            d = check_escape(&ptr, errorcodeptr, cd->bracount, options, TRUE);            d = check_escape(&ptr, errorcodeptr, cd->bracount, options, TRUE);
3506            if (*errorcodeptr != 0) goto FAILED;            if (*errorcodeptr != 0) goto FAILED;
3507    
3508            /* \b is backslash; \X is literal X; \R is literal R; any other            /* \b is backspace; any other special means the '-' was literal */
           special means the '-' was literal */  
3509    
3510            if (d < 0)            if (d < 0)
3511              {              {
3512              if (d == -ESC_b) d = '\b';              if (d == -ESC_b) d = CHAR_BS; else
             else if (d == -ESC_X) d = 'X';  
             else if (d == -ESC_R) d = 'R'; else  
3513                {                {
3514                ptr = oldptr;                ptr = oldptr;
3515                goto LONE_SINGLE_CHARACTER;  /* A few lines below */                goto LONE_SINGLE_CHARACTER;  /* A few lines below */
# Line 2633  for (;; ptr++) Line 3528  for (;; ptr++)
3528    
3529          if (d == c) goto LONE_SINGLE_CHARACTER;  /* A few lines below */          if (d == c) goto LONE_SINGLE_CHARACTER;  /* A few lines below */
3530    
3531            /* Remember \r or \n */
3532    
3533            if (d == CHAR_CR || d == CHAR_NL) cd->external_flags |= PCRE_HASCRORLF;
3534    
3535          /* In UTF-8 mode, if the upper limit is > 255, or > 127 for caseless          /* In UTF-8 mode, if the upper limit is > 255, or > 127 for caseless
3536          matching, we have to use an XCLASS with extra data items. Caseless          matching, we have to use an XCLASS with extra data items. Caseless
3537          matching for characters > 127 is available only if UCP support is          matching for characters > 127 is available only if UCP support is
# Line 2655  for (;; ptr++) Line 3554  for (;; ptr++)
3554              unsigned int origd = d;              unsigned int origd = d;
3555              while (get_othercase_range(&cc, origd, &occ, &ocd))              while (get_othercase_range(&cc, origd, &occ, &ocd))
3556                {                {
3557                if (occ >= c && ocd <= d) continue;  /* Skip embedded ranges */                if (occ >= (unsigned int)c &&
3558                      ocd <= (unsigned int)d)
3559                    continue;                          /* Skip embedded ranges */
3560    
3561                if (occ < c  && ocd >= c - 1)        /* Extend the basic range */                if (occ < (unsigned int)c  &&
3562                      ocd >= (unsigned int)c - 1)      /* Extend the basic range */
3563                  {                                  /* if there is overlap,   */                  {                                  /* if there is overlap,   */
3564                  c = occ;                           /* noting that if occ < c */                  c = occ;                           /* noting that if occ < c */
3565                  continue;                          /* we can't have ocd > d  */                  continue;                          /* we can't have ocd > d  */
3566                  }                                  /* because a subrange is  */                  }                                  /* because a subrange is  */
3567                if (ocd > d && occ <= d + 1)         /* always shorter than    */                if (ocd > (unsigned int)d &&
3568                      occ <= (unsigned int)d + 1)      /* always shorter than    */
3569                  {                                  /* the basic range.       */                  {                                  /* the basic range.       */
3570                  d = ocd;                  d = ocd;
3571                  continue;                  continue;
# Line 2747  for (;; ptr++) Line 3650  for (;; ptr++)
3650          if ((options & PCRE_CASELESS) != 0)          if ((options & PCRE_CASELESS) != 0)
3651            {            {
3652            unsigned int othercase;            unsigned int othercase;
3653            if ((othercase = _pcre_ucp_othercase(c)) != NOTACHAR)            if ((othercase = UCD_OTHERCASE(c)) != c)
3654              {              {
3655              *class_utf8data++ = XCL_SINGLE;              *class_utf8data++ = XCL_SINGLE;
3656              class_utf8data += _pcre_ord2utf8(othercase, class_utf8data);              class_utf8data += _pcre_ord2utf8(othercase, class_utf8data);
# Line 2774  for (;; ptr++) Line 3677  for (;; ptr++)
3677    
3678      /* Loop until ']' reached. This "while" is the end of the "do" above. */      /* Loop until ']' reached. This "while" is the end of the "do" above. */
3679    
3680      while ((c = *(++ptr)) != 0 && (c != ']' || inescq));      while ((c = *(++ptr)) != 0 && (c != CHAR_RIGHT_SQUARE_BRACKET || inescq));
3681    
3682      if (c == 0)                          /* Missing terminating ']' */      if (c == 0)                          /* Missing terminating ']' */
3683        {        {
# Line 2782  for (;; ptr++) Line 3685  for (;; ptr++)
3685        goto FAILED;        goto FAILED;
3686        }        }
3687    
3688    
3689    /* This code has been disabled because it would mean that \s counts as
3690    an explicit \r or \n reference, and that's not really what is wanted. Now
3691    we set the flag only if there is a literal "\r" or "\n" in the class. */
3692    
3693    #if 0
3694        /* Remember whether \r or \n are in this class */
3695    
3696        if (negate_class)
3697          {
3698          if ((classbits[1] & 0x24) != 0x24) cd->external_flags |= PCRE_HASCRORLF;
3699          }
3700        else
3701          {
3702          if ((classbits[1] & 0x24) != 0) cd->external_flags |= PCRE_HASCRORLF;
3703          }
3704    #endif
3705    
3706    
3707      /* If class_charcount is 1, we saw precisely one character whose value is      /* If class_charcount is 1, we saw precisely one character whose value is
3708      less than 256. In non-UTF-8 mode we can always optimize. In UTF-8 mode, we      less than 256. As long as there were no characters >= 128 and there was no
3709      can optimize the negative case only if there were no characters >= 128      use of \p or \P, in other words, no use of any XCLASS features, we can
3710      because OP_NOT and the related opcodes like OP_NOTSTAR operate on      optimize.
3711      single-bytes only. This is an historical hangover. Maybe one day we can  
3712      tidy these opcodes to handle multi-byte characters.      In UTF-8 mode, we can optimize the negative case only if there were no
3713        characters >= 128 because OP_NOT and the related opcodes like OP_NOTSTAR
3714        operate on single-bytes only. This is an historical hangover. Maybe one day
3715        we can tidy these opcodes to handle multi-byte characters.
