/[pcre]/code/trunk/pcre_compile.c
ViewVC logotype

Contents of /code/trunk/pcre_compile.c

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1061 - (show annotations)
Tue Oct 16 15:54:02 2012 UTC (6 years, 11 months ago) by chpe
File MIME type: text/plain
File size: 272225 byte(s)
Error occurred while calculating annotation data.
pcre32: compile: Encode back references as negative numbers

Return the back reference as negative numbers from check_escape(),
instead of adding them to ESC_REF. This way, there will never be an
overflow.
1 /*************************************************
2 * Perl-Compatible Regular Expressions *
3 *************************************************/
4
5 /* PCRE is a library of functions to support regular expressions whose syntax
6 and semantics are as close as possible to those of the Perl 5 language.
7
8 Written by Philip Hazel
9 Copyright (c) 1997-2012 University of Cambridge
10
11 -----------------------------------------------------------------------------
12 Redistribution and use in source and binary forms, with or without
13 modification, are permitted provided that the following conditions are met:
14
15 * Redistributions of source code must retain the above copyright notice,
16 this list of conditions and the following disclaimer.
17
18 * Redistributions in binary form must reproduce the above copyright
19 notice, this list of conditions and the following disclaimer in the
20 documentation and/or other materials provided with the distribution.
21
22 * Neither the name of the University of Cambridge nor the names of its
23 contributors may be used to endorse or promote products derived from
24 this software without specific prior written permission.
25
26 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
27 AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
30 LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
31 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
32 SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
33 INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
34 CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
35 ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
36 POSSIBILITY OF SUCH DAMAGE.
37 -----------------------------------------------------------------------------
38 */
39
40
41 /* This module contains the external function pcre_compile(), along with
42 supporting internal functions that are not used by other modules. */
43
44
45 #ifdef HAVE_CONFIG_H
46 #include "config.h"
47 #endif
48
49 #define NLBLOCK cd /* Block containing newline information */
50 #define PSSTART start_pattern /* Field containing processed string start */
51 #define PSEND end_pattern /* Field containing processed string end */
52
53 #include "pcre_internal.h"
54
55
56 /* When PCRE_DEBUG is defined, we need the pcre(16|32)_printint() function, which
57 is also used by pcretest. PCRE_DEBUG is not defined when building a production
58 library. We do not need to select pcre16_printint.c specially, because the
59 COMPILE_PCREx macro will already be appropriately set. */
60
61 #ifdef PCRE_DEBUG
62 /* pcre_printint.c should not include any headers */
63 #define PCRE_INCLUDED
64 #include "pcre_printint.c"
65 #undef PCRE_INCLUDED
66 #endif
67
68
69 /* Macro for setting individual bits in class bitmaps. */
70
71 #define SETBIT(a,b) a[(b)/8] |= (1 << ((b)&7))
72
73 /* Maximum length value to check against when making sure that the integer that
74 holds the compiled pattern length does not overflow. We make it a bit less than
75 INT_MAX to allow for adding in group terminating bytes, so that we don't have
76 to check them every time. */
77
78 #define OFLOW_MAX (INT_MAX - 20)
79
80 /* Definitions to allow mutual recursion */
81
82 static int
83 add_list_to_class(pcre_uint8 *, pcre_uchar **, int, compile_data *,
84 const pcre_uint32 *, unsigned int);
85
86 static BOOL
87 compile_regex(int, pcre_uchar **, const pcre_uchar **, int *, BOOL, BOOL,
88 int, int, int *, int *, branch_chain *, compile_data *, int *);
89
90
91
92 /*************************************************
93 * Code parameters and static tables *
94 *************************************************/
95
96 /* This value specifies the size of stack workspace that is used during the
97 first pre-compile phase that determines how much memory is required. The regex
98 is partly compiled into this space, but the compiled parts are discarded as
99 soon as they can be, so that hopefully there will never be an overrun. The code
100 does, however, check for an overrun. The largest amount I've seen used is 218,
101 so this number is very generous.
102
103 The same workspace is used during the second, actual compile phase for
104 remembering forward references to groups so that they can be filled in at the
105 end. Each entry in this list occupies LINK_SIZE bytes, so even when LINK_SIZE
106 is 4 there is plenty of room for most patterns. However, the memory can get
107 filled up by repetitions of forward references, for example patterns like
108 /(?1){0,1999}(b)/, and one user did hit the limit. The code has been changed so
109 that the workspace is expanded using malloc() in this situation. The value
110 below is therefore a minimum, and we put a maximum on it for safety. The
111 minimum is now also defined in terms of LINK_SIZE so that the use of malloc()
112 kicks in at the same number of forward references in all cases. */
113
114 #define COMPILE_WORK_SIZE (2048*LINK_SIZE)
115 #define COMPILE_WORK_SIZE_MAX (100*COMPILE_WORK_SIZE)
116
117 /* The overrun tests check for a slightly smaller size so that they detect the
118 overrun before it actually does run off the end of the data block. */
119
120 #define WORK_SIZE_SAFETY_MARGIN (100)
121
122 /* Private flags added to firstchar and reqchar. */
123
124 #define REQ_CASELESS 0x10000000l /* Indicates caselessness */
125 #define REQ_VARY 0x20000000l /* Reqchar followed non-literal item */
126 #define REQ_MASK (REQ_CASELESS | REQ_VARY)
127
128 /* Repeated character flags. */
129
130 #define UTF_LENGTH 0x10000000l /* The char contains its length. */
131
132 /* Table for handling escaped characters in the range '0'-'z'. Positive returns
133 are simple data values; negative values are for special things like \d and so
134 on. Zero means further processing is needed (for things like \x), or the escape
135 is invalid. */
136
137 #ifndef EBCDIC
138
139 /* This is the "normal" table for ASCII systems or for EBCDIC systems running
140 in UTF-8 mode. */
141
142 static const short int escapes[] = {
143 0, 0,
144 0, 0,
145 0, 0,
146 0, 0,
147 0, 0,
148 CHAR_COLON, CHAR_SEMICOLON,
149 CHAR_LESS_THAN_SIGN, CHAR_EQUALS_SIGN,
150 CHAR_GREATER_THAN_SIGN, CHAR_QUESTION_MARK,
151 CHAR_COMMERCIAL_AT, -ESC_A,
152 -ESC_B, -ESC_C,
153 -ESC_D, -ESC_E,
154 0, -ESC_G,
155 -ESC_H, 0,
156 0, -ESC_K,
157 0, 0,
158 -ESC_N, 0,
159 -ESC_P, -ESC_Q,
160 -ESC_R, -ESC_S,
161 0, 0,
162 -ESC_V, -ESC_W,
163 -ESC_X, 0,
164 -ESC_Z, CHAR_LEFT_SQUARE_BRACKET,
165 CHAR_BACKSLASH, CHAR_RIGHT_SQUARE_BRACKET,
166 CHAR_CIRCUMFLEX_ACCENT, CHAR_UNDERSCORE,
167 CHAR_GRAVE_ACCENT, 7,
168 -ESC_b, 0,
169 -ESC_d, ESC_e,
170 ESC_f, 0,
171 -ESC_h, 0,
172 0, -ESC_k,
173 0, 0,
174 ESC_n, 0,
175 -ESC_p, 0,
176 ESC_r, -ESC_s,
177 ESC_tee, 0,
178 -ESC_v, -ESC_w,
179 0, 0,
180 -ESC_z
181 };
182
183 #else
184
185 /* This is the "abnormal" table for EBCDIC systems without UTF-8 support. */
186
187 static const short int escapes[] = {
188 /* 48 */ 0, 0, 0, '.', '<', '(', '+', '|',
189 /* 50 */ '&', 0, 0, 0, 0, 0, 0, 0,
190 /* 58 */ 0, 0, '!', '$', '*', ')', ';', '~',
191 /* 60 */ '-', '/', 0, 0, 0, 0, 0, 0,
192 /* 68 */ 0, 0, '|', ',', '%', '_', '>', '?',
193 /* 70 */ 0, 0, 0, 0, 0, 0, 0, 0,
194 /* 78 */ 0, '`', ':', '#', '@', '\'', '=', '"',
195 /* 80 */ 0, 7, -ESC_b, 0, -ESC_d, ESC_e, ESC_f, 0,
196 /* 88 */-ESC_h, 0, 0, '{', 0, 0, 0, 0,
197 /* 90 */ 0, 0, -ESC_k, 'l', 0, ESC_n, 0, -ESC_p,
198 /* 98 */ 0, ESC_r, 0, '}', 0, 0, 0, 0,
199 /* A0 */ 0, '~', -ESC_s, ESC_tee, 0,-ESC_v, -ESC_w, 0,
200 /* A8 */ 0,-ESC_z, 0, 0, 0, '[', 0, 0,
201 /* B0 */ 0, 0, 0, 0, 0, 0, 0, 0,
202 /* B8 */ 0, 0, 0, 0, 0, ']', '=', '-',
203 /* C0 */ '{',-ESC_A, -ESC_B, -ESC_C, -ESC_D,-ESC_E, 0, -ESC_G,
204 /* C8 */-ESC_H, 0, 0, 0, 0, 0, 0, 0,
205 /* D0 */ '}', 0, -ESC_K, 0, 0,-ESC_N, 0, -ESC_P,
206 /* D8 */-ESC_Q,-ESC_R, 0, 0, 0, 0, 0, 0,
207 /* E0 */ '\\', 0, -ESC_S, 0, 0,-ESC_V, -ESC_W, -ESC_X,
208 /* E8 */ 0,-ESC_Z, 0, 0, 0, 0, 0, 0,
209 /* F0 */ 0, 0, 0, 0, 0, 0, 0, 0,
210 /* F8 */ 0, 0, 0, 0, 0, 0, 0, 0
211 };
212 #endif
213
214
215 /* Table of special "verbs" like (*PRUNE). This is a short table, so it is
216 searched linearly. Put all the names into a single string, in order to reduce
217 the number of relocations when a shared library is dynamically linked. The
218 string is built from string macros so that it works in UTF-8 mode on EBCDIC
219 platforms. */
220
221 typedef struct verbitem {
222 int len; /* Length of verb name */
223 int op; /* Op when no arg, or -1 if arg mandatory */
224 int op_arg; /* Op when arg present, or -1 if not allowed */
225 } verbitem;
226
227 static const char verbnames[] =
228 "\0" /* Empty name is a shorthand for MARK */
229 STRING_MARK0
230 STRING_ACCEPT0
231 STRING_COMMIT0
232 STRING_F0
233 STRING_FAIL0
234 STRING_PRUNE0
235 STRING_SKIP0
236 STRING_THEN;
237
238 static const verbitem verbs[] = {
239 { 0, -1, OP_MARK },
240 { 4, -1, OP_MARK },
241 { 6, OP_ACCEPT, -1 },
242 { 6, OP_COMMIT, -1 },
243 { 1, OP_FAIL, -1 },
244 { 4, OP_FAIL, -1 },
245 { 5, OP_PRUNE, OP_PRUNE_ARG },
246 { 4, OP_SKIP, OP_SKIP_ARG },
247 { 4, OP_THEN, OP_THEN_ARG }
248 };
249
250 static const int verbcount = sizeof(verbs)/sizeof(verbitem);
251
252
253 /* Tables of names of POSIX character classes and their lengths. The names are
254 now all in a single string, to reduce the number of relocations when a shared
255 library is dynamically loaded. The list of lengths is terminated by a zero
256 length entry. The first three must be alpha, lower, upper, as this is assumed
257 for handling case independence. */
258
259 static const char posix_names[] =
260 STRING_alpha0 STRING_lower0 STRING_upper0 STRING_alnum0
261 STRING_ascii0 STRING_blank0 STRING_cntrl0 STRING_digit0
262 STRING_graph0 STRING_print0 STRING_punct0 STRING_space0
263 STRING_word0 STRING_xdigit;
264
265 static const pcre_uint8 posix_name_lengths[] = {
266 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };
267
268 /* Table of class bit maps for each POSIX class. Each class is formed from a
269 base map, with an optional addition or removal of another map. Then, for some
270 classes, there is some additional tweaking: for [:blank:] the vertical space
271 characters are removed, and for [:alpha:] and [:alnum:] the underscore
272 character is removed. The triples in the table consist of the base map offset,
273 second map offset or -1 if no second map, and a non-negative value for map
274 addition or a negative value for map subtraction (if there are two maps). The
275 absolute value of the third field has these meanings: 0 => no tweaking, 1 =>
276 remove vertical space characters, 2 => remove underscore. */
277
278 static const int posix_class_maps[] = {
279 cbit_word, cbit_digit, -2, /* alpha */
280 cbit_lower, -1, 0, /* lower */
281 cbit_upper, -1, 0, /* upper */
282 cbit_word, -1, 2, /* alnum - word without underscore */
283 cbit_print, cbit_cntrl, 0, /* ascii */
284 cbit_space, -1, 1, /* blank - a GNU extension */
285 cbit_cntrl, -1, 0, /* cntrl */
286 cbit_digit, -1, 0, /* digit */
287 cbit_graph, -1, 0, /* graph */
288 cbit_print, -1, 0, /* print */
289 cbit_punct, -1, 0, /* punct */
290 cbit_space, -1, 0, /* space */
291 cbit_word, -1, 0, /* word - a Perl extension */
292 cbit_xdigit,-1, 0 /* xdigit */
293 };
294
295 /* Table of substitutes for \d etc when PCRE_UCP is set. The POSIX class
296 substitutes must be in the order of the names, defined above, and there are
297 both positive and negative cases. NULL means no substitute. */
298
299 #ifdef SUPPORT_UCP
300 static const pcre_uchar string_PNd[] = {
301 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
302 CHAR_N, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
303 static const pcre_uchar string_pNd[] = {
304 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
305 CHAR_N, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
306 static const pcre_uchar string_PXsp[] = {
307 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
308 CHAR_X, CHAR_s, CHAR_p, CHAR_RIGHT_CURLY_BRACKET, '\0' };
309 static const pcre_uchar string_pXsp[] = {
310 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
311 CHAR_X, CHAR_s, CHAR_p, CHAR_RIGHT_CURLY_BRACKET, '\0' };
312 static const pcre_uchar string_PXwd[] = {
313 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
314 CHAR_X, CHAR_w, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
315 static const pcre_uchar string_pXwd[] = {
316 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
317 CHAR_X, CHAR_w, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
318
319 static const pcre_uchar *substitutes[] = {
320 string_PNd, /* \D */
321 string_pNd, /* \d */
322 string_PXsp, /* \S */ /* NOTE: Xsp is Perl space */
323 string_pXsp, /* \s */
324 string_PXwd, /* \W */
325 string_pXwd /* \w */
326 };
327
328 static const pcre_uchar string_pL[] = {
329 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
330 CHAR_L, CHAR_RIGHT_CURLY_BRACKET, '\0' };
331 static const pcre_uchar string_pLl[] = {
332 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
333 CHAR_L, CHAR_l, CHAR_RIGHT_CURLY_BRACKET, '\0' };
334 static const pcre_uchar string_pLu[] = {
335 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
336 CHAR_L, CHAR_u, CHAR_RIGHT_CURLY_BRACKET, '\0' };
337 static const pcre_uchar string_pXan[] = {
338 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
339 CHAR_X, CHAR_a, CHAR_n, CHAR_RIGHT_CURLY_BRACKET, '\0' };
340 static const pcre_uchar string_h[] = {
341 CHAR_BACKSLASH, CHAR_h, '\0' };
342 static const pcre_uchar string_pXps[] = {
343 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
344 CHAR_X, CHAR_p, CHAR_s, CHAR_RIGHT_CURLY_BRACKET, '\0' };
345 static const pcre_uchar string_PL[] = {
346 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
347 CHAR_L, CHAR_RIGHT_CURLY_BRACKET, '\0' };
348 static const pcre_uchar string_PLl[] = {
349 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
350 CHAR_L, CHAR_l, CHAR_RIGHT_CURLY_BRACKET, '\0' };
351 static const pcre_uchar string_PLu[] = {
352 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
353 CHAR_L, CHAR_u, CHAR_RIGHT_CURLY_BRACKET, '\0' };
354 static const pcre_uchar string_PXan[] = {
355 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
356 CHAR_X, CHAR_a, CHAR_n, CHAR_RIGHT_CURLY_BRACKET, '\0' };
357 static const pcre_uchar string_H[] = {
358 CHAR_BACKSLASH, CHAR_H, '\0' };
359 static const pcre_uchar string_PXps[] = {
360 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
361 CHAR_X, CHAR_p, CHAR_s, CHAR_RIGHT_CURLY_BRACKET, '\0' };
362
363 static const pcre_uchar *posix_substitutes[] = {
364 string_pL, /* alpha */
365 string_pLl, /* lower */
366 string_pLu, /* upper */
367 string_pXan, /* alnum */
368 NULL, /* ascii */
369 string_h, /* blank */
370 NULL, /* cntrl */
371 string_pNd, /* digit */
372 NULL, /* graph */
373 NULL, /* print */
374 NULL, /* punct */
375 string_pXps, /* space */ /* NOTE: Xps is POSIX space */
376 string_pXwd, /* word */
377 NULL, /* xdigit */
378 /* Negated cases */
379 string_PL, /* ^alpha */
380 string_PLl, /* ^lower */
381 string_PLu, /* ^upper */
382 string_PXan, /* ^alnum */
383 NULL, /* ^ascii */
384 string_H, /* ^blank */
385 NULL, /* ^cntrl */
386 string_PNd, /* ^digit */
387 NULL, /* ^graph */
388 NULL, /* ^print */
389 NULL, /* ^punct */
390 string_PXps, /* ^space */ /* NOTE: Xps is POSIX space */
391 string_PXwd, /* ^word */
392 NULL /* ^xdigit */
393 };
394 #define POSIX_SUBSIZE (sizeof(posix_substitutes) / sizeof(pcre_uchar *))
395 #endif
396
397 #define STRING(a) # a
398 #define XSTRING(s) STRING(s)
399
400 /* The texts of compile-time error messages. These are "char *" because they
401 are passed to the outside world. Do not ever re-use any error number, because
402 they are documented. Always add a new error instead. Messages marked DEAD below
403 are no longer used. This used to be a table of strings, but in order to reduce
404 the number of relocations needed when a shared library is loaded dynamically,
405 it is now one long string. We cannot use a table of offsets, because the
406 lengths of inserts such as XSTRING(MAX_NAME_SIZE) are not known. Instead, we
407 simply count through to the one we want - this isn't a performance issue
408 because these strings are used only when there is a compilation error.
409
410 Each substring ends with \0 to insert a null character. This includes the final
411 substring, so that the whole string ends with \0\0, which can be detected when
412 counting through. */
413
414 static const char error_texts[] =
415 "no error\0"
416 "\\ at end of pattern\0"
417 "\\c at end of pattern\0"
418 "unrecognized character follows \\\0"
419 "numbers out of order in {} quantifier\0"
420 /* 5 */
421 "number too big in {} quantifier\0"
422 "missing terminating ] for character class\0"
423 "invalid escape sequence in character class\0"
424 "range out of order in character class\0"
425 "nothing to repeat\0"
426 /* 10 */
427 "operand of unlimited repeat could match the empty string\0" /** DEAD **/
428 "internal error: unexpected repeat\0"
429 "unrecognized character after (? or (?-\0"
430 "POSIX named classes are supported only within a class\0"
431 "missing )\0"
432 /* 15 */
433 "reference to non-existent subpattern\0"
434 "erroffset passed as NULL\0"
435 "unknown option bit(s) set\0"
436 "missing ) after comment\0"
437 "parentheses nested too deeply\0" /** DEAD **/
438 /* 20 */
439 "regular expression is too large\0"
440 "failed to get memory\0"
441 "unmatched parentheses\0"
442 "internal error: code overflow\0"
443 "unrecognized character after (?<\0"
444 /* 25 */
445 "lookbehind assertion is not fixed length\0"
446 "malformed number or name after (?(\0"
447 "conditional group contains more than two branches\0"
448 "assertion expected after (?(\0"
449 "(?R or (?[+-]digits must be followed by )\0"
450 /* 30 */
451 "unknown POSIX class name\0"
452 "POSIX collating elements are not supported\0"
453 "this version of PCRE is compiled without UTF support\0"
454 "spare error\0" /** DEAD **/
455 "character value in \\x{...} sequence is too large\0"
456 /* 35 */
457 "invalid condition (?(0)\0"
458 "\\C not allowed in lookbehind assertion\0"
459 "PCRE does not support \\L, \\l, \\N{name}, \\U, or \\u\0"
460 "number after (?C is > 255\0"
461 "closing ) for (?C expected\0"
462 /* 40 */
463 "recursive call could loop indefinitely\0"
464 "unrecognized character after (?P\0"
465 "syntax error in subpattern name (missing terminator)\0"
466 "two named subpatterns have the same name\0"
467 "invalid UTF-8 string\0"
468 /* 45 */
469 "support for \\P, \\p, and \\X has not been compiled\0"
470 "malformed \\P or \\p sequence\0"
471 "unknown property name after \\P or \\p\0"
472 "subpattern name is too long (maximum " XSTRING(MAX_NAME_SIZE) " characters)\0"
473 "too many named subpatterns (maximum " XSTRING(MAX_NAME_COUNT) ")\0"
474 /* 50 */
475 "repeated subpattern is too long\0" /** DEAD **/
476 "octal value is greater than \\377 in 8-bit non-UTF-8 mode\0"
477 "internal error: overran compiling workspace\0"
478 "internal error: previously-checked referenced subpattern not found\0"
479 "DEFINE group contains more than one branch\0"
480 /* 55 */
481 "repeating a DEFINE group is not allowed\0" /** DEAD **/
482 "inconsistent NEWLINE options\0"
483 "\\g is not followed by a braced, angle-bracketed, or quoted name/number or by a plain number\0"
484 "a numbered reference must not be zero\0"
485 "an argument is not allowed for (*ACCEPT), (*FAIL), or (*COMMIT)\0"
486 /* 60 */
487 "(*VERB) not recognized\0"
488 "number is too big\0"
489 "subpattern name expected\0"
490 "digit expected after (?+\0"
491 "] is an invalid data character in JavaScript compatibility mode\0"
492 /* 65 */
493 "different names for subpatterns of the same number are not allowed\0"
494 "(*MARK) must have an argument\0"
495 "this version of PCRE is not compiled with Unicode property support\0"
496 "\\c must be followed by an ASCII character\0"
497 "\\k is not followed by a braced, angle-bracketed, or quoted name\0"
498 /* 70 */
499 "internal error: unknown opcode in find_fixedlength()\0"
500 "\\N is not supported in a class\0"
501 "too many forward references\0"
502 "disallowed Unicode code point (>= 0xd800 && <= 0xdfff)\0"
503 "invalid UTF-16 string\0"
504 /* 75 */
505 "name is too long in (*MARK), (*PRUNE), (*SKIP), or (*THEN)\0"
506 "character value in \\u.... sequence is too large\0"
507 "invalid UTF-32 string\0"
508 ;
509
510 /* Table to identify digits and hex digits. This is used when compiling
511 patterns. Note that the tables in chartables are dependent on the locale, and
512 may mark arbitrary characters as digits - but the PCRE compiling code expects
513 to handle only 0-9, a-z, and A-Z as digits when compiling. That is why we have
514 a private table here. It costs 256 bytes, but it is a lot faster than doing
515 character value tests (at least in some simple cases I timed), and in some
516 applications one wants PCRE to compile efficiently as well as match
517 efficiently.
518
519 For convenience, we use the same bit definitions as in chartables:
520
521 0x04 decimal digit
522 0x08 hexadecimal digit
523
524 Then we can use ctype_digit and ctype_xdigit in the code. */
525
526 /* Using a simple comparison for decimal numbers rather than a memory read
527 is much faster, and the resulting code is simpler (the compiler turns it
528 into a subtraction and unsigned comparison). */
529
530 #define IS_DIGIT(x) ((x) >= CHAR_0 && (x) <= CHAR_9)
531
532 #ifndef EBCDIC
533
534 /* This is the "normal" case, for ASCII systems, and EBCDIC systems running in
535 UTF-8 mode. */
536
537 static const pcre_uint8 digitab[] =
538 {
539 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 0- 7 */
540 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 8- 15 */
541 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 16- 23 */
542 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */
543 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - ' */
544 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ( - / */
545 0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c, /* 0 - 7 */
546 0x0c,0x0c,0x00,0x00,0x00,0x00,0x00,0x00, /* 8 - ? */
547 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* @ - G */
548 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* H - O */
549 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* P - W */
550 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* X - _ */
551 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* ` - g */
552 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* h - o */
553 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* p - w */
554 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* x -127 */
555 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 128-135 */
556 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 136-143 */
557 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 144-151 */
558 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 152-159 */
559 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 160-167 */
560 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 168-175 */
561 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 176-183 */
562 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
563 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 192-199 */
564 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 200-207 */
565 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 208-215 */
566 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 216-223 */
567 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 224-231 */
568 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 232-239 */
569 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 240-247 */
570 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};/* 248-255 */
571
572 #else
573
574 /* This is the "abnormal" case, for EBCDIC systems not running in UTF-8 mode. */
575
576 static const pcre_uint8 digitab[] =
577 {
578 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 0- 7 0 */
579 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 8- 15 */
580 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 16- 23 10 */
581 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */
582 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 32- 39 20 */
583 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 40- 47 */
584 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 48- 55 30 */
585 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 56- 63 */
586 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - 71 40 */
587 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 72- | */
588 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* & - 87 50 */
589 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 88- 95 */
590 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - -103 60 */
591 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 104- ? */
592 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 70 */
593 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 120- " */
594 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* 128- g 80 */
595 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* h -143 */
596 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 144- p 90 */
597 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* q -159 */
598 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 160- x A0 */
599 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* y -175 */
600 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ^ -183 B0 */
601 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
602 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* { - G C0 */
603 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* H -207 */
604 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* } - P D0 */
605 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* Q -223 */
606 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* \ - X E0 */
607 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* Y -239 */
608 0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c, /* 0 - 7 F0 */
609 0x0c,0x0c,0x00,0x00,0x00,0x00,0x00,0x00};/* 8 -255 */
610
611 static const pcre_uint8 ebcdic_chartab[] = { /* chartable partial dup */
612 0x80,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /* 0- 7 */
613 0x00,0x00,0x00,0x00,0x01,0x01,0x00,0x00, /* 8- 15 */
614 0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /* 16- 23 */
615 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */
616 0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /* 32- 39 */
617 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 40- 47 */
618 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 48- 55 */
619 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 56- 63 */
620 0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - 71 */
621 0x00,0x00,0x00,0x80,0x00,0x80,0x80,0x80, /* 72- | */
622 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* & - 87 */
623 0x00,0x00,0x00,0x80,0x80,0x80,0x00,0x00, /* 88- 95 */
624 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - -103 */
625 0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x80, /* 104- ? */
626 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 */
627 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 120- " */
628 0x00,0x1a,0x1a,0x1a,0x1a,0x1a,0x1a,0x12, /* 128- g */
629 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* h -143 */
630 0x00,0x12,0x12,0x12,0x12,0x12,0x12,0x12, /* 144- p */
631 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* q -159 */
632 0x00,0x00,0x12,0x12,0x12,0x12,0x12,0x12, /* 160- x */
633 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* y -175 */
634 0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ^ -183 */
635 0x00,0x00,0x80,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
636 0x80,0x1a,0x1a,0x1a,0x1a,0x1a,0x1a,0x12, /* { - G */
637 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* H -207 */
638 0x00,0x12,0x12,0x12,0x12,0x12,0x12,0x12, /* } - P */
639 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* Q -223 */
640 0x00,0x00,0x12,0x12,0x12,0x12,0x12,0x12, /* \ - X */
641 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* Y -239 */
642 0x1c,0x1c,0x1c,0x1c,0x1c,0x1c,0x1c,0x1c, /* 0 - 7 */
643 0x1c,0x1c,0x00,0x00,0x00,0x00,0x00,0x00};/* 8 -255 */
644 #endif
645
646
647
648
649 /*************************************************
650 * Find an error text *
651 *************************************************/
652
653 /* The error texts are now all in one long string, to save on relocations. As
654 some of the text is of unknown length, we can't use a table of offsets.
655 Instead, just count through the strings. This is not a performance issue
656 because it happens only when there has been a compilation error.
657
658 Argument: the error number
659 Returns: pointer to the error string
660 */
661
662 static const char *
663 find_error_text(int n)
664 {
665 const char *s = error_texts;
666 for (; n > 0; n--)
667 {
668 while (*s++ != 0) {};
669 if (*s == 0) return "Error text not found (please report)";
670 }
671 return s;
672 }
673
674
675 /*************************************************
676 * Expand the workspace *
677 *************************************************/
678
679 /* This function is called during the second compiling phase, if the number of
680 forward references fills the existing workspace, which is originally a block on
681 the stack. A larger block is obtained from malloc() unless the ultimate limit
682 has been reached or the increase will be rather small.
683
684 Argument: pointer to the compile data block
685 Returns: 0 if all went well, else an error number
686 */
687
688 static int
689 expand_workspace(compile_data *cd)
690 {
691 pcre_uchar *newspace;
692 int newsize = cd->workspace_size * 2;
693
694 if (newsize > COMPILE_WORK_SIZE_MAX) newsize = COMPILE_WORK_SIZE_MAX;
695 if (cd->workspace_size >= COMPILE_WORK_SIZE_MAX ||
696 newsize - cd->workspace_size < WORK_SIZE_SAFETY_MARGIN)
697 return ERR72;
698
699 newspace = (PUBL(malloc))(IN_UCHARS(newsize));
700 if (newspace == NULL) return ERR21;
701 memcpy(newspace, cd->start_workspace, cd->workspace_size * sizeof(pcre_uchar));
702 cd->hwm = (pcre_uchar *)newspace + (cd->hwm - cd->start_workspace);
703 if (cd->workspace_size > COMPILE_WORK_SIZE)
704 (PUBL(free))((void *)cd->start_workspace);
705 cd->start_workspace = newspace;
706 cd->workspace_size = newsize;
707 return 0;
708 }
709
710
711
712 /*************************************************
713 * Check for counted repeat *
714 *************************************************/
715
716 /* This function is called when a '{' is encountered in a place where it might
717 start a quantifier. It looks ahead to see if it really is a quantifier or not.
718 It is only a quantifier if it is one of the forms {ddd} {ddd,} or {ddd,ddd}
719 where the ddds are digits.
