/[pcre]/code/trunk/pcre_compile.c
ViewVC logotype

Contents of /code/trunk/pcre_compile.c

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1133 - (show annotations)
Thu Oct 18 18:35:30 2012 UTC (6 years, 10 months ago) by chpe
File MIME type: text/plain
File size: 275870 byte(s)
Error occurred while calculating annotation data.
pcre32: Fix signed-unsigned compare
1 /*************************************************
2 * Perl-Compatible Regular Expressions *
3 *************************************************/
4
5 /* PCRE is a library of functions to support regular expressions whose syntax
6 and semantics are as close as possible to those of the Perl 5 language.
7
8 Written by Philip Hazel
9 Copyright (c) 1997-2012 University of Cambridge
10
11 -----------------------------------------------------------------------------
12 Redistribution and use in source and binary forms, with or without
13 modification, are permitted provided that the following conditions are met:
14
15 * Redistributions of source code must retain the above copyright notice,
16 this list of conditions and the following disclaimer.
17
18 * Redistributions in binary form must reproduce the above copyright
19 notice, this list of conditions and the following disclaimer in the
20 documentation and/or other materials provided with the distribution.
21
22 * Neither the name of the University of Cambridge nor the names of its
23 contributors may be used to endorse or promote products derived from
24 this software without specific prior written permission.
25
26 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
27 AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
30 LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
31 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
32 SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
33 INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
34 CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
35 ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
36 POSSIBILITY OF SUCH DAMAGE.
37 -----------------------------------------------------------------------------
38 */
39
40
41 /* This module contains the external function pcre_compile(), along with
42 supporting internal functions that are not used by other modules. */
43
44
45 #ifdef HAVE_CONFIG_H
46 #include "config.h"
47 #endif
48
49 #define NLBLOCK cd /* Block containing newline information */
50 #define PSSTART start_pattern /* Field containing processed string start */
51 #define PSEND end_pattern /* Field containing processed string end */
52
53 #include "pcre_internal.h"
54
55
56 /* When PCRE_DEBUG is defined, we need the pcre(16|32)_printint() function, which
57 is also used by pcretest. PCRE_DEBUG is not defined when building a production
58 library. We do not need to select pcre16_printint.c specially, because the
59 COMPILE_PCREx macro will already be appropriately set. */
60
61 #ifdef PCRE_DEBUG
62 /* pcre_printint.c should not include any headers */
63 #define PCRE_INCLUDED
64 #include "pcre_printint.c"
65 #undef PCRE_INCLUDED
66 #endif
67
68
69 /* Macro for setting individual bits in class bitmaps. */
70
71 #define SETBIT(a,b) a[(b)/8] |= (1 << ((b)&7))
72
73 /* Maximum length value to check against when making sure that the integer that
74 holds the compiled pattern length does not overflow. We make it a bit less than
75 INT_MAX to allow for adding in group terminating bytes, so that we don't have
76 to check them every time. */
77
78 #define OFLOW_MAX (INT_MAX - 20)
79
80 /* Definitions to allow mutual recursion */
81
82 static int
83 add_list_to_class(pcre_uint8 *, pcre_uchar **, int, compile_data *,
84 const pcre_uint32 *, unsigned int);
85
86 static BOOL
87 compile_regex(int, pcre_uchar **, const pcre_uchar **, int *, BOOL, BOOL, int, int,
88 pcre_uint32 *, pcre_int32 *, pcre_uint32 *, pcre_int32 *, branch_chain *,
89 compile_data *, int *);
90
91
92
93 /*************************************************
94 * Code parameters and static tables *
95 *************************************************/
96
97 /* This value specifies the size of stack workspace that is used during the
98 first pre-compile phase that determines how much memory is required. The regex
99 is partly compiled into this space, but the compiled parts are discarded as
100 soon as they can be, so that hopefully there will never be an overrun. The code
101 does, however, check for an overrun. The largest amount I've seen used is 218,
102 so this number is very generous.
103
104 The same workspace is used during the second, actual compile phase for
105 remembering forward references to groups so that they can be filled in at the
106 end. Each entry in this list occupies LINK_SIZE bytes, so even when LINK_SIZE
107 is 4 there is plenty of room for most patterns. However, the memory can get
108 filled up by repetitions of forward references, for example patterns like
109 /(?1){0,1999}(b)/, and one user did hit the limit. The code has been changed so
110 that the workspace is expanded using malloc() in this situation. The value
111 below is therefore a minimum, and we put a maximum on it for safety. The
112 minimum is now also defined in terms of LINK_SIZE so that the use of malloc()
113 kicks in at the same number of forward references in all cases. */
114
115 #define COMPILE_WORK_SIZE (2048*LINK_SIZE)
116 #define COMPILE_WORK_SIZE_MAX (100*COMPILE_WORK_SIZE)
117
118 /* The overrun tests check for a slightly smaller size so that they detect the
119 overrun before it actually does run off the end of the data block. */
120
121 #define WORK_SIZE_SAFETY_MARGIN (100)
122
123 /* Private flags added to firstchar and reqchar. */
124
125 #define REQ_CASELESS (1 << 0) /* Indicates caselessness */
126 #define REQ_VARY (1 << 1) /* Reqchar followed non-literal item */
127 /* Negative values for the firstchar and reqchar flags */
128 #define REQ_UNSET (-2)
129 #define REQ_NONE (-1)
130
131 /* Repeated character flags. */
132
133 #define UTF_LENGTH 0x10000000l /* The char contains its length. */
134
135 /* Table for handling escaped characters in the range '0'-'z'. Positive returns
136 are simple data values; negative values are for special things like \d and so
137 on. Zero means further processing is needed (for things like \x), or the escape
138 is invalid. */
139
140 #ifndef EBCDIC
141
142 /* This is the "normal" table for ASCII systems or for EBCDIC systems running
143 in UTF-8 mode. */
144
145 static const short int escapes[] = {
146 0, 0,
147 0, 0,
148 0, 0,
149 0, 0,
150 0, 0,
151 CHAR_COLON, CHAR_SEMICOLON,
152 CHAR_LESS_THAN_SIGN, CHAR_EQUALS_SIGN,
153 CHAR_GREATER_THAN_SIGN, CHAR_QUESTION_MARK,
154 CHAR_COMMERCIAL_AT, -ESC_A,
155 -ESC_B, -ESC_C,
156 -ESC_D, -ESC_E,
157 0, -ESC_G,
158 -ESC_H, 0,
159 0, -ESC_K,
160 0, 0,
161 -ESC_N, 0,
162 -ESC_P, -ESC_Q,
163 -ESC_R, -ESC_S,
164 0, 0,
165 -ESC_V, -ESC_W,
166 -ESC_X, 0,
167 -ESC_Z, CHAR_LEFT_SQUARE_BRACKET,
168 CHAR_BACKSLASH, CHAR_RIGHT_SQUARE_BRACKET,
169 CHAR_CIRCUMFLEX_ACCENT, CHAR_UNDERSCORE,
170 CHAR_GRAVE_ACCENT, 7,
171 -ESC_b, 0,
172 -ESC_d, ESC_e,
173 ESC_f, 0,
174 -ESC_h, 0,
175 0, -ESC_k,
176 0, 0,
177 ESC_n, 0,
178 -ESC_p, 0,
179 ESC_r, -ESC_s,
180 ESC_tee, 0,
181 -ESC_v, -ESC_w,
182 0, 0,
183 -ESC_z
184 };
185
186 #else
187
188 /* This is the "abnormal" table for EBCDIC systems without UTF-8 support. */
189
190 static const short int escapes[] = {
191 /* 48 */ 0, 0, 0, '.', '<', '(', '+', '|',
192 /* 50 */ '&', 0, 0, 0, 0, 0, 0, 0,
193 /* 58 */ 0, 0, '!', '$', '*', ')', ';', '~',
194 /* 60 */ '-', '/', 0, 0, 0, 0, 0, 0,
195 /* 68 */ 0, 0, '|', ',', '%', '_', '>', '?',
196 /* 70 */ 0, 0, 0, 0, 0, 0, 0, 0,
197 /* 78 */ 0, '`', ':', '#', '@', '\'', '=', '"',
198 /* 80 */ 0, 7, -ESC_b, 0, -ESC_d, ESC_e, ESC_f, 0,
199 /* 88 */-ESC_h, 0, 0, '{', 0, 0, 0, 0,
200 /* 90 */ 0, 0, -ESC_k, 'l', 0, ESC_n, 0, -ESC_p,
201 /* 98 */ 0, ESC_r, 0, '}', 0, 0, 0, 0,
202 /* A0 */ 0, '~', -ESC_s, ESC_tee, 0,-ESC_v, -ESC_w, 0,
203 /* A8 */ 0,-ESC_z, 0, 0, 0, '[', 0, 0,
204 /* B0 */ 0, 0, 0, 0, 0, 0, 0, 0,
205 /* B8 */ 0, 0, 0, 0, 0, ']', '=', '-',
206 /* C0 */ '{',-ESC_A, -ESC_B, -ESC_C, -ESC_D,-ESC_E, 0, -ESC_G,
207 /* C8 */-ESC_H, 0, 0, 0, 0, 0, 0, 0,
208 /* D0 */ '}', 0, -ESC_K, 0, 0,-ESC_N, 0, -ESC_P,
209 /* D8 */-ESC_Q,-ESC_R, 0, 0, 0, 0, 0, 0,
210 /* E0 */ '\\', 0, -ESC_S, 0, 0,-ESC_V, -ESC_W, -ESC_X,
211 /* E8 */ 0,-ESC_Z, 0, 0, 0, 0, 0, 0,
212 /* F0 */ 0, 0, 0, 0, 0, 0, 0, 0,
213 /* F8 */ 0, 0, 0, 0, 0, 0, 0, 0
214 };
215 #endif
216
217
218 /* Table of special "verbs" like (*PRUNE). This is a short table, so it is
219 searched linearly. Put all the names into a single string, in order to reduce
220 the number of relocations when a shared library is dynamically linked. The
221 string is built from string macros so that it works in UTF-8 mode on EBCDIC
222 platforms. */
223
224 typedef struct verbitem {
225 int len; /* Length of verb name */
226 int op; /* Op when no arg, or -1 if arg mandatory */
227 int op_arg; /* Op when arg present, or -1 if not allowed */
228 } verbitem;
229
230 static const char verbnames[] =
231 "\0" /* Empty name is a shorthand for MARK */
232 STRING_MARK0
233 STRING_ACCEPT0
234 STRING_COMMIT0
235 STRING_F0
236 STRING_FAIL0
237 STRING_PRUNE0
238 STRING_SKIP0
239 STRING_THEN;
240
241 static const verbitem verbs[] = {
242 { 0, -1, OP_MARK },
243 { 4, -1, OP_MARK },
244 { 6, OP_ACCEPT, -1 },
245 { 6, OP_COMMIT, -1 },
246 { 1, OP_FAIL, -1 },
247 { 4, OP_FAIL, -1 },
248 { 5, OP_PRUNE, OP_PRUNE_ARG },
249 { 4, OP_SKIP, OP_SKIP_ARG },
250 { 4, OP_THEN, OP_THEN_ARG }
251 };
252
253 static const int verbcount = sizeof(verbs)/sizeof(verbitem);
254
255
256 /* Tables of names of POSIX character classes and their lengths. The names are
257 now all in a single string, to reduce the number of relocations when a shared
258 library is dynamically loaded. The list of lengths is terminated by a zero
259 length entry. The first three must be alpha, lower, upper, as this is assumed
260 for handling case independence. */
261
262 static const char posix_names[] =
263 STRING_alpha0 STRING_lower0 STRING_upper0 STRING_alnum0
264 STRING_ascii0 STRING_blank0 STRING_cntrl0 STRING_digit0
265 STRING_graph0 STRING_print0 STRING_punct0 STRING_space0
266 STRING_word0 STRING_xdigit;
267
268 static const pcre_uint8 posix_name_lengths[] = {
269 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };
270
271 /* Table of class bit maps for each POSIX class. Each class is formed from a
272 base map, with an optional addition or removal of another map. Then, for some
273 classes, there is some additional tweaking: for [:blank:] the vertical space
274 characters are removed, and for [:alpha:] and [:alnum:] the underscore
275 character is removed. The triples in the table consist of the base map offset,
276 second map offset or -1 if no second map, and a non-negative value for map
277 addition or a negative value for map subtraction (if there are two maps). The
278 absolute value of the third field has these meanings: 0 => no tweaking, 1 =>
279 remove vertical space characters, 2 => remove underscore. */
280
281 static const int posix_class_maps[] = {
282 cbit_word, cbit_digit, -2, /* alpha */
283 cbit_lower, -1, 0, /* lower */
284 cbit_upper, -1, 0, /* upper */
285 cbit_word, -1, 2, /* alnum - word without underscore */
286 cbit_print, cbit_cntrl, 0, /* ascii */
287 cbit_space, -1, 1, /* blank - a GNU extension */
288 cbit_cntrl, -1, 0, /* cntrl */
289 cbit_digit, -1, 0, /* digit */
290 cbit_graph, -1, 0, /* graph */
291 cbit_print, -1, 0, /* print */
292 cbit_punct, -1, 0, /* punct */
293 cbit_space, -1, 0, /* space */
294 cbit_word, -1, 0, /* word - a Perl extension */
295 cbit_xdigit,-1, 0 /* xdigit */
296 };
297
298 /* Table of substitutes for \d etc when PCRE_UCP is set. The POSIX class
299 substitutes must be in the order of the names, defined above, and there are
300 both positive and negative cases. NULL means no substitute. */
301
302 #ifdef SUPPORT_UCP
303 static const pcre_uchar string_PNd[] = {
304 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
305 CHAR_N, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
306 static const pcre_uchar string_pNd[] = {
307 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
308 CHAR_N, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
309 static const pcre_uchar string_PXsp[] = {
310 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
311 CHAR_X, CHAR_s, CHAR_p, CHAR_RIGHT_CURLY_BRACKET, '\0' };
312 static const pcre_uchar string_pXsp[] = {
313 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
314 CHAR_X, CHAR_s, CHAR_p, CHAR_RIGHT_CURLY_BRACKET, '\0' };
315 static const pcre_uchar string_PXwd[] = {
316 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
317 CHAR_X, CHAR_w, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
318 static const pcre_uchar string_pXwd[] = {
319 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
320 CHAR_X, CHAR_w, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
321
322 static const pcre_uchar *substitutes[] = {
323 string_PNd, /* \D */
324 string_pNd, /* \d */
325 string_PXsp, /* \S */ /* NOTE: Xsp is Perl space */
326 string_pXsp, /* \s */
327 string_PXwd, /* \W */
328 string_pXwd /* \w */
329 };
330
331 static const pcre_uchar string_pL[] = {
332 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
333 CHAR_L, CHAR_RIGHT_CURLY_BRACKET, '\0' };
334 static const pcre_uchar string_pLl[] = {
335 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
336 CHAR_L, CHAR_l, CHAR_RIGHT_CURLY_BRACKET, '\0' };
337 static const pcre_uchar string_pLu[] = {
338 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
339 CHAR_L, CHAR_u, CHAR_RIGHT_CURLY_BRACKET, '\0' };
340 static const pcre_uchar string_pXan[] = {
341 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
342 CHAR_X, CHAR_a, CHAR_n, CHAR_RIGHT_CURLY_BRACKET, '\0' };
343 static const pcre_uchar string_h[] = {
344 CHAR_BACKSLASH, CHAR_h, '\0' };
345 static const pcre_uchar string_pXps[] = {
346 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
347 CHAR_X, CHAR_p, CHAR_s, CHAR_RIGHT_CURLY_BRACKET, '\0' };
348 static const pcre_uchar string_PL[] = {
349 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
350 CHAR_L, CHAR_RIGHT_CURLY_BRACKET, '\0' };
351 static const pcre_uchar string_PLl[] = {
352 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
353 CHAR_L, CHAR_l, CHAR_RIGHT_CURLY_BRACKET, '\0' };
354 static const pcre_uchar string_PLu[] = {
355 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
356 CHAR_L, CHAR_u, CHAR_RIGHT_CURLY_BRACKET, '\0' };
357 static const pcre_uchar string_PXan[] = {
358 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
359 CHAR_X, CHAR_a, CHAR_n, CHAR_RIGHT_CURLY_BRACKET, '\0' };
360 static const pcre_uchar string_H[] = {
361 CHAR_BACKSLASH, CHAR_H, '\0' };
362 static const pcre_uchar string_PXps[] = {
363 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
364 CHAR_X, CHAR_p, CHAR_s, CHAR_RIGHT_CURLY_BRACKET, '\0' };
365
366 static const pcre_uchar *posix_substitutes[] = {
367 string_pL, /* alpha */
368 string_pLl, /* lower */
369 string_pLu, /* upper */
370 string_pXan, /* alnum */
371 NULL, /* ascii */
372 string_h, /* blank */
373 NULL, /* cntrl */
374 string_pNd, /* digit */
375 NULL, /* graph */
376 NULL, /* print */
377 NULL, /* punct */
378 string_pXps, /* space */ /* NOTE: Xps is POSIX space */
379 string_pXwd, /* word */
380 NULL, /* xdigit */
381 /* Negated cases */
382 string_PL, /* ^alpha */
383 string_PLl, /* ^lower */
384 string_PLu, /* ^upper */
385 string_PXan, /* ^alnum */
386 NULL, /* ^ascii */
387 string_H, /* ^blank */
388 NULL, /* ^cntrl */
389 string_PNd, /* ^digit */
390 NULL, /* ^graph */
391 NULL, /* ^print */
392 NULL, /* ^punct */
393 string_PXps, /* ^space */ /* NOTE: Xps is POSIX space */
394 string_PXwd, /* ^word */
395 NULL /* ^xdigit */
396 };
397 #define POSIX_SUBSIZE (sizeof(posix_substitutes) / sizeof(pcre_uchar *))
398 #endif
399
400 #define STRING(a) # a
401 #define XSTRING(s) STRING(s)
402
403 /* The texts of compile-time error messages. These are "char *" because they
404 are passed to the outside world. Do not ever re-use any error number, because
405 they are documented. Always add a new error instead. Messages marked DEAD below
406 are no longer used. This used to be a table of strings, but in order to reduce
407 the number of relocations needed when a shared library is loaded dynamically,
408 it is now one long string. We cannot use a table of offsets, because the
409 lengths of inserts such as XSTRING(MAX_NAME_SIZE) are not known. Instead, we
410 simply count through to the one we want - this isn't a performance issue
411 because these strings are used only when there is a compilation error.