3716    
3717      The optimization throws away the bit map. We turn the item into a      The optimization throws away the bit map. We turn the item into a
3718      1-character OP_CHAR[NC] if it's positive, or OP_NOT if it's negative. Note      1-character OP_CHAR[NC] if it's positive, or OP_NOT if it's negative. Note
# Line 2797  for (;; ptr++) Line 3722  for (;; ptr++)
3722      reqbyte, save the previous value for reinstating. */      reqbyte, save the previous value for reinstating. */
3723    
3724  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
3725      if (class_charcount == 1 &&      if (class_charcount == 1 && !class_utf8 &&
3726            (!utf8 ||        (!utf8 || !negate_class || class_lastchar < 128))
           (!class_utf8 && (!negate_class || class_lastchar < 128))))  
   
3727  #else  #else
3728      if (class_charcount == 1)      if (class_charcount == 1)
3729  #endif  #endif
# Line 2843  for (;; ptr++) Line 3766  for (;; ptr++)
3766      zeroreqbyte = reqbyte;      zeroreqbyte = reqbyte;
3767    
3768      /* If there are characters with values > 255, we have to compile an      /* If there are characters with values > 255, we have to compile an
3769      extended class, with its own opcode. If there are no characters < 256,      extended class, with its own opcode, unless there was a negated special
3770      we can omit the bitmap in the actual compiled code. */      such as \S in the class, because in that case all characters > 255 are in
3771        the class, so any that were explicitly given as well can be ignored. If
3772        (when there are explicit characters > 255 that must be listed) there are no
3773        characters < 256, we can omit the bitmap in the actual compiled code. */
3774    
3775  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
3776      if (class_utf8)      if (class_utf8 && !should_flip_negation)
3777        {        {
3778        *class_utf8data++ = XCL_END;    /* Marks the end of extra data */        *class_utf8data++ = XCL_END;    /* Marks the end of extra data */
3779        *code++ = OP_XCLASS;        *code++ = OP_XCLASS;
# Line 2873  for (;; ptr++) Line 3799  for (;; ptr++)
3799        }        }
3800  #endif  #endif
3801    
3802      /* If there are no characters > 255, negate the 32-byte map if necessary,      /* If there are no characters > 255, set the opcode to OP_CLASS or
3803      and copy it into the code vector. If this is the first thing in the branch,      OP_NCLASS, depending on whether the whole class was negated and whether
3804      there can be no first char setting, whatever the repeat count. Any reqbyte      there were negative specials such as \S in the class. Then copy the 32-byte
3805      setting must remain unchanged after any kind of repeat. */      map into the code vector, negating it if necessary. */
3806    
3807        *code++ = (negate_class == should_flip_negation) ? OP_CLASS : OP_NCLASS;
3808      if (negate_class)      if (negate_class)
3809        {        {
       *code++ = OP_NCLASS;  
3810        if (lengthptr == NULL)    /* Save time in the pre-compile phase */        if (lengthptr == NULL)    /* Save time in the pre-compile phase */
3811          for (c = 0; c < 32; c++) code[c] = ~classbits[c];          for (c = 0; c < 32; c++) code[c] = ~classbits[c];
3812        }        }
3813      else      else
3814        {        {
       *code++ = OP_CLASS;  
3815        memcpy(code, classbits, 32);        memcpy(code, classbits, 32);
3816        }        }
3817      code += 32;      code += 32;
# Line 2897  for (;; ptr++) Line 3822  for (;; ptr++)
3822      /* Various kinds of repeat; '{' is not necessarily a quantifier, but this      /* Various kinds of repeat; '{' is not necessarily a quantifier, but this
3823      has been tested above. */      has been tested above. */
3824    
3825      case '{':      case CHAR_LEFT_CURLY_BRACKET:
3826      if (!is_quantifier) goto NORMAL_CHAR;      if (!is_quantifier) goto NORMAL_CHAR;
3827      ptr = read_repeat_counts(ptr+1, &repeat_min, &repeat_max, errorcodeptr);      ptr = read_repeat_counts(ptr+1, &repeat_min, &repeat_max, errorcodeptr);
3828      if (*errorcodeptr != 0) goto FAILED;      if (*errorcodeptr != 0) goto FAILED;
3829      goto REPEAT;      goto REPEAT;
3830    
3831      case '*':      case CHAR_ASTERISK:
3832      repeat_min = 0;      repeat_min = 0;
3833      repeat_max = -1;      repeat_max = -1;
3834      goto REPEAT;      goto REPEAT;
3835    
3836      case '+':      case CHAR_PLUS:
3837      repeat_min = 1;      repeat_min = 1;
3838      repeat_max = -1;      repeat_max = -1;
3839      goto REPEAT;      goto REPEAT;
3840    
3841      case '?':      case CHAR_QUESTION_MARK:
3842      repeat_min = 0;      repeat_min = 0;
3843      repeat_max = 1;      repeat_max = 1;
3844    
# Line 2948  for (;; ptr++) Line 3873  for (;; ptr++)
3873      but if PCRE_UNGREEDY is set, it works the other way round. We change the      but if PCRE_UNGREEDY is set, it works the other way round. We change the
3874      repeat type to the non-default. */      repeat type to the non-default. */
3875    
3876      if (ptr[1] == '+')      if (ptr[1] == CHAR_PLUS)
3877        {        {
3878        repeat_type = 0;                  /* Force greedy */        repeat_type = 0;                  /* Force greedy */
3879        possessive_quantifier = TRUE;        possessive_quantifier = TRUE;
3880        ptr++;        ptr++;
3881        }        }
3882      else if (ptr[1] == '?')      else if (ptr[1] == CHAR_QUESTION_MARK)
3883        {        {
3884        repeat_type = greedy_non_default;        repeat_type = greedy_non_default;
3885        ptr++;        ptr++;
# Line 3069  for (;; ptr++) Line 3994  for (;; ptr++)
3994    
3995        if (repeat_max == 0) goto END_REPEAT;        if (repeat_max == 0) goto END_REPEAT;
3996    
3997          /*--------------------------------------------------------------------*/
3998          /* This code is obsolete from release 8.00; the restriction was finally
3999          removed: */
4000    
4001        /* All real repeats make it impossible to handle partial matching (maybe        /* All real repeats make it impossible to handle partial matching (maybe
4002        one day we will be able to remove this restriction). */        one day we will be able to remove this restriction). */
4003    
4004        if (repeat_max != 1) cd->nopartial = TRUE;        /* if (repeat_max != 1) cd->external_flags |= PCRE_NOPARTIAL; */
4005          /*--------------------------------------------------------------------*/
4006    
4007        /* Combine the op_type with the repeat_type */        /* Combine the op_type with the repeat_type */
4008    
# Line 3219  for (;; ptr++) Line 4149  for (;; ptr++)
4149          goto END_REPEAT;          goto END_REPEAT;
