/[pcre]/code/trunk/ChangeLog
ViewVC logotype

Diff of /code/trunk/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 1496 by ph10, Fri Jul 18 08:24:35 2014 UTC revision 1620 by ph10, Tue Dec 8 11:06:40 2015 UTC
# Line 1  Line 1 
1  ChangeLog for PCRE  ChangeLog for PCRE
2  ------------------  ------------------
3    
4  Version 8.36 xx-xxx-2014  Note that the PCRE 8.xx series (PCRE1) is now in a bugfix-only state. All
5  ------------------------  development is happening in the PCRE2 10.xx series.
6    
7    Version 8.39 xx-xxxxxx-201x
8    ---------------------------
9    
10    1.  If PCRE_AUTO_CALLOUT was set on a pattern that had a (?# comment between
11        an item and its qualifier (for example, A(?#comment)?B) pcre_compile()
12        misbehaved. This bug was found by the LLVM fuzzer.
13    
14    2.  Similar to the above, if an isolated \E was present between an item and its
15        qualifier when PCRE_AUTO_CALLOUT was set, pcre_compile() misbehaved. This
16        bug was found by the LLVM fuzzer.
17    
18    3.  Further to 8.38/46, negated classes such as [^[:^ascii:]\d] were also not
19        working correctly in UCP mode.
20    
21    4.  The POSIX wrapper function regexec() crashed if the option REG_STARTEND
22        was set when the pmatch argument was NULL. It now returns REG_INVARG.
23    
24    5.  Allow for up to 32-bit numbers in the ordin() function in pcregrep.
25    
26    6.  An empty \Q\E sequence between an item and its qualifier caused
27        pcre_compile() to misbehave when auto callouts were enabled. This bug was
28        found by the LLVM fuzzer.
29    
30    7.  If a pattern that was compiled with PCRE_EXTENDED started with white
31        space or a #-type comment that was followed by (?-x), which turns off
32        PCRE_EXTENDED, and there was no subsequent (?x) to turn it on again,
33        pcre_compile() assumed that (?-x) applied to the whole pattern and
34        consequently mis-compiled it. This bug was found by the LLVM fuzzer.
35    
36    8.  An call of pcre_copy_named_substring() for a named substring whose number
37        was greater than the space in the ovector could cause a crash.
38    
39    9.  Yet another buffer overflow bug involved duplicate named groups with a
40        group that reset capture numbers (compare 8.38/7 below). Once again, I have
41        just allowed for more memory, even if not needed. (A proper fix is
42        implemented in PCRE2, but it involves a lot of refactoring.)
43    
44    10. pcre_get_substring_list() crashed if the use of \K in a match caused the
45        start of the match to be earlier than the end.
46    
47    
48    Version 8.38 23-November-2015
49    -----------------------------
50    
51    1.  If a group that contained a recursive back reference also contained a
52        forward reference subroutine call followed by a non-forward-reference
53        subroutine call, for example /.((?2)(?R)\1)()/, pcre_compile() failed to
54        compile correct code, leading to undefined behaviour or an internally
55        detected error. This bug was discovered by the LLVM fuzzer.
56    
57    2.  Quantification of certain items (e.g. atomic back references) could cause
58        incorrect code to be compiled when recursive forward references were
59        involved. For example, in this pattern: /(?1)()((((((\1++))\x85)+)|))/.
60        This bug was discovered by the LLVM fuzzer.
61    
62    3.  A repeated conditional group whose condition was a reference by name caused
63        a buffer overflow if there was more than one group with the given name.
64        This bug was discovered by the LLVM fuzzer.
65    
66    4.  A recursive back reference by name within a group that had the same name as
67        another group caused a buffer overflow. For example:
68        /(?J)(?'d'(?'d'\g{d}))/. This bug was discovered by the LLVM fuzzer.