412
413 Each substring ends with \0 to insert a null character. This includes the final
414 substring, so that the whole string ends with \0\0, which can be detected when
415 counting through. */
416
417 static const char error_texts[] =
418 "no error\0"
419 "\\ at end of pattern\0"
420 "\\c at end of pattern\0"
421 "unrecognized character follows \\\0"
422 "numbers out of order in {} quantifier\0"
423 /* 5 */
424 "number too big in {} quantifier\0"
425 "missing terminating ] for character class\0"
426 "invalid escape sequence in character class\0"
427 "range out of order in character class\0"
428 "nothing to repeat\0"
429 /* 10 */
430 "operand of unlimited repeat could match the empty string\0" /** DEAD **/
431 "internal error: unexpected repeat\0"
432 "unrecognized character after (? or (?-\0"
433 "POSIX named classes are supported only within a class\0"
434 "missing )\0"
435 /* 15 */
436 "reference to non-existent subpattern\0"
437 "erroffset passed as NULL\0"
438 "unknown option bit(s) set\0"
439 "missing ) after comment\0"
440 "parentheses nested too deeply\0" /** DEAD **/
441 /* 20 */
442 "regular expression is too large\0"
443 "failed to get memory\0"
444 "unmatched parentheses\0"
445 "internal error: code overflow\0"
446 "unrecognized character after (?<\0"
447 /* 25 */
448 "lookbehind assertion is not fixed length\0"
449 "malformed number or name after (?(\0"
450 "conditional group contains more than two branches\0"
451 "assertion expected after (?(\0"
452 "(?R or (?[+-]digits must be followed by )\0"
453 /* 30 */
454 "unknown POSIX class name\0"
455 "POSIX collating elements are not supported\0"
456 "this version of PCRE is compiled without UTF support\0"
457 "spare error\0" /** DEAD **/
458 "character value in \\x{...} sequence is too large\0"
459 /* 35 */
460 "invalid condition (?(0)\0"
461 "\\C not allowed in lookbehind assertion\0"
462 "PCRE does not support \\L, \\l, \\N{name}, \\U, or \\u\0"
463 "number after (?C is > 255\0"
464 "closing ) for (?C expected\0"
465 /* 40 */
466 "recursive call could loop indefinitely\0"
467 "unrecognized character after (?P\0"
468 "syntax error in subpattern name (missing terminator)\0"
469 "two named subpatterns have the same name\0"
470 "invalid UTF-8 string\0"
471 /* 45 */
472 "support for \\P, \\p, and \\X has not been compiled\0"
473 "malformed \\P or \\p sequence\0"
474 "unknown property name after \\P or \\p\0"
475 "subpattern name is too long (maximum " XSTRING(MAX_NAME_SIZE) " characters)\0"
476 "too many named subpatterns (maximum " XSTRING(MAX_NAME_COUNT) ")\0"
477 /* 50 */
478 "repeated subpattern is too long\0" /** DEAD **/
479 "octal value is greater than \\377 in 8-bit non-UTF-8 mode\0"
480 "internal error: overran compiling workspace\0"
481 "internal error: previously-checked referenced subpattern not found\0"
482 "DEFINE group contains more than one branch\0"
483 /* 55 */
484 "repeating a DEFINE group is not allowed\0" /** DEAD **/
485 "inconsistent NEWLINE options\0"
486 "\\g is not followed by a braced, angle-bracketed, or quoted name/number or by a plain number\0"
487 "a numbered reference must not be zero\0"
488 "an argument is not allowed for (*ACCEPT), (*FAIL), or (*COMMIT)\0"
489 /* 60 */
490 "(*VERB) not recognized\0"
491 "number is too big\0"
492 "subpattern name expected\0"
493 "digit expected after (?+\0"
494 "] is an invalid data character in JavaScript compatibility mode\0"
495 /* 65 */
496 "different names for subpatterns of the same number are not allowed\0"
497 "(*MARK) must have an argument\0"
498 "this version of PCRE is not compiled with Unicode property support\0"
499 "\\c must be followed by an ASCII character\0"
500 "\\k is not followed by a braced, angle-bracketed, or quoted name\0"
501 /* 70 */
502 "internal error: unknown opcode in find_fixedlength()\0"
503 "\\N is not supported in a class\0"
504 "too many forward references\0"
505 "disallowed Unicode code point (>= 0xd800 && <= 0xdfff)\0"
506 "invalid UTF-16 string\0"
507 /* 75 */
508 "name is too long in (*MARK), (*PRUNE), (*SKIP), or (*THEN)\0"
509 "character value in \\u.... sequence is too large\0"
510 "invalid UTF-32 string\0"
511 ;
512
513 /* Table to identify digits and hex digits. This is used when compiling
514 patterns. Note that the tables in chartables are dependent on the locale, and
515 may mark arbitrary characters as digits - but the PCRE compiling code expects
516 to handle only 0-9, a-z, and A-Z as digits when compiling. That is why we have
517 a private table here. It costs 256 bytes, but it is a lot faster than doing
518 character value tests (at least in some simple cases I timed), and in some
519 applications one wants PCRE to compile efficiently as well as match
520 efficiently.
521
522 For convenience, we use the same bit definitions as in chartables:
523
524 0x04 decimal digit
525 0x08 hexadecimal digit
526
527 Then we can use ctype_digit and ctype_xdigit in the code. */
528
529 /* Using a simple comparison for decimal numbers rather than a memory read
530 is much faster, and the resulting code is simpler (the compiler turns it
531 into a subtraction and unsigned comparison). */
532
533 #define IS_DIGIT(x) ((x) >= CHAR_0 && (x) <= CHAR_9)
534
535 #ifndef EBCDIC
536
537 /* This is the "normal" case, for ASCII systems, and EBCDIC systems running in
538 UTF-8 mode. */
539
540 static const pcre_uint8 digitab[] =
541 {
542 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 0- 7 */
543 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 8- 15 */
544 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 16- 23 */
545 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */
546 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - ' */
547 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ( - / */
548 0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c, /* 0 - 7 */
549 0x0c,0x0c,0x00,0x00,0x00,0x00,0x00,0x00, /* 8 - ? */
550 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* @ - G */
551 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* H - O */
552 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* P - W */
553 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* X - _ */
554 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* ` - g */
555 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* h - o */
556 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* p - w */
557 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* x -127 */
558 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 128-135 */
559 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 136-143 */
560 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 144-151 */
561 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 152-159 */
562 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 160-167 */
563 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 168-175 */
564 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 176-183 */
565 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
566 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 192-199 */
567 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 200-207 */
568 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 208-215 */
569 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 216-223 */
570 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 224-231 */
571 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 232-239 */
572 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 240-247 */
573 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};/* 248-255 */
574
575 #else
576
577 /* This is the "abnormal" case, for EBCDIC systems not running in UTF-8 mode. */
578
579 static const pcre_uint8 digitab[] =
580 {
581 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 0- 7 0 */
582 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 8- 15 */
583 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 16- 23 10 */
584 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */
585 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 32- 39 20 */
586 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 40- 47 */
587 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 48- 55 30 */
588 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 56- 63 */
589 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - 71 40 */
590 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 72- | */
591 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* & - 87 50 */
592 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 88- 95 */
593 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - -103 60 */
594 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 104- ? */
595 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 70 */
596 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 120- " */
597 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* 128- g 80 */
598 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* h -143 */
599 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 144- p 90 */
600 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* q -159 */
601 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 160- x A0 */
602 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* y -175 */
603 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ^ -183 B0 */
604 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
605 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* { - G C0 */
606 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* H -207 */
607 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* } - P D0 */
608 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* Q -223 */
609 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* \ - X E0 */
610 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* Y -239 */
611 0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c, /* 0 - 7 F0 */
612 0x0c,0x0c,0x00,0x00,0x00,0x00,0x00,0x00};/* 8 -255 */
613
614 static const pcre_uint8 ebcdic_chartab[] = { /* chartable partial dup */
615 0x80,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /* 0- 7 */
616 0x00,0x00,0x00,0x00,0x01,0x01,0x00,0x00, /* 8- 15 */
617 0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /* 16- 23 */
618 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */
619 0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /* 32- 39 */
620 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 40- 47 */
621 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 48- 55 */
622 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 56- 63 */
623 0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - 71 */
624 0x00,0x00,0x00,0x80,0x00,0x80,0x80,0x80, /* 72- | */
625 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* & - 87 */
626 0x00,0x00,0x00,0x80,0x80,0x80,0x00,0x00, /* 88- 95 */
627 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - -103 */
628 0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x80, /* 104- ? */
629 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 */
630 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 120- " */
631 0x00,0x1a,0x1a,0x1a,0x1a,0x1a,0x1a,0x12, /* 128- g */
632 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* h -143 */
633 0x00,0x12,0x12,0x12,0x12,0x12,0x12,0x12, /* 144- p */
634 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* q -159 */
635 0x00,0x00,0x12,0x12,0x12,0x12,0x12,0x12, /* 160- x */
636 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* y -175 */
637 0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ^ -183 */
638 0x00,0x00,0x80,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
639 0x80,0x1a,0x1a,0x1a,0x1a,0x1a,0x1a,0x12, /* { - G */
640 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* H -207 */
641 0x00,0x12,0x12,0x12,0x12,0x12,0x12,0x12, /* } - P */
642 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* Q -223 */
643 0x00,0x00,0x12,0x12,0x12,0x12,0x12,0x12, /* \ - X */
644 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* Y -239 */
645 0x1c,0x1c,0x1c,0x1c,0x1c,0x1c,0x1c,0x1c, /* 0 - 7 */
646 0x1c,0x1c,0x00,0x00,0x00,0x00,0x00,0x00};/* 8 -255 */
647 #endif
648
649
650
651 /*************************************************
652 * Find an error text *
653 *************************************************/
654
655 /* The error texts are now all in one long string, to save on relocations. As
656 some of the text is of unknown length, we can't use a table of offsets.
657 Instead, just count through the strings. This is not a performance issue
658 because it happens only when there has been a compilation error.