720
721 Arguments:
722 p pointer to the first char after '{'
723
724 Returns: TRUE or FALSE
725 */
726
727 static BOOL
728 is_counted_repeat(const pcre_uchar *p)
729 {
730 if (!IS_DIGIT(*p)) return FALSE;
731 p++;
732 while (IS_DIGIT(*p)) p++;
733 if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
734
735 if (*p++ != CHAR_COMMA) return FALSE;
736 if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
737
738 if (!IS_DIGIT(*p)) return FALSE;
739 p++;
740 while (IS_DIGIT(*p)) p++;
741
742 return (*p == CHAR_RIGHT_CURLY_BRACKET);
743 }
744
745
746
747 /*************************************************
748 * Handle escapes *
749 *************************************************/
750
751 /* This function is called when a \ has been encountered. It either returns a
752 positive value for a simple escape such as \n, or 0 for a data character
753 which will be placed in chptr. A backreference to group n is returned as
754 negative n. When UTF-8 is enabled, a positive value greater than 255 may
755 be returned in chptr.
756 On entry,ptr is pointing at the \. On exit, it is on the final character of the
757 escape sequence.
758
759 Arguments:
760 ptrptr points to the pattern position pointer
761 chptr points to the data character
762 errorcodeptr points to the errorcode variable
763 bracount number of previous extracting brackets
764 options the options bits
765 isclass TRUE if inside a character class
766
767 Returns: zero => a data character
768 positive => a special escape sequence
769 negative => a back reference
770 on error, errorcodeptr is set
771 */
772
773 static int
774 check_escape(const pcre_uchar **ptrptr, int *chptr, int *errorcodeptr,
775 int bracount, int options, BOOL isclass)
776 {
777 /* PCRE_UTF16 has the same value as PCRE_UTF8. */
778 BOOL utf = (options & PCRE_UTF8) != 0;
779 const pcre_uchar *ptr = *ptrptr + 1;
780 pcre_uint32 c;
781 int escape = 0;
782 int i;
783
784 GETCHARINCTEST(c, ptr); /* Get character value, increment pointer */
785 ptr--; /* Set pointer back to the last byte */
786
787 /* If backslash is at the end of the pattern, it's an error. */
788
789 if (c == 0) *errorcodeptr = ERR1;
790
791 /* Non-alphanumerics are literals. For digits or letters, do an initial lookup
792 in a table. A non-zero result is something that can be returned immediately.
793 Otherwise further processing may be required. */
794
795 #ifndef EBCDIC /* ASCII/UTF-8 coding */
796 /* Not alphanumeric */
797 else if (c < CHAR_0 || c > CHAR_z) {}
798 else if ((i = escapes[c - CHAR_0]) != 0) { if (i > 0) c = i; else escape = -i; }
799
800 #else /* EBCDIC coding */
801 /* Not alphanumeric */
802 else if (c < CHAR_a || (!MAX_255(c) || (ebcdic_chartab[c] & 0x0E) == 0)) {}
803 else if ((i = escapes[c - 0x48]) != 0) { if (i > 0) c = i; else escape = -i; }
804 #endif
805
806 /* Escapes that need further processing, or are illegal. */
807
808 else
809 {
810 const pcre_uchar *oldptr;
811 BOOL braced, negated;
812
813 switch (c)
814 {
815 /* A number of Perl escapes are not handled by PCRE. We give an explicit
816 error. */
817
818 case CHAR_l:
819 case CHAR_L:
820 *errorcodeptr = ERR37;
821 break;
822
823 case CHAR_u:
824 if ((options & PCRE_JAVASCRIPT_COMPAT) != 0)
825 {
826 /* In JavaScript, \u must be followed by four hexadecimal numbers.
827 Otherwise it is a lowercase u letter. */
828 if (MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0
829 && MAX_255(ptr[2]) && (digitab[ptr[2]] & ctype_xdigit) != 0
830 && MAX_255(ptr[3]) && (digitab[ptr[3]] & ctype_xdigit) != 0
831 && MAX_255(ptr[4]) && (digitab[ptr[4]] & ctype_xdigit) != 0)
832 {
833 c = 0;
834 for (i = 0; i < 4; ++i)
835 {
836 register pcre_uint32 cc = *(++ptr);
837 #ifndef EBCDIC /* ASCII/UTF-8 coding */
838 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
839 c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
840 #else /* EBCDIC coding */
841 if (cc >= CHAR_a && cc <= CHAR_z) cc += 64; /* Convert to upper case */
842 c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
843 #endif
844 }
845
846 #if defined COMPILE_PCRE8
847 if (c > (utf ? 0x10ffff : 0xff))
848 #elif defined COMPILE_PCRE16
849 if (c > (utf ? 0x10ffff : 0xffff))
850 #elif defined COMPILE_PCRE32
851 if (utf && c > 0x10ffff)
852 #endif
853 {
854 *errorcodeptr = ERR76;
855 }
856 else if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;
857 }
858 }
859 else
860 *errorcodeptr = ERR37;
861 break;
862
863 case CHAR_U:
864 /* In JavaScript, \U is an uppercase U letter. */
865 if ((options & PCRE_JAVASCRIPT_COMPAT) == 0) *errorcodeptr = ERR37;
866 break;
867
868 /* In a character class, \g is just a literal "g". Outside a character
869 class, \g must be followed by one of a number of specific things:
870
871 (1) A number, either plain or braced. If positive, it is an absolute
872 backreference. If negative, it is a relative backreference. This is a Perl
873 5.10 feature.
874
875 (2) Perl 5.10 also supports \g{name} as a reference to a named group. This
876 is part of Perl's movement towards a unified syntax for back references. As
877 this is synonymous with \k{name}, we fudge it up by pretending it really
878 was \k.
879
880 (3) For Oniguruma compatibility we also support \g followed by a name or a
881 number either in angle brackets or in single quotes. However, these are
882 (possibly recursive) subroutine calls, _not_ backreferences. Just return
883 the ESC_g code (cf \k). */
884
885 case CHAR_g:
886 if (isclass) break;
887 if (ptr[1] == CHAR_LESS_THAN_SIGN || ptr[1] == CHAR_APOSTROPHE)
888 {
889 escape = ESC_g;
890 break;
891 }
892
893 /* Handle the Perl-compatible cases */
894
895 if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
896 {
897 const pcre_uchar *p;
898 for (p = ptr+2; *p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET; p++)
899 if (*p != CHAR_MINUS && !IS_DIGIT(*p)) break;
900 if (*p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET)
901 {
902 escape = ESC_k;
903 break;
904 }
905 braced = TRUE;
906 ptr++;
907 }
908 else braced = FALSE;
909
910 if (ptr[1] == CHAR_MINUS)
911 {
912 negated = TRUE;
913 ptr++;
914 }
915 else negated = FALSE;
916
917 /* The integer range is limited by the machine's int representation. */
918 c = 0;
919 while (IS_DIGIT(ptr[1]))
920 {
921 if (((unsigned int)c) > INT_MAX / 10) /* Integer overflow */
922 {
923 c = -1;
924 break;
925 }
926 c = c * 10 + *(++ptr) - CHAR_0;
927 }
928 if (((unsigned int)c) > INT_MAX) /* Integer overflow */
929 {
930 while (IS_DIGIT(ptr[1]))
931 ptr++;
932 *errorcodeptr = ERR61;
933 break;
934 }
935
936 if (braced && *(++ptr) != CHAR_RIGHT_CURLY_BRACKET)
937 {
938 *errorcodeptr = ERR57;
939 break;
940 }
941
942 if (c == 0)
943 {
944 *errorcodeptr = ERR58;
945 break;
946 }
947
948 if (negated)
949 {
950 if (c > bracount)
951 {
952 *errorcodeptr = ERR15;
953 break;
954 }
955 c = bracount - (c - 1);
956 }
957
958 escape = -c;
959 break;
960
961 /* The handling of escape sequences consisting of a string of digits
962 starting with one that is not zero is not straightforward. By experiment,
963 the way Perl works seems to be as follows:
964
965 Outside a character class, the digits are read as a decimal number. If the
966 number is less than 10, or if there are that many previous extracting
967 left brackets, then it is a back reference. Otherwise, up to three octal
968 digits are read to form an escaped byte. Thus \123 is likely to be octal
969 123 (cf \0123, which is octal 012 followed by the literal 3). If the octal
970 value is greater than 377, the least significant 8 bits are taken. Inside a
971 character class, \ followed by a digit is always an octal number. */
972
973 case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4: case CHAR_5:
974 case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
975
976 if (!isclass)
977 {
978 oldptr = ptr;
979 /* The integer range is limited by the machine's int representation. */
980 c -= CHAR_0;
981 while (IS_DIGIT(ptr[1]))
982 {
983 if (((unsigned int)c) > INT_MAX / 10) /* Integer overflow */
984 {
985 c = -1;
986 break;
987 }
988 c = c * 10 + *(++ptr) - CHAR_0;
989 }
990 if (((unsigned int)c) > INT_MAX) /* Integer overflow */
991 {
992 while (IS_DIGIT(ptr[1]))
993 ptr++;
994 *errorcodeptr = ERR61;
995 break;
996 }
997 if (c < 10 || c <= bracount)
998 {
999 escape = -c;
1000 break;
1001 }
1002 ptr = oldptr; /* Put the pointer back and fall through */
1003 }
1004
1005 /* Handle an octal number following \. If the first digit is 8 or 9, Perl
1006 generates a binary zero byte and treats the digit as a following literal.
1007 Thus we have to pull back the pointer by one. */
1008
1009 if ((c = *ptr) >= CHAR_8)
1010 {
1011 ptr--;
1012 c = 0;
1013 break;
1014 }
1015
1016 /* \0 always starts an octal number, but we may drop through to here with a
1017 larger first octal digit. The original code used just to take the least
1018 significant 8 bits of octal numbers (I think this is what early Perls used
1019 to do). Nowadays we allow for larger numbers in UTF-8 mode and 16-bit mode,
1020 but no more than 3 octal digits. */
1021
1022 case CHAR_0:
1023 c -= CHAR_0;
1024 while(i++ < 2 && ptr[1] >= CHAR_0 && ptr[1] <= CHAR_7)
1025 c = c * 8 + *(++ptr) - CHAR_0;
1026 #ifdef COMPILE_PCRE8
1027 if (!utf && c > 0xff) *errorcodeptr = ERR51;
1028 #endif
1029 break;
1030
1031 /* \x is complicated. \x{ddd} is a character number which can be greater
1032 than 0xff in utf or non-8bit mode, but only if the ddd are hex digits.
1033 If not, { is treated as a data character. */
1034
1035 case CHAR_x:
1036 if ((options & PCRE_JAVASCRIPT_COMPAT) != 0)
1037 {
1038 /* In JavaScript, \x must be followed by two hexadecimal numbers.
1039 Otherwise it is a lowercase x letter. */
1040 if (MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0
1041 && MAX_255(ptr[2]) && (digitab[ptr[2]] & ctype_xdigit) != 0)
1042 {
1043 c = 0;
1044 for (i = 0; i < 2; ++i)
1045 {
1046 register pcre_uint32 cc = *(++ptr);
1047 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1048 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
1049 c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1050 #else /* EBCDIC coding */
1051 if (cc >= CHAR_a && cc <= CHAR_z) cc += 64; /* Convert to upper case */
1052 c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1053 #endif
1054 }
1055 }
1056 break;
1057 }
1058
1059 if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
1060 {
1061 const pcre_uchar *pt = ptr + 2;
1062 BOOL overflow;
1063
1064 c = 0;
1065 overflow = FALSE;
1066 while (MAX_255(*pt) && (digitab[*pt] & ctype_xdigit) != 0)
1067 {
1068 register pcre_uint32 cc = *pt++;
1069 if (c == 0 && cc == CHAR_0) continue; /* Leading zeroes */
1070
1071 #ifdef COMPILE_PCRE32
1072 if (c >= 0x10000000l) { overflow = TRUE; break; }
1073 #endif
1074
1075 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1076 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
1077 c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1078 #else /* EBCDIC coding */
1079 if (cc >= CHAR_a && cc <= CHAR_z) cc += 64; /* Convert to upper case */
1080 c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1081 #endif
1082
1083 #if defined COMPILE_PCRE8
1084 if (c > (utf ? 0x10ffff : 0xff)) { overflow = TRUE; break; }
1085 #elif defined COMPILE_PCRE16
1086 if (c > (utf ? 0x10ffff : 0xffff)) { overflow = TRUE; break; }
1087 #elif defined COMPILE_PCRE32
1088 if (utf && c > 0x10ffff) { overflow = TRUE; break; }
1089 #endif
1090 }
1091
1092 if (overflow)
1093 {
1094 while (MAX_255(*pt) && (digitab[*pt] & ctype_xdigit) != 0) pt++;
1095 *errorcodeptr = ERR34;
1096 }
1097
1098 if (*pt == CHAR_RIGHT_CURLY_BRACKET)
1099 {
1100 if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;
1101 ptr = pt;
1102 break;
1103 }
1104
1105 /* If the sequence of hex digits does not end with '}', then we don't
1106 recognize this construct; fall through to the normal \x handling. */
1107 }
1108
1109 /* Read just a single-byte hex-defined char */
1110
1111 c = 0;
1112 while (i++ < 2 && MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0)
1113 {
1114 pcre_uint32 cc; /* Some compilers don't like */
1115 cc = *(++ptr); /* ++ in initializers */
1116 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1117 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
1118 c = c * 16 + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1119 #else /* EBCDIC coding */
1120 if (cc <= CHAR_z) cc += 64; /* Convert to upper case */
1121 c = c * 16 + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1122 #endif
1123 }
1124 break;
1125
1126 /* For \c, a following letter is upper-cased; then the 0x40 bit is flipped.
1127 An error is given if the byte following \c is not an ASCII character. This
1128 coding is ASCII-specific, but then the whole concept of \cx is
1129 ASCII-specific. (However, an EBCDIC equivalent has now been added.) */
1130
1131 case CHAR_c:
1132 c = *(++ptr);
1133 if (c == 0)
1134 {
1135 *errorcodeptr = ERR2;
1136 break;
1137 }
1138 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1139 if (c > 127) /* Excludes all non-ASCII in either mode */
1140 {
1141 *errorcodeptr = ERR68;
1142 break;
1143 }
1144 if (c >= CHAR_a && c <= CHAR_z) c -= 32;
1145 c ^= 0x40;
1146 #else /* EBCDIC coding */
1147 if (c >= CHAR_a && c <= CHAR_z) c += 64;
1148 c ^= 0xC0;
1149 #endif
1150 break;
1151
1152 /* PCRE_EXTRA enables extensions to Perl in the matter of escapes. Any
1153 other alphanumeric following \ is an error if PCRE_EXTRA was set;
1154 otherwise, for Perl compatibility, it is a literal. This code looks a bit
1155 odd, but there used to be some cases other than the default, and there may
1156 be again in future, so I haven't "optimized" it. */
1157
1158 default:
1159 if ((options & PCRE_EXTRA) != 0) switch(c)
1160 {
1161 default:
1162 *errorcodeptr = ERR3;
1163 break;
1164 }
1165 break;
1166 }
1167 }
1168
1169 /* Perl supports \N{name} for character names, as well as plain \N for "not
1170 newline". PCRE does not support \N{name}. However, it does support
1171 quantification such as \N{2,3}. */
1172
1173 if (escape == ESC_N && ptr[1] == CHAR_LEFT_CURLY_BRACKET &&
1174 !is_counted_repeat(ptr+2))
1175 *errorcodeptr = ERR37;
1176
1177 /* If PCRE_UCP is set, we change the values for \d etc. */
1178
1179 if ((options & PCRE_UCP) != 0 && escape >= ESC_D && escape <= ESC_w)
1180 escape += (ESC_DU - ESC_D);
1181
1182 /* Set the pointer to the final character before returning. */
1183
1184 *ptrptr = ptr;
1185 *chptr = c;
1186 return escape;
1187 }
1188
1189 #ifdef SUPPORT_UCP
1190 /*************************************************
1191 * Handle \P and \p *
1192 *************************************************/
1193
1194 /* This function is called after \P or \p has been encountered, provided that
1195 PCRE is compiled with support for Unicode properties. On entry, ptrptr is
1196 pointing at the P or p. On exit, it is pointing at the final character of the
1197 escape sequence.
1198
1199 Argument:
1200 ptrptr points to the pattern position pointer
1201 negptr points to a boolean that is set TRUE for negation else FALSE
1202 dptr points to an int that is set to the detailed property value
1203 errorcodeptr points to the error code variable
1204
1205 Returns: type value from ucp_type_table, or -1 for an invalid type
1206 */
1207
1208 static int
1209 get_ucp(const pcre_uchar **ptrptr, BOOL *negptr, int *dptr, int *errorcodeptr)
1210 {
1211 int c, i, bot, top;
1212 const pcre_uchar *ptr = *ptrptr;
1213 pcre_uchar name[32];
1214
1215 c = *(++ptr);
1216 if (c == 0) goto ERROR_RETURN;
1217
1218 *negptr = FALSE;
1219
1220 /* \P or \p can be followed by a name in {}, optionally preceded by ^ for
1221 negation. */
1222
1223 if (c == CHAR_LEFT_CURLY_BRACKET)
1224 {
1225 if (ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
1226 {
1227 *negptr = TRUE;
1228 ptr++;
1229 }
1230 for (i = 0; i < (int)(sizeof(name) / sizeof(pcre_uchar)) - 1; i++)
1231 {
1232 c = *(++ptr);
1233 if (c == 0) goto ERROR_RETURN;
1234 if (c == CHAR_RIGHT_CURLY_BRACKET) break;
1235 name[i] = c;
1236 }
1237 if (c != CHAR_RIGHT_CURLY_BRACKET) goto ERROR_RETURN;
1238 name[i] = 0;
1239 }
1240
1241 /* Otherwise there is just one following character */
1242
1243 else
1244 {
1245 name[0] = c;
1246 name[1] = 0;
1247 }
1248
1249 *ptrptr = ptr;
1250
1251 /* Search for a recognized property name using binary chop */
1252
1253 bot = 0;
1254 top = PRIV(utt_size);
1255
1256 while (bot < top)
1257 {
1258 i = (bot + top) >> 1;
1259 c = STRCMP_UC_C8(name, PRIV(utt_names) + PRIV(utt)[i].name_offset);
1260 if (c == 0)
1261 {
1262 *dptr = PRIV(utt)[i].value;
1263 return PRIV(utt)[i].type;
1264 }
1265 if (c > 0) bot = i + 1; else top = i;
1266 }
1267
1268 *errorcodeptr = ERR47;
1269 *ptrptr = ptr;
1270 return -1;
1271
1272 ERROR_RETURN:
1273 *errorcodeptr = ERR46;
1274 *ptrptr = ptr;
1275 return -1;
1276 }
1277 #endif
1278
1279
1280
1281
1282 /*************************************************
1283 * Read repeat counts *
1284 *************************************************/
1285
1286 /* Read an item of the form {n,m} and return the values. This is called only
1287 after is_counted_repeat() has confirmed that a repeat-count quantifier exists,
1288 so the syntax is guaranteed to be correct, but we need to check the values.
1289
1290 Arguments:
1291 p pointer to first char after '{'
1292 minp pointer to int for min
1293 maxp pointer to int for max
1294 returned as -1 if no max
1295 errorcodeptr points to error code variable
1296
1297 Returns: pointer to '}' on success;
1298 current ptr on error, with errorcodeptr set non-zero
1299 */
1300
1301 static const pcre_uchar *
1302 read_repeat_counts(const pcre_uchar *p, int *minp, int *maxp, int *errorcodeptr)
1303 {
1304 int min = 0;
1305 int max = -1;
1306
1307 /* Read the minimum value and do a paranoid check: a negative value indicates
1308 an integer overflow. */
1309
1310 while (IS_DIGIT(*p)) min = min * 10 + *p++ - CHAR_0;
1311 if (min < 0 || min > 65535)
1312 {
1313 *errorcodeptr = ERR5;
1314 return p;
1315 }
1316
1317 /* Read the maximum value if there is one, and again do a paranoid on its size.
1318 Also, max must not be less than min. */
1319
1320 if (*p == CHAR_RIGHT_CURLY_BRACKET) max = min; else
1321 {
1322 if (*(++p) != CHAR_RIGHT_CURLY_BRACKET)
1323 {
1324 max = 0;
1325 while(IS_DIGIT(*p)) max = max * 10 + *p++ - CHAR_0;
1326 if (max < 0 || max > 65535)
1327 {
1328 *errorcodeptr = ERR5;
1329 return p;
1330 }
1331 if (max < min)
1332 {
1333 *errorcodeptr = ERR4;
1334 return p;
1335 }
1336 }
1337 }
1338
1339 /* Fill in the required variables, and pass back the pointer to the terminating
1340 '}'. */
1341
1342 *minp = min;
1343 *maxp = max;
1344 return p;
1345 }
1346
1347
1348
1349 /*************************************************
1350 * Subroutine for finding forward reference *
1351 *************************************************/
1352
1353 /* This recursive function is called only from find_parens() below. The
1354 top-level call starts at the beginning of the pattern. All other calls must
1355 start at a parenthesis. It scans along a pattern's text looking for capturing
1356 subpatterns, and counting them. If it finds a named pattern that matches the
1357 name it is given, it returns its number. Alternatively, if the name is NULL, it
1358 returns when it reaches a given numbered subpattern. Recursion is used to keep
1359 track of subpatterns that reset the capturing group numbers - the (?| feature.
1360
1361 This function was originally called only from the second pass, in which we know
1362 that if (?< or (?' or (?P< is encountered, the name will be correctly
1363 terminated because that is checked in the first pass. There is now one call to
1364 this function in the first pass, to check for a recursive back reference by
1365 name (so that we can make the whole group atomic). In this case, we need check
1366 only up to the current position in the pattern, and that is still OK because
1367 and previous occurrences will have been checked. To make this work, the test
1368 for "end of pattern" is a check against cd->end_pattern in the main loop,
1369 instead of looking for a binary zero. This means that the special first-pass
1370 call can adjust cd->end_pattern temporarily. (Checks for binary zero while
1371 processing items within the loop are OK, because afterwards the main loop will
1372 terminate.)
1373
1374 Arguments:
1375 ptrptr address of the current character pointer (updated)
1376 cd compile background data
1377 name name to seek, or NULL if seeking a numbered subpattern
1378 lorn name length, or subpattern number if name is NULL
1379 xmode TRUE if we are in /x mode
1380 utf TRUE if we are in UTF-8 / UTF-16 / UTF-32 mode
1381 count pointer to the current capturing subpattern number (updated)
1382
1383 Returns: the number of the named subpattern, or -1 if not found
1384 */
1385
1386 static int
1387 find_parens_sub(pcre_uchar **ptrptr, compile_data *cd, const pcre_uchar *name, int lorn,
1388 BOOL xmode, BOOL utf, int *count)
1389 {
1390 pcre_uchar *ptr = *ptrptr;
1391 int start_count = *count;
1392 int hwm_count = start_count;
1393 BOOL dup_parens = FALSE;
1394
1395 /* If the first character is a parenthesis, check on the type of group we are
1396 dealing with. The very first call may not start with a parenthesis. */
1397
1398 if (ptr[0] == CHAR_LEFT_PARENTHESIS)
1399 {
1400 /* Handle specials such as (*SKIP) or (*UTF8) etc. */
1401
1402 if (ptr[1] == CHAR_ASTERISK) ptr += 2;
1403
1404 /* Handle a normal, unnamed capturing parenthesis. */
1405
1406 else if (ptr[1] != CHAR_QUESTION_MARK)
1407 {
1408 *count += 1;
1409 if (name == NULL && *count == lorn) return *count;
1410 ptr++;
1411 }
1412
1413 /* All cases now have (? at the start. Remember when we are in a group
1414 where the parenthesis numbers are duplicated. */
1415
1416 else if (ptr[2] == CHAR_VERTICAL_LINE)
1417 {
1418 ptr += 3;
1419 dup_parens = TRUE;
1420 }
1421
1422 /* Handle comments; all characters are allowed until a ket is reached. */
1423
1424 else if (ptr[2] == CHAR_NUMBER_SIGN)
1425 {
1426 for (ptr += 3; *ptr != 0; ptr++) if (*ptr == CHAR_RIGHT_PARENTHESIS) break;
1427 goto FAIL_EXIT;
1428 }
1429
1430 /* Handle a condition. If it is an assertion, just carry on so that it
1431 is processed as normal. If not, skip to the closing parenthesis of the
1432 condition (there can't be any nested parens). */
1433
1434 else if (ptr[2] == CHAR_LEFT_PARENTHESIS)
1435 {
1436 ptr += 2;
1437 if (ptr[1] != CHAR_QUESTION_MARK)
1438 {
1439 while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
1440 if (*ptr != 0) ptr++;
1441 }
1442 }
1443
1444 /* Start with (? but not a condition. */
1445
1446 else
1447 {
1448 ptr += 2;
1449 if (*ptr == CHAR_P) ptr++; /* Allow optional P */
1450
1451 /* We have to disambiguate (?<! and (?<= from (?<name> for named groups */
1452
1453 if ((*ptr == CHAR_LESS_THAN_SIGN && ptr[1] != CHAR_EXCLAMATION_MARK &&
1454 ptr[1] != CHAR_EQUALS_SIGN) || *ptr == CHAR_APOSTROPHE)
1455 {
1456 int term;
1457 const pcre_uchar *thisname;
1458 *count += 1;
1459 if (name == NULL && *count == lorn) return *count;
1460 term = *ptr++;
1461 if (term == CHAR_LESS_THAN_SIGN) term = CHAR_GREATER_THAN_SIGN;
1462 thisname = ptr;
1463 while (*ptr != term) ptr++;
1464 if (name != NULL && lorn == ptr - thisname &&
1465 STRNCMP_UC_UC(name, thisname, lorn) == 0)
1466 return *count;
1467 term++;
1468 }
1469 }
1470 }
1471
1472 /* Past any initial parenthesis handling, scan for parentheses or vertical
1473 bars. Stop if we get to cd->end_pattern. Note that this is important for the
1474 first-pass call when this value is temporarily adjusted to stop at the current
1475 position. So DO NOT change this to a test for binary zero. */
1476
1477 for (; ptr < cd->end_pattern; ptr++)
1478 {
1479 /* Skip over backslashed characters and also entire \Q...\E */
1480
1481 if (*ptr == CHAR_BACKSLASH)
1482 {
1483 if (*(++ptr) == 0) goto FAIL_EXIT;
1484 if (*ptr == CHAR_Q) for (;;)
1485 {
1486 while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};
1487 if (*ptr == 0) goto FAIL_EXIT;
1488 if (*(++ptr) == CHAR_E) break;
1489 }
1490 continue;
1491 }
1492
1493 /* Skip over character classes; this logic must be similar to the way they
1494 are handled for real. If the first character is '^', skip it. Also, if the
1495 first few characters (either before or after ^) are \Q\E or \E we skip them
1496 too. This makes for compatibility with Perl. Note the use of STR macros to
1497 encode "Q\\E" so that it works in UTF-8 on EBCDIC platforms. */
1498
1499 if (*ptr == CHAR_LEFT_SQUARE_BRACKET)
1500 {
1501 BOOL negate_class = FALSE;
1502 for (;;)
1503 {
1504 if (ptr[1] == CHAR_BACKSLASH)
1505 {
1506 if (ptr[2] == CHAR_E)
1507 ptr+= 2;
1508 else if (STRNCMP_UC_C8(ptr + 2,
1509 STR_Q STR_BACKSLASH STR_E, 3) == 0)
1510 ptr += 4;
1511 else
1512 break;
1513 }
1514 else if (!negate_class && ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
1515 {
1516 negate_class = TRUE;
1517 ptr++;
1518 }
1519 else break;
1520 }
1521
1522 /* If the next character is ']', it is a data character that must be
1523 skipped, except in JavaScript compatibility mode. */
1524
1525 if (ptr[1] == CHAR_RIGHT_SQUARE_BRACKET &&
1526 (cd->external_options & PCRE_JAVASCRIPT_COMPAT) == 0)
1527 ptr++;
1528
1529 while (*(++ptr) != CHAR_RIGHT_SQUARE_BRACKET)
1530 {
1531 if (*ptr == 0) return -1;
1532 if (*ptr == CHAR_BACKSLASH)
1533 {
1534 if (*(++ptr) == 0) goto FAIL_EXIT;
1535 if (*ptr == CHAR_Q) for (;;)
1536 {
1537 while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};
1538 if (*ptr == 0) goto FAIL_EXIT;
1539 if (*(++ptr) == CHAR_E) break;
1540 }
1541 continue;
1542 }
1543 }
1544 continue;
1545 }
1546
1547 /* Skip comments in /x mode */
1548
1549 if (xmode && *ptr == CHAR_NUMBER_SIGN)
1550 {
1551 ptr++;
1552 while (*ptr != 0)
1553 {
1554 if (IS_NEWLINE(ptr)) { ptr += cd->nllen - 1; break; }
1555 ptr++;
1556 #ifdef SUPPORT_UTF
1557 if (utf) FORWARDCHAR(ptr);
1558 #endif
1559 }
1560 if (*ptr == 0) goto FAIL_EXIT;
1561 continue;
1562 }
1563
1564 /* Check for the special metacharacters */
1565
1566 if (*ptr == CHAR_LEFT_PARENTHESIS)
1567 {
1568 int rc = find_parens_sub(&ptr, cd, name, lorn, xmode, utf, count);
1569 if (rc > 0) return rc;
1570 if (*ptr == 0) goto FAIL_EXIT;
1571 }
1572
1573 else if (*ptr == CHAR_RIGHT_PARENTHESIS)
1574 {
1575 if (dup_parens && *count < hwm_count) *count = hwm_count;
1576 goto FAIL_EXIT;
1577 }
1578
1579 else if (*ptr == CHAR_VERTICAL_LINE && dup_parens)
1580 {
1581 if (*count > hwm_count) hwm_count = *count;
1582 *count = start_count;
1583 }
1584 }
1585
1586 FAIL_EXIT:
1587 *ptrptr = ptr;
1588 return -1;
1589 }
1590
1591
1592
1593
1594 /*************************************************
1595 * Find forward referenced subpattern *
1596 *************************************************/
1597
1598 /* This function scans along a pattern's text looking for capturing
1599 subpatterns, and counting them. If it finds a named pattern that matches the
1600 name it is given, it returns its number. Alternatively, if the name is NULL, it
1601 returns when it reaches a given numbered subpattern. This is used for forward
1602 references to subpatterns. We used to be able to start this scan from the
1603 current compiling point, using the current count value from cd->bracount, and
1604 do it all in a single loop, but the addition of the possibility of duplicate
1605 subpattern numbers means that we have to scan from the very start, in order to
1606 take account of such duplicates, and to use a recursive function to keep track
1607 of the different types of group.