69    
70    5.  A forward reference by name to a group whose number is the same as the
71        current group, for example in this pattern: /(?|(\k'Pm')|(?'Pm'))/, caused
72        a buffer overflow at compile time. This bug was discovered by the LLVM
73        fuzzer.
74    
75    6.  A lookbehind assertion within a set of mutually recursive subpatterns could
76        provoke a buffer overflow. This bug was discovered by the LLVM fuzzer.
77    
78    7.  Another buffer overflow bug involved duplicate named groups with a
79        reference between their definition, with a group that reset capture
80        numbers, for example: /(?J:(?|(?'R')(\k'R')|((?'R'))))/. This has been
81        fixed by always allowing for more memory, even if not needed. (A proper fix
82        is implemented in PCRE2, but it involves more refactoring.)
83    
84    8.  There was no check for integer overflow in subroutine calls such as (?123).
85    
86    9.  The table entry for \l in EBCDIC environments was incorrect, leading to its
87        being treated as a literal 'l' instead of causing an error.
88    
89    10. There was a buffer overflow if pcre_exec() was called with an ovector of
90        size 1. This bug was found by american fuzzy lop.
91    
92    11. If a non-capturing group containing a conditional group that could match
93        an empty string was repeated, it was not identified as matching an empty
94        string itself. For example: /^(?:(?(1)x|)+)+$()/.
95    
96    12. In an EBCDIC environment, pcretest was mishandling the escape sequences
97        \a and \e in test subject lines.
98    
99    13. In an EBCDIC environment, \a in a pattern was converted to the ASCII
100        instead of the EBCDIC value.
101    
102    14. The handling of \c in an EBCDIC environment has been revised so that it is
103        now compatible with the specification in Perl's perlebcdic page.
104    
105    15. The EBCDIC character 0x41 is a non-breaking space, equivalent to 0xa0 in
106        ASCII/Unicode. This has now been added to the list of characters that are
107        recognized as white space in EBCDIC.
108    
109    16. When PCRE was compiled without UCP support, the use of \p and \P gave an
110        error (correctly) when used outside a class, but did not give an error
111        within a class.
112    
113    17. \h within a class was incorrectly compiled in EBCDIC environments.
114    
115    18. A pattern with an unmatched closing parenthesis that contained a backward
116        assertion which itself contained a forward reference caused buffer
117        overflow. And example pattern is: /(?=di(?<=(?1))|(?=(.))))/.
118    
119    19. JIT should return with error when the compiled pattern requires more stack
120        space than the maximum.
121    
122    20. A possessively repeated conditional group that could match an empty string,
123        for example, /(?(R))*+/, was incorrectly compiled.
124    
125    21. Fix infinite recursion in the JIT compiler when certain patterns such as
126        /(?:|a|){100}x/ are analysed.
127    
128    22. Some patterns with character classes involving [: and \\ were incorrectly
129        compiled and could cause reading from uninitialized memory or an incorrect
130        error diagnosis.
131    
132    23. Pathological patterns containing many nested occurrences of [: caused
133        pcre_compile() to run for a very long time.
134    
135    24. A conditional group with only one branch has an implicit empty alternative
136        branch and must therefore be treated as potentially matching an empty
137        string.
138    
139    25. If (?R was followed by - or + incorrect behaviour happened instead of a
140        diagnostic.
141    
142    26. Arrange to give up on finding the minimum matching length for overly
143        complex patterns.
144    
145    27. Similar to (4) above: in a pattern with duplicated named groups and an
146        occurrence of (?| it is possible for an apparently non-recursive back
147        reference to become recursive if a later named group with the relevant
148        number is encountered. This could lead to a buffer overflow. Wen Guanxing
149        from Venustech ADLAB discovered this bug.
150    
151    28. If pcregrep was given the -q option with -c or -l, or when handling a
152        binary file, it incorrectly wrote output to stdout.
153    
154    29. The JIT compiler did not restore the control verb head in case of *THEN
155        control verbs. This issue was found by Karl Skomski with a custom LLVM
156        fuzzer.
