/[pcre]/code/branches/pcre16/pcre_compile.c
ViewVC logotype

Contents of /code/branches/pcre16/pcre_compile.c

Parent Directory Parent Directory | Revision Log Revision Log


Revision 802 - (show annotations)
Tue Dec 13 09:52:20 2011 UTC (9 years, 4 months ago) by ph10
File MIME type: text/plain
File size: 266496 byte(s)
Minor issues after merge.
1 /*************************************************
2 * Perl-Compatible Regular Expressions *
3 *************************************************/
4
5 /* PCRE is a library of functions to support regular expressions whose syntax
6 and semantics are as close as possible to those of the Perl 5 language.
7
8 Written by Philip Hazel
9 Copyright (c) 1997-2011 University of Cambridge
10
11 -----------------------------------------------------------------------------
12 Redistribution and use in source and binary forms, with or without
13 modification, are permitted provided that the following conditions are met:
14
15 * Redistributions of source code must retain the above copyright notice,
16 this list of conditions and the following disclaimer.
17
18 * Redistributions in binary form must reproduce the above copyright
19 notice, this list of conditions and the following disclaimer in the
20 documentation and/or other materials provided with the distribution.
21
22 * Neither the name of the University of Cambridge nor the names of its
23 contributors may be used to endorse or promote products derived from
24 this software without specific prior written permission.
25
26 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
27 AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
30 LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
31 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
32 SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
33 INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
34 CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
35 ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
36 POSSIBILITY OF SUCH DAMAGE.
37 -----------------------------------------------------------------------------
38 */
39
40
41 /* This module contains the external function pcre_compile(), along with
42 supporting internal functions that are not used by other modules. */
43
44
45 #ifdef HAVE_CONFIG_H
46 #include "config.h"
47 #endif
48
49 #define NLBLOCK cd /* Block containing newline information */
50 #define PSSTART start_pattern /* Field containing processed string start */
51 #define PSEND end_pattern /* Field containing processed string end */
52
53 #include "pcre_internal.h"
54
55
56 /* When PCRE_DEBUG is defined, we need the pcre_printint() function, which is
57 also used by pcretest. PCRE_DEBUG is not defined when building a production
58 library. */
59
60 #ifdef PCRE_DEBUG
61 #include "pcre_printint.src"
62 #endif
63
64
65 /* Macro for setting individual bits in class bitmaps. */
66
67 #define SETBIT(a,b) a[b/8] |= (1 << (b%8))
68
69 /* Maximum length value to check against when making sure that the integer that
70 holds the compiled pattern length does not overflow. We make it a bit less than
71 INT_MAX to allow for adding in group terminating bytes, so that we don't have
72 to check them every time. */
73
74 #define OFLOW_MAX (INT_MAX - 20)
75
76
77 /*************************************************
78 * Code parameters and static tables *
79 *************************************************/
80
81 /* This value specifies the size of stack workspace that is used during the
82 first pre-compile phase that determines how much memory is required. The regex
83 is partly compiled into this space, but the compiled parts are discarded as
84 soon as they can be, so that hopefully there will never be an overrun. The code
85 does, however, check for an overrun. The largest amount I've seen used is 218,
86 so this number is very generous.
87
88 The same workspace is used during the second, actual compile phase for
89 remembering forward references to groups so that they can be filled in at the
90 end. Each entry in this list occupies LINK_SIZE bytes, so even when LINK_SIZE
91 is 4 there is plenty of room for most patterns. However, the memory can get
92 filled up by repetitions of forward references, for example patterns like
93 /(?1){0,1999}(b)/, and one user did hit the limit. The code has been changed so
94 that the workspace is expanded using malloc() in this situation. The value
95 below is therefore a minimum, and we put a maximum on it for safety. The
96 minimum is now also defined in terms of LINK_SIZE so that the use of malloc()
97 kicks in at the same number of forward references in all cases. */
98
99 #define COMPILE_WORK_SIZE (2048*LINK_SIZE)
100 #define COMPILE_WORK_SIZE_MAX (100*COMPILE_WORK_SIZE)
101
102 /* The overrun tests check for a slightly smaller size so that they detect the
103 overrun before it actually does run off the end of the data block. */
104
105 #define WORK_SIZE_SAFETY_MARGIN (100)
106
107 /* Private flags added to firstchar and reqchar. */
108
109 #define REQ_CASELESS 0x10000000l /* Indicates caselessness */
110 #define REQ_VARY 0x20000000l /* Reqchar followed non-literal item */
111
112 /* Repeated character flags. */
113
114 #define UTF_LENGTH 0x10000000l /* The char contains its length. */
115
116 /* Table for handling escaped characters in the range '0'-'z'. Positive returns
117 are simple data values; negative values are for special things like \d and so
118 on. Zero means further processing is needed (for things like \x), or the escape
119 is invalid. */
120
121 #ifndef EBCDIC
122
123 /* This is the "normal" table for ASCII systems or for EBCDIC systems running
124 in UTF-8 mode. */
125
126 static const short int escapes[] = {
127 0, 0,
128 0, 0,
129 0, 0,
130 0, 0,
131 0, 0,
132 CHAR_COLON, CHAR_SEMICOLON,
133 CHAR_LESS_THAN_SIGN, CHAR_EQUALS_SIGN,
134 CHAR_GREATER_THAN_SIGN, CHAR_QUESTION_MARK,
135 CHAR_COMMERCIAL_AT, -ESC_A,
136 -ESC_B, -ESC_C,
137 -ESC_D, -ESC_E,
138 0, -ESC_G,
139 -ESC_H, 0,
140 0, -ESC_K,
141 0, 0,
142 -ESC_N, 0,
143 -ESC_P, -ESC_Q,
144 -ESC_R, -ESC_S,
145 0, 0,
146 -ESC_V, -ESC_W,
147 -ESC_X, 0,
148 -ESC_Z, CHAR_LEFT_SQUARE_BRACKET,
149 CHAR_BACKSLASH, CHAR_RIGHT_SQUARE_BRACKET,
150 CHAR_CIRCUMFLEX_ACCENT, CHAR_UNDERSCORE,
151 CHAR_GRAVE_ACCENT, 7,
152 -ESC_b, 0,
153 -ESC_d, ESC_e,
154 ESC_f, 0,
155 -ESC_h, 0,
156 0, -ESC_k,
157 0, 0,
158 ESC_n, 0,
159 -ESC_p, 0,
160 ESC_r, -ESC_s,
161 ESC_tee, 0,
162 -ESC_v, -ESC_w,
163 0, 0,
164 -ESC_z
165 };
166
167 #else
168
169 /* This is the "abnormal" table for EBCDIC systems without UTF-8 support. */
170
171 static const short int escapes[] = {
172 /* 48 */ 0, 0, 0, '.', '<', '(', '+', '|',
173 /* 50 */ '&', 0, 0, 0, 0, 0, 0, 0,
174 /* 58 */ 0, 0, '!', '$', '*', ')', ';', '~',
175 /* 60 */ '-', '/', 0, 0, 0, 0, 0, 0,
176 /* 68 */ 0, 0, '|', ',', '%', '_', '>', '?',
177 /* 70 */ 0, 0, 0, 0, 0, 0, 0, 0,
178 /* 78 */ 0, '`', ':', '#', '@', '\'', '=', '"',
179 /* 80 */ 0, 7, -ESC_b, 0, -ESC_d, ESC_e, ESC_f, 0,
180 /* 88 */-ESC_h, 0, 0, '{', 0, 0, 0, 0,
181 /* 90 */ 0, 0, -ESC_k, 'l', 0, ESC_n, 0, -ESC_p,
182 /* 98 */ 0, ESC_r, 0, '}', 0, 0, 0, 0,
183 /* A0 */ 0, '~', -ESC_s, ESC_tee, 0,-ESC_v, -ESC_w, 0,
184 /* A8 */ 0,-ESC_z, 0, 0, 0, '[', 0, 0,
185 /* B0 */ 0, 0, 0, 0, 0, 0, 0, 0,
186 /* B8 */ 0, 0, 0, 0, 0, ']', '=', '-',
187 /* C0 */ '{',-ESC_A, -ESC_B, -ESC_C, -ESC_D,-ESC_E, 0, -ESC_G,
188 /* C8 */-ESC_H, 0, 0, 0, 0, 0, 0, 0,
189 /* D0 */ '}', 0, -ESC_K, 0, 0,-ESC_N, 0, -ESC_P,
190 /* D8 */-ESC_Q,-ESC_R, 0, 0, 0, 0, 0, 0,
191 /* E0 */ '\\', 0, -ESC_S, 0, 0,-ESC_V, -ESC_W, -ESC_X,
192 /* E8 */ 0,-ESC_Z, 0, 0, 0, 0, 0, 0,
193 /* F0 */ 0, 0, 0, 0, 0, 0, 0, 0,
194 /* F8 */ 0, 0, 0, 0, 0, 0, 0, 0
195 };
196 #endif
197
198
199 /* Table of special "verbs" like (*PRUNE). This is a short table, so it is
200 searched linearly. Put all the names into a single string, in order to reduce
201 the number of relocations when a shared library is dynamically linked. The
202 string is built from string macros so that it works in UTF-8 mode on EBCDIC
203 platforms. */
204
205 typedef struct verbitem {
206 int len; /* Length of verb name */
207 int op; /* Op when no arg, or -1 if arg mandatory */
208 int op_arg; /* Op when arg present, or -1 if not allowed */
209 } verbitem;
210
211 static const char verbnames[] =
212 "\0" /* Empty name is a shorthand for MARK */
213 STRING_MARK0
214 STRING_ACCEPT0
215 STRING_COMMIT0
216 STRING_F0
217 STRING_FAIL0
218 STRING_PRUNE0
219 STRING_SKIP0
220 STRING_THEN;
221
222 static const verbitem verbs[] = {
223 { 0, -1, OP_MARK },
224 { 4, -1, OP_MARK },
225 { 6, OP_ACCEPT, -1 },
226 { 6, OP_COMMIT, -1 },
227 { 1, OP_FAIL, -1 },
228 { 4, OP_FAIL, -1 },
229 { 5, OP_PRUNE, OP_PRUNE_ARG },
230 { 4, OP_SKIP, OP_SKIP_ARG },
231 { 4, OP_THEN, OP_THEN_ARG }
232 };
233
234 static const int verbcount = sizeof(verbs)/sizeof(verbitem);
235
236
237 /* Tables of names of POSIX character classes and their lengths. The names are
238 now all in a single string, to reduce the number of relocations when a shared
239 library is dynamically loaded. The list of lengths is terminated by a zero
240 length entry. The first three must be alpha, lower, upper, as this is assumed
241 for handling case independence. */
242
243 static const char posix_names[] =
244 STRING_alpha0 STRING_lower0 STRING_upper0 STRING_alnum0
245 STRING_ascii0 STRING_blank0 STRING_cntrl0 STRING_digit0
246 STRING_graph0 STRING_print0 STRING_punct0 STRING_space0
247 STRING_word0 STRING_xdigit;
248
249 static const pcre_uint8 posix_name_lengths[] = {
250 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };
251
252 /* Table of class bit maps for each POSIX class. Each class is formed from a
253 base map, with an optional addition or removal of another map. Then, for some
254 classes, there is some additional tweaking: for [:blank:] the vertical space
255 characters are removed, and for [:alpha:] and [:alnum:] the underscore
256 character is removed. The triples in the table consist of the base map offset,
257 second map offset or -1 if no second map, and a non-negative value for map
258 addition or a negative value for map subtraction (if there are two maps). The
259 absolute value of the third field has these meanings: 0 => no tweaking, 1 =>
260 remove vertical space characters, 2 => remove underscore. */
261
262 static const int posix_class_maps[] = {
263 cbit_word, cbit_digit, -2, /* alpha */
264 cbit_lower, -1, 0, /* lower */
265 cbit_upper, -1, 0, /* upper */
266 cbit_word, -1, 2, /* alnum - word without underscore */
267 cbit_print, cbit_cntrl, 0, /* ascii */
268 cbit_space, -1, 1, /* blank - a GNU extension */
269 cbit_cntrl, -1, 0, /* cntrl */
270 cbit_digit, -1, 0, /* digit */
271 cbit_graph, -1, 0, /* graph */
272 cbit_print, -1, 0, /* print */
273 cbit_punct, -1, 0, /* punct */
274 cbit_space, -1, 0, /* space */
275 cbit_word, -1, 0, /* word - a Perl extension */
276 cbit_xdigit,-1, 0 /* xdigit */
277 };
278
279 /* Table of substitutes for \d etc when PCRE_UCP is set. The POSIX class
280 substitutes must be in the order of the names, defined above, and there are
281 both positive and negative cases. NULL means no substitute. */
282
283 #ifdef SUPPORT_UCP
284 static const pcre_uchar string_PNd[] = {
285 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
286 CHAR_N, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
287 static const pcre_uchar string_pNd[] = {
288 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
289 CHAR_N, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
290 static const pcre_uchar string_PXsp[] = {
291 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
292 CHAR_X, CHAR_s, CHAR_p, CHAR_RIGHT_CURLY_BRACKET, '\0' };
293 static const pcre_uchar string_pXsp[] = {
294 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
295 CHAR_X, CHAR_s, CHAR_p, CHAR_RIGHT_CURLY_BRACKET, '\0' };
296 static const pcre_uchar string_PXwd[] = {
297 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
298 CHAR_X, CHAR_w, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
299 static const pcre_uchar string_pXwd[] = {
300 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
301 CHAR_X, CHAR_w, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
302
303 static const pcre_uchar *substitutes[] = {
304 string_PNd, /* \D */
305 string_pNd, /* \d */
306 string_PXsp, /* \S */ /* NOTE: Xsp is Perl space */
307 string_pXsp, /* \s */
308 string_PXwd, /* \W */
309 string_pXwd /* \w */
310 };
311
312 static const pcre_uchar string_pL[] = {
313 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
314 CHAR_L, CHAR_RIGHT_CURLY_BRACKET, '\0' };
315 static const pcre_uchar string_pLl[] = {
316 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
317 CHAR_L, CHAR_l, CHAR_RIGHT_CURLY_BRACKET, '\0' };
318 static const pcre_uchar string_pLu[] = {
319 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
320 CHAR_L, CHAR_u, CHAR_RIGHT_CURLY_BRACKET, '\0' };
321 static const pcre_uchar string_pXan[] = {
322 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
323 CHAR_X, CHAR_a, CHAR_n, CHAR_RIGHT_CURLY_BRACKET, '\0' };
324 static const pcre_uchar string_h[] = {
325 CHAR_BACKSLASH, CHAR_h, '\0' };
326 static const pcre_uchar string_pXps[] = {
327 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
328 CHAR_X, CHAR_p, CHAR_s, CHAR_RIGHT_CURLY_BRACKET, '\0' };
329 static const pcre_uchar string_PL[] = {
330 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
331 CHAR_L, CHAR_RIGHT_CURLY_BRACKET, '\0' };
332 static const pcre_uchar string_PLl[] = {
333 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
334 CHAR_L, CHAR_l, CHAR_RIGHT_CURLY_BRACKET, '\0' };
335 static const pcre_uchar string_PLu[] = {
336 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
337 CHAR_L, CHAR_u, CHAR_RIGHT_CURLY_BRACKET, '\0' };
338 static const pcre_uchar string_PXan[] = {
339 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
340 CHAR_X, CHAR_a, CHAR_n, CHAR_RIGHT_CURLY_BRACKET, '\0' };
341 static const pcre_uchar string_H[] = {
342 CHAR_BACKSLASH, CHAR_H, '\0' };
343 static const pcre_uchar string_PXps[] = {
344 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
345 CHAR_X, CHAR_p, CHAR_s, CHAR_RIGHT_CURLY_BRACKET, '\0' };
346
347 static const pcre_uchar *posix_substitutes[] = {
348 string_pL, /* alpha */
349 string_pLl, /* lower */
350 string_pLu, /* upper */
351 string_pXan, /* alnum */
352 NULL, /* ascii */
353 string_h, /* blank */
354 NULL, /* cntrl */
355 string_pNd, /* digit */
356 NULL, /* graph */
357 NULL, /* print */
358 NULL, /* punct */
359 string_pXps, /* space */ /* NOTE: Xps is POSIX space */
360 string_pXwd, /* word */
361 NULL, /* xdigit */
362 /* Negated cases */
363 string_PL, /* ^alpha */
364 string_PLl, /* ^lower */
365 string_PLu, /* ^upper */
366 string_PXan, /* ^alnum */
367 NULL, /* ^ascii */
368 string_H, /* ^blank */
369 NULL, /* ^cntrl */
370 string_PNd, /* ^digit */
371 NULL, /* ^graph */
372 NULL, /* ^print */
373 NULL, /* ^punct */
374 string_PXps, /* ^space */ /* NOTE: Xps is POSIX space */
375 string_PXwd, /* ^word */
376 NULL /* ^xdigit */
377 };
378 #define POSIX_SUBSIZE (sizeof(posix_substitutes) / sizeof(pcre_uchar *))
379 #endif
380
381 #define STRING(a) # a
382 #define XSTRING(s) STRING(s)
383
384 /* The texts of compile-time error messages. These are "char *" because they
385 are passed to the outside world. Do not ever re-use any error number, because
386 they are documented. Always add a new error instead. Messages marked DEAD below
387 are no longer used. This used to be a table of strings, but in order to reduce
388 the number of relocations needed when a shared library is loaded dynamically,
389 it is now one long string. We cannot use a table of offsets, because the
390 lengths of inserts such as XSTRING(MAX_NAME_SIZE) are not known. Instead, we
391 simply count through to the one we want - this isn't a performance issue
392 because these strings are used only when there is a compilation error.
393
394 Each substring ends with \0 to insert a null character. This includes the final
395 substring, so that the whole string ends with \0\0, which can be detected when
396 counting through. */
397
398 static const char error_texts[] =
399 "no error\0"
400 "\\ at end of pattern\0"
401 "\\c at end of pattern\0"
402 "unrecognized character follows \\\0"
403 "numbers out of order in {} quantifier\0"
404 /* 5 */
405 "number too big in {} quantifier\0"
406 "missing terminating ] for character class\0"
407 "invalid escape sequence in character class\0"
408 "range out of order in character class\0"
409 "nothing to repeat\0"
410 /* 10 */
411 "operand of unlimited repeat could match the empty string\0" /** DEAD **/
412 "internal error: unexpected repeat\0"
413 "unrecognized character after (? or (?-\0"
414 "POSIX named classes are supported only within a class\0"
415 "missing )\0"
416 /* 15 */
417 "reference to non-existent subpattern\0"
418 "erroffset passed as NULL\0"
419 "unknown option bit(s) set\0"
420 "missing ) after comment\0"
421 "parentheses nested too deeply\0" /** DEAD **/
422 /* 20 */
423 "regular expression is too large\0"
424 "failed to get memory\0"
425 "unmatched parentheses\0"
426 "internal error: code overflow\0"
427 "unrecognized character after (?<\0"
428 /* 25 */
429 "lookbehind assertion is not fixed length\0"
430 "malformed number or name after (?(\0"
431 "conditional group contains more than two branches\0"
432 "assertion expected after (?(\0"
433 "(?R or (?[+-]digits must be followed by )\0"
434 /* 30 */
435 "unknown POSIX class name\0"
436 "POSIX collating elements are not supported\0"
437 "this version of PCRE is not compiled with PCRE_UTF8 support\0"
438 "spare error\0" /** DEAD **/
439 "character value in \\x{...} sequence is too large\0"
440 /* 35 */
441 "invalid condition (?(0)\0"
442 "\\C not allowed in lookbehind assertion\0"
443 "PCRE does not support \\L, \\l, \\N{name}, \\U, or \\u\0"
444 "number after (?C is > 255\0"
445 "closing ) for (?C expected\0"
446 /* 40 */
447 "recursive call could loop indefinitely\0"
448 "unrecognized character after (?P\0"
449 "syntax error in subpattern name (missing terminator)\0"
450 "two named subpatterns have the same name\0"
451 "invalid UTF-8 string\0"
452 /* 45 */
453 "support for \\P, \\p, and \\X has not been compiled\0"
454 "malformed \\P or \\p sequence\0"
455 "unknown property name after \\P or \\p\0"
456 "subpattern name is too long (maximum " XSTRING(MAX_NAME_SIZE) " characters)\0"
457 "too many named subpatterns (maximum " XSTRING(MAX_NAME_COUNT) ")\0"
458 /* 50 */
459 "repeated subpattern is too long\0" /** DEAD **/
460 "octal value is greater than \\377 (not in UTF-8 mode)\0"
461 "internal error: overran compiling workspace\0"
462 "internal error: previously-checked referenced subpattern not found\0"
463 "DEFINE group contains more than one branch\0"
464 /* 55 */
465 "repeating a DEFINE group is not allowed\0" /** DEAD **/
466 "inconsistent NEWLINE options\0"
467 "\\g is not followed by a braced, angle-bracketed, or quoted name/number or by a plain number\0"
468 "a numbered reference must not be zero\0"
469 "an argument is not allowed for (*ACCEPT), (*FAIL), or (*COMMIT)\0"
470 /* 60 */
471 "(*VERB) not recognized\0"
472 "number is too big\0"
473 "subpattern name expected\0"
474 "digit expected after (?+\0"
475 "] is an invalid data character in JavaScript compatibility mode\0"
476 /* 65 */
477 "different names for subpatterns of the same number are not allowed\0"
478 "(*MARK) must have an argument\0"
479 "this version of PCRE is not compiled with PCRE_UCP support\0"
480 "\\c must be followed by an ASCII character\0"
481 "\\k is not followed by a braced, angle-bracketed, or quoted name\0"
482 /* 70 */
483 "internal error: unknown opcode in find_fixedlength()\0"
484 "\\N is not supported in a class\0"
485 "too many forward references\0"
486 "disallowed UTF-8/16 code point (>= 0xd800 && <= 0xdfff)\0"
487 ;
488
489 /* Table to identify digits and hex digits. This is used when compiling
490 patterns. Note that the tables in chartables are dependent on the locale, and
491 may mark arbitrary characters as digits - but the PCRE compiling code expects
492 to handle only 0-9, a-z, and A-Z as digits when compiling. That is why we have
493 a private table here. It costs 256 bytes, but it is a lot faster than doing
494 character value tests (at least in some simple cases I timed), and in some
495 applications one wants PCRE to compile efficiently as well as match
496 efficiently.
497
498 For convenience, we use the same bit definitions as in chartables:
499
500 0x04 decimal digit
501 0x08 hexadecimal digit
502
503 Then we can use ctype_digit and ctype_xdigit in the code. */
504
505 /* Using a simple comparison for decimal numbers rather than a memory read
506 is much faster, and the resulting code is simpler (the compiler turns it
507 into a subtraction and unsigned comparison). */
508
509 #define IS_DIGIT(x) ((x) >= CHAR_0 && (x) <= CHAR_9)
510
511 #ifndef EBCDIC
512
513 /* This is the "normal" case, for ASCII systems, and EBCDIC systems running in
514 UTF-8 mode. */
515
516 static const pcre_uint8 digitab[] =
517 {
518 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 0- 7 */
519 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 8- 15 */
520 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 16- 23 */
521 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */
522 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - ' */
523 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ( - / */
524 0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c, /* 0 - 7 */
525 0x0c,0x0c,0x00,0x00,0x00,0x00,0x00,0x00, /* 8 - ? */
526 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* @ - G */
527 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* H - O */
528 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* P - W */
529 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* X - _ */
530 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* ` - g */
531 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* h - o */
532 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* p - w */
533 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* x -127 */
534 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 128-135 */
535 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 136-143 */
536 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 144-151 */
537 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 152-159 */
538 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 160-167 */
539 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 168-175 */
540 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 176-183 */
541 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
542 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 192-199 */
543 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 200-207 */
544 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 208-215 */
545 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 216-223 */
546 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 224-231 */
547 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 232-239 */
548 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 240-247 */
549 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};/* 248-255 */
550
551 #else
552
553 /* This is the "abnormal" case, for EBCDIC systems not running in UTF-8 mode. */
554
555 static const pcre_uint8 digitab[] =
556 {
557 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 0- 7 0 */
558 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 8- 15 */
559 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 16- 23 10 */
560 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */
561 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 32- 39 20 */
562 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 40- 47 */
563 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 48- 55 30 */
564 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 56- 63 */
565 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - 71 40 */
566 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 72- | */
567 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* & - 87 50 */
568 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 88- 95 */
569 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - -103 60 */
570 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 104- ? */
571 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 70 */
572 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 120- " */
573 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* 128- g 80 */
574 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* h -143 */
575 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 144- p 90 */
576 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* q -159 */
577 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 160- x A0 */
578 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* y -175 */
579 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ^ -183 B0 */
580 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
581 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* { - G C0 */
582 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* H -207 */
583 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* } - P D0 */
584 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* Q -223 */
585 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* \ - X E0 */
586 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* Y -239 */
587 0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c, /* 0 - 7 F0 */
588 0x0c,0x0c,0x00,0x00,0x00,0x00,0x00,0x00};/* 8 -255 */
589
590 static const pcre_uint8 ebcdic_chartab[] = { /* chartable partial dup */
591 0x80,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /* 0- 7 */
592 0x00,0x00,0x00,0x00,0x01,0x01,0x00,0x00, /* 8- 15 */
593 0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /* 16- 23 */
594 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */
595 0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /* 32- 39 */
596 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 40- 47 */
597 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 48- 55 */
598 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 56- 63 */
599 0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - 71 */
600 0x00,0x00,0x00,0x80,0x00,0x80,0x80,0x80, /* 72- | */
601 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* & - 87 */
602 0x00,0x00,0x00,0x80,0x80,0x80,0x00,0x00, /* 88- 95 */
603 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - -103 */
604 0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x80, /* 104- ? */
605 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 */
606 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 120- " */
607 0x00,0x1a,0x1a,0x1a,0x1a,0x1a,0x1a,0x12, /* 128- g */
608 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* h -143 */
609 0x00,0x12,0x12,0x12,0x12,0x12,0x12,0x12, /* 144- p */
610 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* q -159 */
611 0x00,0x00,0x12,0x12,0x12,0x12,0x12,0x12, /* 160- x */
612 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* y -175 */
613 0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ^ -183 */
614 0x00,0x00,0x80,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
615 0x80,0x1a,0x1a,0x1a,0x1a,0x1a,0x1a,0x12, /* { - G */
616 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* H -207 */
617 0x00,0x12,0x12,0x12,0x12,0x12,0x12,0x12, /* } - P */
618 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* Q -223 */
619 0x00,0x00,0x12,0x12,0x12,0x12,0x12,0x12, /* \ - X */
620 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* Y -239 */
621 0x1c,0x1c,0x1c,0x1c,0x1c,0x1c,0x1c,0x1c, /* 0 - 7 */
622 0x1c,0x1c,0x00,0x00,0x00,0x00,0x00,0x00};/* 8 -255 */
623 #endif
624
625
626 /* Definition to allow mutual recursion */
627
628 static BOOL
629 compile_regex(int, pcre_uchar **, const pcre_uchar **, int *, BOOL, BOOL, int, int,
630 int *, int *, branch_chain *, compile_data *, int *);
631
632
633
634 /*************************************************
635 * Find an error text *
636 *************************************************/
637
638 /* The error texts are now all in one long string, to save on relocations. As
639 some of the text is of unknown length, we can't use a table of offsets.
640 Instead, just count through the strings. This is not a performance issue
641 because it happens only when there has been a compilation error.
642
643 Argument: the error number
644 Returns: pointer to the error string
645 */
646
647 static const char *
648 find_error_text(int n)
649 {
650 const char *s = error_texts;
651 for (; n > 0; n--)
652 {
653 while (*s++ != 0) {};
654 if (*s == 0) return "Error text not found (please report)";
655 }
656 return s;
657 }
658
659
660 /*************************************************
661 * Expand the workspace *
662 *************************************************/
663
664 /* This function is called during the second compiling phase, if the number of
665 forward references fills the existing workspace, which is originally a block on
666 the stack. A larger block is obtained from malloc() unless the ultimate limit
667 has been reached or the increase will be rather small.
668
669 Argument: pointer to the compile data block
670 Returns: 0 if all went well, else an error number
671 */
672
673 static int
674 expand_workspace(compile_data *cd)
675 {
676 pcre_uchar *newspace;
677 int newsize = cd->workspace_size * 2;
678
679 if (newsize > COMPILE_WORK_SIZE_MAX) newsize = COMPILE_WORK_SIZE_MAX;
680 if (cd->workspace_size >= COMPILE_WORK_SIZE_MAX ||
681 newsize - cd->workspace_size < WORK_SIZE_SAFETY_MARGIN)
682 return ERR72;
683
684 newspace = (pcre_malloc)(newsize);
685 if (newspace == NULL) return ERR21;
686
687 memcpy(newspace, cd->start_workspace, cd->workspace_size);
688 cd->hwm = (pcre_uchar *)newspace + (cd->hwm - cd->start_workspace);
689 if (cd->workspace_size > COMPILE_WORK_SIZE)
690 (pcre_free)((void *)cd->start_workspace);
691 cd->start_workspace = newspace;
692 cd->workspace_size = newsize;
693 return 0;
694 }
695
696
697
698 /*************************************************
699 * Check for counted repeat *
700 *************************************************/
701
702 /* This function is called when a '{' is encountered in a place where it might
703 start a quantifier. It looks ahead to see if it really is a quantifier or not.
704 It is only a quantifier if it is one of the forms {ddd} {ddd,} or {ddd,ddd}
705 where the ddds are digits.
706
707 Arguments:
708 p pointer to the first char after '{'
709
710 Returns: TRUE or FALSE
711 */
712
713 static BOOL
714 is_counted_repeat(const pcre_uchar *p)
715 {
716 if (!IS_DIGIT(*p)) return FALSE;
717 p++;
718 while (IS_DIGIT(*p)) p++;
719 if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
720
721 if (*p++ != CHAR_COMMA) return FALSE;
722 if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
723
724 if (!IS_DIGIT(*p)) return FALSE;
725 p++;
726 while (IS_DIGIT(*p)) p++;
727
728 return (*p == CHAR_RIGHT_CURLY_BRACKET);
729 }
730
731
732
733 /*************************************************
734 * Handle escapes *
735 *************************************************/
736
737 /* This function is called when a \ has been encountered. It either returns a
738 positive value for a simple escape such as \n, or a negative value which
739 encodes one of the more complicated things such as \d. A backreference to group
740 n is returned as -(ESC_REF + n); ESC_REF is the highest ESC_xxx macro. When
741 UTF-8 is enabled, a positive value greater than 255 may be returned. On entry,
742 ptr is pointing at the \. On exit, it is on the final character of the escape
743 sequence.