1608
1609 Arguments:
1610 cd compile background data
1611 name name to seek, or NULL if seeking a numbered subpattern
1612 lorn name length, or subpattern number if name is NULL
1613 xmode TRUE if we are in /x mode
1614 utf TRUE if we are in UTF-8 / UTF-16 / UTF-32 mode
1615
1616 Returns: the number of the found subpattern, or -1 if not found
1617 */
1618
1619 static int
1620 find_parens(compile_data *cd, const pcre_uchar *name, int lorn, BOOL xmode,
1621 BOOL utf)
1622 {
1623 pcre_uchar *ptr = (pcre_uchar *)cd->start_pattern;
1624 int count = 0;
1625 int rc;
1626
1627 /* If the pattern does not start with an opening parenthesis, the first call
1628 to find_parens_sub() will scan right to the end (if necessary). However, if it
1629 does start with a parenthesis, find_parens_sub() will return when it hits the
1630 matching closing parens. That is why we have to have a loop. */
1631
1632 for (;;)
1633 {
1634 rc = find_parens_sub(&ptr, cd, name, lorn, xmode, utf, &count);
1635 if (rc > 0 || *ptr++ == 0) break;
1636 }
1637
1638 return rc;
1639 }
1640
1641
1642
1643
1644 /*************************************************
1645 * Find first significant op code *
1646 *************************************************/
1647
1648 /* This is called by several functions that scan a compiled expression looking
1649 for a fixed first character, or an anchoring op code etc. It skips over things
1650 that do not influence this. For some calls, it makes sense to skip negative
1651 forward and all backward assertions, and also the \b assertion; for others it
1652 does not.
1653
1654 Arguments:
1655 code pointer to the start of the group
1656 skipassert TRUE if certain assertions are to be skipped
1657
1658 Returns: pointer to the first significant opcode
1659 */
1660
1661 static const pcre_uchar*
1662 first_significant_code(const pcre_uchar *code, BOOL skipassert)
1663 {
1664 for (;;)
1665 {
1666 switch ((int)*code)
1667 {
1668 case OP_ASSERT_NOT:
1669 case OP_ASSERTBACK:
1670 case OP_ASSERTBACK_NOT:
1671 if (!skipassert) return code;
1672 do code += GET(code, 1); while (*code == OP_ALT);
1673 code += PRIV(OP_lengths)[*code];
1674 break;
1675
1676 case OP_WORD_BOUNDARY:
1677 case OP_NOT_WORD_BOUNDARY:
1678 if (!skipassert) return code;
1679 /* Fall through */
1680
1681 case OP_CALLOUT:
1682 case OP_CREF:
1683 case OP_NCREF:
1684 case OP_RREF:
1685 case OP_NRREF:
1686 case OP_DEF:
1687 code += PRIV(OP_lengths)[*code];
1688 break;
1689
1690 default:
1691 return code;
1692 }
1693 }
1694 /* Control never reaches here */
1695 }
1696
1697
1698
1699
1700 /*************************************************
1701 * Find the fixed length of a branch *
1702 *************************************************/
1703
1704 /* Scan a branch and compute the fixed length of subject that will match it,
1705 if the length is fixed. This is needed for dealing with backward assertions.
1706 In UTF8 mode, the result is in characters rather than bytes. The branch is
1707 temporarily terminated with OP_END when this function is called.
1708
1709 This function is called when a backward assertion is encountered, so that if it
1710 fails, the error message can point to the correct place in the pattern.
1711 However, we cannot do this when the assertion contains subroutine calls,
1712 because they can be forward references. We solve this by remembering this case
1713 and doing the check at the end; a flag specifies which mode we are running in.
1714
1715 Arguments:
1716 code points to the start of the pattern (the bracket)
1717 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
1718 atend TRUE if called when the pattern is complete
1719 cd the "compile data" structure
1720
1721 Returns: the fixed length,
1722 or -1 if there is no fixed length,
1723 or -2 if \C was encountered (in UTF-8 mode only)
1724 or -3 if an OP_RECURSE item was encountered and atend is FALSE
1725 or -4 if an unknown opcode was encountered (internal error)
1726 */
1727
1728 static int
1729 find_fixedlength(pcre_uchar *code, BOOL utf, BOOL atend, compile_data *cd)
1730 {
1731 int length = -1;
1732
1733 register int branchlength = 0;
1734 register pcre_uchar *cc = code + 1 + LINK_SIZE;
1735
1736 /* Scan along the opcodes for this branch. If we get to the end of the
1737 branch, check the length against that of the other branches. */
1738
1739 for (;;)
1740 {
1741 int d;
1742 pcre_uchar *ce, *cs;
1743 register int op = *cc;
1744
1745 switch (op)
1746 {
1747 /* We only need to continue for OP_CBRA (normal capturing bracket) and
1748 OP_BRA (normal non-capturing bracket) because the other variants of these
1749 opcodes are all concerned with unlimited repeated groups, which of course
1750 are not of fixed length. */
1751
1752 case OP_CBRA:
1753 case OP_BRA:
1754 case OP_ONCE:
1755 case OP_ONCE_NC:
1756 case OP_COND:
1757 d = find_fixedlength(cc + ((op == OP_CBRA)? IMM2_SIZE : 0), utf, atend, cd);
1758 if (d < 0) return d;
1759 branchlength += d;
1760 do cc += GET(cc, 1); while (*cc == OP_ALT);
1761 cc += 1 + LINK_SIZE;
1762 break;
1763
1764 /* Reached end of a branch; if it's a ket it is the end of a nested call.
1765 If it's ALT it is an alternation in a nested call. An ACCEPT is effectively
1766 an ALT. If it is END it's the end of the outer call. All can be handled by
1767 the same code. Note that we must not include the OP_KETRxxx opcodes here,
1768 because they all imply an unlimited repeat. */
1769
1770 case OP_ALT:
1771 case OP_KET:
1772 case OP_END:
1773 case OP_ACCEPT:
1774 case OP_ASSERT_ACCEPT:
1775 if (length < 0) length = branchlength;
1776 else if (length != branchlength) return -1;
1777 if (*cc != OP_ALT) return length;
1778 cc += 1 + LINK_SIZE;
1779 branchlength = 0;
1780 break;
1781
1782 /* A true recursion implies not fixed length, but a subroutine call may
1783 be OK. If the subroutine is a forward reference, we can't deal with
1784 it until the end of the pattern, so return -3. */
1785
1786 case OP_RECURSE:
1787 if (!atend) return -3;
1788 cs = ce = (pcre_uchar *)cd->start_code + GET(cc, 1); /* Start subpattern */
1789 do ce += GET(ce, 1); while (*ce == OP_ALT); /* End subpattern */
1790 if (cc > cs && cc < ce) return -1; /* Recursion */
1791 d = find_fixedlength(cs + IMM2_SIZE, utf, atend, cd);
1792 if (d < 0) return d;
1793 branchlength += d;
1794 cc += 1 + LINK_SIZE;
1795 break;
1796
1797 /* Skip over assertive subpatterns */
1798
1799 case OP_ASSERT:
1800 case OP_ASSERT_NOT:
1801 case OP_ASSERTBACK:
1802 case OP_ASSERTBACK_NOT:
1803 do cc += GET(cc, 1); while (*cc == OP_ALT);
1804 cc += PRIV(OP_lengths)[*cc];
1805 break;
1806
1807 /* Skip over things that don't match chars */
1808
1809 case OP_MARK:
1810 case OP_PRUNE_ARG:
1811 case OP_SKIP_ARG:
1812 case OP_THEN_ARG:
1813 cc += cc[1] + PRIV(OP_lengths)[*cc];
1814 break;
1815
1816 case OP_CALLOUT:
1817 case OP_CIRC:
1818 case OP_CIRCM:
1819 case OP_CLOSE:
1820 case OP_COMMIT:
1821 case OP_CREF:
1822 case OP_DEF:
1823 case OP_DOLL:
1824 case OP_DOLLM:
1825 case OP_EOD:
1826 case OP_EODN:
1827 case OP_FAIL:
1828 case OP_NCREF:
1829 case OP_NRREF:
1830 case OP_NOT_WORD_BOUNDARY:
1831 case OP_PRUNE:
1832 case OP_REVERSE:
1833 case OP_RREF:
1834 case OP_SET_SOM:
1835 case OP_SKIP:
1836 case OP_SOD:
1837 case OP_SOM:
1838 case OP_THEN:
1839 case OP_WORD_BOUNDARY:
1840 cc += PRIV(OP_lengths)[*cc];
1841 break;
1842
1843 /* Handle literal characters */
1844
1845 case OP_CHAR:
1846 case OP_CHARI:
1847 case OP_NOT:
1848 case OP_NOTI:
1849 branchlength++;
1850 cc += 2;
1851 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
1852 if (utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]);
1853 #endif
1854 break;
1855
1856 /* Handle exact repetitions. The count is already in characters, but we
1857 need to skip over a multibyte character in UTF8 mode. */
1858
1859 case OP_EXACT:
1860 case OP_EXACTI:
1861 case OP_NOTEXACT:
1862 case OP_NOTEXACTI:
1863 branchlength += GET2(cc,1);
1864 cc += 2 + IMM2_SIZE;
1865 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
1866 if (utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]);
1867 #endif
1868 break;
1869
1870 case OP_TYPEEXACT:
1871 branchlength += GET2(cc,1);
1872 if (cc[1 + IMM2_SIZE] == OP_PROP || cc[1 + IMM2_SIZE] == OP_NOTPROP)
1873 cc += 2;
1874 cc += 1 + IMM2_SIZE + 1;
1875 break;
1876
1877 /* Handle single-char matchers */
1878
1879 case OP_PROP:
1880 case OP_NOTPROP:
1881 cc += 2;
1882 /* Fall through */
1883
1884 case OP_HSPACE:
1885 case OP_VSPACE:
1886 case OP_NOT_HSPACE:
1887 case OP_NOT_VSPACE:
1888 case OP_NOT_DIGIT:
1889 case OP_DIGIT:
1890 case OP_NOT_WHITESPACE:
1891 case OP_WHITESPACE:
1892 case OP_NOT_WORDCHAR:
1893 case OP_WORDCHAR:
1894 case OP_ANY:
1895 case OP_ALLANY:
1896 branchlength++;
1897 cc++;
1898 break;
1899
1900 /* The single-byte matcher isn't allowed. This only happens in UTF-8 mode;
1901 otherwise \C is coded as OP_ALLANY. */
1902
1903 case OP_ANYBYTE:
1904 return -2;
1905
1906 /* Check a class for variable quantification */
1907
1908 #if defined SUPPORT_UTF || defined COMPILE_PCRE16 || defined COMPILE_PCRE32
1909 case OP_XCLASS:
1910 cc += GET(cc, 1) - PRIV(OP_lengths)[OP_CLASS];
1911 /* Fall through */
1912 #endif
1913
1914 case OP_CLASS:
1915 case OP_NCLASS:
1916 cc += PRIV(OP_lengths)[OP_CLASS];
1917
1918 switch (*cc)
1919 {
1920 case OP_CRPLUS:
1921 case OP_CRMINPLUS:
1922 case OP_CRSTAR:
1923 case OP_CRMINSTAR:
1924 case OP_CRQUERY:
1925 case OP_CRMINQUERY:
1926 return -1;
1927
1928 case OP_CRRANGE:
1929 case OP_CRMINRANGE:
1930 if (GET2(cc,1) != GET2(cc,1+IMM2_SIZE)) return -1;
1931 branchlength += GET2(cc,1);
1932 cc += 1 + 2 * IMM2_SIZE;
1933 break;
1934
1935 default:
1936 branchlength++;
1937 }
1938 break;
1939
1940 /* Anything else is variable length */
1941
1942 case OP_ANYNL:
1943 case OP_BRAMINZERO:
1944 case OP_BRAPOS:
1945 case OP_BRAPOSZERO:
1946 case OP_BRAZERO:
1947 case OP_CBRAPOS:
1948 case OP_EXTUNI:
1949 case OP_KETRMAX:
1950 case OP_KETRMIN:
1951 case OP_KETRPOS:
1952 case OP_MINPLUS:
1953 case OP_MINPLUSI:
1954 case OP_MINQUERY:
1955 case OP_MINQUERYI:
1956 case OP_MINSTAR:
1957 case OP_MINSTARI:
1958 case OP_MINUPTO:
1959 case OP_MINUPTOI:
1960 case OP_NOTMINPLUS:
1961 case OP_NOTMINPLUSI:
1962 case OP_NOTMINQUERY:
1963 case OP_NOTMINQUERYI:
1964 case OP_NOTMINSTAR:
1965 case OP_NOTMINSTARI:
1966 case OP_NOTMINUPTO:
1967 case OP_NOTMINUPTOI:
1968 case OP_NOTPLUS:
1969 case OP_NOTPLUSI:
1970 case OP_NOTPOSPLUS:
1971 case OP_NOTPOSPLUSI:
1972 case OP_NOTPOSQUERY:
1973 case OP_NOTPOSQUERYI:
1974 case OP_NOTPOSSTAR:
1975 case OP_NOTPOSSTARI:
1976 case OP_NOTPOSUPTO:
1977 case OP_NOTPOSUPTOI:
1978 case OP_NOTQUERY:
1979 case OP_NOTQUERYI:
1980 case OP_NOTSTAR:
1981 case OP_NOTSTARI:
1982 case OP_NOTUPTO:
1983 case OP_NOTUPTOI:
1984 case OP_PLUS:
1985 case OP_PLUSI:
1986 case OP_POSPLUS:
1987 case OP_POSPLUSI:
1988 case OP_POSQUERY:
1989 case OP_POSQUERYI:
1990 case OP_POSSTAR:
1991 case OP_POSSTARI:
1992 case OP_POSUPTO:
1993 case OP_POSUPTOI:
1994 case OP_QUERY:
1995 case OP_QUERYI:
1996 case OP_REF:
1997 case OP_REFI:
1998 case OP_SBRA:
1999 case OP_SBRAPOS:
2000 case OP_SCBRA:
2001 case OP_SCBRAPOS:
2002 case OP_SCOND:
2003 case OP_SKIPZERO:
2004 case OP_STAR:
2005 case OP_STARI:
2006 case OP_TYPEMINPLUS:
2007 case OP_TYPEMINQUERY:
2008 case OP_TYPEMINSTAR:
2009 case OP_TYPEMINUPTO:
2010 case OP_TYPEPLUS:
2011 case OP_TYPEPOSPLUS:
2012 case OP_TYPEPOSQUERY:
2013 case OP_TYPEPOSSTAR:
2014 case OP_TYPEPOSUPTO:
2015 case OP_TYPEQUERY:
2016 case OP_TYPESTAR:
2017 case OP_TYPEUPTO:
2018 case OP_UPTO:
2019 case OP_UPTOI:
2020 return -1;
2021
2022 /* Catch unrecognized opcodes so that when new ones are added they
2023 are not forgotten, as has happened in the past. */
2024
2025 default:
2026 return -4;
2027 }
2028 }
2029 /* Control never gets here */
2030 }
2031
2032
2033
2034
2035 /*************************************************
2036 * Scan compiled regex for specific bracket *
2037 *************************************************/
2038
2039 /* This little function scans through a compiled pattern until it finds a
2040 capturing bracket with the given number, or, if the number is negative, an
2041 instance of OP_REVERSE for a lookbehind. The function is global in the C sense
2042 so that it can be called from pcre_study() when finding the minimum matching
2043 length.
2044
2045 Arguments:
2046 code points to start of expression
2047 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
2048 number the required bracket number or negative to find a lookbehind
2049
2050 Returns: pointer to the opcode for the bracket, or NULL if not found
2051 */
2052
2053 const pcre_uchar *
2054 PRIV(find_bracket)(const pcre_uchar *code, BOOL utf, int number)
2055 {
2056 for (;;)
2057 {
2058 register int c = *code;
2059
2060 if (c == OP_END) return NULL;
2061
2062 /* XCLASS is used for classes that cannot be represented just by a bit
2063 map. This includes negated single high-valued characters. The length in
2064 the table is zero; the actual length is stored in the compiled code. */
2065
2066 if (c == OP_XCLASS) code += GET(code, 1);
2067
2068 /* Handle recursion */
2069
2070 else if (c == OP_REVERSE)
2071 {
2072 if (number < 0) return (pcre_uchar *)code;
2073 code += PRIV(OP_lengths)[c];
2074 }
2075
2076 /* Handle capturing bracket */
2077
2078 else if (c == OP_CBRA || c == OP_SCBRA ||
2079 c == OP_CBRAPOS || c == OP_SCBRAPOS)
2080 {
2081 int n = GET2(code, 1+LINK_SIZE);
2082 if (n == number) return (pcre_uchar *)code;
2083 code += PRIV(OP_lengths)[c];
2084 }
2085
2086 /* Otherwise, we can get the item's length from the table, except that for
2087 repeated character types, we have to test for \p and \P, which have an extra
2088 two bytes of parameters, and for MARK/PRUNE/SKIP/THEN with an argument, we
2089 must add in its length. */
2090
2091 else
2092 {
2093 switch(c)
2094 {
2095 case OP_TYPESTAR:
2096 case OP_TYPEMINSTAR:
2097 case OP_TYPEPLUS:
2098 case OP_TYPEMINPLUS:
2099 case OP_TYPEQUERY:
2100 case OP_TYPEMINQUERY:
2101 case OP_TYPEPOSSTAR:
2102 case OP_TYPEPOSPLUS:
2103 case OP_TYPEPOSQUERY:
2104 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2105 break;
2106
2107 case OP_TYPEUPTO:
2108 case OP_TYPEMINUPTO:
2109 case OP_TYPEEXACT:
2110 case OP_TYPEPOSUPTO:
2111 if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2112 code += 2;
2113 break;
2114
2115 case OP_MARK:
2116 case OP_PRUNE_ARG:
2117 case OP_SKIP_ARG:
2118 code += code[1];
2119 break;
2120
2121 case OP_THEN_ARG:
2122 code += code[1];
2123 break;
2124 }
2125
2126 /* Add in the fixed length from the table */
2127
2128 code += PRIV(OP_lengths)[c];
2129
2130 /* In UTF-8 mode, opcodes that are followed by a character may be followed by
2131 a multi-byte character. The length in the table is a minimum, so we have to
2132 arrange to skip the extra bytes. */
2133
2134 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2135 if (utf) switch(c)
2136 {
2137 case OP_CHAR:
2138 case OP_CHARI:
2139 case OP_EXACT:
2140 case OP_EXACTI:
2141 case OP_UPTO:
2142 case OP_UPTOI:
2143 case OP_MINUPTO:
2144 case OP_MINUPTOI:
2145 case OP_POSUPTO:
2146 case OP_POSUPTOI:
2147 case OP_STAR:
2148 case OP_STARI:
2149 case OP_MINSTAR:
2150 case OP_MINSTARI:
2151 case OP_POSSTAR:
2152 case OP_POSSTARI:
2153 case OP_PLUS:
2154 case OP_PLUSI:
2155 case OP_MINPLUS:
2156 case OP_MINPLUSI:
2157 case OP_POSPLUS:
2158 case OP_POSPLUSI:
2159 case OP_QUERY:
2160 case OP_QUERYI:
2161 case OP_MINQUERY:
2162 case OP_MINQUERYI:
2163 case OP_POSQUERY:
2164 case OP_POSQUERYI:
2165 if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);
2166 break;
2167 }
2168 #else
2169 (void)(utf); /* Keep compiler happy by referencing function argument */
2170 #endif
2171 }
2172 }
2173 }
2174
2175
2176
2177 /*************************************************
2178 * Scan compiled regex for recursion reference *
2179 *************************************************/
2180
2181 /* This little function scans through a compiled pattern until it finds an
2182 instance of OP_RECURSE.
2183
2184 Arguments:
2185 code points to start of expression
2186 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
2187
2188 Returns: pointer to the opcode for OP_RECURSE, or NULL if not found
2189 */
2190
2191 static const pcre_uchar *
2192 find_recurse(const pcre_uchar *code, BOOL utf)
2193 {
2194 for (;;)
2195 {
2196 register int c = *code;
2197 if (c == OP_END) return NULL;
2198 if (c == OP_RECURSE) return code;
2199
2200 /* XCLASS is used for classes that cannot be represented just by a bit
2201 map. This includes negated single high-valued characters. The length in
2202 the table is zero; the actual length is stored in the compiled code. */
2203
2204 if (c == OP_XCLASS) code += GET(code, 1);
2205
2206 /* Otherwise, we can get the item's length from the table, except that for
2207 repeated character types, we have to test for \p and \P, which have an extra
2208 two bytes of parameters, and for MARK/PRUNE/SKIP/THEN with an argument, we
2209 must add in its length. */
2210
2211 else
2212 {
2213 switch(c)
2214 {
2215 case OP_TYPESTAR:
2216 case OP_TYPEMINSTAR:
2217 case OP_TYPEPLUS:
2218 case OP_TYPEMINPLUS:
2219 case OP_TYPEQUERY:
2220 case OP_TYPEMINQUERY:
2221 case OP_TYPEPOSSTAR:
2222 case OP_TYPEPOSPLUS:
2223 case OP_TYPEPOSQUERY:
2224 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2225 break;
2226
2227 case OP_TYPEPOSUPTO:
2228 case OP_TYPEUPTO:
2229 case OP_TYPEMINUPTO:
2230 case OP_TYPEEXACT:
2231 if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2232 code += 2;
2233 break;
2234
2235 case OP_MARK:
2236 case OP_PRUNE_ARG:
2237 case OP_SKIP_ARG:
2238 code += code[1];
2239 break;
2240
2241 case OP_THEN_ARG:
2242 code += code[1];
2243 break;
2244 }
2245
2246 /* Add in the fixed length from the table */
2247
2248 code += PRIV(OP_lengths)[c];
2249
2250 /* In UTF-8 mode, opcodes that are followed by a character may be followed
2251 by a multi-byte character. The length in the table is a minimum, so we have
2252 to arrange to skip the extra bytes. */
2253
2254 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2255 if (utf) switch(c)
2256 {
2257 case OP_CHAR:
2258 case OP_CHARI:
2259 case OP_NOT:
2260 case OP_NOTI:
2261 case OP_EXACT:
2262 case OP_EXACTI:
2263 case OP_NOTEXACT:
2264 case OP_NOTEXACTI:
2265 case OP_UPTO:
2266 case OP_UPTOI:
2267 case OP_NOTUPTO:
2268 case OP_NOTUPTOI:
2269 case OP_MINUPTO:
2270 case OP_MINUPTOI:
2271 case OP_NOTMINUPTO:
2272 case OP_NOTMINUPTOI:
2273 case OP_POSUPTO:
2274 case OP_POSUPTOI:
2275 case OP_NOTPOSUPTO:
2276 case OP_NOTPOSUPTOI:
2277 case OP_STAR:
2278 case OP_STARI:
2279 case OP_NOTSTAR:
2280 case OP_NOTSTARI:
2281 case OP_MINSTAR:
2282 case OP_MINSTARI:
2283 case OP_NOTMINSTAR:
2284 case OP_NOTMINSTARI:
2285 case OP_POSSTAR:
2286 case OP_POSSTARI:
2287 case OP_NOTPOSSTAR:
2288 case OP_NOTPOSSTARI:
2289 case OP_PLUS:
2290 case OP_PLUSI:
2291 case OP_NOTPLUS:
2292 case OP_NOTPLUSI:
2293 case OP_MINPLUS:
2294 case OP_MINPLUSI:
2295 case OP_NOTMINPLUS:
2296 case OP_NOTMINPLUSI:
2297 case OP_POSPLUS:
2298 case OP_POSPLUSI:
2299 case OP_NOTPOSPLUS:
2300 case OP_NOTPOSPLUSI:
2301 case OP_QUERY:
2302 case OP_QUERYI:
2303 case OP_NOTQUERY:
2304 case OP_NOTQUERYI:
2305 case OP_MINQUERY:
2306 case OP_MINQUERYI:
2307 case OP_NOTMINQUERY:
2308 case OP_NOTMINQUERYI:
2309 case OP_POSQUERY:
2310 case OP_POSQUERYI:
2311 case OP_NOTPOSQUERY:
2312 case OP_NOTPOSQUERYI:
2313 if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);
2314 break;
2315 }
2316 #else
2317 (void)(utf); /* Keep compiler happy by referencing function argument */
2318 #endif
2319 }
2320 }
2321 }
2322
2323
2324
2325 /*************************************************
2326 * Scan compiled branch for non-emptiness *
2327 *************************************************/
2328
2329 /* This function scans through a branch of a compiled pattern to see whether it
2330 can match the empty string or not. It is called from could_be_empty()
2331 below and from compile_branch() when checking for an unlimited repeat of a
2332 group that can match nothing. Note that first_significant_code() skips over
2333 backward and negative forward assertions when its final argument is TRUE. If we
2334 hit an unclosed bracket, we return "empty" - this means we've struck an inner
2335 bracket whose current branch will already have been scanned.
2336
2337 Arguments:
2338 code points to start of search
2339 endcode points to where to stop
2340 utf TRUE if in UTF-8 / UTF-16 / UTF-32 mode
2341 cd contains pointers to tables etc.
2342
2343 Returns: TRUE if what is matched could be empty
2344 */
2345
2346 static BOOL
2347 could_be_empty_branch(const pcre_uchar *code, const pcre_uchar *endcode,
2348 BOOL utf, compile_data *cd)
2349 {
2350 register int c;
2351 for (code = first_significant_code(code + PRIV(OP_lengths)[*code], TRUE);
2352 code < endcode;
2353 code = first_significant_code(code + PRIV(OP_lengths)[c], TRUE))
2354 {
2355 const pcre_uchar *ccode;
2356
2357 c = *code;
2358
2359 /* Skip over forward assertions; the other assertions are skipped by
2360 first_significant_code() with a TRUE final argument. */
2361
2362 if (c == OP_ASSERT)
2363 {
2364 do code += GET(code, 1); while (*code == OP_ALT);
2365 c = *code;
2366 continue;
2367 }
2368
2369 /* For a recursion/subroutine call, if its end has been reached, which
2370 implies a backward reference subroutine call, we can scan it. If it's a
2371 forward reference subroutine call, we can't. To detect forward reference
2372 we have to scan up the list that is kept in the workspace. This function is
2373 called only when doing the real compile, not during the pre-compile that
2374 measures the size of the compiled pattern. */
2375
2376 if (c == OP_RECURSE)
2377 {
2378 const pcre_uchar *scode;
2379 BOOL empty_branch;
2380
2381 /* Test for forward reference */
2382
2383 for (scode = cd->start_workspace; scode < cd->hwm; scode += LINK_SIZE)
2384 if (GET(scode, 0) == code + 1 - cd->start_code) return TRUE;
2385
2386 /* Not a forward reference, test for completed backward reference */
2387
2388 empty_branch = FALSE;
2389 scode = cd->start_code + GET(code, 1);
2390 if (GET(scode, 1) == 0) return TRUE; /* Unclosed */
2391
2392 /* Completed backwards reference */
2393
2394 do
2395 {
2396 if (could_be_empty_branch(scode, endcode, utf, cd))
2397 {
2398 empty_branch = TRUE;
2399 break;
2400 }
2401 scode += GET(scode, 1);
2402 }
2403 while (*scode == OP_ALT);
2404
2405 if (!empty_branch) return FALSE; /* All branches are non-empty */
2406 continue;
2407 }
2408
2409 /* Groups with zero repeats can of course be empty; skip them. */
2410
2411 if (c == OP_BRAZERO || c == OP_BRAMINZERO || c == OP_SKIPZERO ||
2412 c == OP_BRAPOSZERO)
2413 {
2414 code += PRIV(OP_lengths)[c];
2415 do code += GET(code, 1); while (*code == OP_ALT);
2416 c = *code;
2417 continue;
2418 }
2419
2420 /* A nested group that is already marked as "could be empty" can just be
2421 skipped. */
2422
2423 if (c == OP_SBRA || c == OP_SBRAPOS ||
2424 c == OP_SCBRA || c == OP_SCBRAPOS)
2425 {
2426 do code += GET(code, 1); while (*code == OP_ALT);
2427 c = *code;
2428 continue;
2429 }
2430
2431 /* For other groups, scan the branches. */
2432
2433 if (c == OP_BRA || c == OP_BRAPOS ||
2434 c == OP_CBRA || c == OP_CBRAPOS ||
2435 c == OP_ONCE || c == OP_ONCE_NC ||
2436 c == OP_COND)
2437 {
2438 BOOL empty_branch;
2439 if (GET(code, 1) == 0) return TRUE; /* Hit unclosed bracket */
2440
2441 /* If a conditional group has only one branch, there is a second, implied,
2442 empty branch, so just skip over the conditional, because it could be empty.