157    
158    30. Error messages for syntax errors following \g and \k were giving inaccurate
159        offsets in the pattern.
160    
161    31. Added a check for integer overflow in conditions (?(<digits>) and
162        (?(R<digits>). This omission was discovered by Karl Skomski with the LLVM
163        fuzzer.
164    
165    32. Handling recursive references such as (?2) when the reference is to a group
166        later in the pattern uses code that is very hacked about and error-prone.
167        It has been re-written for PCRE2. Here in PCRE1, a check has been added to
168        give an internal error if it is obvious that compiling has gone wrong.
169    
170    33. The JIT compiler should not check repeats after a {0,1} repeat byte code.
171        This issue was found by Karl Skomski with a custom LLVM fuzzer.
172    
173    34. The JIT compiler should restore the control chain for empty possessive
174        repeats. This issue was found by Karl Skomski with a custom LLVM fuzzer.
175    
176    35. Match limit check added to JIT recursion. This issue was found by Karl
177        Skomski with a custom LLVM fuzzer.
178    
179    36. Yet another case similar to 27 above has been circumvented by an
180        unconditional allocation of extra memory. This issue is fixed "properly" in
181        PCRE2 by refactoring the way references are handled. Wen Guanxing
182        from Venustech ADLAB discovered this bug.
183    
184    37. Fix two assertion fails in JIT. These issues were found by Karl Skomski
185        with a custom LLVM fuzzer.
186    
187    38. Fixed a corner case of range optimization in JIT.
188    
189    39. An incorrect error "overran compiling workspace" was given if there were
190        exactly enough group forward references such that the last one extended
191        into the workspace safety margin. The next one would have expanded the
192        workspace. The test for overflow was not including the safety margin.
193    
194    40. A match limit issue is fixed in JIT which was found by Karl Skomski
195        with a custom LLVM fuzzer.
196    
197    41. Remove the use of /dev/null in testdata/testinput2, because it doesn't
198        work under Windows. (Why has it taken so long for anyone to notice?)
199    
200    42. In a character class such as [\W\p{Any}] where both a negative-type escape
201        ("not a word character") and a property escape were present, the property
202        escape was being ignored.
203    
204    43. Fix crash caused by very long (*MARK) or (*THEN) names.
205    
206    44. A sequence such as [[:punct:]b] that is, a POSIX character class followed
207        by a single ASCII character in a class item, was incorrectly compiled in
208        UCP mode. The POSIX class got lost, but only if the single character
209        followed it.
210    
211    45. [:punct:] in UCP mode was matching some characters in the range 128-255
212        that should not have been matched.
213    
214    46. If [:^ascii:] or [:^xdigit:] or [:^cntrl:] are present in a non-negated
215        class, all characters with code points greater than 255 are in the class.
216        When a Unicode property was also in the class (if PCRE_UCP is set, escapes
217        such as \w are turned into Unicode properties), wide characters were not
218        correctly handled, and could fail to match.
219    
220    
221    Version 8.37 28-April-2015
222    --------------------------
223    
224    1.  When an (*ACCEPT) is triggered inside capturing parentheses, it arranges
225        for those parentheses to be closed with whatever has been captured so far.
226        However, it was failing to mark any other groups between the hightest
227        capture so far and the currrent group as "unset". Thus, the ovector for
228        those groups contained whatever was previously there. An example is the
229        pattern /(x)|((*ACCEPT))/ when matched against "abcd".
230    
231    2.  If an assertion condition was quantified with a minimum of zero (an odd
232        thing to do, but it happened), SIGSEGV or other misbehaviour could occur.
233    
234    3.  If a pattern in pcretest input had the P (POSIX) modifier followed by an
235        unrecognized modifier, a crash could occur.
236    
237    4.  An attempt to do global matching in pcretest with a zero-length ovector
238        caused a crash.
239    
240    5.  Fixed a memory leak during matching that could occur for a subpattern
241        subroutine call (recursive or otherwise) if the number of captured groups
242        that had to be saved was greater than ten.