744
745 Arguments:
746 ptrptr points to the pattern position pointer
747 errorcodeptr points to the errorcode variable
748 bracount number of previous extracting brackets
749 options the options bits
750 isclass TRUE if inside a character class
751
752 Returns: zero or positive => a data character
753 negative => a special escape sequence
754 on error, errorcodeptr is set
755 */
756
757 static int
758 check_escape(const pcre_uchar **ptrptr, int *errorcodeptr, int bracount,
759 int options, BOOL isclass)
760 {
761 /* PCRE_UTF16 has the same value as PCRE_UTF8. */
762 BOOL utf = (options & PCRE_UTF8) != 0;
763 const pcre_uchar *ptr = *ptrptr + 1;
764 pcre_int32 c;
765 int i;
766
767 GETCHARINCTEST(c, ptr); /* Get character value, increment pointer */
768 ptr--; /* Set pointer back to the last byte */
769
770 /* If backslash is at the end of the pattern, it's an error. */
771
772 if (c == 0) *errorcodeptr = ERR1;
773
774 /* Non-alphanumerics are literals. For digits or letters, do an initial lookup
775 in a table. A non-zero result is something that can be returned immediately.
776 Otherwise further processing may be required. */
777
778 #ifndef EBCDIC /* ASCII/UTF-8 coding */
779 /* Not alphanumeric */
780 else if (c < CHAR_0 || c > CHAR_z) {}
781 else if ((i = escapes[c - CHAR_0]) != 0) c = i;
782
783 #else /* EBCDIC coding */
784 /* Not alphanumeric */
785 else if (c < 'a' || (!MAX_255(c) || (ebcdic_chartab[c] & 0x0E) == 0)) {}
786 else if ((i = escapes[c - 0x48]) != 0) c = i;
787 #endif
788
789 /* Escapes that need further processing, or are illegal. */
790
791 else
792 {
793 const pcre_uchar *oldptr;
794 BOOL braced, negated;
795
796 switch (c)
797 {
798 /* A number of Perl escapes are not handled by PCRE. We give an explicit
799 error. */
800
801 case CHAR_l:
802 case CHAR_L:
803 *errorcodeptr = ERR37;
804 break;
805
806 case CHAR_u:
807 if ((options & PCRE_JAVASCRIPT_COMPAT) != 0)
808 {
809 /* In JavaScript, \u must be followed by four hexadecimal numbers.
810 Otherwise it is a lowercase u letter. */
811 if (MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0
812 && MAX_255(ptr[2]) && (digitab[ptr[2]] & ctype_xdigit) != 0
813 && MAX_255(ptr[3]) && (digitab[ptr[3]] & ctype_xdigit) != 0
814 && MAX_255(ptr[4]) && (digitab[ptr[4]] & ctype_xdigit) != 0)
815 {
816 c = 0;
817 for (i = 0; i < 4; ++i)
818 {
819 register int cc = *(++ptr);
820 #ifndef EBCDIC /* ASCII/UTF-8 coding */
821 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
822 c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
823 #else /* EBCDIC coding */
824 if (cc >= CHAR_a && cc <= CHAR_z) cc += 64; /* Convert to upper case */
825 c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
826 #endif
827 }
828 }
829 }
830 else
831 *errorcodeptr = ERR37;
832 break;
833
834 case CHAR_U:
835 /* In JavaScript, \U is an uppercase U letter. */
836 if ((options & PCRE_JAVASCRIPT_COMPAT) == 0) *errorcodeptr = ERR37;
837 break;
838
839 /* In a character class, \g is just a literal "g". Outside a character
840 class, \g must be followed by one of a number of specific things:
841
842 (1) A number, either plain or braced. If positive, it is an absolute
843 backreference. If negative, it is a relative backreference. This is a Perl
844 5.10 feature.
845
846 (2) Perl 5.10 also supports \g{name} as a reference to a named group. This
847 is part of Perl's movement towards a unified syntax for back references. As
848 this is synonymous with \k{name}, we fudge it up by pretending it really
849 was \k.
850
851 (3) For Oniguruma compatibility we also support \g followed by a name or a
852 number either in angle brackets or in single quotes. However, these are
853 (possibly recursive) subroutine calls, _not_ backreferences. Just return
854 the -ESC_g code (cf \k). */
855
856 case CHAR_g:
857 if (isclass) break;
858 if (ptr[1] == CHAR_LESS_THAN_SIGN || ptr[1] == CHAR_APOSTROPHE)
859 {
860 c = -ESC_g;
861 break;
862 }
863
864 /* Handle the Perl-compatible cases */
865
866 if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
867 {
868 const pcre_uchar *p;
869 for (p = ptr+2; *p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET; p++)
870 if (*p != CHAR_MINUS && !IS_DIGIT(*p)) break;
871 if (*p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET)
872 {
873 c = -ESC_k;
874 break;
875 }
876 braced = TRUE;
877 ptr++;
878 }
879 else braced = FALSE;
880
881 if (ptr[1] == CHAR_MINUS)
882 {
883 negated = TRUE;
884 ptr++;
885 }
886 else negated = FALSE;
887
888 /* The integer range is limited by the machine's int representation. */
889 c = 0;
890 while (IS_DIGIT(ptr[1]))
891 {
892 if (((unsigned int)c) > INT_MAX / 10) /* Integer overflow */
893 {
894 c = -1;
895 break;
896 }
897 c = c * 10 + *(++ptr) - CHAR_0;
898 }
899 if (((unsigned int)c) > INT_MAX) /* Integer overflow */
900 {
901 while (IS_DIGIT(ptr[1]))
902 ptr++;
903 *errorcodeptr = ERR61;
904 break;
905 }
906
907 if (braced && *(++ptr) != CHAR_RIGHT_CURLY_BRACKET)
908 {
909 *errorcodeptr = ERR57;
910 break;
911 }
912
913 if (c == 0)
914 {
915 *errorcodeptr = ERR58;
916 break;
917 }
918
919 if (negated)
920 {
921 if (c > bracount)
922 {
923 *errorcodeptr = ERR15;
924 break;
925 }
926 c = bracount - (c - 1);
927 }
928
929 c = -(ESC_REF + c);
930 break;
931
932 /* The handling of escape sequences consisting of a string of digits
933 starting with one that is not zero is not straightforward. By experiment,
934 the way Perl works seems to be as follows:
935
936 Outside a character class, the digits are read as a decimal number. If the
937 number is less than 10, or if there are that many previous extracting
938 left brackets, then it is a back reference. Otherwise, up to three octal
939 digits are read to form an escaped byte. Thus \123 is likely to be octal
940 123 (cf \0123, which is octal 012 followed by the literal 3). If the octal
941 value is greater than 377, the least significant 8 bits are taken. Inside a
942 character class, \ followed by a digit is always an octal number. */
943
944 case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4: case CHAR_5:
945 case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
946
947 if (!isclass)
948 {
949 oldptr = ptr;
950 /* The integer range is limited by the machine's int representation. */
951 c -= CHAR_0;
952 while (IS_DIGIT(ptr[1]))
953 {
954 if (((unsigned int)c) > INT_MAX / 10) /* Integer overflow */
955 {
956 c = -1;
957 break;
958 }
959 c = c * 10 + *(++ptr) - CHAR_0;
960 }
961 if (((unsigned int)c) > INT_MAX) /* Integer overflow */
962 {
963 while (IS_DIGIT(ptr[1]))
964 ptr++;
965 *errorcodeptr = ERR61;
966 break;
967 }
968 if (c < 10 || c <= bracount)
969 {
970 c = -(ESC_REF + c);
971 break;
972 }
973 ptr = oldptr; /* Put the pointer back and fall through */
974 }
975
976 /* Handle an octal number following \. If the first digit is 8 or 9, Perl
977 generates a binary zero byte and treats the digit as a following literal.
978 Thus we have to pull back the pointer by one. */
979
980 if ((c = *ptr) >= CHAR_8)
981 {
982 ptr--;
983 c = 0;
984 break;
985 }
986
987 /* \0 always starts an octal number, but we may drop through to here with a
988 larger first octal digit. The original code used just to take the least
989 significant 8 bits of octal numbers (I think this is what early Perls used
990 to do). Nowadays we allow for larger numbers in UTF-8 mode, but no more
991 than 3 octal digits. */
992
993 case CHAR_0:
994 c -= CHAR_0;
995 while(i++ < 2 && ptr[1] >= CHAR_0 && ptr[1] <= CHAR_7)
996 c = c * 8 + *(++ptr) - CHAR_0;
997 if (!utf && c > 0xff) *errorcodeptr = ERR51;
998 break;
999
1000 /* \x is complicated. \x{ddd} is a character number which can be greater
1001 than 0xff in utf or non-8bit mode, but only if the ddd are hex digits.
1002 If not, { is treated as a data character. */
1003
1004 case CHAR_x:
1005 if ((options & PCRE_JAVASCRIPT_COMPAT) != 0)
1006 {
1007 /* In JavaScript, \x must be followed by two hexadecimal numbers.
1008 Otherwise it is a lowercase x letter. */
1009 if (MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0
1010 && MAX_255(ptr[2]) && (digitab[ptr[2]] & ctype_xdigit) != 0)
1011 {
1012 c = 0;
1013 for (i = 0; i < 2; ++i)
1014 {
1015 register int cc = *(++ptr);
1016 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1017 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
1018 c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1019 #else /* EBCDIC coding */
1020 if (cc >= CHAR_a && cc <= CHAR_z) cc += 64; /* Convert to upper case */
1021 c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1022 #endif
1023 }
1024 }
1025 break;
1026 }
1027
1028 if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
1029 {
1030 const pcre_uchar *pt = ptr + 2;
1031
1032 c = 0;
1033 while (MAX_255(*pt) && (digitab[*pt] & ctype_xdigit) != 0)
1034 {
1035 register int cc = *pt++;
1036 if (c == 0 && cc == CHAR_0) continue; /* Leading zeroes */
1037
1038 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1039 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
1040 c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1041 #else /* EBCDIC coding */
1042 if (cc >= CHAR_a && cc <= CHAR_z) cc += 64; /* Convert to upper case */
1043 c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1044 #endif
1045
1046 #ifdef COMPILE_PCRE8
1047 if (c > (utf ? 0x10ffff : 0xff)) { c = -1; break; }
1048 #else
1049 #ifdef COMPILE_PCRE16
1050 if (c > (utf ? 0x10ffff : 0xffff)) { c = -1; break; }
1051 #endif
1052 #endif
1053 }
1054
1055 if (c < 0)
1056 {
1057 while (MAX_255(*pt) && (digitab[*pt] & ctype_xdigit) != 0) pt++;
1058 *errorcodeptr = ERR34;
1059 }
1060
1061 if (*pt == CHAR_RIGHT_CURLY_BRACKET)
1062 {
1063 if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;
1064 ptr = pt;
1065 break;
1066 }
1067
1068 /* If the sequence of hex digits does not end with '}', then we don't
1069 recognize this construct; fall through to the normal \x handling. */
1070 }
1071
1072 /* Read just a single-byte hex-defined char */
1073
1074 c = 0;
1075 while (i++ < 2 && MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0)
1076 {
1077 int cc; /* Some compilers don't like */
1078 cc = *(++ptr); /* ++ in initializers */
1079 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1080 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
1081 c = c * 16 + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1082 #else /* EBCDIC coding */
1083 if (cc <= CHAR_z) cc += 64; /* Convert to upper case */
1084 c = c * 16 + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1085 #endif
1086 }
1087 break;
1088
1089 /* For \c, a following letter is upper-cased; then the 0x40 bit is flipped.
1090 An error is given if the byte following \c is not an ASCII character. This
1091 coding is ASCII-specific, but then the whole concept of \cx is
1092 ASCII-specific. (However, an EBCDIC equivalent has now been added.) */
1093
1094 case CHAR_c:
1095 c = *(++ptr);
1096 if (c == 0)
1097 {
1098 *errorcodeptr = ERR2;
1099 break;
1100 }
1101 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1102 if (c > 127) /* Excludes all non-ASCII in either mode */
1103 {
1104 *errorcodeptr = ERR68;
1105 break;
1106 }
1107 if (c >= CHAR_a && c <= CHAR_z) c -= 32;
1108 c ^= 0x40;
1109 #else /* EBCDIC coding */
1110 if (c >= CHAR_a && c <= CHAR_z) c += 64;
1111 c ^= 0xC0;
1112 #endif
1113 break;
1114
1115 /* PCRE_EXTRA enables extensions to Perl in the matter of escapes. Any
1116 other alphanumeric following \ is an error if PCRE_EXTRA was set;
1117 otherwise, for Perl compatibility, it is a literal. This code looks a bit
1118 odd, but there used to be some cases other than the default, and there may
1119 be again in future, so I haven't "optimized" it. */
1120
1121 default:
1122 if ((options & PCRE_EXTRA) != 0) switch(c)
1123 {
1124 default:
1125 *errorcodeptr = ERR3;
1126 break;
1127 }
1128 break;
1129 }
1130 }
1131
1132 /* Perl supports \N{name} for character names, as well as plain \N for "not
1133 newline". PCRE does not support \N{name}. However, it does support
1134 quantification such as \N{2,3}. */
1135
1136 if (c == -ESC_N && ptr[1] == CHAR_LEFT_CURLY_BRACKET &&
1137 !is_counted_repeat(ptr+2))
1138 *errorcodeptr = ERR37;
1139
1140 /* If PCRE_UCP is set, we change the values for \d etc. */
1141
1142 if ((options & PCRE_UCP) != 0 && c <= -ESC_D && c >= -ESC_w)
1143 c -= (ESC_DU - ESC_D);
1144
1145 /* Set the pointer to the final character before returning. */
1146
1147 *ptrptr = ptr;
1148 return c;
1149 }
1150
1151
1152
1153 #ifdef SUPPORT_UCP
1154 /*************************************************
1155 * Handle \P and \p *
1156 *************************************************/
1157
1158 /* This function is called after \P or \p has been encountered, provided that
1159 PCRE is compiled with support for Unicode properties. On entry, ptrptr is
1160 pointing at the P or p. On exit, it is pointing at the final character of the
1161 escape sequence.
1162
1163 Argument:
1164 ptrptr points to the pattern position pointer
1165 negptr points to a boolean that is set TRUE for negation else FALSE
1166 dptr points to an int that is set to the detailed property value
1167 errorcodeptr points to the error code variable
1168
1169 Returns: type value from ucp_type_table, or -1 for an invalid type
1170 */
1171
1172 static int
1173 get_ucp(const pcre_uchar **ptrptr, BOOL *negptr, int *dptr, int *errorcodeptr)
1174 {
1175 int c, i, bot, top;
1176 const pcre_uchar *ptr = *ptrptr;
1177 pcre_uchar name[32];
1178
1179 c = *(++ptr);
1180 if (c == 0) goto ERROR_RETURN;
1181
1182 *negptr = FALSE;
1183
1184 /* \P or \p can be followed by a name in {}, optionally preceded by ^ for
1185 negation. */
1186
1187 if (c == CHAR_LEFT_CURLY_BRACKET)
1188 {
1189 if (ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
1190 {
1191 *negptr = TRUE;
1192 ptr++;
1193 }
1194 for (i = 0; i < (int)sizeof(name) - 1; i++)
1195 {
1196 c = *(++ptr);
1197 if (c == 0) goto ERROR_RETURN;
1198 if (c == CHAR_RIGHT_CURLY_BRACKET) break;
1199 name[i] = c;
1200 }
1201 if (c != CHAR_RIGHT_CURLY_BRACKET) goto ERROR_RETURN;
1202 name[i] = 0;
1203 }
1204
1205 /* Otherwise there is just one following character */
1206
1207 else
1208 {
1209 name[0] = c;
1210 name[1] = 0;
1211 }
1212
1213 *ptrptr = ptr;
1214
1215 /* Search for a recognized property name using binary chop */
1216
1217 bot = 0;
1218 top = PRIV(utt_size);
1219
1220 while (bot < top)
1221 {
1222 i = (bot + top) >> 1;
1223 c = STRCMP_UC_C8(name, PRIV(utt_names) + PRIV(utt)[i].name_offset);
1224 if (c == 0)
1225 {
1226 *dptr = PRIV(utt)[i].value;
1227 return PRIV(utt)[i].type;
1228 }
1229 if (c > 0) bot = i + 1; else top = i;
1230 }
1231
1232 *errorcodeptr = ERR47;
1233 *ptrptr = ptr;
1234 return -1;
1235
1236 ERROR_RETURN:
1237 *errorcodeptr = ERR46;
1238 *ptrptr = ptr;
1239 return -1;
1240 }
1241 #endif
1242
1243
1244
1245
1246 /*************************************************
1247 * Read repeat counts *
1248 *************************************************/
1249
1250 /* Read an item of the form {n,m} and return the values. This is called only
1251 after is_counted_repeat() has confirmed that a repeat-count quantifier exists,
1252 so the syntax is guaranteed to be correct, but we need to check the values.
1253
1254 Arguments:
1255 p pointer to first char after '{'
1256 minp pointer to int for min
1257 maxp pointer to int for max
1258 returned as -1 if no max
1259 errorcodeptr points to error code variable
1260
1261 Returns: pointer to '}' on success;
1262 current ptr on error, with errorcodeptr set non-zero
1263 */
1264
1265 static const pcre_uchar *
1266 read_repeat_counts(const pcre_uchar *p, int *minp, int *maxp, int *errorcodeptr)
1267 {
1268 int min = 0;
1269 int max = -1;
1270
1271 /* Read the minimum value and do a paranoid check: a negative value indicates
1272 an integer overflow. */
1273
1274 while (IS_DIGIT(*p)) min = min * 10 + *p++ - CHAR_0;
1275 if (min < 0 || min > 65535)
1276 {
1277 *errorcodeptr = ERR5;
1278 return p;
1279 }
1280
1281 /* Read the maximum value if there is one, and again do a paranoid on its size.
1282 Also, max must not be less than min. */
1283
1284 if (*p == CHAR_RIGHT_CURLY_BRACKET) max = min; else
1285 {
1286 if (*(++p) != CHAR_RIGHT_CURLY_BRACKET)
1287 {
1288 max = 0;
1289 while(IS_DIGIT(*p)) max = max * 10 + *p++ - CHAR_0;
1290 if (max < 0 || max > 65535)
1291 {
1292 *errorcodeptr = ERR5;
1293 return p;
1294 }
1295 if (max < min)
1296 {
1297 *errorcodeptr = ERR4;
1298 return p;
1299 }
1300 }
1301 }
1302
1303 /* Fill in the required variables, and pass back the pointer to the terminating
1304 '}'. */
1305
1306 *minp = min;
1307 *maxp = max;
1308 return p;
1309 }
1310
1311
1312
1313 /*************************************************
1314 * Subroutine for finding forward reference *
1315 *************************************************/
1316
1317 /* This recursive function is called only from find_parens() below. The
1318 top-level call starts at the beginning of the pattern. All other calls must
1319 start at a parenthesis. It scans along a pattern's text looking for capturing
1320 subpatterns, and counting them. If it finds a named pattern that matches the
1321 name it is given, it returns its number. Alternatively, if the name is NULL, it
1322 returns when it reaches a given numbered subpattern. Recursion is used to keep
1323 track of subpatterns that reset the capturing group numbers - the (?| feature.
1324
1325 This function was originally called only from the second pass, in which we know
1326 that if (?< or (?' or (?P< is encountered, the name will be correctly
1327 terminated because that is checked in the first pass. There is now one call to
1328 this function in the first pass, to check for a recursive back reference by
1329 name (so that we can make the whole group atomic). In this case, we need check
1330 only up to the current position in the pattern, and that is still OK because
1331 and previous occurrences will have been checked. To make this work, the test
1332 for "end of pattern" is a check against cd->end_pattern in the main loop,
1333 instead of looking for a binary zero. This means that the special first-pass
1334 call can adjust cd->end_pattern temporarily. (Checks for binary zero while
1335 processing items within the loop are OK, because afterwards the main loop will
1336 terminate.)
1337
1338 Arguments:
1339 ptrptr address of the current character pointer (updated)
1340 cd compile background data
1341 name name to seek, or NULL if seeking a numbered subpattern
1342 lorn name length, or subpattern number if name is NULL
1343 xmode TRUE if we are in /x mode
1344 utf TRUE if we are in UTF-8 / UTF-16 mode
1345 count pointer to the current capturing subpattern number (updated)
1346
1347 Returns: the number of the named subpattern, or -1 if not found
1348 */
1349
1350 static int
1351 find_parens_sub(pcre_uchar **ptrptr, compile_data *cd, const pcre_uchar *name, int lorn,
1352 BOOL xmode, BOOL utf, int *count)
1353 {
1354 pcre_uchar *ptr = *ptrptr;
1355 int start_count = *count;
1356 int hwm_count = start_count;
1357 BOOL dup_parens = FALSE;
1358
1359 /* If the first character is a parenthesis, check on the type of group we are
1360 dealing with. The very first call may not start with a parenthesis. */
1361
1362 if (ptr[0] == CHAR_LEFT_PARENTHESIS)
1363 {
1364 /* Handle specials such as (*SKIP) or (*UTF8) etc. */
1365
1366 if (ptr[1] == CHAR_ASTERISK) ptr += 2;
1367
1368 /* Handle a normal, unnamed capturing parenthesis. */
1369
1370 else if (ptr[1] != CHAR_QUESTION_MARK)
1371 {
1372 *count += 1;
1373 if (name == NULL && *count == lorn) return *count;
1374 ptr++;
1375 }
1376
1377 /* All cases now have (? at the start. Remember when we are in a group
1378 where the parenthesis numbers are duplicated. */
1379
1380 else if (ptr[2] == CHAR_VERTICAL_LINE)
1381 {
1382 ptr += 3;
1383 dup_parens = TRUE;
1384 }
1385
1386 /* Handle comments; all characters are allowed until a ket is reached. */
1387
1388 else if (ptr[2] == CHAR_NUMBER_SIGN)
1389 {
1390 for (ptr += 3; *ptr != 0; ptr++) if (*ptr == CHAR_RIGHT_PARENTHESIS) break;
1391 goto FAIL_EXIT;
1392 }
1393
1394 /* Handle a condition. If it is an assertion, just carry on so that it
1395 is processed as normal. If not, skip to the closing parenthesis of the
1396 condition (there can't be any nested parens). */
1397
1398 else if (ptr[2] == CHAR_LEFT_PARENTHESIS)
1399 {
1400 ptr += 2;
1401 if (ptr[1] != CHAR_QUESTION_MARK)
1402 {
1403 while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
1404 if (*ptr != 0) ptr++;
1405 }
1406 }
1407
1408 /* Start with (? but not a condition. */
1409
1410 else
1411 {
1412 ptr += 2;
1413 if (*ptr == CHAR_P) ptr++; /* Allow optional P */
1414
1415 /* We have to disambiguate (?<! and (?<= from (?<name> for named groups */
1416
1417 if ((*ptr == CHAR_LESS_THAN_SIGN && ptr[1] != CHAR_EXCLAMATION_MARK &&
1418 ptr[1] != CHAR_EQUALS_SIGN) || *ptr == CHAR_APOSTROPHE)
1419 {
1420 int term;
1421 const pcre_uchar *thisname;
1422 *count += 1;
1423 if (name == NULL && *count == lorn) return *count;
1424 term = *ptr++;
1425 if (term == CHAR_LESS_THAN_SIGN) term = CHAR_GREATER_THAN_SIGN;
1426 thisname = ptr;
1427 while (*ptr != term) ptr++;
1428 if (name != NULL && lorn == ptr - thisname &&
1429 STRNCMP_UC_UC(name, thisname, lorn) == 0)
1430 return *count;
1431 term++;
1432 }
1433 }
1434 }
1435
1436 /* Past any initial parenthesis handling, scan for parentheses or vertical
1437 bars. Stop if we get to cd->end_pattern. Note that this is important for the
1438 first-pass call when this value is temporarily adjusted to stop at the current
1439 position. So DO NOT change this to a test for binary zero. */
1440
1441 for (; ptr < cd->end_pattern; ptr++)
1442 {
1443 /* Skip over backslashed characters and also entire \Q...\E */
1444
1445 if (*ptr == CHAR_BACKSLASH)
1446 {
1447 if (*(++ptr) == 0) goto FAIL_EXIT;
1448 if (*ptr == CHAR_Q) for (;;)
1449 {
1450 while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};
1451 if (*ptr == 0) goto FAIL_EXIT;
1452 if (*(++ptr) == CHAR_E) break;
1453 }
1454 continue;
1455 }
1456
1457 /* Skip over character classes; this logic must be similar to the way they
1458 are handled for real. If the first character is '^', skip it. Also, if the
1459 first few characters (either before or after ^) are \Q\E or \E we skip them
1460 too. This makes for compatibility with Perl. Note the use of STR macros to
1461 encode "Q\\E" so that it works in UTF-8 on EBCDIC platforms. */
1462
1463 if (*ptr == CHAR_LEFT_SQUARE_BRACKET)
1464 {
1465 BOOL negate_class = FALSE;
1466 for (;;)
1467 {
1468 if (ptr[1] == CHAR_BACKSLASH)
1469 {
1470 if (ptr[2] == CHAR_E)
1471 ptr+= 2;
1472 else if (STRNCMP_UC_C8(ptr + 2,
1473 STR_Q STR_BACKSLASH STR_E, 3) == 0)
1474 ptr += 4;
1475 else
1476 break;
1477 }
1478 else if (!negate_class && ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
1479 {
1480 negate_class = TRUE;
1481 ptr++;
1482 }
1483 else break;
1484 }
1485
1486 /* If the next character is ']', it is a data character that must be
1487 skipped, except in JavaScript compatibility mode. */
1488
1489 if (ptr[1] == CHAR_RIGHT_SQUARE_BRACKET &&
1490 (cd->external_options & PCRE_JAVASCRIPT_COMPAT) == 0)
1491 ptr++;
1492
1493 while (*(++ptr) != CHAR_RIGHT_SQUARE_BRACKET)
1494 {
1495 if (*ptr == 0) return -1;
1496 if (*ptr == CHAR_BACKSLASH)
1497 {
1498 if (*(++ptr) == 0) goto FAIL_EXIT;
1499 if (*ptr == CHAR_Q) for (;;)
1500 {
1501 while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};
1502 if (*ptr == 0) goto FAIL_EXIT;
1503 if (*(++ptr) == CHAR_E) break;
1504 }
1505 continue;
1506 }
1507 }
1508 continue;
1509 }
1510
1511 /* Skip comments in /x mode */
1512
1513 if (xmode && *ptr == CHAR_NUMBER_SIGN)
1514 {
1515 ptr++;
1516 while (*ptr != 0)
1517 {
1518 if (IS_NEWLINE(ptr)) { ptr += cd->nllen - 1; break; }
1519 ptr++;
1520 #ifdef SUPPORT_UTF
1521 if (utf) FORWARDCHAR(ptr);
1522 #endif
1523 }
1524 if (*ptr == 0) goto FAIL_EXIT;
1525 continue;
1526 }
1527
1528 /* Check for the special metacharacters */
1529
1530 if (*ptr == CHAR_LEFT_PARENTHESIS)
1531 {
1532 int rc = find_parens_sub(&ptr, cd, name, lorn, xmode, utf, count);
1533 if (rc > 0) return rc;
1534 if (*ptr == 0) goto FAIL_EXIT;
1535 }
1536
1537 else if (*ptr == CHAR_RIGHT_PARENTHESIS)
1538 {
1539 if (dup_parens && *count < hwm_count) *count = hwm_count;
1540 goto FAIL_EXIT;
1541 }
1542
1543 else if (*ptr == CHAR_VERTICAL_LINE && dup_parens)
1544 {
1545 if (*count > hwm_count) hwm_count = *count;
1546 *count = start_count;
1547 }
1548 }
1549
1550 FAIL_EXIT:
1551 *ptrptr = ptr;
1552 return -1;
1553 }
1554
1555
1556
1557
1558 /*************************************************
1559 * Find forward referenced subpattern *
1560 *************************************************/
1561
1562 /* This function scans along a pattern's text looking for capturing
1563 subpatterns, and counting them. If it finds a named pattern that matches the
1564 name it is given, it returns its number. Alternatively, if the name is NULL, it
1565 returns when it reaches a given numbered subpattern. This is used for forward
1566 references to subpatterns. We used to be able to start this scan from the
1567 current compiling point, using the current count value from cd->bracount, and
1568 do it all in a single loop, but the addition of the possibility of duplicate
1569 subpattern numbers means that we have to scan from the very start, in order to
1570 take account of such duplicates, and to use a recursive function to keep track
1571 of the different types of group.
1572
1573 Arguments:
1574 cd compile background data
1575 name name to seek, or NULL if seeking a numbered subpattern
1576 lorn name length, or subpattern number if name is NULL
1577 xmode TRUE if we are in /x mode
1578 utf TRUE if we are in UTF-8 / UTF-16 mode
1579
1580 Returns: the number of the found subpattern, or -1 if not found
1581 */
1582
1583 static int
1584 find_parens(compile_data *cd, const pcre_uchar *name, int lorn, BOOL xmode,
1585 BOOL utf)
1586 {
1587 pcre_uchar *ptr = (pcre_uchar *)cd->start_pattern;
1588 int count = 0;
1589 int rc;
1590
1591 /* If the pattern does not start with an opening parenthesis, the first call
1592 to find_parens_sub() will scan right to the end (if necessary). However, if it
1593 does start with a parenthesis, find_parens_sub() will return when it hits the
1594 matching closing parens. That is why we have to have a loop. */
1595
1596 for (;;)
1597 {
1598 rc = find_parens_sub(&ptr, cd, name, lorn, xmode, utf, &count);
1599 if (rc > 0 || *ptr++ == 0) break;
1600 }
1601
1602 return rc;
1603 }
1604
1605
1606
1607
1608 /*************************************************
1609 * Find first significant op code *
1610 *************************************************/
1611
1612 /* This is called by several functions that scan a compiled expression looking
1613 for a fixed first character, or an anchoring op code etc. It skips over things
1614 that do not influence this. For some calls, it makes sense to skip negative
1615 forward and all backward assertions, and also the \b assertion; for others it
1616 does not.
1617
1618 Arguments:
1619 code pointer to the start of the group
1620 skipassert TRUE if certain assertions are to be skipped
1621
1622 Returns: pointer to the first significant opcode
1623 */
1624
1625 static const pcre_uchar*
1626 first_significant_code(const pcre_uchar *code, BOOL skipassert)
1627 {
1628 for (;;)
1629 {
1630 switch ((int)*code)
1631 {
1632 case OP_ASSERT_NOT:
1633 case OP_ASSERTBACK:
1634 case OP_ASSERTBACK_NOT:
1635 if (!skipassert) return code;
1636 do code += GET(code, 1); while (*code == OP_ALT);
1637 code += PRIV(OP_lengths)[*code];
1638 break;
1639
1640 case OP_WORD_BOUNDARY:
1641 case OP_NOT_WORD_BOUNDARY:
1642 if (!skipassert) return code;
1643 /* Fall through */
1644
1645 case OP_CALLOUT:
1646 case OP_CREF:
1647 case OP_NCREF:
1648 case OP_RREF:
1649 case OP_NRREF:
1650 case OP_DEF:
1651 code += PRIV(OP_lengths)[*code];
1652 break;
1653
1654 default:
1655 return code;
1656 }
1657 }
1658 /* Control never reaches here */
1659 }
1660
1661
1662
1663
1664 /*************************************************
1665 * Find the fixed length of a branch *
1666 *************************************************/
1667
1668 /* Scan a branch and compute the fixed length of subject that will match it,
1669 if the length is fixed. This is needed for dealing with backward assertions.