4150          }          }
4151    
4152          /*--------------------------------------------------------------------*/
4153          /* This code is obsolete from release 8.00; the restriction was finally
4154          removed: */
4155    
4156        /* All real repeats make it impossible to handle partial matching (maybe        /* All real repeats make it impossible to handle partial matching (maybe
4157        one day we will be able to remove this restriction). */        one day we will be able to remove this restriction). */
4158    
4159        if (repeat_max != 1) cd->nopartial = TRUE;        /* if (repeat_max != 1) cd->external_flags |= PCRE_NOPARTIAL; */
4160          /*--------------------------------------------------------------------*/
4161    
4162        if (repeat_min == 0 && repeat_max == -1)        if (repeat_min == 0 && repeat_max == -1)
4163          *code++ = OP_CRSTAR + repeat_type;          *code++ = OP_CRSTAR + repeat_type;
# Line 3258  for (;; ptr++) Line 4193  for (;; ptr++)
4193          goto FAILED;          goto FAILED;
4194          }          }
4195    
       /* This is a paranoid check to stop integer overflow later on */  
   
       if (len > MAX_DUPLENGTH)  
         {  
         *errorcodeptr = ERR50;  
         goto FAILED;  
         }  
   
4196        /* If the maximum repeat count is unlimited, find the end of the bracket        /* If the maximum repeat count is unlimited, find the end of the bracket
4197        by scanning through from the start, and compute the offset back to it        by scanning through from the start, and compute the offset back to it
4198        from the current code pointer. There may be an OP_OPT setting following        from the current code pointer. There may be an OP_OPT setting following
# Line 3288  for (;; ptr++) Line 4215  for (;; ptr++)
4215    
4216        if (repeat_min == 0)        if (repeat_min == 0)
4217          {          {
4218          /* If the maximum is also zero, we just omit the group from the output          /* If the maximum is also zero, we used to just omit the group from the
4219          altogether. */          output altogether, like this:
4220    
4221          if (repeat_max == 0)          ** if (repeat_max == 0)
4222            {          **   {
4223            code = previous;          **   code = previous;
4224            goto END_REPEAT;          **   goto END_REPEAT;
4225            }          **   }
4226    
4227            However, that fails when a group is referenced as a subroutine from
4228            elsewhere in the pattern, so now we stick in OP_SKIPZERO in front of it
4229            so that it is skipped on execution. As we don't have a list of which
4230            groups are referenced, we cannot do this selectively.
4231    
4232            If the maximum is 1 or unlimited, we just have to stick in the BRAZERO
4233            and do no more at this point. However, we do need to adjust any
4234            OP_RECURSE calls inside the group that refer to the group itself or any
4235            internal or forward referenced group, because the offset is from the
4236            start of the whole regex. Temporarily terminate the pattern while doing
4237            this. */
4238    
4239          /* If the maximum is 1 or unlimited, we just have to stick in the          if (repeat_max <= 1)    /* Covers 0, 1, and unlimited */
         BRAZERO and do no more at this point. However, we do need to adjust  
         any OP_RECURSE calls inside the group that refer to the group itself or  
         any internal or forward referenced group, because the offset is from  
         the start of the whole regex. Temporarily terminate the pattern while  
         doing this. */  
   
         if (repeat_max <= 1)  
4240            {            {
4241            *code = OP_END;            *code = OP_END;
4242            adjust_recurse(previous, 1, utf8, cd, save_hwm);            adjust_recurse(previous, 1, utf8, cd, save_hwm);
4243            memmove(previous+1, previous, len);            memmove(previous+1, previous, len);
4244            code++;            code++;
4245              if (repeat_max == 0)
4246                {
4247                *previous++ = OP_SKIPZERO;
4248                goto END_REPEAT;
4249                }
4250            *previous++ = OP_BRAZERO + repeat_type;            *previous++ = OP_BRAZERO + repeat_type;
4251            }            }
4252    
# Line 3354  for (;; ptr++) Line 4291  for (;; ptr++)
4291          if (repeat_min > 1)          if (repeat_min > 1)
4292            {            {
4293            /* In the pre-compile phase, we don't actually do the replication. We            /* In the pre-compile phase, we don't actually do the replication. We
4294            just adjust the length as if we had. */            just adjust the length as if we had. Do some paranoid checks for
4295              potential integer overflow. The INT64_OR_DOUBLE type is a 64-bit
4296              integer type when available, otherwise double. */
4297    
4298            if (lengthptr != NULL)            if (lengthptr != NULL)
4299              *lengthptr += (repeat_min - 1)*length_prevgroup;              {
4300                int delta = (repeat_min - 1)*length_prevgroup;
4301                if ((INT64_OR_DOUBLE)(repeat_min - 1)*
4302                      (INT64_OR_DOUBLE)length_prevgroup >
4303                        (INT64_OR_DOUBLE)INT_MAX ||
4304                    OFLOW_MAX - *lengthptr < delta)
4305                  {
4306                  *errorcodeptr = ERR20;
4307                  goto FAILED;
4308                  }
4309                *lengthptr += delta;
4310                }
4311    
4312            /* This is compiling for real */            /* This is compiling for real */
4313    
# Line 3395  for (;; ptr++) Line 4345  for (;; ptr++)
4345          /* In the pre-compile phase, we don't actually do the replication. We          /* In the pre-compile phase, we don't actually do the replication. We
4346          just adjust the length as if we had. For each repetition we must add 1          just adjust the length as if we had. For each repetition we must add 1
4347          to the length for BRAZERO and for all but the last repetition we must          to the length for BRAZERO and for all but the last repetition we must
4348          add 2 + 2*LINKSIZE to allow for the nesting that occurs. */          add 2 + 2*LINKSIZE to allow for the nesting that occurs. Do some
4349            paranoid checks to avoid integer overflow. The INT64_OR_DOUBLE type is
4350            a 64-bit integer type when available, otherwise double. */
4351    
4352          if (lengthptr != NULL && repeat_max > 0)          if (lengthptr != NULL && repeat_max > 0)