243    
244    6.  Catch a bad opcode during auto-possessification after compiling a bad UTF
245        string with NO_UTF_CHECK. This is a tidyup, not a bug fix, as passing bad
246        UTF with NO_UTF_CHECK is documented as having an undefined outcome.
247    
248    7.  A UTF pattern containing a "not" match of a non-ASCII character and a
249        subroutine reference could loop at compile time. Example: /[^\xff]((?1))/.
250    
251    8. When a pattern is compiled, it remembers the highest back reference so that
252       when matching, if the ovector is too small, extra memory can be obtained to
253       use instead. A conditional subpattern whose condition is a check on a
254       capture having happened, such as, for example in the pattern
255       /^(?:(a)|b)(?(1)A|B)/, is another kind of back reference, but it was not
256       setting the highest backreference number. This mattered only if pcre_exec()
257       was called with an ovector that was too small to hold the capture, and there
258       was no other kind of back reference (a situation which is probably quite
259       rare). The effect of the bug was that the condition was always treated as
260       FALSE when the capture could not be consulted, leading to a incorrect
261       behaviour by pcre_exec(). This bug has been fixed.
262    
263    9. A reference to a duplicated named group (either a back reference or a test
264       for being set in a conditional) that occurred in a part of the pattern where
265       PCRE_DUPNAMES was not set caused the amount of memory needed for the pattern
266       to be incorrectly calculated, leading to overwriting.
267    
268    10. A mutually recursive set of back references such as (\2)(\1) caused a
269        segfault at study time (while trying to find the minimum matching length).
270        The infinite loop is now broken (with the minimum length unset, that is,
271        zero).
272    
273    11. If an assertion that was used as a condition was quantified with a minimum
274        of zero, matching went wrong. In particular, if the whole group had
275        unlimited repetition and could match an empty string, a segfault was
276        likely. The pattern (?(?=0)?)+ is an example that caused this. Perl allows
277        assertions to be quantified, but not if they are being used as conditions,
278        so the above pattern is faulted by Perl. PCRE has now been changed so that
279        it also rejects such patterns.
280    
281    12. A possessive capturing group such as (a)*+ with a minimum repeat of zero
282        failed to allow the zero-repeat case if pcre2_exec() was called with an
283        ovector too small to capture the group.
284    
285    13. Fixed two bugs in pcretest that were discovered by fuzzing and reported by
286        Red Hat Product Security:
287    
288        (a) A crash if /K and /F were both set with the option to save the compiled
289        pattern.
290    
291        (b) Another crash if the option to print captured substrings in a callout
292        was combined with setting a null ovector, for example \O\C+ as a subject
293        string.
294    
295    14. A pattern such as "((?2){0,1999}())?", which has a group containing a
296        forward reference repeated a large (but limited) number of times within a
297        repeated outer group that has a zero minimum quantifier, caused incorrect
298        code to be compiled, leading to the error "internal error:
299        previously-checked referenced subpattern not found" when an incorrect
300        memory address was read. This bug was reported as "heap overflow",
301        discovered by Kai Lu of Fortinet's FortiGuard Labs and given the CVE number
302        CVE-2015-2325.
303    
304    23. A pattern such as "((?+1)(\1))/" containing a forward reference subroutine
305        call within a group that also contained a recursive back reference caused
306        incorrect code to be compiled. This bug was reported as "heap overflow",
307        discovered by Kai Lu of Fortinet's FortiGuard Labs, and given the CVE
308        number CVE-2015-2326.
309    
310    24. Computing the size of the JIT read-only data in advance has been a source
311        of various issues, and new ones are still appear unfortunately. To fix
312        existing and future issues, size computation is eliminated from the code,
313        and replaced by on-demand memory allocation.