1670 In UTF8 mode, the result is in characters rather than bytes. The branch is
1671 temporarily terminated with OP_END when this function is called.
1672
1673 This function is called when a backward assertion is encountered, so that if it
1674 fails, the error message can point to the correct place in the pattern.
1675 However, we cannot do this when the assertion contains subroutine calls,
1676 because they can be forward references. We solve this by remembering this case
1677 and doing the check at the end; a flag specifies which mode we are running in.
1678
1679 Arguments:
1680 code points to the start of the pattern (the bracket)
1681 utf TRUE in UTF-8 / UTF-16 mode
1682 atend TRUE if called when the pattern is complete
1683 cd the "compile data" structure
1684
1685 Returns: the fixed length,
1686 or -1 if there is no fixed length,
1687 or -2 if \C was encountered (in UTF-8 mode only)
1688 or -3 if an OP_RECURSE item was encountered and atend is FALSE
1689 or -4 if an unknown opcode was encountered (internal error)
1690 */
1691
1692 static int
1693 find_fixedlength(pcre_uchar *code, BOOL utf, BOOL atend, compile_data *cd)
1694 {
1695 int length = -1;
1696
1697 register int branchlength = 0;
1698 register pcre_uchar *cc = code + 1 + LINK_SIZE;
1699
1700 /* Scan along the opcodes for this branch. If we get to the end of the
1701 branch, check the length against that of the other branches. */
1702
1703 for (;;)
1704 {
1705 int d;
1706 pcre_uchar *ce, *cs;
1707 register int op = *cc;
1708 switch (op)
1709 {
1710 /* We only need to continue for OP_CBRA (normal capturing bracket) and
1711 OP_BRA (normal non-capturing bracket) because the other variants of these
1712 opcodes are all concerned with unlimited repeated groups, which of course
1713 are not of fixed length. */
1714
1715 case OP_CBRA:
1716 case OP_BRA:
1717 case OP_ONCE:
1718 case OP_ONCE_NC:
1719 case OP_COND:
1720 d = find_fixedlength(cc + ((op == OP_CBRA)? IMM2_SIZE : 0), utf, atend, cd);
1721 if (d < 0) return d;
1722 branchlength += d;
1723 do cc += GET(cc, 1); while (*cc == OP_ALT);
1724 cc += 1 + LINK_SIZE;
1725 break;
1726
1727 /* Reached end of a branch; if it's a ket it is the end of a nested call.
1728 If it's ALT it is an alternation in a nested call. An ACCEPT is effectively
1729 an ALT. If it is END it's the end of the outer call. All can be handled by
1730 the same code. Note that we must not include the OP_KETRxxx opcodes here,
1731 because they all imply an unlimited repeat. */
1732
1733 case OP_ALT:
1734 case OP_KET:
1735 case OP_END:
1736 case OP_ACCEPT:
1737 case OP_ASSERT_ACCEPT:
1738 if (length < 0) length = branchlength;
1739 else if (length != branchlength) return -1;
1740 if (*cc != OP_ALT) return length;
1741 cc += 1 + LINK_SIZE;
1742 branchlength = 0;
1743 break;
1744
1745 /* A true recursion implies not fixed length, but a subroutine call may
1746 be OK. If the subroutine is a forward reference, we can't deal with
1747 it until the end of the pattern, so return -3. */
1748
1749 case OP_RECURSE:
1750 if (!atend) return -3;
1751 cs = ce = (pcre_uchar *)cd->start_code + GET(cc, 1); /* Start subpattern */
1752 do ce += GET(ce, 1); while (*ce == OP_ALT); /* End subpattern */
1753 if (cc > cs && cc < ce) return -1; /* Recursion */
1754 d = find_fixedlength(cs + 2, utf, atend, cd);
1755 if (d < 0) return d;
1756 branchlength += d;
1757 cc += 1 + LINK_SIZE;
1758 break;
1759
1760 /* Skip over assertive subpatterns */
1761
1762 case OP_ASSERT:
1763 case OP_ASSERT_NOT:
1764 case OP_ASSERTBACK:
1765 case OP_ASSERTBACK_NOT:
1766 do cc += GET(cc, 1); while (*cc == OP_ALT);
1767 /* Fall through */
1768
1769 /* Skip over things that don't match chars */
1770
1771 case OP_MARK:
1772 case OP_PRUNE_ARG:
1773 case OP_SKIP_ARG:
1774 case OP_THEN_ARG:
1775 cc += cc[1] + PRIV(OP_lengths)[*cc];
1776 break;
1777
1778 case OP_CALLOUT:
1779 case OP_CIRC:
1780 case OP_CIRCM:
1781 case OP_CLOSE:
1782 case OP_COMMIT:
1783 case OP_CREF:
1784 case OP_DEF:
1785 case OP_DOLL:
1786 case OP_DOLLM:
1787 case OP_EOD:
1788 case OP_EODN:
1789 case OP_FAIL:
1790 case OP_NCREF:
1791 case OP_NRREF:
1792 case OP_NOT_WORD_BOUNDARY:
1793 case OP_PRUNE:
1794 case OP_REVERSE:
1795 case OP_RREF:
1796 case OP_SET_SOM:
1797 case OP_SKIP:
1798 case OP_SOD:
1799 case OP_SOM:
1800 case OP_THEN:
1801 case OP_WORD_BOUNDARY:
1802 cc += PRIV(OP_lengths)[*cc];
1803 break;
1804
1805 /* Handle literal characters */
1806
1807 case OP_CHAR:
1808 case OP_CHARI:
1809 case OP_NOT:
1810 case OP_NOTI:
1811 branchlength++;
1812 cc += 2;
1813 #ifdef SUPPORT_UTF
1814 if (utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]);
1815 #endif
1816 break;
1817
1818 /* Handle exact repetitions. The count is already in characters, but we
1819 need to skip over a multibyte character in UTF8 mode. */
1820
1821 case OP_EXACT:
1822 case OP_EXACTI:
1823 case OP_NOTEXACT:
1824 case OP_NOTEXACTI:
1825 branchlength += GET2(cc,1);
1826 cc += 2 + IMM2_SIZE;
1827 #ifdef SUPPORT_UTF
1828 if (utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]);
1829 #endif
1830 break;
1831
1832 case OP_TYPEEXACT:
1833 branchlength += GET2(cc,1);
1834 if (cc[1 + IMM2_SIZE] == OP_PROP || cc[1 + IMM2_SIZE] == OP_NOTPROP) cc += 2;
1835 cc += 1 + IMM2_SIZE + 1;
1836 break;
1837
1838 /* Handle single-char matchers */
1839
1840 case OP_PROP:
1841 case OP_NOTPROP:
1842 cc += 2;
1843 /* Fall through */
1844
1845 case OP_HSPACE:
1846 case OP_VSPACE:
1847 case OP_NOT_HSPACE:
1848 case OP_NOT_VSPACE:
1849 case OP_NOT_DIGIT:
1850 case OP_DIGIT:
1851 case OP_NOT_WHITESPACE:
1852 case OP_WHITESPACE:
1853 case OP_NOT_WORDCHAR:
1854 case OP_WORDCHAR:
1855 case OP_ANY:
1856 case OP_ALLANY:
1857 branchlength++;
1858 cc++;
1859 break;
1860
1861 /* The single-byte matcher isn't allowed. This only happens in UTF-8 mode;
1862 otherwise \C is coded as OP_ALLANY. */
1863
1864 case OP_ANYBYTE:
1865 return -2;
1866
1867 /* Check a class for variable quantification */
1868
1869 #if defined SUPPORT_UTF || defined COMPILE_PCRE16
1870 case OP_XCLASS:
1871 cc += GET(cc, 1) - PRIV(OP_lengths)[OP_CLASS];
1872 /* Fall through */
1873 #endif
1874
1875 case OP_CLASS:
1876 case OP_NCLASS:
1877 cc += PRIV(OP_lengths)[OP_CLASS];
1878
1879 switch (*cc)
1880 {
1881 case OP_CRPLUS:
1882 case OP_CRMINPLUS:
1883 case OP_CRSTAR:
1884 case OP_CRMINSTAR:
1885 case OP_CRQUERY:
1886 case OP_CRMINQUERY:
1887 return -1;
1888
1889 case OP_CRRANGE:
1890 case OP_CRMINRANGE:
1891 if (GET2(cc,1) != GET2(cc,1+IMM2_SIZE)) return -1;
1892 branchlength += GET2(cc,1);
1893 cc += 1 + 2 * IMM2_SIZE;
1894 break;
1895
1896 default:
1897 branchlength++;
1898 }
1899 break;
1900
1901 /* Anything else is variable length */
1902
1903 case OP_ANYNL:
1904 case OP_BRAMINZERO:
1905 case OP_BRAPOS:
1906 case OP_BRAPOSZERO:
1907 case OP_BRAZERO:
1908 case OP_CBRAPOS:
1909 case OP_EXTUNI:
1910 case OP_KETRMAX:
1911 case OP_KETRMIN:
1912 case OP_KETRPOS:
1913 case OP_MINPLUS:
1914 case OP_MINPLUSI:
1915 case OP_MINQUERY:
1916 case OP_MINQUERYI:
1917 case OP_MINSTAR:
1918 case OP_MINSTARI:
1919 case OP_MINUPTO:
1920 case OP_MINUPTOI:
1921 case OP_NOTMINPLUS:
1922 case OP_NOTMINPLUSI:
1923 case OP_NOTMINQUERY:
1924 case OP_NOTMINQUERYI:
1925 case OP_NOTMINSTAR:
1926 case OP_NOTMINSTARI:
1927 case OP_NOTMINUPTO:
1928 case OP_NOTMINUPTOI:
1929 case OP_NOTPLUS:
1930 case OP_NOTPLUSI:
1931 case OP_NOTPOSPLUS:
1932 case OP_NOTPOSPLUSI:
1933 case OP_NOTPOSQUERY:
1934 case OP_NOTPOSQUERYI:
1935 case OP_NOTPOSSTAR:
1936 case OP_NOTPOSSTARI:
1937 case OP_NOTPOSUPTO:
1938 case OP_NOTPOSUPTOI:
1939 case OP_NOTQUERY:
1940 case OP_NOTQUERYI:
1941 case OP_NOTSTAR:
1942 case OP_NOTSTARI:
1943 case OP_NOTUPTO:
1944 case OP_NOTUPTOI:
1945 case OP_PLUS:
1946 case OP_PLUSI:
1947 case OP_POSPLUS:
1948 case OP_POSPLUSI:
1949 case OP_POSQUERY:
1950 case OP_POSQUERYI:
1951 case OP_POSSTAR:
1952 case OP_POSSTARI:
1953 case OP_POSUPTO:
1954 case OP_POSUPTOI:
1955 case OP_QUERY:
1956 case OP_QUERYI:
1957 case OP_REF:
1958 case OP_REFI:
1959 case OP_SBRA:
1960 case OP_SBRAPOS:
1961 case OP_SCBRA:
1962 case OP_SCBRAPOS:
1963 case OP_SCOND:
1964 case OP_SKIPZERO:
1965 case OP_STAR:
1966 case OP_STARI:
1967 case OP_TYPEMINPLUS:
1968 case OP_TYPEMINQUERY:
1969 case OP_TYPEMINSTAR:
1970 case OP_TYPEMINUPTO:
1971 case OP_TYPEPLUS:
1972 case OP_TYPEPOSPLUS:
1973 case OP_TYPEPOSQUERY:
1974 case OP_TYPEPOSSTAR:
1975 case OP_TYPEPOSUPTO:
1976 case OP_TYPEQUERY:
1977 case OP_TYPESTAR:
1978 case OP_TYPEUPTO:
1979 case OP_UPTO:
1980 case OP_UPTOI:
1981 return -1;
1982
1983 /* Catch unrecognized opcodes so that when new ones are added they
1984 are not forgotten, as has happened in the past. */
1985
1986 default:
1987 return -4;
1988 }
1989 }
1990 /* Control never gets here */
1991 }
1992
1993
1994
1995
1996 /*************************************************
1997 * Scan compiled regex for specific bracket *
1998 *************************************************/
1999
2000 /* This little function scans through a compiled pattern until it finds a
2001 capturing bracket with the given number, or, if the number is negative, an
2002 instance of OP_REVERSE for a lookbehind. The function is global in the C sense
2003 so that it can be called from pcre_study() when finding the minimum matching
2004 length.
2005
2006 Arguments:
2007 code points to start of expression
2008 utf TRUE in UTF-8 / UTF-16 mode
2009 number the required bracket number or negative to find a lookbehind
2010
2011 Returns: pointer to the opcode for the bracket, or NULL if not found
2012 */
2013
2014 const pcre_uchar *
2015 PRIV(find_bracket)(const pcre_uchar *code, BOOL utf, int number)
2016 {
2017 for (;;)
2018 {
2019 register int c = *code;
2020
2021 if (c == OP_END) return NULL;
2022
2023 /* XCLASS is used for classes that cannot be represented just by a bit
2024 map. This includes negated single high-valued characters. The length in
2025 the table is zero; the actual length is stored in the compiled code. */
2026
2027 if (c == OP_XCLASS) code += GET(code, 1);
2028
2029 /* Handle recursion */
2030
2031 else if (c == OP_REVERSE)
2032 {
2033 if (number < 0) return (pcre_uchar *)code;
2034 code += PRIV(OP_lengths)[c];
2035 }
2036
2037 /* Handle capturing bracket */
2038
2039 else if (c == OP_CBRA || c == OP_SCBRA ||
2040 c == OP_CBRAPOS || c == OP_SCBRAPOS)
2041 {
2042 int n = GET2(code, 1+LINK_SIZE);
2043 if (n == number) return (pcre_uchar *)code;
2044 code += PRIV(OP_lengths)[c];
2045 }
2046
2047 /* Otherwise, we can get the item's length from the table, except that for
2048 repeated character types, we have to test for \p and \P, which have an extra
2049 two bytes of parameters, and for MARK/PRUNE/SKIP/THEN with an argument, we
2050 must add in its length. */
2051
2052 else
2053 {
2054 switch(c)
2055 {
2056 case OP_TYPESTAR:
2057 case OP_TYPEMINSTAR:
2058 case OP_TYPEPLUS:
2059 case OP_TYPEMINPLUS:
2060 case OP_TYPEQUERY:
2061 case OP_TYPEMINQUERY:
2062 case OP_TYPEPOSSTAR:
2063 case OP_TYPEPOSPLUS:
2064 case OP_TYPEPOSQUERY:
2065 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2066 break;
2067
2068 case OP_TYPEUPTO:
2069 case OP_TYPEMINUPTO:
2070 case OP_TYPEEXACT:
2071 case OP_TYPEPOSUPTO:
2072 if (code[1 + IMM2_SIZE] == OP_PROP
2073 || code[1 + IMM2_SIZE] == OP_NOTPROP) code += 2;
2074 break;
2075
2076 case OP_MARK:
2077 case OP_PRUNE_ARG:
2078 case OP_SKIP_ARG:
2079 code += code[1];
2080 break;
2081
2082 case OP_THEN_ARG:
2083 code += code[1];
2084 break;
2085 }
2086
2087 /* Add in the fixed length from the table */
2088
2089 code += PRIV(OP_lengths)[c];
2090
2091 /* In UTF-8 mode, opcodes that are followed by a character may be followed by
2092 a multi-byte character. The length in the table is a minimum, so we have to
2093 arrange to skip the extra bytes. */
2094
2095 #ifdef SUPPORT_UTF
2096 if (utf) switch(c)
2097 {
2098 case OP_CHAR:
2099 case OP_CHARI:
2100 case OP_EXACT:
2101 case OP_EXACTI:
2102 case OP_UPTO:
2103 case OP_UPTOI:
2104 case OP_MINUPTO:
2105 case OP_MINUPTOI:
2106 case OP_POSUPTO:
2107 case OP_POSUPTOI:
2108 case OP_STAR:
2109 case OP_STARI:
2110 case OP_MINSTAR:
2111 case OP_MINSTARI:
2112 case OP_POSSTAR:
2113 case OP_POSSTARI:
2114 case OP_PLUS:
2115 case OP_PLUSI:
2116 case OP_MINPLUS:
2117 case OP_MINPLUSI:
2118 case OP_POSPLUS:
2119 case OP_POSPLUSI:
2120 case OP_QUERY:
2121 case OP_QUERYI:
2122 case OP_MINQUERY:
2123 case OP_MINQUERYI:
2124 case OP_POSQUERY:
2125 case OP_POSQUERYI:
2126 if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);
2127 break;
2128 }
2129 #else
2130 (void)(utf); /* Keep compiler happy by referencing function argument */
2131 #endif
2132 }
2133 }
2134 }
2135
2136
2137
2138 /*************************************************
2139 * Scan compiled regex for recursion reference *
2140 *************************************************/
2141
2142 /* This little function scans through a compiled pattern until it finds an
2143 instance of OP_RECURSE.
2144
2145 Arguments:
2146 code points to start of expression
2147 utf TRUE in UTF-8 / UTF-16 mode
2148
2149 Returns: pointer to the opcode for OP_RECURSE, or NULL if not found
2150 */
2151
2152 static const pcre_uchar *
2153 find_recurse(const pcre_uchar *code, BOOL utf)
2154 {
2155 for (;;)
2156 {
2157 register int c = *code;
2158 if (c == OP_END) return NULL;
2159 if (c == OP_RECURSE) return code;
2160
2161 /* XCLASS is used for classes that cannot be represented just by a bit
2162 map. This includes negated single high-valued characters. The length in
2163 the table is zero; the actual length is stored in the compiled code. */
2164
2165 if (c == OP_XCLASS) code += GET(code, 1);
2166
2167 /* Otherwise, we can get the item's length from the table, except that for
2168 repeated character types, we have to test for \p and \P, which have an extra
2169 two bytes of parameters, and for MARK/PRUNE/SKIP/THEN with an argument, we
2170 must add in its length. */
2171
2172 else
2173 {
2174 switch(c)
2175 {
2176 case OP_TYPESTAR:
2177 case OP_TYPEMINSTAR:
2178 case OP_TYPEPLUS:
2179 case OP_TYPEMINPLUS:
2180 case OP_TYPEQUERY:
2181 case OP_TYPEMINQUERY:
2182 case OP_TYPEPOSSTAR:
2183 case OP_TYPEPOSPLUS:
2184 case OP_TYPEPOSQUERY:
2185 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2186 break;
2187
2188 case OP_TYPEPOSUPTO:
2189 case OP_TYPEUPTO:
2190 case OP_TYPEMINUPTO:
2191 case OP_TYPEEXACT:
2192 if (code[1 + IMM2_SIZE] == OP_PROP
2193 || code[1 + IMM2_SIZE] == OP_NOTPROP) code += 2;
2194 break;
2195
2196 case OP_MARK:
2197 case OP_PRUNE_ARG:
2198 case OP_SKIP_ARG:
2199 code += code[1];
2200 break;
2201
2202 case OP_THEN_ARG:
2203 code += code[1];
2204 break;
2205 }
2206
2207 /* Add in the fixed length from the table */
2208
2209 code += PRIV(OP_lengths)[c];
2210
2211 /* In UTF-8 mode, opcodes that are followed by a character may be followed
2212 by a multi-byte character. The length in the table is a minimum, so we have
2213 to arrange to skip the extra bytes. */
2214
2215 #ifdef SUPPORT_UTF
2216 if (utf) switch(c)
2217 {
2218 case OP_CHAR:
2219 case OP_CHARI:
2220 case OP_EXACT:
2221 case OP_EXACTI:
2222 case OP_UPTO:
2223 case OP_UPTOI:
2224 case OP_MINUPTO:
2225 case OP_MINUPTOI:
2226 case OP_POSUPTO:
2227 case OP_POSUPTOI:
2228 case OP_STAR:
2229 case OP_STARI:
2230 case OP_MINSTAR:
2231 case OP_MINSTARI:
2232 case OP_POSSTAR:
2233 case OP_POSSTARI:
2234 case OP_PLUS:
2235 case OP_PLUSI:
2236 case OP_MINPLUS:
2237 case OP_MINPLUSI:
2238 case OP_POSPLUS:
2239 case OP_POSPLUSI:
2240 case OP_QUERY:
2241 case OP_QUERYI:
2242 case OP_MINQUERY:
2243 case OP_MINQUERYI:
2244 case OP_POSQUERY:
2245 case OP_POSQUERYI:
2246 if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);
2247 break;
2248 }
2249 #else
2250 (void)(utf); /* Keep compiler happy by referencing function argument */
2251 #endif
2252 }
2253 }
2254 }
2255
2256
2257
2258 /*************************************************
2259 * Scan compiled branch for non-emptiness *
2260 *************************************************/
2261
2262 /* This function scans through a branch of a compiled pattern to see whether it
2263 can match the empty string or not. It is called from could_be_empty()
2264 below and from compile_branch() when checking for an unlimited repeat of a
2265 group that can match nothing. Note that first_significant_code() skips over
2266 backward and negative forward assertions when its final argument is TRUE. If we
2267 hit an unclosed bracket, we return "empty" - this means we've struck an inner
2268 bracket whose current branch will already have been scanned.
2269
2270 Arguments:
2271 code points to start of search
2272 endcode points to where to stop
2273 utf TRUE if in UTF-8 / UTF-16 mode
2274 cd contains pointers to tables etc.
2275
2276 Returns: TRUE if what is matched could be empty
2277 */
2278
2279 static BOOL
2280 could_be_empty_branch(const pcre_uchar *code, const pcre_uchar *endcode,
2281 BOOL utf, compile_data *cd)
2282 {
2283 register int c;
2284 for (code = first_significant_code(code + PRIV(OP_lengths)[*code], TRUE);
2285 code < endcode;
2286 code = first_significant_code(code + PRIV(OP_lengths)[c], TRUE))
2287 {
2288 const pcre_uchar *ccode;
2289
2290 c = *code;
2291
2292 /* Skip over forward assertions; the other assertions are skipped by
2293 first_significant_code() with a TRUE final argument. */
2294
2295 if (c == OP_ASSERT)
2296 {
2297 do code += GET(code, 1); while (*code == OP_ALT);
2298 c = *code;
2299 continue;
2300 }
2301
2302 /* For a recursion/subroutine call, if its end has been reached, which
2303 implies a backward reference subroutine call, we can scan it. If it's a
2304 forward reference subroutine call, we can't. To detect forward reference
2305 we have to scan up the list that is kept in the workspace. This function is
2306 called only when doing the real compile, not during the pre-compile that
2307 measures the size of the compiled pattern. */
2308
2309 if (c == OP_RECURSE)
2310 {
2311 const pcre_uchar *scode;
2312 BOOL empty_branch;
2313
2314 /* Test for forward reference */
2315
2316 for (scode = cd->start_workspace; scode < cd->hwm; scode += LINK_SIZE)
2317 if (GET(scode, 0) == code + 1 - cd->start_code) return TRUE;
2318
2319 /* Not a forward reference, test for completed backward reference */
2320
2321 empty_branch = FALSE;
2322 scode = cd->start_code + GET(code, 1);
2323 if (GET(scode, 1) == 0) return TRUE; /* Unclosed */
2324
2325 /* Completed backwards reference */
2326
2327 do
2328 {
2329 if (could_be_empty_branch(scode, endcode, utf, cd))
2330 {
2331 empty_branch = TRUE;
2332 break;
2333 }
2334 scode += GET(scode, 1);
2335 }
2336 while (*scode == OP_ALT);
2337
2338 if (!empty_branch) return FALSE; /* All branches are non-empty */
2339 continue;
2340 }
2341
2342 /* Groups with zero repeats can of course be empty; skip them. */
2343
2344 if (c == OP_BRAZERO || c == OP_BRAMINZERO || c == OP_SKIPZERO ||
2345 c == OP_BRAPOSZERO)
2346 {
2347 code += PRIV(OP_lengths)[c];
2348 do code += GET(code, 1); while (*code == OP_ALT);
2349 c = *code;
2350 continue;
2351 }
2352
2353 /* A nested group that is already marked as "could be empty" can just be
2354 skipped. */
2355
2356 if (c == OP_SBRA || c == OP_SBRAPOS ||
2357 c == OP_SCBRA || c == OP_SCBRAPOS)
2358 {
2359 do code += GET(code, 1); while (*code == OP_ALT);
2360 c = *code;
2361 continue;
2362 }
2363
2364 /* For other groups, scan the branches. */
2365
2366 if (c == OP_BRA || c == OP_BRAPOS ||
2367 c == OP_CBRA || c == OP_CBRAPOS ||
2368 c == OP_ONCE || c == OP_ONCE_NC ||
2369 c == OP_COND)
2370 {
2371 BOOL empty_branch;
2372 if (GET(code, 1) == 0) return TRUE; /* Hit unclosed bracket */
2373
2374 /* If a conditional group has only one branch, there is a second, implied,
2375 empty branch, so just skip over the conditional, because it could be empty.
2376 Otherwise, scan the individual branches of the group. */
2377
2378 if (c == OP_COND && code[GET(code, 1)] != OP_ALT)
2379 code += GET(code, 1);
2380 else
2381 {
2382 empty_branch = FALSE;
2383 do
2384 {
2385 if (!empty_branch && could_be_empty_branch(code, endcode, utf, cd))
2386 empty_branch = TRUE;
2387 code += GET(code, 1);
2388 }
2389 while (*code == OP_ALT);
2390 if (!empty_branch) return FALSE; /* All branches are non-empty */
2391 }
2392
2393 c = *code;
2394 continue;
2395 }
2396
2397 /* Handle the other opcodes */
2398
2399 switch (c)
2400 {
2401 /* Check for quantifiers after a class. XCLASS is used for classes that
2402 cannot be represented just by a bit map. This includes negated single
2403 high-valued characters. The length in PRIV(OP_lengths)[] is zero; the
2404 actual length is stored in the compiled code, so we must update "code"
2405 here. */
2406
2407 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
2408 case OP_XCLASS:
2409 ccode = code += GET(code, 1);
2410 goto CHECK_CLASS_REPEAT;
2411 #endif
2412
2413 case OP_CLASS:
2414 case OP_NCLASS:
2415 ccode = code + PRIV(OP_lengths)[OP_CLASS];
2416
2417 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
2418 CHECK_CLASS_REPEAT:
2419 #endif
2420
2421 switch (*ccode)
2422 {
2423 case OP_CRSTAR: /* These could be empty; continue */
2424 case OP_CRMINSTAR:
2425 case OP_CRQUERY:
2426 case OP_CRMINQUERY:
2427 break;
2428
2429 default: /* Non-repeat => class must match */
2430 case OP_CRPLUS: /* These repeats aren't empty */
2431 case OP_CRMINPLUS:
2432 return FALSE;
2433
2434 case OP_CRRANGE:
2435 case OP_CRMINRANGE:
2436 if (GET2(ccode, 1) > 0) return FALSE; /* Minimum > 0 */
2437 break;
2438 }
2439 break;
2440
2441 /* Opcodes that must match a character */
2442
2443 case OP_PROP:
2444 case OP_NOTPROP:
2445 case OP_EXTUNI:
2446 case OP_NOT_DIGIT:
2447 case OP_DIGIT:
2448 case OP_NOT_WHITESPACE:
2449 case OP_WHITESPACE:
2450 case OP_NOT_WORDCHAR:
2451 case OP_WORDCHAR:
2452 case OP_ANY:
2453 case OP_ALLANY:
2454 case OP_ANYBYTE:
2455 case OP_CHAR:
2456 case OP_CHARI:
2457 case OP_NOT:
2458 case OP_NOTI:
2459 case OP_PLUS:
2460 case OP_MINPLUS:
2461 case OP_POSPLUS:
2462 case OP_EXACT:
2463 case OP_NOTPLUS:
2464 case OP_NOTMINPLUS:
2465 case OP_NOTPOSPLUS:
2466 case OP_NOTEXACT:
2467 case OP_TYPEPLUS:
2468 case OP_TYPEMINPLUS:
2469 case OP_TYPEPOSPLUS:
2470 case OP_TYPEEXACT:
2471 return FALSE;
2472
2473 /* These are going to continue, as they may be empty, but we have to
2474 fudge the length for the \p and \P cases. */
2475
2476 case OP_TYPESTAR:
2477 case OP_TYPEMINSTAR:
2478 case OP_TYPEPOSSTAR:
2479 case OP_TYPEQUERY:
2480 case OP_TYPEMINQUERY:
2481 case OP_TYPEPOSQUERY:
2482 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2483 break;
2484
2485 /* Same for these */
2486
2487 case OP_TYPEUPTO:
2488 case OP_TYPEMINUPTO:
2489 case OP_TYPEPOSUPTO:
2490 if (code[1 + IMM2_SIZE] == OP_PROP
2491 || code[1 + IMM2_SIZE] == OP_NOTPROP) code += 2;
2492 break;
2493
2494 /* End of branch */
2495
2496 case OP_KET:
2497 case OP_KETRMAX:
2498 case OP_KETRMIN:
2499 case OP_KETRPOS:
2500 case OP_ALT:
2501 return TRUE;
2502
2503 /* In UTF-8 mode, STAR, MINSTAR, POSSTAR, QUERY, MINQUERY, POSQUERY, UPTO,
2504 MINUPTO, and POSUPTO may be followed by a multibyte character */
2505
2506 #ifdef SUPPORT_UTF
2507 case OP_STAR:
2508 case OP_STARI:
2509 case OP_MINSTAR:
2510 case OP_MINSTARI:
2511 case OP_POSSTAR:
2512 case OP_POSSTARI:
2513 case OP_QUERY:
2514 case OP_QUERYI:
2515 case OP_MINQUERY:
2516 case OP_MINQUERYI:
2517 case OP_POSQUERY:
2518 case OP_POSQUERYI:
2519 if (utf && HAS_EXTRALEN(code[1])) code += GET_EXTRALEN(code[1]);
2520 break;
2521
2522 case OP_UPTO:
2523 case OP_UPTOI:
2524 case OP_MINUPTO:
2525 case OP_MINUPTOI:
2526 case OP_POSUPTO:
2527 case OP_POSUPTOI:
2528 if (utf && HAS_EXTRALEN(code[1 + IMM2_SIZE])) code += GET_EXTRALEN(code[1 + IMM2_SIZE]);
2529 break;
2530 #endif
2531
2532 /* MARK, and PRUNE/SKIP/THEN with an argument must skip over the argument
2533 string. */
2534
2535 case OP_MARK:
2536 case OP_PRUNE_ARG:
2537 case OP_SKIP_ARG:
2538 code += code[1];
2539 break;
2540
2541 case OP_THEN_ARG:
2542 code += code[1];
2543 break;
2544
2545 /* None of the remaining opcodes are required to match a character. */
2546
2547 default:
2548 break;
2549 }
2550 }
2551
2552 return TRUE;
2553 }
2554
2555
2556
2557 /*************************************************
2558 * Scan compiled regex for non-emptiness *
2559 *************************************************/
2560
2561 /* This function is called to check for left recursive calls. We want to check
2562 the current branch of the current pattern to see if it could match the empty
2563 string. If it could, we must look outwards for branches at other levels,
2564 stopping when we pass beyond the bracket which is the subject of the recursion.