2443 Otherwise, scan the individual branches of the group. */
2444
2445 if (c == OP_COND && code[GET(code, 1)] != OP_ALT)
2446 code += GET(code, 1);
2447 else
2448 {
2449 empty_branch = FALSE;
2450 do
2451 {
2452 if (!empty_branch && could_be_empty_branch(code, endcode, utf, cd))
2453 empty_branch = TRUE;
2454 code += GET(code, 1);
2455 }
2456 while (*code == OP_ALT);
2457 if (!empty_branch) return FALSE; /* All branches are non-empty */
2458 }
2459
2460 c = *code;
2461 continue;
2462 }
2463
2464 /* Handle the other opcodes */
2465
2466 switch (c)
2467 {
2468 /* Check for quantifiers after a class. XCLASS is used for classes that
2469 cannot be represented just by a bit map. This includes negated single
2470 high-valued characters. The length in PRIV(OP_lengths)[] is zero; the
2471 actual length is stored in the compiled code, so we must update "code"
2472 here. */
2473
2474 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
2475 case OP_XCLASS:
2476 ccode = code += GET(code, 1);
2477 goto CHECK_CLASS_REPEAT;
2478 #endif
2479
2480 case OP_CLASS:
2481 case OP_NCLASS:
2482 ccode = code + PRIV(OP_lengths)[OP_CLASS];
2483
2484 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
2485 CHECK_CLASS_REPEAT:
2486 #endif
2487
2488 switch (*ccode)
2489 {
2490 case OP_CRSTAR: /* These could be empty; continue */
2491 case OP_CRMINSTAR:
2492 case OP_CRQUERY:
2493 case OP_CRMINQUERY:
2494 break;
2495
2496 default: /* Non-repeat => class must match */
2497 case OP_CRPLUS: /* These repeats aren't empty */
2498 case OP_CRMINPLUS:
2499 return FALSE;
2500
2501 case OP_CRRANGE:
2502 case OP_CRMINRANGE:
2503 if (GET2(ccode, 1) > 0) return FALSE; /* Minimum > 0 */
2504 break;
2505 }
2506 break;
2507
2508 /* Opcodes that must match a character */
2509
2510 case OP_PROP:
2511 case OP_NOTPROP:
2512 case OP_EXTUNI:
2513 case OP_NOT_DIGIT:
2514 case OP_DIGIT:
2515 case OP_NOT_WHITESPACE:
2516 case OP_WHITESPACE:
2517 case OP_NOT_WORDCHAR:
2518 case OP_WORDCHAR:
2519 case OP_ANY:
2520 case OP_ALLANY:
2521 case OP_ANYBYTE:
2522 case OP_CHAR:
2523 case OP_CHARI:
2524 case OP_NOT:
2525 case OP_NOTI:
2526 case OP_PLUS:
2527 case OP_MINPLUS:
2528 case OP_POSPLUS:
2529 case OP_EXACT:
2530 case OP_NOTPLUS:
2531 case OP_NOTMINPLUS:
2532 case OP_NOTPOSPLUS:
2533 case OP_NOTEXACT:
2534 case OP_TYPEPLUS:
2535 case OP_TYPEMINPLUS:
2536 case OP_TYPEPOSPLUS:
2537 case OP_TYPEEXACT:
2538 return FALSE;
2539
2540 /* These are going to continue, as they may be empty, but we have to
2541 fudge the length for the \p and \P cases. */
2542
2543 case OP_TYPESTAR:
2544 case OP_TYPEMINSTAR:
2545 case OP_TYPEPOSSTAR:
2546 case OP_TYPEQUERY:
2547 case OP_TYPEMINQUERY:
2548 case OP_TYPEPOSQUERY:
2549 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2550 break;
2551
2552 /* Same for these */
2553
2554 case OP_TYPEUPTO:
2555 case OP_TYPEMINUPTO:
2556 case OP_TYPEPOSUPTO:
2557 if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2558 code += 2;
2559 break;
2560
2561 /* End of branch */
2562
2563 case OP_KET:
2564 case OP_KETRMAX:
2565 case OP_KETRMIN:
2566 case OP_KETRPOS:
2567 case OP_ALT:
2568 return TRUE;
2569
2570 /* In UTF-8 mode, STAR, MINSTAR, POSSTAR, QUERY, MINQUERY, POSQUERY, UPTO,
2571 MINUPTO, and POSUPTO may be followed by a multibyte character */
2572
2573 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2574 case OP_STAR:
2575 case OP_STARI:
2576 case OP_MINSTAR:
2577 case OP_MINSTARI:
2578 case OP_POSSTAR:
2579 case OP_POSSTARI:
2580 case OP_QUERY:
2581 case OP_QUERYI:
2582 case OP_MINQUERY:
2583 case OP_MINQUERYI:
2584 case OP_POSQUERY:
2585 case OP_POSQUERYI:
2586 if (utf && HAS_EXTRALEN(code[1])) code += GET_EXTRALEN(code[1]);
2587 break;
2588
2589 case OP_UPTO:
2590 case OP_UPTOI:
2591 case OP_MINUPTO:
2592 case OP_MINUPTOI:
2593 case OP_POSUPTO:
2594 case OP_POSUPTOI:
2595 if (utf && HAS_EXTRALEN(code[1 + IMM2_SIZE])) code += GET_EXTRALEN(code[1 + IMM2_SIZE]);
2596 break;
2597 #endif
2598
2599 /* MARK, and PRUNE/SKIP/THEN with an argument must skip over the argument
2600 string. */
2601
2602 case OP_MARK:
2603 case OP_PRUNE_ARG:
2604 case OP_SKIP_ARG:
2605 code += code[1];
2606 break;
2607
2608 case OP_THEN_ARG:
2609 code += code[1];
2610 break;
2611
2612 /* None of the remaining opcodes are required to match a character. */
2613
2614 default:
2615 break;
2616 }
2617 }
2618
2619 return TRUE;
2620 }
2621
2622
2623
2624 /*************************************************
2625 * Scan compiled regex for non-emptiness *
2626 *************************************************/
2627
2628 /* This function is called to check for left recursive calls. We want to check
2629 the current branch of the current pattern to see if it could match the empty
2630 string. If it could, we must look outwards for branches at other levels,
2631 stopping when we pass beyond the bracket which is the subject of the recursion.
2632 This function is called only during the real compile, not during the
2633 pre-compile.
2634
2635 Arguments:
2636 code points to start of the recursion
2637 endcode points to where to stop (current RECURSE item)
2638 bcptr points to the chain of current (unclosed) branch starts
2639 utf TRUE if in UTF-8 / UTF-16 / UTF-32 mode
2640 cd pointers to tables etc
2641
2642 Returns: TRUE if what is matched could be empty
2643 */
2644
2645 static BOOL
2646 could_be_empty(const pcre_uchar *code, const pcre_uchar *endcode,
2647 branch_chain *bcptr, BOOL utf, compile_data *cd)
2648 {
2649 while (bcptr != NULL && bcptr->current_branch >= code)
2650 {
2651 if (!could_be_empty_branch(bcptr->current_branch, endcode, utf, cd))
2652 return FALSE;
2653 bcptr = bcptr->outer;
2654 }
2655 return TRUE;
2656 }
2657
2658
2659
2660 /*************************************************
2661 * Check for POSIX class syntax *
2662 *************************************************/
2663
2664 /* This function is called when the sequence "[:" or "[." or "[=" is
2665 encountered in a character class. It checks whether this is followed by a
2666 sequence of characters terminated by a matching ":]" or ".]" or "=]". If we
2667 reach an unescaped ']' without the special preceding character, return FALSE.
2668
2669 Originally, this function only recognized a sequence of letters between the
2670 terminators, but it seems that Perl recognizes any sequence of characters,
2671 though of course unknown POSIX names are subsequently rejected. Perl gives an
2672 "Unknown POSIX class" error for [:f\oo:] for example, where previously PCRE
2673 didn't consider this to be a POSIX class. Likewise for [:1234:].
2674
2675 The problem in trying to be exactly like Perl is in the handling of escapes. We
2676 have to be sure that [abc[:x\]pqr] is *not* treated as containing a POSIX
2677 class, but [abc[:x\]pqr:]] is (so that an error can be generated). The code
2678 below handles the special case of \], but does not try to do any other escape
2679 processing. This makes it different from Perl for cases such as [:l\ower:]
2680 where Perl recognizes it as the POSIX class "lower" but PCRE does not recognize
2681 "l\ower". This is a lesser evil that not diagnosing bad classes when Perl does,
2682 I think.
2683
2684 A user pointed out that PCRE was rejecting [:a[:digit:]] whereas Perl was not.
2685 It seems that the appearance of a nested POSIX class supersedes an apparent
2686 external class. For example, [:a[:digit:]b:] matches "a", "b", ":", or
2687 a digit.
2688
2689 In Perl, unescaped square brackets may also appear as part of class names. For
2690 example, [:a[:abc]b:] gives unknown POSIX class "[:abc]b:]". However, for
2691 [:a[:abc]b][b:] it gives unknown POSIX class "[:abc]b][b:]", which does not
2692 seem right at all. PCRE does not allow closing square brackets in POSIX class
2693 names.
2694
2695 Arguments:
2696 ptr pointer to the initial [
2697 endptr where to return the end pointer
2698
2699 Returns: TRUE or FALSE
2700 */
2701
2702 static BOOL
2703 check_posix_syntax(const pcre_uchar *ptr, const pcre_uchar **endptr)
2704 {
2705 int terminator; /* Don't combine these lines; the Solaris cc */
2706 terminator = *(++ptr); /* compiler warns about "non-constant" initializer. */
2707 for (++ptr; *ptr != 0; ptr++)
2708 {
2709 if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
2710 ptr++;
2711 else if (*ptr == CHAR_RIGHT_SQUARE_BRACKET) return FALSE;
2712 else
2713 {
2714 if (*ptr == terminator && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
2715 {
2716 *endptr = ptr;
2717 return TRUE;
2718 }
2719 if (*ptr == CHAR_LEFT_SQUARE_BRACKET &&
2720 (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
2721 ptr[1] == CHAR_EQUALS_SIGN) &&
2722 check_posix_syntax(ptr, endptr))
2723 return FALSE;
2724 }
2725 }
2726 return FALSE;
2727 }
2728
2729
2730
2731
2732 /*************************************************
2733 * Check POSIX class name *
2734 *************************************************/
2735
2736 /* This function is called to check the name given in a POSIX-style class entry
2737 such as [:alnum:].
2738
2739 Arguments:
2740 ptr points to the first letter
2741 len the length of the name
2742
2743 Returns: a value representing the name, or -1 if unknown
2744 */
2745
2746 static int
2747 check_posix_name(const pcre_uchar *ptr, int len)
2748 {
2749 const char *pn = posix_names;
2750 register int yield = 0;
2751 while (posix_name_lengths[yield] != 0)
2752 {
2753 if (len == posix_name_lengths[yield] &&
2754 STRNCMP_UC_C8(ptr, pn, len) == 0) return yield;
2755 pn += posix_name_lengths[yield] + 1;
2756 yield++;
2757 }
2758 return -1;
2759 }
2760
2761
2762 /*************************************************
2763 * Adjust OP_RECURSE items in repeated group *
2764 *************************************************/
2765
2766 /* OP_RECURSE items contain an offset from the start of the regex to the group
2767 that is referenced. This means that groups can be replicated for fixed
2768 repetition simply by copying (because the recursion is allowed to refer to
2769 earlier groups that are outside the current group). However, when a group is
2770 optional (i.e. the minimum quantifier is zero), OP_BRAZERO or OP_SKIPZERO is
2771 inserted before it, after it has been compiled. This means that any OP_RECURSE
2772 items within it that refer to the group itself or any contained groups have to
2773 have their offsets adjusted. That one of the jobs of this function. Before it
2774 is called, the partially compiled regex must be temporarily terminated with
2775 OP_END.
2776
2777 This function has been extended with the possibility of forward references for
2778 recursions and subroutine calls. It must also check the list of such references
2779 for the group we are dealing with. If it finds that one of the recursions in
2780 the current group is on this list, it adjusts the offset in the list, not the
2781 value in the reference (which is a group number).
2782
2783 Arguments:
2784 group points to the start of the group
2785 adjust the amount by which the group is to be moved
2786 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
2787 cd contains pointers to tables etc.
2788 save_hwm the hwm forward reference pointer at the start of the group
2789
2790 Returns: nothing
2791 */
2792
2793 static void
2794 adjust_recurse(pcre_uchar *group, int adjust, BOOL utf, compile_data *cd,
2795 pcre_uchar *save_hwm)
2796 {
2797 pcre_uchar *ptr = group;
2798
2799 while ((ptr = (pcre_uchar *)find_recurse(ptr, utf)) != NULL)
2800 {
2801 int offset;
2802 pcre_uchar *hc;
2803
2804 /* See if this recursion is on the forward reference list. If so, adjust the
2805 reference. */
2806
2807 for (hc = save_hwm; hc < cd->hwm; hc += LINK_SIZE)
2808 {
2809 offset = GET(hc, 0);
2810 if (cd->start_code + offset == ptr + 1)
2811 {
2812 PUT(hc, 0, offset + adjust);
2813 break;
2814 }
2815 }
2816
2817 /* Otherwise, adjust the recursion offset if it's after the start of this
2818 group. */
2819
2820 if (hc >= cd->hwm)
2821 {
2822 offset = GET(ptr, 1);
2823 if (cd->start_code + offset >= group) PUT(ptr, 1, offset + adjust);
2824 }
2825
2826 ptr += 1 + LINK_SIZE;
2827 }
2828 }
2829
2830
2831
2832 /*************************************************
2833 * Insert an automatic callout point *
2834 *************************************************/
2835
2836 /* This function is called when the PCRE_AUTO_CALLOUT option is set, to insert
2837 callout points before each pattern item.
2838
2839 Arguments:
2840 code current code pointer
2841 ptr current pattern pointer
2842 cd pointers to tables etc
2843
2844 Returns: new code pointer
2845 */
2846
2847 static pcre_uchar *
2848 auto_callout(pcre_uchar *code, const pcre_uchar *ptr, compile_data *cd)
2849 {
2850 *code++ = OP_CALLOUT;
2851 *code++ = 255;
2852 PUT(code, 0, (int)(ptr - cd->start_pattern)); /* Pattern offset */
2853 PUT(code, LINK_SIZE, 0); /* Default length */
2854 return code + 2 * LINK_SIZE;
2855 }
2856
2857
2858
2859 /*************************************************
2860 * Complete a callout item *
2861 *************************************************/
2862
2863 /* A callout item contains the length of the next item in the pattern, which
2864 we can't fill in till after we have reached the relevant point. This is used
2865 for both automatic and manual callouts.
2866
2867 Arguments:
2868 previous_callout points to previous callout item
2869 ptr current pattern pointer
2870 cd pointers to tables etc
2871
2872 Returns: nothing
2873 */
2874
2875 static void
2876 complete_callout(pcre_uchar *previous_callout, const pcre_uchar *ptr, compile_data *cd)
2877 {
2878 int length = (int)(ptr - cd->start_pattern - GET(previous_callout, 2));
2879 PUT(previous_callout, 2 + LINK_SIZE, length);
2880 }
2881
2882
2883
2884 #ifdef SUPPORT_UCP
2885 /*************************************************
2886 * Get othercase range *
2887 *************************************************/
2888
2889 /* This function is passed the start and end of a class range, in UTF-8 mode
2890 with UCP support. It searches up the characters, looking for ranges of
2891 characters in the "other" case. Each call returns the next one, updating the
2892 start address. A character with multiple other cases is returned on its own
2893 with a special return value.
2894
2895 Arguments:
2896 cptr points to starting character value; updated
2897 d end value
2898 ocptr where to put start of othercase range
2899 odptr where to put end of othercase range
2900
2901 Yield: -1 when no more
2902 0 when a range is returned
2903 >0 the CASESET offset for char with multiple other cases
2904 in this case, ocptr contains the original
2905 */
2906
2907 static int
2908 get_othercase_range(unsigned int *cptr, unsigned int d, unsigned int *ocptr,
2909 unsigned int *odptr)
2910 {
2911 unsigned int c, othercase, next;
2912 int co;
2913
2914 /* Find the first character that has an other case. If it has multiple other
2915 cases, return its case offset value. */
2916
2917 for (c = *cptr; c <= d; c++)
2918 {
2919 if ((co = UCD_CASESET(c)) != 0)
2920 {
2921 *ocptr = c++; /* Character that has the set */
2922 *cptr = c; /* Rest of input range */
2923 return co;
2924 }
2925 if ((othercase = UCD_OTHERCASE(c)) != c) break;
2926 }
2927
2928 if (c > d) return -1; /* Reached end of range */
2929
2930 *ocptr = othercase;
2931 next = othercase + 1;
2932
2933 for (++c; c <= d; c++)
2934 {
2935 if (UCD_OTHERCASE(c) != next) break;
2936 next++;
2937 }
2938
2939 *odptr = next - 1; /* End of othercase range */
2940 *cptr = c; /* Rest of input range */
2941 return 0;
2942 }
2943
2944
2945
2946 /*************************************************
2947 * Check a character and a property *
2948 *************************************************/
2949
2950 /* This function is called by check_auto_possessive() when a property item
2951 is adjacent to a fixed character.
2952
2953 Arguments:
2954 c the character
2955 ptype the property type
2956 pdata the data for the type
2957 negated TRUE if it's a negated property (\P or \p{^)
2958
2959 Returns: TRUE if auto-possessifying is OK
2960 */
2961
2962 static BOOL
2963 check_char_prop(int c, int ptype, int pdata, BOOL negated)
2964 {
2965 #ifdef SUPPORT_UCP
2966 const pcre_uint32 *p;
2967 #endif
2968
2969 const ucd_record *prop = GET_UCD(c);
2970
2971 switch(ptype)
2972 {
2973 case PT_LAMP:
2974 return (prop->chartype == ucp_Lu ||
2975 prop->chartype == ucp_Ll ||
2976 prop->chartype == ucp_Lt) == negated;
2977
2978 case PT_GC:
2979 return (pdata == PRIV(ucp_gentype)[prop->chartype]) == negated;
2980
2981 case PT_PC:
2982 return (pdata == prop->chartype) == negated;
2983
2984 case PT_SC:
2985 return (pdata == prop->script) == negated;
2986
2987 /* These are specials */
2988
2989 case PT_ALNUM:
2990 return (PRIV(ucp_gentype)[prop->chartype] == ucp_L ||
2991 PRIV(ucp_gentype)[prop->chartype] == ucp_N) == negated;
2992
2993 case PT_SPACE: /* Perl space */
2994 return (PRIV(ucp_gentype)[prop->chartype] == ucp_Z ||
2995 c == CHAR_HT || c == CHAR_NL || c == CHAR_FF || c == CHAR_CR)
2996 == negated;
2997
2998 case PT_PXSPACE: /* POSIX space */
2999 return (PRIV(ucp_gentype)[prop->chartype] == ucp_Z ||
3000 c == CHAR_HT || c == CHAR_NL || c == CHAR_VT ||
3001 c == CHAR_FF || c == CHAR_CR)
3002 == negated;
3003
3004 case PT_WORD:
3005 return (PRIV(ucp_gentype)[prop->chartype] == ucp_L ||
3006 PRIV(ucp_gentype)[prop->chartype] == ucp_N ||
3007 c == CHAR_UNDERSCORE) == negated;
3008
3009 #ifdef SUPPORT_UCP
3010 case PT_CLIST:
3011 p = PRIV(ucd_caseless_sets) + prop->caseset;
3012 for (;;)
3013 {
3014 if ((unsigned int)c < *p) return !negated;
3015 if ((unsigned int)c == *p++) return negated;
3016 }
3017 break; /* Control never reaches here */
3018 #endif
3019 }
3020
3021 return FALSE;
3022 }
3023 #endif /* SUPPORT_UCP */
3024
3025
3026
3027 /*************************************************
3028 * Check if auto-possessifying is possible *
3029 *************************************************/
3030
3031 /* This function is called for unlimited repeats of certain items, to see
3032 whether the next thing could possibly match the repeated item. If not, it makes
3033 sense to automatically possessify the repeated item.
3034
3035 Arguments:
3036 previous pointer to the repeated opcode
3037 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
3038 ptr next character in pattern
3039 options options bits
3040 cd contains pointers to tables etc.
3041
3042 Returns: TRUE if possessifying is wanted
3043 */
3044
3045 static BOOL
3046 check_auto_possessive(const pcre_uchar *previous, BOOL utf,
3047 const pcre_uchar *ptr, int options, compile_data *cd)
3048 {
3049 pcre_int32 c = NOTACHAR; // FIXMEchpe pcre_uint32
3050 pcre_int32 next;
3051 int escape;
3052 int op_code = *previous++;
3053
3054 /* Skip whitespace and comments in extended mode */
3055
3056 if ((options & PCRE_EXTENDED) != 0)
3057 {
3058 for (;;)
3059 {
3060 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_space) != 0) ptr++;
3061 if (*ptr == CHAR_NUMBER_SIGN)
3062 {
3063 ptr++;
3064 while (*ptr != 0)
3065 {
3066 if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }
3067 ptr++;
3068 #ifdef SUPPORT_UTF
3069 if (utf) FORWARDCHAR(ptr);
3070 #endif
3071 }
3072 }
3073 else break;
3074 }
3075 }
3076
3077 /* If the next item is one that we can handle, get its value. A non-negative
3078 value is a character, a negative value is an escape value. */
3079
3080 if (*ptr == CHAR_BACKSLASH)
3081 {
3082 int temperrorcode = 0;
3083 escape = check_escape(&ptr, &next, &temperrorcode, cd->bracount, options, FALSE);
3084 if (temperrorcode != 0) return FALSE;
3085 ptr++; /* Point after the escape sequence */
3086 }
3087 else if (!MAX_255(*ptr) || (cd->ctypes[*ptr] & ctype_meta) == 0)
3088 {
3089 escape = 0;
3090 #ifdef SUPPORT_UTF
3091 if (utf) { GETCHARINC(next, ptr); } else
3092 #endif
3093 next = *ptr++;
3094 }
3095 else return FALSE;
3096
3097 /* Skip whitespace and comments in extended mode */
3098
3099 if ((options & PCRE_EXTENDED) != 0)
3100 {
3101 for (;;)
3102 {
3103 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_space) != 0) ptr++;
3104 if (*ptr == CHAR_NUMBER_SIGN)
3105 {
3106 ptr++;
3107 while (*ptr != 0)
3108 {
3109 if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }
3110 ptr++;
3111 #ifdef SUPPORT_UTF
3112 if (utf) FORWARDCHAR(ptr);
3113 #endif
3114 }
3115 }
3116 else break;
3117 }
3118 }
3119
3120 /* If the next thing is itself optional, we have to give up. */
3121
3122 if (*ptr == CHAR_ASTERISK || *ptr == CHAR_QUESTION_MARK ||
3123 STRNCMP_UC_C8(ptr, STR_LEFT_CURLY_BRACKET STR_0 STR_COMMA, 3) == 0)
3124 return FALSE;
3125
3126 /* If the previous item is a character, get its value. */
3127
3128 if (op_code == OP_CHAR || op_code == OP_CHARI ||
3129 op_code == OP_NOT || op_code == OP_NOTI)
3130 //if (escape == 0) switch(op_code)
3131 {
3132 #ifdef SUPPORT_UTF
3133 GETCHARTEST(c, previous);
3134 #else
3135 c = *previous;
3136 #endif
3137 }
3138
3139 /* Now compare the next item with the previous opcode. First, handle cases when
3140 the next item is a character. */
3141
3142 if (escape == 0)
3143 {
3144 /* For a caseless UTF match, the next character may have more than one other
3145 case, which maps to the special PT_CLIST property. Check this first. */
3146
3147 #ifdef SUPPORT_UCP
3148 if (utf && (unsigned int)c != NOTACHAR && (options & PCRE_CASELESS) != 0)
3149 {
3150 int ocs = UCD_CASESET(next);
3151 if (ocs > 0) return check_char_prop(c, PT_CLIST, ocs, op_code >= OP_NOT);
3152 }
3153 #endif
3154
3155 switch(op_code)
3156 {
3157 case OP_CHAR:
3158 return c != next;
3159
3160 /* For CHARI (caseless character) we must check the other case. If we have
3161 Unicode property support, we can use it to test the other case of
3162 high-valued characters. We know that next can have only one other case,
3163 because multi-other-case characters are dealt with above. */
3164
3165 case OP_CHARI:
3166 if (c == next) return FALSE;
3167 #ifdef SUPPORT_UTF
3168 if (utf)
3169 {
3170 unsigned int othercase;
3171 if (next < 128) othercase = cd->fcc[next]; else
3172 #ifdef SUPPORT_UCP
3173 othercase = UCD_OTHERCASE((unsigned int)next);
3174 #else
3175 othercase = NOTACHAR;
3176 #endif
3177 return (unsigned int)c != othercase;
3178 }
3179 else
3180 #endif /* SUPPORT_UTF */
3181 return (c != TABLE_GET((unsigned int)next, cd->fcc, next)); /* Not UTF */
3182
3183 case OP_NOT:
3184 return c == next;
3185
3186 case OP_NOTI:
3187 if (c == next) return TRUE;
3188 #ifdef SUPPORT_UTF
3189 if (utf)
3190 {
3191 unsigned int othercase;
3192 if (next < 128) othercase = cd->fcc[next]; else
3193 #ifdef SUPPORT_UCP
3194 othercase = UCD_OTHERCASE((unsigned int)next);
3195 #else
3196 othercase = NOTACHAR;
3197 #endif
3198 return (unsigned int)c == othercase;
3199 }
3200 else
3201 #endif /* SUPPORT_UTF */
3202 return (c == TABLE_GET((unsigned int)next, cd->fcc, next)); /* Not UTF */
3203
3204 /* Note that OP_DIGIT etc. are generated only when PCRE_UCP is *not* set.
3205 When it is set, \d etc. are converted into OP_(NOT_)PROP codes. */
3206
3207 case OP_DIGIT:
3208 return next > 255 || (cd->ctypes[next] & ctype_digit) == 0;
3209
3210 case OP_NOT_DIGIT:
3211 return next <= 255 && (cd->ctypes[next] & ctype_digit) != 0;
3212
3213 case OP_WHITESPACE:
3214 return next > 255 || (cd->ctypes[next] & ctype_space) == 0;
3215
3216 case OP_NOT_WHITESPACE:
3217 return next <= 255 && (cd->ctypes[next] & ctype_space) != 0;
3218
3219 case OP_WORDCHAR:
3220 return next > 255 || (cd->ctypes[next] & ctype_word) == 0;
3221
3222 case OP_NOT_WORDCHAR:
3223 return next <= 255 && (cd->ctypes[next] & ctype_word) != 0;
3224
3225 case OP_HSPACE:
3226 case OP_NOT_HSPACE:
3227 switch(next)
3228 {
3229 HSPACE_CASES:
3230 return op_code == OP_NOT_HSPACE;
3231
3232 default:
3233 return op_code != OP_NOT_HSPACE;
3234 }
3235
3236 case OP_ANYNL:
3237 case OP_VSPACE:
3238 case OP_NOT_VSPACE:
3239 switch(next)
3240 {
3241 VSPACE_CASES:
3242 return op_code == OP_NOT_VSPACE;
3243
3244 default:
3245 return op_code != OP_NOT_VSPACE;
3246 }
3247
3248 #ifdef SUPPORT_UCP
3249 case OP_PROP:
3250 return check_char_prop(next, previous[0], previous[1], FALSE);
3251
3252 case OP_NOTPROP:
3253 return check_char_prop(next, previous[0], previous[1], TRUE);
3254 #endif
3255
3256 default:
3257 return FALSE;
3258 }
3259 }
3260
3261 /* Handle the case when the next item is \d, \s, etc. Note that when PCRE_UCP
3262 is set, \d turns into ESC_du rather than ESC_d, etc., so ESC_d etc. are
3263 generated only when PCRE_UCP is *not* set, that is, when only ASCII
3264 characteristics are recognized. Similarly, the opcodes OP_DIGIT etc. are
3265 replaced by OP_PROP codes when PCRE_UCP is set. */
3266
3267 switch(op_code)
3268 {
3269 case OP_CHAR:
3270 case OP_CHARI:
3271 switch(escape)
3272 {
3273 case ESC_d:
3274 return c > 255 || (cd->ctypes[c] & ctype_digit) == 0;
3275
3276 case ESC_D:
3277 return c <= 255 && (cd->ctypes[c] & ctype_digit) != 0;
3278
3279 case ESC_s:
3280 return c > 255 || (cd->ctypes[c] & ctype_space) == 0;
3281
3282 case ESC_S:
3283 return c <= 255 && (cd->ctypes[c] & ctype_space) != 0;
3284
3285 case ESC_w:
3286 return c > 255 || (cd->ctypes[c] & ctype_word) == 0;
3287
3288 case ESC_W:
3289 return c <= 255 && (cd->ctypes[c] & ctype_word) != 0;
3290
3291 case ESC_h:
3292 case ESC_H:
3293 switch(c)
3294 {
3295 HSPACE_CASES:
3296 return escape != ESC_h;
3297
3298 default:
3299 return escape == ESC_h;
3300 }
3301
3302 case ESC_v:
3303 case ESC_V:
3304 switch(c)
3305 {
3306 VSPACE_CASES:
3307 return escape != ESC_v;
3308
3309 default:
3310 return escape == ESC_v;
3311 }
3312
3313 /* When PCRE_UCP is set, these values get generated for \d etc. Find
3314 their substitutions and process them. The result will always be either
3315 ESC_p or ESC_P. Then fall through to process those values. */
3316
3317 #ifdef SUPPORT_UCP
3318 case ESC_du:
3319 case ESC_DU:
3320 case ESC_wu:
3321 case ESC_WU:
3322 case ESC_su:
3323 case ESC_SU:
3324 {
3325 int temperrorcode = 0;
3326 ptr = substitutes[escape - ESC_DU];
3327 escape = check_escape(&ptr, &next, &temperrorcode, 0, options, FALSE);
3328 if (temperrorcode != 0) return FALSE;
3329 ptr++; /* For compatibility */
3330 }
3331 /* Fall through */
3332
3333 case ESC_p:
3334 case ESC_P:
3335 {
3336 int ptype, pdata, errorcodeptr;
3337 BOOL negated;
3338
3339 ptr--; /* Make ptr point at the p or P */
3340 ptype = get_ucp(&ptr, &negated, &pdata, &errorcodeptr);
3341 if (ptype < 0) return FALSE;
3342 ptr++; /* Point past the final curly ket */
3343
3344 /* If the property item is optional, we have to give up. (When generated
3345 from \d etc by PCRE_UCP, this test will have been applied much earlier,
3346 to the original \d etc. At this point, ptr will point to a zero byte. */
3347
3348 if (*ptr == CHAR_ASTERISK || *ptr == CHAR_QUESTION_MARK ||
3349 STRNCMP_UC_C8(ptr, STR_LEFT_CURLY_BRACKET STR_0 STR_COMMA, 3) == 0)
3350 return FALSE;
3351
3352 /* Do the property check. */
3353
3354 return check_char_prop(c, ptype, pdata, (escape == ESC_P) != negated);
3355 }
3356 #endif
3357
3358 default:
3359 return FALSE;
3360 }
3361
3362 /* In principle, support for Unicode properties should be integrated here as
3363 well. It means re-organizing the above code so as to get hold of the property
3364 values before switching on the op-code. However, I wonder how many patterns
3365 combine ASCII \d etc with Unicode properties? (Note that if PCRE_UCP is set,
3366 these op-codes are never generated.) */
3367
3368 case OP_DIGIT:
3369 return escape == ESC_D || escape == ESC_s || escape == ESC_W ||
3370 escape == ESC_h || escape == ESC_v || escape == ESC_R;
3371
3372 case OP_NOT_DIGIT:
3373 return escape == ESC_d;
3374
3375 case OP_WHITESPACE:
3376 return escape == ESC_S || escape == ESC_d || escape == ESC_w;
3377
3378 case OP_NOT_WHITESPACE:
3379 return escape == ESC_s || escape == ESC_h || escape == ESC_v || escape == ESC_R;
3380
3381 case OP_HSPACE:
3382 return escape == ESC_S || escape == ESC_H || escape == ESC_d ||
3383 escape == ESC_w || escape == ESC_v || escape == ESC_R;
3384
3385 case OP_NOT_HSPACE:
3386 return escape == ESC_h;
3387
3388 /* Can't have \S in here because VT matches \S (Perl anomaly) */
3389 case OP_ANYNL:
3390 case OP_VSPACE:
3391 return escape == ESC_V || escape == ESC_d || escape == ESC_w;
3392
3393 case OP_NOT_VSPACE:
3394 return escape == ESC_v || escape == ESC_R;
3395
3396 case OP_WORDCHAR:
3397 return escape == ESC_W || escape == ESC_s || escape == ESC_h ||
3398 escape == ESC_v || escape == ESC_R;
3399
3400 case OP_NOT_WORDCHAR:
3401 return escape == ESC_w || escape == ESC_d;
3402
3403 default:
3404 return FALSE;
3405 }
3406
3407 /* Control does not reach here */
3408 }
3409
3410
3411
3412 /*************************************************
3413 * Add a character or range to a class *
3414 *************************************************/
3415
3416 /* This function packages up the logic of adding a character or range of
3417 characters to a class. The character values in the arguments will be within the
3418 valid values for the current mode (8-bit, 16-bit, UTF, etc). This function is
3419 mutually recursive with the function immediately below.