659
660 Argument: the error number
661 Returns: pointer to the error string
662 */
663
664 static const char *
665 find_error_text(int n)
666 {
667 const char *s = error_texts;
668 for (; n > 0; n--)
669 {
670 while (*s++ != 0) {};
671 if (*s == 0) return "Error text not found (please report)";
672 }
673 return s;
674 }
675
676
677 /*************************************************
678 * Expand the workspace *
679 *************************************************/
680
681 /* This function is called during the second compiling phase, if the number of
682 forward references fills the existing workspace, which is originally a block on
683 the stack. A larger block is obtained from malloc() unless the ultimate limit
684 has been reached or the increase will be rather small.
685
686 Argument: pointer to the compile data block
687 Returns: 0 if all went well, else an error number
688 */
689
690 static int
691 expand_workspace(compile_data *cd)
692 {
693 pcre_uchar *newspace;
694 int newsize = cd->workspace_size * 2;
695
696 if (newsize > COMPILE_WORK_SIZE_MAX) newsize = COMPILE_WORK_SIZE_MAX;
697 if (cd->workspace_size >= COMPILE_WORK_SIZE_MAX ||
698 newsize - cd->workspace_size < WORK_SIZE_SAFETY_MARGIN)
699 return ERR72;
700
701 newspace = (PUBL(malloc))(IN_UCHARS(newsize));
702 if (newspace == NULL) return ERR21;
703 memcpy(newspace, cd->start_workspace, cd->workspace_size * sizeof(pcre_uchar));
704 cd->hwm = (pcre_uchar *)newspace + (cd->hwm - cd->start_workspace);
705 if (cd->workspace_size > COMPILE_WORK_SIZE)
706 (PUBL(free))((void *)cd->start_workspace);
707 cd->start_workspace = newspace;
708 cd->workspace_size = newsize;
709 return 0;
710 }
711
712
713
714 /*************************************************
715 * Check for counted repeat *
716 *************************************************/
717
718 /* This function is called when a '{' is encountered in a place where it might
719 start a quantifier. It looks ahead to see if it really is a quantifier or not.
720 It is only a quantifier if it is one of the forms {ddd} {ddd,} or {ddd,ddd}
721 where the ddds are digits.
722
723 Arguments:
724 p pointer to the first char after '{'
725
726 Returns: TRUE or FALSE
727 */
728
729 static BOOL
730 is_counted_repeat(const pcre_uchar *p)
731 {
732 if (!IS_DIGIT(*p)) return FALSE;
733 p++;
734 while (IS_DIGIT(*p)) p++;
735 if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
736
737 if (*p++ != CHAR_COMMA) return FALSE;
738 if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
739
740 if (!IS_DIGIT(*p)) return FALSE;
741 p++;
742 while (IS_DIGIT(*p)) p++;
743
744 return (*p == CHAR_RIGHT_CURLY_BRACKET);
745 }
746
747
748
749 /*************************************************
750 * Handle escapes *
751 *************************************************/
752
753 /* This function is called when a \ has been encountered. It either returns a
754 positive value for a simple escape such as \n, or 0 for a data character
755 which will be placed in chptr. A backreference to group n is returned as
756 negative n. When UTF-8 is enabled, a positive value greater than 255 may
757 be returned in chptr.
758 On entry,ptr is pointing at the \. On exit, it is on the final character of the
759 escape sequence.
760
761 Arguments:
762 ptrptr points to the pattern position pointer
763 chptr points to the data character
764 errorcodeptr points to the errorcode variable
765 bracount number of previous extracting brackets
766 options the options bits
767 isclass TRUE if inside a character class
768
769 Returns: zero => a data character
770 positive => a special escape sequence
771 negative => a back reference
772 on error, errorcodeptr is set
773 */
774
775 static int
776 check_escape(const pcre_uchar **ptrptr, pcre_uint32 *chptr, int *errorcodeptr,
777 int bracount, int options, BOOL isclass)
778 {
779 /* PCRE_UTF16 has the same value as PCRE_UTF8. */
780 BOOL utf = (options & PCRE_UTF8) != 0;
781 const pcre_uchar *ptr = *ptrptr + 1;
782 pcre_uint32 c;
783 int escape = 0;
784 int i;
785
786 GETCHARINCTEST(c, ptr); /* Get character value, increment pointer */
787 ptr--; /* Set pointer back to the last byte */
788
789 /* If backslash is at the end of the pattern, it's an error. */
790
791 if (c == 0) *errorcodeptr = ERR1;
792
793 /* Non-alphanumerics are literals. For digits or letters, do an initial lookup
794 in a table. A non-zero result is something that can be returned immediately.
795 Otherwise further processing may be required. */
796
797 #ifndef EBCDIC /* ASCII/UTF-8 coding */
798 /* Not alphanumeric */
799 else if (c < CHAR_0 || c > CHAR_z) {}
800 else if ((i = escapes[c - CHAR_0]) != 0) { if (i > 0) c = (pcre_uint32)i; else escape = -i; }
801
802 #else /* EBCDIC coding */
803 /* Not alphanumeric */
804 else if (c < CHAR_a || (!MAX_255(c) || (ebcdic_chartab[c] & 0x0E) == 0)) {}
805 else if ((i = escapes[c - 0x48]) != 0) { if (i > 0) c = (pcre_uint32)i; else escape = -i; }
806 #endif
807
808 /* Escapes that need further processing, or are illegal. */
809
810 else
811 {
812 const pcre_uchar *oldptr;
813 BOOL braced, negated, overflow;
814 int s;
815
816 switch (c)
817 {
818 /* A number of Perl escapes are not handled by PCRE. We give an explicit
819 error. */
820
821 case CHAR_l:
822 case CHAR_L:
823 *errorcodeptr = ERR37;
824 break;
825
826 case CHAR_u:
827 if ((options & PCRE_JAVASCRIPT_COMPAT) != 0)
828 {
829 /* In JavaScript, \u must be followed by four hexadecimal numbers.
830 Otherwise it is a lowercase u letter. */
831 if (MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0
832 && MAX_255(ptr[2]) && (digitab[ptr[2]] & ctype_xdigit) != 0
833 && MAX_255(ptr[3]) && (digitab[ptr[3]] & ctype_xdigit) != 0
834 && MAX_255(ptr[4]) && (digitab[ptr[4]] & ctype_xdigit) != 0)
835 {
836 c = 0;
837 for (i = 0; i < 4; ++i)
838 {
839 register pcre_uint32 cc = *(++ptr);
840 #ifndef EBCDIC /* ASCII/UTF-8 coding */
841 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
842 c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
843 #else /* EBCDIC coding */
844 if (cc >= CHAR_a && cc <= CHAR_z) cc += 64; /* Convert to upper case */
845 c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
846 #endif
847 }
848
849 #if defined COMPILE_PCRE8
850 if (c > (utf ? 0x10ffff : 0xff))
851 #elif defined COMPILE_PCRE16
852 if (c > (utf ? 0x10ffff : 0xffff))
853 #elif defined COMPILE_PCRE32
854 if (utf && c > 0x10ffff)
855 #endif
856 {
857 *errorcodeptr = ERR76;
858 }
859 else if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;
860 }
861 }
862 else
863 *errorcodeptr = ERR37;
864 break;
865
866 case CHAR_U:
867 /* In JavaScript, \U is an uppercase U letter. */
868 if ((options & PCRE_JAVASCRIPT_COMPAT) == 0) *errorcodeptr = ERR37;
869 break;
870
871 /* In a character class, \g is just a literal "g". Outside a character
872 class, \g must be followed by one of a number of specific things:
873
874 (1) A number, either plain or braced. If positive, it is an absolute
875 backreference. If negative, it is a relative backreference. This is a Perl
876 5.10 feature.
877
878 (2) Perl 5.10 also supports \g{name} as a reference to a named group. This
879 is part of Perl's movement towards a unified syntax for back references. As
880 this is synonymous with \k{name}, we fudge it up by pretending it really
881 was \k.
882
883 (3) For Oniguruma compatibility we also support \g followed by a name or a
884 number either in angle brackets or in single quotes. However, these are
885 (possibly recursive) subroutine calls, _not_ backreferences. Just return
886 the ESC_g code (cf \k). */
887
888 case CHAR_g:
889 if (isclass) break;
890 if (ptr[1] == CHAR_LESS_THAN_SIGN || ptr[1] == CHAR_APOSTROPHE)
891 {
892 escape = ESC_g;
893 break;
894 }
895
896 /* Handle the Perl-compatible cases */
897
898 if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
899 {
900 const pcre_uchar *p;
901 for (p = ptr+2; *p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET; p++)
902 if (*p != CHAR_MINUS && !IS_DIGIT(*p)) break;
903 if (*p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET)
904 {
905 escape = ESC_k;
906 break;
907 }
908 braced = TRUE;
909 ptr++;
910 }
911 else braced = FALSE;
912
913 if (ptr[1] == CHAR_MINUS)
914 {
915 negated = TRUE;
916 ptr++;
917 }
918 else negated = FALSE;
919
920 /* The integer range is limited by the machine's int representation. */
921 s = 0;
922 overflow = FALSE;
923 while (IS_DIGIT(ptr[1]))
924 {
925 if (s > INT_MAX / 10 - 1) /* Integer overflow */
926 {
927 overflow = TRUE;
928 break;
929 }
930 s = s * 10 + (int)(*(++ptr) - CHAR_0);
931 }
932 if (overflow) /* Integer overflow */
933 {
934 while (IS_DIGIT(ptr[1]))
935 ptr++;
936 *errorcodeptr = ERR61;
937 break;
938 }
939
940 if (braced && *(++ptr) != CHAR_RIGHT_CURLY_BRACKET)
941 {
942 *errorcodeptr = ERR57;
943 break;
944 }
945
946 if (s == 0)
947 {
948 *errorcodeptr = ERR58;
949 break;
950 }
951
952 if (negated)
953 {
954 if (s > bracount)
955 {
956 *errorcodeptr = ERR15;
957 break;
958 }
959 s = bracount - (s - 1);
960 }
961
962 escape = -s;
963 break;
964
965 /* The handling of escape sequences consisting of a string of digits
966 starting with one that is not zero is not straightforward. By experiment,
967 the way Perl works seems to be as follows:
968
969 Outside a character class, the digits are read as a decimal number. If the
970 number is less than 10, or if there are that many previous extracting
971 left brackets, then it is a back reference. Otherwise, up to three octal
972 digits are read to form an escaped byte. Thus \123 is likely to be octal
973 123 (cf \0123, which is octal 012 followed by the literal 3). If the octal
974 value is greater than 377, the least significant 8 bits are taken. Inside a
975 character class, \ followed by a digit is always an octal number. */
976
977 case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4: case CHAR_5:
978 case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
979
980 if (!isclass)
981 {
982 oldptr = ptr;
983 /* The integer range is limited by the machine's int representation. */
984 s = (int)(c -CHAR_0);
985 overflow = FALSE;
986 while (IS_DIGIT(ptr[1]))
987 {
988 if (s > INT_MAX / 10 - 1) /* Integer overflow */
989 {
990 overflow = TRUE;
991 break;
992 }
993 s = s * 10 + (int)(*(++ptr) - CHAR_0);
994 }
995 if (overflow) /* Integer overflow */
996 {
997 while (IS_DIGIT(ptr[1]))
998 ptr++;
999 *errorcodeptr = ERR61;
1000 break;
1001 }
1002 if (s < 10 || s <= bracount)
1003 {
1004 escape = -s;
1005 break;
1006 }
1007 ptr = oldptr; /* Put the pointer back and fall through */
1008 }
1009
1010 /* Handle an octal number following \. If the first digit is 8 or 9, Perl
1011 generates a binary zero byte and treats the digit as a following literal.
1012 Thus we have to pull back the pointer by one. */
1013
1014 if ((c = *ptr) >= CHAR_8)
1015 {
1016 ptr--;
1017 c = 0;
1018 break;
1019 }
1020
1021 /* \0 always starts an octal number, but we may drop through to here with a
1022 larger first octal digit. The original code used just to take the least
1023 significant 8 bits of octal numbers (I think this is what early Perls used
1024 to do). Nowadays we allow for larger numbers in UTF-8 mode and 16-bit mode,
1025 but no more than 3 octal digits. */
1026
1027 case CHAR_0:
1028 c -= CHAR_0;
1029 while(i++ < 2 && ptr[1] >= CHAR_0 && ptr[1] <= CHAR_7)
1030 c = c * 8 + *(++ptr) - CHAR_0;
1031 #ifdef COMPILE_PCRE8
1032 if (!utf && c > 0xff) *errorcodeptr = ERR51;
1033 #endif
1034 break;
1035
1036 /* \x is complicated. \x{ddd} is a character number which can be greater
1037 than 0xff in utf or non-8bit mode, but only if the ddd are hex digits.
1038 If not, { is treated as a data character. */
1039
1040 case CHAR_x:
1041 if ((options & PCRE_JAVASCRIPT_COMPAT) != 0)
1042 {
1043 /* In JavaScript, \x must be followed by two hexadecimal numbers.
1044 Otherwise it is a lowercase x letter. */
1045 if (MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0
1046 && MAX_255(ptr[2]) && (digitab[ptr[2]] & ctype_xdigit) != 0)
1047 {
1048 c = 0;
1049 for (i = 0; i < 2; ++i)
1050 {
1051 register pcre_uint32 cc = *(++ptr);
1052 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1053 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
1054 c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1055 #else /* EBCDIC coding */
1056 if (cc >= CHAR_a && cc <= CHAR_z) cc += 64; /* Convert to upper case */
1057 c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1058 #endif
1059 }
1060 }
1061 break;
1062 }
1063
1064 if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
1065 {
1066 const pcre_uchar *pt = ptr + 2;
1067
1068 c = 0;
1069 overflow = FALSE;
1070 while (MAX_255(*pt) && (digitab[*pt] & ctype_xdigit) != 0)
1071 {
1072 register pcre_uint32 cc = *pt++;
1073 if (c == 0 && cc == CHAR_0) continue; /* Leading zeroes */
1074
1075 #ifdef COMPILE_PCRE32
1076 if (c >= 0x10000000l) { overflow = TRUE; break; }
1077 #endif
1078
1079 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1080 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
1081 c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1082 #else /* EBCDIC coding */
1083 if (cc >= CHAR_a && cc <= CHAR_z) cc += 64; /* Convert to upper case */
1084 c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1085 #endif
1086
1087 #if defined COMPILE_PCRE8
1088 if (c > (utf ? 0x10ffff : 0xff)) { overflow = TRUE; break; }
1089 #elif defined COMPILE_PCRE16
1090 if (c > (utf ? 0x10ffff : 0xffff)) { overflow = TRUE; break; }
1091 #elif defined COMPILE_PCRE32
1092 if (utf && c > 0x10ffff) { overflow = TRUE; break; }
1093 #endif
1094 }
1095
1096 if (overflow)
1097 {
1098 while (MAX_255(*pt) && (digitab[*pt] & ctype_xdigit) != 0) pt++;
1099 *errorcodeptr = ERR34;
1100 }
1101
1102 if (*pt == CHAR_RIGHT_CURLY_BRACKET)
1103 {
1104 if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;
1105 ptr = pt;
1106 break;
1107 }
1108
1109 /* If the sequence of hex digits does not end with '}', then we don't
1110 recognize this construct; fall through to the normal \x handling. */
1111 }
1112
1113 /* Read just a single-byte hex-defined char */
1114
1115 c = 0;
1116 while (i++ < 2 && MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0)
1117 {
1118 pcre_uint32 cc; /* Some compilers don't like */
1119 cc = *(++ptr); /* ++ in initializers */
1120 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1121 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
1122 c = c * 16 + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1123 #else /* EBCDIC coding */
1124 if (cc <= CHAR_z) cc += 64; /* Convert to upper case */
1125 c = c * 16 + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1126 #endif
1127 }
1128 break;
1129
1130 /* For \c, a following letter is upper-cased; then the 0x40 bit is flipped.