2565 This function is called only during the real compile, not during the
2566 pre-compile.
2567
2568 Arguments:
2569 code points to start of the recursion
2570 endcode points to where to stop (current RECURSE item)
2571 bcptr points to the chain of current (unclosed) branch starts
2572 utf TRUE if in UTF-8 / UTF-16 mode
2573 cd pointers to tables etc
2574
2575 Returns: TRUE if what is matched could be empty
2576 */
2577
2578 static BOOL
2579 could_be_empty(const pcre_uchar *code, const pcre_uchar *endcode,
2580 branch_chain *bcptr, BOOL utf, compile_data *cd)
2581 {
2582 while (bcptr != NULL && bcptr->current_branch >= code)
2583 {
2584 if (!could_be_empty_branch(bcptr->current_branch, endcode, utf, cd))
2585 return FALSE;
2586 bcptr = bcptr->outer;
2587 }
2588 return TRUE;
2589 }
2590
2591
2592
2593 /*************************************************
2594 * Check for POSIX class syntax *
2595 *************************************************/
2596
2597 /* This function is called when the sequence "[:" or "[." or "[=" is
2598 encountered in a character class. It checks whether this is followed by a
2599 sequence of characters terminated by a matching ":]" or ".]" or "=]". If we
2600 reach an unescaped ']' without the special preceding character, return FALSE.
2601
2602 Originally, this function only recognized a sequence of letters between the
2603 terminators, but it seems that Perl recognizes any sequence of characters,
2604 though of course unknown POSIX names are subsequently rejected. Perl gives an
2605 "Unknown POSIX class" error for [:f\oo:] for example, where previously PCRE
2606 didn't consider this to be a POSIX class. Likewise for [:1234:].
2607
2608 The problem in trying to be exactly like Perl is in the handling of escapes. We
2609 have to be sure that [abc[:x\]pqr] is *not* treated as containing a POSIX
2610 class, but [abc[:x\]pqr:]] is (so that an error can be generated). The code
2611 below handles the special case of \], but does not try to do any other escape
2612 processing. This makes it different from Perl for cases such as [:l\ower:]
2613 where Perl recognizes it as the POSIX class "lower" but PCRE does not recognize
2614 "l\ower". This is a lesser evil that not diagnosing bad classes when Perl does,
2615 I think.
2616
2617 A user pointed out that PCRE was rejecting [:a[:digit:]] whereas Perl was not.
2618 It seems that the appearance of a nested POSIX class supersedes an apparent
2619 external class. For example, [:a[:digit:]b:] matches "a", "b", ":", or
2620 a digit.
2621
2622 In Perl, unescaped square brackets may also appear as part of class names. For
2623 example, [:a[:abc]b:] gives unknown POSIX class "[:abc]b:]". However, for
2624 [:a[:abc]b][b:] it gives unknown POSIX class "[:abc]b][b:]", which does not
2625 seem right at all. PCRE does not allow closing square brackets in POSIX class
2626 names.
2627
2628 Arguments:
2629 ptr pointer to the initial [
2630 endptr where to return the end pointer
2631
2632 Returns: TRUE or FALSE
2633 */
2634
2635 static BOOL
2636 check_posix_syntax(const pcre_uchar *ptr, const pcre_uchar **endptr)
2637 {
2638 int terminator; /* Don't combine these lines; the Solaris cc */
2639 terminator = *(++ptr); /* compiler warns about "non-constant" initializer. */
2640 for (++ptr; *ptr != 0; ptr++)
2641 {
2642 if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
2643 ptr++;
2644 else if (*ptr == CHAR_RIGHT_SQUARE_BRACKET) return FALSE;
2645 else
2646 {
2647 if (*ptr == terminator && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
2648 {
2649 *endptr = ptr;
2650 return TRUE;
2651 }
2652 if (*ptr == CHAR_LEFT_SQUARE_BRACKET &&
2653 (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
2654 ptr[1] == CHAR_EQUALS_SIGN) &&
2655 check_posix_syntax(ptr, endptr))
2656 return FALSE;
2657 }
2658 }
2659 return FALSE;
2660 }
2661
2662
2663
2664
2665 /*************************************************
2666 * Check POSIX class name *
2667 *************************************************/
2668
2669 /* This function is called to check the name given in a POSIX-style class entry
2670 such as [:alnum:].
2671
2672 Arguments:
2673 ptr points to the first letter
2674 len the length of the name
2675
2676 Returns: a value representing the name, or -1 if unknown
2677 */
2678
2679 static int
2680 check_posix_name(const pcre_uchar *ptr, int len)
2681 {
2682 const char *pn = posix_names;
2683 register int yield = 0;
2684 while (posix_name_lengths[yield] != 0)
2685 {
2686 if (len == posix_name_lengths[yield] &&
2687 STRNCMP_UC_C8(ptr, pn, len) == 0) return yield;
2688 pn += posix_name_lengths[yield] + 1;
2689 yield++;
2690 }
2691 return -1;
2692 }
2693
2694
2695 /*************************************************
2696 * Adjust OP_RECURSE items in repeated group *
2697 *************************************************/
2698
2699 /* OP_RECURSE items contain an offset from the start of the regex to the group
2700 that is referenced. This means that groups can be replicated for fixed
2701 repetition simply by copying (because the recursion is allowed to refer to
2702 earlier groups that are outside the current group). However, when a group is
2703 optional (i.e. the minimum quantifier is zero), OP_BRAZERO or OP_SKIPZERO is
2704 inserted before it, after it has been compiled. This means that any OP_RECURSE
2705 items within it that refer to the group itself or any contained groups have to
2706 have their offsets adjusted. That one of the jobs of this function. Before it
2707 is called, the partially compiled regex must be temporarily terminated with
2708 OP_END.
2709
2710 This function has been extended with the possibility of forward references for
2711 recursions and subroutine calls. It must also check the list of such references
2712 for the group we are dealing with. If it finds that one of the recursions in
2713 the current group is on this list, it adjusts the offset in the list, not the
2714 value in the reference (which is a group number).
2715
2716 Arguments:
2717 group points to the start of the group
2718 adjust the amount by which the group is to be moved
2719 utf TRUE in UTF-8 / UTF-16 mode
2720 cd contains pointers to tables etc.
2721 save_hwm the hwm forward reference pointer at the start of the group
2722
2723 Returns: nothing
2724 */
2725
2726 static void
2727 adjust_recurse(pcre_uchar *group, int adjust, BOOL utf, compile_data *cd,
2728 pcre_uchar *save_hwm)
2729 {
2730 pcre_uchar *ptr = group;
2731
2732 while ((ptr = (pcre_uchar *)find_recurse(ptr, utf)) != NULL)
2733 {
2734 int offset;
2735 pcre_uchar *hc;
2736
2737 /* See if this recursion is on the forward reference list. If so, adjust the
2738 reference. */
2739
2740 for (hc = save_hwm; hc < cd->hwm; hc += LINK_SIZE)
2741 {
2742 offset = GET(hc, 0);
2743 if (cd->start_code + offset == ptr + 1)
2744 {
2745 PUT(hc, 0, offset + adjust);
2746 break;
2747 }
2748 }
2749
2750 /* Otherwise, adjust the recursion offset if it's after the start of this
2751 group. */
2752
2753 if (hc >= cd->hwm)
2754 {
2755 offset = GET(ptr, 1);
2756 if (cd->start_code + offset >= group) PUT(ptr, 1, offset + adjust);
2757 }
2758
2759 ptr += 1 + LINK_SIZE;
2760 }
2761 }
2762
2763
2764
2765 /*************************************************
2766 * Insert an automatic callout point *
2767 *************************************************/
2768
2769 /* This function is called when the PCRE_AUTO_CALLOUT option is set, to insert
2770 callout points before each pattern item.
2771
2772 Arguments:
2773 code current code pointer
2774 ptr current pattern pointer
2775 cd pointers to tables etc
2776
2777 Returns: new code pointer
2778 */
2779
2780 static pcre_uchar *
2781 auto_callout(pcre_uchar *code, const pcre_uchar *ptr, compile_data *cd)
2782 {
2783 *code++ = OP_CALLOUT;
2784 *code++ = 255;
2785 PUT(code, 0, (int)(ptr - cd->start_pattern)); /* Pattern offset */
2786 PUT(code, LINK_SIZE, 0); /* Default length */
2787 return code + 2 * LINK_SIZE;
2788 }
2789
2790
2791
2792 /*************************************************
2793 * Complete a callout item *
2794 *************************************************/
2795
2796 /* A callout item contains the length of the next item in the pattern, which
2797 we can't fill in till after we have reached the relevant point. This is used
2798 for both automatic and manual callouts.
2799
2800 Arguments:
2801 previous_callout points to previous callout item
2802 ptr current pattern pointer
2803 cd pointers to tables etc
2804
2805 Returns: nothing
2806 */
2807
2808 static void
2809 complete_callout(pcre_uchar *previous_callout, const pcre_uchar *ptr, compile_data *cd)
2810 {
2811 int length = (int)(ptr - cd->start_pattern - GET(previous_callout, 2));
2812 PUT(previous_callout, 2 + LINK_SIZE, length);
2813 }
2814
2815
2816
2817 #ifdef SUPPORT_UCP
2818 /*************************************************
2819 * Get othercase range *
2820 *************************************************/
2821
2822 /* This function is passed the start and end of a class range, in UTF-8 mode
2823 with UCP support. It searches up the characters, looking for internal ranges of
2824 characters in the "other" case. Each call returns the next one, updating the
2825 start address.
2826
2827 Arguments:
2828 cptr points to starting character value; updated
2829 d end value
2830 ocptr where to put start of othercase range
2831 odptr where to put end of othercase range
2832
2833 Yield: TRUE when range returned; FALSE when no more
2834 */
2835
2836 static BOOL
2837 get_othercase_range(unsigned int *cptr, unsigned int d, unsigned int *ocptr,
2838 unsigned int *odptr)
2839 {
2840 unsigned int c, othercase, next;
2841
2842 for (c = *cptr; c <= d; c++)
2843 { if ((othercase = UCD_OTHERCASE(c)) != c) break; }
2844
2845 if (c > d) return FALSE;
2846
2847 *ocptr = othercase;
2848 next = othercase + 1;
2849
2850 for (++c; c <= d; c++)
2851 {
2852 if (UCD_OTHERCASE(c) != next) break;
2853 next++;
2854 }
2855
2856 *odptr = next - 1;
2857 *cptr = c;
2858
2859 return TRUE;
2860 }
2861
2862
2863
2864 /*************************************************
2865 * Check a character and a property *
2866 *************************************************/
2867
2868 /* This function is called by check_auto_possessive() when a property item
2869 is adjacent to a fixed character.
2870
2871 Arguments:
2872 c the character
2873 ptype the property type
2874 pdata the data for the type
2875 negated TRUE if it's a negated property (\P or \p{^)
2876
2877 Returns: TRUE if auto-possessifying is OK
2878 */
2879
2880 static BOOL
2881 check_char_prop(int c, int ptype, int pdata, BOOL negated)
2882 {
2883 const ucd_record *prop = GET_UCD(c);
2884 switch(ptype)
2885 {
2886 case PT_LAMP:
2887 return (prop->chartype == ucp_Lu ||
2888 prop->chartype == ucp_Ll ||
2889 prop->chartype == ucp_Lt) == negated;
2890
2891 case PT_GC:
2892 return (pdata == PRIV(ucp_gentype)[prop->chartype]) == negated;
2893
2894 case PT_PC:
2895 return (pdata == prop->chartype) == negated;
2896
2897 case PT_SC:
2898 return (pdata == prop->script) == negated;
2899
2900 /* These are specials */
2901
2902 case PT_ALNUM:
2903 return (PRIV(ucp_gentype)[prop->chartype] == ucp_L ||
2904 PRIV(ucp_gentype)[prop->chartype] == ucp_N) == negated;
2905
2906 case PT_SPACE: /* Perl space */
2907 return (PRIV(ucp_gentype)[prop->chartype] == ucp_Z ||
2908 c == CHAR_HT || c == CHAR_NL || c == CHAR_FF || c == CHAR_CR)
2909 == negated;
2910
2911 case PT_PXSPACE: /* POSIX space */
2912 return (PRIV(ucp_gentype)[prop->chartype] == ucp_Z ||
2913 c == CHAR_HT || c == CHAR_NL || c == CHAR_VT ||
2914 c == CHAR_FF || c == CHAR_CR)
2915 == negated;
2916
2917 case PT_WORD:
2918 return (PRIV(ucp_gentype)[prop->chartype] == ucp_L ||
2919 PRIV(ucp_gentype)[prop->chartype] == ucp_N ||
2920 c == CHAR_UNDERSCORE) == negated;
2921 }
2922 return FALSE;
2923 }
2924 #endif /* SUPPORT_UCP */
2925
2926
2927
2928 /*************************************************
2929 * Check if auto-possessifying is possible *
2930 *************************************************/
2931
2932 /* This function is called for unlimited repeats of certain items, to see
2933 whether the next thing could possibly match the repeated item. If not, it makes
2934 sense to automatically possessify the repeated item.
2935
2936 Arguments:
2937 previous pointer to the repeated opcode
2938 utf TRUE in UTF-8 / UTF-16 mode
2939 ptr next character in pattern
2940 options options bits
2941 cd contains pointers to tables etc.
2942
2943 Returns: TRUE if possessifying is wanted
2944 */
2945
2946 static BOOL
2947 check_auto_possessive(const pcre_uchar *previous, BOOL utf,
2948 const pcre_uchar *ptr, int options, compile_data *cd)
2949 {
2950 pcre_int32 c, next;
2951 int op_code = *previous++;
2952
2953 /* Skip whitespace and comments in extended mode */
2954
2955 if ((options & PCRE_EXTENDED) != 0)
2956 {
2957 for (;;)
2958 {
2959 while ((cd->ctypes[*ptr] & ctype_space) != 0) ptr++;
2960 if (*ptr == CHAR_NUMBER_SIGN)
2961 {
2962 ptr++;
2963 while (*ptr != 0)
2964 {
2965 if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }
2966 ptr++;
2967 #ifdef SUPPORT_UTF
2968 if (utf) FORWARDCHAR(ptr);
2969 #endif
2970 }
2971 }
2972 else break;
2973 }
2974 }
2975
2976 /* If the next item is one that we can handle, get its value. A non-negative
2977 value is a character, a negative value is an escape value. */
2978
2979 if (*ptr == CHAR_BACKSLASH)
2980 {
2981 int temperrorcode = 0;
2982 next = check_escape(&ptr, &temperrorcode, cd->bracount, options, FALSE);
2983 if (temperrorcode != 0) return FALSE;
2984 ptr++; /* Point after the escape sequence */
2985 }
2986 else if (!MAX_255(*ptr) || (cd->ctypes[*ptr] & ctype_meta) == 0)
2987 {
2988 #ifdef SUPPORT_UTF
2989 if (utf) { GETCHARINC(next, ptr); } else
2990 #endif
2991 next = *ptr++;
2992 }
2993 else return FALSE;
2994
2995 /* Skip whitespace and comments in extended mode */
2996
2997 if ((options & PCRE_EXTENDED) != 0)
2998 {
2999 for (;;)
3000 {
3001 while ((cd->ctypes[*ptr] & ctype_space) != 0) ptr++;
3002 if (*ptr == CHAR_NUMBER_SIGN)
3003 {
3004 ptr++;
3005 while (*ptr != 0)
3006 {
3007 if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }
3008 ptr++;
3009 #ifdef SUPPORT_UTF
3010 if (utf) FORWARDCHAR(ptr);
3011 #endif
3012 }
3013 }
3014 else break;
3015 }
3016 }
3017
3018 /* If the next thing is itself optional, we have to give up. */
3019
3020 if (*ptr == CHAR_ASTERISK || *ptr == CHAR_QUESTION_MARK ||
3021 STRNCMP_UC_C8(ptr, STR_LEFT_CURLY_BRACKET STR_0 STR_COMMA, 3) == 0)
3022 return FALSE;
3023
3024 /* Now compare the next item with the previous opcode. First, handle cases when
3025 the next item is a character. */
3026
3027 if (next >= 0) switch(op_code)
3028 {
3029 case OP_CHAR:
3030 #ifdef SUPPORT_UTF
3031 GETCHARTEST(c, previous);
3032 #else
3033 c = *previous;
3034 #endif
3035 return c != next;
3036
3037 /* For CHARI (caseless character) we must check the other case. If we have
3038 Unicode property support, we can use it to test the other case of
3039 high-valued characters. */
3040
3041 case OP_CHARI:
3042 #ifdef SUPPORT_UTF
3043 GETCHARTEST(c, previous);
3044 #else
3045 c = *previous;
3046 #endif
3047 if (c == next) return FALSE;
3048 #ifdef SUPPORT_UTF
3049 if (utf)
3050 {
3051 unsigned int othercase;
3052 if (next < 128) othercase = cd->fcc[next]; else
3053 #ifdef SUPPORT_UCP
3054 othercase = UCD_OTHERCASE((unsigned int)next);
3055 #else
3056 othercase = NOTACHAR;
3057 #endif
3058 return (unsigned int)c != othercase;
3059 }
3060 else
3061 #endif /* SUPPORT_UTF */
3062 return (c != cd->fcc[next]); /* Non-UTF-8 mode */
3063
3064 /* For OP_NOT and OP_NOTI, the data is always a single-byte character. These
3065 opcodes are not used for multi-byte characters, because they are coded using
3066 an XCLASS instead. */
3067
3068 case OP_NOT:
3069 return (c = *previous) == next;
3070
3071 case OP_NOTI:
3072 if ((c = *previous) == next) return TRUE;
3073 #ifdef SUPPORT_UTF
3074 if (utf)
3075 {
3076 unsigned int othercase;
3077 if (next < 128) othercase = cd->fcc[next]; else
3078 #ifdef SUPPORT_UCP
3079 othercase = UCD_OTHERCASE(next);
3080 #else
3081 othercase = NOTACHAR;
3082 #endif
3083 return (unsigned int)c == othercase;
3084 }
3085 else
3086 #endif /* SUPPORT_UTF */
3087 return (c == cd->fcc[next]); /* Non-UTF-8 mode */
3088
3089 /* Note that OP_DIGIT etc. are generated only when PCRE_UCP is *not* set.
3090 When it is set, \d etc. are converted into OP_(NOT_)PROP codes. */
3091
3092 case OP_DIGIT:
3093 return next > 127 || (cd->ctypes[next] & ctype_digit) == 0;
3094
3095 case OP_NOT_DIGIT:
3096 return next <= 127 && (cd->ctypes[next] & ctype_digit) != 0;
3097
3098 case OP_WHITESPACE:
3099 return next > 127 || (cd->ctypes[next] & ctype_space) == 0;
3100
3101 case OP_NOT_WHITESPACE:
3102 return next <= 127 && (cd->ctypes[next] & ctype_space) != 0;
3103
3104 case OP_WORDCHAR:
3105 return next > 127 || (cd->ctypes[next] & ctype_word) == 0;
3106
3107 case OP_NOT_WORDCHAR:
3108 return next <= 127 && (cd->ctypes[next] & ctype_word) != 0;
3109
3110 case OP_HSPACE:
3111 case OP_NOT_HSPACE:
3112 switch(next)
3113 {
3114 case 0x09:
3115 case 0x20:
3116 case 0xa0:
3117 case 0x1680:
3118 case 0x180e:
3119 case 0x2000:
3120 case 0x2001:
3121 case 0x2002:
3122 case 0x2003:
3123 case 0x2004:
3124 case 0x2005:
3125 case 0x2006:
3126 case 0x2007:
3127 case 0x2008:
3128 case 0x2009:
3129 case 0x200A:
3130 case 0x202f:
3131 case 0x205f:
3132 case 0x3000:
3133 return op_code == OP_NOT_HSPACE;
3134 default:
3135 return op_code != OP_NOT_HSPACE;
3136 }
3137
3138 case OP_ANYNL:
3139 case OP_VSPACE:
3140 case OP_NOT_VSPACE:
3141 switch(next)
3142 {
3143 case 0x0a:
3144 case 0x0b:
3145 case 0x0c:
3146 case 0x0d:
3147 case 0x85:
3148 case 0x2028:
3149 case 0x2029:
3150 return op_code == OP_NOT_VSPACE;
3151 default:
3152 return op_code != OP_NOT_VSPACE;
3153 }
3154
3155 #ifdef SUPPORT_UCP
3156 case OP_PROP:
3157 return check_char_prop(next, previous[0], previous[1], FALSE);
3158
3159 case OP_NOTPROP:
3160 return check_char_prop(next, previous[0], previous[1], TRUE);
3161 #endif
3162
3163 default:
3164 return FALSE;
3165 }
3166
3167
3168 /* Handle the case when the next item is \d, \s, etc. Note that when PCRE_UCP
3169 is set, \d turns into ESC_du rather than ESC_d, etc., so ESC_d etc. are
3170 generated only when PCRE_UCP is *not* set, that is, when only ASCII
3171 characteristics are recognized. Similarly, the opcodes OP_DIGIT etc. are
3172 replaced by OP_PROP codes when PCRE_UCP is set. */
3173
3174 switch(op_code)
3175 {
3176 case OP_CHAR:
3177 case OP_CHARI:
3178 #ifdef SUPPORT_UTF
3179 GETCHARTEST(c, previous);
3180 #else
3181 c = *previous;
3182 #endif
3183 switch(-next)
3184 {
3185 case ESC_d:
3186 return c > 127 || (cd->ctypes[c] & ctype_digit) == 0;
3187
3188 case ESC_D:
3189 return c <= 127 && (cd->ctypes[c] & ctype_digit) != 0;
3190
3191 case ESC_s:
3192 return c > 127 || (cd->ctypes[c] & ctype_space) == 0;
3193
3194 case ESC_S:
3195 return c <= 127 && (cd->ctypes[c] & ctype_space) != 0;
3196
3197 case ESC_w:
3198 return c > 127 || (cd->ctypes[c] & ctype_word) == 0;
3199
3200 case ESC_W:
3201 return c <= 127 && (cd->ctypes[c] & ctype_word) != 0;
3202
3203 case ESC_h:
3204 case ESC_H:
3205 switch(c)
3206 {
3207 case 0x09:
3208 case 0x20:
3209 case 0xa0:
3210 case 0x1680:
3211 case 0x180e:
3212 case 0x2000:
3213 case 0x2001:
3214 case 0x2002:
3215 case 0x2003:
3216 case 0x2004:
3217 case 0x2005:
3218 case 0x2006:
3219 case 0x2007:
3220 case 0x2008:
3221 case 0x2009:
3222 case 0x200A:
3223 case 0x202f:
3224 case 0x205f:
3225 case 0x3000:
3226 return -next != ESC_h;
3227 default:
3228 return -next == ESC_h;
3229 }
3230
3231 case ESC_v:
3232 case ESC_V:
3233 switch(c)
3234 {
3235 case 0x0a:
3236 case 0x0b:
3237 case 0x0c:
3238 case 0x0d:
3239 case 0x85:
3240 case 0x2028:
3241 case 0x2029:
3242 return -next != ESC_v;
3243 default:
3244 return -next == ESC_v;
3245 }
3246
3247 /* When PCRE_UCP is set, these values get generated for \d etc. Find
3248 their substitutions and process them. The result will always be either
3249 -ESC_p or -ESC_P. Then fall through to process those values. */
3250
3251 #ifdef SUPPORT_UCP
3252 case ESC_du:
3253 case ESC_DU:
3254 case ESC_wu:
3255 case ESC_WU:
3256 case ESC_su:
3257 case ESC_SU:
3258 {
3259 int temperrorcode = 0;
3260 ptr = substitutes[-next - ESC_DU];
3261 next = check_escape(&ptr, &temperrorcode, 0, options, FALSE);
3262 if (temperrorcode != 0) return FALSE;
3263 ptr++; /* For compatibility */
3264 }
3265 /* Fall through */
3266
3267 case ESC_p:
3268 case ESC_P:
3269 {
3270 int ptype, pdata, errorcodeptr;
3271 BOOL negated;
3272
3273 ptr--; /* Make ptr point at the p or P */
3274 ptype = get_ucp(&ptr, &negated, &pdata, &errorcodeptr);
3275 if (ptype < 0) return FALSE;
3276 ptr++; /* Point past the final curly ket */
3277
3278 /* If the property item is optional, we have to give up. (When generated
3279 from \d etc by PCRE_UCP, this test will have been applied much earlier,
3280 to the original \d etc. At this point, ptr will point to a zero byte. */
3281
3282 if (*ptr == CHAR_ASTERISK || *ptr == CHAR_QUESTION_MARK ||
3283 STRNCMP_UC_C8(ptr, STR_LEFT_CURLY_BRACKET STR_0 STR_COMMA, 3) == 0)
3284 return FALSE;
3285
3286 /* Do the property check. */
3287
3288 return check_char_prop(c, ptype, pdata, (next == -ESC_P) != negated);
3289 }
3290 #endif
3291
3292 default:
3293 return FALSE;
3294 }
3295
3296 /* In principle, support for Unicode properties should be integrated here as
3297 well. It means re-organizing the above code so as to get hold of the property
3298 values before switching on the op-code. However, I wonder how many patterns
3299 combine ASCII \d etc with Unicode properties? (Note that if PCRE_UCP is set,
3300 these op-codes are never generated.) */
3301
3302 case OP_DIGIT:
3303 return next == -ESC_D || next == -ESC_s || next == -ESC_W ||
3304 next == -ESC_h || next == -ESC_v || next == -ESC_R;
3305
3306 case OP_NOT_DIGIT:
3307 return next == -ESC_d;
3308
3309 case OP_WHITESPACE:
3310 return next == -ESC_S || next == -ESC_d || next == -ESC_w || next == -ESC_R;
3311
3312 case OP_NOT_WHITESPACE:
3313 return next == -ESC_s || next == -ESC_h || next == -ESC_v;
3314
3315 case OP_HSPACE:
3316 return next == -ESC_S || next == -ESC_H || next == -ESC_d ||
3317 next == -ESC_w || next == -ESC_v || next == -ESC_R;
3318
3319 case OP_NOT_HSPACE:
3320 return next == -ESC_h;
3321
3322 /* Can't have \S in here because VT matches \S (Perl anomaly) */
3323 case OP_ANYNL:
3324 case OP_VSPACE:
3325 return next == -ESC_V || next == -ESC_d || next == -ESC_w;
3326
3327 case OP_NOT_VSPACE:
3328 return next == -ESC_v || next == -ESC_R;
3329
3330 case OP_WORDCHAR:
3331 return next == -ESC_W || next == -ESC_s || next == -ESC_h ||
3332 next == -ESC_v || next == -ESC_R;
3333
3334 case OP_NOT_WORDCHAR:
3335 return next == -ESC_w || next == -ESC_d;
3336
3337 default:
3338 return FALSE;
3339 }
3340
3341 /* Control does not reach here */
3342 }
3343
3344
3345
3346 /*************************************************
3347 * Compile one branch *
3348 *************************************************/
3349
3350 /* Scan the pattern, compiling it into the a vector. If the options are
3351 changed during the branch, the pointer is used to change the external options
3352 bits. This function is used during the pre-compile phase when we are trying
3353 to find out the amount of memory needed, as well as during the real compile
3354 phase. The value of lengthptr distinguishes the two phases.
3355
3356 Arguments:
3357 optionsptr pointer to the option bits
3358 codeptr points to the pointer to the current code point
3359 ptrptr points to the current pattern pointer
3360 errorcodeptr points to error code variable
3361 firstcharptr set to initial literal character, or < 0 (REQ_UNSET, REQ_NONE)
3362 reqcharptr set to the last literal character required, else < 0
3363 bcptr points to current branch chain
3364 cond_depth conditional nesting depth
3365 cd contains pointers to tables etc.
3366 lengthptr NULL during the real compile phase
3367 points to length accumulator during pre-compile phase
3368
3369 Returns: TRUE on success
3370 FALSE, with *errorcodeptr set non-zero on error
3371 */
3372
3373 static BOOL
3374 compile_branch(int *optionsptr, pcre_uchar **codeptr,
3375 const pcre_uchar **ptrptr, int *errorcodeptr, pcre_int32 *firstcharptr,
3376 pcre_int32 *reqcharptr, branch_chain *bcptr, int cond_depth,
3377 compile_data *cd, int *lengthptr)
3378 {
3379 int repeat_type, op_type;
3380 int repeat_min = 0, repeat_max = 0; /* To please picky compilers */
3381 int bravalue = 0;
3382 int greedy_default, greedy_non_default;
3383 pcre_int32 firstchar, reqchar;
3384 pcre_int32 zeroreqchar, zerofirstchar;
3385 pcre_int32 req_caseopt, reqvary, tempreqvary;
3386 int options = *optionsptr; /* May change dynamically */
3387 int after_manual_callout = 0;
3388 int length_prevgroup = 0;
3389 register int c;
3390 register pcre_uchar *code = *codeptr;
3391 pcre_uchar *last_code = code;
3392 pcre_uchar *orig_code = code;
3393 pcre_uchar *tempcode;
3394 BOOL inescq = FALSE;
3395 BOOL groupsetfirstchar = FALSE;
3396 const pcre_uchar *ptr = *ptrptr;
3397 const pcre_uchar *tempptr;
3398 const pcre_uchar *nestptr = NULL;
3399 pcre_uchar *previous = NULL;
3400 pcre_uchar *previous_callout = NULL;
3401 pcre_uchar *save_hwm = NULL;
3402 pcre_uint8 classbits[32];
3403
3404 /* We can fish out the UTF-8 setting once and for all into a BOOL, but we
3405 must not do this for other options (e.g. PCRE_EXTENDED) because they may change
3406 dynamically as we process the pattern. */
3407
3408 #ifdef SUPPORT_UTF
3409 /* PCRE_UTF16 has the same value as PCRE_UTF8. */
3410 BOOL utf = (options & PCRE_UTF8) != 0;
3411 pcre_uchar utf_chars[6];
3412 #else
3413 BOOL utf = FALSE;
3414 #endif
3415
3416 /* Helper variables for OP_XCLASS opcode (for characters > 255). */
3417
3418 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3419 BOOL xclass;
3420 pcre_uchar *class_uchardata;
3421 pcre_uchar *class_uchardata_base;
3422 #endif
3423
3424 #ifdef PCRE_DEBUG
3425 if (lengthptr != NULL) DPRINTF((">> start branch\n"));
3426 #endif
3427
3428 /* Set up the default and non-default settings for greediness */
3429
3430 greedy_default = ((options & PCRE_UNGREEDY) != 0);
3431 greedy_non_default = greedy_default ^ 1;
3432
3433 /* Initialize no first byte, no required byte. REQ_UNSET means "no char
3434 matching encountered yet". It gets changed to REQ_NONE if we hit something that
3435 matches a non-fixed char first char; reqchar just remains unset if we never
3436 find one.