4353            *lengthptr += repeat_max * (length_prevgroup + 1 + 2 + 2*LINK_SIZE) -            {
4354              2 - 2*LINK_SIZE;  /* Last one doesn't nest */            int delta = repeat_max * (length_prevgroup + 1 + 2 + 2*LINK_SIZE) -
4355                          2 - 2*LINK_SIZE;   /* Last one doesn't nest */
4356              if ((INT64_OR_DOUBLE)repeat_max *
4357                    (INT64_OR_DOUBLE)(length_prevgroup + 1 + 2 + 2*LINK_SIZE)
4358                      > (INT64_OR_DOUBLE)INT_MAX ||
4359                  OFLOW_MAX - *lengthptr < delta)
4360                {
4361                *errorcodeptr = ERR20;
4362                goto FAILED;
4363                }
4364              *lengthptr += delta;
4365              }
4366    
4367          /* This is compiling for real */          /* This is compiling for real */
4368    
# Line 3469  for (;; ptr++) Line 4432  for (;; ptr++)
4432            uschar *scode = bracode;            uschar *scode = bracode;
4433            do            do
4434              {              {
4435              if (could_be_empty_branch(scode, ketcode, utf8))              if (could_be_empty_branch(scode, ketcode, utf8, cd))
4436                {                {
4437                *bracode += OP_SBRA - OP_BRA;                *bracode += OP_SBRA - OP_BRA;
4438                break;                break;
# Line 3481  for (;; ptr++) Line 4444  for (;; ptr++)
4444          }          }
4445        }        }
4446    
4447        /* If previous is OP_FAIL, it was generated by an empty class [] in
4448        JavaScript mode. The other ways in which OP_FAIL can be generated, that is
4449        by (*FAIL) or (?!) set previous to NULL, which gives a "nothing to repeat"
4450        error above. We can just ignore the repeat in JS case. */
4451    
4452        else if (*previous == OP_FAIL) goto END_REPEAT;
4453    
4454      /* Else there's some kind of shambles */      /* Else there's some kind of shambles */
4455    
4456      else      else
# Line 3505  for (;; ptr++) Line 4475  for (;; ptr++)
4475      if (possessive_quantifier)      if (possessive_quantifier)
4476        {        {
4477        int len;        int len;
4478        if (*tempcode == OP_EXACT || *tempcode == OP_TYPEEXACT ||  
4479            *tempcode == OP_NOTEXACT)        if (*tempcode == OP_TYPEEXACT)
4480            tempcode += _pcre_OP_lengths[*tempcode] +
4481              ((tempcode[3] == OP_PROP || tempcode[3] == OP_NOTPROP)? 2 : 0);
4482    
4483          else if (*tempcode == OP_EXACT || *tempcode == OP_NOTEXACT)
4484            {
4485          tempcode += _pcre_OP_lengths[*tempcode];          tempcode += _pcre_OP_lengths[*tempcode];
4486    #ifdef SUPPORT_UTF8
4487            if (utf8 && tempcode[-1] >= 0xc0)
4488              tempcode += _pcre_utf8_table4[tempcode[-1] & 0x3f];
4489    #endif
4490            }
4491    
4492        len = code - tempcode;        len = code - tempcode;
4493        if (len > 0) switch (*tempcode)        if (len > 0) switch (*tempcode)
4494          {          {
# Line 3526  for (;; ptr++) Line 4507  for (;; ptr++)
4507          case OP_NOTQUERY: *tempcode = OP_NOTPOSQUERY; break;          case OP_NOTQUERY: *tempcode = OP_NOTPOSQUERY; break;
4508          case OP_NOTUPTO:  *tempcode = OP_NOTPOSUPTO; break;          case OP_NOTUPTO:  *tempcode = OP_NOTPOSUPTO; break;
4509    
4510            /* Because we are moving code along, we must ensure that any
4511            pending recursive references are updated. */
4512    
4513          default:          default:
4514            *code = OP_END;
4515            adjust_recurse(tempcode, 1 + LINK_SIZE, utf8, cd, save_hwm);
4516          memmove(tempcode + 1+LINK_SIZE, tempcode, len);          memmove(tempcode + 1+LINK_SIZE, tempcode, len);
4517          code += 1 + LINK_SIZE;          code += 1 + LINK_SIZE;
4518          len += 1 + LINK_SIZE;          len += 1 + LINK_SIZE;
# Line 3538  for (;; ptr++) Line 4524  for (;; ptr++)
4524          }          }
4525        }        }
4526    
4527      /* In all case we no longer have a previous item. We also set the      /* In all case we no longer have a previous item. We also set the
4528      "follows varying string" flag for subsequently encountered reqbytes if      "follows varying string" flag for subsequently encountered reqbytes if
4529      it isn't already set and we have just passed a varying length item. */      it isn't already set and we have just passed a varying length item. */
4530    
4531        END_REPEAT:
4532        previous = NULL;
4533        cd->req_varyopt |= reqvary;
4534        break;
4535    
4536    
4537        /* ===================================================================*/
4538        /* Start of nested parenthesized sub-expression, or comment or lookahead or
4539        lookbehind or option setting or condition or all the other extended
4540        parenthesis forms.  */
4541    
4542        case CHAR_LEFT_PARENTHESIS:
4543        newoptions = options;
4544        skipbytes = 0;
4545        bravalue = OP_CBRA;
4546        save_hwm = cd->hwm;
4547        reset_bracount = FALSE;
4548    
4549        /* First deal with various "verbs" that can be introduced by '*'. */
4550    
4551        if (*(++ptr) == CHAR_ASTERISK &&
4552             ((cd->ctypes[ptr[1]] & ctype_letter) != 0 || ptr[1] == ':'))
4553          {
4554          int i, namelen;
4555          int arglen = 0;
4556          const char *vn = verbnames;
4557          const uschar *name = ptr + 1;
4558          const uschar *arg = NULL;
4559          previous = NULL;
4560          while ((cd->ctypes[*++ptr] & ctype_letter) != 0) {};
4561          namelen = ptr - name;
4562    
4563          if (*ptr == CHAR_COLON)
4564            {
4565            arg = ++ptr;
4566            while ((cd->ctypes[*ptr] & (ctype_letter|ctype_digit)) != 0
4567              || *ptr == '_') ptr++;
4568            arglen = ptr - arg;
4569            }
4570    
4571          if (*ptr != CHAR_RIGHT_PARENTHESIS)
4572            {
4573            *errorcodeptr = ERR60;
4574            goto FAILED;
4575            }
4576    
4577          /* Scan the table of verb names */
4578    
4579          for (i = 0; i < verbcount; i++)
4580            {
4581            if (namelen == verbs[i].len &&
4582                strncmp((char *)name, vn, namelen) == 0)
4583              {
4584              /* Check for open captures before ACCEPT */
4585    
4586              if (verbs[i].op == OP_ACCEPT)
4587                {
4588                open_capitem *oc;
4589                cd->had_accept = TRUE;
4590                for (oc = cd->open_caps; oc != NULL; oc = oc->next)
4591                  {
4592                  *code++ = OP_CLOSE;
4593                  PUT2INC(code, 0, oc->number);
4594                  }
4595                }