1131 An error is given if the byte following \c is not an ASCII character. This
1132 coding is ASCII-specific, but then the whole concept of \cx is
1133 ASCII-specific. (However, an EBCDIC equivalent has now been added.) */
1134
1135 case CHAR_c:
1136 c = *(++ptr);
1137 if (c == 0)
1138 {
1139 *errorcodeptr = ERR2;
1140 break;
1141 }
1142 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1143 if (c > 127) /* Excludes all non-ASCII in either mode */
1144 {
1145 *errorcodeptr = ERR68;
1146 break;
1147 }
1148 if (c >= CHAR_a && c <= CHAR_z) c -= 32;
1149 c ^= 0x40;
1150 #else /* EBCDIC coding */
1151 if (c >= CHAR_a && c <= CHAR_z) c += 64;
1152 c ^= 0xC0;
1153 #endif
1154 break;
1155
1156 /* PCRE_EXTRA enables extensions to Perl in the matter of escapes. Any
1157 other alphanumeric following \ is an error if PCRE_EXTRA was set;
1158 otherwise, for Perl compatibility, it is a literal. This code looks a bit
1159 odd, but there used to be some cases other than the default, and there may
1160 be again in future, so I haven't "optimized" it. */
1161
1162 default:
1163 if ((options & PCRE_EXTRA) != 0) switch(c)
1164 {
1165 default:
1166 *errorcodeptr = ERR3;
1167 break;
1168 }
1169 break;
1170 }
1171 }
1172
1173 /* Perl supports \N{name} for character names, as well as plain \N for "not
1174 newline". PCRE does not support \N{name}. However, it does support
1175 quantification such as \N{2,3}. */
1176
1177 if (escape == ESC_N && ptr[1] == CHAR_LEFT_CURLY_BRACKET &&
1178 !is_counted_repeat(ptr+2))
1179 *errorcodeptr = ERR37;
1180
1181 /* If PCRE_UCP is set, we change the values for \d etc. */
1182
1183 if ((options & PCRE_UCP) != 0 && escape >= ESC_D && escape <= ESC_w)
1184 escape += (ESC_DU - ESC_D);
1185
1186 /* Set the pointer to the final character before returning. */
1187
1188 *ptrptr = ptr;
1189 *chptr = c;
1190 return escape;
1191 }
1192
1193 #ifdef SUPPORT_UCP
1194 /*************************************************
1195 * Handle \P and \p *
1196 *************************************************/
1197
1198 /* This function is called after \P or \p has been encountered, provided that
1199 PCRE is compiled with support for Unicode properties. On entry, ptrptr is
1200 pointing at the P or p. On exit, it is pointing at the final character of the
1201 escape sequence.
1202
1203 Argument:
1204 ptrptr points to the pattern position pointer
1205 negptr points to a boolean that is set TRUE for negation else FALSE
1206 ptypeptr points to an unsigned int that is set to the type value
1207 pdataptr points to an unsigned int that is set to the detailed property value
1208 errorcodeptr points to the error code variable
1209
1210 Returns: TRUE if the type value was found, or FALSE for an invalid type
1211 */
1212
1213 static BOOL
1214 get_ucp(const pcre_uchar **ptrptr, BOOL *negptr, unsigned int *ptypeptr,
1215 unsigned int *pdataptr, int *errorcodeptr)
1216 {
1217 pcre_uchar c;
1218 int i, bot, top;
1219 const pcre_uchar *ptr = *ptrptr;
1220 pcre_uchar name[32];
1221
1222 c = *(++ptr);
1223 if (c == 0) goto ERROR_RETURN;
1224
1225 *negptr = FALSE;
1226
1227 /* \P or \p can be followed by a name in {}, optionally preceded by ^ for
1228 negation. */
1229
1230 if (c == CHAR_LEFT_CURLY_BRACKET)
1231 {
1232 if (ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
1233 {
1234 *negptr = TRUE;
1235 ptr++;
1236 }
1237 for (i = 0; i < (int)(sizeof(name) / sizeof(pcre_uchar)) - 1; i++)
1238 {
1239 c = *(++ptr);
1240 if (c == 0) goto ERROR_RETURN;
1241 if (c == CHAR_RIGHT_CURLY_BRACKET) break;
1242 name[i] = c;
1243 }
1244 if (c != CHAR_RIGHT_CURLY_BRACKET) goto ERROR_RETURN;
1245 name[i] = 0;
1246 }
1247
1248 /* Otherwise there is just one following character */
1249
1250 else
1251 {
1252 name[0] = c;
1253 name[1] = 0;
1254 }
1255
1256 *ptrptr = ptr;
1257
1258 /* Search for a recognized property name using binary chop */
1259
1260 bot = 0;
1261 top = PRIV(utt_size);
1262
1263 while (bot < top)
1264 {
1265 int r;
1266 i = (bot + top) >> 1;
1267 r = STRCMP_UC_C8(name, PRIV(utt_names) + PRIV(utt)[i].name_offset);
1268 if (r == 0)
1269 {
1270 *ptypeptr = PRIV(utt)[i].type;
1271 *pdataptr = PRIV(utt)[i].value;
1272 return TRUE;
1273 }
1274 if (r > 0) bot = i + 1; else top = i;
1275 }
1276
1277 *errorcodeptr = ERR47;
1278 *ptrptr = ptr;
1279 return FALSE;
1280
1281 ERROR_RETURN:
1282 *errorcodeptr = ERR46;
1283 *ptrptr = ptr;
1284 return FALSE;
1285 }
1286 #endif
1287
1288
1289
1290
1291 /*************************************************
1292 * Read repeat counts *
1293 *************************************************/
1294
1295 /* Read an item of the form {n,m} and return the values. This is called only
1296 after is_counted_repeat() has confirmed that a repeat-count quantifier exists,
1297 so the syntax is guaranteed to be correct, but we need to check the values.
1298
1299 Arguments:
1300 p pointer to first char after '{'
1301 minp pointer to int for min
1302 maxp pointer to int for max
1303 returned as -1 if no max
1304 errorcodeptr points to error code variable
1305
1306 Returns: pointer to '}' on success;
1307 current ptr on error, with errorcodeptr set non-zero
1308 */
1309
1310 static const pcre_uchar *
1311 read_repeat_counts(const pcre_uchar *p, int *minp, int *maxp, int *errorcodeptr)
1312 {
1313 int min = 0;
1314 int max = -1;
1315
1316 /* Read the minimum value and do a paranoid check: a negative value indicates
1317 an integer overflow. */
1318
1319 while (IS_DIGIT(*p)) min = min * 10 + (int)(*p++ - CHAR_0);
1320 if (min < 0 || min > 65535)
1321 {
1322 *errorcodeptr = ERR5;
1323 return p;
1324 }
1325
1326 /* Read the maximum value if there is one, and again do a paranoid on its size.
1327 Also, max must not be less than min. */
1328
1329 if (*p == CHAR_RIGHT_CURLY_BRACKET) max = min; else
1330 {
1331 if (*(++p) != CHAR_RIGHT_CURLY_BRACKET)
1332 {
1333 max = 0;
1334 while(IS_DIGIT(*p)) max = max * 10 + (int)(*p++ - CHAR_0);
1335 if (max < 0 || max > 65535)
1336 {
1337 *errorcodeptr = ERR5;
1338 return p;
1339 }
1340 if (max < min)
1341 {
1342 *errorcodeptr = ERR4;
1343 return p;
1344 }
1345 }
1346 }
1347
1348 /* Fill in the required variables, and pass back the pointer to the terminating
1349 '}'. */
1350
1351 *minp = min;
1352 *maxp = max;
1353 return p;
1354 }
1355
1356
1357
1358 /*************************************************
1359 * Subroutine for finding forward reference *
1360 *************************************************/
1361
1362 /* This recursive function is called only from find_parens() below. The
1363 top-level call starts at the beginning of the pattern. All other calls must
1364 start at a parenthesis. It scans along a pattern's text looking for capturing
1365 subpatterns, and counting them. If it finds a named pattern that matches the
1366 name it is given, it returns its number. Alternatively, if the name is NULL, it
1367 returns when it reaches a given numbered subpattern. Recursion is used to keep
1368 track of subpatterns that reset the capturing group numbers - the (?| feature.
1369
1370 This function was originally called only from the second pass, in which we know
1371 that if (?< or (?' or (?P< is encountered, the name will be correctly
1372 terminated because that is checked in the first pass. There is now one call to
1373 this function in the first pass, to check for a recursive back reference by
1374 name (so that we can make the whole group atomic). In this case, we need check
1375 only up to the current position in the pattern, and that is still OK because
1376 and previous occurrences will have been checked. To make this work, the test
1377 for "end of pattern" is a check against cd->end_pattern in the main loop,
1378 instead of looking for a binary zero. This means that the special first-pass
1379 call can adjust cd->end_pattern temporarily. (Checks for binary zero while
1380 processing items within the loop are OK, because afterwards the main loop will
1381 terminate.)