3437
3438 When we hit a repeat whose minimum is zero, we may have to adjust these values
3439 to take the zero repeat into account. This is implemented by setting them to
3440 zerofirstbyte and zeroreqchar when such a repeat is encountered. The individual
3441 item types that can be repeated set these backoff variables appropriately. */
3442
3443 firstchar = reqchar = zerofirstchar = zeroreqchar = REQ_UNSET;
3444
3445 /* The variable req_caseopt contains either the REQ_CASELESS value
3446 or zero, according to the current setting of the caseless flag. The
3447 REQ_CASELESS leaves the lower 28 bit empty. It is added into the
3448 firstchar or reqchar variables to record the case status of the
3449 value. This is used only for ASCII characters. */
3450
3451 req_caseopt = ((options & PCRE_CASELESS) != 0)? REQ_CASELESS:0;
3452
3453 /* Switch on next character until the end of the branch */
3454
3455 for (;; ptr++)
3456 {
3457 BOOL negate_class;
3458 BOOL should_flip_negation;
3459 BOOL possessive_quantifier;
3460 BOOL is_quantifier;
3461 BOOL is_recurse;
3462 BOOL reset_bracount;
3463 int class_has_8bitchar;
3464 int class_single_char;
3465 int class_lastchar;
3466 int newoptions;
3467 int recno;
3468 int refsign;
3469 int skipbytes;
3470 int subreqchar;
3471 int subfirstchar;
3472 int terminator;
3473 int mclength;
3474 int tempbracount;
3475 pcre_uchar mcbuffer[8];
3476
3477 /* Get next character in the pattern */
3478
3479 c = *ptr;
3480
3481 /* If we are at the end of a nested substitution, revert to the outer level
3482 string. Nesting only happens one level deep. */
3483
3484 if (c == 0 && nestptr != NULL)
3485 {
3486 ptr = nestptr;
3487 nestptr = NULL;
3488 c = *ptr;
3489 }
3490
3491 /* If we are in the pre-compile phase, accumulate the length used for the
3492 previous cycle of this loop. */
3493
3494 if (lengthptr != NULL)
3495 {
3496 #ifdef PCRE_DEBUG
3497 if (code > cd->hwm) cd->hwm = code; /* High water info */
3498 #endif
3499 if (code > cd->start_workspace + cd->workspace_size -
3500 WORK_SIZE_SAFETY_MARGIN) /* Check for overrun */
3501 {
3502 *errorcodeptr = ERR52;
3503 goto FAILED;
3504 }
3505
3506 /* There is at least one situation where code goes backwards: this is the
3507 case of a zero quantifier after a class (e.g. [ab]{0}). At compile time,
3508 the class is simply eliminated. However, it is created first, so we have to
3509 allow memory for it. Therefore, don't ever reduce the length at this point.
3510 */
3511
3512 if (code < last_code) code = last_code;
3513
3514 /* Paranoid check for integer overflow */
3515
3516 if (OFLOW_MAX - *lengthptr < code - last_code)
3517 {
3518 *errorcodeptr = ERR20;
3519 goto FAILED;
3520 }
3521
3522 *lengthptr += (int)(code - last_code);
3523 DPRINTF(("length=%d added %d c=%c (0x%x)\n", *lengthptr,
3524 (int)(code - last_code), c, c));
3525
3526 /* If "previous" is set and it is not at the start of the work space, move
3527 it back to there, in order to avoid filling up the work space. Otherwise,
3528 if "previous" is NULL, reset the current code pointer to the start. */
3529
3530 if (previous != NULL)
3531 {
3532 if (previous > orig_code)
3533 {
3534 memmove(orig_code, previous, IN_UCHARS(code - previous));
3535 code -= previous - orig_code;
3536 previous = orig_code;
3537 }
3538 }
3539 else code = orig_code;
3540
3541 /* Remember where this code item starts so we can pick up the length
3542 next time round. */
3543
3544 last_code = code;
3545 }
3546
3547 /* In the real compile phase, just check the workspace used by the forward
3548 reference list. */
3549
3550 else if (cd->hwm > cd->start_workspace + cd->workspace_size -
3551 WORK_SIZE_SAFETY_MARGIN)
3552 {
3553 *errorcodeptr = ERR52;
3554 goto FAILED;
3555 }
3556
3557 /* If in \Q...\E, check for the end; if not, we have a literal */
3558
3559 if (inescq && c != 0)
3560 {
3561 if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E)
3562 {
3563 inescq = FALSE;
3564 ptr++;
3565 continue;
3566 }
3567 else
3568 {
3569 if (previous_callout != NULL)
3570 {
3571 if (lengthptr == NULL) /* Don't attempt in pre-compile phase */
3572 complete_callout(previous_callout, ptr, cd);
3573 previous_callout = NULL;
3574 }
3575 if ((options & PCRE_AUTO_CALLOUT) != 0)
3576 {
3577 previous_callout = code;
3578 code = auto_callout(code, ptr, cd);
3579 }
3580 goto NORMAL_CHAR;
3581 }
3582 }
3583
3584 /* Fill in length of a previous callout, except when the next thing is
3585 a quantifier. */
3586
3587 is_quantifier =
3588 c == CHAR_ASTERISK || c == CHAR_PLUS || c == CHAR_QUESTION_MARK ||
3589 (c == CHAR_LEFT_CURLY_BRACKET && is_counted_repeat(ptr+1));
3590
3591 if (!is_quantifier && previous_callout != NULL &&
3592 after_manual_callout-- <= 0)
3593 {
3594 if (lengthptr == NULL) /* Don't attempt in pre-compile phase */
3595 complete_callout(previous_callout, ptr, cd);
3596 previous_callout = NULL;
3597 }
3598
3599 /* In extended mode, skip white space and comments. */
3600
3601 if ((options & PCRE_EXTENDED) != 0)
3602 {
3603 if ((cd->ctypes[c] & ctype_space) != 0) continue;
3604 if (c == CHAR_NUMBER_SIGN)
3605 {
3606 ptr++;
3607 while (*ptr != 0)
3608 {
3609 if (IS_NEWLINE(ptr)) { ptr += cd->nllen - 1; break; }
3610 ptr++;
3611 #ifdef SUPPORT_UTF
3612 if (utf) FORWARDCHAR(ptr);
3613 #endif
3614 }
3615 if (*ptr != 0) continue;
3616
3617 /* Else fall through to handle end of string */
3618 c = 0;
3619 }
3620 }
3621
3622 /* No auto callout for quantifiers. */
3623
3624 if ((options & PCRE_AUTO_CALLOUT) != 0 && !is_quantifier)
3625 {
3626 previous_callout = code;
3627 code = auto_callout(code, ptr, cd);
3628 }
3629
3630 switch(c)
3631 {
3632 /* ===================================================================*/
3633 case 0: /* The branch terminates at string end */
3634 case CHAR_VERTICAL_LINE: /* or | or ) */
3635 case CHAR_RIGHT_PARENTHESIS:
3636 *firstcharptr = firstchar;
3637 *reqcharptr = reqchar;
3638 *codeptr = code;
3639 *ptrptr = ptr;
3640 if (lengthptr != NULL)
3641 {
3642 if (OFLOW_MAX - *lengthptr < code - last_code)
3643 {
3644 *errorcodeptr = ERR20;
3645 goto FAILED;
3646 }
3647 *lengthptr += (int)(code - last_code); /* To include callout length */
3648 DPRINTF((">> end branch\n"));
3649 }
3650 return TRUE;
3651
3652
3653 /* ===================================================================*/
3654 /* Handle single-character metacharacters. In multiline mode, ^ disables
3655 the setting of any following char as a first character. */
3656
3657 case CHAR_CIRCUMFLEX_ACCENT:
3658 previous = NULL;
3659 if ((options & PCRE_MULTILINE) != 0)
3660 {
3661 if (firstchar == REQ_UNSET) firstchar = REQ_NONE;
3662 *code++ = OP_CIRCM;
3663 }
3664 else *code++ = OP_CIRC;
3665 break;
3666
3667 case CHAR_DOLLAR_SIGN:
3668 previous = NULL;
3669 *code++ = ((options & PCRE_MULTILINE) != 0)? OP_DOLLM : OP_DOLL;
3670 break;
3671
3672 /* There can never be a first char if '.' is first, whatever happens about
3673 repeats. The value of reqchar doesn't change either. */
3674
3675 case CHAR_DOT:
3676 if (firstchar == REQ_UNSET) firstchar = REQ_NONE;
3677 zerofirstchar = firstchar;
3678 zeroreqchar = reqchar;
3679 previous = code;
3680 *code++ = ((options & PCRE_DOTALL) != 0)? OP_ALLANY: OP_ANY;
3681 break;
3682
3683
3684 /* ===================================================================*/
3685 /* Character classes. If the included characters are all < 256, we build a
3686 32-byte bitmap of the permitted characters, except in the special case
3687 where there is only one such character. For negated classes, we build the
3688 map as usual, then invert it at the end. However, we use a different opcode
3689 so that data characters > 255 can be handled correctly.
3690
3691 If the class contains characters outside the 0-255 range, a different
3692 opcode is compiled. It may optionally have a bit map for characters < 256,
3693 but those above are are explicitly listed afterwards. A flag byte tells
3694 whether the bitmap is present, and whether this is a negated class or not.
3695
3696 In JavaScript compatibility mode, an isolated ']' causes an error. In
3697 default (Perl) mode, it is treated as a data character. */
3698
3699 case CHAR_RIGHT_SQUARE_BRACKET:
3700 if ((cd->external_options & PCRE_JAVASCRIPT_COMPAT) != 0)
3701 {
3702 *errorcodeptr = ERR64;
3703 goto FAILED;
3704 }
3705 goto NORMAL_CHAR;
3706
3707 case CHAR_LEFT_SQUARE_BRACKET:
3708 previous = code;
3709
3710 /* PCRE supports POSIX class stuff inside a class. Perl gives an error if
3711 they are encountered at the top level, so we'll do that too. */
3712
3713 if ((ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
3714 ptr[1] == CHAR_EQUALS_SIGN) &&
3715 check_posix_syntax(ptr, &tempptr))
3716 {
3717 *errorcodeptr = (ptr[1] == CHAR_COLON)? ERR13 : ERR31;
3718 goto FAILED;
3719 }
3720
3721 /* If the first character is '^', set the negation flag and skip it. Also,
3722 if the first few characters (either before or after ^) are \Q\E or \E we
3723 skip them too. This makes for compatibility with Perl. */
3724
3725 negate_class = FALSE;
3726 for (;;)
3727 {
3728 c = *(++ptr);
3729 if (c == CHAR_BACKSLASH)
3730 {
3731 if (ptr[1] == CHAR_E)
3732 ptr++;
3733 else if (STRNCMP_UC_C8(ptr + 1, STR_Q STR_BACKSLASH STR_E, 3) == 0)
3734 ptr += 3;
3735 else
3736 break;
3737 }
3738 else if (!negate_class && c == CHAR_CIRCUMFLEX_ACCENT)
3739 negate_class = TRUE;
3740 else break;
3741 }
3742
3743 /* Empty classes are allowed in JavaScript compatibility mode. Otherwise,
3744 an initial ']' is taken as a data character -- the code below handles
3745 that. In JS mode, [] must always fail, so generate OP_FAIL, whereas
3746 [^] must match any character, so generate OP_ALLANY. */
3747
3748 if (c == CHAR_RIGHT_SQUARE_BRACKET &&
3749 (cd->external_options & PCRE_JAVASCRIPT_COMPAT) != 0)
3750 {
3751 *code++ = negate_class? OP_ALLANY : OP_FAIL;
3752 if (firstchar == REQ_UNSET) firstchar = REQ_NONE;
3753 zerofirstchar = firstchar;
3754 break;
3755 }
3756
3757 /* If a class contains a negative special such as \S, we need to flip the
3758 negation flag at the end, so that support for characters > 255 works
3759 correctly (they are all included in the class). */
3760
3761 should_flip_negation = FALSE;
3762
3763 /* For optimization purposes, we track some properties of the class.
3764 class_has_8bitchar will be non-zero, if the class contains at least one
3765 < 256 character. class_single_char will be 1 if the class contains only
3766 a single character. */
3767
3768 class_has_8bitchar = 0;
3769 class_single_char = 0;
3770 class_lastchar = -1;
3771
3772 /* Initialize the 32-char bit map to all zeros. We build the map in a
3773 temporary bit of memory, in case the class contains only 1 character (less
3774 than 256), because in that case the compiled code doesn't use the bit map.
3775 */
3776
3777 memset(classbits, 0, 32 * sizeof(pcre_uint8));
3778
3779 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3780 xclass = FALSE; /* No chars >= 256 */
3781 class_uchardata = code + LINK_SIZE + 2; /* For UTF-8 items */
3782 class_uchardata_base = class_uchardata; /* For resetting in pass 1 */
3783 #endif
3784
3785 /* Process characters until ] is reached. By writing this as a "do" it
3786 means that an initial ] is taken as a data character. At the start of the
3787 loop, c contains the first byte of the character. */
3788
3789 if (c != 0) do
3790 {
3791 const pcre_uchar *oldptr;
3792
3793 #ifdef SUPPORT_UTF
3794 if (utf && HAS_EXTRALEN(c))
3795 { /* Braces are required because the */
3796 GETCHARLEN(c, ptr, ptr); /* macro generates multiple statements */
3797 }
3798 #endif
3799
3800 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3801 /* In the pre-compile phase, accumulate the length of any extra
3802 data and reset the pointer. This is so that very large classes that
3803 contain a zillion > 255 characters no longer overwrite the work space
3804 (which is on the stack). */
3805
3806 if (lengthptr != NULL)
3807 {
3808 *lengthptr += class_uchardata - class_uchardata_base;
3809 class_uchardata = class_uchardata_base;
3810 }
3811 #endif
3812
3813 /* Inside \Q...\E everything is literal except \E */
3814
3815 if (inescq)
3816 {
3817 if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E) /* If we are at \E */
3818 {
3819 inescq = FALSE; /* Reset literal state */
3820 ptr++; /* Skip the 'E' */
3821 continue; /* Carry on with next */
3822 }
3823 goto CHECK_RANGE; /* Could be range if \E follows */
3824 }
3825
3826 /* Handle POSIX class names. Perl allows a negation extension of the
3827 form [:^name:]. A square bracket that doesn't match the syntax is
3828 treated as a literal. We also recognize the POSIX constructions
3829 [.ch.] and [=ch=] ("collating elements") and fault them, as Perl
3830 5.6 and 5.8 do. */
3831
3832 if (c == CHAR_LEFT_SQUARE_BRACKET &&
3833 (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
3834 ptr[1] == CHAR_EQUALS_SIGN) && check_posix_syntax(ptr, &tempptr))
3835 {
3836 BOOL local_negate = FALSE;
3837 int posix_class, taboffset, tabopt;
3838 register const pcre_uint8 *cbits = cd->cbits;
3839 pcre_uint8 pbits[32];
3840
3841 if (ptr[1] != CHAR_COLON)
3842 {
3843 *errorcodeptr = ERR31;
3844 goto FAILED;
3845 }
3846
3847 ptr += 2;
3848 if (*ptr == CHAR_CIRCUMFLEX_ACCENT)
3849 {
3850 local_negate = TRUE;
3851 should_flip_negation = TRUE; /* Note negative special */
3852 ptr++;
3853 }
3854
3855 posix_class = check_posix_name(ptr, (int)(tempptr - ptr));
3856 if (posix_class < 0)
3857 {
3858 *errorcodeptr = ERR30;
3859 goto FAILED;
3860 }
3861
3862 /* If matching is caseless, upper and lower are converted to
3863 alpha. This relies on the fact that the class table starts with
3864 alpha, lower, upper as the first 3 entries. */
3865
3866 if ((options & PCRE_CASELESS) != 0 && posix_class <= 2)
3867 posix_class = 0;
3868
3869 /* When PCRE_UCP is set, some of the POSIX classes are converted to
3870 different escape sequences that use Unicode properties. */
3871
3872 #ifdef SUPPORT_UCP
3873 if ((options & PCRE_UCP) != 0)
3874 {
3875 int pc = posix_class + ((local_negate)? POSIX_SUBSIZE/2 : 0);
3876 if (posix_substitutes[pc] != NULL)
3877 {
3878 nestptr = tempptr + 1;
3879 ptr = posix_substitutes[pc] - 1;
3880 continue;
3881 }
3882 }
3883 #endif
3884 /* In the non-UCP case, we build the bit map for the POSIX class in a
3885 chunk of local store because we may be adding and subtracting from it,
3886 and we don't want to subtract bits that may be in the main map already.
3887 At the end we or the result into the bit map that is being built. */
3888
3889 posix_class *= 3;
3890
3891 /* Copy in the first table (always present) */
3892
3893 memcpy(pbits, cbits + posix_class_maps[posix_class],
3894 32 * sizeof(pcre_uint8));
3895
3896 /* If there is a second table, add or remove it as required. */
3897
3898 taboffset = posix_class_maps[posix_class + 1];
3899 tabopt = posix_class_maps[posix_class + 2];
3900
3901 if (taboffset >= 0)
3902 {
3903 if (tabopt >= 0)
3904 for (c = 0; c < 32; c++) pbits[c] |= cbits[c + taboffset];
3905 else
3906 for (c = 0; c < 32; c++) pbits[c] &= ~cbits[c + taboffset];
3907 }
3908
3909 /* Not see if we need to remove any special characters. An option
3910 value of 1 removes vertical space and 2 removes underscore. */
3911
3912 if (tabopt < 0) tabopt = -tabopt;
3913 if (tabopt == 1) pbits[1] &= ~0x3c;
3914 else if (tabopt == 2) pbits[11] &= 0x7f;
3915
3916 /* Add the POSIX table or its complement into the main table that is
3917 being built and we are done. */
3918
3919 if (local_negate)
3920 for (c = 0; c < 32; c++) classbits[c] |= ~pbits[c];
3921 else
3922 for (c = 0; c < 32; c++) classbits[c] |= pbits[c];
3923
3924 ptr = tempptr + 1;
3925 /* Every class contains at least one < 256 characters. */
3926 class_has_8bitchar = 1;
3927 /* Every class contains at least two characters. */
3928 class_single_char = 2;
3929 continue; /* End of POSIX syntax handling */
3930 }
3931
3932 /* Backslash may introduce a single character, or it may introduce one
3933 of the specials, which just set a flag. The sequence \b is a special
3934 case. Inside a class (and only there) it is treated as backspace. We
3935 assume that other escapes have more than one character in them, so
3936 speculatively set both class_has_8bitchar and class_single_char bigger
3937 than one. Unrecognized escapes fall through and are either treated
3938 as literal characters (by default), or are faulted if
3939 PCRE_EXTRA is set. */
3940
3941 if (c == CHAR_BACKSLASH)
3942 {
3943 c = check_escape(&ptr, errorcodeptr, cd->bracount, options, TRUE);
3944 if (*errorcodeptr != 0) goto FAILED;
3945
3946 if (-c == ESC_b) c = CHAR_BS; /* \b is backspace in a class */
3947 else if (-c == ESC_N) /* \N is not supported in a class */
3948 {
3949 *errorcodeptr = ERR71;
3950 goto FAILED;
3951 }
3952 else if (-c == ESC_Q) /* Handle start of quoted string */
3953 {
3954 if (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
3955 {
3956 ptr += 2; /* avoid empty string */
3957 }
3958 else inescq = TRUE;
3959 continue;
3960 }
3961 else if (-c == ESC_E) continue; /* Ignore orphan \E */
3962
3963 if (c < 0)
3964 {
3965 register const pcre_uint8 *cbits = cd->cbits;
3966 /* Every class contains at least two < 256 characters. */
3967 class_has_8bitchar++;
3968 /* Every class contains at least two characters. */
3969 class_single_char += 2;
3970
3971 switch (-c)
3972 {
3973 #ifdef SUPPORT_UCP
3974 case ESC_du: /* These are the values given for \d etc */
3975 case ESC_DU: /* when PCRE_UCP is set. We replace the */
3976 case ESC_wu: /* escape sequence with an appropriate \p */
3977 case ESC_WU: /* or \P to test Unicode properties instead */
3978 case ESC_su: /* of the default ASCII testing. */
3979 case ESC_SU:
3980 nestptr = ptr;
3981 ptr = substitutes[-c - ESC_DU] - 1; /* Just before substitute */
3982 class_has_8bitchar--; /* Undo! */
3983 continue;
3984 #endif
3985 case ESC_d:
3986 for (c = 0; c < 32; c++) classbits[c] |= cbits[c+cbit_digit];
3987 continue;
3988
3989 case ESC_D:
3990 should_flip_negation = TRUE;
3991 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_digit];
3992 continue;
3993
3994 case ESC_w:
3995 for (c = 0; c < 32; c++) classbits[c] |= cbits[c+cbit_word];
3996 continue;
3997
3998 case ESC_W:
3999 should_flip_negation = TRUE;
4000 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_word];
4001 continue;
4002
4003 /* Perl 5.004 onwards omits VT from \s, but we must preserve it
4004 if it was previously set by something earlier in the character
4005 class. */
4006
4007 case ESC_s:
4008 classbits[0] |= cbits[cbit_space];
4009 classbits[1] |= cbits[cbit_space+1] & ~0x08;
4010 for (c = 2; c < 32; c++) classbits[c] |= cbits[c+cbit_space];
4011 continue;
4012
4013 case ESC_S:
4014 should_flip_negation = TRUE;
4015 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_space];
4016 classbits[1] |= 0x08; /* Perl 5.004 onwards omits VT from \s */
4017 continue;
4018
4019 case ESC_h:
4020 SETBIT(classbits, 0x09); /* VT */
4021 SETBIT(classbits, 0x20); /* SPACE */
4022 SETBIT(classbits, 0xa0); /* NSBP */
4023 #ifdef SUPPORT_UTF
4024 if (utf)
4025 {
4026 xclass = TRUE;
4027 *class_uchardata++ = XCL_SINGLE;
4028 class_uchardata += PRIV(ord2utf)(0x1680, class_uchardata);
4029 *class_uchardata++ = XCL_SINGLE;
4030 class_uchardata += PRIV(ord2utf)(0x180e, class_uchardata);
4031 *class_uchardata++ = XCL_RANGE;
4032 class_uchardata += PRIV(ord2utf)(0x2000, class_uchardata);
4033 class_uchardata += PRIV(ord2utf)(0x200A, class_uchardata);
4034 *class_uchardata++ = XCL_SINGLE;
4035 class_uchardata += PRIV(ord2utf)(0x202f, class_uchardata);
4036 *class_uchardata++ = XCL_SINGLE;
4037 class_uchardata += PRIV(ord2utf)(0x205f, class_uchardata);
4038 *class_uchardata++ = XCL_SINGLE;
4039 class_uchardata += PRIV(ord2utf)(0x3000, class_uchardata);
4040 }
4041 #endif
4042 continue;
4043
4044 case ESC_H:
4045 for (c = 0; c < 32; c++)
4046 {
4047 int x = 0xff;
4048 switch (c)
4049 {
4050 case 0x09/8: x ^= 1 << (0x09%8); break;
4051 case 0x20/8: x ^= 1 << (0x20%8); break;
4052 case 0xa0/8: x ^= 1 << (0xa0%8); break;
4053 default: break;
4054 }
4055 classbits[c] |= x;
4056 }
4057
4058 #ifdef SUPPORT_UTF
4059 if (utf)
4060 {
4061 xclass = TRUE;
4062 *class_uchardata++ = XCL_RANGE;
4063 class_uchardata += PRIV(ord2utf)(0x0100, class_uchardata);
4064 class_uchardata += PRIV(ord2utf)(0x167f, class_uchardata);
4065 *class_uchardata++ = XCL_RANGE;
4066 class_uchardata += PRIV(ord2utf)(0x1681, class_uchardata);
4067 class_uchardata += PRIV(ord2utf)(0x180d, class_uchardata);
4068 *class_uchardata++ = XCL_RANGE;
4069 class_uchardata += PRIV(ord2utf)(0x180f, class_uchardata);
4070 class_uchardata += PRIV(ord2utf)(0x1fff, class_uchardata);
4071 *class_uchardata++ = XCL_RANGE;
4072 class_uchardata += PRIV(ord2utf)(0x200B, class_uchardata);
4073 class_uchardata += PRIV(ord2utf)(0x202e, class_uchardata);
4074 *class_uchardata++ = XCL_RANGE;
4075 class_uchardata += PRIV(ord2utf)(0x2030, class_uchardata);
4076 class_uchardata += PRIV(ord2utf)(0x205e, class_uchardata);
4077 *class_uchardata++ = XCL_RANGE;
4078 class_uchardata += PRIV(ord2utf)(0x2060, class_uchardata);
4079 class_uchardata += PRIV(ord2utf)(0x2fff, class_uchardata);
4080 *class_uchardata++ = XCL_RANGE;
4081 class_uchardata += PRIV(ord2utf)(0x3001, class_uchardata);
4082 class_uchardata += PRIV(ord2utf)(0x10ffff, class_uchardata);
4083 }
4084 #endif
4085 continue;
4086
4087 case ESC_v:
4088 SETBIT(classbits, 0x0a); /* LF */
4089 SETBIT(classbits, 0x0b); /* VT */
4090 SETBIT(classbits, 0x0c); /* FF */
4091 SETBIT(classbits, 0x0d); /* CR */
4092 SETBIT(classbits, 0x85); /* NEL */
4093 #ifdef SUPPORT_UTF
4094 if (utf)
4095 {
4096 xclass = TRUE;
4097 *class_uchardata++ = XCL_RANGE;
4098 class_uchardata += PRIV(ord2utf)(0x2028, class_uchardata);
4099 class_uchardata += PRIV(ord2utf)(0x2029, class_uchardata);
4100 }
4101 #endif
4102 continue;
4103
4104 case ESC_V:
4105 for (c = 0; c < 32; c++)
4106 {
4107 int x = 0xff;
4108 switch (c)
4109 {
4110 case 0x0a/8: x ^= 1 << (0x0a%8);
4111 x ^= 1 << (0x0b%8);
4112 x ^= 1 << (0x0c%8);
4113 x ^= 1 << (0x0d%8);
4114 break;
4115 case 0x85/8: x ^= 1 << (0x85%8); break;
4116 default: break;
4117 }
4118 classbits[c] |= x;
4119 }
4120
4121 #ifdef SUPPORT_UTF
4122 if (utf)
4123 {
4124 xclass = TRUE;
4125 *class_uchardata++ = XCL_RANGE;
4126 class_uchardata += PRIV(ord2utf)(0x0100, class_uchardata);
4127 class_uchardata += PRIV(ord2utf)(0x2027, class_uchardata);
4128 *class_uchardata++ = XCL_RANGE;
4129 class_uchardata += PRIV(ord2utf)(0x2029, class_uchardata);
4130 class_uchardata += PRIV(ord2utf)(0x10ffff, class_uchardata);
4131 }
4132 #endif
4133 continue;
4134
4135 #ifdef SUPPORT_UCP
4136 case ESC_p:
4137 case ESC_P:
4138 {
4139 BOOL negated;
4140 int pdata;
4141 int ptype = get_ucp(&ptr, &negated, &pdata, errorcodeptr);
4142 if (ptype < 0) goto FAILED;
4143 xclass = TRUE;
4144 *class_uchardata++ = ((-c == ESC_p) != negated)?