3420
3421 Arguments:
3422 classbits the bit map for characters < 256
3423 uchardptr points to the pointer for extra data
3424 options the options word
3425 cd contains pointers to tables etc.
3426 start start of range character
3427 end end of range character
3428
3429 Returns: the number of < 256 characters added
3430 the pointer to extra data is updated
3431 */
3432
3433 static int
3434 add_to_class(pcre_uint8 *classbits, pcre_uchar **uchardptr, int options,
3435 compile_data *cd, pcre_uint32 start, pcre_uint32 end)
3436 {
3437 pcre_uint32 c;
3438 int n8 = 0;
3439
3440 /* If caseless matching is required, scan the range and process alternate
3441 cases. In Unicode, there are 8-bit characters that have alternate cases that
3442 are greater than 255 and vice-versa. Sometimes we can just extend the original
3443 range. */
3444
3445 if ((options & PCRE_CASELESS) != 0)
3446 {
3447 #ifdef SUPPORT_UCP
3448 if ((options & PCRE_UTF8) != 0)
3449 {
3450 int rc;
3451 pcre_uint32 oc, od;
3452
3453 options &= ~PCRE_CASELESS; /* Remove for recursive calls */
3454 c = start;
3455
3456 while ((rc = get_othercase_range(&c, end, &oc, &od)) >= 0)
3457 {
3458 /* Handle a single character that has more than one other case. */
3459
3460 if (rc > 0) n8 += add_list_to_class(classbits, uchardptr, options, cd,
3461 PRIV(ucd_caseless_sets) + rc, oc);
3462
3463 /* Do nothing if the other case range is within the original range. */
3464
3465 else if (oc >= start && od <= end) continue;
3466
3467 /* Extend the original range if there is overlap, noting that if oc < c, we
3468 can't have od > end because a subrange is always shorter than the basic
3469 range. Otherwise, use a recursive call to add the additional range. */
3470
3471 else if (oc < start && od >= start - 1) start = oc; /* Extend downwards */
3472 else if (od > end && oc <= end + 1) end = od; /* Extend upwards */
3473 else n8 += add_to_class(classbits, uchardptr, options, cd, oc, od);
3474 }
3475 }
3476 else
3477 #endif /* SUPPORT_UCP */
3478
3479 /* Not UTF-mode, or no UCP */
3480
3481 for (c = start; c <= end && c < 256; c++)
3482 {
3483 SETBIT(classbits, cd->fcc[c]);
3484 n8++;
3485 }
3486 }
3487
3488 /* Now handle the original range. Adjust the final value according to the bit
3489 length - this means that the same lists of (e.g.) horizontal spaces can be used
3490 in all cases. */
3491
3492 #if defined COMPILE_PCRE8
3493 #ifdef SUPPORT_UTF
3494 if ((options & PCRE_UTF8) == 0)
3495 #endif
3496 if (end > 0xff) end = 0xff;
3497
3498 #elif defined COMPILE_PCRE16
3499 #ifdef SUPPORT_UTF
3500 if ((options & PCRE_UTF16) == 0)
3501 #endif
3502 if (end > 0xffff) end = 0xffff;
3503
3504 #endif /* COMPILE_PCRE[8|16] */
3505
3506 /* If all characters are less than 256, use the bit map. Otherwise use extra
3507 data. */
3508
3509 if (end < 0x100)
3510 {
3511 for (c = start; c <= end; c++)
3512 {
3513 n8++;
3514 SETBIT(classbits, c);
3515 }
3516 }
3517
3518 else
3519 {
3520 pcre_uchar *uchardata = *uchardptr;
3521
3522 #ifdef SUPPORT_UTF
3523 if ((options & PCRE_UTF8) != 0) /* All UTFs use the same flag bit */
3524 {
3525 if (start < end)
3526 {
3527 *uchardata++ = XCL_RANGE;
3528 uchardata += PRIV(ord2utf)(start, uchardata);
3529 uchardata += PRIV(ord2utf)(end, uchardata);
3530 }
3531 else if (start == end)
3532 {
3533 *uchardata++ = XCL_SINGLE;
3534 uchardata += PRIV(ord2utf)(start, uchardata);
3535 }
3536 }
3537 else
3538 #endif /* SUPPORT_UTF */
3539
3540 /* Without UTF support, character values are constrained by the bit length,
3541 and can only be > 256 for 16-bit and 32-bit libraries. */
3542
3543 #ifdef COMPILE_PCRE8
3544 {}
3545 #else
3546 if (start < end)
3547 {
3548 *uchardata++ = XCL_RANGE;
3549 *uchardata++ = start;
3550 *uchardata++ = end;
3551 }
3552 else if (start == end)
3553 {
3554 *uchardata++ = XCL_SINGLE;
3555 *uchardata++ = start;
3556 }
3557 #endif
3558
3559 *uchardptr = uchardata; /* Updata extra data pointer */
3560 }
3561
3562 return n8; /* Number of 8-bit characters */
3563 }
3564
3565
3566
3567
3568 /*************************************************
3569 * Add a list of characters to a class *
3570 *************************************************/
3571
3572 /* This function is used for adding a list of case-equivalent characters to a
3573 class, and also for adding a list of horizontal or vertical whitespace. If the
3574 list is in order (which it should be), ranges of characters are detected and
3575 handled appropriately. This function is mutually recursive with the function
3576 above.
3577
3578 Arguments:
3579 classbits the bit map for characters < 256
3580 uchardptr points to the pointer for extra data
3581 options the options word
3582 cd contains pointers to tables etc.
3583 p points to row of 32-bit values, terminated by NOTACHAR
3584 except character to omit; this is used when adding lists of
3585 case-equivalent characters to avoid including the one we
3586 already know about
3587
3588 Returns: the number of < 256 characters added
3589 the pointer to extra data is updated
3590 */
3591
3592 static int
3593 add_list_to_class(pcre_uint8 *classbits, pcre_uchar **uchardptr, int options,
3594 compile_data *cd, const pcre_uint32 *p, unsigned int except)
3595 {
3596 int n8 = 0;
3597 while (p[0] < NOTACHAR)
3598 {
3599 int n = 0;
3600 if (p[0] != except)
3601 {
3602 while(p[n+1] == p[0] + n + 1) n++;
3603 n8 += add_to_class(classbits, uchardptr, options, cd, p[0], p[n]);
3604 }
3605 p += n + 1;
3606 }
3607 return n8;
3608 }
3609
3610
3611
3612 /*************************************************
3613 * Add characters not in a list to a class *
3614 *************************************************/
3615
3616 /* This function is used for adding the complement of a list of horizontal or
3617 vertical whitespace to a class. The list must be in order.
3618
3619 Arguments:
3620 classbits the bit map for characters < 256
3621 uchardptr points to the pointer for extra data
3622 options the options word
3623 cd contains pointers to tables etc.
3624 p points to row of 32-bit values, terminated by NOTACHAR
3625
3626 Returns: the number of < 256 characters added
3627 the pointer to extra data is updated
3628 */
3629
3630 static int
3631 add_not_list_to_class(pcre_uint8 *classbits, pcre_uchar **uchardptr,
3632 int options, compile_data *cd, const pcre_uint32 *p)
3633 {
3634 BOOL utf = (options & PCRE_UTF8) != 0;
3635 int n8 = 0;
3636 if (p[0] > 0)
3637 n8 += add_to_class(classbits, uchardptr, options, cd, 0, p[0] - 1);
3638 while (p[0] < NOTACHAR)
3639 {
3640 while (p[1] == p[0] + 1) p++;
3641 n8 += add_to_class(classbits, uchardptr, options, cd, p[0] + 1,
3642 (p[1] == NOTACHAR) ? (utf ? 0x10ffffu : 0xffffffffu) : p[1] - 1);
3643 p++;
3644 }
3645 return n8;
3646 }
3647
3648
3649
3650 /*************************************************
3651 * Compile one branch *
3652 *************************************************/
3653
3654 /* Scan the pattern, compiling it into the a vector. If the options are
3655 changed during the branch, the pointer is used to change the external options
3656 bits. This function is used during the pre-compile phase when we are trying
3657 to find out the amount of memory needed, as well as during the real compile
3658 phase. The value of lengthptr distinguishes the two phases.
3659
3660 Arguments:
3661 optionsptr pointer to the option bits
3662 codeptr points to the pointer to the current code point
3663 ptrptr points to the current pattern pointer
3664 errorcodeptr points to error code variable
3665 firstcharptr set to initial literal character, or < 0 (REQ_UNSET, REQ_NONE)
3666 reqcharptr set to the last literal character required, else < 0
3667 bcptr points to current branch chain
3668 cond_depth conditional nesting depth
3669 cd contains pointers to tables etc.
3670 lengthptr NULL during the real compile phase
3671 points to length accumulator during pre-compile phase
3672
3673 Returns: TRUE on success
3674 FALSE, with *errorcodeptr set non-zero on error
3675 */
3676
3677 static BOOL
3678 compile_branch(int *optionsptr, pcre_uchar **codeptr,
3679 const pcre_uchar **ptrptr, int *errorcodeptr, pcre_int32 *firstcharptr,
3680 pcre_int32 *reqcharptr, branch_chain *bcptr, int cond_depth,
3681 compile_data *cd, int *lengthptr)
3682 {
3683 int repeat_type, op_type;
3684 int repeat_min = 0, repeat_max = 0; /* To please picky compilers */
3685 int bravalue = 0;
3686 int greedy_default, greedy_non_default;
3687 pcre_int32 firstchar, reqchar;
3688 pcre_int32 zeroreqchar, zerofirstchar;
3689 pcre_int32 req_caseopt, reqvary, tempreqvary;
3690 int options = *optionsptr; /* May change dynamically */
3691 int after_manual_callout = 0;
3692 int length_prevgroup = 0;
3693 register int c;
3694 int escape;
3695 register pcre_uchar *code = *codeptr;
3696 pcre_uchar *last_code = code;
3697 pcre_uchar *orig_code = code;
3698 pcre_uchar *tempcode;
3699 BOOL inescq = FALSE;
3700 BOOL groupsetfirstchar = FALSE;
3701 const pcre_uchar *ptr = *ptrptr;
3702 const pcre_uchar *tempptr;
3703 const pcre_uchar *nestptr = NULL;
3704 pcre_uchar *previous = NULL;
3705 pcre_uchar *previous_callout = NULL;
3706 pcre_uchar *save_hwm = NULL;
3707 pcre_uint8 classbits[32];
3708
3709 /* We can fish out the UTF-8 setting once and for all into a BOOL, but we
3710 must not do this for other options (e.g. PCRE_EXTENDED) because they may change
3711 dynamically as we process the pattern. */
3712
3713 #ifdef SUPPORT_UTF
3714 /* PCRE_UTF[16|32] have the same value as PCRE_UTF8. */
3715 BOOL utf = (options & PCRE_UTF8) != 0;
3716 pcre_uchar utf_chars[6];
3717 #else
3718 BOOL utf = FALSE;
3719 #endif
3720
3721 /* Helper variables for OP_XCLASS opcode (for characters > 255). We define
3722 class_uchardata always so that it can be passed to add_to_class() always,
3723 though it will not be used in non-UTF 8-bit cases. This avoids having to supply
3724 alternative calls for the different cases. */
3725
3726 pcre_uchar *class_uchardata;
3727 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3728 BOOL xclass;
3729 pcre_uchar *class_uchardata_base;
3730 #endif
3731
3732 #ifdef PCRE_DEBUG
3733 if (lengthptr != NULL) DPRINTF((">> start branch\n"));
3734 #endif
3735
3736 /* Set up the default and non-default settings for greediness */
3737
3738 greedy_default = ((options & PCRE_UNGREEDY) != 0);
3739 greedy_non_default = greedy_default ^ 1;
3740
3741 /* Initialize no first byte, no required byte. REQ_UNSET means "no char
3742 matching encountered yet". It gets changed to REQ_NONE if we hit something that
3743 matches a non-fixed char first char; reqchar just remains unset if we never
3744 find one.
3745
3746 When we hit a repeat whose minimum is zero, we may have to adjust these values
3747 to take the zero repeat into account. This is implemented by setting them to
3748 zerofirstbyte and zeroreqchar when such a repeat is encountered. The individual
3749 item types that can be repeated set these backoff variables appropriately. */
3750
3751 firstchar = reqchar = zerofirstchar = zeroreqchar = REQ_UNSET;
3752
3753 /* The variable req_caseopt contains either the REQ_CASELESS value
3754 or zero, according to the current setting of the caseless flag. The
3755 REQ_CASELESS leaves the lower 28 bit empty. It is added into the
3756 firstchar or reqchar variables to record the case status of the
3757 value. This is used only for ASCII characters. */
3758
3759 req_caseopt = ((options & PCRE_CASELESS) != 0)? REQ_CASELESS:0;
3760
3761 /* Switch on next character until the end of the branch */
3762
3763 for (;; ptr++)
3764 {
3765 BOOL negate_class;
3766 BOOL should_flip_negation;
3767 BOOL possessive_quantifier;
3768 BOOL is_quantifier;
3769 BOOL is_recurse;
3770 BOOL reset_bracount;
3771 int class_has_8bitchar;
3772 int class_one_char;
3773 int newoptions;
3774 int recno;
3775 int refsign;
3776 int skipbytes;
3777 int subreqchar;
3778 int subfirstchar;
3779 int terminator;
3780 int mclength;
3781 int tempbracount;
3782 int ec; // FIXMEchpe pcre_uint32
3783 pcre_uchar mcbuffer[8];
3784
3785 /* Get next character in the pattern */
3786
3787 c = *ptr;
3788
3789 /* If we are at the end of a nested substitution, revert to the outer level
3790 string. Nesting only happens one level deep. */
3791
3792 if (c == 0 && nestptr != NULL)
3793 {
3794 ptr = nestptr;
3795 nestptr = NULL;
3796 c = *ptr;
3797 }
3798
3799 /* If we are in the pre-compile phase, accumulate the length used for the
3800 previous cycle of this loop. */
3801
3802 if (lengthptr != NULL)
3803 {
3804 #ifdef PCRE_DEBUG
3805 if (code > cd->hwm) cd->hwm = code; /* High water info */
3806 #endif
3807 if (code > cd->start_workspace + cd->workspace_size -
3808 WORK_SIZE_SAFETY_MARGIN) /* Check for overrun */
3809 {
3810 *errorcodeptr = ERR52;
3811 goto FAILED;
3812 }
3813
3814 /* There is at least one situation where code goes backwards: this is the
3815 case of a zero quantifier after a class (e.g. [ab]{0}). At compile time,
3816 the class is simply eliminated. However, it is created first, so we have to
3817 allow memory for it. Therefore, don't ever reduce the length at this point.
3818 */
3819
3820 if (code < last_code) code = last_code;
3821
3822 /* Paranoid check for integer overflow */
3823
3824 if (OFLOW_MAX - *lengthptr < code - last_code)
3825 {
3826 *errorcodeptr = ERR20;
3827 goto FAILED;
3828 }
3829
3830 *lengthptr += (int)(code - last_code);
3831 DPRINTF(("length=%d added %d c=%c (0x%x)\n", *lengthptr,
3832 (int)(code - last_code), c, c));
3833
3834 /* If "previous" is set and it is not at the start of the work space, move
3835 it back to there, in order to avoid filling up the work space. Otherwise,
3836 if "previous" is NULL, reset the current code pointer to the start. */
3837
3838 if (previous != NULL)
3839 {
3840 if (previous > orig_code)
3841 {
3842 memmove(orig_code, previous, IN_UCHARS(code - previous));
3843 code -= previous - orig_code;
3844 previous = orig_code;
3845 }
3846 }
3847 else code = orig_code;
3848
3849 /* Remember where this code item starts so we can pick up the length
3850 next time round. */
3851
3852 last_code = code;
3853 }
3854
3855 /* In the real compile phase, just check the workspace used by the forward
3856 reference list. */
3857
3858 else if (cd->hwm > cd->start_workspace + cd->workspace_size -
3859 WORK_SIZE_SAFETY_MARGIN)
3860 {
3861 *errorcodeptr = ERR52;
3862 goto FAILED;
3863 }
3864
3865 /* If in \Q...\E, check for the end; if not, we have a literal */
3866
3867 if (inescq && c != 0)
3868 {
3869 if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E)
3870 {
3871 inescq = FALSE;
3872 ptr++;
3873 continue;
3874 }
3875 else
3876 {
3877 if (previous_callout != NULL)
3878 {
3879 if (lengthptr == NULL) /* Don't attempt in pre-compile phase */
3880 complete_callout(previous_callout, ptr, cd);
3881 previous_callout = NULL;
3882 }
3883 if ((options & PCRE_AUTO_CALLOUT) != 0)
3884 {
3885 previous_callout = code;
3886 code = auto_callout(code, ptr, cd);
3887 }
3888 goto NORMAL_CHAR;
3889 }
3890 }
3891
3892 /* Fill in length of a previous callout, except when the next thing is
3893 a quantifier. */
3894
3895 is_quantifier =
3896 c == CHAR_ASTERISK || c == CHAR_PLUS || c == CHAR_QUESTION_MARK ||
3897 (c == CHAR_LEFT_CURLY_BRACKET && is_counted_repeat(ptr+1));
3898
3899 if (!is_quantifier && previous_callout != NULL &&
3900 after_manual_callout-- <= 0)
3901 {
3902 if (lengthptr == NULL) /* Don't attempt in pre-compile phase */
3903 complete_callout(previous_callout, ptr, cd);
3904 previous_callout = NULL;
3905 }
3906
3907 /* In extended mode, skip white space and comments. */
3908
3909 if ((options & PCRE_EXTENDED) != 0)
3910 {
3911 if (MAX_255(*ptr) && (cd->ctypes[c] & ctype_space) != 0) continue;
3912 if (c == CHAR_NUMBER_SIGN)
3913 {
3914 ptr++;
3915 while (*ptr != 0)
3916 {
3917 if (IS_NEWLINE(ptr)) { ptr += cd->nllen - 1; break; }
3918 ptr++;
3919 #ifdef SUPPORT_UTF
3920 if (utf) FORWARDCHAR(ptr);
3921 #endif
3922 }
3923 if (*ptr != 0) continue;
3924
3925 /* Else fall through to handle end of string */
3926 c = 0;
3927 }
3928 }
3929
3930 /* No auto callout for quantifiers. */
3931
3932 if ((options & PCRE_AUTO_CALLOUT) != 0 && !is_quantifier)
3933 {
3934 previous_callout = code;
3935 code = auto_callout(code, ptr, cd);
3936 }
3937
3938 switch(c)
3939 {
3940 /* ===================================================================*/
3941 case 0: /* The branch terminates at string end */
3942 case CHAR_VERTICAL_LINE: /* or | or ) */
3943 case CHAR_RIGHT_PARENTHESIS:
3944 *firstcharptr = firstchar;
3945 *reqcharptr = reqchar;
3946 *codeptr = code;
3947 *ptrptr = ptr;
3948 if (lengthptr != NULL)
3949 {
3950 if (OFLOW_MAX - *lengthptr < code - last_code)
3951 {
3952 *errorcodeptr = ERR20;
3953 goto FAILED;
3954 }
3955 *lengthptr += (int)(code - last_code); /* To include callout length */
3956 DPRINTF((">> end branch\n"));
3957 }
3958 return TRUE;
3959
3960
3961 /* ===================================================================*/
3962 /* Handle single-character metacharacters. In multiline mode, ^ disables
3963 the setting of any following char as a first character. */
3964
3965 case CHAR_CIRCUMFLEX_ACCENT:
3966 previous = NULL;
3967 if ((options & PCRE_MULTILINE) != 0)
3968 {
3969 if (firstchar == REQ_UNSET) firstchar = REQ_NONE;
3970 *code++ = OP_CIRCM;
3971 }
3972 else *code++ = OP_CIRC;
3973 break;
3974
3975 case CHAR_DOLLAR_SIGN:
3976 previous = NULL;
3977 *code++ = ((options & PCRE_MULTILINE) != 0)? OP_DOLLM : OP_DOLL;
3978 break;
3979
3980 /* There can never be a first char if '.' is first, whatever happens about
3981 repeats. The value of reqchar doesn't change either. */
3982
3983 case CHAR_DOT:
3984 if (firstchar == REQ_UNSET) firstchar = REQ_NONE;
3985 zerofirstchar = firstchar;
3986 zeroreqchar = reqchar;
3987 previous = code;
3988 *code++ = ((options & PCRE_DOTALL) != 0)? OP_ALLANY: OP_ANY;
3989 break;
3990
3991
3992 /* ===================================================================*/
3993 /* Character classes. If the included characters are all < 256, we build a
3994 32-byte bitmap of the permitted characters, except in the special case
3995 where there is only one such character. For negated classes, we build the
3996 map as usual, then invert it at the end. However, we use a different opcode
3997 so that data characters > 255 can be handled correctly.
3998
3999 If the class contains characters outside the 0-255 range, a different
4000 opcode is compiled. It may optionally have a bit map for characters < 256,
4001 but those above are are explicitly listed afterwards. A flag byte tells
4002 whether the bitmap is present, and whether this is a negated class or not.
4003
4004 In JavaScript compatibility mode, an isolated ']' causes an error. In
4005 default (Perl) mode, it is treated as a data character. */
4006
4007 case CHAR_RIGHT_SQUARE_BRACKET:
4008 if ((cd->external_options & PCRE_JAVASCRIPT_COMPAT) != 0)
4009 {
4010 *errorcodeptr = ERR64;
4011 goto FAILED;
4012 }
4013 goto NORMAL_CHAR;
4014
4015 case CHAR_LEFT_SQUARE_BRACKET:
4016 previous = code;
4017
4018 /* PCRE supports POSIX class stuff inside a class. Perl gives an error if
4019 they are encountered at the top level, so we'll do that too. */
4020
4021 if ((ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
4022 ptr[1] == CHAR_EQUALS_SIGN) &&
4023 check_posix_syntax(ptr, &tempptr))
4024 {
4025 *errorcodeptr = (ptr[1] == CHAR_COLON)? ERR13 : ERR31;
4026 goto FAILED;
4027 }
4028
4029 /* If the first character is '^', set the negation flag and skip it. Also,
4030 if the first few characters (either before or after ^) are \Q\E or \E we
4031 skip them too. This makes for compatibility with Perl. */
4032
4033 negate_class = FALSE;
4034 for (;;)
4035 {
4036 c = *(++ptr);
4037 if (c == CHAR_BACKSLASH)
4038 {
4039 if (ptr[1] == CHAR_E)
4040 ptr++;
4041 else if (STRNCMP_UC_C8(ptr + 1, STR_Q STR_BACKSLASH STR_E, 3) == 0)
4042 ptr += 3;
4043 else
4044 break;
4045 }
4046 else if (!negate_class && c == CHAR_CIRCUMFLEX_ACCENT)
4047 negate_class = TRUE;
4048 else break;
4049 }
4050
4051 /* Empty classes are allowed in JavaScript compatibility mode. Otherwise,
4052 an initial ']' is taken as a data character -- the code below handles
4053 that. In JS mode, [] must always fail, so generate OP_FAIL, whereas
4054 [^] must match any character, so generate OP_ALLANY. */
4055
4056 if (c == CHAR_RIGHT_SQUARE_BRACKET &&
4057 (cd->external_options & PCRE_JAVASCRIPT_COMPAT) != 0)
4058 {
4059 *code++ = negate_class? OP_ALLANY : OP_FAIL;
4060 if (firstchar == REQ_UNSET) firstchar = REQ_NONE;
4061 zerofirstchar = firstchar;
4062 break;
4063 }
4064
4065 /* If a class contains a negative special such as \S, we need to flip the
4066 negation flag at the end, so that support for characters > 255 works
4067 correctly (they are all included in the class). */
4068
4069 should_flip_negation = FALSE;
4070
4071 /* For optimization purposes, we track some properties of the class:
4072 class_has_8bitchar will be non-zero if the class contains at least one <
4073 256 character; class_one_char will be 1 if the class contains just one
4074 character. */
4075
4076 class_has_8bitchar = 0;
4077 class_one_char = 0;
4078
4079 /* Initialize the 32-char bit map to all zeros. We build the map in a
4080 temporary bit of memory, in case the class contains fewer than two
4081 8-bit characters because in that case the compiled code doesn't use the bit
4082 map. */
4083
4084 memset(classbits, 0, 32 * sizeof(pcre_uint8));
4085
4086 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4087 xclass = FALSE;
4088 class_uchardata = code + LINK_SIZE + 2; /* For XCLASS items */
4089 class_uchardata_base = class_uchardata; /* Save the start */
4090 #endif
4091
4092 /* Process characters until ] is reached. By writing this as a "do" it
4093 means that an initial ] is taken as a data character. At the start of the
4094 loop, c contains the first byte of the character. */
4095
4096 if (c != 0) do
4097 {
4098 const pcre_uchar *oldptr;
4099
4100 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4101 if (utf && HAS_EXTRALEN(c))
4102 { /* Braces are required because the */
4103 GETCHARLEN(c, ptr, ptr); /* macro generates multiple statements */
4104 }
4105 #endif
4106
4107 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4108 /* In the pre-compile phase, accumulate the length of any extra
4109 data and reset the pointer. This is so that very large classes that
4110 contain a zillion > 255 characters no longer overwrite the work space
4111 (which is on the stack). We have to remember that there was XCLASS data,
4112 however. */
4113
4114 if (lengthptr != NULL && class_uchardata > class_uchardata_base)
4115 {
4116 xclass = TRUE;
4117 *lengthptr += class_uchardata - class_uchardata_base;
4118 class_uchardata = class_uchardata_base;
4119 }
4120 #endif
4121
4122 /* Inside \Q...\E everything is literal except \E */
4123
4124 if (inescq)
4125 {
4126 if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E) /* If we are at \E */
4127 {
4128 inescq = FALSE; /* Reset literal state */
4129 ptr++; /* Skip the 'E' */
4130 continue; /* Carry on with next */
4131 }
4132 goto CHECK_RANGE; /* Could be range if \E follows */
4133 }
4134
4135 /* Handle POSIX class names. Perl allows a negation extension of the
4136 form [:^name:]. A square bracket that doesn't match the syntax is
4137 treated as a literal. We also recognize the POSIX constructions
4138 [.ch.] and [=ch=] ("collating elements") and fault them, as Perl
4139 5.6 and 5.8 do. */
4140
4141 if (c == CHAR_LEFT_SQUARE_BRACKET &&
4142 (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
4143 ptr[1] == CHAR_EQUALS_SIGN) && check_posix_syntax(ptr, &tempptr))
4144 {
4145 BOOL local_negate = FALSE;
4146 int posix_class, taboffset, tabopt;
4147 register const pcre_uint8 *cbits = cd->cbits;
4148 pcre_uint8 pbits[32];
4149
4150 if (ptr[1] != CHAR_COLON)
4151 {
4152 *errorcodeptr = ERR31;
4153 goto FAILED;
4154 }
4155
4156 ptr += 2;
4157 if (*ptr == CHAR_CIRCUMFLEX_ACCENT)
4158 {
4159 local_negate = TRUE;
4160 should_flip_negation = TRUE; /* Note negative special */
4161 ptr++;
4162 }
4163
4164 posix_class = check_posix_name(ptr, (int)(tempptr - ptr));
4165 if (posix_class < 0)
4166 {
4167 *errorcodeptr = ERR30;
4168 goto FAILED;
4169 }
4170
4171 /* If matching is caseless, upper and lower are converted to
4172 alpha. This relies on the fact that the class table starts with
4173 alpha, lower, upper as the first 3 entries. */
4174
4175 if ((options & PCRE_CASELESS) != 0 && posix_class <= 2)
4176 posix_class = 0;
4177
4178 /* When PCRE_UCP is set, some of the POSIX classes are converted to
4179 different escape sequences that use Unicode properties. */
4180
4181 #ifdef SUPPORT_UCP
4182 if ((options & PCRE_UCP) != 0)
4183 {
4184 int pc = posix_class + ((local_negate)? POSIX_SUBSIZE/2 : 0);
4185 if (posix_substitutes[pc] != NULL)
4186 {
4187 nestptr = tempptr + 1;
4188 ptr = posix_substitutes[pc] - 1;
4189 continue;
4190 }
4191 }
4192 #endif
4193 /* In the non-UCP case, we build the bit map for the POSIX class in a
4194 chunk of local store because we may be adding and subtracting from it,
4195 and we don't want to subtract bits that may be in the main map already.