314    
315    25. A pattern such as /(?i)[A-`]/, where characters in the other case are
316        adjacent to the end of the range, and the range contained characters with
317        more than one other case, caused incorrect behaviour when compiled in UTF
318        mode. In that example, the range a-j was left out of the class.
319    
320    26. Fix JIT compilation of conditional blocks, which assertion
321        is converted to (*FAIL). E.g: /(?(?!))/.
322    
323    27. The pattern /(?(?!)^)/ caused references to random memory. This bug was
324        discovered by the LLVM fuzzer.
325    
326    28. The assertion (?!) is optimized to (*FAIL). This was not handled correctly
327        when this assertion was used as a condition, for example (?(?!)a|b). In
328        pcre2_match() it worked by luck; in pcre2_dfa_match() it gave an incorrect
329        error about an unsupported item.
330    
331    29. For some types of pattern, for example /Z*(|d*){216}/, the auto-
332        possessification code could take exponential time to complete. A recursion
333        depth limit of 1000 has been imposed to limit the resources used by this
334        optimization.
335    
336    30. A pattern such as /(*UTF)[\S\V\H]/, which contains a negated special class
337        such as \S in non-UCP mode, explicit wide characters (> 255) can be ignored
338        because \S ensures they are all in the class. The code for doing this was
339        interacting badly with the code for computing the amount of space needed to
340        compile the pattern, leading to a buffer overflow. This bug was discovered
341        by the LLVM fuzzer.
342    
343    31. A pattern such as /((?2)+)((?1))/ which has mutual recursion nested inside
344        other kinds of group caused stack overflow at compile time. This bug was
345        discovered by the LLVM fuzzer.
346    
347    32. A pattern such as /(?1)(?#?'){8}(a)/ which had a parenthesized comment
348        between a subroutine call and its quantifier was incorrectly compiled,
349        leading to buffer overflow or other errors. This bug was discovered by the
350        LLVM fuzzer.
351    
352    33. The illegal pattern /(?(?<E>.*!.*)?)/ was not being diagnosed as missing an
353        assertion after (?(. The code was failing to check the character after
354        (?(?< for the ! or = that would indicate a lookbehind assertion. This bug
355        was discovered by the LLVM fuzzer.
356    
357    34. A pattern such as /X((?2)()*+){2}+/ which has a possessive quantifier with
358        a fixed maximum following a group that contains a subroutine reference was
359        incorrectly compiled and could trigger buffer overflow. This bug was
360        discovered by the LLVM fuzzer.
361    
362    35. A mutual recursion within a lookbehind assertion such as (?<=((?2))((?1)))
363        caused a stack overflow instead of the diagnosis of a non-fixed length
364        lookbehind assertion. This bug was discovered by the LLVM fuzzer.
365    
366    36. The use of \K in a positive lookbehind assertion in a non-anchored pattern
367        (e.g. /(?<=\Ka)/) could make pcregrep loop.
368    
369    37. There was a similar problem to 36 in pcretest for global matches.
370    
371    38. If a greedy quantified \X was preceded by \C in UTF mode (e.g. \C\X*),
372        and a subsequent item in the pattern caused a non-match, backtracking over
373        the repeated \X did not stop, but carried on past the start of the subject,
374        causing reference to random memory and/or a segfault. There were also some
375        other cases where backtracking after \C could crash. This set of bugs was
376        discovered by the LLVM fuzzer.
377    
378    39. The function for finding the minimum length of a matching string could take
379        a very long time if mutual recursion was present many times in a pattern,
380        for example, /((?2){73}(?2))((?1))/. A better mutual recursion detection
381        method has been implemented. This infelicity was discovered by the LLVM
382        fuzzer.
383    
384    40. Static linking against the PCRE library using the pkg-config module was
385        failing on missing pthread symbols.
386    
387    
388    Version 8.36 26-September-2014
389    ------------------------------
390    
391  1.  Got rid of some compiler warnings in the C++ modules that were shown up by  1.  Got rid of some compiler warnings in the C++ modules that were shown up by
392      -Wmissing-field-initializers and -Wunused-parameter.      -Wmissing-field-initializers and -Wunused-parameter.