4145 XCL_PROP : XCL_NOTPROP;
4146 *class_uchardata++ = ptype;
4147 *class_uchardata++ = pdata;
4148 class_has_8bitchar--; /* Undo! */
4149 continue;
4150 }
4151 #endif
4152 /* Unrecognized escapes are faulted if PCRE is running in its
4153 strict mode. By default, for compatibility with Perl, they are
4154 treated as literals. */
4155
4156 default:
4157 if ((options & PCRE_EXTRA) != 0)
4158 {
4159 *errorcodeptr = ERR7;
4160 goto FAILED;
4161 }
4162 class_has_8bitchar--; /* Undo the speculative increase. */
4163 class_single_char -= 2; /* Undo the speculative increase. */
4164 c = *ptr; /* Get the final character and fall through */
4165 break;
4166 }
4167 }
4168
4169 /* Fall through if we have a single character (c >= 0). This may be
4170 greater than 256. */
4171
4172 } /* End of backslash handling */
4173
4174 /* A single character may be followed by '-' to form a range. However,
4175 Perl does not permit ']' to be the end of the range. A '-' character
4176 at the end is treated as a literal. Perl ignores orphaned \E sequences
4177 entirely. The code for handling \Q and \E is messy. */
4178
4179 CHECK_RANGE:
4180 while (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
4181 {
4182 inescq = FALSE;
4183 ptr += 2;
4184 }
4185
4186 oldptr = ptr;
4187
4188 /* Remember \r or \n */
4189
4190 if (c == CHAR_CR || c == CHAR_NL) cd->external_flags |= PCRE_HASCRORLF;
4191
4192 /* Check for range */
4193
4194 if (!inescq && ptr[1] == CHAR_MINUS)
4195 {
4196 int d;
4197 ptr += 2;
4198 while (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_E) ptr += 2;
4199
4200 /* If we hit \Q (not followed by \E) at this point, go into escaped
4201 mode. */
4202
4203 while (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_Q)
4204 {
4205 ptr += 2;
4206 if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_E)
4207 { ptr += 2; continue; }
4208 inescq = TRUE;
4209 break;
4210 }
4211
4212 if (*ptr == 0 || (!inescq && *ptr == CHAR_RIGHT_SQUARE_BRACKET))
4213 {
4214 ptr = oldptr;
4215 goto LONE_SINGLE_CHARACTER;
4216 }
4217
4218 #ifdef SUPPORT_UTF
4219 if (utf)
4220 { /* Braces are required because the */
4221 GETCHARLEN(d, ptr, ptr); /* macro generates multiple statements */
4222 }
4223 else
4224 #endif
4225 d = *ptr; /* Not UTF-8 mode */
4226
4227 /* The second part of a range can be a single-character escape, but
4228 not any of the other escapes. Perl 5.6 treats a hyphen as a literal
4229 in such circumstances. */
4230
4231 if (!inescq && d == CHAR_BACKSLASH)
4232 {
4233 d = check_escape(&ptr, errorcodeptr, cd->bracount, options, TRUE);
4234 if (*errorcodeptr != 0) goto FAILED;
4235
4236 /* \b is backspace; any other special means the '-' was literal */
4237
4238 if (d < 0)
4239 {
4240 if (d == -ESC_b) d = CHAR_BS; else
4241 {
4242 ptr = oldptr;
4243 goto LONE_SINGLE_CHARACTER; /* A few lines below */
4244 }
4245 }
4246 }
4247
4248 /* Check that the two values are in the correct order. Optimize
4249 one-character ranges */
4250
4251 if (d < c)
4252 {
4253 *errorcodeptr = ERR8;
4254 goto FAILED;
4255 }
4256
4257 if (d == c) goto LONE_SINGLE_CHARACTER; /* A few lines below */
4258
4259 /* Remember \r or \n */
4260
4261 if (d == CHAR_CR || d == CHAR_NL) cd->external_flags |= PCRE_HASCRORLF;
4262
4263 /* Since we found a character range, single character optimizations
4264 cannot be done anymore. */
4265 class_single_char = 2;
4266
4267 /* In UTF-8 mode, if the upper limit is > 255, or > 127 for caseless
4268 matching, we have to use an XCLASS with extra data items. Caseless
4269 matching for characters > 127 is available only if UCP support is
4270 available. */
4271
4272 #if defined SUPPORT_UTF && !(defined COMPILE_PCRE8)
4273 if ((d > 255) || (utf && ((options & PCRE_CASELESS) != 0 && d > 127)))
4274 #elif defined SUPPORT_UTF
4275 if (utf && (d > 255 || ((options & PCRE_CASELESS) != 0 && d > 127)))
4276 #elif !(defined COMPILE_PCRE8)
4277 if (d > 255)
4278 #endif
4279 #if defined SUPPORT_UTF || !(defined COMPILE_PCRE8)
4280 {
4281 xclass = TRUE;
4282
4283 /* With UCP support, we can find the other case equivalents of
4284 the relevant characters. There may be several ranges. Optimize how
4285 they fit with the basic range. */
4286
4287 #ifdef SUPPORT_UCP
4288 #ifndef COMPILE_PCRE8
4289 if (utf && (options & PCRE_CASELESS) != 0)
4290 #else
4291 if ((options & PCRE_CASELESS) != 0)
4292 #endif
4293 {
4294 unsigned int occ, ocd;
4295 unsigned int cc = c;
4296 unsigned int origd = d;
4297 while (get_othercase_range(&cc, origd, &occ, &ocd))
4298 {
4299 if (occ >= (unsigned int)c &&
4300 ocd <= (unsigned int)d)
4301 continue; /* Skip embedded ranges */
4302
4303 if (occ < (unsigned int)c &&
4304 ocd >= (unsigned int)c - 1) /* Extend the basic range */
4305 { /* if there is overlap, */
4306 c = occ; /* noting that if occ < c */
4307 continue; /* we can't have ocd > d */
4308 } /* because a subrange is */
4309 if (ocd > (unsigned int)d &&
4310 occ <= (unsigned int)d + 1) /* always shorter than */
4311 { /* the basic range. */
4312 d = ocd;
4313 continue;
4314 }
4315
4316 if (occ == ocd)
4317 {
4318 *class_uchardata++ = XCL_SINGLE;
4319 }
4320 else
4321 {
4322 *class_uchardata++ = XCL_RANGE;
4323 class_uchardata += PRIV(ord2utf)(occ, class_uchardata);
4324 }
4325 class_uchardata += PRIV(ord2utf)(ocd, class_uchardata);
4326 }
4327 }
4328 #endif /* SUPPORT_UCP */
4329
4330 /* Now record the original range, possibly modified for UCP caseless
4331 overlapping ranges. */
4332
4333 *class_uchardata++ = XCL_RANGE;
4334 #ifdef SUPPORT_UTF
4335 #ifndef COMPILE_PCRE8
4336 if (utf)
4337 {
4338 class_uchardata += PRIV(ord2utf)(c, class_uchardata);
4339 class_uchardata += PRIV(ord2utf)(d, class_uchardata);
4340 }
4341 else
4342 {
4343 *class_uchardata++ = c;
4344 *class_uchardata++ = d;
4345 }
4346 #else
4347 class_uchardata += PRIV(ord2utf)(c, class_uchardata);
4348 class_uchardata += PRIV(ord2utf)(d, class_uchardata);
4349 #endif
4350 #else /* SUPPORT_UTF */
4351 *class_uchardata++ = c;
4352 *class_uchardata++ = d;
4353 #endif /* SUPPORT_UTF */
4354
4355 /* With UCP support, we are done. Without UCP support, there is no
4356 caseless matching for UTF characters > 127; we can use the bit map
4357 for the smaller ones. As for 16 bit characters without UTF, we
4358 can still use */
4359
4360 #ifdef SUPPORT_UCP
4361 #ifndef COMPILE_PCRE8
4362 if (utf)
4363 #endif
4364 continue; /* With next character in the class */
4365 #endif /* SUPPORT_UCP */
4366
4367 #if defined SUPPORT_UTF && !defined(SUPPORT_UCP) && !(defined COMPILE_PCRE8)
4368 if (utf)
4369 {
4370 if ((options & PCRE_CASELESS) == 0 || c > 127) continue;
4371 /* Adjust upper limit and fall through to set up the map */
4372 d = 127;
4373 }
4374 else
4375 {
4376 if (c > 255) continue;
4377 /* Adjust upper limit and fall through to set up the map */
4378 d = 255;
4379 }
4380 #elif defined SUPPORT_UTF && !defined(SUPPORT_UCP)
4381 if ((options & PCRE_CASELESS) == 0 || c > 127) continue;
4382 /* Adjust upper limit and fall through to set up the map */
4383 d = 127;
4384 #else
4385 if (c > 255) continue;
4386 /* Adjust upper limit and fall through to set up the map */
4387 d = 255;
4388 #endif /* SUPPORT_UTF && !SUPPORT_UCP && !COMPILE_PCRE8 */
4389 }
4390 #endif /* SUPPORT_UTF || !COMPILE_PCRE8 */
4391
4392 /* We use the bit map for 8 bit mode, or when the characters fall
4393 partially or entirely to [0-255] ([0-127] for UCP) ranges. */
4394
4395 class_has_8bitchar = 1;
4396
4397 /* We can save a bit of time by skipping this in the pre-compile. */
4398
4399 if (lengthptr == NULL) for (; c <= d; c++)
4400 {
4401 classbits[c/8] |= (1 << (c&7));
4402 if ((options & PCRE_CASELESS) != 0)
4403 {
4404 int uc = cd->fcc[c]; /* flip case */
4405 classbits[uc/8] |= (1 << (uc&7));
4406 }
4407 }
4408
4409 continue; /* Go get the next char in the class */
4410 }
4411
4412 /* Handle a lone single character - we can get here for a normal
4413 non-escape char, or after \ that introduces a single character or for an
4414 apparent range that isn't. */
4415
4416 LONE_SINGLE_CHARACTER:
4417
4418 /* Only the value of 1 matters for class_single_char. */
4419 if (class_single_char < 2) class_single_char++;
4420 class_lastchar = c;
4421
4422 /* Handle a character that cannot go in the bit map */
4423
4424 #if defined SUPPORT_UTF && !(defined COMPILE_PCRE8)
4425 if ((c > 255) || (utf && ((options & PCRE_CASELESS) != 0 && c > 127)))
4426 #elif defined SUPPORT_UTF
4427 if (utf && (c > 255 || ((options & PCRE_CASELESS) != 0 && c > 127)))
4428 #elif !(defined COMPILE_PCRE8)
4429 if (c > 255)
4430 #endif
4431
4432 #if defined SUPPORT_UTF || !(defined COMPILE_PCRE8)
4433 {
4434 xclass = TRUE;
4435 *class_uchardata++ = XCL_SINGLE;
4436 #ifdef SUPPORT_UTF
4437 #ifndef COMPILE_PCRE8
4438 /* In non 8 bit mode, we can get here even if we are not in UTF mode. */
4439 if (!utf)
4440 *class_uchardata++ = c;
4441 else
4442 #endif
4443 class_uchardata += PRIV(ord2utf)(c, class_uchardata);
4444 #else /* SUPPORT_UTF */
4445 *class_uchardata++ = c;
4446 #endif /* SUPPORT_UTF */
4447
4448 #ifdef SUPPORT_UCP
4449 #ifdef COMPILE_PCRE8
4450 if ((options & PCRE_CASELESS) != 0)
4451 #else
4452 /* In non 8 bit mode, we can get here even if we are not in UTF mode. */
4453 if (utf && (options & PCRE_CASELESS) != 0)
4454 #endif
4455 {
4456 unsigned int othercase;
4457 if ((othercase = UCD_OTHERCASE(c)) != c)
4458 {
4459 *class_uchardata++ = XCL_SINGLE;
4460 class_uchardata += PRIV(ord2utf)(othercase, class_uchardata);
4461
4462 /* In the first pass, we must accumulate the space used here for
4463 the following reason: If this ends up as the only character in the
4464 class, it will later be optimized down to a single character.
4465 However, that uses less memory, and so if this happens to be at the
4466 end of the regex, there will not be enough memory in the real
4467 compile for this temporary storage. */
4468
4469 if (lengthptr != NULL)
4470 {
4471 *lengthptr += class_uchardata - class_uchardata_base;
4472 class_uchardata = class_uchardata_base;
4473 }
4474 }
4475 }
4476 #endif /* SUPPORT_UCP */
4477
4478 }
4479 else
4480 #endif /* SUPPORT_UTF || COMPILE_PCRE16 */
4481
4482 /* Handle a single-byte character */
4483 {
4484 class_has_8bitchar = 1;
4485 classbits[c/8] |= (1 << (c&7));
4486 if ((options & PCRE_CASELESS) != 0)
4487 {
4488 c = cd->fcc[c]; /* flip case */
4489 classbits[c/8] |= (1 << (c&7));
4490 }
4491 }
4492 }
4493
4494 /* Loop until ']' reached. This "while" is the end of the "do" far above.
4495 If we are at the end of an internal nested string, revert to the outer
4496 string. */
4497
4498 while (((c = *(++ptr)) != 0 ||
4499 (nestptr != NULL &&
4500 (ptr = nestptr, nestptr = NULL, c = *(++ptr)) != 0)) &&
4501 (c != CHAR_RIGHT_SQUARE_BRACKET || inescq));
4502
4503 /* Check for missing terminating ']' */
4504
4505 if (c == 0)
4506 {
4507 *errorcodeptr = ERR6;
4508 goto FAILED;
4509 }
4510
4511 /* If class_charcount is 1, we saw precisely one character. As long as
4512 there were no negated characters >= 128 and there was no use of \p or \P,
4513 in other words, no use of any XCLASS features, we can optimize.
4514
4515 In UTF-8 mode, we can optimize the negative case only if there were no
4516 characters >= 128 because OP_NOT and the related opcodes like OP_NOTSTAR
4517 operate on single-bytes characters only. This is an historical hangover.
4518 Maybe one day we can tidy these opcodes to handle multi-byte characters.
4519
4520 The optimization throws away the bit map. We turn the item into a
4521 1-character OP_CHAR[I] if it's positive, or OP_NOT[I] if it's negative.
4522 Note that OP_NOT[I] does not support multibyte characters. In the positive
4523 case, it can cause firstchar to be set. Otherwise, there can be no first
4524 char if this item is first, whatever repeat count may follow. In the case
4525 of reqchar, save the previous value for reinstating. */
4526
4527 #ifdef SUPPORT_UTF
4528 if (class_single_char == 1 && (!utf || !negate_class
4529 || class_lastchar < (MAX_VALUE_FOR_SINGLE_CHAR + 1)))
4530 #else
4531 if (class_single_char == 1)
4532 #endif
4533 {
4534 zeroreqchar = reqchar;
4535
4536 /* The OP_NOT[I] opcodes work on single characters only. */
4537
4538 if (negate_class)
4539 {
4540 if (firstchar == REQ_UNSET) firstchar = REQ_NONE;
4541 zerofirstchar = firstchar;
4542 *code++ = ((options & PCRE_CASELESS) != 0)? OP_NOTI: OP_NOT;
4543 *code++ = class_lastchar;
4544 break;
4545 }
4546
4547 /* For a single, positive character, get the value into mcbuffer, and
4548 then we can handle this with the normal one-character code. */
4549
4550 #ifdef SUPPORT_UTF
4551 if (utf && class_lastchar > MAX_VALUE_FOR_SINGLE_CHAR)
4552 mclength = PRIV(ord2utf)(class_lastchar, mcbuffer);
4553 else
4554 #endif
4555 {
4556 mcbuffer[0] = class_lastchar;
4557 mclength = 1;
4558 }
4559 goto ONE_CHAR;
4560 } /* End of 1-char optimization */
4561
4562 /* The general case - not the one-char optimization. If this is the first
4563 thing in the branch, there can be no first char setting, whatever the
4564 repeat count. Any reqchar setting must remain unchanged after any kind of
4565 repeat. */
4566
4567 if (firstchar == REQ_UNSET) firstchar = REQ_NONE;
4568 zerofirstchar = firstchar;
4569 zeroreqchar = reqchar;
4570
4571 /* If there are characters with values > 255, we have to compile an
4572 extended class, with its own opcode, unless there was a negated special
4573 such as \S in the class, and PCRE_UCP is not set, because in that case all
4574 characters > 255 are in the class, so any that were explicitly given as
4575 well can be ignored. If (when there are explicit characters > 255 that must
4576 be listed) there are no characters < 256, we can omit the bitmap in the
4577 actual compiled code. */
4578
4579 #ifdef SUPPORT_UTF
4580 if (xclass && (!should_flip_negation || (options & PCRE_UCP) != 0))
4581 #endif
4582 #ifndef COMPILE_PCRE8
4583 if (xclass && !should_flip_negation)
4584 #endif
4585 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4586 {
4587 *class_uchardata++ = XCL_END; /* Marks the end of extra data */
4588 *code++ = OP_XCLASS;
4589 code += LINK_SIZE;
4590 *code = negate_class? XCL_NOT:0;
4591
4592 /* If the map is required, move up the extra data to make room for it;
4593 otherwise just move the code pointer to the end of the extra data. */
4594
4595 if (class_has_8bitchar > 0)
4596 {
4597 *code++ |= XCL_MAP;
4598 memmove(code + (32 / sizeof(pcre_uchar)), code,
4599 IN_UCHARS(class_uchardata - code));
4600 memcpy(code, classbits, 32);
4601 code = class_uchardata + (32 / sizeof(pcre_uchar));
4602 }
4603 else code = class_uchardata;
4604
4605 /* Now fill in the complete length of the item */
4606
4607 PUT(previous, 1, (int)(code - previous));
4608 break; /* End of class handling */
4609 }
4610 #endif
4611
4612 /* If there are no characters > 255, or they are all to be included or
4613 excluded, set the opcode to OP_CLASS or OP_NCLASS, depending on whether the
4614 whole class was negated and whether there were negative specials such as \S
4615 (non-UCP) in the class. Then copy the 32-byte map into the code vector,
4616 negating it if necessary. */
4617
4618 *code++ = (negate_class == should_flip_negation) ? OP_CLASS : OP_NCLASS;
4619 if (lengthptr == NULL) /* Save time in the pre-compile phase */
4620 {
4621 if (negate_class)
4622 for (c = 0; c < 32; c++) classbits[c] = ~classbits[c];
4623 memcpy(code, classbits, 32);
4624 }
4625 code += 32 / sizeof(pcre_uchar);
4626 break;
4627
4628
4629 /* ===================================================================*/
4630 /* Various kinds of repeat; '{' is not necessarily a quantifier, but this
4631 has been tested above. */
4632
4633 case CHAR_LEFT_CURLY_BRACKET:
4634 if (!is_quantifier) goto NORMAL_CHAR;
4635 ptr = read_repeat_counts(ptr+1, &repeat_min, &repeat_max, errorcodeptr);
4636 if (*errorcodeptr != 0) goto FAILED;
4637 goto REPEAT;
4638
4639 case CHAR_ASTERISK:
4640 repeat_min = 0;
4641 repeat_max = -1;
4642 goto REPEAT;
4643
4644 case CHAR_PLUS:
4645 repeat_min = 1;
4646 repeat_max = -1;
4647 goto REPEAT;
4648
4649 case CHAR_QUESTION_MARK:
4650 repeat_min = 0;
4651 repeat_max = 1;
4652
4653 REPEAT:
4654 if (previous == NULL)
4655 {
4656 *errorcodeptr = ERR9;
4657 goto FAILED;
4658 }
4659
4660 if (repeat_min == 0)
4661 {
4662 firstchar = zerofirstchar; /* Adjust for zero repeat */
4663 reqchar = zeroreqchar; /* Ditto */
4664 }
4665
4666 /* Remember whether this is a variable length repeat */
4667
4668 reqvary = (repeat_min == repeat_max)? 0 : REQ_VARY;
4669
4670 op_type = 0; /* Default single-char op codes */
4671 possessive_quantifier = FALSE; /* Default not possessive quantifier */
4672
4673 /* Save start of previous item, in case we have to move it up in order to
4674 insert something before it. */
4675
4676 tempcode = previous;
4677
4678 /* If the next character is '+', we have a possessive quantifier. This
4679 implies greediness, whatever the setting of the PCRE_UNGREEDY option.
4680 If the next character is '?' this is a minimizing repeat, by default,
4681 but if PCRE_UNGREEDY is set, it works the other way round. We change the
4682 repeat type to the non-default. */
4683
4684 if (ptr[1] == CHAR_PLUS)
4685 {
4686 repeat_type = 0; /* Force greedy */
4687 possessive_quantifier = TRUE;
4688 ptr++;
4689 }
4690 else if (ptr[1] == CHAR_QUESTION_MARK)
4691 {
4692 repeat_type = greedy_non_default;
4693 ptr++;
4694 }
4695 else repeat_type = greedy_default;
4696
4697 /* If previous was a recursion call, wrap it in atomic brackets so that
4698 previous becomes the atomic group. All recursions were so wrapped in the
4699 past, but it no longer happens for non-repeated recursions. In fact, the
4700 repeated ones could be re-implemented independently so as not to need this,
4701 but for the moment we rely on the code for repeating groups. */
4702
4703 if (*previous == OP_RECURSE)
4704 {
4705 memmove(previous + 1 + LINK_SIZE, previous, IN_UCHARS(1 + LINK_SIZE));
4706 *previous = OP_ONCE;
4707 PUT(previous, 1, 2 + 2*LINK_SIZE);
4708 previous[2 + 2*LINK_SIZE] = OP_KET;
4709 PUT(previous, 3 + 2*LINK_SIZE, 2 + 2*LINK_SIZE);
4710 code += 2 + 2 * LINK_SIZE;
4711 length_prevgroup = 3 + 3*LINK_SIZE;
4712
4713 /* When actually compiling, we need to check whether this was a forward
4714 reference, and if so, adjust the offset. */
4715
4716 if (lengthptr == NULL && cd->hwm >= cd->start_workspace + LINK_SIZE)
4717 {
4718 int offset = GET(cd->hwm, -LINK_SIZE);
4719 if (offset == previous + 1 - cd->start_code)
4720 PUT(cd->hwm, -LINK_SIZE, offset + 1 + LINK_SIZE);
4721 }
4722 }
4723
4724 /* Now handle repetition for the different types of item. */
4725
4726 /* If previous was a character match, abolish the item and generate a
4727 repeat item instead. If a char item has a minumum of more than one, ensure
4728 that it is set in reqchar - it might not be if a sequence such as x{3} is
4729 the first thing in a branch because the x will have gone into firstchar
4730 instead. */
4731
4732 if (*previous == OP_CHAR || *previous == OP_CHARI)
4733 {
4734 op_type = (*previous == OP_CHAR)? 0 : OP_STARI - OP_STAR;
4735
4736 /* Deal with UTF characters that take up more than one character. It's
4737 easier to write this out separately than try to macrify it. Use c to
4738 hold the length of the character in bytes, plus UTF_LENGTH to flag that
4739 it's a length rather than a small character. */
4740
4741 #ifdef SUPPORT_UTF
4742 if (utf && NOT_FIRSTCHAR(code[-1]))
4743 {
4744 pcre_uchar *lastchar = code - 1;
4745 BACKCHAR(lastchar);
4746 c = (int)(code - lastchar); /* Length of UTF-8 character */
4747 memcpy(utf_chars, lastchar, IN_UCHARS(c)); /* Save the char */
4748 c |= UTF_LENGTH; /* Flag c as a length */
4749 }
4750 else
4751 #endif /* SUPPORT_UTF */
4752
4753 /* Handle the case of a single charater - either with no UTF support, or
4754 with UTF disabled, or for a single character UTF character. */
4755 {
4756 c = code[-1];
4757 if (repeat_min > 1) reqchar = c | req_caseopt | cd->req_varyopt;
4758 }
4759
4760 /* If the repetition is unlimited, it pays to see if the next thing on
4761 the line is something that cannot possibly match this character. If so,
4762 automatically possessifying this item gains some performance in the case
4763 where the match fails. */
4764
4765 if (!possessive_quantifier &&
4766 repeat_max < 0 &&
4767 check_auto_possessive(previous, utf, ptr + 1, options, cd))
4768 {
4769 repeat_type = 0; /* Force greedy */
4770 possessive_quantifier = TRUE;
4771 }
4772
4773 goto OUTPUT_SINGLE_REPEAT; /* Code shared with single character types */
4774 }
4775
4776 /* If previous was a single negated character ([^a] or similar), we use
4777 one of the special opcodes, replacing it. The code is shared with single-
4778 character repeats by setting opt_type to add a suitable offset into
4779 repeat_type. We can also test for auto-possessification. OP_NOT and OP_NOTI
4780 are currently used only for single-byte chars. */
4781
4782 else if (*previous == OP_NOT || *previous == OP_NOTI)
4783 {
4784 op_type = ((*previous == OP_NOT)? OP_NOTSTAR : OP_NOTSTARI) - OP_STAR;
4785 c = previous[1];
4786 if (!possessive_quantifier &&
4787 repeat_max < 0 &&
4788 check_auto_possessive(previous, utf, ptr + 1, options, cd))
4789 {
4790 repeat_type = 0; /* Force greedy */
4791 possessive_quantifier = TRUE;
4792 }
4793 goto OUTPUT_SINGLE_REPEAT;
4794 }
4795
4796 /* If previous was a character type match (\d or similar), abolish it and
4797 create a suitable repeat item. The code is shared with single-character
4798 repeats by setting op_type to add a suitable offset into repeat_type. Note
4799 the the Unicode property types will be present only when SUPPORT_UCP is
4800 defined, but we don't wrap the little bits of code here because it just
4801 makes it horribly messy. */
4802
4803 else if (*previous < OP_EODN)
4804 {
4805 pcre_uchar *oldcode;
4806 int prop_type, prop_value;
4807 op_type = OP_TYPESTAR - OP_STAR; /* Use type opcodes */
4808 c = *previous;
4809
4810 if (!possessive_quantifier &&
4811 repeat_max < 0 &&
4812 check_auto_possessive(previous, utf, ptr + 1, options, cd))
4813 {
4814 repeat_type = 0; /* Force greedy */
4815 possessive_quantifier = TRUE;
4816 }
4817
4818 OUTPUT_SINGLE_REPEAT:
4819 if (*previous == OP_PROP || *previous == OP_NOTPROP)
4820 {
4821 prop_type = previous[1];
4822 prop_value = previous[2];
4823 }
4824 else prop_type = prop_value = -1;
4825
4826 oldcode = code;
4827 code = previous; /* Usually overwrite previous item */
4828
4829 /* If the maximum is zero then the minimum must also be zero; Perl allows
4830 this case, so we do too - by simply omitting the item altogether. */
4831
4832 if (repeat_max == 0) goto END_REPEAT;
4833
4834 /*--------------------------------------------------------------------*/
4835 /* This code is obsolete from release 8.00; the restriction was finally
4836 removed: */
4837
4838 /* All real repeats make it impossible to handle partial matching (maybe
4839 one day we will be able to remove this restriction). */
4840
4841 /* if (repeat_max != 1) cd->external_flags |= PCRE_NOPARTIAL; */
4842 /*--------------------------------------------------------------------*/
4843
4844 /* Combine the op_type with the repeat_type */
4845
4846 repeat_type += op_type;
4847
4848 /* A minimum of zero is handled either as the special case * or ?, or as
4849 an UPTO, with the maximum given. */
4850
4851 if (repeat_min == 0)
4852 {
4853 if (repeat_max == -1) *code++ = OP_STAR + repeat_type;
4854 else if (repeat_max == 1) *code++ = OP_QUERY + repeat_type;
4855 else
4856 {
4857 *code++ = OP_UPTO + repeat_type;
4858 PUT2INC(code, 0, repeat_max);
4859 }
4860 }
4861
4862 /* A repeat minimum of 1 is optimized into some special cases. If the
4863 maximum is unlimited, we use OP_PLUS. Otherwise, the original item is
4864 left in place and, if the maximum is greater than 1, we use OP_UPTO with
4865 one less than the maximum. */
4866
4867 else if (repeat_min == 1)
4868 {
4869 if (repeat_max == -1)
4870 *code++ = OP_PLUS + repeat_type;
4871 else
4872 {
4873 code = oldcode; /* leave previous item in place */
4874 if (repeat_max == 1) goto END_REPEAT;
4875 *code++ = OP_UPTO + repeat_type;
4876 PUT2INC(code, 0, repeat_max - 1);
4877 }
4878 }
4879
4880 /* The case {n,n} is just an EXACT, while the general case {n,m} is
4881 handled as an EXACT followed by an UPTO. */
4882
4883 else
4884 {
4885 *code++ = OP_EXACT + op_type; /* NB EXACT doesn't have repeat_type */
4886 PUT2INC(code, 0, repeat_min);
4887
4888 /* If the maximum is unlimited, insert an OP_STAR. Before doing so,
4889 we have to insert the character for the previous code. For a repeated
4890 Unicode property match, there are two extra bytes that define the
4891 required property. In UTF-8 mode, long characters have their length in
4892 c, with the UTF_LENGTH bit as a flag. */
4893
4894 if (repeat_max < 0)
4895 {
4896 #ifdef SUPPORT_UTF
4897 if (utf && (c & UTF_LENGTH) != 0)
4898 {
4899 memcpy(code, utf_chars, IN_UCHARS(c & 7));
4900 code += c & 7;
4901 }
4902 else
4903 #endif
4904 {
4905 *code++ = c;
4906 if (prop_type >= 0)
4907 {
4908 *code++ = prop_type;
4909 *code++ = prop_value;
4910 }
4911 }
4912 *code++ = OP_STAR + repeat_type;
4913 }
4914
4915 /* Else insert an UPTO if the max is greater than the min, again
4916 preceded by the character, for the previously inserted code. If the
4917 UPTO is just for 1 instance, we can use QUERY instead. */
4918
4919 else if (repeat_max != repeat_min)
4920 {
4921 #ifdef SUPPORT_UTF
4922 if (utf && (c & UTF_LENGTH) != 0)
4923 {
4924 memcpy(code, utf_chars, IN_UCHARS(c & 7));
4925 code += c & 7;
4926 }
4927 else
4928 #endif
4929 *code++ = c;
4930 if (prop_type >= 0)
4931 {
4932 *code++ = prop_type;
4933 *code++ = prop_value;
4934 }
4935 repeat_max -= repeat_min;
4936
4937 if (repeat_max == 1)
4938 {
4939 *code++ = OP_QUERY + repeat_type;
4940 }
4941 else
4942 {
4943 *code++ = OP_UPTO + repeat_type;
4944 PUT2INC(code, 0, repeat_max);
4945 }
4946 }
4947 }
4948
4949 /* The character or character type itself comes last in all cases. */
4950
4951 #ifdef SUPPORT_UTF
4952 if (utf && (c & UTF_LENGTH) != 0)
4953 {
4954 memcpy(code, utf_chars, IN_UCHARS(c & 7));
4955 code += c & 7;
4956 }
4957 else
4958 #endif
4959 *code++ = c;
4960
4961 /* For a repeated Unicode property match, there are two extra bytes that
4962 define the required property. */
4963
4964 #ifdef SUPPORT_UCP
4965 if (prop_type >= 0)
4966 {
4967 *code++ = prop_type;
4968 *code++ = prop_value;
4969 }
4970 #endif
4971 }
4972
4973 /* If previous was a character class or a back reference, we put the repeat
4974 stuff after it, but just skip the item if the repeat was {0,0}. */
4975
4976 else if (*previous == OP_CLASS ||
4977 *previous == OP_NCLASS ||
4978 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4979 *previous == OP_XCLASS ||
4980 #endif
4981 *previous == OP_REF ||
4982 *previous == OP_REFI)
4983 {
4984 if (repeat_max == 0)
4985 {
4986 code = previous;
4987 goto END_REPEAT;
4988 }
4989
4990 /*--------------------------------------------------------------------*/
4991 /* This code is obsolete from release 8.00; the restriction was finally
4992 removed: */
4993
4994 /* All real repeats make it impossible to handle partial matching (maybe
4995 one day we will be able to remove this restriction). */
4996
4997 /* if (repeat_max != 1) cd->external_flags |= PCRE_NOPARTIAL; */
4998 /*--------------------------------------------------------------------*/
4999
5000 if (repeat_min == 0 && repeat_max == -1)
5001 *code++ = OP_CRSTAR + repeat_type;
5002 else if (repeat_min == 1 && repeat_max == -1)
5003 *code++ = OP_CRPLUS + repeat_type;
5004 else if (repeat_min == 0 && repeat_max == 1)
5005 *code++ = OP_CRQUERY + repeat_type;
5006 else
5007 {
5008 *code++ = OP_CRRANGE + repeat_type;
5009 PUT2INC(code, 0, repeat_min);
5010 if (repeat_max == -1) repeat_max = 0; /* 2-byte encoding for max */
5011 PUT2INC(code, 0, repeat_max);
5012 }
5013 }
5014
5015 /* If previous was a bracket group, we may have to replicate it in certain
5016 cases. Note that at this point we can encounter only the "basic" bracket
5017 opcodes such as BRA and CBRA, as this is the place where they get converted
5018 into the more special varieties such as BRAPOS and SBRA. A test for >=
5019 OP_ASSERT and <= OP_COND includes ASSERT, ASSERT_NOT, ASSERTBACK,
5020 ASSERTBACK_NOT, ONCE, BRA, CBRA, and COND. Originally, PCRE did not allow
5021 repetition of assertions, but now it does, for Perl compatibility. */
5022
5023 else if (*previous >= OP_ASSERT && *previous <= OP_COND)
5024 {
5025 register int i;
5026 int len = (int)(code - previous);
5027 pcre_uchar *bralink = NULL;
5028 pcre_uchar *brazeroptr = NULL;
5029
5030 /* Repeating a DEFINE group is pointless, but Perl allows the syntax, so
5031 we just ignore the repeat. */
5032
5033 if (*previous == OP_COND && previous[LINK_SIZE+1] == OP_DEF)
5034 goto END_REPEAT;
5035
5036 /* There is no sense in actually repeating assertions. The only potential
5037 use of repetition is in cases when the assertion is optional. Therefore,
5038 if the minimum is greater than zero, just ignore the repeat. If the
5039 maximum is not not zero or one, set it to 1. */
5040
5041 if (*previous < OP_ONCE) /* Assertion */
5042 {
5043 if (repeat_min > 0) goto END_REPEAT;
5044 if (repeat_max < 0 || repeat_max > 1) repeat_max = 1;
5045 }
5046
5047 /* The case of a zero minimum is special because of the need to stick
5048 OP_BRAZERO in front of it, and because the group appears once in the
5049 data, whereas in other cases it appears the minimum number of times. For
5050 this reason, it is simplest to treat this case separately, as otherwise
5051 the code gets far too messy. There are several special subcases when the
5052 minimum is zero. */
5053
5054 if (repeat_min == 0)
5055 {
5056 /* If the maximum is also zero, we used to just omit the group from the
5057 output altogether, like this:
5058
5059 ** if (repeat_max == 0)
5060 ** {
5061 ** code = previous;
5062 ** goto END_REPEAT;
5063 ** }
5064
5065 However, that fails when a group or a subgroup within it is referenced
5066 as a subroutine from elsewhere in the pattern, so now we stick in
5067 OP_SKIPZERO in front of it so that it is skipped on execution. As we
5068 don't have a list of which groups are referenced, we cannot do this
5069 selectively.