4196 At the end we or the result into the bit map that is being built. */
4197
4198 posix_class *= 3;
4199
4200 /* Copy in the first table (always present) */
4201
4202 memcpy(pbits, cbits + posix_class_maps[posix_class],
4203 32 * sizeof(pcre_uint8));
4204
4205 /* If there is a second table, add or remove it as required. */
4206
4207 taboffset = posix_class_maps[posix_class + 1];
4208 tabopt = posix_class_maps[posix_class + 2];
4209
4210 if (taboffset >= 0)
4211 {
4212 if (tabopt >= 0)
4213 for (c = 0; c < 32; c++) pbits[c] |= cbits[c + taboffset];
4214 else
4215 for (c = 0; c < 32; c++) pbits[c] &= ~cbits[c + taboffset];
4216 }
4217
4218 /* Now see if we need to remove any special characters. An option
4219 value of 1 removes vertical space and 2 removes underscore. */
4220
4221 if (tabopt < 0) tabopt = -tabopt;
4222 if (tabopt == 1) pbits[1] &= ~0x3c;
4223 else if (tabopt == 2) pbits[11] &= 0x7f;
4224
4225 /* Add the POSIX table or its complement into the main table that is
4226 being built and we are done. */
4227
4228 if (local_negate)
4229 for (c = 0; c < 32; c++) classbits[c] |= ~pbits[c];
4230 else
4231 for (c = 0; c < 32; c++) classbits[c] |= pbits[c];
4232
4233 ptr = tempptr + 1;
4234 /* Every class contains at least one < 256 character. */
4235 class_has_8bitchar = 1;
4236 /* Every class contains at least two characters. */
4237 class_one_char = 2;
4238 continue; /* End of POSIX syntax handling */
4239 }
4240
4241 /* Backslash may introduce a single character, or it may introduce one
4242 of the specials, which just set a flag. The sequence \b is a special
4243 case. Inside a class (and only there) it is treated as backspace. We
4244 assume that other escapes have more than one character in them, so
4245 speculatively set both class_has_8bitchar and class_one_char bigger
4246 than one. Unrecognized escapes fall through and are either treated
4247 as literal characters (by default), or are faulted if
4248 PCRE_EXTRA is set. */
4249
4250 if (c == CHAR_BACKSLASH)
4251 {
4252 escape = check_escape(&ptr, &ec, errorcodeptr, cd->bracount, options, TRUE);
4253
4254 if (*errorcodeptr != 0) goto FAILED;
4255
4256 if (escape == 0)
4257 c = ec;
4258 else if (escape == ESC_b) c = CHAR_BS; /* \b is backspace in a class */
4259 else if (escape == ESC_N) /* \N is not supported in a class */
4260 {
4261 *errorcodeptr = ERR71;
4262 goto FAILED;
4263 }
4264 else if (escape == ESC_Q) /* Handle start of quoted string */
4265 {
4266 if (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
4267 {
4268 ptr += 2; /* avoid empty string */
4269 }
4270 else inescq = TRUE;
4271 continue;
4272 }
4273 else if (escape == ESC_E) continue; /* Ignore orphan \E */
4274
4275 else
4276 {
4277 register const pcre_uint8 *cbits = cd->cbits;
4278 /* Every class contains at least two < 256 characters. */
4279 class_has_8bitchar++;
4280 /* Every class contains at least two characters. */
4281 class_one_char += 2;
4282
4283 switch (escape)
4284 {
4285 #ifdef SUPPORT_UCP
4286 case ESC_du: /* These are the values given for \d etc */
4287 case ESC_DU: /* when PCRE_UCP is set. We replace the */
4288 case ESC_wu: /* escape sequence with an appropriate \p */
4289 case ESC_WU: /* or \P to test Unicode properties instead */
4290 case ESC_su: /* of the default ASCII testing. */
4291 case ESC_SU:
4292 nestptr = ptr;
4293 ptr = substitutes[escape - ESC_DU] - 1; /* Just before substitute */
4294 class_has_8bitchar--; /* Undo! */
4295 continue;
4296 #endif
4297 case ESC_d:
4298 for (c = 0; c < 32; c++) classbits[c] |= cbits[c+cbit_digit];
4299 continue;
4300
4301 case ESC_D:
4302 should_flip_negation = TRUE;
4303 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_digit];
4304 continue;
4305
4306 case ESC_w:
4307 for (c = 0; c < 32; c++) classbits[c] |= cbits[c+cbit_word];
4308 continue;
4309
4310 case ESC_W:
4311 should_flip_negation = TRUE;
4312 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_word];
4313 continue;
4314
4315 /* Perl 5.004 onwards omits VT from \s, but we must preserve it
4316 if it was previously set by something earlier in the character
4317 class. Luckily, the value of CHAR_VT is 0x0b in both ASCII and
4318 EBCDIC, so we lazily just adjust the appropriate bit. */
4319
4320 case ESC_s:
4321 classbits[0] |= cbits[cbit_space];
4322 classbits[1] |= cbits[cbit_space+1] & ~0x08;
4323 for (c = 2; c < 32; c++) classbits[c] |= cbits[c+cbit_space];
4324 continue;
4325
4326 case ESC_S:
4327 should_flip_negation = TRUE;
4328 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_space];
4329 classbits[1] |= 0x08; /* Perl 5.004 onwards omits VT from \s */
4330 continue;
4331
4332 /* The rest apply in both UCP and non-UCP cases. */
4333
4334 case ESC_h:
4335 (void)add_list_to_class(classbits, &class_uchardata, options, cd,
4336 PRIV(hspace_list), NOTACHAR);
4337 continue;
4338
4339 case ESC_H:
4340 (void)add_not_list_to_class(classbits, &class_uchardata, options,
4341 cd, PRIV(hspace_list));
4342 continue;
4343
4344 case ESC_v:
4345 (void)add_list_to_class(classbits, &class_uchardata, options, cd,
4346 PRIV(vspace_list), NOTACHAR);
4347 continue;
4348
4349 case ESC_V:
4350 (void)add_not_list_to_class(classbits, &class_uchardata, options,
4351 cd, PRIV(vspace_list));
4352 continue;
4353
4354 #ifdef SUPPORT_UCP
4355 case ESC_p:
4356 case ESC_P:
4357 {
4358 BOOL negated;
4359 int pdata;
4360 int ptype = get_ucp(&ptr, &negated, &pdata, errorcodeptr);
4361 if (ptype < 0) goto FAILED;
4362 *class_uchardata++ = ((escape == ESC_p) != negated)?
4363 XCL_PROP : XCL_NOTPROP;
4364 *class_uchardata++ = ptype;
4365 *class_uchardata++ = pdata;
4366 class_has_8bitchar--; /* Undo! */
4367 continue;
4368 }
4369 #endif
4370 /* Unrecognized escapes are faulted if PCRE is running in its
4371 strict mode. By default, for compatibility with Perl, they are
4372 treated as literals. */
4373
4374 default:
4375 if ((options & PCRE_EXTRA) != 0)
4376 {
4377 *errorcodeptr = ERR7;
4378 goto FAILED;
4379 }
4380 class_has_8bitchar--; /* Undo the speculative increase. */
4381 class_one_char -= 2; /* Undo the speculative increase. */
4382 c = *ptr; /* Get the final character and fall through */
4383 break;
4384 }
4385 }
4386
4387 /* Fall through if the escape just defined a single character (c >= 0).
4388 This may be greater than 256. */
4389
4390 escape = 0;
4391
4392 } /* End of backslash handling */
4393
4394 /* A character may be followed by '-' to form a range. However, Perl does
4395 not permit ']' to be the end of the range. A '-' character at the end is
4396 treated as a literal. Perl ignores orphaned \E sequences entirely. The
4397 code for handling \Q and \E is messy. */
4398
4399 CHECK_RANGE:
4400 while (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
4401 {
4402 inescq = FALSE;
4403 ptr += 2;
4404 }
4405 oldptr = ptr;
4406
4407 /* Remember if \r or \n were explicitly used */
4408
4409 if (c == CHAR_CR || c == CHAR_NL) cd->external_flags |= PCRE_HASCRORLF;
4410
4411 /* Check for range */
4412
4413 if (!inescq && ptr[1] == CHAR_MINUS)
4414 {
4415 int d;
4416 ptr += 2;
4417 while (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_E) ptr += 2;
4418
4419 /* If we hit \Q (not followed by \E) at this point, go into escaped
4420 mode. */
4421
4422 while (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_Q)
4423 {
4424 ptr += 2;
4425 if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_E)
4426 { ptr += 2; continue; }
4427 inescq = TRUE;
4428 break;
4429 }
4430
4431 /* Minus (hyphen) at the end of a class is treated as a literal, so put
4432 back the pointer and jump to handle the character that preceded it. */
4433
4434 if (*ptr == 0 || (!inescq && *ptr == CHAR_RIGHT_SQUARE_BRACKET))
4435 {
4436 ptr = oldptr;
4437 goto CLASS_SINGLE_CHARACTER;
4438 }
4439
4440 /* Otherwise, we have a potential range; pick up the next character */
4441
4442 #ifdef SUPPORT_UTF
4443 if (utf)
4444 { /* Braces are required because the */
4445 GETCHARLEN(d, ptr, ptr); /* macro generates multiple statements */
4446 }
4447 else
4448 #endif
4449 d = *ptr; /* Not UTF-8 mode */
4450
4451 /* The second part of a range can be a single-character escape, but
4452 not any of the other escapes. Perl 5.6 treats a hyphen as a literal
4453 in such circumstances. */
4454
4455 if (!inescq && d == CHAR_BACKSLASH)
4456 {
4457 int descape;
4458 descape = check_escape(&ptr, &d, errorcodeptr, cd->bracount, options, TRUE);
4459 if (*errorcodeptr != 0) goto FAILED;
4460
4461 /* \b is backspace; any other special means the '-' was literal. */
4462
4463 if (descape != 0)
4464 {
4465 if (descape == ESC_b) d = CHAR_BS; else
4466 {
4467 ptr = oldptr;
4468 goto CLASS_SINGLE_CHARACTER; /* A few lines below */
4469 }
4470 }
4471 }
4472
4473 /* Check that the two values are in the correct order. Optimize
4474 one-character ranges. */
4475
4476 if (d < c)
4477 {
4478 *errorcodeptr = ERR8;
4479 goto FAILED;
4480 }
4481 if (d == c) goto CLASS_SINGLE_CHARACTER; /* A few lines below */
4482
4483 /* We have found a character range, so single character optimizations
4484 cannot be done anymore. Any value greater than 1 indicates that there
4485 is more than one character. */
4486
4487 class_one_char = 2;
4488
4489 /* Remember an explicit \r or \n, and add the range to the class. */
4490
4491 if (d == CHAR_CR || d == CHAR_NL) cd->external_flags |= PCRE_HASCRORLF;
4492
4493 class_has_8bitchar +=
4494 add_to_class(classbits, &class_uchardata, options, cd, c, d);
4495
4496 continue; /* Go get the next char in the class */
4497 }
4498
4499 /* Handle a single character - we can get here for a normal non-escape
4500 char, or after \ that introduces a single character or for an apparent
4501 range that isn't. Only the value 1 matters for class_one_char, so don't
4502 increase it if it is already 2 or more ... just in case there's a class
4503 with a zillion characters in it. */
4504
4505 CLASS_SINGLE_CHARACTER:
4506 if (class_one_char < 2) class_one_char++;
4507
4508 /* If class_one_char is 1, we have the first single character in the
4509 class, and there have been no prior ranges, or XCLASS items generated by
4510 escapes. If this is the final character in the class, we can optimize by
4511 turning the item into a 1-character OP_CHAR[I] if it's positive, or
4512 OP_NOT[I] if it's negative. In the positive case, it can cause firstchar
4513 to be set. Otherwise, there can be no first char if this item is first,
4514 whatever repeat count may follow. In the case of reqchar, save the
4515 previous value for reinstating. */
4516
4517 if (class_one_char == 1 && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
4518 {
4519 ptr++;
4520 zeroreqchar = reqchar;
4521
4522 if (negate_class)
4523 {
4524 #ifdef SUPPORT_UCP
4525 // FIXMEchpe pcreuint32?
4526 int d;
4527 #endif
4528 if (firstchar == REQ_UNSET) firstchar = REQ_NONE;
4529 zerofirstchar = firstchar;
4530
4531 /* For caseless UTF-8 mode when UCP support is available, check
4532 whether this character has more than one other case. If so, generate
4533 a special OP_NOTPROP item instead of OP_NOTI. */
4534
4535 #ifdef SUPPORT_UCP
4536 if (utf && (options & PCRE_CASELESS) != 0 &&
4537 (d = UCD_CASESET(c)) != 0)
4538 {
4539 *code++ = OP_NOTPROP;
4540 *code++ = PT_CLIST;
4541 *code++ = d;
4542 }
4543 else
4544 #endif
4545 /* Char has only one other case, or UCP not available */
4546
4547 {
4548 *code++ = ((options & PCRE_CASELESS) != 0)? OP_NOTI: OP_NOT;
4549 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4550 if (utf && c > MAX_VALUE_FOR_SINGLE_CHAR)
4551 code += PRIV(ord2utf)(c, code);
4552 else
4553 #endif
4554 *code++ = c;
4555 }
4556
4557 /* We are finished with this character class */
4558
4559 goto END_CLASS;
4560 }
4561
4562 /* For a single, positive character, get the value into mcbuffer, and
4563 then we can handle this with the normal one-character code. */
4564
4565 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4566 if (utf && c > MAX_VALUE_FOR_SINGLE_CHAR)
4567 mclength = PRIV(ord2utf)(c, mcbuffer);
4568 else
4569 #endif
4570 {
4571 mcbuffer[0] = c;
4572 mclength = 1;
4573 }
4574 goto ONE_CHAR;
4575 } /* End of 1-char optimization */
4576
4577 /* There is more than one character in the class, or an XCLASS item
4578 has been generated. Add this character to the class. */
4579
4580 class_has_8bitchar +=
4581 add_to_class(classbits, &class_uchardata, options, cd, c, c);
4582 }
4583
4584 /* Loop until ']' reached. This "while" is the end of the "do" far above.
4585 If we are at the end of an internal nested string, revert to the outer
4586 string. */
4587
4588 while (((c = *(++ptr)) != 0 ||
4589 (nestptr != NULL &&
4590 (ptr = nestptr, nestptr = NULL, c = *(++ptr)) != 0)) &&
4591 (c != CHAR_RIGHT_SQUARE_BRACKET || inescq));
4592
4593 /* Check for missing terminating ']' */
4594
4595 if (c == 0)
4596 {
4597 *errorcodeptr = ERR6;
4598 goto FAILED;
4599 }
4600
4601 /* We will need an XCLASS if data has been placed in class_uchardata. In
4602 the second phase this is a sufficient test. However, in the pre-compile
4603 phase, class_uchardata gets emptied to prevent workspace overflow, so it
4604 only if the very last character in the class needs XCLASS will it contain
4605 anything at this point. For this reason, xclass gets set TRUE above when
4606 uchar_classdata is emptied, and that's why this code is the way it is here
4607 instead of just doing a test on class_uchardata below. */
4608
4609 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4610 if (class_uchardata > class_uchardata_base) xclass = TRUE;
4611 #endif
4612
4613 /* If this is the first thing in the branch, there can be no first char
4614 setting, whatever the repeat count. Any reqchar setting must remain
4615 unchanged after any kind of repeat. */
4616
4617 if (firstchar == REQ_UNSET) firstchar = REQ_NONE;
4618 zerofirstchar = firstchar;
4619 zeroreqchar = reqchar;
4620
4621 /* If there are characters with values > 255, we have to compile an
4622 extended class, with its own opcode, unless there was a negated special
4623 such as \S in the class, and PCRE_UCP is not set, because in that case all
4624 characters > 255 are in the class, so any that were explicitly given as
4625 well can be ignored. If (when there are explicit characters > 255 that must
4626 be listed) there are no characters < 256, we can omit the bitmap in the
4627 actual compiled code. */
4628
4629 #ifdef SUPPORT_UTF
4630 if (xclass && (!should_flip_negation || (options & PCRE_UCP) != 0))
4631 #elif !defined COMPILE_PCRE8
4632 if (xclass && !should_flip_negation)
4633 #endif
4634 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4635 {
4636 *class_uchardata++ = XCL_END; /* Marks the end of extra data */
4637 *code++ = OP_XCLASS;
4638 code += LINK_SIZE;
4639 *code = negate_class? XCL_NOT:0;
4640
4641 /* If the map is required, move up the extra data to make room for it;
4642 otherwise just move the code pointer to the end of the extra data. */
4643
4644 if (class_has_8bitchar > 0)
4645 {
4646 *code++ |= XCL_MAP;
4647 memmove(code + (32 / sizeof(pcre_uchar)), code,
4648 IN_UCHARS(class_uchardata - code));
4649 memcpy(code, classbits, 32);
4650 code = class_uchardata + (32 / sizeof(pcre_uchar));
4651 }
4652 else code = class_uchardata;
4653
4654 /* Now fill in the complete length of the item */
4655
4656 PUT(previous, 1, (int)(code - previous));
4657 break; /* End of class handling */
4658 }
4659 #endif
4660
4661 /* If there are no characters > 255, or they are all to be included or
4662 excluded, set the opcode to OP_CLASS or OP_NCLASS, depending on whether the
4663 whole class was negated and whether there were negative specials such as \S
4664 (non-UCP) in the class. Then copy the 32-byte map into the code vector,
4665 negating it if necessary. */
4666
4667 *code++ = (negate_class == should_flip_negation) ? OP_CLASS : OP_NCLASS;
4668 if (lengthptr == NULL) /* Save time in the pre-compile phase */
4669 {
4670 if (negate_class)
4671 for (c = 0; c < 32; c++) classbits[c] = ~classbits[c];
4672 memcpy(code, classbits, 32);
4673 }
4674 code += 32 / sizeof(pcre_uchar);
4675
4676 END_CLASS:
4677 break;
4678
4679
4680 /* ===================================================================*/
4681 /* Various kinds of repeat; '{' is not necessarily a quantifier, but this
4682 has been tested above. */
4683
4684 case CHAR_LEFT_CURLY_BRACKET:
4685 if (!is_quantifier) goto NORMAL_CHAR;
4686 ptr = read_repeat_counts(ptr+1, &repeat_min, &repeat_max, errorcodeptr);
4687 if (*errorcodeptr != 0) goto FAILED;
4688 goto REPEAT;
4689
4690 case CHAR_ASTERISK:
4691 repeat_min = 0;
4692 repeat_max = -1;
4693 goto REPEAT;
4694
4695 case CHAR_PLUS:
4696 repeat_min = 1;
4697 repeat_max = -1;
4698 goto REPEAT;
4699
4700 case CHAR_QUESTION_MARK:
4701 repeat_min = 0;
4702 repeat_max = 1;
4703
4704 REPEAT:
4705 if (previous == NULL)
4706 {
4707 *errorcodeptr = ERR9;
4708 goto FAILED;
4709 }
4710
4711 if (repeat_min == 0)
4712 {
4713 firstchar = zerofirstchar; /* Adjust for zero repeat */
4714 reqchar = zeroreqchar; /* Ditto */
4715 }
4716
4717 /* Remember whether this is a variable length repeat */
4718
4719 reqvary = (repeat_min == repeat_max)? 0 : REQ_VARY;
4720
4721 op_type = 0; /* Default single-char op codes */
4722 possessive_quantifier = FALSE; /* Default not possessive quantifier */
4723
4724 /* Save start of previous item, in case we have to move it up in order to
4725 insert something before it. */
4726
4727 tempcode = previous;
4728
4729 /* If the next character is '+', we have a possessive quantifier. This
4730 implies greediness, whatever the setting of the PCRE_UNGREEDY option.
4731 If the next character is '?' this is a minimizing repeat, by default,
4732 but if PCRE_UNGREEDY is set, it works the other way round. We change the
4733 repeat type to the non-default. */
4734
4735 if (ptr[1] == CHAR_PLUS)
4736 {
4737 repeat_type = 0; /* Force greedy */
4738 possessive_quantifier = TRUE;
4739 ptr++;
4740 }
4741 else if (ptr[1] == CHAR_QUESTION_MARK)
4742 {
4743 repeat_type = greedy_non_default;
4744 ptr++;
4745 }
4746 else repeat_type = greedy_default;
4747
4748 /* If previous was a recursion call, wrap it in atomic brackets so that
4749 previous becomes the atomic group. All recursions were so wrapped in the
4750 past, but it no longer happens for non-repeated recursions. In fact, the
4751 repeated ones could be re-implemented independently so as not to need this,
4752 but for the moment we rely on the code for repeating groups. */
4753
4754 if (*previous == OP_RECURSE)
4755 {
4756 memmove(previous + 1 + LINK_SIZE, previous, IN_UCHARS(1 + LINK_SIZE));
4757 *previous = OP_ONCE;
4758 PUT(previous, 1, 2 + 2*LINK_SIZE);
4759 previous[2 + 2*LINK_SIZE] = OP_KET;
4760 PUT(previous, 3 + 2*LINK_SIZE, 2 + 2*LINK_SIZE);
4761 code += 2 + 2 * LINK_SIZE;
4762 length_prevgroup = 3 + 3*LINK_SIZE;
4763
4764 /* When actually compiling, we need to check whether this was a forward
4765 reference, and if so, adjust the offset. */
4766
4767 if (lengthptr == NULL && cd->hwm >= cd->start_workspace + LINK_SIZE)
4768 {
4769 int offset = GET(cd->hwm, -LINK_SIZE);
4770 if (offset == previous + 1 - cd->start_code)
4771 PUT(cd->hwm, -LINK_SIZE, offset + 1 + LINK_SIZE);
4772 }
4773 }
4774
4775 /* Now handle repetition for the different types of item. */
4776
4777 /* If previous was a character or negated character match, abolish the item
4778 and generate a repeat item instead. If a char item has a minimum of more
4779 than one, ensure that it is set in reqchar - it might not be if a sequence
4780 such as x{3} is the first thing in a branch because the x will have gone
4781 into firstchar instead. */
4782
4783 if (*previous == OP_CHAR || *previous == OP_CHARI
4784 || *previous == OP_NOT || *previous == OP_NOTI)
4785 {
4786 switch (*previous)
4787 {
4788 default: /* Make compiler happy. */
4789 case OP_CHAR: op_type = OP_STAR - OP_STAR; break;
4790 case OP_CHARI: op_type = OP_STARI - OP_STAR; break;
4791 case OP_NOT: op_type = OP_NOTSTAR - OP_STAR; break;
4792 case OP_NOTI: op_type = OP_NOTSTARI - OP_STAR; break;
4793 }
4794
4795 /* Deal with UTF characters that take up more than one character. It's
4796 easier to write this out separately than try to macrify it. Use c to
4797 hold the length of the character in bytes, plus UTF_LENGTH to flag that
4798 it's a length rather than a small character. */
4799
4800 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4801 if (utf && NOT_FIRSTCHAR(code[-1]))
4802 {
4803 pcre_uchar *lastchar = code - 1;
4804 BACKCHAR(lastchar);
4805 c = (int)(code - lastchar); /* Length of UTF-8 character */
4806 memcpy(utf_chars, lastchar, IN_UCHARS(c)); /* Save the char */
4807 c |= UTF_LENGTH; /* Flag c as a length */
4808 }
4809 else
4810 #endif /* SUPPORT_UTF */
4811
4812 /* Handle the case of a single charater - either with no UTF support, or
4813 with UTF disabled, or for a single character UTF character. */
4814 {
4815 c = code[-1];
4816 if (*previous <= OP_CHARI && repeat_min > 1)
4817 reqchar = c | req_caseopt | cd->req_varyopt;
4818 }
4819
4820 /* If the repetition is unlimited, it pays to see if the next thing on
4821 the line is something that cannot possibly match this character. If so,
4822 automatically possessifying this item gains some performance in the case
4823 where the match fails. */
4824
4825 if (!possessive_quantifier &&
4826 repeat_max < 0 &&
4827 check_auto_possessive(previous, utf, ptr + 1, options, cd))
4828 {
4829 repeat_type = 0; /* Force greedy */
4830 possessive_quantifier = TRUE;
4831 }
4832
4833 goto OUTPUT_SINGLE_REPEAT; /* Code shared with single character types */
4834 }
4835
4836 /* If previous was a character type match (\d or similar), abolish it and
4837 create a suitable repeat item. The code is shared with single-character
4838 repeats by setting op_type to add a suitable offset into repeat_type. Note
4839 the the Unicode property types will be present only when SUPPORT_UCP is
4840 defined, but we don't wrap the little bits of code here because it just
4841 makes it horribly messy. */
4842
4843 else if (*previous < OP_EODN)
4844 {
4845 pcre_uchar *oldcode;
4846 int prop_type, prop_value;
4847 op_type = OP_TYPESTAR - OP_STAR; /* Use type opcodes */
4848 c = *previous;
4849
4850 if (!possessive_quantifier &&
4851 repeat_max < 0 &&
4852 check_auto_possessive(previous, utf, ptr + 1, options, cd))
4853 {
4854 repeat_type = 0; /* Force greedy */
4855 possessive_quantifier = TRUE;
4856 }
4857
4858 OUTPUT_SINGLE_REPEAT:
4859 if (*previous == OP_PROP || *previous == OP_NOTPROP)
4860 {
4861 prop_type = previous[1];
4862 prop_value = previous[2];
4863 }
4864 else prop_type = prop_value = -1;
4865
4866 oldcode = code;
4867 code = previous; /* Usually overwrite previous item */
4868
4869 /* If the maximum is zero then the minimum must also be zero; Perl allows
4870 this case, so we do too - by simply omitting the item altogether. */
4871
4872 if (repeat_max == 0) goto END_REPEAT;
4873
4874 /*--------------------------------------------------------------------*/
4875 /* This code is obsolete from release 8.00; the restriction was finally
4876 removed: */
4877
4878 /* All real repeats make it impossible to handle partial matching (maybe
4879 one day we will be able to remove this restriction). */
4880
4881 /* if (repeat_max != 1) cd->external_flags |= PCRE_NOPARTIAL; */
4882 /*--------------------------------------------------------------------*/
4883
4884 /* Combine the op_type with the repeat_type */
4885
4886 repeat_type += op_type;
4887
4888 /* A minimum of zero is handled either as the special case * or ?, or as
4889 an UPTO, with the maximum given. */
4890
4891 if (repeat_min == 0)
4892 {
4893 if (repeat_max == -1) *code++ = OP_STAR + repeat_type;
4894 else if (repeat_max == 1) *code++ = OP_QUERY + repeat_type;
4895 else
4896 {
4897 *code++ = OP_UPTO + repeat_type;
4898 PUT2INC(code, 0, repeat_max);
4899 }
4900 }
4901
4902 /* A repeat minimum of 1 is optimized into some special cases. If the
4903 maximum is unlimited, we use OP_PLUS. Otherwise, the original item is
4904 left in place and, if the maximum is greater than 1, we use OP_UPTO with
4905 one less than the maximum. */
4906
4907 else if (repeat_min == 1)
4908 {
4909 if (repeat_max == -1)
4910 *code++ = OP_PLUS + repeat_type;
4911 else
4912 {
4913 code = oldcode; /* leave previous item in place */
4914 if (repeat_max == 1) goto END_REPEAT;
4915 *code++ = OP_UPTO + repeat_type;
4916 PUT2INC(code, 0, repeat_max - 1);
4917 }
4918 }
4919
4920 /* The case {n,n} is just an EXACT, while the general case {n,m} is
4921 handled as an EXACT followed by an UPTO. */
4922
4923 else
4924 {
4925 *code++ = OP_EXACT + op_type; /* NB EXACT doesn't have repeat_type */
4926 PUT2INC(code, 0, repeat_min);
4927
4928 /* If the maximum is unlimited, insert an OP_STAR. Before doing so,
4929 we have to insert the character for the previous code. For a repeated
4930 Unicode property match, there are two extra bytes that define the
4931 required property. In UTF-8 mode, long characters have their length in
4932 c, with the UTF_LENGTH bit as a flag. */
4933
4934 if (repeat_max < 0)
4935 {
4936 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4937 if (utf && (c & UTF_LENGTH) != 0)
4938 {
4939 memcpy(code, utf_chars, IN_UCHARS(c & 7));
4940 code += c & 7;
4941 }
4942 else
4943 #endif
4944 {
4945 *code++ = c;
4946 if (prop_type >= 0)
4947 {
4948 *code++ = prop_type;
4949 *code++ = prop_value;
4950 }
4951 }
4952 *code++ = OP_STAR + repeat_type;
4953 }
4954
4955 /* Else insert an UPTO if the max is greater than the min, again
4956 preceded by the character, for the previously inserted code. If the
4957 UPTO is just for 1 instance, we can use QUERY instead. */
4958
4959 else if (repeat_max != repeat_min)
4960 {
4961 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4962 if (utf && (c & UTF_LENGTH) != 0)
4963 {
4964 memcpy(code, utf_chars, IN_UCHARS(c & 7));
4965 code += c & 7;
4966 }
4967 else
4968 #endif
4969 *code++ = c;
4970 if (prop_type >= 0)
4971 {
4972 *code++ = prop_type;
4973 *code++ = prop_value;
4974 }
4975 repeat_max -= repeat_min;
4976
4977 if (repeat_max == 1)
4978 {
4979 *code++ = OP_QUERY + repeat_type;
4980 }
4981 else
4982 {
4983 *code++ = OP_UPTO + repeat_type;
4984 PUT2INC(code, 0, repeat_max);
4985 }
4986 }
4987 }
4988
4989 /* The character or character type itself comes last in all cases. */
4990
4991 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4992 if (utf && (c & UTF_LENGTH) != 0)
4993 {
4994 memcpy(code, utf_chars, IN_UCHARS(c & 7));
4995 code += c & 7;
4996 }
4997 else
4998 #endif
4999 *code++ = c;
5000
5001 /* For a repeated Unicode property match, there are two extra bytes that
5002 define the required property. */
5003
5004 #ifdef SUPPORT_UCP
5005 if (prop_type >= 0)
5006 {
5007 *code++ = prop_type;
5008 *code++ = prop_value;
5009 }
5010 #endif
5011 }
5012
5013 /* If previous was a character class or a back reference, we put the repeat
5014 stuff after it, but just skip the item if the repeat was {0,0}. */
5015
5016 else if (*previous == OP_CLASS ||
5017 *previous == OP_NCLASS ||
5018 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
5019 *previous == OP_XCLASS ||
5020 #endif
5021 *previous == OP_REF ||
5022 *previous == OP_REFI)
5023 {
5024 if (repeat_max == 0)
5025 {
5026 code = previous;
5027 goto END_REPEAT;
5028 }
5029
5030 /*--------------------------------------------------------------------*/
5031 /* This code is obsolete from release 8.00; the restriction was finally
5032 removed: */
5033
5034 /* All real repeats make it impossible to handle partial matching (maybe
5035 one day we will be able to remove this restriction). */
5036
5037 /* if (repeat_max != 1) cd->external_flags |= PCRE_NOPARTIAL; */
5038 /*--------------------------------------------------------------------*/
5039
5040 if (repeat_min == 0 && repeat_max == -1)
5041 *code++ = OP_CRSTAR + repeat_type;
5042 else if (repeat_min == 1 && repeat_max == -1)
5043 *code++ = OP_CRPLUS + repeat_type;
5044 else if (repeat_min == 0 && repeat_max == 1)
5045 *code++ = OP_CRQUERY + repeat_type;
5046 else
5047 {
5048 *code++ = OP_CRRANGE + repeat_type;
5049 PUT2INC(code, 0, repeat_min);
5050 if (repeat_max == -1) repeat_max = 0; /* 2-byte encoding for max */
5051 PUT2INC(code, 0, repeat_max);
5052 }
5053 }
5054
5055 /* If previous was a bracket group, we may have to replicate it in certain
5056 cases. Note that at this point we can encounter only the "basic" bracket
5057 opcodes such as BRA and CBRA, as this is the place where they get converted
5058 into the more special varieties such as BRAPOS and SBRA. A test for >=
5059 OP_ASSERT and <= OP_COND includes ASSERT, ASSERT_NOT, ASSERTBACK,
5060 ASSERTBACK_NOT, ONCE, BRA, CBRA, and COND. Originally, PCRE did not allow
5061 repetition of assertions, but now it does, for Perl compatibility. */
5062
5063 else if (*previous >= OP_ASSERT && *previous <= OP_COND)
5064 {
5065 register int i;
5066 int len = (int)(code - previous);
5067 pcre_uchar *bralink = NULL;
5068 pcre_uchar *brazeroptr = NULL;
5069
5070 /* Repeating a DEFINE group is pointless, but Perl allows the syntax, so
5071 we just ignore the repeat. */
5072
5073 if (*previous == OP_COND && previous[LINK_SIZE+1] == OP_DEF)
5074 goto END_REPEAT;
5075
5076 /* There is no sense in actually repeating assertions. The only potential
5077 use of repetition is in cases when the assertion is optional. Therefore,
5078 if the minimum is greater than zero, just ignore the repeat. If the
5079 maximum is not not zero or one, set it to 1. */
5080
5081 if (*previous < OP_ONCE) /* Assertion */
5082 {
5083 if (repeat_min > 0) goto END_REPEAT;
5084 if (repeat_max < 0 || repeat_max > 1) repeat_max = 1;
5085 }
5086
5087 /* The case of a zero minimum is special because of the need to stick
5088 OP_BRAZERO in front of it, and because the group appears once in the
5089 data, whereas in other cases it appears the minimum number of times. For
5090 this reason, it is simplest to treat this case separately, as otherwise
5091 the code gets far too messy. There are several special subcases when the
5092 minimum is zero. */
5093
5094 if (repeat_min == 0)
5095 {
5096 /* If the maximum is also zero, we used to just omit the group from the
5097 output altogether, like this:
5098
5099 ** if (repeat_max == 0)
5100 ** {
5101 ** code = previous;
5102 ** goto END_REPEAT;
5103 ** }
5104
5105 However, that fails when a group or a subgroup within it is referenced
5106 as a subroutine from elsewhere in the pattern, so now we stick in
5107 OP_SKIPZERO in front of it so that it is skipped on execution. As we
5108 don't have a list of which groups are referenced, we cannot do this
5109 selectively.