393    
394  2.  The tests for quantifiers being too big (greater than 65535) were being  2.  The tests for quantifiers being too big (greater than 65535) were being
395      applied after reading the number, and stupidly assuming that integer      applied after reading the number, and stupidly assuming that integer
396      overflow would give a negative number. The tests are now applied as the      overflow would give a negative number. The tests are now applied as the
397      numbers are read.      numbers are read.
398    
399  3.  Tidy code in pcre_exec.c where two branches that used to be different are  3.  Tidy code in pcre_exec.c where two branches that used to be different are
400      now the same.      now the same.
401    
402  4.  The JIT compiler did not generate match limit checks for certain  4.  The JIT compiler did not generate match limit checks for certain
403      bracketed expressions with quantifiers. This may lead to exponential      bracketed expressions with quantifiers. This may lead to exponential
# Line 22  Version 8.36 xx-xxx-2014 Line 406  Version 8.36 xx-xxx-2014
406    
407  5.  Fixed an issue, which occures when nested alternatives are optimized  5.  Fixed an issue, which occures when nested alternatives are optimized
408      with table jumps.      with table jumps.
409    
410  6.  Inserted two casts and changed some ints to size_t in the light of some  6.  Inserted two casts and changed some ints to size_t in the light of some
411      reported 64-bit compiler warnings (Bugzilla 1477).      reported 64-bit compiler warnings (Bugzilla 1477).
412    
413  7.  Fixed a bug concerned with zero-minimum possessive groups that could match  7.  Fixed a bug concerned with zero-minimum possessive groups that could match
414      an empty string, which sometimes were behaving incorrectly in the      an empty string, which sometimes were behaving incorrectly in the
415      interpreter (though correctly in the JIT matcher). This pcretest input is      interpreter (though correctly in the JIT matcher). This pcretest input is
416      an example:      an example:
417    
418        '\A(?:[^"]++|"(?:[^"]*+|"")*+")++'        '\A(?:[^"]++|"(?:[^"]*+|"")*+")++'
419        NON QUOTED "QUOT""ED" AFTER "NOT MATCHED        NON QUOTED "QUOT""ED" AFTER "NOT MATCHED
420    
421      the interpreter was reporting a match of 'NON QUOTED ' only, whereas the      the interpreter was reporting a match of 'NON QUOTED ' only, whereas the
422      JIT matcher and Perl both matched 'NON QUOTED "QUOT""ED" AFTER '. The test      JIT matcher and Perl both matched 'NON QUOTED "QUOT""ED" AFTER '. The test
423      for an empty string was breaking the inner loop and carrying on at a lower      for an empty string was breaking the inner loop and carrying on at a lower
424      level, when possessive repeated groups should always return to a higher      level, when possessive repeated groups should always return to a higher
425      level as they have no backtrack points in them. The empty string test now      level as they have no backtrack points in them. The empty string test now
426      occurs at the outer level.      occurs at the outer level.
427    
428  8.  Fixed a bug that was incorrectly auto-possessifying \w+ in the pattern  8.  Fixed a bug that was incorrectly auto-possessifying \w+ in the pattern
429      ^\w+(?>\s*)(?<=\w) which caused it not to match "test test".      ^\w+(?>\s*)(?<=\w) which caused it not to match "test test".
430    
431  9.  Give a compile-time error for \o{} (as Perl does) and for \x{} (which Perl  9.  Give a compile-time error for \o{} (as Perl does) and for \x{} (which Perl
432      doesn't).      doesn't).
433    
434  10. Change 8.34/15 introduced a bug that caused the amount of memory needed  10. Change 8.34/15 introduced a bug that caused the amount of memory needed
435      to hold a pattern to be incorrectly computed (too small) when there were      to hold a pattern to be incorrectly computed (too small) when there were
436      named back references to duplicated names. This could cause "internal      named back references to duplicated names. This could cause "internal
437      error: code overflow" or "double free or corruption" or other memory      error: code overflow" or "double free or corruption" or other memory
438      handling errors.      handling errors.