1382
1383 Arguments:
1384 ptrptr address of the current character pointer (updated)
1385 cd compile background data
1386 name name to seek, or NULL if seeking a numbered subpattern
1387 lorn name length, or subpattern number if name is NULL
1388 xmode TRUE if we are in /x mode
1389 utf TRUE if we are in UTF-8 / UTF-16 / UTF-32 mode
1390 count pointer to the current capturing subpattern number (updated)
1391
1392 Returns: the number of the named subpattern, or -1 if not found
1393 */
1394
1395 static int
1396 find_parens_sub(pcre_uchar **ptrptr, compile_data *cd, const pcre_uchar *name, int lorn,
1397 BOOL xmode, BOOL utf, int *count)
1398 {
1399 pcre_uchar *ptr = *ptrptr;
1400 int start_count = *count;
1401 int hwm_count = start_count;
1402 BOOL dup_parens = FALSE;
1403
1404 /* If the first character is a parenthesis, check on the type of group we are
1405 dealing with. The very first call may not start with a parenthesis. */
1406
1407 if (ptr[0] == CHAR_LEFT_PARENTHESIS)
1408 {
1409 /* Handle specials such as (*SKIP) or (*UTF8) etc. */
1410
1411 if (ptr[1] == CHAR_ASTERISK) ptr += 2;
1412
1413 /* Handle a normal, unnamed capturing parenthesis. */
1414
1415 else if (ptr[1] != CHAR_QUESTION_MARK)
1416 {
1417 *count += 1;
1418 if (name == NULL && *count == lorn) return *count;
1419 ptr++;
1420 }
1421
1422 /* All cases now have (? at the start. Remember when we are in a group
1423 where the parenthesis numbers are duplicated. */
1424
1425 else if (ptr[2] == CHAR_VERTICAL_LINE)
1426 {
1427 ptr += 3;
1428 dup_parens = TRUE;
1429 }
1430
1431 /* Handle comments; all characters are allowed until a ket is reached. */
1432
1433 else if (ptr[2] == CHAR_NUMBER_SIGN)
1434 {
1435 for (ptr += 3; *ptr != 0; ptr++) if (*ptr == CHAR_RIGHT_PARENTHESIS) break;
1436 goto FAIL_EXIT;
1437 }
1438
1439 /* Handle a condition. If it is an assertion, just carry on so that it
1440 is processed as normal. If not, skip to the closing parenthesis of the
1441 condition (there can't be any nested parens). */
1442
1443 else if (ptr[2] == CHAR_LEFT_PARENTHESIS)
1444 {
1445 ptr += 2;
1446 if (ptr[1] != CHAR_QUESTION_MARK)
1447 {
1448 while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
1449 if (*ptr != 0) ptr++;
1450 }
1451 }
1452
1453 /* Start with (? but not a condition. */
1454
1455 else
1456 {
1457 ptr += 2;
1458 if (*ptr == CHAR_P) ptr++; /* Allow optional P */
1459
1460 /* We have to disambiguate (?<! and (?<= from (?<name> for named groups */
1461
1462 if ((*ptr == CHAR_LESS_THAN_SIGN && ptr[1] != CHAR_EXCLAMATION_MARK &&
1463 ptr[1] != CHAR_EQUALS_SIGN) || *ptr == CHAR_APOSTROPHE)
1464 {
1465 pcre_uchar term;
1466 const pcre_uchar *thisname;
1467 *count += 1;
1468 if (name == NULL && *count == lorn) return *count;
1469 term = *ptr++;
1470 if (term == CHAR_LESS_THAN_SIGN) term = CHAR_GREATER_THAN_SIGN;
1471 thisname = ptr;
1472 while (*ptr != term) ptr++;
1473 if (name != NULL && lorn == (int)(ptr - thisname) &&
1474 STRNCMP_UC_UC(name, thisname, (unsigned int)lorn) == 0)
1475 return *count;
1476 term++;
1477 }
1478 }
1479 }
1480
1481 /* Past any initial parenthesis handling, scan for parentheses or vertical
1482 bars. Stop if we get to cd->end_pattern. Note that this is important for the
1483 first-pass call when this value is temporarily adjusted to stop at the current
1484 position. So DO NOT change this to a test for binary zero. */
1485
1486 for (; ptr < cd->end_pattern; ptr++)
1487 {
1488 /* Skip over backslashed characters and also entire \Q...\E */
1489
1490 if (*ptr == CHAR_BACKSLASH)
1491 {
1492 if (*(++ptr) == 0) goto FAIL_EXIT;
1493 if (*ptr == CHAR_Q) for (;;)
1494 {
1495 while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};
1496 if (*ptr == 0) goto FAIL_EXIT;
1497 if (*(++ptr) == CHAR_E) break;
1498 }
1499 continue;
1500 }
1501
1502 /* Skip over character classes; this logic must be similar to the way they
1503 are handled for real. If the first character is '^', skip it. Also, if the
1504 first few characters (either before or after ^) are \Q\E or \E we skip them
1505 too. This makes for compatibility with Perl. Note the use of STR macros to
1506 encode "Q\\E" so that it works in UTF-8 on EBCDIC platforms. */
1507
1508 if (*ptr == CHAR_LEFT_SQUARE_BRACKET)
1509 {
1510 BOOL negate_class = FALSE;
1511 for (;;)
1512 {
1513 if (ptr[1] == CHAR_BACKSLASH)
1514 {
1515 if (ptr[2] == CHAR_E)
1516 ptr+= 2;
1517 else if (STRNCMP_UC_C8(ptr + 2,
1518 STR_Q STR_BACKSLASH STR_E, 3) == 0)
1519 ptr += 4;
1520 else
1521 break;
1522 }
1523 else if (!negate_class && ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
1524 {
1525 negate_class = TRUE;
1526 ptr++;
1527 }
1528 else break;
1529 }
1530
1531 /* If the next character is ']', it is a data character that must be
1532 skipped, except in JavaScript compatibility mode. */
1533
1534 if (ptr[1] == CHAR_RIGHT_SQUARE_BRACKET &&
1535 (cd->external_options & PCRE_JAVASCRIPT_COMPAT) == 0)
1536 ptr++;
1537
1538 while (*(++ptr) != CHAR_RIGHT_SQUARE_BRACKET)
1539 {
1540 if (*ptr == 0) return -1;
1541 if (*ptr == CHAR_BACKSLASH)
1542 {
1543 if (*(++ptr) == 0) goto FAIL_EXIT;
1544 if (*ptr == CHAR_Q) for (;;)
1545 {
1546 while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};
1547 if (*ptr == 0) goto FAIL_EXIT;
1548 if (*(++ptr) == CHAR_E) break;
1549 }
1550 continue;
1551 }
1552 }
1553 continue;
1554 }
1555
1556 /* Skip comments in /x mode */
1557
1558 if (xmode && *ptr == CHAR_NUMBER_SIGN)
1559 {
1560 ptr++;
1561 while (*ptr != 0)
1562 {
1563 if (IS_NEWLINE(ptr)) { ptr += cd->nllen - 1; break; }
1564 ptr++;
1565 #ifdef SUPPORT_UTF
1566 if (utf) FORWARDCHAR(ptr);
1567 #endif
1568 }
1569 if (*ptr == 0) goto FAIL_EXIT;
1570 continue;
1571 }
1572
1573 /* Check for the special metacharacters */
1574
1575 if (*ptr == CHAR_LEFT_PARENTHESIS)
1576 {
1577 int rc = find_parens_sub(&ptr, cd, name, lorn, xmode, utf, count);
1578 if (rc > 0) return rc;
1579 if (*ptr == 0) goto FAIL_EXIT;
1580 }
1581
1582 else if (*ptr == CHAR_RIGHT_PARENTHESIS)
1583 {
1584 if (dup_parens && *count < hwm_count) *count = hwm_count;
1585 goto FAIL_EXIT;
1586 }
1587
1588 else if (*ptr == CHAR_VERTICAL_LINE && dup_parens)
1589 {
1590 if (*count > hwm_count) hwm_count = *count;
1591 *count = start_count;
1592 }
1593 }
1594
1595 FAIL_EXIT:
1596 *ptrptr = ptr;
1597 return -1;
1598 }
1599
1600
1601
1602
1603 /*************************************************
1604 * Find forward referenced subpattern *
1605 *************************************************/
1606
1607 /* This function scans along a pattern's text looking for capturing
1608 subpatterns, and counting them. If it finds a named pattern that matches the
1609 name it is given, it returns its number. Alternatively, if the name is NULL, it
1610 returns when it reaches a given numbered subpattern. This is used for forward
1611 references to subpatterns. We used to be able to start this scan from the
1612 current compiling point, using the current count value from cd->bracount, and
1613 do it all in a single loop, but the addition of the possibility of duplicate
1614 subpattern numbers means that we have to scan from the very start, in order to
1615 take account of such duplicates, and to use a recursive function to keep track
1616 of the different types of group.
1617
1618 Arguments:
1619 cd compile background data
1620 name name to seek, or NULL if seeking a numbered subpattern
1621 lorn name length, or subpattern number if name is NULL
1622 xmode TRUE if we are in /x mode
1623 utf TRUE if we are in UTF-8 / UTF-16 / UTF-32 mode
1624
1625 Returns: the number of the found subpattern, or -1 if not found
1626 */
1627
1628 static int
1629 find_parens(compile_data *cd, const pcre_uchar *name, int lorn, BOOL xmode,
1630 BOOL utf)
1631 {
1632 pcre_uchar *ptr = (pcre_uchar *)cd->start_pattern;
1633 int count = 0;
1634 int rc;
1635
1636 /* If the pattern does not start with an opening parenthesis, the first call
1637 to find_parens_sub() will scan right to the end (if necessary). However, if it
1638 does start with a parenthesis, find_parens_sub() will return when it hits the
1639 matching closing parens. That is why we have to have a loop. */
1640
1641 for (;;)
1642 {
1643 rc = find_parens_sub(&ptr, cd, name, lorn, xmode, utf, &count);
1644 if (rc > 0 || *ptr++ == 0) break;
1645 }
1646
1647 return rc;
1648 }
1649
1650
1651
1652
1653 /*************************************************
1654 * Find first significant op code *
1655 *************************************************/
1656
1657 /* This is called by several functions that scan a compiled expression looking
1658 for a fixed first character, or an anchoring op code etc. It skips over things
1659 that do not influence this. For some calls, it makes sense to skip negative
1660 forward and all backward assertions, and also the \b assertion; for others it
1661 does not.
1662
1663 Arguments:
1664 code pointer to the start of the group
1665 skipassert TRUE if certain assertions are to be skipped
1666
1667 Returns: pointer to the first significant opcode
1668 */
1669
1670 static const pcre_uchar*
1671 first_significant_code(const pcre_uchar *code, BOOL skipassert)
1672 {
1673 for (;;)
1674 {
1675 switch ((int)*code)
1676 {
1677 case OP_ASSERT_NOT:
1678 case OP_ASSERTBACK:
1679 case OP_ASSERTBACK_NOT:
1680 if (!skipassert) return code;
1681 do code += GET(code, 1); while (*code == OP_ALT);
1682 code += PRIV(OP_lengths)[*code];
1683 break;
1684
1685 case OP_WORD_BOUNDARY:
1686 case OP_NOT_WORD_BOUNDARY:
1687 if (!skipassert) return code;
1688 /* Fall through */
1689
1690 case OP_CALLOUT:
1691 case OP_CREF:
1692 case OP_NCREF:
1693 case OP_RREF:
1694 case OP_NRREF:
1695 case OP_DEF:
1696 code += PRIV(OP_lengths)[*code];
1697 break;
1698
1699 default:
1700 return code;
1701 }
1702 }
1703 /* Control never reaches here */
1704 }
1705
1706
1707
1708
1709 /*************************************************
1710 * Find the fixed length of a branch *
1711 *************************************************/
1712
1713 /* Scan a branch and compute the fixed length of subject that will match it,
1714 if the length is fixed. This is needed for dealing with backward assertions.
1715 In UTF8 mode, the result is in characters rather than bytes. The branch is
1716 temporarily terminated with OP_END when this function is called.
1717
1718 This function is called when a backward assertion is encountered, so that if it
1719 fails, the error message can point to the correct place in the pattern.
1720 However, we cannot do this when the assertion contains subroutine calls,
1721 because they can be forward references. We solve this by remembering this case
1722 and doing the check at the end; a flag specifies which mode we are running in.
1723
1724 Arguments:
1725 code points to the start of the pattern (the bracket)
1726 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
1727 atend TRUE if called when the pattern is complete
1728 cd the "compile data" structure
1729
1730 Returns: the fixed length,
1731 or -1 if there is no fixed length,
1732 or -2 if \C was encountered (in UTF-8 mode only)
1733 or -3 if an OP_RECURSE item was encountered and atend is FALSE
1734 or -4 if an unknown opcode was encountered (internal error)
1735 */
1736
1737 static int
1738 find_fixedlength(pcre_uchar *code, BOOL utf, BOOL atend, compile_data *cd)
1739 {
1740 int length = -1;
1741
1742 register int branchlength = 0;
1743 register pcre_uchar *cc = code + 1 + LINK_SIZE;
1744
1745 /* Scan along the opcodes for this branch. If we get to the end of the
1746 branch, check the length against that of the other branches. */
1747
1748 for (;;)
1749 {
1750 int d;
1751 pcre_uchar *ce, *cs;
1752 register pcre_uchar op = *cc;
1753
1754 switch (op)
1755 {
1756 /* We only need to continue for OP_CBRA (normal capturing bracket) and
1757 OP_BRA (normal non-capturing bracket) because the other variants of these
1758 opcodes are all concerned with unlimited repeated groups, which of course
1759 are not of fixed length. */
1760
1761 case OP_CBRA:
1762 case OP_BRA:
1763 case OP_ONCE:
1764 case OP_ONCE_NC:
1765 case OP_COND:
1766 d = find_fixedlength(cc + ((op == OP_CBRA)? IMM2_SIZE : 0), utf, atend, cd);
1767 if (d < 0) return d;
1768 branchlength += d;
1769 do cc += GET(cc, 1); while (*cc == OP_ALT);
1770 cc += 1 + LINK_SIZE;
1771 break;
1772
1773 /* Reached end of a branch; if it's a ket it is the end of a nested call.