4596    
4597              /* Handle the cases with/without an argument */
4598    
4599      END_REPEAT:            if (arglen == 0)
4600      previous = NULL;              {
4601      cd->req_varyopt |= reqvary;              if (verbs[i].op < 0)   /* Argument is mandatory */
4602      break;                {
4603                  *errorcodeptr = ERR66;
4604                  goto FAILED;
4605                  }
4606                *code++ = verbs[i].op;
4607                }
4608    
4609              else
4610                {
4611                if (verbs[i].op_arg < 0)   /* Argument is forbidden */
4612                  {
4613                  *errorcodeptr = ERR59;
4614                  goto FAILED;
4615                  }
4616                *code++ = verbs[i].op_arg;
4617                *code++ = arglen;
4618                memcpy(code, arg, arglen);
4619                code += arglen;
4620                *code++ = 0;
4621                }
4622    
4623              break;  /* Found verb, exit loop */
4624              }
4625    
4626      /* ===================================================================*/          vn += verbs[i].len + 1;
4627      /* Start of nested parenthesized sub-expression, or comment or lookahead or          }
     lookbehind or option setting or condition or all the other extended  
     parenthesis forms. First deal with the specials; all are introduced by ?,  
     and the appearance of any of them means that this is not a capturing  
     group. */  
4628    
4629      case '(':        if (i < verbcount) continue;    /* Successfully handled a verb */
4630      newoptions = options;        *errorcodeptr = ERR60;          /* Verb not recognized */
4631      skipbytes = 0;        goto FAILED;
4632      bravalue = OP_CBRA;        }
4633      save_hwm = cd->hwm;  
4634        /* Deal with the extended parentheses; all are introduced by '?', and the
4635        appearance of any of them means that this is not a capturing group. */
4636    
4637      if (*(++ptr) == '?')      else if (*ptr == CHAR_QUESTION_MARK)
4638        {        {
4639        int i, set, unset, namelen;        int i, set, unset, namelen;
4640        int *optset;        int *optset;
# Line 3570  for (;; ptr++) Line 4643  for (;; ptr++)
4643    
4644        switch (*(++ptr))        switch (*(++ptr))
4645          {          {
4646          case '#':                 /* Comment; skip to ket */          case CHAR_NUMBER_SIGN:                 /* Comment; skip to ket */
4647          ptr++;          ptr++;
4648          while (*ptr != 0 && *ptr != ')') ptr++;          while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
4649          if (*ptr == 0)          if (*ptr == 0)
4650            {            {
4651            *errorcodeptr = ERR18;            *errorcodeptr = ERR18;
# Line 3582  for (;; ptr++) Line 4655  for (;; ptr++)
4655    
4656    
4657          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
4658          case ':':                 /* Non-capturing bracket */          case CHAR_VERTICAL_LINE:  /* Reset capture count for each branch */
4659            reset_bracount = TRUE;
4660            /* Fall through */
4661    
4662            /* ------------------------------------------------------------ */
4663            case CHAR_COLON:          /* Non-capturing bracket */
4664          bravalue = OP_BRA;          bravalue = OP_BRA;
4665          ptr++;          ptr++;
4666          break;          break;
4667    
4668    
4669          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
4670          case '(':          case CHAR_LEFT_PARENTHESIS:
4671          bravalue = OP_COND;       /* Conditional group */          bravalue = OP_COND;       /* Conditional group */
4672    
4673          /* A condition can be an assertion, a number (referring to a numbered          /* A condition can be an assertion, a number (referring to a numbered
# Line 3609  for (;; ptr++) Line 4687  for (;; ptr++)
4687          the switch. This will take control down to where bracketed groups,          the switch. This will take control down to where bracketed groups,
4688          including assertions, are processed. */          including assertions, are processed. */
4689    
4690          if (ptr[1] == '?' && (ptr[2] == '=' || ptr[2] == '!' || ptr[2] == '<'))          if (ptr[1] == CHAR_QUESTION_MARK && (ptr[2] == CHAR_EQUALS_SIGN ||
4691                ptr[2] == CHAR_EXCLAMATION_MARK || ptr[2] == CHAR_LESS_THAN_SIGN))
4692            break;            break;
4693    
4694          /* Most other conditions use OP_CREF (a couple change to OP_RREF          /* Most other conditions use OP_CREF (a couple change to OP_RREF
# Line 3617  for (;; ptr++) Line 4696  for (;; ptr++)
4696    
4697          code[1+LINK_SIZE] = OP_CREF;          code[1+LINK_SIZE] = OP_CREF;
4698          skipbytes = 3;          skipbytes = 3;
4699            refsign = -1;
4700    
4701          /* Check for a test for recursion in a named group. */          /* Check for a test for recursion in a named group. */
4702    
4703          if (ptr[1] == 'R' && ptr[2] == '&')          if (ptr[1] == CHAR_R && ptr[2] == CHAR_AMPERSAND)
4704            {            {
4705            terminator = -1;            terminator = -1;
4706            ptr += 2;            ptr += 2;
# Line 3630  for (;; ptr++) Line 4710  for (;; ptr++)
4710          /* Check for a test for a named group's having been set, using the Perl          /* Check for a test for a named group's having been set, using the Perl
4711          syntax (?(<name>) or (?('name') */          syntax (?(<name>) or (?('name') */
4712    
4713          else if (ptr[1] == '<')          else if (ptr[1] == CHAR_LESS_THAN_SIGN)
4714            {            {
4715            terminator = '>';            terminator = CHAR_GREATER_THAN_SIGN;
4716            ptr++;            ptr++;
4717            }            }
4718          else if (ptr[1] == '\'')          else if (ptr[1] == CHAR_APOSTROPHE)
4719            {            {
4720            terminator = '\'';            terminator = CHAR_APOSTROPHE;
4721            ptr++;            ptr++;
4722            }            }
4723          else terminator = 0;          else
4724              {
4725              terminator = 0;
4726              if (ptr[1] == CHAR_MINUS || ptr[1] == CHAR_PLUS) refsign = *(++ptr);
4727              }
4728    
4729          /* We now expect to read a name; any thing else is an error */          /* We now expect to read a name; any thing else is an error */
4730    
# Line 3659  for (;; ptr++) Line 4743  for (;; ptr++)
4743            {            {
4744            if (recno >= 0)            if (recno >= 0)
4745              recno = ((digitab[*ptr] & ctype_digit) != 0)?              recno = ((digitab[*ptr] & ctype_digit) != 0)?