5070
5071 If the maximum is 1 or unlimited, we just have to stick in the BRAZERO
5072 and do no more at this point. However, we do need to adjust any
5073 OP_RECURSE calls inside the group that refer to the group itself or any
5074 internal or forward referenced group, because the offset is from the
5075 start of the whole regex. Temporarily terminate the pattern while doing
5076 this. */
5077
5078 if (repeat_max <= 1) /* Covers 0, 1, and unlimited */
5079 {
5080 *code = OP_END;
5081 adjust_recurse(previous, 1, utf, cd, save_hwm);
5082 memmove(previous + 1, previous, IN_UCHARS(len));
5083 code++;
5084 if (repeat_max == 0)
5085 {
5086 *previous++ = OP_SKIPZERO;
5087 goto END_REPEAT;
5088 }
5089 brazeroptr = previous; /* Save for possessive optimizing */
5090 *previous++ = OP_BRAZERO + repeat_type;
5091 }
5092
5093 /* If the maximum is greater than 1 and limited, we have to replicate
5094 in a nested fashion, sticking OP_BRAZERO before each set of brackets.
5095 The first one has to be handled carefully because it's the original
5096 copy, which has to be moved up. The remainder can be handled by code
5097 that is common with the non-zero minimum case below. We have to
5098 adjust the value or repeat_max, since one less copy is required. Once
5099 again, we may have to adjust any OP_RECURSE calls inside the group. */
5100
5101 else
5102 {
5103 int offset;
5104 *code = OP_END;
5105 adjust_recurse(previous, 2 + LINK_SIZE, utf, cd, save_hwm);
5106 memmove(previous + 2 + LINK_SIZE, previous, IN_UCHARS(len));
5107 code += 2 + LINK_SIZE;
5108 *previous++ = OP_BRAZERO + repeat_type;
5109 *previous++ = OP_BRA;
5110
5111 /* We chain together the bracket offset fields that have to be
5112 filled in later when the ends of the brackets are reached. */
5113
5114 offset = (bralink == NULL)? 0 : (int)(previous - bralink);
5115 bralink = previous;
5116 PUTINC(previous, 0, offset);
5117 }
5118
5119 repeat_max--;
5120 }
5121
5122 /* If the minimum is greater than zero, replicate the group as many
5123 times as necessary, and adjust the maximum to the number of subsequent
5124 copies that we need. If we set a first char from the group, and didn't
5125 set a required char, copy the latter from the former. If there are any
5126 forward reference subroutine calls in the group, there will be entries on
5127 the workspace list; replicate these with an appropriate increment. */
5128
5129 else
5130 {
5131 if (repeat_min > 1)
5132 {
5133 /* In the pre-compile phase, we don't actually do the replication. We
5134 just adjust the length as if we had. Do some paranoid checks for
5135 potential integer overflow. The INT64_OR_DOUBLE type is a 64-bit
5136 integer type when available, otherwise double. */
5137
5138 if (lengthptr != NULL)
5139 {
5140 int delta = (repeat_min - 1)*length_prevgroup;
5141 if ((INT64_OR_DOUBLE)(repeat_min - 1)*
5142 (INT64_OR_DOUBLE)length_prevgroup >
5143 (INT64_OR_DOUBLE)INT_MAX ||
5144 OFLOW_MAX - *lengthptr < delta)
5145 {
5146 *errorcodeptr = ERR20;
5147 goto FAILED;
5148 }
5149 *lengthptr += delta;
5150 }
5151
5152 /* This is compiling for real. If there is a set first byte for
5153 the group, and we have not yet set a "required byte", set it. Make
5154 sure there is enough workspace for copying forward references before
5155 doing the copy. */
5156
5157 else
5158 {
5159 if (groupsetfirstchar && reqchar < 0) reqchar = firstchar;
5160
5161 for (i = 1; i < repeat_min; i++)
5162 {
5163 pcre_uchar *hc;
5164 pcre_uchar *this_hwm = cd->hwm;
5165 memcpy(code, previous, IN_UCHARS(len));
5166
5167 while (cd->hwm > cd->start_workspace + cd->workspace_size -
5168 WORK_SIZE_SAFETY_MARGIN - (this_hwm - save_hwm))
5169 {
5170 int save_offset = save_hwm - cd->start_workspace;
5171 int this_offset = this_hwm - cd->start_workspace;
5172 *errorcodeptr = expand_workspace(cd);
5173 if (*errorcodeptr != 0) goto FAILED;
5174 save_hwm = (pcre_uchar *)cd->start_workspace + save_offset;
5175 this_hwm = (pcre_uchar *)cd->start_workspace + this_offset;
5176 }
5177
5178 for (hc = save_hwm; hc < this_hwm; hc += LINK_SIZE)
5179 {
5180 PUT(cd->hwm, 0, GET(hc, 0) + len);
5181 cd->hwm += LINK_SIZE;
5182 }
5183 save_hwm = this_hwm;
5184 code += len;
5185 }
5186 }
5187 }
5188
5189 if (repeat_max > 0) repeat_max -= repeat_min;
5190 }
5191
5192 /* This code is common to both the zero and non-zero minimum cases. If
5193 the maximum is limited, it replicates the group in a nested fashion,
5194 remembering the bracket starts on a stack. In the case of a zero minimum,
5195 the first one was set up above. In all cases the repeat_max now specifies
5196 the number of additional copies needed. Again, we must remember to
5197 replicate entries on the forward reference list. */
5198
5199 if (repeat_max >= 0)
5200 {
5201 /* In the pre-compile phase, we don't actually do the replication. We
5202 just adjust the length as if we had. For each repetition we must add 1
5203 to the length for BRAZERO and for all but the last repetition we must
5204 add 2 + 2*LINKSIZE to allow for the nesting that occurs. Do some
5205 paranoid checks to avoid integer overflow. The INT64_OR_DOUBLE type is
5206 a 64-bit integer type when available, otherwise double. */
5207
5208 if (lengthptr != NULL && repeat_max > 0)
5209 {
5210 int delta = repeat_max * (length_prevgroup + 1 + 2 + 2*LINK_SIZE) -
5211 2 - 2*LINK_SIZE; /* Last one doesn't nest */
5212 if ((INT64_OR_DOUBLE)repeat_max *
5213 (INT64_OR_DOUBLE)(length_prevgroup + 1 + 2 + 2*LINK_SIZE)
5214 > (INT64_OR_DOUBLE)INT_MAX ||
5215 OFLOW_MAX - *lengthptr < delta)
5216 {
5217 *errorcodeptr = ERR20;
5218 goto FAILED;
5219 }
5220 *lengthptr += delta;
5221 }
5222
5223 /* This is compiling for real */
5224
5225 else for (i = repeat_max - 1; i >= 0; i--)
5226 {
5227 pcre_uchar *hc;
5228 pcre_uchar *this_hwm = cd->hwm;
5229
5230 *code++ = OP_BRAZERO + repeat_type;
5231
5232 /* All but the final copy start a new nesting, maintaining the
5233 chain of brackets outstanding. */
5234
5235 if (i != 0)
5236 {
5237 int offset;
5238 *code++ = OP_BRA;
5239 offset = (bralink == NULL)? 0 : (int)(code - bralink);
5240 bralink = code;
5241 PUTINC(code, 0, offset);
5242 }
5243
5244 memcpy(code, previous, IN_UCHARS(len));
5245
5246 /* Ensure there is enough workspace for forward references before
5247 copying them. */
5248
5249 while (cd->hwm > cd->start_workspace + cd->workspace_size -
5250 WORK_SIZE_SAFETY_MARGIN - (this_hwm - save_hwm))
5251 {
5252 int save_offset = save_hwm - cd->start_workspace;
5253 int this_offset = this_hwm - cd->start_workspace;
5254 *errorcodeptr = expand_workspace(cd);
5255 if (*errorcodeptr != 0) goto FAILED;
5256 save_hwm = (pcre_uchar *)cd->start_workspace + save_offset;
5257 this_hwm = (pcre_uchar *)cd->start_workspace + this_offset;
5258 }
5259
5260 for (hc = save_hwm; hc < this_hwm; hc += LINK_SIZE)
5261 {
5262 PUT(cd->hwm, 0, GET(hc, 0) + len + ((i != 0)? 2+LINK_SIZE : 1));
5263 cd->hwm += LINK_SIZE;
5264 }
5265 save_hwm = this_hwm;
5266 code += len;
5267 }
5268
5269 /* Now chain through the pending brackets, and fill in their length
5270 fields (which are holding the chain links pro tem). */
5271
5272 while (bralink != NULL)
5273 {
5274 int oldlinkoffset;
5275 int offset = (int)(code - bralink + 1);
5276 pcre_uchar *bra = code - offset;
5277 oldlinkoffset = GET(bra, 1);
5278 bralink = (oldlinkoffset == 0)? NULL : bralink - oldlinkoffset;
5279 *code++ = OP_KET;
5280 PUTINC(code, 0, offset);
5281 PUT(bra, 1, offset);
5282 }
5283 }
5284
5285 /* If the maximum is unlimited, set a repeater in the final copy. For
5286 ONCE brackets, that's all we need to do. However, possessively repeated
5287 ONCE brackets can be converted into non-capturing brackets, as the
5288 behaviour of (?:xx)++ is the same as (?>xx)++ and this saves having to
5289 deal with possessive ONCEs specially.
5290
5291 Otherwise, when we are doing the actual compile phase, check to see
5292 whether this group is one that could match an empty string. If so,
5293 convert the initial operator to the S form (e.g. OP_BRA -> OP_SBRA) so
5294 that runtime checking can be done. [This check is also applied to ONCE
5295 groups at runtime, but in a different way.]
5296
5297 Then, if the quantifier was possessive and the bracket is not a
5298 conditional, we convert the BRA code to the POS form, and the KET code to
5299 KETRPOS. (It turns out to be convenient at runtime to detect this kind of
5300 subpattern at both the start and at the end.) The use of special opcodes
5301 makes it possible to reduce greatly the stack usage in pcre_exec(). If
5302 the group is preceded by OP_BRAZERO, convert this to OP_BRAPOSZERO.
5303
5304 Then, if the minimum number of matches is 1 or 0, cancel the possessive
5305 flag so that the default action below, of wrapping everything inside
5306 atomic brackets, does not happen. When the minimum is greater than 1,
5307 there will be earlier copies of the group, and so we still have to wrap
5308 the whole thing. */
5309
5310 else
5311 {
5312 pcre_uchar *ketcode = code - 1 - LINK_SIZE;
5313 pcre_uchar *bracode = ketcode - GET(ketcode, 1);
5314
5315 /* Convert possessive ONCE brackets to non-capturing */
5316
5317 if ((*bracode == OP_ONCE || *bracode == OP_ONCE_NC) &&
5318 possessive_quantifier) *bracode = OP_BRA;
5319
5320 /* For non-possessive ONCE brackets, all we need to do is to
5321 set the KET. */
5322
5323 if (*bracode == OP_ONCE || *bracode == OP_ONCE_NC)
5324 *ketcode = OP_KETRMAX + repeat_type;
5325
5326 /* Handle non-ONCE brackets and possessive ONCEs (which have been
5327 converted to non-capturing above). */
5328
5329 else
5330 {
5331 /* In the compile phase, check for empty string matching. */
5332
5333 if (lengthptr == NULL)
5334 {
5335 pcre_uchar *scode = bracode;
5336 do
5337 {
5338 if (could_be_empty_branch(scode, ketcode, utf, cd))
5339 {
5340 *bracode += OP_SBRA - OP_BRA;
5341 break;
5342 }
5343 scode += GET(scode, 1);
5344 }
5345 while (*scode == OP_ALT);
5346 }
5347
5348 /* Handle possessive quantifiers. */
5349
5350 if (possessive_quantifier)
5351 {
5352 /* For COND brackets, we wrap the whole thing in a possessively
5353 repeated non-capturing bracket, because we have not invented POS
5354 versions of the COND opcodes. Because we are moving code along, we
5355 must ensure that any pending recursive references are updated. */
5356
5357 if (*bracode == OP_COND || *bracode == OP_SCOND)
5358 {
5359 int nlen = (int)(code - bracode);
5360 *code = OP_END;
5361 adjust_recurse(bracode, 1 + LINK_SIZE, utf, cd, save_hwm);
5362 memmove(bracode + 1 + LINK_SIZE, bracode, IN_UCHARS(nlen));
5363 code += 1 + LINK_SIZE;
5364 nlen += 1 + LINK_SIZE;
5365 *bracode = OP_BRAPOS;
5366 *code++ = OP_KETRPOS;
5367 PUTINC(code, 0, nlen);
5368 PUT(bracode, 1, nlen);
5369 }
5370
5371 /* For non-COND brackets, we modify the BRA code and use KETRPOS. */
5372
5373 else
5374 {
5375 *bracode += 1; /* Switch to xxxPOS opcodes */
5376 *ketcode = OP_KETRPOS;
5377 }
5378
5379 /* If the minimum is zero, mark it as possessive, then unset the
5380 possessive flag when the minimum is 0 or 1. */
5381
5382 if (brazeroptr != NULL) *brazeroptr = OP_BRAPOSZERO;
5383 if (repeat_min < 2) possessive_quantifier = FALSE;
5384 }
5385
5386 /* Non-possessive quantifier */
5387
5388 else *ketcode = OP_KETRMAX + repeat_type;
5389 }
5390 }
5391 }
5392
5393 /* If previous is OP_FAIL, it was generated by an empty class [] in
5394 JavaScript mode. The other ways in which OP_FAIL can be generated, that is
5395 by (*FAIL) or (?!) set previous to NULL, which gives a "nothing to repeat"
5396 error above. We can just ignore the repeat in JS case. */
5397
5398 else if (*previous == OP_FAIL) goto END_REPEAT;
5399
5400 /* Else there's some kind of shambles */
5401
5402 else
5403 {
5404 *errorcodeptr = ERR11;
5405 goto FAILED;
5406 }
5407
5408 /* If the character following a repeat is '+', or if certain optimization
5409 tests above succeeded, possessive_quantifier is TRUE. For some opcodes,
5410 there are special alternative opcodes for this case. For anything else, we
5411 wrap the entire repeated item inside OP_ONCE brackets. Logically, the '+'
5412 notation is just syntactic sugar, taken from Sun's Java package, but the
5413 special opcodes can optimize it.
5414
5415 Some (but not all) possessively repeated subpatterns have already been
5416 completely handled in the code just above. For them, possessive_quantifier
5417 is always FALSE at this stage.
5418
5419 Note that the repeated item starts at tempcode, not at previous, which
5420 might be the first part of a string whose (former) last char we repeated.
5421
5422 Possessifying an 'exact' quantifier has no effect, so we can ignore it. But
5423 an 'upto' may follow. We skip over an 'exact' item, and then test the
5424 length of what remains before proceeding. */
5425
5426 if (possessive_quantifier)
5427 {
5428 int len;
5429
5430 if (*tempcode == OP_TYPEEXACT)
5431 tempcode += PRIV(OP_lengths)[*tempcode] +
5432 ((tempcode[1 + IMM2_SIZE] == OP_PROP
5433 || tempcode[1 + IMM2_SIZE] == OP_NOTPROP)? 2 : 0);
5434
5435 else if (*tempcode == OP_EXACT || *tempcode == OP_NOTEXACT)
5436 {
5437 tempcode += PRIV(OP_lengths)[*tempcode];
5438 #ifdef SUPPORT_UTF
5439 if (utf && HAS_EXTRALEN(tempcode[-1]))
5440 tempcode += GET_EXTRALEN(tempcode[-1]);
5441 #endif
5442 }
5443
5444 len = (int)(code - tempcode);
5445 if (len > 0) switch (*tempcode)
5446 {
5447 case OP_STAR: *tempcode = OP_POSSTAR; break;
5448 case OP_PLUS: *tempcode = OP_POSPLUS; break;
5449 case OP_QUERY: *tempcode = OP_POSQUERY; break;
5450 case OP_UPTO: *tempcode = OP_POSUPTO; break;
5451
5452 case OP_STARI: *tempcode = OP_POSSTARI; break;
5453 case OP_PLUSI: *tempcode = OP_POSPLUSI; break;
5454 case OP_QUERYI: *tempcode = OP_POSQUERYI; break;
5455 case OP_UPTOI: *tempcode = OP_POSUPTOI; break;
5456
5457 case OP_NOTSTAR: *tempcode = OP_NOTPOSSTAR; break;
5458 case OP_NOTPLUS: *tempcode = OP_NOTPOSPLUS; break;
5459 case OP_NOTQUERY: *tempcode = OP_NOTPOSQUERY; break;
5460 case OP_NOTUPTO: *tempcode = OP_NOTPOSUPTO; break;
5461
5462 case OP_NOTSTARI: *tempcode = OP_NOTPOSSTARI; break;
5463 case OP_NOTPLUSI: *tempcode = OP_NOTPOSPLUSI; break;
5464 case OP_NOTQUERYI: *tempcode = OP_NOTPOSQUERYI; break;
5465 case OP_NOTUPTOI: *tempcode = OP_NOTPOSUPTOI; break;
5466
5467 case OP_TYPESTAR: *tempcode = OP_TYPEPOSSTAR; break;
5468 case OP_TYPEPLUS: *tempcode = OP_TYPEPOSPLUS; break;
5469 case OP_TYPEQUERY: *tempcode = OP_TYPEPOSQUERY; break;
5470 case OP_TYPEUPTO: *tempcode = OP_TYPEPOSUPTO; break;
5471
5472 /* Because we are moving code along, we must ensure that any
5473 pending recursive references are updated. */
5474
5475 default:
5476 *code = OP_END;
5477 adjust_recurse(tempcode, 1 + LINK_SIZE, utf, cd, save_hwm);
5478 memmove(tempcode + 1 + LINK_SIZE, tempcode, IN_UCHARS(len));
5479 code += 1 + LINK_SIZE;
5480 len += 1 + LINK_SIZE;
5481 tempcode[0] = OP_ONCE;
5482 *code++ = OP_KET;
5483 PUTINC(code, 0, len);
5484 PUT(tempcode, 1, len);
5485 break;
5486 }
5487 }
5488
5489 /* In all case we no longer have a previous item. We also set the
5490 "follows varying string" flag for subsequently encountered reqchars if
5491 it isn't already set and we have just passed a varying length item. */
5492
5493 END_REPEAT:
5494 previous = NULL;
5495 cd->req_varyopt |= reqvary;
5496 break;
5497
5498
5499 /* ===================================================================*/
5500 /* Start of nested parenthesized sub-expression, or comment or lookahead or
5501 lookbehind or option setting or condition or all the other extended
5502 parenthesis forms. */
5503
5504 case CHAR_LEFT_PARENTHESIS:
5505 newoptions = options;
5506 skipbytes = 0;
5507 bravalue = OP_CBRA;
5508 save_hwm = cd->hwm;
5509 reset_bracount = FALSE;
5510
5511 /* First deal with various "verbs" that can be introduced by '*'. */
5512
5513 if (*(++ptr) == CHAR_ASTERISK &&
5514 ((cd->ctypes[ptr[1]] & ctype_letter) != 0 || ptr[1] == ':'))
5515 {
5516 int i, namelen;
5517 int arglen = 0;
5518 const char *vn = verbnames;
5519 const pcre_uchar *name = ptr + 1;
5520 const pcre_uchar *arg = NULL;
5521 previous = NULL;
5522 while ((cd->ctypes[*++ptr] & ctype_letter) != 0) {};
5523 namelen = (int)(ptr - name);
5524
5525 /* It appears that Perl allows any characters whatsoever, other than
5526 a closing parenthesis, to appear in arguments, so we no longer insist on
5527 letters, digits, and underscores. */
5528
5529 if (*ptr == CHAR_COLON)
5530 {
5531 arg = ++ptr;
5532 while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
5533 arglen = (int)(ptr - arg);
5534 }
5535
5536 if (*ptr != CHAR_RIGHT_PARENTHESIS)
5537 {
5538 *errorcodeptr = ERR60;
5539 goto FAILED;
5540 }
5541
5542 /* Scan the table of verb names */
5543
5544 for (i = 0; i < verbcount; i++)
5545 {
5546 if (namelen == verbs[i].len &&
5547 STRNCMP_UC_C8(name, vn, namelen) == 0)
5548 {
5549 /* Check for open captures before ACCEPT and convert it to
5550 ASSERT_ACCEPT if in an assertion. */
5551
5552 if (verbs[i].op == OP_ACCEPT)
5553 {
5554 open_capitem *oc;
5555 if (arglen != 0)
5556 {
5557 *errorcodeptr = ERR59;
5558 goto FAILED;
5559 }
5560 cd->had_accept = TRUE;
5561 for (oc = cd->open_caps; oc != NULL; oc = oc->next)
5562 {
5563 *code++ = OP_CLOSE;
5564 PUT2INC(code, 0, oc->number);
5565 }
5566 *code++ = (cd->assert_depth > 0)? OP_ASSERT_ACCEPT : OP_ACCEPT;
5567
5568 /* Do not set firstchar after *ACCEPT */
5569 if (firstchar == REQ_UNSET) firstchar = REQ_NONE;
5570 }
5571
5572 /* Handle other cases with/without an argument */
5573
5574 else if (arglen == 0)
5575 {
5576 if (verbs[i].op < 0) /* Argument is mandatory */
5577 {
5578 *errorcodeptr = ERR66;
5579 goto FAILED;
5580 }
5581 *code = verbs[i].op;
5582 if (*code++ == OP_THEN) cd->external_flags |= PCRE_HASTHEN;
5583 }
5584
5585 else
5586 {
5587 if (verbs[i].op_arg < 0) /* Argument is forbidden */
5588 {
5589 *errorcodeptr = ERR59;
5590 goto FAILED;
5591 }
5592 *code = verbs[i].op_arg;
5593 if (*code++ == OP_THEN_ARG) cd->external_flags |= PCRE_HASTHEN;
5594 *code++ = arglen;
5595 memcpy(code, arg, IN_UCHARS(arglen));
5596 code += arglen;
5597 *code++ = 0;
5598 }
5599
5600 break; /* Found verb, exit loop */
5601 }
5602
5603 vn += verbs[i].len + 1;
5604 }
5605
5606 if (i < verbcount) continue; /* Successfully handled a verb */
5607 *errorcodeptr = ERR60; /* Verb not recognized */
5608 goto FAILED;
5609 }
5610
5611 /* Deal with the extended parentheses; all are introduced by '?', and the
5612 appearance of any of them means that this is not a capturing group. */
5613
5614 else if (*ptr == CHAR_QUESTION_MARK)
5615 {
5616 int i, set, unset, namelen;
5617 int *optset;
5618 const pcre_uchar *name;
5619 pcre_uchar *slot;
5620
5621 switch (*(++ptr))
5622 {
5623 case CHAR_NUMBER_SIGN: /* Comment; skip to ket */
5624 ptr++;
5625 while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
5626 if (*ptr == 0)
5627 {
5628 *errorcodeptr = ERR18;
5629 goto FAILED;
5630 }
5631 continue;
5632
5633
5634 /* ------------------------------------------------------------ */
5635 case CHAR_VERTICAL_LINE: /* Reset capture count for each branch */
5636 reset_bracount = TRUE;
5637 /* Fall through */
5638
5639 /* ------------------------------------------------------------ */
5640 case CHAR_COLON: /* Non-capturing bracket */
5641 bravalue = OP_BRA;
5642 ptr++;
5643 break;
5644
5645
5646 /* ------------------------------------------------------------ */
5647 case CHAR_LEFT_PARENTHESIS:
5648 bravalue = OP_COND; /* Conditional group */
5649
5650 /* A condition can be an assertion, a number (referring to a numbered
5651 group), a name (referring to a named group), or 'R', referring to
5652 recursion. R<digits> and R&name are also permitted for recursion tests.
5653
5654 There are several syntaxes for testing a named group: (?(name)) is used
5655 by Python; Perl 5.10 onwards uses (?(<name>) or (?('name')).
5656
5657 There are two unfortunate ambiguities, caused by history. (a) 'R' can
5658 be the recursive thing or the name 'R' (and similarly for 'R' followed
5659 by digits), and (b) a number could be a name that consists of digits.
5660 In both cases, we look for a name first; if not found, we try the other
5661 cases. */
5662
5663 /* For conditions that are assertions, check the syntax, and then exit
5664 the switch. This will take control down to where bracketed groups,
5665 including assertions, are processed. */
5666
5667 if (ptr[1] == CHAR_QUESTION_MARK && (ptr[2] == CHAR_EQUALS_SIGN ||
5668 ptr[2] == CHAR_EXCLAMATION_MARK || ptr[2] == CHAR_LESS_THAN_SIGN))
5669 break;
5670
5671 /* Most other conditions use OP_CREF (a couple change to OP_RREF
5672 below), and all need to skip 1+IMM2_SIZE bytes at the start of the group. */
5673
5674 code[1+LINK_SIZE] = OP_CREF;
5675 skipbytes = 1+IMM2_SIZE;
5676 refsign = -1;
5677
5678 /* Check for a test for recursion in a named group. */
5679
5680 if (ptr[1] == CHAR_R && ptr[2] == CHAR_AMPERSAND)
5681 {
5682 terminator = -1;
5683 ptr += 2;
5684 code[1+LINK_SIZE] = OP_RREF; /* Change the type of test */
5685 }
5686
5687 /* Check for a test for a named group's having been set, using the Perl
5688 syntax (?(<name>) or (?('name') */
5689
5690 else if (ptr[1] == CHAR_LESS_THAN_SIGN)
5691 {
5692 terminator = CHAR_GREATER_THAN_SIGN;
5693 ptr++;
5694 }
5695 else if (ptr[1] == CHAR_APOSTROPHE)
5696 {
5697 terminator = CHAR_APOSTROPHE;
5698 ptr++;
5699 }
5700 else
5701 {
5702 terminator = 0;
5703 if (ptr[1] == CHAR_MINUS || ptr[1] == CHAR_PLUS) refsign = *(++ptr);
5704 }
5705
5706 /* We now expect to read a name; any thing else is an error */
5707
5708 if ((cd->ctypes[ptr[1]] & ctype_word) == 0)
5709 {
5710 ptr += 1; /* To get the right offset */
5711 *errorcodeptr = ERR28;
5712 goto FAILED;
5713 }
5714
5715 /* Read the name, but also get it as a number if it's all digits */
5716
5717 recno = 0;
5718 name = ++ptr;
5719 while ((cd->ctypes[*ptr] & ctype_word) != 0)
5720 {
5721 if (recno >= 0)
5722 recno = (IS_DIGIT(*ptr))? recno * 10 + *ptr - CHAR_0 : -1;
5723 ptr++;
5724 }
5725 namelen = (int)(ptr - name);
5726
5727 if ((terminator > 0 && *ptr++ != terminator) ||
5728 *ptr++ != CHAR_RIGHT_PARENTHESIS)
5729 {
5730 ptr--; /* Error offset */
5731 *errorcodeptr = ERR26;
5732 goto FAILED;
5733 }
5734
5735 /* Do no further checking in the pre-compile phase. */
5736
5737 if (lengthptr != NULL) break;
5738
5739 /* In the real compile we do the work of looking for the actual
5740 reference. If the string started with "+" or "-" we require the rest to
5741 be digits, in which case recno will be set. */
5742
5743 if (refsign > 0)
5744 {
5745 if (recno <= 0)
5746 {
5747 *errorcodeptr = ERR58;
5748 goto FAILED;
5749 }
5750 recno = (refsign == CHAR_MINUS)?