1774 If it's ALT it is an alternation in a nested call. An ACCEPT is effectively
1775 an ALT. If it is END it's the end of the outer call. All can be handled by
1776 the same code. Note that we must not include the OP_KETRxxx opcodes here,
1777 because they all imply an unlimited repeat. */
1778
1779 case OP_ALT:
1780 case OP_KET:
1781 case OP_END:
1782 case OP_ACCEPT:
1783 case OP_ASSERT_ACCEPT:
1784 if (length < 0) length = branchlength;
1785 else if (length != branchlength) return -1;
1786 if (*cc != OP_ALT) return length;
1787 cc += 1 + LINK_SIZE;
1788 branchlength = 0;
1789 break;
1790
1791 /* A true recursion implies not fixed length, but a subroutine call may
1792 be OK. If the subroutine is a forward reference, we can't deal with
1793 it until the end of the pattern, so return -3. */
1794
1795 case OP_RECURSE:
1796 if (!atend) return -3;
1797 cs = ce = (pcre_uchar *)cd->start_code + GET(cc, 1); /* Start subpattern */
1798 do ce += GET(ce, 1); while (*ce == OP_ALT); /* End subpattern */
1799 if (cc > cs && cc < ce) return -1; /* Recursion */
1800 d = find_fixedlength(cs + IMM2_SIZE, utf, atend, cd);
1801 if (d < 0) return d;
1802 branchlength += d;
1803 cc += 1 + LINK_SIZE;
1804 break;
1805
1806 /* Skip over assertive subpatterns */
1807
1808 case OP_ASSERT:
1809 case OP_ASSERT_NOT:
1810 case OP_ASSERTBACK:
1811 case OP_ASSERTBACK_NOT:
1812 do cc += GET(cc, 1); while (*cc == OP_ALT);
1813 cc += PRIV(OP_lengths)[*cc];
1814 break;
1815
1816 /* Skip over things that don't match chars */
1817
1818 case OP_MARK:
1819 case OP_PRUNE_ARG:
1820 case OP_SKIP_ARG:
1821 case OP_THEN_ARG:
1822 cc += cc[1] + PRIV(OP_lengths)[*cc];
1823 break;
1824
1825 case OP_CALLOUT:
1826 case OP_CIRC:
1827 case OP_CIRCM:
1828 case OP_CLOSE:
1829 case OP_COMMIT:
1830 case OP_CREF:
1831 case OP_DEF:
1832 case OP_DOLL:
1833 case OP_DOLLM:
1834 case OP_EOD:
1835 case OP_EODN:
1836 case OP_FAIL:
1837 case OP_NCREF:
1838 case OP_NRREF:
1839 case OP_NOT_WORD_BOUNDARY:
1840 case OP_PRUNE:
1841 case OP_REVERSE:
1842 case OP_RREF:
1843 case OP_SET_SOM:
1844 case OP_SKIP:
1845 case OP_SOD:
1846 case OP_SOM:
1847 case OP_THEN:
1848 case OP_WORD_BOUNDARY:
1849 cc += PRIV(OP_lengths)[*cc];
1850 break;
1851
1852 /* Handle literal characters */
1853
1854 case OP_CHAR:
1855 case OP_CHARI:
1856 case OP_NOT:
1857 case OP_NOTI:
1858 branchlength++;
1859 cc += 2;
1860 #ifdef SUPPORT_UTF
1861 if (utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]);
1862 #endif
1863 break;
1864
1865 /* Handle exact repetitions. The count is already in characters, but we
1866 need to skip over a multibyte character in UTF8 mode. */
1867
1868 case OP_EXACT:
1869 case OP_EXACTI:
1870 case OP_NOTEXACT:
1871 case OP_NOTEXACTI:
1872 branchlength += (int)GET2(cc,1);
1873 cc += 2 + IMM2_SIZE;
1874 #ifdef SUPPORT_UTF
1875 if (utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]);
1876 #endif
1877 break;
1878
1879 case OP_TYPEEXACT:
1880 branchlength += GET2(cc,1);
1881 if (cc[1 + IMM2_SIZE] == OP_PROP || cc[1 + IMM2_SIZE] == OP_NOTPROP)
1882 cc += 2;
1883 cc += 1 + IMM2_SIZE + 1;
1884 break;
1885
1886 /* Handle single-char matchers */
1887
1888 case OP_PROP:
1889 case OP_NOTPROP:
1890 cc += 2;
1891 /* Fall through */
1892
1893 case OP_HSPACE:
1894 case OP_VSPACE:
1895 case OP_NOT_HSPACE:
1896 case OP_NOT_VSPACE:
1897 case OP_NOT_DIGIT:
1898 case OP_DIGIT:
1899 case OP_NOT_WHITESPACE:
1900 case OP_WHITESPACE:
1901 case OP_NOT_WORDCHAR:
1902 case OP_WORDCHAR:
1903 case OP_ANY:
1904 case OP_ALLANY:
1905 branchlength++;
1906 cc++;
1907 break;
1908
1909 /* The single-byte matcher isn't allowed. This only happens in UTF-8 mode;
1910 otherwise \C is coded as OP_ALLANY. */
1911
1912 case OP_ANYBYTE:
1913 return -2;
1914
1915 /* Check a class for variable quantification */
1916
1917 #if defined SUPPORT_UTF || defined COMPILE_PCRE16 || defined COMPILE_PCRE32
1918 case OP_XCLASS:
1919 cc += GET(cc, 1) - PRIV(OP_lengths)[OP_CLASS];
1920 /* Fall through */
1921 #endif
1922
1923 case OP_CLASS:
1924 case OP_NCLASS:
1925 cc += PRIV(OP_lengths)[OP_CLASS];
1926
1927 switch (*cc)
1928 {
1929 case OP_CRPLUS:
1930 case OP_CRMINPLUS:
1931 case OP_CRSTAR:
1932 case OP_CRMINSTAR:
1933 case OP_CRQUERY:
1934 case OP_CRMINQUERY:
1935 return -1;
1936
1937 case OP_CRRANGE:
1938 case OP_CRMINRANGE:
1939 if (GET2(cc,1) != GET2(cc,1+IMM2_SIZE)) return -1;
1940 branchlength += (int)GET2(cc,1);
1941 cc += 1 + 2 * IMM2_SIZE;
1942 break;
1943
1944 default:
1945 branchlength++;
1946 }
1947 break;
1948
1949 /* Anything else is variable length */
1950
1951 case OP_ANYNL:
1952 case OP_BRAMINZERO:
1953 case OP_BRAPOS:
1954 case OP_BRAPOSZERO:
1955 case OP_BRAZERO:
1956 case OP_CBRAPOS:
1957 case OP_EXTUNI:
1958 case OP_KETRMAX:
1959 case OP_KETRMIN:
1960 case OP_KETRPOS:
1961 case OP_MINPLUS:
1962 case OP_MINPLUSI:
1963 case OP_MINQUERY:
1964 case OP_MINQUERYI:
1965 case OP_MINSTAR:
1966 case OP_MINSTARI:
1967 case OP_MINUPTO:
1968 case OP_MINUPTOI:
1969 case OP_NOTMINPLUS:
1970 case OP_NOTMINPLUSI:
1971 case OP_NOTMINQUERY:
1972 case OP_NOTMINQUERYI:
1973 case OP_NOTMINSTAR:
1974 case OP_NOTMINSTARI:
1975 case OP_NOTMINUPTO:
1976 case OP_NOTMINUPTOI:
1977 case OP_NOTPLUS:
1978 case OP_NOTPLUSI:
1979 case OP_NOTPOSPLUS:
1980 case OP_NOTPOSPLUSI:
1981 case OP_NOTPOSQUERY:
1982 case OP_NOTPOSQUERYI:
1983 case OP_NOTPOSSTAR:
1984 case OP_NOTPOSSTARI:
1985 case OP_NOTPOSUPTO:
1986 case OP_NOTPOSUPTOI:
1987 case OP_NOTQUERY:
1988 case OP_NOTQUERYI:
1989 case OP_NOTSTAR:
1990 case OP_NOTSTARI:
1991 case OP_NOTUPTO:
1992 case OP_NOTUPTOI:
1993 case OP_PLUS:
1994 case OP_PLUSI:
1995 case OP_POSPLUS:
1996 case OP_POSPLUSI:
1997 case OP_POSQUERY:
1998 case OP_POSQUERYI:
1999 case OP_POSSTAR:
2000 case OP_POSSTARI:
2001 case OP_POSUPTO:
2002 case OP_POSUPTOI:
2003 case OP_QUERY:
2004 case OP_QUERYI:
2005 case OP_REF:
2006 case OP_REFI:
2007 case OP_SBRA:
2008 case OP_SBRAPOS:
2009 case OP_SCBRA:
2010 case OP_SCBRAPOS:
2011 case OP_SCOND:
2012 case OP_SKIPZERO:
2013 case OP_STAR:
2014 case OP_STARI:
2015 case OP_TYPEMINPLUS:
2016 case OP_TYPEMINQUERY:
2017 case OP_TYPEMINSTAR:
2018 case OP_TYPEMINUPTO:
2019 case OP_TYPEPLUS:
2020 case OP_TYPEPOSPLUS:
2021 case OP_TYPEPOSQUERY:
2022 case OP_TYPEPOSSTAR:
2023 case OP_TYPEPOSUPTO:
2024 case OP_TYPEQUERY:
2025 case OP_TYPESTAR:
2026 case OP_TYPEUPTO:
2027 case OP_UPTO:
2028 case OP_UPTOI:
2029 return -1;
2030
2031 /* Catch unrecognized opcodes so that when new ones are added they
2032 are not forgotten, as has happened in the past. */
2033
2034 default:
2035 return -4;
2036 }
2037 }
2038 /* Control never gets here */
2039 }
2040
2041
2042
2043
2044 /*************************************************
2045 * Scan compiled regex for specific bracket *
2046 *************************************************/
2047
2048 /* This little function scans through a compiled pattern until it finds a
2049 capturing bracket with the given number, or, if the number is negative, an
2050 instance of OP_REVERSE for a lookbehind. The function is global in the C sense
2051 so that it can be called from pcre_study() when finding the minimum matching
2052 length.
2053
2054 Arguments:
2055 code points to start of expression
2056 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
2057 number the required bracket number or negative to find a lookbehind
2058
2059 Returns: pointer to the opcode for the bracket, or NULL if not found
2060 */
2061
2062 const pcre_uchar *
2063 PRIV(find_bracket)(const pcre_uchar *code, BOOL utf, int number)
2064 {
2065 for (;;)
2066 {
2067 register pcre_uchar c = *code;
2068
2069 if (c == OP_END) return NULL;
2070
2071 /* XCLASS is used for classes that cannot be represented just by a bit
2072 map. This includes negated single high-valued characters. The length in
2073 the table is zero; the actual length is stored in the compiled code. */
2074
2075 if (c == OP_XCLASS) code += GET(code, 1);
2076
2077 /* Handle recursion */
2078
2079 else if (c == OP_REVERSE)
2080 {
2081 if (number < 0) return (pcre_uchar *)code;
2082 code += PRIV(OP_lengths)[c];
2083 }
2084
2085 /* Handle capturing bracket */
2086
2087 else if (c == OP_CBRA || c == OP_SCBRA ||
2088 c == OP_CBRAPOS || c == OP_SCBRAPOS)
2089 {
2090 int n = (int)GET2(code, 1+LINK_SIZE);
2091 if (n == number) return (pcre_uchar *)code;
2092 code += PRIV(OP_lengths)[c];
2093 }
2094
2095 /* Otherwise, we can get the item's length from the table, except that for
2096 repeated character types, we have to test for \p and \P, which have an extra
2097 two bytes of parameters, and for MARK/PRUNE/SKIP/THEN with an argument, we
2098 must add in its length. */
2099
2100 else
2101 {
2102 switch(c)
2103 {
2104 case OP_TYPESTAR:
2105 case OP_TYPEMINSTAR:
2106 case OP_TYPEPLUS:
2107 case OP_TYPEMINPLUS:
2108 case OP_TYPEQUERY:
2109 case OP_TYPEMINQUERY:
2110 case OP_TYPEPOSSTAR:
2111 case OP_TYPEPOSPLUS:
2112 case OP_TYPEPOSQUERY:
2113 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2114 break;
2115
2116 case OP_TYPEUPTO:
2117 case OP_TYPEMINUPTO:
2118 case OP_TYPEEXACT:
2119 case OP_TYPEPOSUPTO:
2120 if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2121 code += 2;
2122 break;
2123
2124 case OP_MARK:
2125 case OP_PRUNE_ARG:
2126 case OP_SKIP_ARG:
2127 code += code[1];
2128 break;
2129
2130 case OP_THEN_ARG:
2131 code += code[1];
2132 break;
2133 }
2134
2135 /* Add in the fixed length from the table */
2136
2137 code += PRIV(OP_lengths)[c];
2138
2139 /* In UTF-8 mode, opcodes that are followed by a character may be followed by
2140 a multi-byte character. The length in the table is a minimum, so we have to
2141 arrange to skip the extra bytes. */
2142
2143 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2144 if (utf) switch(c)
2145 {
2146 case OP_CHAR:
2147 case OP_CHARI:
2148 case OP_EXACT:
2149 case OP_EXACTI:
2150 case OP_UPTO:
2151 case OP_UPTOI:
2152 case OP_MINUPTO:
2153 case OP_MINUPTOI:
2154 case OP_POSUPTO:
2155 case OP_POSUPTOI:
2156 case OP_STAR:
2157 case OP_STARI:
2158 case OP_MINSTAR:
2159 case OP_MINSTARI:
2160 case OP_POSSTAR:
2161 case OP_POSSTARI:
2162 case OP_PLUS:
2163 case OP_PLUSI:
2164 case OP_MINPLUS:
2165 case OP_MINPLUSI:
2166 case OP_POSPLUS:
2167 case OP_POSPLUSI:
2168 case OP_QUERY:
2169 case OP_QUERYI:
2170 case OP_MINQUERY:
2171 case OP_MINQUERYI:
2172 case OP_POSQUERY:
2173 case OP_POSQUERYI:
2174 if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);
2175 break;
2176 }
2177 #else
2178 (void)(utf); /* Keep compiler happy by referencing function argument */
2179 #endif
2180 }
2181 }
2182 }
2183
2184
2185
2186 /*************************************************
2187 * Scan compiled regex for recursion reference *
2188 *************************************************/
2189
2190 /* This little function scans through a compiled pattern until it finds an
2191 instance of OP_RECURSE.
2192
2193 Arguments:
2194 code points to start of expression
2195 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
2196
2197 Returns: pointer to the opcode for OP_RECURSE, or NULL if not found
2198 */
2199
2200 static const pcre_uchar *
2201 find_recurse(const pcre_uchar *code, BOOL utf)
2202 {
2203 for (;;)
2204 {
2205 register pcre_uchar c = *code;
2206 if (c == OP_END) return NULL;
2207 if (c == OP_RECURSE) return code;
2208
2209 /* XCLASS is used for classes that cannot be represented just by a bit
2210 map. This includes negated single high-valued characters. The length in
2211 the table is zero; the actual length is stored in the compiled code. */
2212
2213 if (c == OP_XCLASS) code += GET(code, 1);
2214
2215 /* Otherwise, we can get the item's length from the table, except that for
2216 repeated character types, we have to test for \p and \P, which have an extra
2217 two bytes of parameters, and for MARK/PRUNE/SKIP/THEN with an argument, we
2218 must add in its length. */
2219
2220 else
2221 {
2222 switch(c)
2223 {
2224 case OP_TYPESTAR:
2225 case OP_TYPEMINSTAR:
2226 case OP_TYPEPLUS:
2227 case OP_TYPEMINPLUS:
2228 case OP_TYPEQUERY:
2229 case OP_TYPEMINQUERY:
2230 case OP_TYPEPOSSTAR:
2231 case OP_TYPEPOSPLUS:
2232 case OP_TYPEPOSQUERY:
2233 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2234 break;
2235
2236 case OP_TYPEPOSUPTO:
2237 case OP_TYPEUPTO:
2238 case OP_TYPEMINUPTO:
2239 case OP_TYPEEXACT:
2240 if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2241 code += 2;
2242 break;
2243
2244 case OP_MARK:
2245 case OP_PRUNE_ARG:
2246 case OP_SKIP_ARG:
2247 code += code[1];
2248 break;
2249
2250 case OP_THEN_ARG:
2251 code += code[1];
2252 break;
2253 }
2254
2255 /* Add in the fixed length from the table */
2256
2257 code += PRIV(OP_lengths)[c];
2258
2259 /* In UTF-8 mode, opcodes that are followed by a character may be followed
2260 by a multi-byte character. The length in the table is a minimum, so we have
2261 to arrange to skip the extra bytes. */
2262
2263 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2264 if (utf) switch(c)
2265 {
2266 case OP_CHAR:
2267 case OP_CHARI:
2268 case OP_NOT:
2269 case OP_NOTI:
2270 case OP_EXACT:
2271 case OP_EXACTI:
2272 case OP_NOTEXACT:
2273 case OP_NOTEXACTI:
2274 case OP_UPTO:
2275 case OP_UPTOI:
2276 case OP_NOTUPTO:
2277 case OP_NOTUPTOI:
2278 case OP_MINUPTO:
2279 case OP_MINUPTOI:
2280 case OP_NOTMINUPTO:
2281 case OP_NOTMINUPTOI:
2282 case OP_POSUPTO:
2283 case OP_POSUPTOI:
2284 case OP_NOTPOSUPTO:
2285 case OP_NOTPOSUPTOI:
2286 case OP_STAR:
2287 case OP_STARI:
2288 case OP_NOTSTAR:
2289 case OP_NOTSTARI:
2290 case OP_MINSTAR:
2291 case OP_MINSTARI:
2292 case OP_NOTMINSTAR:
2293 case OP_NOTMINSTARI:
2294 case OP_POSSTAR:
2295 case OP_POSSTARI:
2296 case OP_NOTPOSSTAR:
2297 case OP_NOTPOSSTARI:
2298 case OP_PLUS:
2299 case OP_PLUSI:
2300 case OP_NOTPLUS:
2301 case OP_NOTPLUSI:
2302 case OP_MINPLUS:
2303 case OP_MINPLUSI:
2304 case OP_NOTMINPLUS:
2305 case OP_NOTMINPLUSI:
2306 case OP_POSPLUS:
2307 case OP_POSPLUSI:
2308 case OP_NOTPOSPLUS:
2309 case OP_NOTPOSPLUSI:
2310 case OP_QUERY:
2311 case OP_QUERYI:
2312 case OP_NOTQUERY:
2313 case OP_NOTQUERYI:
2314 case OP_MINQUERY:
2315 case OP_MINQUERYI:
2316 case OP_NOTMINQUERY:
2317 case OP_NOTMINQUERYI:
2318 case OP_POSQUERY:
2319 case OP_POSQUERYI:
2320 case OP_NOTPOSQUERY:
2321 case OP_NOTPOSQUERYI:
2322 if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);
2323 break;
2324 }
2325 #else
2326 (void)(utf); /* Keep compiler happy by referencing function argument */
2327 #endif
2328 }
2329 }
2330 }
2331
2332
2333
2334 /*************************************************
2335 * Scan compiled branch for non-emptiness *
2336 *************************************************/
2337
2338 /* This function scans through a branch of a compiled pattern to see whether it
2339 can match the empty string or not. It is called from could_be_empty()
2340 below and from compile_branch() when checking for an unlimited repeat of a
2341 group that can match nothing. Note that first_significant_code() skips over
2342 backward and negative forward assertions when its final argument is TRUE. If we
2343 hit an unclosed bracket, we return "empty" - this means we've struck an inner
2344 bracket whose current branch will already have been scanned.