4746                recno * 10 + *ptr - '0' : -1;                recno * 10 + *ptr - CHAR_0 : -1;
4747            ptr++;            ptr++;
4748            }            }
4749          namelen = ptr - name;          namelen = ptr - name;
4750    
4751          if ((terminator > 0 && *ptr++ != terminator) || *ptr++ != ')')          if ((terminator > 0 && *ptr++ != terminator) ||
4752                *ptr++ != CHAR_RIGHT_PARENTHESIS)
4753            {            {
4754            ptr--;      /* Error offset */            ptr--;      /* Error offset */
4755            *errorcodeptr = ERR26;            *errorcodeptr = ERR26;
# Line 3676  for (;; ptr++) Line 4761  for (;; ptr++)
4761          if (lengthptr != NULL) break;          if (lengthptr != NULL) break;
4762    
4763          /* In the real compile we do the work of looking for the actual          /* In the real compile we do the work of looking for the actual
4764          reference. */          reference. If the string started with "+" or "-" we require the rest to
4765            be digits, in which case recno will be set. */
4766    
4767            if (refsign > 0)
4768              {
4769              if (recno <= 0)
4770                {
4771                *errorcodeptr = ERR58;
4772                goto FAILED;
4773                }
4774              recno = (refsign == CHAR_MINUS)?
4775                cd->bracount - recno + 1 : recno +cd->bracount;
4776              if (recno <= 0 || recno > cd->final_bracount)
4777                {
4778                *errorcodeptr = ERR15;
4779                goto FAILED;
4780                }
4781              PUT2(code, 2+LINK_SIZE, recno);
4782              break;
4783              }
4784    
4785            /* Otherwise (did not start with "+" or "-"), start by looking for the
4786            name. If we find a name, add one to the opcode to change OP_CREF or
4787            OP_RREF into OP_NCREF or OP_NRREF. These behave exactly the same,
4788            except they record that the reference was originally to a name. The
4789            information is used to check duplicate names. */
4790    
4791          slot = cd->name_table;          slot = cd->name_table;
4792          for (i = 0; i < cd->names_found; i++)          for (i = 0; i < cd->names_found; i++)
# Line 3691  for (;; ptr++) Line 4801  for (;; ptr++)
4801            {            {
4802            recno = GET2(slot, 0);            recno = GET2(slot, 0);
4803            PUT2(code, 2+LINK_SIZE, recno);            PUT2(code, 2+LINK_SIZE, recno);
4804              code[1+LINK_SIZE]++;
4805            }            }
4806    
4807          /* Search the pattern for a forward reference */          /* Search the pattern for a forward reference */
4808    
4809          else if ((i = find_parens(ptr, cd->bracount, name, namelen,          else if ((i = find_parens(cd, name, namelen,
4810                          (options & PCRE_EXTENDED) != 0)) > 0)                          (options & PCRE_EXTENDED) != 0)) > 0)
4811            {            {
4812            PUT2(code, 2+LINK_SIZE, i);            PUT2(code, 2+LINK_SIZE, i);
4813              code[1+LINK_SIZE]++;
4814            }            }
4815    
4816          /* If terminator == 0 it means that the name followed directly after          /* If terminator == 0 it means that the name followed directly after
# Line 3716  for (;; ptr++) Line 4828  for (;; ptr++)
4828          /* Check for (?(R) for recursion. Allow digits after R to specify a          /* Check for (?(R) for recursion. Allow digits after R to specify a
4829          specific group number. */          specific group number. */
4830    
4831          else if (*name == 'R')          else if (*name == CHAR_R)
4832            {            {
4833            recno = 0;            recno = 0;
4834            for (i = 1; i < namelen; i++)            for (i = 1; i < namelen; i++)
# Line 3726  for (;; ptr++) Line 4838  for (;; ptr++)
4838                *errorcodeptr = ERR15;                *errorcodeptr = ERR15;
4839                goto FAILED;                goto FAILED;
4840                }                }
4841              recno = recno * 10 + name[i] - '0';              recno = recno * 10 + name[i] - CHAR_0;
4842              }              }
4843            if (recno == 0) recno = RREF_ANY;            if (recno == 0) recno = RREF_ANY;
4844            code[1+LINK_SIZE] = OP_RREF;      /* Change test type */            code[1+LINK_SIZE] = OP_RREF;      /* Change test type */
# Line 3736  for (;; ptr++) Line 4848  for (;; ptr++)
4848          /* Similarly, check for the (?(DEFINE) "condition", which is always          /* Similarly, check for the (?(DEFINE) "condition", which is always
4849          false. */          false. */
4850    
4851          else if (namelen == 6 && strncmp((char *)name, "DEFINE", 6) == 0)          else if (namelen == 6 && strncmp((char *)name, STRING_DEFINE, 6) == 0)
4852            {            {
4853            code[1+LINK_SIZE] = OP_DEF;            code[1+LINK_SIZE] = OP_DEF;
4854            skipbytes = 1;            skipbytes = 1;
4855            }            }
4856    
4857          /* Check for the "name" actually being a subpattern number. */          /* Check for the "name" actually being a subpattern number. We are
4858            in the second pass here, so final_bracount is set. */
4859    
4860          else if (recno > 0)          else if (recno > 0 && recno <= cd->final_bracount)
4861            {            {
4862            PUT2(code, 2+LINK_SIZE, recno);            PUT2(code, 2+LINK_SIZE, recno);
4863            }            }
# Line 3760  for (;; ptr++) Line 4873  for (;; ptr++)
4873    
4874    
4875          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
4876          case '=':                 /* Positive lookahead */          case CHAR_EQUALS_SIGN:                 /* Positive lookahead */
4877          bravalue = OP_ASSERT;          bravalue = OP_ASSERT;
4878          ptr++;          ptr++;
4879          break;          break;
4880    
4881    
4882          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
4883          case '!':                 /* Negative lookahead */          case CHAR_EXCLAMATION_MARK:            /* Negative lookahead */
         bravalue = OP_ASSERT_NOT;  
4884          ptr++;          ptr++;
4885            if (*ptr == CHAR_RIGHT_PARENTHESIS)    /* Optimize (?!) */
4886              {
4887              *code++ = OP_FAIL;
4888              previous = NULL;
4889              continue;
4890              }
4891            bravalue = OP_ASSERT_NOT;
4892          break;          break;
4893    
4894    
4895          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
4896          case '<':                 /* Lookbehind or named define */          case CHAR_LESS_THAN_SIGN:              /* Lookbehind or named define */
4897          switch (ptr[1])          switch (ptr[1])
4898            {            {
4899            case '=':               /* Positive lookbehind */            case CHAR_EQUALS_SIGN:               /* Positive lookbehind */
4900            bravalue = OP_ASSERTBACK;            bravalue = OP_ASSERTBACK;
4901            ptr += 2;            ptr += 2;
4902            break;            break;