5110
5111 If the maximum is 1 or unlimited, we just have to stick in the BRAZERO
5112 and do no more at this point. However, we do need to adjust any
5113 OP_RECURSE calls inside the group that refer to the group itself or any
5114 internal or forward referenced group, because the offset is from the
5115 start of the whole regex. Temporarily terminate the pattern while doing
5116 this. */
5117
5118 if (repeat_max <= 1) /* Covers 0, 1, and unlimited */
5119 {
5120 *code = OP_END;
5121 adjust_recurse(previous, 1, utf, cd, save_hwm);
5122 memmove(previous + 1, previous, IN_UCHARS(len));
5123 code++;
5124 if (repeat_max == 0)
5125 {
5126 *previous++ = OP_SKIPZERO;
5127 goto END_REPEAT;
5128 }
5129 brazeroptr = previous; /* Save for possessive optimizing */
5130 *previous++ = OP_BRAZERO + repeat_type;
5131 }
5132
5133 /* If the maximum is greater than 1 and limited, we have to replicate
5134 in a nested fashion, sticking OP_BRAZERO before each set of brackets.
5135 The first one has to be handled carefully because it's the original
5136 copy, which has to be moved up. The remainder can be handled by code
5137 that is common with the non-zero minimum case below. We have to
5138 adjust the value or repeat_max, since one less copy is required. Once
5139 again, we may have to adjust any OP_RECURSE calls inside the group. */
5140
5141 else
5142 {
5143 int offset;
5144 *code = OP_END;
5145 adjust_recurse(previous, 2 + LINK_SIZE, utf, cd, save_hwm);
5146 memmove(previous + 2 + LINK_SIZE, previous, IN_UCHARS(len));
5147 code += 2 + LINK_SIZE;
5148 *previous++ = OP_BRAZERO + repeat_type;
5149 *previous++ = OP_BRA;
5150
5151 /* We chain together the bracket offset fields that have to be
5152 filled in later when the ends of the brackets are reached. */
5153
5154 offset = (bralink == NULL)? 0 : (int)(previous - bralink);
5155 bralink = previous;
5156 PUTINC(previous, 0, offset);
5157 }
5158
5159 repeat_max--;
5160 }
5161
5162 /* If the minimum is greater than zero, replicate the group as many
5163 times as necessary, and adjust the maximum to the number of subsequent
5164 copies that we need. If we set a first char from the group, and didn't
5165 set a required char, copy the latter from the former. If there are any
5166 forward reference subroutine calls in the group, there will be entries on
5167 the workspace list; replicate these with an appropriate increment. */
5168
5169 else
5170 {
5171 if (repeat_min > 1)
5172 {
5173 /* In the pre-compile phase, we don't actually do the replication. We
5174 just adjust the length as if we had. Do some paranoid checks for
5175 potential integer overflow. The INT64_OR_DOUBLE type is a 64-bit
5176 integer type when available, otherwise double. */
5177
5178 if (lengthptr != NULL)
5179 {
5180 int delta = (repeat_min - 1)*length_prevgroup;
5181 if ((INT64_OR_DOUBLE)(repeat_min - 1)*
5182 (INT64_OR_DOUBLE)length_prevgroup >
5183 (INT64_OR_DOUBLE)INT_MAX ||
5184 OFLOW_MAX - *lengthptr < delta)
5185 {
5186 *errorcodeptr = ERR20;
5187 goto FAILED;
5188 }
5189 *lengthptr += delta;
5190 }
5191
5192 /* This is compiling for real. If there is a set first byte for
5193 the group, and we have not yet set a "required byte", set it. Make
5194 sure there is enough workspace for copying forward references before
5195 doing the copy. */
5196
5197 else
5198 {
5199 if (groupsetfirstchar && reqchar < 0) reqchar = firstchar;
5200
5201 for (i = 1; i < repeat_min; i++)
5202 {
5203 pcre_uchar *hc;
5204 pcre_uchar *this_hwm = cd->hwm;
5205 memcpy(code, previous, IN_UCHARS(len));
5206
5207 while (cd->hwm > cd->start_workspace + cd->workspace_size -
5208 WORK_SIZE_SAFETY_MARGIN - (this_hwm - save_hwm))
5209 {
5210 int save_offset = save_hwm - cd->start_workspace;
5211 int this_offset = this_hwm - cd->start_workspace;
5212 *errorcodeptr = expand_workspace(cd);
5213 if (*errorcodeptr != 0) goto FAILED;
5214 save_hwm = (pcre_uchar *)cd->start_workspace + save_offset;
5215 this_hwm = (pcre_uchar *)cd->start_workspace + this_offset;
5216 }
5217
5218 for (hc = save_hwm; hc < this_hwm; hc += LINK_SIZE)
5219 {
5220 PUT(cd->hwm, 0, GET(hc, 0) + len);
5221 cd->hwm += LINK_SIZE;
5222 }
5223 save_hwm = this_hwm;
5224 code += len;
5225 }
5226 }
5227 }
5228
5229 if (repeat_max > 0) repeat_max -= repeat_min;
5230 }
5231
5232 /* This code is common to both the zero and non-zero minimum cases. If
5233 the maximum is limited, it replicates the group in a nested fashion,
5234 remembering the bracket starts on a stack. In the case of a zero minimum,
5235 the first one was set up above. In all cases the repeat_max now specifies
5236 the number of additional copies needed. Again, we must remember to
5237 replicate entries on the forward reference list. */
5238
5239 if (repeat_max >= 0)
5240 {
5241 /* In the pre-compile phase, we don't actually do the replication. We
5242 just adjust the length as if we had. For each repetition we must add 1
5243 to the length for BRAZERO and for all but the last repetition we must
5244 add 2 + 2*LINKSIZE to allow for the nesting that occurs. Do some
5245 paranoid checks to avoid integer overflow. The INT64_OR_DOUBLE type is
5246 a 64-bit integer type when available, otherwise double. */
5247
5248 if (lengthptr != NULL && repeat_max > 0)
5249 {
5250 int delta = repeat_max * (length_prevgroup + 1 + 2 + 2*LINK_SIZE) -
5251 2 - 2*LINK_SIZE; /* Last one doesn't nest */
5252 if ((INT64_OR_DOUBLE)repeat_max *
5253 (INT64_OR_DOUBLE)(length_prevgroup + 1 + 2 + 2*LINK_SIZE)
5254 > (INT64_OR_DOUBLE)INT_MAX ||
5255 OFLOW_MAX - *lengthptr < delta)
5256 {
5257 *errorcodeptr = ERR20;
5258 goto FAILED;
5259 }
5260 *lengthptr += delta;
5261 }
5262
5263 /* This is compiling for real */
5264
5265 else for (i = repeat_max - 1; i >= 0; i--)
5266 {
5267 pcre_uchar *hc;
5268 pcre_uchar *this_hwm = cd->hwm;
5269
5270 *code++ = OP_BRAZERO + repeat_type;
5271
5272 /* All but the final copy start a new nesting, maintaining the
5273 chain of brackets outstanding. */
5274
5275 if (i != 0)
5276 {
5277 int offset;
5278 *code++ = OP_BRA;
5279 offset = (bralink == NULL)? 0 : (int)(code - bralink);
5280 bralink = code;
5281 PUTINC(code, 0, offset);
5282 }
5283
5284 memcpy(code, previous, IN_UCHARS(len));
5285
5286 /* Ensure there is enough workspace for forward references before
5287 copying them. */
5288
5289 while (cd->hwm > cd->start_workspace + cd->workspace_size -
5290 WORK_SIZE_SAFETY_MARGIN - (this_hwm - save_hwm))
5291 {
5292 int save_offset = save_hwm - cd->start_workspace;
5293 int this_offset = this_hwm - cd->start_workspace;
5294 *errorcodeptr = expand_workspace(cd);
5295 if (*errorcodeptr != 0) goto FAILED;
5296 save_hwm = (pcre_uchar *)cd->start_workspace + save_offset;
5297 this_hwm = (pcre_uchar *)cd->start_workspace + this_offset;
5298 }
5299
5300 for (hc = save_hwm; hc < this_hwm; hc += LINK_SIZE)
5301 {
5302 PUT(cd->hwm, 0, GET(hc, 0) + len + ((i != 0)? 2+LINK_SIZE : 1));
5303 cd->hwm += LINK_SIZE;
5304 }
5305 save_hwm = this_hwm;
5306 code += len;
5307 }
5308
5309 /* Now chain through the pending brackets, and fill in their length
5310 fields (which are holding the chain links pro tem). */
5311
5312 while (bralink != NULL)
5313 {
5314 int oldlinkoffset;
5315 int offset = (int)(code - bralink + 1);
5316 pcre_uchar *bra = code - offset;
5317 oldlinkoffset = GET(bra, 1);
5318 bralink = (oldlinkoffset == 0)? NULL : bralink - oldlinkoffset;
5319 *code++ = OP_KET;
5320 PUTINC(code, 0, offset);
5321 PUT(bra, 1, offset);
5322 }
5323 }
5324
5325 /* If the maximum is unlimited, set a repeater in the final copy. For
5326 ONCE brackets, that's all we need to do. However, possessively repeated
5327 ONCE brackets can be converted into non-capturing brackets, as the
5328 behaviour of (?:xx)++ is the same as (?>xx)++ and this saves having to
5329 deal with possessive ONCEs specially.
5330
5331 Otherwise, when we are doing the actual compile phase, check to see
5332 whether this group is one that could match an empty string. If so,
5333 convert the initial operator to the S form (e.g. OP_BRA -> OP_SBRA) so
5334 that runtime checking can be done. [This check is also applied to ONCE
5335 groups at runtime, but in a different way.]
5336
5337 Then, if the quantifier was possessive and the bracket is not a
5338 conditional, we convert the BRA code to the POS form, and the KET code to
5339 KETRPOS. (It turns out to be convenient at runtime to detect this kind of
5340 subpattern at both the start and at the end.) The use of special opcodes
5341 makes it possible to reduce greatly the stack usage in pcre_exec(). If
5342 the group is preceded by OP_BRAZERO, convert this to OP_BRAPOSZERO.
5343
5344 Then, if the minimum number of matches is 1 or 0, cancel the possessive
5345 flag so that the default action below, of wrapping everything inside
5346 atomic brackets, does not happen. When the minimum is greater than 1,
5347 there will be earlier copies of the group, and so we still have to wrap
5348 the whole thing. */
5349
5350 else
5351 {
5352 pcre_uchar *ketcode = code - 1 - LINK_SIZE;
5353 pcre_uchar *bracode = ketcode - GET(ketcode, 1);
5354
5355 /* Convert possessive ONCE brackets to non-capturing */
5356
5357 if ((*bracode == OP_ONCE || *bracode == OP_ONCE_NC) &&
5358 possessive_quantifier) *bracode = OP_BRA;
5359
5360 /* For non-possessive ONCE brackets, all we need to do is to
5361 set the KET. */
5362
5363 if (*bracode == OP_ONCE || *bracode == OP_ONCE_NC)
5364 *ketcode = OP_KETRMAX + repeat_type;
5365
5366 /* Handle non-ONCE brackets and possessive ONCEs (which have been
5367 converted to non-capturing above). */
5368
5369 else
5370 {
5371 /* In the compile phase, check for empty string matching. */
5372
5373 if (lengthptr == NULL)
5374 {
5375 pcre_uchar *scode = bracode;
5376 do
5377 {
5378 if (could_be_empty_branch(scode, ketcode, utf, cd))
5379 {
5380 *bracode += OP_SBRA - OP_BRA;
5381 break;
5382 }
5383 scode += GET(scode, 1);
5384 }
5385 while (*scode == OP_ALT);
5386 }
5387
5388 /* Handle possessive quantifiers. */
5389
5390 if (possessive_quantifier)
5391 {
5392 /* For COND brackets, we wrap the whole thing in a possessively
5393 repeated non-capturing bracket, because we have not invented POS
5394 versions of the COND opcodes. Because we are moving code along, we
5395 must ensure that any pending recursive references are updated. */
5396
5397 if (*bracode == OP_COND || *bracode == OP_SCOND)
5398 {
5399 int nlen = (int)(code - bracode);
5400 *code = OP_END;
5401 adjust_recurse(bracode, 1 + LINK_SIZE, utf, cd, save_hwm);
5402 memmove(bracode + 1 + LINK_SIZE, bracode, IN_UCHARS(nlen));
5403 code += 1 + LINK_SIZE;
5404 nlen += 1 + LINK_SIZE;
5405 *bracode = OP_BRAPOS;
5406 *code++ = OP_KETRPOS;
5407 PUTINC(code, 0, nlen);
5408 PUT(bracode, 1, nlen);
5409 }
5410
5411 /* For non-COND brackets, we modify the BRA code and use KETRPOS. */
5412
5413 else
5414 {
5415 *bracode += 1; /* Switch to xxxPOS opcodes */
5416 *ketcode = OP_KETRPOS;
5417 }
5418
5419 /* If the minimum is zero, mark it as possessive, then unset the
5420 possessive flag when the minimum is 0 or 1. */
5421
5422 if (brazeroptr != NULL) *brazeroptr = OP_BRAPOSZERO;
5423 if (repeat_min < 2) possessive_quantifier = FALSE;
5424 }
5425
5426 /* Non-possessive quantifier */
5427
5428 else *ketcode = OP_KETRMAX + repeat_type;
5429 }
5430 }
5431 }
5432
5433 /* If previous is OP_FAIL, it was generated by an empty class [] in
5434 JavaScript mode. The other ways in which OP_FAIL can be generated, that is
5435 by (*FAIL) or (?!) set previous to NULL, which gives a "nothing to repeat"
5436 error above. We can just ignore the repeat in JS case. */
5437
5438 else if (*previous == OP_FAIL) goto END_REPEAT;
5439
5440 /* Else there's some kind of shambles */
5441
5442 else
5443 {
5444 *errorcodeptr = ERR11;
5445 goto FAILED;
5446 }
5447
5448 /* If the character following a repeat is '+', or if certain optimization
5449 tests above succeeded, possessive_quantifier is TRUE. For some opcodes,
5450 there are special alternative opcodes for this case. For anything else, we
5451 wrap the entire repeated item inside OP_ONCE brackets. Logically, the '+'
5452 notation is just syntactic sugar, taken from Sun's Java package, but the
5453 special opcodes can optimize it.
5454
5455 Some (but not all) possessively repeated subpatterns have already been
5456 completely handled in the code just above. For them, possessive_quantifier
5457 is always FALSE at this stage.
5458
5459 Note that the repeated item starts at tempcode, not at previous, which
5460 might be the first part of a string whose (former) last char we repeated.
5461
5462 Possessifying an 'exact' quantifier has no effect, so we can ignore it. But
5463 an 'upto' may follow. We skip over an 'exact' item, and then test the
5464 length of what remains before proceeding. */
5465
5466 if (possessive_quantifier)
5467 {
5468 int len;
5469
5470 if (*tempcode == OP_TYPEEXACT)
5471 tempcode += PRIV(OP_lengths)[*tempcode] +
5472 ((tempcode[1 + IMM2_SIZE] == OP_PROP
5473 || tempcode[1 + IMM2_SIZE] == OP_NOTPROP)? 2 : 0);
5474
5475 else if (*tempcode == OP_EXACT || *tempcode == OP_NOTEXACT)
5476 {
5477 tempcode += PRIV(OP_lengths)[*tempcode];
5478 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
5479 if (utf && HAS_EXTRALEN(tempcode[-1]))
5480 tempcode += GET_EXTRALEN(tempcode[-1]);
5481 #endif
5482 }
5483
5484 len = (int)(code - tempcode);
5485 if (len > 0) switch (*tempcode)
5486 {
5487 case OP_STAR: *tempcode = OP_POSSTAR; break;
5488 case OP_PLUS: *tempcode = OP_POSPLUS; break;
5489 case OP_QUERY: *tempcode = OP_POSQUERY; break;
5490 case OP_UPTO: *tempcode = OP_POSUPTO; break;
5491
5492 case OP_STARI: *tempcode = OP_POSSTARI; break;
5493 case OP_PLUSI: *tempcode = OP_POSPLUSI; break;
5494 case OP_QUERYI: *tempcode = OP_POSQUERYI; break;
5495 case OP_UPTOI: *tempcode = OP_POSUPTOI; break;
5496
5497 case OP_NOTSTAR: *tempcode = OP_NOTPOSSTAR; break;
5498 case OP_NOTPLUS: *tempcode = OP_NOTPOSPLUS; break;
5499 case OP_NOTQUERY: *tempcode = OP_NOTPOSQUERY; break;
5500 case OP_NOTUPTO: *tempcode = OP_NOTPOSUPTO; break;
5501
5502 case OP_NOTSTARI: *tempcode = OP_NOTPOSSTARI; break;
5503 case OP_NOTPLUSI: *tempcode = OP_NOTPOSPLUSI; break;
5504 case OP_NOTQUERYI: *tempcode = OP_NOTPOSQUERYI; break;
5505 case OP_NOTUPTOI: *tempcode = OP_NOTPOSUPTOI; break;
5506
5507 case OP_TYPESTAR: *tempcode = OP_TYPEPOSSTAR; break;
5508 case OP_TYPEPLUS: *tempcode = OP_TYPEPOSPLUS; break;
5509 case OP_TYPEQUERY: *tempcode = OP_TYPEPOSQUERY; break;
5510 case OP_TYPEUPTO: *tempcode = OP_TYPEPOSUPTO; break;
5511
5512 /* Because we are moving code along, we must ensure that any
5513 pending recursive references are updated. */
5514
5515 default:
5516 *code = OP_END;
5517 adjust_recurse(tempcode, 1 + LINK_SIZE, utf, cd, save_hwm);
5518 memmove(tempcode + 1 + LINK_SIZE, tempcode, IN_UCHARS(len));
5519 code += 1 + LINK_SIZE;
5520 len += 1 + LINK_SIZE;
5521 tempcode[0] = OP_ONCE;
5522 *code++ = OP_KET;
5523 PUTINC(code, 0, len);
5524 PUT(tempcode, 1, len);
5525 break;
5526 }
5527 }
5528
5529 /* In all case we no longer have a previous item. We also set the
5530 "follows varying string" flag for subsequently encountered reqchars if
5531 it isn't already set and we have just passed a varying length item. */
5532
5533 END_REPEAT:
5534 previous = NULL;
5535 cd->req_varyopt |= reqvary;
5536 break;
5537
5538
5539 /* ===================================================================*/
5540 /* Start of nested parenthesized sub-expression, or comment or lookahead or
5541 lookbehind or option setting or condition or all the other extended
5542 parenthesis forms. */
5543
5544 case CHAR_LEFT_PARENTHESIS:
5545 newoptions = options;
5546 skipbytes = 0;
5547 bravalue = OP_CBRA;
5548 save_hwm = cd->hwm;
5549 reset_bracount = FALSE;
5550
5551 /* First deal with various "verbs" that can be introduced by '*'. */
5552
5553 ptr++;
5554 if (ptr[0] == CHAR_ASTERISK && (ptr[1] == ':'
5555 || (MAX_255(ptr[1]) && ((cd->ctypes[ptr[1]] & ctype_letter) != 0))))
5556 {
5557 int i, namelen;
5558 int arglen = 0;
5559 const char *vn = verbnames;
5560 const pcre_uchar *name = ptr + 1;
5561 const pcre_uchar *arg = NULL;
5562 previous = NULL;
5563 ptr++;
5564 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_letter) != 0) ptr++;
5565 namelen = (int)(ptr - name);
5566
5567 /* It appears that Perl allows any characters whatsoever, other than
5568 a closing parenthesis, to appear in arguments, so we no longer insist on
5569 letters, digits, and underscores. */
5570
5571 if (*ptr == CHAR_COLON)
5572 {
5573 arg = ++ptr;
5574 while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
5575 arglen = (int)(ptr - arg);
5576 if ((unsigned int)arglen > MAX_MARK)
5577 {
5578 *errorcodeptr = ERR75;
5579 goto FAILED;
5580 }
5581 }
5582
5583 if (*ptr != CHAR_RIGHT_PARENTHESIS)
5584 {
5585 *errorcodeptr = ERR60;
5586 goto FAILED;
5587 }
5588
5589 /* Scan the table of verb names */
5590
5591 for (i = 0; i < verbcount; i++)
5592 {
5593 if (namelen == verbs[i].len &&
5594 STRNCMP_UC_C8(name, vn, namelen) == 0)
5595 {
5596 int setverb;
5597
5598 /* Check for open captures before ACCEPT and convert it to
5599 ASSERT_ACCEPT if in an assertion. */
5600
5601 if (verbs[i].op == OP_ACCEPT)
5602 {
5603 open_capitem *oc;
5604 if (arglen != 0)
5605 {
5606 *errorcodeptr = ERR59;
5607 goto FAILED;
5608 }
5609 cd->had_accept = TRUE;
5610 for (oc = cd->open_caps; oc != NULL; oc = oc->next)
5611 {
5612 *code++ = OP_CLOSE;
5613 PUT2INC(code, 0, oc->number);
5614 }
5615 setverb = *code++ =
5616 (cd->assert_depth > 0)? OP_ASSERT_ACCEPT : OP_ACCEPT;
5617
5618 /* Do not set firstchar after *ACCEPT */
5619 if (firstchar == REQ_UNSET) firstchar = REQ_NONE;
5620 }
5621
5622 /* Handle other cases with/without an argument */
5623
5624 else if (arglen == 0)
5625 {
5626 if (verbs[i].op < 0) /* Argument is mandatory */
5627 {
5628 *errorcodeptr = ERR66;
5629 goto FAILED;
5630 }
5631 setverb = *code++ = verbs[i].op;
5632 }
5633
5634 else
5635 {
5636 if (verbs[i].op_arg < 0) /* Argument is forbidden */
5637 {
5638 *errorcodeptr = ERR59;
5639 goto FAILED;
5640 }
5641 setverb = *code++ = verbs[i].op_arg;
5642 *code++ = arglen;
5643 memcpy(code, arg, IN_UCHARS(arglen));
5644 code += arglen;
5645 *code++ = 0;
5646 }
5647
5648 switch (setverb)
5649 {
5650 case OP_THEN:
5651 case OP_THEN_ARG:
5652 cd->external_flags |= PCRE_HASTHEN;
5653 break;
5654
5655 case OP_PRUNE:
5656 case OP_PRUNE_ARG:
5657 case OP_SKIP:
5658 case OP_SKIP_ARG:
5659 cd->had_pruneorskip = TRUE;
5660 break;
5661 }
5662
5663 break; /* Found verb, exit loop */
5664 }
5665
5666 vn += verbs[i].len + 1;
5667 }
5668
5669 if (i < verbcount) continue; /* Successfully handled a verb */
5670 *errorcodeptr = ERR60; /* Verb not recognized */
5671 goto FAILED;
5672 }
5673
5674 /* Deal with the extended parentheses; all are introduced by '?', and the
5675 appearance of any of them means that this is not a capturing group. */
5676
5677 else if (*ptr == CHAR_QUESTION_MARK)
5678 {
5679 int i, set, unset, namelen;
5680 int *optset;
5681 const pcre_uchar *name;
5682 pcre_uchar *slot;
5683
5684 switch (*(++ptr))
5685 {
5686 case CHAR_NUMBER_SIGN: /* Comment; skip to ket */
5687 ptr++;
5688 while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
5689 if (*ptr == 0)
5690 {
5691 *errorcodeptr = ERR18;
5692 goto FAILED;
5693 }
5694 continue;
5695
5696
5697 /* ------------------------------------------------------------ */
5698 case CHAR_VERTICAL_LINE: /* Reset capture count for each branch */
5699 reset_bracount = TRUE;
5700 /* Fall through */
5701
5702 /* ------------------------------------------------------------ */
5703 case CHAR_COLON: /* Non-capturing bracket */
5704 bravalue = OP_BRA;
5705 ptr++;
5706 break;
5707
5708
5709 /* ------------------------------------------------------------ */
5710 case CHAR_LEFT_PARENTHESIS:
5711 bravalue = OP_COND; /* Conditional group */
5712
5713 /* A condition can be an assertion, a number (referring to a numbered
5714 group), a name (referring to a named group), or 'R', referring to
5715 recursion. R<digits> and R&name are also permitted for recursion tests.
5716
5717 There are several syntaxes for testing a named group: (?(name)) is used
5718 by Python; Perl 5.10 onwards uses (?(<name>) or (?('name')).
5719
5720 There are two unfortunate ambiguities, caused by history. (a) 'R' can
5721 be the recursive thing or the name 'R' (and similarly for 'R' followed
5722 by digits), and (b) a number could be a name that consists of digits.
5723 In both cases, we look for a name first; if not found, we try the other
5724 cases. */
5725
5726 /* For conditions that are assertions, check the syntax, and then exit
5727 the switch. This will take control down to where bracketed groups,
5728 including assertions, are processed. */
5729
5730 if (ptr[1] == CHAR_QUESTION_MARK && (ptr[2] == CHAR_EQUALS_SIGN ||
5731 ptr[2] == CHAR_EXCLAMATION_MARK || ptr[2] == CHAR_LESS_THAN_SIGN))
5732 break;
5733
5734 /* Most other conditions use OP_CREF (a couple change to OP_RREF
5735 below), and all need to skip 1+IMM2_SIZE bytes at the start of the group. */
5736
5737 code[1+LINK_SIZE] = OP_CREF;
5738 skipbytes = 1+IMM2_SIZE;
5739 refsign = -1;
5740
5741 /* Check for a test for recursion in a named group. */
5742
5743 if (ptr[1] == CHAR_R && ptr[2] == CHAR_AMPERSAND)
5744 {
5745 terminator = -1;
5746 ptr += 2;
5747 code[1+LINK_SIZE] = OP_RREF; /* Change the type of test */
5748 }
5749
5750 /* Check for a test for a named group's having been set, using the Perl
5751 syntax (?(<name>) or (?('name') */
5752
5753 else if (ptr[1] == CHAR_LESS_THAN_SIGN)
5754 {
5755 terminator = CHAR_GREATER_THAN_SIGN;
5756 ptr++;
5757 }
5758 else if (ptr[1] == CHAR_APOSTROPHE)
5759 {
5760 terminator = CHAR_APOSTROPHE;
5761 ptr++;
5762 }
5763 else
5764 {
5765 terminator = 0;
5766 if (ptr[1] == CHAR_MINUS || ptr[1] == CHAR_PLUS) refsign = *(++ptr);
5767 }
5768
5769 /* We now expect to read a name; any thing else is an error */
5770
5771 if (!MAX_255(ptr[1]) || (cd->ctypes[ptr[1]] & ctype_word) == 0)
5772 {
5773 ptr += 1; /* To get the right offset */
5774 *errorcodeptr = ERR28;
5775 goto FAILED;
5776 }
5777
5778 /* Read the name, but also get it as a number if it's all digits */
5779
5780 recno = 0;
5781 name = ++ptr;
5782 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_word) != 0)
5783 {
5784 if (recno >= 0)
5785 recno = (IS_DIGIT(*ptr))? recno * 10 + *ptr - CHAR_0 : -1;
5786 ptr++;
5787 }
5788 namelen = (int)(ptr - name);
5789
5790 if ((terminator > 0 && *ptr++ != terminator) ||
5791 *ptr++ != CHAR_RIGHT_PARENTHESIS)
5792 {
5793 ptr--; /* Error offset */
5794 *errorcodeptr = ERR26;
5795 goto FAILED;
5796 }
5797
5798 /* Do no further checking in the pre-compile phase. */
5799
5800 if (lengthptr != NULL) break;
5801
5802 /* In the real compile we do the work of looking for the actual
5803 reference. If the string started with "+" or "-" we require the rest to
5804 be digits, in which case recno will be set. */
5805
5806 if (refsign > 0)
5807 {
5808 if (recno <= 0)
5809 {
5810 *errorcodeptr = ERR58;
5811 goto FAILED;
5812 }
5813 recno = (refsign == CHAR_MINUS)?