2345
2346 Arguments:
2347 code points to start of search
2348 endcode points to where to stop
2349 utf TRUE if in UTF-8 / UTF-16 / UTF-32 mode
2350 cd contains pointers to tables etc.
2351
2352 Returns: TRUE if what is matched could be empty
2353 */
2354
2355 static BOOL
2356 could_be_empty_branch(const pcre_uchar *code, const pcre_uchar *endcode,
2357 BOOL utf, compile_data *cd)
2358 {
2359 register pcre_uchar c;
2360 for (code = first_significant_code(code + PRIV(OP_lengths)[*code], TRUE);
2361 code < endcode;
2362 code = first_significant_code(code + PRIV(OP_lengths)[c], TRUE))
2363 {
2364 const pcre_uchar *ccode;
2365
2366 c = *code;
2367
2368 /* Skip over forward assertions; the other assertions are skipped by
2369 first_significant_code() with a TRUE final argument. */
2370
2371 if (c == OP_ASSERT)
2372 {
2373 do code += GET(code, 1); while (*code == OP_ALT);
2374 c = *code;
2375 continue;
2376 }
2377
2378 /* For a recursion/subroutine call, if its end has been reached, which
2379 implies a backward reference subroutine call, we can scan it. If it's a
2380 forward reference subroutine call, we can't. To detect forward reference
2381 we have to scan up the list that is kept in the workspace. This function is
2382 called only when doing the real compile, not during the pre-compile that
2383 measures the size of the compiled pattern. */
2384
2385 if (c == OP_RECURSE)
2386 {
2387 const pcre_uchar *scode;
2388 BOOL empty_branch;
2389
2390 /* Test for forward reference */
2391
2392 for (scode = cd->start_workspace; scode < cd->hwm; scode += LINK_SIZE)
2393 if ((int)GET(scode, 0) == (int)(code + 1 - cd->start_code)) return TRUE;
2394
2395 /* Not a forward reference, test for completed backward reference */
2396
2397 empty_branch = FALSE;
2398 scode = cd->start_code + GET(code, 1);
2399 if (GET(scode, 1) == 0) return TRUE; /* Unclosed */
2400
2401 /* Completed backwards reference */
2402
2403 do
2404 {
2405 if (could_be_empty_branch(scode, endcode, utf, cd))
2406 {
2407 empty_branch = TRUE;
2408 break;
2409 }
2410 scode += GET(scode, 1);
2411 }
2412 while (*scode == OP_ALT);
2413
2414 if (!empty_branch) return FALSE; /* All branches are non-empty */
2415 continue;
2416 }
2417
2418 /* Groups with zero repeats can of course be empty; skip them. */
2419
2420 if (c == OP_BRAZERO || c == OP_BRAMINZERO || c == OP_SKIPZERO ||
2421 c == OP_BRAPOSZERO)
2422 {
2423 code += PRIV(OP_lengths)[c];
2424 do code += GET(code, 1); while (*code == OP_ALT);
2425 c = *code;
2426 continue;
2427 }
2428
2429 /* A nested group that is already marked as "could be empty" can just be
2430 skipped. */
2431
2432 if (c == OP_SBRA || c == OP_SBRAPOS ||
2433 c == OP_SCBRA || c == OP_SCBRAPOS)
2434 {
2435 do code += GET(code, 1); while (*code == OP_ALT);
2436 c = *code;
2437 continue;
2438 }
2439
2440 /* For other groups, scan the branches. */
2441
2442 if (c == OP_BRA || c == OP_BRAPOS ||
2443 c == OP_CBRA || c == OP_CBRAPOS ||
2444 c == OP_ONCE || c == OP_ONCE_NC ||
2445 c == OP_COND)
2446 {
2447 BOOL empty_branch;
2448 if (GET(code, 1) == 0) return TRUE; /* Hit unclosed bracket */
2449
2450 /* If a conditional group has only one branch, there is a second, implied,
2451 empty branch, so just skip over the conditional, because it could be empty.
2452 Otherwise, scan the individual branches of the group. */
2453
2454 if (c == OP_COND && code[GET(code, 1)] != OP_ALT)
2455 code += GET(code, 1);
2456 else
2457 {
2458 empty_branch = FALSE;
2459 do
2460 {
2461 if (!empty_branch && could_be_empty_branch(code, endcode, utf, cd))
2462 empty_branch = TRUE;
2463 code += GET(code, 1);
2464 }
2465 while (*code == OP_ALT);
2466 if (!empty_branch) return FALSE; /* All branches are non-empty */
2467 }
2468
2469 c = *code;
2470 continue;
2471 }
2472
2473 /* Handle the other opcodes */
2474
2475 switch (c)
2476 {
2477 /* Check for quantifiers after a class. XCLASS is used for classes that
2478 cannot be represented just by a bit map. This includes negated single
2479 high-valued characters. The length in PRIV(OP_lengths)[] is zero; the
2480 actual length is stored in the compiled code, so we must update "code"
2481 here. */
2482
2483 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
2484 case OP_XCLASS:
2485 ccode = code += GET(code, 1);
2486 goto CHECK_CLASS_REPEAT;
2487 #endif
2488
2489 case OP_CLASS:
2490 case OP_NCLASS:
2491 ccode = code + PRIV(OP_lengths)[OP_CLASS];
2492
2493 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
2494 CHECK_CLASS_REPEAT:
2495 #endif
2496
2497 switch (*ccode)
2498 {
2499 case OP_CRSTAR: /* These could be empty; continue */
2500 case OP_CRMINSTAR:
2501 case OP_CRQUERY:
2502 case OP_CRMINQUERY:
2503 break;
2504
2505 default: /* Non-repeat => class must match */
2506 case OP_CRPLUS: /* These repeats aren't empty */
2507 case OP_CRMINPLUS:
2508 return FALSE;
2509
2510 case OP_CRRANGE:
2511 case OP_CRMINRANGE:
2512 if (GET2(ccode, 1) > 0) return FALSE; /* Minimum > 0 */
2513 break;
2514 }
2515 break;
2516
2517 /* Opcodes that must match a character */
2518
2519 case OP_PROP:
2520 case OP_NOTPROP:
2521 case OP_EXTUNI:
2522 case OP_NOT_DIGIT:
2523 case OP_DIGIT:
2524 case OP_NOT_WHITESPACE:
2525 case OP_WHITESPACE:
2526 case OP_NOT_WORDCHAR:
2527 case OP_WORDCHAR:
2528 case OP_ANY:
2529 case OP_ALLANY:
2530 case OP_ANYBYTE:
2531 case OP_CHAR:
2532 case OP_CHARI:
2533 case OP_NOT:
2534 case OP_NOTI:
2535 case OP_PLUS:
2536 case OP_MINPLUS:
2537 case OP_POSPLUS:
2538 case OP_EXACT:
2539 case OP_NOTPLUS:
2540 case OP_NOTMINPLUS:
2541 case OP_NOTPOSPLUS:
2542 case OP_NOTEXACT:
2543 case OP_TYPEPLUS:
2544 case OP_TYPEMINPLUS:
2545 case OP_TYPEPOSPLUS:
2546 case OP_TYPEEXACT:
2547 return FALSE;
2548
2549 /* These are going to continue, as they may be empty, but we have to
2550 fudge the length for the \p and \P cases. */
2551
2552 case OP_TYPESTAR:
2553 case OP_TYPEMINSTAR:
2554 case OP_TYPEPOSSTAR:
2555 case OP_TYPEQUERY:
2556 case OP_TYPEMINQUERY:
2557 case OP_TYPEPOSQUERY:
2558 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2559 break;
2560
2561 /* Same for these */
2562
2563 case OP_TYPEUPTO:
2564 case OP_TYPEMINUPTO:
2565 case OP_TYPEPOSUPTO:
2566 if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2567 code += 2;
2568 break;
2569
2570 /* End of branch */
2571
2572 case OP_KET:
2573 case OP_KETRMAX:
2574 case OP_KETRMIN:
2575 case OP_KETRPOS:
2576 case OP_ALT:
2577 return TRUE;
2578
2579 /* In UTF-8 mode, STAR, MINSTAR, POSSTAR, QUERY, MINQUERY, POSQUERY, UPTO,
2580 MINUPTO, and POSUPTO may be followed by a multibyte character */
2581
2582 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2583 case OP_STAR:
2584 case OP_STARI:
2585 case OP_MINSTAR:
2586 case OP_MINSTARI:
2587 case OP_POSSTAR:
2588 case OP_POSSTARI:
2589 case OP_QUERY:
2590 case OP_QUERYI:
2591 case OP_MINQUERY:
2592 case OP_MINQUERYI:
2593 case OP_POSQUERY:
2594 case OP_POSQUERYI:
2595 if (utf && HAS_EXTRALEN(code[1])) code += GET_EXTRALEN(code[1]);
2596 break;
2597
2598 case OP_UPTO:
2599 case OP_UPTOI:
2600 case OP_MINUPTO:
2601 case OP_MINUPTOI:
2602 case OP_POSUPTO:
2603 case OP_POSUPTOI:
2604 if (utf && HAS_EXTRALEN(code[1 + IMM2_SIZE])) code += GET_EXTRALEN(code[1 + IMM2_SIZE]);
2605 break;
2606 #endif
2607
2608 /* MARK, and PRUNE/SKIP/THEN with an argument must skip over the argument
2609 string. */
2610
2611 case OP_MARK:
2612 case OP_PRUNE_ARG:
2613 case OP_SKIP_ARG:
2614 code += code[1];
2615 break;
2616
2617 case OP_THEN_ARG:
2618 code += code[1];
2619 break;
2620
2621 /* None of the remaining opcodes are required to match a character. */
2622
2623 default:
2624 break;
2625 }
2626 }
2627
2628 return TRUE;
2629 }
2630
2631
2632
2633 /*************************************************
2634 * Scan compiled regex for non-emptiness *
2635 *************************************************/
2636
2637 /* This function is called to check for left recursive calls. We want to check
2638 the current branch of the current pattern to see if it could match the empty
2639 string. If it could, we must look outwards for branches at other levels,
2640 stopping when we pass beyond the bracket which is the subject of the recursion.
2641 This function is called only during the real compile, not during the
2642 pre-compile.
2643
2644 Arguments:
2645 code points to start of the recursion
2646 endcode points to where to stop (current RECURSE item)
2647 bcptr points to the chain of current (unclosed) branch starts
2648 utf TRUE if in UTF-8 / UTF-16 / UTF-32 mode
2649 cd pointers to tables etc
2650
2651 Returns: TRUE if what is matched could be empty
2652 */
2653
2654 static BOOL
2655 could_be_empty(const pcre_uchar *code, const pcre_uchar *endcode,
2656 branch_chain *bcptr, BOOL utf, compile_data *cd)
2657 {
2658 while (bcptr != NULL && bcptr->current_branch >= code)
2659 {
2660 if (!could_be_empty_branch(bcptr->current_branch, endcode, utf, cd))
2661 return FALSE;
2662 bcptr = bcptr->outer;
2663 }
2664 return TRUE;
2665 }
2666
2667
2668
2669 /*************************************************
2670 * Check for POSIX class syntax *
2671 *************************************************/
2672
2673 /* This function is called when the sequence "[:" or "[." or "[=" is
2674 encountered in a character class. It checks whether this is followed by a
2675 sequence of characters terminated by a matching ":]" or ".]" or "=]". If we
2676 reach an unescaped ']' without the special preceding character, return FALSE.
2677
2678 Originally, this function only recognized a sequence of letters between the
2679 terminators, but it seems that Perl recognizes any sequence of characters,
2680 though of course unknown POSIX names are subsequently rejected. Perl gives an
2681 "Unknown POSIX class" error for [:f\oo:] for example, where previously PCRE
2682 didn't consider this to be a POSIX class. Likewise for [:1234:].
2683
2684 The problem in trying to be exactly like Perl is in the handling of escapes. We
2685 have to be sure that [abc[:x\]pqr] is *not* treated as containing a POSIX
2686 class, but [abc[:x\]pqr:]] is (so that an error can be generated). The code
2687 below handles the special case of \], but does not try to do any other escape
2688 processing. This makes it different from Perl for cases such as [:l\ower:]
2689 where Perl recognizes it as the POSIX class "lower" but PCRE does not recognize
2690 "l\ower". This is a lesser evil that not diagnosing bad classes when Perl does,
2691 I think.
2692
2693 A user pointed out that PCRE was rejecting [:a[:digit:]] whereas Perl was not.
2694 It seems that the appearance of a nested POSIX class supersedes an apparent
2695 external class. For example, [:a[:digit:]b:] matches "a", "b", ":", or
2696 a digit.
2697
2698 In Perl, unescaped square brackets may also appear as part of class names. For
2699 example, [:a[:abc]b:] gives unknown POSIX class "[:abc]b:]". However, for
2700 [:a[:abc]b][b:] it gives unknown POSIX class "[:abc]b][b:]", which does not
2701 seem right at all. PCRE does not allow closing square brackets in POSIX class
2702 names.