4903    
4904            case '!':               /* Negative lookbehind */            case CHAR_EXCLAMATION_MARK:          /* Negative lookbehind */
4905            bravalue = OP_ASSERTBACK_NOT;            bravalue = OP_ASSERTBACK_NOT;
4906            ptr += 2;            ptr += 2;
4907            break;            break;
# Line 3797  for (;; ptr++) Line 4916  for (;; ptr++)
4916    
4917    
4918          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
4919          case '>':                 /* One-time brackets */          case CHAR_GREATER_THAN_SIGN:           /* One-time brackets */
4920          bravalue = OP_ONCE;          bravalue = OP_ONCE;
4921          ptr++;          ptr++;
4922          break;          break;
4923    
4924    
4925          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
4926          case 'C':                 /* Callout - may be followed by digits; */          case CHAR_C:                 /* Callout - may be followed by digits; */
4927          previous_callout = code;  /* Save for later completion */          previous_callout = code;  /* Save for later completion */
4928          after_manual_callout = 1; /* Skip one item before completing */          after_manual_callout = 1; /* Skip one item before completing */
4929          *code++ = OP_CALLOUT;          *code++ = OP_CALLOUT;
4930            {            {
4931            int n = 0;            int n = 0;
4932            while ((digitab[*(++ptr)] & ctype_digit) != 0)            while ((digitab[*(++ptr)] & ctype_digit) != 0)
4933              n = n * 10 + *ptr - '0';              n = n * 10 + *ptr - CHAR_0;
4934            if (*ptr != ')')            if (*ptr != CHAR_RIGHT_PARENTHESIS)
4935              {              {
4936              *errorcodeptr = ERR39;              *errorcodeptr = ERR39;
4937              goto FAILED;              goto FAILED;
# Line 3832  for (;; ptr++) Line 4951  for (;; ptr++)
4951    
4952    
4953          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
4954          case 'P':                 /* Python-style named subpattern handling */          case CHAR_P:              /* Python-style named subpattern handling */
4955          if (*(++ptr) == '=' || *ptr == '>')  /* Reference or recursion */          if (*(++ptr) == CHAR_EQUALS_SIGN ||
4956                *ptr == CHAR_GREATER_THAN_SIGN)  /* Reference or recursion */
4957            {            {
4958            is_recurse = *ptr == '>';            is_recurse = *ptr == CHAR_GREATER_THAN_SIGN;
4959            terminator = ')';            terminator = CHAR_RIGHT_PARENTHESIS;
4960            goto NAMED_REF_OR_RECURSE;            goto NAMED_REF_OR_RECURSE;
4961            }            }
4962          else if (*ptr != '<')    /* Test for Python-style definition */          else if (*ptr != CHAR_LESS_THAN_SIGN)  /* Test for Python-style defn */
4963            {            {
4964            *errorcodeptr = ERR41;            *errorcodeptr = ERR41;
4965            goto FAILED;            goto FAILED;
# Line 3849  for (;; ptr++) Line 4969  for (;; ptr++)
4969    
4970          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
4971          DEFINE_NAME:    /* Come here from (?< handling */          DEFINE_NAME:    /* Come here from (?< handling */
4972          case '\'':          case CHAR_APOSTROPHE:
4973            {            {
4974            terminator = (*ptr == '<')? '>' : '\'';            terminator = (*ptr == CHAR_LESS_THAN_SIGN)?
4975                CHAR_GREATER_THAN_SIGN : CHAR_APOSTROPHE;
4976            name = ++ptr;            name = ++ptr;
4977    
4978            while ((cd->ctypes[*ptr] & ctype_word) != 0) ptr++;            while ((cd->ctypes[*ptr] & ctype_word) != 0) ptr++;
# Line 3882  for (;; ptr++) Line 5003  for (;; ptr++)
5003                }                }
5004              }              }
5005    
5006            /* In the real compile, create the entry in the table */            /* In the real compile, create the entry in the table, maintaining
5007              alphabetical order. Duplicate names for different numbers are
5008              permitted only if PCRE_DUPNAMES is set. Duplicate names for the same
5009              number are always OK. (An existing number can be re-used if (?|
5010              appears in the pattern.) In either event, a duplicate name results in
5011              a duplicate entry in the table, even if the number is the same. This
5012              is because the number of names, and hence the table size, is computed
5013              in the pre-compile, and it affects various numbers and pointers which
5014              would all have to be modified, and the compiled code moved down, if
5015              duplicates with the same number were omitted from the table. This
5016              doesn't seem worth the hassle. However, *different* names for the
5017              same number are not permitted. */
5018    
5019            else            else
5020              {              {
5021                BOOL dupname = FALSE;
5022              slot = cd->name_table;              slot = cd->name_table;
5023    
5024              for (i = 0; i < cd->names_found; i++)              for (i = 0; i < cd->names_found; i++)
5025                {                {
5026                int crc = memcmp(name, slot+2, namelen);                int crc = memcmp(name, slot+2, namelen);
# Line 3894  for (;; ptr++) Line 5028  for (;; ptr++)
5028                  {                  {
5029                  if (slot[2+namelen] == 0)                  if (slot[2+namelen] == 0)
5030                    {                    {
5031                    if ((options & PCRE_DUPNAMES) == 0)                    if (GET2(slot, 0) != cd->bracount + 1 &&
5032                          (options & PCRE_DUPNAMES) == 0)
5033                      {                      {
5034                      *errorcodeptr = ERR43;                      *errorcodeptr = ERR43;
5035                      goto FAILED;                      goto FAILED;
5036                      }                      }
5037                      else dupname = TRUE;
5038                    }                    }
5039                  else crc = -1;      /* Current name is substring */                  else crc = -1;      /* Current name is a substring */
5040                  }                  }
5041    
5042                  /* Make space in the table and break the loop for an earlier
5043                  name. For a duplicate or later name, carry on. We do this for
5044                  duplicates so that in the simple case (when ?(| is not used) they
5045                  are in order of their numbers. */
5046    
5047                if (crc < 0)                if (crc < 0)
5048                  {                  {
5049                  memmove(slot + cd->name_entry_size, slot,                  memmove(slot + cd->name_entry_size, slot,
5050                    (cd->names_found - i) * cd->name_entry_size);                    (cd->names_found - i) * cd->name_entry_size);
5051                  break;                  break;
5052                  }                  }
5053    
5054                  /* Continue the loop for a later or duplicate name */
5055    