5814 cd->bracount - recno + 1 : recno +cd->bracount;
5815 if (recno <= 0 || recno > cd->final_bracount)
5816 {
5817 *errorcodeptr = ERR15;
5818 goto FAILED;
5819 }
5820 PUT2(code, 2+LINK_SIZE, recno);
5821 break;
5822 }
5823
5824 /* Otherwise (did not start with "+" or "-"), start by looking for the
5825 name. If we find a name, add one to the opcode to change OP_CREF or
5826 OP_RREF into OP_NCREF or OP_NRREF. These behave exactly the same,
5827 except they record that the reference was originally to a name. The
5828 information is used to check duplicate names. */
5829
5830 slot = cd->name_table;
5831 for (i = 0; i < cd->names_found; i++)
5832 {
5833 if (STRNCMP_UC_UC(name, slot+IMM2_SIZE, namelen) == 0) break;
5834 slot += cd->name_entry_size;
5835 }
5836
5837 /* Found a previous named subpattern */
5838
5839 if (i < cd->names_found)
5840 {
5841 recno = GET2(slot, 0);
5842 PUT2(code, 2+LINK_SIZE, recno);
5843 code[1+LINK_SIZE]++;
5844 }
5845
5846 /* Search the pattern for a forward reference */
5847
5848 else if ((i = find_parens(cd, name, namelen,
5849 (options & PCRE_EXTENDED) != 0, utf)) > 0)
5850 {
5851 PUT2(code, 2+LINK_SIZE, i);
5852 code[1+LINK_SIZE]++;
5853 }
5854
5855 /* If terminator == 0 it means that the name followed directly after
5856 the opening parenthesis [e.g. (?(abc)...] and in this case there are
5857 some further alternatives to try. For the cases where terminator != 0
5858 [things like (?(<name>... or (?('name')... or (?(R&name)... ] we have
5859 now checked all the possibilities, so give an error. */
5860
5861 else if (terminator != 0)
5862 {
5863 *errorcodeptr = ERR15;
5864 goto FAILED;
5865 }
5866
5867 /* Check for (?(R) for recursion. Allow digits after R to specify a
5868 specific group number. */
5869
5870 else if (*name == CHAR_R)
5871 {
5872 recno = 0;
5873 for (i = 1; i < namelen; i++)
5874 {
5875 if (!IS_DIGIT(name[i]))
5876 {
5877 *errorcodeptr = ERR15;
5878 goto FAILED;
5879 }
5880 recno = recno * 10 + name[i] - CHAR_0;
5881 }
5882 if (recno == 0) recno = RREF_ANY;
5883 code[1+LINK_SIZE] = OP_RREF; /* Change test type */
5884 PUT2(code, 2+LINK_SIZE, recno);
5885 }
5886
5887 /* Similarly, check for the (?(DEFINE) "condition", which is always
5888 false. */
5889
5890 else if (namelen == 6 && STRNCMP_UC_C8(name, STRING_DEFINE, 6) == 0)
5891 {
5892 code[1+LINK_SIZE] = OP_DEF;
5893 skipbytes = 1;
5894 }
5895
5896 /* Check for the "name" actually being a subpattern number. We are
5897 in the second pass here, so final_bracount is set. */
5898
5899 else if (recno > 0 && recno <= cd->final_bracount)
5900 {
5901 PUT2(code, 2+LINK_SIZE, recno);
5902 }
5903
5904 /* Either an unidentified subpattern, or a reference to (?(0) */
5905
5906 else
5907 {
5908 *errorcodeptr = (recno == 0)? ERR35: ERR15;
5909 goto FAILED;
5910 }
5911 break;
5912
5913
5914 /* ------------------------------------------------------------ */
5915 case CHAR_EQUALS_SIGN: /* Positive lookahead */
5916 bravalue = OP_ASSERT;
5917 cd->assert_depth += 1;
5918 ptr++;
5919 break;
5920
5921
5922 /* ------------------------------------------------------------ */
5923 case CHAR_EXCLAMATION_MARK: /* Negative lookahead */
5924 ptr++;
5925 if (*ptr == CHAR_RIGHT_PARENTHESIS) /* Optimize (?!) */
5926 {
5927 *code++ = OP_FAIL;
5928 previous = NULL;
5929 continue;
5930 }
5931 bravalue = OP_ASSERT_NOT;
5932 cd->assert_depth += 1;
5933 break;
5934
5935
5936 /* ------------------------------------------------------------ */
5937 case CHAR_LESS_THAN_SIGN: /* Lookbehind or named define */
5938 switch (ptr[1])
5939 {
5940 case CHAR_EQUALS_SIGN: /* Positive lookbehind */
5941 bravalue = OP_ASSERTBACK;
5942 cd->assert_depth += 1;
5943 ptr += 2;
5944 break;
5945
5946 case CHAR_EXCLAMATION_MARK: /* Negative lookbehind */
5947 bravalue = OP_ASSERTBACK_NOT;
5948 cd->assert_depth += 1;
5949 ptr += 2;
5950 break;
5951
5952 default: /* Could be name define, else bad */
5953 if (MAX_255(ptr[1]) && (cd->ctypes[ptr[1]] & ctype_word) != 0)
5954 goto DEFINE_NAME;
5955 ptr++; /* Correct offset for error */
5956 *errorcodeptr = ERR24;
5957 goto FAILED;
5958 }
5959 break;
5960
5961
5962 /* ------------------------------------------------------------ */
5963 case CHAR_GREATER_THAN_SIGN: /* One-time brackets */
5964 bravalue = OP_ONCE;
5965 ptr++;
5966 break;
5967
5968
5969 /* ------------------------------------------------------------ */
5970 case CHAR_C: /* Callout - may be followed by digits; */
5971 previous_callout = code; /* Save for later completion */
5972 after_manual_callout = 1; /* Skip one item before completing */
5973 *code++ = OP_CALLOUT;
5974 {
5975 int n = 0;
5976 ptr++;
5977 while(IS_DIGIT(*ptr))
5978 n = n * 10 + *ptr++ - CHAR_0;
5979 if (*ptr != CHAR_RIGHT_PARENTHESIS)
5980 {
5981 *errorcodeptr = ERR39;
5982 goto FAILED;
5983 }
5984 if (n > 255)
5985 {
5986 *errorcodeptr = ERR38;
5987 goto FAILED;
5988 }
5989 *code++ = n;
5990 PUT(code, 0, (int)(ptr - cd->start_pattern + 1)); /* Pattern offset */
5991 PUT(code, LINK_SIZE, 0); /* Default length */
5992 code += 2 * LINK_SIZE;
5993 }
5994 previous = NULL;
5995 continue;
5996
5997
5998 /* ------------------------------------------------------------ */
5999 case CHAR_P: /* Python-style named subpattern handling */
6000 if (*(++ptr) == CHAR_EQUALS_SIGN ||
6001 *ptr == CHAR_GREATER_THAN_SIGN) /* Reference or recursion */
6002 {
6003 is_recurse = *ptr == CHAR_GREATER_THAN_SIGN;
6004 terminator = CHAR_RIGHT_PARENTHESIS;
6005 goto NAMED_REF_OR_RECURSE;
6006 }
6007 else if (*ptr != CHAR_LESS_THAN_SIGN) /* Test for Python-style defn */
6008 {
6009 *errorcodeptr = ERR41;
6010 goto FAILED;
6011 }
6012 /* Fall through to handle (?P< as (?< is handled */
6013
6014
6015 /* ------------------------------------------------------------ */
6016 DEFINE_NAME: /* Come here from (?< handling */
6017 case CHAR_APOSTROPHE:
6018 {
6019 terminator = (*ptr == CHAR_LESS_THAN_SIGN)?
6020 CHAR_GREATER_THAN_SIGN : CHAR_APOSTROPHE;
6021 name = ++ptr;
6022
6023 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_word) != 0) ptr++;
6024 namelen = (int)(ptr - name);
6025
6026 /* In the pre-compile phase, just do a syntax check. */
6027
6028 if (lengthptr != NULL)
6029 {
6030 if (*ptr != terminator)
6031 {
6032 *errorcodeptr = ERR42;
6033 goto FAILED;
6034 }
6035 if (cd->names_found >= MAX_NAME_COUNT)
6036 {
6037 *errorcodeptr = ERR49;
6038 goto FAILED;
6039 }
6040 if (namelen + IMM2_SIZE + 1 > cd->name_entry_size)
6041 {
6042 cd->name_entry_size = namelen + IMM2_SIZE + 1;
6043 if (namelen > MAX_NAME_SIZE)
6044 {
6045 *errorcodeptr = ERR48;
6046 goto FAILED;
6047 }
6048 }
6049 }
6050
6051 /* In the real compile, create the entry in the table, maintaining
6052 alphabetical order. Duplicate names for different numbers are
6053 permitted only if PCRE_DUPNAMES is set. Duplicate names for the same
6054 number are always OK. (An existing number can be re-used if (?|
6055 appears in the pattern.) In either event, a duplicate name results in
6056 a duplicate entry in the table, even if the number is the same. This
6057 is because the number of names, and hence the table size, is computed
6058 in the pre-compile, and it affects various numbers and pointers which
6059 would all have to be modified, and the compiled code moved down, if
6060 duplicates with the same number were omitted from the table. This
6061 doesn't seem worth the hassle. However, *different* names for the
6062 same number are not permitted. */
6063
6064 else
6065 {
6066 BOOL dupname = FALSE;
6067 slot = cd->name_table;
6068
6069 for (i = 0; i < cd->names_found; i++)
6070 {
6071 int crc = memcmp(name, slot+IMM2_SIZE, IN_UCHARS(namelen));
6072 if (crc == 0)
6073 {
6074 if (slot[IMM2_SIZE+namelen] == 0)
6075 {
6076 if (GET2(slot, 0) != cd->bracount + 1 &&
6077 (options & PCRE_DUPNAMES) == 0)
6078 {
6079 *errorcodeptr = ERR43;
6080 goto FAILED;
6081 }
6082 else dupname = TRUE;
6083 }
6084 else crc = -1; /* Current name is a substring */
6085 }
6086
6087 /* Make space in the table and break the loop for an earlier
6088 name. For a duplicate or later name, carry on. We do this for
6089 duplicates so that in the simple case (when ?(| is not used) they
6090 are in order of their numbers. */
6091
6092 if (crc < 0)
6093 {
6094 memmove(slot + cd->name_entry_size, slot,
6095 IN_UCHARS((cd->names_found - i) * cd->name_entry_size));
6096 break;
6097 }
6098
6099 /* Continue the loop for a later or duplicate name */
6100
6101 slot += cd->name_entry_size;
6102 }
6103
6104 /* For non-duplicate names, check for a duplicate number before
6105 adding the new name. */
6106
6107 if (!dupname)
6108 {
6109 pcre_uchar *cslot = cd->name_table;
6110 for (i = 0; i < cd->names_found; i++)
6111 {
6112 if (cslot != slot)
6113 {
6114 if (GET2(cslot, 0) == cd->bracount + 1)
6115 {
6116 *errorcodeptr = ERR65;
6117 goto FAILED;
6118 }
6119 }
6120 else i--;
6121 cslot += cd->name_entry_size;
6122 }
6123 }
6124
6125 PUT2(slot, 0, cd->bracount + 1);
6126 memcpy(slot + IMM2_SIZE, name, IN_UCHARS(namelen));
6127 slot[IMM2_SIZE + namelen] = 0;
6128 }
6129 }
6130
6131 /* In both pre-compile and compile, count the number of names we've
6132 encountered. */
6133
6134 cd->names_found++;
6135 ptr++; /* Move past > or ' */
6136 goto NUMBERED_GROUP;
6137
6138
6139 /* ------------------------------------------------------------ */
6140 case CHAR_AMPERSAND: /* Perl recursion/subroutine syntax */
6141 terminator = CHAR_RIGHT_PARENTHESIS;
6142 is_recurse = TRUE;
6143 /* Fall through */
6144
6145 /* We come here from the Python syntax above that handles both
6146 references (?P=name) and recursion (?P>name), as well as falling
6147 through from the Perl recursion syntax (?&name). We also come here from
6148 the Perl \k<name> or \k'name' back reference syntax and the \k{name}
6149 .NET syntax, and the Oniguruma \g<...> and \g'...' subroutine syntax. */
6150
6151 NAMED_REF_OR_RECURSE:
6152 name = ++ptr;
6153 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_word) != 0) ptr++;
6154 namelen = (int)(ptr - name);
6155
6156 /* In the pre-compile phase, do a syntax check. We used to just set
6157 a dummy reference number, because it was not used in the first pass.
6158 However, with the change of recursive back references to be atomic,
6159 we have to look for the number so that this state can be identified, as
6160 otherwise the incorrect length is computed. If it's not a backwards
6161 reference, the dummy number will do. */
6162
6163 if (lengthptr != NULL)
6164 {
6165 const pcre_uchar *temp;
6166
6167 if (namelen == 0)
6168 {
6169 *errorcodeptr = ERR62;
6170 goto FAILED;
6171 }
6172 if (*ptr != terminator)
6173 {
6174 *errorcodeptr = ERR42;
6175 goto FAILED;
6176 }
6177 if (namelen > MAX_NAME_SIZE)
6178 {
6179 *errorcodeptr = ERR48;
6180 goto FAILED;
6181 }
6182
6183 /* The name table does not exist in the first pass, so we cannot
6184 do a simple search as in the code below. Instead, we have to scan the
6185 pattern to find the number. It is important that we scan it only as
6186 far as we have got because the syntax of named subpatterns has not
6187 been checked for the rest of the pattern, and find_parens() assumes
6188 correct syntax. In any case, it's a waste of resources to scan
6189 further. We stop the scan at the current point by temporarily
6190 adjusting the value of cd->endpattern. */
6191
6192 temp = cd->end_pattern;
6193 cd->end_pattern = ptr;
6194 recno = find_parens(cd, name, namelen,
6195 (options & PCRE_EXTENDED) != 0, utf);
6196 cd->end_pattern = temp;
6197 if (recno < 0) recno = 0; /* Forward ref; set dummy number */
6198 }
6199
6200 /* In the real compile, seek the name in the table. We check the name
6201 first, and then check that we have reached the end of the name in the
6202 table. That way, if the name that is longer than any in the table,
6203 the comparison will fail without reading beyond the table entry. */
6204
6205 else
6206 {
6207 slot = cd->name_table;
6208 for (i = 0; i < cd->names_found; i++)
6209 {
6210 if (STRNCMP_UC_UC(name, slot+IMM2_SIZE, namelen) == 0 &&
6211 slot[IMM2_SIZE+namelen] == 0)
6212 break;
6213 slot += cd->name_entry_size;
6214 }
6215
6216 if (i < cd->names_found) /* Back reference */
6217 {
6218 recno = GET2(slot, 0);
6219 }
6220 else if ((recno = /* Forward back reference */
6221 find_parens(cd, name, namelen,
6222 (options & PCRE_EXTENDED) != 0, utf)) <= 0)
6223 {
6224 *errorcodeptr = ERR15;
6225 goto FAILED;
6226 }
6227 }
6228
6229 /* In both phases, we can now go to the code than handles numerical
6230 recursion or backreferences. */
6231
6232 if (is_recurse) goto HANDLE_RECURSION;
6233 else goto HANDLE_REFERENCE;
6234
6235
6236 /* ------------------------------------------------------------ */
6237 case CHAR_R: /* Recursion */
6238 ptr++; /* Same as (?0) */
6239 /* Fall through */
6240
6241
6242 /* ------------------------------------------------------------ */
6243 case CHAR_MINUS: case CHAR_PLUS: /* Recursion or subroutine */
6244 case CHAR_0: case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4:
6245 case CHAR_5: case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
6246 {
6247 const pcre_uchar *called;
6248 terminator = CHAR_RIGHT_PARENTHESIS;
6249
6250 /* Come here from the \g<...> and \g'...' code (Oniguruma
6251 compatibility). However, the syntax has been checked to ensure that
6252 the ... are a (signed) number, so that neither ERR63 nor ERR29 will
6253 be called on this path, nor with the jump to OTHER_CHAR_AFTER_QUERY
6254 ever be taken. */
6255
6256 HANDLE_NUMERICAL_RECURSION:
6257
6258 if ((refsign = *ptr) == CHAR_PLUS)
6259 {
6260 ptr++;
6261 if (!IS_DIGIT(*ptr))
6262 {
6263 *errorcodeptr = ERR63;
6264 goto FAILED;
6265 }
6266 }
6267 else if (refsign == CHAR_MINUS)
6268 {
6269 if (!IS_DIGIT(ptr[1]))
6270 goto OTHER_CHAR_AFTER_QUERY;
6271 ptr++;
6272 }
6273
6274 recno = 0;
6275 while(IS_DIGIT(*ptr))
6276 recno = recno * 10 + *ptr++ - CHAR_0;
6277
6278 if (*ptr != terminator)
6279 {
6280 *errorcodeptr = ERR29;
6281 goto FAILED;
6282 }
6283
6284 if (refsign == CHAR_MINUS)
6285 {
6286 if (recno == 0)
6287 {
6288 *errorcodeptr = ERR58;
6289 goto FAILED;
6290 }
6291 recno = cd->bracount - recno + 1;
6292 if (recno <= 0)
6293 {
6294 *errorcodeptr = ERR15;
6295 goto FAILED;
6296 }
6297 }
6298 else if (refsign == CHAR_PLUS)
6299 {
6300 if (recno == 0)
6301 {
6302 *errorcodeptr = ERR58;
6303 goto FAILED;
6304 }
6305 recno += cd->bracount;
6306 }
6307
6308 /* Come here from code above that handles a named recursion */
6309
6310 HANDLE_RECURSION:
6311
6312 previous = code;
6313 called = cd->start_code;
6314
6315 /* When we are actually compiling, find the bracket that is being
6316 referenced. Temporarily end the regex in case it doesn't exist before
6317 this point. If we end up with a forward reference, first check that
6318 the bracket does occur later so we can give the error (and position)
6319 now. Then remember this forward reference in the workspace so it can
6320 be filled in at the end. */
6321
6322 if (lengthptr == NULL)
6323 {
6324 *code = OP_END;
6325 if (recno != 0)
6326 called = PRIV(find_bracket)(cd->start_code, utf, recno);
6327
6328 /* Forward reference */
6329
6330 if (called == NULL)
6331 {
6332 if (find_parens(cd, NULL, recno,
6333 (options & PCRE_EXTENDED) != 0, utf) < 0)
6334 {
6335 *errorcodeptr = ERR15;
6336 goto FAILED;
6337 }
6338
6339 /* Fudge the value of "called" so that when it is inserted as an
6340 offset below, what it actually inserted is the reference number
6341 of the group. Then remember the forward reference. */
6342
6343 called = cd->start_code + recno;
6344 if (cd->hwm >= cd->start_workspace + cd->workspace_size -
6345 WORK_SIZE_SAFETY_MARGIN)
6346 {
6347 *errorcodeptr = expand_workspace(cd);
6348 if (*errorcodeptr != 0) goto FAILED;
6349 }
6350 PUTINC(cd->hwm, 0, (int)(code + 1 - cd->start_code));
6351 }
6352
6353 /* If not a forward reference, and the subpattern is still open,
6354 this is a recursive call. We check to see if this is a left
6355 recursion that could loop for ever, and diagnose that case. We
6356 must not, however, do this check if we are in a conditional
6357 subpattern because the condition might be testing for recursion in
6358 a pattern such as /(?(R)a+|(?R)b)/, which is perfectly valid.
6359 Forever loops are also detected at runtime, so those that occur in
6360 conditional subpatterns will be picked up then. */
6361
6362 else if (GET(called, 1) == 0 && cond_depth <= 0 &&
6363 could_be_empty(called, code, bcptr, utf, cd))
6364 {
6365 *errorcodeptr = ERR40;
6366 goto FAILED;
6367 }
6368 }
6369
6370 /* Insert the recursion/subroutine item. It does not have a set first
6371 character (relevant if it is repeated, because it will then be
6372 wrapped with ONCE brackets). */
6373
6374 *code = OP_RECURSE;
6375 PUT(code, 1, (int)(called - cd->start_code));
6376 code += 1 + LINK_SIZE;
6377 groupsetfirstchar = FALSE;
6378 }
6379
6380 /* Can't determine a first byte now */
6381
6382 if (firstchar == REQ_UNSET) firstchar = REQ_NONE;
6383 continue;
6384
6385
6386 /* ------------------------------------------------------------ */
6387 default: /* Other characters: check option setting */
6388 OTHER_CHAR_AFTER_QUERY:
6389 set = unset = 0;
6390 optset = &set;
6391
6392 while (*ptr != CHAR_RIGHT_PARENTHESIS && *ptr != CHAR_COLON)
6393 {
6394 switch (*ptr++)
6395 {
6396 case CHAR_MINUS: optset = &unset; break;
6397
6398 case CHAR_J: /* Record that it changed in the external options */
6399 *optset |= PCRE_DUPNAMES;
6400 cd->external_flags |= PCRE_JCHANGED;
6401 break;
6402
6403 case CHAR_i: *optset |= PCRE_CASELESS; break;
6404 case CHAR_m: *optset |= PCRE_MULTILINE; break;
6405 case CHAR_s: *optset |= PCRE_DOTALL; break;
6406 case CHAR_x: *optset |= PCRE_EXTENDED; break;
6407 case CHAR_U: *optset |= PCRE_UNGREEDY; break;
6408 case CHAR_X: *optset |= PCRE_EXTRA; break;
6409
6410 default: *errorcodeptr = ERR12;
6411 ptr--; /* Correct the offset */
6412 goto FAILED;
6413 }
6414 }
6415
6416 /* Set up the changed option bits, but don't change anything yet. */
6417
6418 newoptions = (options | set) & (~unset);
6419
6420 /* If the options ended with ')' this is not the start of a nested
6421 group with option changes, so the options change at this level. If this
6422 item is right at the start of the pattern, the options can be
6423 abstracted and made external in the pre-compile phase, and ignored in
6424 the compile phase. This can be helpful when matching -- for instance in
6425 caseless checking of required bytes.
6426
6427 If the code pointer is not (cd->start_code + 1 + LINK_SIZE), we are
6428 definitely *not* at the start of the pattern because something has been
6429 compiled. In the pre-compile phase, however, the code pointer can have
6430 that value after the start, because it gets reset as code is discarded
6431 during the pre-compile. However, this can happen only at top level - if
6432 we are within parentheses, the starting BRA will still be present. At
6433 any parenthesis level, the length value can be used to test if anything
6434 has been compiled at that level. Thus, a test for both these conditions
6435 is necessary to ensure we correctly detect the start of the pattern in
6436 both phases.
6437
6438 If we are not at the pattern start, reset the greedy defaults and the
6439 case value for firstchar and reqchar. */
6440
6441 if (*ptr == CHAR_RIGHT_PARENTHESIS)
6442 {
6443 if (code == cd->start_code + 1 + LINK_SIZE &&
6444 (lengthptr == NULL || *lengthptr == 2 + 2*LINK_SIZE))
6445 {
6446 cd->external_options = newoptions;
6447 }
6448 else
6449 {
6450 greedy_default = ((newoptions & PCRE_UNGREEDY) != 0);
6451 greedy_non_default = greedy_default ^ 1;
6452 req_caseopt = ((newoptions & PCRE_CASELESS) != 0)? REQ_CASELESS:0;
6453 }
6454
6455 /* Change options at this level, and pass them back for use
6456 in subsequent branches. */
6457
6458 *optionsptr = options = newoptions;
6459 previous = NULL; /* This item can't be repeated */
6460 continue; /* It is complete */
6461 }
6462
6463 /* If the options ended with ':' we are heading into a nested group
6464 with possible change of options. Such groups are non-capturing and are
6465 not assertions of any kind. All we need to do is skip over the ':';
6466 the newoptions value is handled below. */
6467
6468 bravalue = OP_BRA;
6469 ptr++;
6470 } /* End of switch for character following (? */
6471 } /* End of (? handling */
6472
6473 /* Opening parenthesis not followed by '*' or '?'. If PCRE_NO_AUTO_CAPTURE
6474 is set, all unadorned brackets become non-capturing and behave like (?:...)
6475 brackets. */
6476
6477 else if ((options & PCRE_NO_AUTO_CAPTURE) != 0)
6478 {
6479 bravalue = OP_BRA;
6480 }
6481
6482 /* Else we have a capturing group. */
6483
6484 else
6485 {
6486 NUMBERED_GROUP:
6487 cd->bracount += 1;
6488 PUT2(code, 1+LINK_SIZE, cd->bracount);
6489 skipbytes = IMM2_SIZE;
6490 }
6491
6492 /* Process nested bracketed regex. Assertions used not to be repeatable,
6493 but this was changed for Perl compatibility, so all kinds can now be
6494 repeated. We copy code into a non-register variable (tempcode) in order to
6495 be able to pass its address because some compilers complain otherwise. */
6496
6497 previous = code; /* For handling repetition */
6498 *code = bravalue;
6499 tempcode = code;
6500 tempreqvary = cd->req_varyopt; /* Save value before bracket */
6501 tempbracount = cd->bracount; /* Save value before bracket */
6502 length_prevgroup = 0; /* Initialize for pre-compile phase */
6503
6504 if (!compile_regex(
6505 newoptions, /* The complete new option state */
6506 &tempcode, /* Where to put code (updated) */
6507 &ptr, /* Input pointer (updated) */
6508 errorcodeptr, /* Where to put an error message */
6509 (bravalue == OP_ASSERTBACK ||
6510 bravalue == OP_ASSERTBACK_NOT), /* TRUE if back assert */
6511 reset_bracount, /* True if (?| group */
6512 skipbytes, /* Skip over bracket number */
6513 cond_depth +
6514 ((bravalue == OP_COND)?1:0), /* Depth of condition subpatterns */
6515 &subfirstchar, /* For possible first char */
6516 &subreqchar, /* For possible last char */
6517 bcptr, /* Current branch chain */
6518 cd, /* Tables block */
6519 (lengthptr == NULL)? NULL : /* Actual compile phase */
6520 &length_prevgroup /* Pre-compile phase */
6521 ))
6522 goto FAILED;
6523
6524 /* If this was an atomic group and there are no capturing groups within it,
6525 generate OP_ONCE_NC instead of OP_ONCE. */
6526
6527 if (bravalue == OP_ONCE && cd->bracount <= tempbracount)
6528 *code = OP_ONCE_NC;
6529
6530 if (bravalue >= OP_ASSERT && bravalue <= OP_ASSERTBACK_NOT)
6531 cd->assert_depth -= 1;
6532
6533 /* At the end of compiling, code is still pointing to the start of the
6534 group, while tempcode has been updated to point past the end of the group.
6535 The pattern pointer (ptr) is on the bracket.
6536
6537 If this is a conditional bracket, check that there are no more than
6538 two branches in the group, or just one if it's a DEFINE group. We do this
6539 in the real compile phase, not in the pre-pass, where the whole group may
6540 not be available. */
6541
6542 if (bravalue == OP_COND && lengthptr == NULL)
6543 {
6544 pcre_uchar *tc = code;
6545 int condcount = 0;
6546
6547 do {
6548 condcount++;
6549 tc += GET(tc,1);
6550 }
6551 while (*tc != OP_KET);
6552
6553 /* A DEFINE group is never obeyed inline (the "condition" is always
6554 false). It must have only one branch. */
6555
6556 if (code[LINK_SIZE+1] == OP_DEF)
6557 {
6558 if (condcount > 1)
6559 {
6560 *errorcodeptr = ERR54;
6561 goto FAILED;
6562 }
6563 bravalue = OP_DEF; /* Just a flag to suppress char handling below */
6564 }
6565
6566 /* A "normal" conditional group. If there is just one branch, we must not
6567 make use of its firstchar or reqchar, because this is equivalent to an
6568 empty second branch. */
6569
6570 else
6571 {
6572 if (condcount > 2)
6573 {
6574 *errorcodeptr = ERR27;
6575 goto FAILED;
6576 }
6577 if (condcount == 1) subfirstchar = subreqchar = REQ_NONE;
6578 }
6579 }
6580
6581 /* Error if hit end of pattern */
6582
6583 if (*ptr != CHAR_RIGHT_PARENTHESIS)
6584 {
6585 *errorcodeptr = ERR14;
6586 goto FAILED;
6587 }
6588
6589 /* In the pre-compile phase, update the length by the length of the group,
6590 less the brackets at either end. Then reduce the compiled code to just a
6591 set of non-capturing brackets so that it doesn't use much memory if it is
6592 duplicated by a quantifier.*/
6593
6594 if (lengthptr != NULL)
6595 {
6596 if (OFLOW_MAX - *lengthptr < length_prevgroup - 2 - 2*LINK_SIZE)
6597 {
6598 *errorcodeptr = ERR20;
6599 goto FAILED;
6600 }
6601 *lengthptr += length_prevgroup - 2 - 2*LINK_SIZE;
6602 code++; /* This already contains bravalue */
6603 PUTINC(code, 0, 1 + LINK_SIZE);
6604 *code++ = OP_KET;
6605 PUTINC(code, 0, 1 + LINK_SIZE);
6606 break; /* No need to waste time with special character handling */
6607 }
6608
6609 /* Otherwise update the main code pointer to the end of the group. */
6610
6611 code = tempcode;
6612
6613 /* For a DEFINE group, required and first character settings are not
6614 relevant. */
6615
6616 if (bravalue == OP_DEF) break;
6617
6618 /* Handle updating of the required and first characters for other types of
6619 group. Update for normal brackets of all kinds, and conditions with two
6620 branches (see code above). If the bracket is followed by a quantifier with
6621 zero repeat, we have to back off. Hence the definition of zeroreqchar and
6622 zerofirstchar outside the main loop so that they can be accessed for the
6623 back off. */
6624
6625 zeroreqchar = reqchar;
6626 zerofirstchar = firstchar;
6627 groupsetfirstchar = FALSE;
6628
6629 if (bravalue >= OP_ONCE)
6630 {
6631 /* If we have not yet set a firstchar in this branch, take it from the
6632 subpattern, remembering that it was set here so that a repeat of more
6633 than one can replicate it as reqchar if necessary. If the subpattern has
6634 no firstchar, set "none" for the whole branch. In both cases, a zero
6635 repeat forces firstchar to "none". */
6636
6637 if (firstchar == REQ_UNSET)
6638 {
6639