5751 cd->bracount - recno + 1 : recno +cd->bracount;
5752 if (recno <= 0 || recno > cd->final_bracount)
5753 {
5754 *errorcodeptr = ERR15;
5755 goto FAILED;
5756 }
5757 PUT2(code, 2+LINK_SIZE, recno);
5758 break;
5759 }
5760
5761 /* Otherwise (did not start with "+" or "-"), start by looking for the
5762 name. If we find a name, add one to the opcode to change OP_CREF or
5763 OP_RREF into OP_NCREF or OP_NRREF. These behave exactly the same,
5764 except they record that the reference was originally to a name. The
5765 information is used to check duplicate names. */
5766
5767 slot = cd->name_table;
5768 for (i = 0; i < cd->names_found; i++)
5769 {
5770 if (STRNCMP_UC_UC(name, slot+IMM2_SIZE, namelen) == 0) break;
5771 slot += cd->name_entry_size;
5772 }
5773
5774 /* Found a previous named subpattern */
5775
5776 if (i < cd->names_found)
5777 {
5778 recno = GET2(slot, 0);
5779 PUT2(code, 2+LINK_SIZE, recno);
5780 code[1+LINK_SIZE]++;
5781 }
5782
5783 /* Search the pattern for a forward reference */
5784
5785 else if ((i = find_parens(cd, name, namelen,
5786 (options & PCRE_EXTENDED) != 0, utf)) > 0)
5787 {
5788 PUT2(code, 2+LINK_SIZE, i);
5789 code[1+LINK_SIZE]++;
5790 }
5791
5792 /* If terminator == 0 it means that the name followed directly after
5793 the opening parenthesis [e.g. (?(abc)...] and in this case there are
5794 some further alternatives to try. For the cases where terminator != 0
5795 [things like (?(<name>... or (?('name')... or (?(R&name)... ] we have
5796 now checked all the possibilities, so give an error. */
5797
5798 else if (terminator != 0)
5799 {
5800 *errorcodeptr = ERR15;
5801 goto FAILED;
5802 }
5803
5804 /* Check for (?(R) for recursion. Allow digits after R to specify a
5805 specific group number. */
5806
5807 else if (*name == CHAR_R)
5808 {
5809 recno = 0;
5810 for (i = 1; i < namelen; i++)
5811 {
5812 if (!IS_DIGIT(name[i]))
5813 {
5814 *errorcodeptr = ERR15;
5815 goto FAILED;
5816 }
5817 recno = recno * 10 + name[i] - CHAR_0;
5818 }
5819 if (recno == 0) recno = RREF_ANY;
5820 code[1+LINK_SIZE] = OP_RREF; /* Change test type */
5821 PUT2(code, 2+LINK_SIZE, recno);
5822 }
5823
5824 /* Similarly, check for the (?(DEFINE) "condition", which is always
5825 false. */
5826
5827 else if (namelen == 6 && STRNCMP_UC_C8(name, STRING_DEFINE, 6) == 0)
5828 {
5829 code[1+LINK_SIZE] = OP_DEF;
5830 skipbytes = 1;
5831 }
5832
5833 /* Check for the "name" actually being a subpattern number. We are
5834 in the second pass here, so final_bracount is set. */
5835
5836 else if (recno > 0 && recno <= cd->final_bracount)
5837 {
5838 PUT2(code, 2+LINK_SIZE, recno);
5839 }
5840
5841 /* Either an unidentified subpattern, or a reference to (?(0) */
5842
5843 else
5844 {
5845 *errorcodeptr = (recno == 0)? ERR35: ERR15;
5846 goto FAILED;
5847 }
5848 break;
5849
5850
5851 /* ------------------------------------------------------------ */
5852 case CHAR_EQUALS_SIGN: /* Positive lookahead */
5853 bravalue = OP_ASSERT;
5854 cd->assert_depth += 1;
5855 ptr++;
5856 break;
5857
5858
5859 /* ------------------------------------------------------------ */
5860 case CHAR_EXCLAMATION_MARK: /* Negative lookahead */
5861 ptr++;
5862 if (*ptr == CHAR_RIGHT_PARENTHESIS) /* Optimize (?!) */
5863 {
5864 *code++ = OP_FAIL;
5865 previous = NULL;
5866 continue;
5867 }
5868 bravalue = OP_ASSERT_NOT;
5869 cd->assert_depth += 1;
5870 break;
5871
5872
5873 /* ------------------------------------------------------------ */
5874 case CHAR_LESS_THAN_SIGN: /* Lookbehind or named define */
5875 switch (ptr[1])
5876 {
5877 case CHAR_EQUALS_SIGN: /* Positive lookbehind */
5878 bravalue = OP_ASSERTBACK;
5879 cd->assert_depth += 1;
5880 ptr += 2;
5881 break;
5882
5883 case CHAR_EXCLAMATION_MARK: /* Negative lookbehind */
5884 bravalue = OP_ASSERTBACK_NOT;
5885 cd->assert_depth += 1;
5886 ptr += 2;
5887 break;
5888
5889 default: /* Could be name define, else bad */
5890 if ((cd->ctypes[ptr[1]] & ctype_word) != 0) goto DEFINE_NAME;
5891 ptr++; /* Correct offset for error */
5892 *errorcodeptr = ERR24;
5893 goto FAILED;
5894 }
5895 break;
5896
5897
5898 /* ------------------------------------------------------------ */
5899 case CHAR_GREATER_THAN_SIGN: /* One-time brackets */
5900 bravalue = OP_ONCE;
5901 ptr++;
5902 break;
5903
5904
5905 /* ------------------------------------------------------------ */
5906 case CHAR_C: /* Callout - may be followed by digits; */
5907 previous_callout = code; /* Save for later completion */
5908 after_manual_callout = 1; /* Skip one item before completing */
5909 *code++ = OP_CALLOUT;
5910 {
5911 int n = 0;
5912 ptr++;
5913 while(IS_DIGIT(*ptr))
5914 n = n * 10 + *ptr++ - CHAR_0;
5915 if (*ptr != CHAR_RIGHT_PARENTHESIS)
5916 {
5917 *errorcodeptr = ERR39;
5918 goto FAILED;
5919 }
5920 if (n > 255)
5921 {
5922 *errorcodeptr = ERR38;
5923 goto FAILED;
5924 }
5925 *code++ = n;
5926 PUT(code, 0, (int)(ptr - cd->start_pattern + 1)); /* Pattern offset */
5927 PUT(code, LINK_SIZE, 0); /* Default length */
5928 code += 2 * LINK_SIZE;
5929 }
5930 previous = NULL;
5931 continue;
5932
5933
5934 /* ------------------------------------------------------------ */
5935 case CHAR_P: /* Python-style named subpattern handling */
5936 if (*(++ptr) == CHAR_EQUALS_SIGN ||
5937 *ptr == CHAR_GREATER_THAN_SIGN) /* Reference or recursion */
5938 {
5939 is_recurse = *ptr == CHAR_GREATER_THAN_SIGN;
5940 terminator = CHAR_RIGHT_PARENTHESIS;
5941 goto NAMED_REF_OR_RECURSE;
5942 }
5943 else if (*ptr != CHAR_LESS_THAN_SIGN) /* Test for Python-style defn */
5944 {
5945 *errorcodeptr = ERR41;
5946 goto FAILED;
5947 }
5948 /* Fall through to handle (?P< as (?< is handled */
5949
5950
5951 /* ------------------------------------------------------------ */
5952 DEFINE_NAME: /* Come here from (?< handling */
5953 case CHAR_APOSTROPHE:
5954 {
5955 terminator = (*ptr == CHAR_LESS_THAN_SIGN)?
5956 CHAR_GREATER_THAN_SIGN : CHAR_APOSTROPHE;
5957 name = ++ptr;
5958
5959 while ((cd->ctypes[*ptr] & ctype_word) != 0) ptr++;
5960 namelen = (int)(ptr - name);
5961
5962 /* In the pre-compile phase, just do a syntax check. */
5963
5964 if (lengthptr != NULL)
5965 {
5966 if (*ptr != terminator)
5967 {
5968 *errorcodeptr = ERR42;
5969 goto FAILED;
5970 }
5971 if (cd->names_found >= MAX_NAME_COUNT)
5972 {
5973 *errorcodeptr = ERR49;
5974 goto FAILED;
5975 }
5976 if (namelen + IMM2_SIZE + 1 > cd->name_entry_size)
5977 {
5978 cd->name_entry_size = namelen + IMM2_SIZE + 1;
5979 if (namelen > MAX_NAME_SIZE)
5980 {
5981 *errorcodeptr = ERR48;
5982 goto FAILED;
5983 }
5984 }
5985 }
5986
5987 /* In the real compile, create the entry in the table, maintaining
5988 alphabetical order. Duplicate names for different numbers are
5989 permitted only if PCRE_DUPNAMES is set. Duplicate names for the same
5990 number are always OK. (An existing number can be re-used if (?|
5991 appears in the pattern.) In either event, a duplicate name results in
5992 a duplicate entry in the table, even if the number is the same. This
5993 is because the number of names, and hence the table size, is computed
5994 in the pre-compile, and it affects various numbers and pointers which
5995 would all have to be modified, and the compiled code moved down, if
5996 duplicates with the same number were omitted from the table. This
5997 doesn't seem worth the hassle. However, *different* names for the
5998 same number are not permitted. */
5999
6000 else
6001 {
6002 BOOL dupname = FALSE;
6003 slot = cd->name_table;
6004
6005 for (i = 0; i < cd->names_found; i++)
6006 {
6007 int crc = memcmp(name, slot+IMM2_SIZE, IN_UCHARS(namelen));
6008 if (crc == 0)
6009 {
6010 if (slot[IMM2_SIZE+namelen] == 0)
6011 {
6012 if (GET2(slot, 0) != cd->bracount + 1 &&
6013 (options & PCRE_DUPNAMES) == 0)
6014 {
6015 *errorcodeptr = ERR43;
6016 goto FAILED;
6017 }
6018 else dupname = TRUE;
6019 }
6020 else crc = -1; /* Current name is a substring */
6021 }
6022
6023 /* Make space in the table and break the loop for an earlier
6024 name. For a duplicate or later name, carry on. We do this for
6025 duplicates so that in the simple case (when ?(| is not used) they
6026 are in order of their numbers. */
6027
6028 if (crc < 0)
6029 {
6030 memmove(slot + cd->name_entry_size, slot,
6031 IN_UCHARS((cd->names_found - i) * cd->name_entry_size));
6032 break;
6033 }
6034
6035 /* Continue the loop for a later or duplicate name */
6036
6037 slot += cd->name_entry_size;
6038 }
6039
6040 /* For non-duplicate names, check for a duplicate number before
6041 adding the new name. */
6042
6043 if (!dupname)
6044 {
6045 pcre_uchar *cslot = cd->name_table;
6046 for (i = 0; i < cd->names_found; i++)
6047 {
6048 if (cslot != slot)
6049 {
6050 if (GET2(cslot, 0) == cd->bracount + 1)
6051 {
6052 *errorcodeptr = ERR65;
6053 goto FAILED;
6054 }
6055 }
6056 else i--;
6057 cslot += cd->name_entry_size;
6058 }
6059 }
6060
6061 PUT2(slot, 0, cd->bracount + 1);
6062 memcpy(slot + IMM2_SIZE, name, IN_UCHARS(namelen));
6063 slot[IMM2_SIZE + namelen] = 0;
6064 }
6065 }
6066
6067 /* In both pre-compile and compile, count the number of names we've
6068 encountered. */
6069
6070 cd->names_found++;
6071 ptr++; /* Move past > or ' */
6072 goto NUMBERED_GROUP;
6073
6074
6075 /* ------------------------------------------------------------ */
6076 case CHAR_AMPERSAND: /* Perl recursion/subroutine syntax */
6077 terminator = CHAR_RIGHT_PARENTHESIS;
6078 is_recurse = TRUE;
6079 /* Fall through */
6080
6081 /* We come here from the Python syntax above that handles both
6082 references (?P=name) and recursion (?P>name), as well as falling
6083 through from the Perl recursion syntax (?&name). We also come here from
6084 the Perl \k<name> or \k'name' back reference syntax and the \k{name}
6085 .NET syntax, and the Oniguruma \g<...> and \g'...' subroutine syntax. */
6086
6087 NAMED_REF_OR_RECURSE:
6088 name = ++ptr;
6089 while ((cd->ctypes[*ptr] & ctype_word) != 0) ptr++;
6090 namelen = (int)(ptr - name);
6091
6092 /* In the pre-compile phase, do a syntax check. We used to just set
6093 a dummy reference number, because it was not used in the first pass.
6094 However, with the change of recursive back references to be atomic,
6095 we have to look for the number so that this state can be identified, as
6096 otherwise the incorrect length is computed. If it's not a backwards
6097 reference, the dummy number will do. */
6098
6099 if (lengthptr != NULL)
6100 {
6101 const pcre_uchar *temp;
6102
6103 if (namelen == 0)
6104 {
6105 *errorcodeptr = ERR62;
6106 goto FAILED;
6107 }
6108 if (*ptr != terminator)
6109 {
6110 *errorcodeptr = ERR42;
6111 goto FAILED;
6112 }
6113 if (namelen > MAX_NAME_SIZE)
6114 {
6115 *errorcodeptr = ERR48;
6116 goto FAILED;
6117 }
6118
6119 /* The name table does not exist in the first pass, so we cannot
6120 do a simple search as in the code below. Instead, we have to scan the
6121 pattern to find the number. It is important that we scan it only as
6122 far as we have got because the syntax of named subpatterns has not
6123 been checked for the rest of the pattern, and find_parens() assumes
6124 correct syntax. In any case, it's a waste of resources to scan
6125 further. We stop the scan at the current point by temporarily
6126 adjusting the value of cd->endpattern. */
6127
6128 temp = cd->end_pattern;
6129 cd->end_pattern = ptr;
6130 recno = find_parens(cd, name, namelen,
6131 (options & PCRE_EXTENDED) != 0, utf);
6132 cd->end_pattern = temp;
6133 if (recno < 0) recno = 0; /* Forward ref; set dummy number */
6134 }
6135
6136 /* In the real compile, seek the name in the table. We check the name
6137 first, and then check that we have reached the end of the name in the
6138 table. That way, if the name that is longer than any in the table,
6139 the comparison will fail without reading beyond the table entry. */
6140
6141 else
6142 {
6143 slot = cd->name_table;
6144 for (i = 0; i < cd->names_found; i++)
6145 {
6146 if (STRNCMP_UC_UC(name, slot+IMM2_SIZE, namelen) == 0 &&
6147 slot[IMM2_SIZE+namelen] == 0)
6148 break;
6149 slot += cd->name_entry_size;
6150 }
6151
6152 if (i < cd->names_found) /* Back reference */
6153 {
6154 recno = GET2(slot, 0);
6155 }
6156 else if ((recno = /* Forward back reference */
6157 find_parens(cd, name, namelen,
6158 (options & PCRE_EXTENDED) != 0, utf)) <= 0)
6159 {
6160 *errorcodeptr = ERR15;
6161 goto FAILED;
6162 }
6163 }
6164
6165 /* In both phases, we can now go to the code than handles numerical
6166 recursion or backreferences. */
6167
6168 if (is_recurse) goto HANDLE_RECURSION;
6169 else goto HANDLE_REFERENCE;
6170
6171
6172 /* ------------------------------------------------------------ */
6173 case CHAR_R: /* Recursion */
6174 ptr++; /* Same as (?0) */
6175 /* Fall through */
6176
6177
6178 /* ------------------------------------------------------------ */
6179 case CHAR_MINUS: case CHAR_PLUS: /* Recursion or subroutine */
6180 case CHAR_0: case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4:
6181 case CHAR_5: case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
6182 {
6183 const pcre_uchar *called;
6184 terminator = CHAR_RIGHT_PARENTHESIS;
6185
6186 /* Come here from the \g<...> and \g'...' code (Oniguruma
6187 compatibility). However, the syntax has been checked to ensure that
6188 the ... are a (signed) number, so that neither ERR63 nor ERR29 will
6189 be called on this path, nor with the jump to OTHER_CHAR_AFTER_QUERY
6190 ever be taken. */
6191
6192 HANDLE_NUMERICAL_RECURSION:
6193
6194 if ((refsign = *ptr) == CHAR_PLUS)
6195 {
6196 ptr++;
6197 if (!IS_DIGIT(*ptr))
6198 {
6199 *errorcodeptr = ERR63;
6200 goto FAILED;
6201 }
6202 }
6203 else if (refsign == CHAR_MINUS)
6204 {
6205 if (!IS_DIGIT(ptr[1]))
6206 goto OTHER_CHAR_AFTER_QUERY;
6207 ptr++;
6208 }
6209
6210 recno = 0;
6211 while(IS_DIGIT(*ptr))
6212 recno = recno * 10 + *ptr++ - CHAR_0;
6213
6214 if (*ptr != terminator)
6215 {
6216 *errorcodeptr = ERR29;
6217 goto FAILED;
6218 }
6219
6220 if (refsign == CHAR_MINUS)
6221 {
6222 if (recno == 0)
6223 {
6224 *errorcodeptr = ERR58;
6225 goto FAILED;
6226 }
6227 recno = cd->bracount - recno + 1;
6228 if (recno <= 0)
6229 {
6230 *errorcodeptr = ERR15;
6231 goto FAILED;
6232 }
6233 }
6234 else if (refsign == CHAR_PLUS)
6235 {
6236 if (recno == 0)
6237 {
6238 *errorcodeptr = ERR58;
6239 goto FAILED;
6240 }
6241 recno += cd->bracount;
6242 }
6243
6244 /* Come here from code above that handles a named recursion */
6245
6246 HANDLE_RECURSION:
6247
6248 previous = code;
6249 called = cd->start_code;
6250
6251 /* When we are actually compiling, find the bracket that is being
6252 referenced. Temporarily end the regex in case it doesn't exist before
6253 this point. If we end up with a forward reference, first check that
6254 the bracket does occur later so we can give the error (and position)
6255 now. Then remember this forward reference in the workspace so it can
6256 be filled in at the end. */
6257
6258 if (lengthptr == NULL)
6259 {
6260 *code = OP_END;
6261 if (recno != 0)
6262 called = PRIV(find_bracket)(cd->start_code, utf, recno);
6263
6264 /* Forward reference */
6265
6266 if (called == NULL)
6267 {
6268 if (find_parens(cd, NULL, recno,
6269 (options & PCRE_EXTENDED) != 0, utf) < 0)
6270 {
6271 *errorcodeptr = ERR15;
6272 goto FAILED;
6273 }
6274
6275 /* Fudge the value of "called" so that when it is inserted as an
6276 offset below, what it actually inserted is the reference number
6277 of the group. Then remember the forward reference. */
6278
6279 called = cd->start_code + recno;
6280 if (cd->hwm >= cd->start_workspace + cd->workspace_size -
6281 WORK_SIZE_SAFETY_MARGIN)
6282 {
6283 *errorcodeptr = expand_workspace(cd);
6284 if (*errorcodeptr != 0) goto FAILED;
6285 }
6286 PUTINC(cd->hwm, 0, (int)(code + 1 - cd->start_code));
6287 }
6288
6289 /* If not a forward reference, and the subpattern is still open,
6290 this is a recursive call. We check to see if this is a left
6291 recursion that could loop for ever, and diagnose that case. We
6292 must not, however, do this check if we are in a conditional
6293 subpattern because the condition might be testing for recursion in
6294 a pattern such as /(?(R)a+|(?R)b)/, which is perfectly valid.
6295 Forever loops are also detected at runtime, so those that occur in
6296 conditional subpatterns will be picked up then. */
6297
6298 else if (GET(called, 1) == 0 && cond_depth <= 0 &&
6299 could_be_empty(called, code, bcptr, utf, cd))
6300 {
6301 *errorcodeptr = ERR40;
6302 goto FAILED;
6303 }
6304 }
6305
6306 /* Insert the recursion/subroutine item. It does not have a set first
6307 character (relevant if it is repeated, because it will then be
6308 wrapped with ONCE brackets). */
6309
6310 *code = OP_RECURSE;
6311 PUT(code, 1, (int)(called - cd->start_code));
6312 code += 1 + LINK_SIZE;
6313 groupsetfirstchar = FALSE;
6314 }
6315
6316 /* Can't determine a first byte now */
6317
6318 if (firstchar == REQ_UNSET) firstchar = REQ_NONE;
6319 continue;
6320
6321
6322 /* ------------------------------------------------------------ */
6323 default: /* Other characters: check option setting */
6324 OTHER_CHAR_AFTER_QUERY:
6325 set = unset = 0;
6326 optset = &set;
6327
6328 while (*ptr != CHAR_RIGHT_PARENTHESIS && *ptr != CHAR_COLON)
6329 {
6330 switch (*ptr++)
6331 {
6332 case CHAR_MINUS: optset = &unset; break;
6333
6334 case CHAR_J: /* Record that it changed in the external options */
6335 *optset |= PCRE_DUPNAMES;
6336 cd->external_flags |= PCRE_JCHANGED;
6337 break;
6338
6339 case CHAR_i: *optset |= PCRE_CASELESS; break;
6340 case CHAR_m: *optset |= PCRE_MULTILINE; break;
6341 case CHAR_s: *optset |= PCRE_DOTALL; break;
6342 case CHAR_x: *optset |= PCRE_EXTENDED; break;
6343 case CHAR_U: *optset |= PCRE_UNGREEDY; break;
6344 case CHAR_X: *optset |= PCRE_EXTRA; break;
6345
6346 default: *errorcodeptr = ERR12;
6347 ptr--; /* Correct the offset */
6348 goto FAILED;
6349 }
6350 }
6351
6352 /* Set up the changed option bits, but don't change anything yet. */
6353
6354 newoptions = (options | set) & (~unset);
6355
6356 /* If the options ended with ')' this is not the start of a nested
6357 group with option changes, so the options change at this level. If this
6358 item is right at the start of the pattern, the options can be
6359 abstracted and made external in the pre-compile phase, and ignored in
6360 the compile phase. This can be helpful when matching -- for instance in
6361 caseless checking of required bytes.
6362
6363 If the code pointer is not (cd->start_code + 1 + LINK_SIZE), we are
6364 definitely *not* at the start of the pattern because something has been
6365 compiled. In the pre-compile phase, however, the code pointer can have
6366 that value after the start, because it gets reset as code is discarded
6367 during the pre-compile. However, this can happen only at top level - if
6368 we are within parentheses, the starting BRA will still be present. At
6369 any parenthesis level, the length value can be used to test if anything
6370 has been compiled at that level. Thus, a test for both these conditions
6371 is necessary to ensure we correctly detect the start of the pattern in
6372 both phases.
6373
6374 If we are not at the pattern start, reset the greedy defaults and the
6375 case value for firstchar and reqchar. */
6376
6377 if (*ptr == CHAR_RIGHT_PARENTHESIS)
6378 {
6379 if (code == cd->start_code + 1 + LINK_SIZE &&
6380 (lengthptr == NULL || *lengthptr == 2 + 2*LINK_SIZE))
6381 {
6382 cd->external_options = newoptions;
6383 }
6384 else
6385 {
6386 greedy_default = ((newoptions & PCRE_UNGREEDY) != 0);
6387 greedy_non_default = greedy_default ^ 1;
6388 req_caseopt = ((newoptions & PCRE_CASELESS) != 0)? REQ_CASELESS:0;
6389 }
6390
6391 /* Change options at this level, and pass them back for use
6392 in subsequent branches. */
6393
6394 *optionsptr = options = newoptions;
6395 previous = NULL; /* This item can't be repeated */
6396 continue; /* It is complete */
6397 }
6398
6399 /* If the options ended with ':' we are heading into a nested group
6400 with possible change of options. Such groups are non-capturing and are
6401 not assertions of any kind. All we need to do is skip over the ':';
6402 the newoptions value is handled below. */
6403
6404 bravalue = OP_BRA;
6405 ptr++;
6406 } /* End of switch for character following (? */
6407 } /* End of (? handling */
6408
6409 /* Opening parenthesis not followed by '*' or '?'. If PCRE_NO_AUTO_CAPTURE
6410 is set, all unadorned brackets become non-capturing and behave like (?:...)
6411 brackets. */
6412
6413 else if ((options & PCRE_NO_AUTO_CAPTURE) != 0)
6414 {
6415 bravalue = OP_BRA;
6416 }
6417
6418 /* Else we have a capturing group. */
6419
6420 else
6421 {
6422 NUMBERED_GROUP:
6423 cd->bracount += 1;
6424 PUT2(code, 1+LINK_SIZE, cd->bracount);
6425 skipbytes = IMM2_SIZE;
6426 }
6427
6428 /* Process nested bracketed regex. Assertions used not to be repeatable,
6429 but this was changed for Perl compatibility, so all kinds can now be
6430 repeated. We copy code into a non-register variable (tempcode) in order to
6431 be able to pass its address because some compilers complain otherwise. */
6432
6433 previous = code; /* For handling repetition */
6434 *code = bravalue;
6435 tempcode = code;
6436 tempreqvary = cd->req_varyopt; /* Save value before bracket */
6437 tempbracount = cd->bracount; /* Save value before bracket */
6438 length_prevgroup = 0; /* Initialize for pre-compile phase */
6439
6440 if (!compile_regex(
6441 newoptions, /* The complete new option state */
6442 &tempcode, /* Where to put code (updated) */
6443 &ptr, /* Input pointer (updated) */
6444 errorcodeptr, /* Where to put an error message */
6445 (bravalue == OP_ASSERTBACK ||
6446 bravalue == OP_ASSERTBACK_NOT), /* TRUE if back assert */
6447 reset_bracount, /* True if (?| group */
6448 skipbytes, /* Skip over bracket number */
6449 cond_depth +
6450 ((bravalue == OP_COND)?1:0), /* Depth of condition subpatterns */
6451 &subfirstchar, /* For possible first char */
6452 &subreqchar, /* For possible last char */
6453 bcptr, /* Current branch chain */
6454 cd, /* Tables block */
6455 (lengthptr == NULL)? NULL : /* Actual compile phase */
6456 &length_prevgroup /* Pre-compile phase */
6457 ))
6458 goto FAILED;
6459
6460 /* If this was an atomic group and there are no capturing groups within it,
6461 generate OP_ONCE_NC instead of OP_ONCE. */
6462
6463 if (bravalue == OP_ONCE && cd->bracount <= tempbracount)
6464 *code = OP_ONCE_NC;
6465
6466 if (bravalue >= OP_ASSERT && bravalue <= OP_ASSERTBACK_NOT)
6467 cd->assert_depth -= 1;
6468
6469 /* At the end of compiling, code is still pointing to the start of the
6470 group, while tempcode has been updated to point past the end of the group.
6471 The pattern pointer (ptr) is on the bracket.
6472
6473 If this is a conditional bracket, check that there are no more than
6474 two branches in the group, or just one if it's a DEFINE group. We do this
6475 in the real compile phase, not in the pre-pass, where the whole group may
6476 not be available. */
6477
6478 if (bravalue == OP_COND && lengthptr == NULL)
6479 {
6480 pcre_uchar *tc = code;
6481 int condcount = 0;
6482
6483 do {
6484 condcount++;
6485 tc += GET(tc,1);
6486 }
6487 while (*tc != OP_KET);
6488
6489 /* A DEFINE group is never obeyed inline (the "condition" is always
6490 false). It must have only one branch. */
6491
6492 if (code[LINK_SIZE+1] == OP_DEF)
6493 {
6494 if (condcount > 1)
6495 {
6496 *errorcodeptr = ERR54;
6497 goto FAILED;
6498 }
6499 bravalue = OP_DEF; /* Just a flag to suppress char handling below */
6500 }
6501
6502 /* A "normal" conditional group. If there is just one branch, we must not
6503 make use of its firstchar or reqchar, because this is equivalent to an
6504 empty second branch. */
6505
6506 else
6507 {
6508 if (condcount > 2)
6509 {
6510 *errorcodeptr = ERR27;
6511 goto FAILED;
6512 }
6513 if (condcount == 1) subfirstchar = subreqchar = REQ_NONE;
6514 }
6515 }
6516
6517 /* Error if hit end of pattern */
6518
6519 if (*ptr != CHAR_RIGHT_PARENTHESIS)
6520 {
6521 *errorcodeptr = ERR14;
6522 goto FAILED;
6523 }
6524
6525 /* In the pre-compile phase, update the length by the length of the group,
6526 less the brackets at either end. Then reduce the compiled code to just a
6527 set of non-capturing brackets so that it doesn't use much memory if it is
6528 duplicated by a quantifier.*/
6529
6530 if (lengthptr != NULL)
6531 {
6532 if (OFLOW_MAX - *lengthptr < length_prevgroup - 2 - 2*LINK_SIZE)
6533 {
6534 *errorcodeptr = ERR20;
6535 goto FAILED;
6536 }
6537 *lengthptr += length_prevgroup - 2 - 2*LINK_SIZE;
6538 code++; /* This already contains bravalue */
6539 PUTINC(code, 0, 1 + LINK_SIZE);
6540 *code++ = OP_KET;
6541 PUTINC(code, 0, 1 + LINK_SIZE);
6542 break; /* No need to waste time with special character handling */
6543 }
6544
6545 /* Otherwise update the main code pointer to the end of the group. */
6546
6547 code = tempcode;
6548
6549 /* For a DEFINE group, required and first character settings are not
6550 relevant. */
6551
6552 if (bravalue == OP_DEF) break;
6553
6554 /* Handle updating of the required and first characters for other types of
6555 group. Update for normal brackets of all kinds, and conditions with two
6556 branches (see code above). If the bracket is followed by a quantifier with
6557 zero repeat, we have to back off. Hence the definition of zeroreqchar and
6558 zerofirstchar outside the main loop so that they can be accessed for the
6559 back off. */
6560
6561 zeroreqchar = reqchar;
6562 zerofirstchar = firstchar;
6563 groupsetfirstchar = FALSE;
6564
6565 if (bravalue >= OP_ONCE)
6566 {
6567 /* If we have not yet set a firstchar in this branch, take it from the
6568 subpattern, remembering that it was set here so that a repeat of more
6569 than one can replicate it as reqchar if necessary. If the subpattern has
6570 no firstchar, set "none" for the whole branch. In both cases, a zero
6571 repeat forces firstchar to "none". */
6572
6573 if (firstchar == REQ_UNSET)
6574 {
6575 if (subfirstchar >= 0)
6576 {
6577 firstchar = subfirstchar;
6578 groupsetfirstchar = TRUE;
6579 }
6580 else firstchar = REQ_NONE;
6581 zerofirstchar = REQ_NONE;
6582 }
6583
6584 /* If firstchar was previously set, convert the subpattern's firstchar
6585 into reqchar if there wasn't one, using the vary flag that was in
6586 existence beforehand. */
6587
6588 else if (subfirstchar >= 0 && subreqchar < 0)
6589 subreqchar = subfirstchar | tempreqvary;
6590
6591 /* If the subpattern set a required byte (or set a first byte that isn't
6592 really the first byte - see above), set it. */
6593
6594 if (subreqchar >= 0) reqchar = subreqchar;
6595 }
6596
6597 /* For a forward assertion, we take the reqchar, if set. This can be
6598 helpful if the pattern that follows the assertion doesn't set a different
6599 char. For example, it's useful for /(?=abcde).+/. We can't set firstchar
6600 for an assertion, however because it leads to incorrect effect for patterns
6601 such as /(?=a)a.+/ when the "real" "a" would then become a reqchar instead
6602 of a firstchar. This is overcome by a scan at the end if there's no
6603 firstchar, looking for an asserted first char. */
6604
6605 else if (bravalue == OP_ASSERT && subreqchar >= 0) reqchar = subreqchar;
6606 break; /* End of processing '(' */
6607
6608
6609 /* ===================================================================*/
6610 /* Handle metasequences introduced by \. For ones like \d, the ESC_ values
6611 are arranged to be the negation of the corresponding OP_values in the
6612 default case when PCRE_UCP is not set. For the back references, the values
6613 are ESC_REF plus the reference number. Only back references and those types
6614 that consume a character may be repeated. We can test for values between
6615 ESC_b and ESC_Z for the latter; this may have to change if any new ones are
6616 ever created. */
6617
6618 case CHAR_BACKSLASH:
6619 tempptr = ptr;
6620 c = check_escape(&ptr, errorcodeptr, cd->bracount, options, FALSE);
6621 if (*errorcodeptr != 0) goto FAILED;
6622
6623 if (c < 0)
6624 {
6625 if (-c == ESC_Q) /* Handle start of quoted string */
6626 {
6627 if (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
6628 ptr += 2; /* avoid empty string */
6629 else inescq = TRUE;
6630 continue;
6631 }
6632
6633 if (-c == ESC_E) continue; /* Perl ignores an orphan \E */