5056                slot += cd->name_entry_size;                slot += cd->name_entry_size;
5057                }                }
5058    
5059                /* For non-duplicate names, check for a duplicate number before
5060                adding the new name. */
5061    
5062                if (!dupname)
5063                  {
5064                  uschar *cslot = cd->name_table;
5065                  for (i = 0; i < cd->names_found; i++)
5066                    {
5067                    if (cslot != slot)
5068                      {
5069                      if (GET2(cslot, 0) == cd->bracount + 1)
5070                        {
5071                        *errorcodeptr = ERR65;
5072                        goto FAILED;
5073                        }
5074                      }
5075                    else i--;
5076                    cslot += cd->name_entry_size;
5077                    }
5078                  }
5079    
5080              PUT2(slot, 0, cd->bracount + 1);              PUT2(slot, 0, cd->bracount + 1);
5081              memcpy(slot + 2, name, namelen);              memcpy(slot + 2, name, namelen);
5082              slot[2+namelen] = 0;              slot[2+namelen] = 0;
5083              }              }
5084            }            }
5085    
5086          /* In both cases, count the number of names we've encountered. */          /* In both pre-compile and compile, count the number of names we've
5087            encountered. */
5088    
         ptr++;                    /* Move past > or ' */  
5089          cd->names_found++;          cd->names_found++;
5090            ptr++;                    /* Move past > or ' */
5091          goto NUMBERED_GROUP;          goto NUMBERED_GROUP;
5092    
5093    
5094          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
5095          case '&':                 /* Perl recursion/subroutine syntax */          case CHAR_AMPERSAND:            /* Perl recursion/subroutine syntax */
5096          terminator = ')';          terminator = CHAR_RIGHT_PARENTHESIS;
5097          is_recurse = TRUE;          is_recurse = TRUE;
5098          /* Fall through */          /* Fall through */
5099    
5100          /* We come here from the Python syntax above that handles both          /* We come here from the Python syntax above that handles both
5101          references (?P=name) and recursion (?P>name), as well as falling          references (?P=name) and recursion (?P>name), as well as falling
5102          through from the Perl recursion syntax (?&name). */          through from the Perl recursion syntax (?&name). We also come here from
5103            the Perl \k<name> or \k'name' back reference syntax and the \k{name}
5104            .NET syntax, and the Oniguruma \g<...> and \g'...' subroutine syntax. */
5105    
5106          NAMED_REF_OR_RECURSE:          NAMED_REF_OR_RECURSE:
5107          name = ++ptr;          name = ++ptr;
# Line 3944  for (;; ptr++) Line 5113  for (;; ptr++)
5113    
5114          if (lengthptr != NULL)          if (lengthptr != NULL)
5115            {            {
5116              if (namelen == 0)
5117                {
5118                *errorcodeptr = ERR62;
5119                goto FAILED;
5120                }
5121            if (*ptr != terminator)            if (*ptr != terminator)
5122              {              {
5123              *errorcodeptr = ERR42;              *errorcodeptr = ERR42;
# Line 3957  for (;; ptr++) Line 5131  for (;; ptr++)
5131            recno = 0;            recno = 0;
5132            }            }
5133    
5134          /* In the real compile, seek the name in the table */          /* In the real compile, seek the name in the table. We check the name
5135            first, and then check that we have reached the end of the name in the
5136            table. That way, if the name that is longer than any in the table,
5137            the comparison will fail without reading beyond the table entry. */
5138    
5139          else          else
5140            {            {
5141            slot = cd->name_table;            slot = cd->name_table;
5142            for (i = 0; i < cd->names_found; i++)            for (i = 0; i < cd->names_found; i++)
5143              {              {
5144              if (strncmp((char *)name, (char *)slot+2, namelen) == 0) break;              if (strncmp((char *)name, (char *)slot+2, namelen) == 0 &&
5145                    slot[2+namelen] == 0)
5146                  break;
5147              slot += cd->name_entry_size;              slot += cd->name_entry_size;
5148              }              }
5149    
# Line 3973  for (;; ptr++) Line 5152  for (;; ptr++)
5152              recno = GET2(slot, 0);              recno = GET2(slot, 0);
5153              }              }
5154            else if ((recno =                /* Forward back reference */            else if ((recno =                /* Forward back reference */
5155                      find_parens(ptr, cd->bracount, name, namelen,                      find_parens(cd, name, namelen,
5156                        (options & PCRE_EXTENDED) != 0)) <= 0)                        (options & PCRE_EXTENDED) != 0)) <= 0)
5157              {              {
5158              *errorcodeptr = ERR15;              *errorcodeptr = ERR15;
# Line 3989  for (;; ptr++) Line 5168  for (;; ptr++)
5168    
5169    
5170          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
5171          case 'R':                 /* Recursion */          case CHAR_R:              /* Recursion */
5172          ptr++;                    /* Same as (?0)      */          ptr++;                    /* Same as (?0)      */
5173          /* Fall through */          /* Fall through */
5174    
5175    
5176          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
5177          case '0': case '1': case '2': case '3': case '4':   /* Recursion or */          case CHAR_MINUS: case CHAR_PLUS:  /* Recursion or subroutine */
5178          case '5': case '6': case '7': case '8': case '9':   /* subroutine */          case CHAR_0: case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4:
5179            case CHAR_5: case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
5180            {            {
5181            const uschar *called;            const uschar *called;
5182              terminator = CHAR_RIGHT_PARENTHESIS;
5183    
5184              /* Come here from the \g<...> and \g'...' code (Oniguruma
5185              compatibility). However, the syntax has been checked to ensure that
5186              the ... are a (signed) number, so that neither ERR63 nor ERR29 will
5187              be called on this path, nor with the jump to OTHER_CHAR_AFTER_QUERY
5188              ever be taken. */
5189    
5190              HANDLE_NUMERICAL_RECURSION:
5191    
5192              if ((refsign = *ptr) == CHAR_PLUS)
5193                {
5194                ptr++;
5195                if ((digitab[*ptr] & ctype_digit) == 0)
5196                  {
5197                  *errorcodeptr = ERR63;
5198                  goto FAILED;
5199                  }
5200                }
5201              else if (refsign == CHAR_MINUS)
5202                {
5203                if ((digitab[ptr[1]] & ctype_digit) == 0)
5204