439    
440  11. When named subpatterns had the same prefixes, back references could be  11. When named subpatterns had the same prefixes, back references could be
441      confused. For example, in this pattern:      confused. For example, in this pattern:
442    
443        /(?P<Name>a)?(?P<Name2>b)?(?(<Name>)c|d)*l/        /(?P<Name>a)?(?P<Name2>b)?(?(<Name>)c|d)*l/
444    
445      the reference to 'Name' was incorrectly treated as a reference to a      the reference to 'Name' was incorrectly treated as a reference to a
446      duplicate name.      duplicate name.
447    
448  12. A pattern such as /^s?c/mi8 where the optional character has more than  12. A pattern such as /^s?c/mi8 where the optional character has more than
449      one "other case" was incorrectly compiled such that it would only try to      one "other case" was incorrectly compiled such that it would only try to
450      match starting at "c".      match starting at "c".
451    
452  13. When a pattern starting with \s was studied, VT was not included in the  13. When a pattern starting with \s was studied, VT was not included in the
453      list of possible starting characters; this should have been part of the      list of possible starting characters; this should have been part of the
454      8.34/18 patch.      8.34/18 patch.
455    
456  14. If a character class started [\Qx]... where x is any character, the class  14. If a character class started [\Qx]... where x is any character, the class
457      was incorrectly terminated at the ].      was incorrectly terminated at the ].
458    
459  15. If a pattern that started with a caseless match for a character with more  15. If a pattern that started with a caseless match for a character with more
460      than one "other case" was studied, PCRE did not set up the starting code      than one "other case" was studied, PCRE did not set up the starting code
461      unit bit map for the list of possible characters. Now it does. This is an      unit bit map for the list of possible characters. Now it does. This is an
462      optimization improvement, not a bug fix.      optimization improvement, not a bug fix.
463    
464  16. The Unicode data tables have been updated to Unicode 7.0.0.  16. The Unicode data tables have been updated to Unicode 7.0.0.
# Line 82  Version 8.36 xx-xxx-2014 Line 466  Version 8.36 xx-xxx-2014
466  17. Fixed a number of memory leaks in pcregrep.  17. Fixed a number of memory leaks in pcregrep.
467    
468  18. Avoid a compiler warning (from some compilers) for a function call with  18. Avoid a compiler warning (from some compilers) for a function call with
469      a cast that removes "const" from an lvalue by using an intermediate      a cast that removes "const" from an lvalue by using an intermediate
470      variable (to which the compiler does not object).      variable (to which the compiler does not object).
471    
472  19. Incorrect code was compiled if a group that contained an internal recursive  19. Incorrect code was compiled if a group that contained an internal recursive
473      back reference was optional (had quantifier with a minimum of zero). This      back reference was optional (had quantifier with a minimum of zero). This
474      example compiled incorrect code: /(((a\2)|(a*)\g<-1>))*/ and other examples      example compiled incorrect code: /(((a\2)|(a*)\g<-1>))*/ and other examples
475      caused segmentation faults because of stack overflows at compile time.      caused segmentation faults because of stack overflows at compile time.
476    
477    20. A pattern such as /((?(R)a|(?1)))+/, which contains a recursion within a
478        group that is quantified with an indefinite repeat, caused a compile-time
479        loop which used up all the system stack and provoked a segmentation fault.
480        This was not the same bug as 19 above.
481    
482    21. Add PCRECPP_EXP_DECL declaration to operator<< in pcre_stringpiece.h.
483        Patch by Mike Frysinger.
484    
485    
486  Version 8.35 04-April-2014  Version 8.35 04-April-2014

Legend:
Removed from v.1496  
changed lines
  Added in v.1620

  ViewVC Help
Powered by ViewVC 1.1.5