2703
2704 Arguments:
2705 ptr pointer to the initial [
2706 endptr where to return the end pointer
2707
2708 Returns: TRUE or FALSE
2709 */
2710
2711 static BOOL
2712 check_posix_syntax(const pcre_uchar *ptr, const pcre_uchar **endptr)
2713 {
2714 pcre_uchar terminator; /* Don't combine these lines; the Solaris cc */
2715 terminator = *(++ptr); /* compiler warns about "non-constant" initializer. */
2716 for (++ptr; *ptr != 0; ptr++)
2717 {
2718 if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
2719 ptr++;
2720 else if (*ptr == CHAR_RIGHT_SQUARE_BRACKET) return FALSE;
2721 else
2722 {
2723 if (*ptr == terminator && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
2724 {
2725 *endptr = ptr;
2726 return TRUE;
2727 }
2728 if (*ptr == CHAR_LEFT_SQUARE_BRACKET &&
2729 (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
2730 ptr[1] == CHAR_EQUALS_SIGN) &&
2731 check_posix_syntax(ptr, endptr))
2732 return FALSE;
2733 }
2734 }
2735 return FALSE;
2736 }
2737
2738
2739
2740
2741 /*************************************************
2742 * Check POSIX class name *
2743 *************************************************/
2744
2745 /* This function is called to check the name given in a POSIX-style class entry
2746 such as [:alnum:].
2747
2748 Arguments:
2749 ptr points to the first letter
2750 len the length of the name
2751
2752 Returns: a value representing the name, or -1 if unknown
2753 */
2754
2755 static int
2756 check_posix_name(const pcre_uchar *ptr, int len)
2757 {
2758 const char *pn = posix_names;
2759 register int yield = 0;
2760 while (posix_name_lengths[yield] != 0)
2761 {
2762 if (len == posix_name_lengths[yield] &&
2763 STRNCMP_UC_C8(ptr, pn, (unsigned int)len) == 0) return yield;
2764 pn += posix_name_lengths[yield] + 1;
2765 yield++;
2766 }
2767 return -1;
2768 }
2769
2770
2771 /*************************************************
2772 * Adjust OP_RECURSE items in repeated group *
2773 *************************************************/
2774
2775 /* OP_RECURSE items contain an offset from the start of the regex to the group
2776 that is referenced. This means that groups can be replicated for fixed
2777 repetition simply by copying (because the recursion is allowed to refer to
2778 earlier groups that are outside the current group). However, when a group is
2779 optional (i.e. the minimum quantifier is zero), OP_BRAZERO or OP_SKIPZERO is
2780 inserted before it, after it has been compiled. This means that any OP_RECURSE
2781 items within it that refer to the group itself or any contained groups have to
2782 have their offsets adjusted. That one of the jobs of this function. Before it
2783 is called, the partially compiled regex must be temporarily terminated with
2784 OP_END.
2785
2786 This function has been extended with the possibility of forward references for
2787 recursions and subroutine calls. It must also check the list of such references
2788 for the group we are dealing with. If it finds that one of the recursions in
2789 the current group is on this list, it adjusts the offset in the list, not the
2790 value in the reference (which is a group number).
2791
2792 Arguments:
2793 group points to the start of the group
2794 adjust the amount by which the group is to be moved
2795 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
2796 cd contains pointers to tables etc.
2797 save_hwm the hwm forward reference pointer at the start of the group
2798
2799 Returns: nothing
2800 */
2801
2802 static void
2803 adjust_recurse(pcre_uchar *group, int adjust, BOOL utf, compile_data *cd,
2804 pcre_uchar *save_hwm)
2805 {
2806 pcre_uchar *ptr = group;
2807
2808 while ((ptr = (pcre_uchar *)find_recurse(ptr, utf)) != NULL)
2809 {
2810 int offset;
2811 pcre_uchar *hc;
2812
2813 /* See if this recursion is on the forward reference list. If so, adjust the
2814 reference. */
2815
2816 for (hc = save_hwm; hc < cd->hwm; hc += LINK_SIZE)
2817 {
2818 offset = (int)GET(hc, 0);
2819 if (cd->start_code + offset == ptr + 1)
2820 {
2821 PUT(hc, 0, offset + adjust);
2822 break;
2823 }
2824 }
2825
2826 /* Otherwise, adjust the recursion offset if it's after the start of this
2827 group. */
2828
2829 if (hc >= cd->hwm)
2830 {
2831 offset = (int)GET(ptr, 1);
2832 if (cd->start_code + offset >= group) PUT(ptr, 1, offset + adjust);
2833 }
2834
2835 ptr += 1 + LINK_SIZE;
2836 }
2837 }
2838
2839
2840
2841 /*************************************************
2842 * Insert an automatic callout point *
2843 *************************************************/
2844
2845 /* This function is called when the PCRE_AUTO_CALLOUT option is set, to insert
2846 callout points before each pattern item.
2847
2848 Arguments:
2849 code current code pointer
2850 ptr current pattern pointer
2851 cd pointers to tables etc
2852
2853 Returns: new code pointer
2854 */
2855
2856 static pcre_uchar *
2857 auto_callout(pcre_uchar *code, const pcre_uchar *ptr, compile_data *cd)
2858 {
2859 *code++ = OP_CALLOUT;
2860 *code++ = 255;
2861 PUT(code, 0, (int)(ptr - cd->start_pattern)); /* Pattern offset */
2862 PUT(code, LINK_SIZE, 0); /* Default length */
2863 return code + 2 * LINK_SIZE;
2864 }
2865
2866
2867
2868 /*************************************************
2869 * Complete a callout item *
2870 *************************************************/
2871
2872 /* A callout item contains the length of the next item in the pattern, which
2873 we can't fill in till after we have reached the relevant point. This is used
2874 for both automatic and manual callouts.
2875
2876 Arguments:
2877 previous_callout points to previous callout item
2878 ptr current pattern pointer
2879 cd pointers to tables etc
2880
2881 Returns: nothing
2882 */
2883
2884 static void
2885 complete_callout(pcre_uchar *previous_callout, const pcre_uchar *ptr, compile_data *cd)
2886 {
2887 int length = (int)(ptr - cd->start_pattern - GET(previous_callout, 2));
2888 PUT(previous_callout, 2 + LINK_SIZE, length);
2889 }
2890
2891
2892
2893 #ifdef SUPPORT_UCP
2894 /*************************************************
2895 * Get othercase range *
2896 *************************************************/
2897
2898 /* This function is passed the start and end of a class range, in UTF-8 mode
2899 with UCP support. It searches up the characters, looking for ranges of
2900 characters in the "other" case. Each call returns the next one, updating the
2901 start address. A character with multiple other cases is returned on its own
2902 with a special return value.
2903
2904 Arguments:
2905 cptr points to starting character value; updated
2906 d end value
2907 ocptr where to put start of othercase range
2908 odptr where to put end of othercase range
2909
2910 Yield: -1 when no more
2911 0 when a range is returned
2912 >0 the CASESET offset for char with multiple other cases
2913 in this case, ocptr contains the original
2914 */
2915
2916 static int
2917 get_othercase_range(pcre_uint32 *cptr, pcre_uint32 d, pcre_uint32 *ocptr,
2918 pcre_uint32 *odptr)
2919 {
2920 pcre_uint32 c, othercase, next;
2921 unsigned int co;
2922
2923 /* Find the first character that has an other case. If it has multiple other
2924 cases, return its case offset value. */
2925
2926 for (c = *cptr; c <= d; c++)
2927 {
2928 if ((co = UCD_CASESET(c)) != 0)
2929 {
2930 *ocptr = c++; /* Character that has the set */
2931 *cptr = c; /* Rest of input range */
2932 return (int)co;
2933 }
2934 if ((othercase = UCD_OTHERCASE(c)) != c) break;
2935 }
2936
2937 if (c > d) return -1; /* Reached end of range */
2938
2939 *ocptr = othercase;
2940 next = othercase + 1;
2941
2942 for (++c; c <= d; c++)
2943 {
2944 if (UCD_OTHERCASE(c) != next) break;
2945 next++;
2946 }
2947
2948 *odptr = next - 1; /* End of othercase range */
2949 *cptr = c; /* Rest of input range */
2950 return 0;
2951 }
2952
2953
2954
2955 /*************************************************
2956 * Check a character and a property *
2957 *************************************************/
2958
2959 /* This function is called by check_auto_possessive() when a property item
2960 is adjacent to a fixed character.
2961
2962 Arguments:
2963 c the character
2964 ptype the property type
2965 pdata the data for the type
2966 negated TRUE if it's a negated property (\P or \p{^)
2967
2968 Returns: TRUE if auto-possessifying is OK
2969 */
2970
2971 static BOOL
2972 check_char_prop(pcre_uint32 c, unsigned int ptype, unsigned int pdata, BOOL negated)
2973 {
2974 #ifdef SUPPORT_UCP
2975 const pcre_uint32 *p;
2976 #endif
2977
2978 const ucd_record *prop = GET_UCD(c);
2979
2980 switch(ptype)
2981 {
2982 case PT_LAMP:
2983 return (prop->chartype == ucp_Lu ||
2984 prop->chartype == ucp_Ll ||
2985 prop->chartype == ucp_Lt) == negated;
2986
2987 case PT_GC:
2988 return (pdata == PRIV(ucp_gentype)[prop->chartype]) == negated;
2989
2990 case PT_PC:
2991 return (pdata == prop->chartype) == negated;
2992
2993 case PT_SC:
2994 return (pdata == prop->script) == negated;
2995
2996 /* These are specials */
2997
2998 case PT_ALNUM:
2999 return (PRIV(ucp_gentype)[prop->chartype] == ucp_L ||
3000 PRIV(ucp_gentype)[prop->chartype] == ucp_N) == negated;
3001
3002 case PT_SPACE: /* Perl space */
3003 return (PRIV(ucp_gentype)[prop->chartype] == ucp_Z ||
3004 c == CHAR_HT || c == CHAR_NL || c == CHAR_FF || c == CHAR_CR)
3005 == negated;
3006
3007 case PT_PXSPACE: /* POSIX space */
3008 return (PRIV(ucp_gentype)[prop->chartype] == ucp_Z ||
3009 c == CHAR_HT || c == CHAR_NL || c == CHAR_VT ||
3010 c == CHAR_FF || c == CHAR_CR)
3011 == negated;
3012
3013 case PT_WORD:
3014 return (PRIV(ucp_gentype)[prop->chartype] == ucp_L ||
3015 PRIV(ucp_gentype)[prop->chartype] == ucp_N ||
3016 c == CHAR_UNDERSCORE) == negated;
3017
3018 #ifdef SUPPORT_UCP
3019 case PT_CLIST:
3020 p = PRIV(ucd_caseless_sets) + prop->caseset;
3021 for (;;)
3022 {
3023 if ((unsigned int)c < *p) return !negated;
3024 if ((unsigned int)c == *p++) return negated;
3025 }
3026 break; /* Control never reaches here */
3027 #endif
3028 }
3029
3030 return FALSE;
3031 }
3032 #endif /* SUPPORT_UCP */
3033
3034
3035
3036 /*************************************************
3037 * Check if auto-possessifying is possible *
3038 *************************************************/
3039
3040 /* This function is called for unlimited repeats of certain items, to see
3041 whether the next thing could possibly match the repeated item. If not, it makes
3042 sense to automatically possessify the repeated item.
3043
3044 Arguments:
3045 previous pointer to the repeated opcode
3046 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
3047 ptr next character in pattern
3048 options options bits
3049 cd contains pointers to tables etc.
3050
3051 Returns: TRUE if possessifying is wanted
3052 */
3053
3054 static BOOL
3055 check_auto_possessive(const pcre_uchar *previous, BOOL utf,
3056 const pcre_uchar *ptr, int options, compile_data *cd)
3057 {
3058 pcre_uint32 c = NOTACHAR;
3059 pcre_uint32 next;
3060 int escape;
3061 pcre_uchar op_code = *previous++;
3062
3063 /* Skip whitespace and comments in extended mode */
3064
3065 if ((options & PCRE_EXTENDED) != 0)
3066 {
3067 for (;;)
3068 {
3069 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_space) != 0) ptr++;
3070 if (*ptr == CHAR_NUMBER_SIGN)
3071 {
3072 ptr++;
3073 while (*ptr != 0)
3074 {
3075 if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }
3076 ptr++;
3077 #ifdef SUPPORT_UTF
3078 if (utf) FORWARDCHAR(ptr);
3079 #endif
3080 }
3081 }
3082 else break;
3083 }
3084 }
3085
3086 /* If the next item is one that we can handle, get its value. A non-negative
3087 value is a character, a negative value is an escape value. */
3088
3089 if (*ptr == CHAR_BACKSLASH)
3090 {
3091 int temperrorcode = 0;
3092 escape = check_escape(&ptr, &next, &temperrorcode, cd->bracount, options, FALSE);
3093 if (temperrorcode != 0) return FALSE;
3094 ptr++; /* Point after the escape sequence */
3095 }
3096 else if (!MAX_255(*ptr) || (cd->ctypes[*ptr] & ctype_meta) == 0)
3097 {
3098 escape = 0;
3099 #ifdef SUPPORT_UTF
3100 if (utf) { GETCHARINC(next, ptr); } else
3101 #endif
3102 next = *ptr++;
3103 }
3104 else return FALSE;
3105
3106 /* Skip whitespace and comments in extended mode */
3107
3108 if ((options & PCRE_EXTENDED) != 0)
3109 {
3110 for (;;)
3111 {
3112 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_space) != 0) ptr++;
3113 if (*ptr == CHAR_NUMBER_SIGN)
3114 {
3115 ptr++;
3116 while (*ptr != 0)
3117 {
3118 if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }
3119 ptr++;
3120 #ifdef SUPPORT_UTF
3121 if (utf) FORWARDCHAR(ptr);
3122 #endif
3123 }
3124 }
3125 else break;
3126 }
3127 }
3128
3129 /* If the next thing is itself optional, we have to give up. */
3130
3131 if (*ptr == CHAR_ASTERISK || *ptr == CHAR_QUESTION_MARK ||
3132 STRNCMP_UC_C8(ptr, STR_LEFT_CURLY_BRACKET STR_0 STR_COMMA, 3) == 0)
3133 return FALSE;
3134
3135 /* If the previous item is a character, get its value. */
3136
3137 if (op_code == OP_CHAR || op_code == OP_CHARI ||
3138 op_code == OP_NOT || op_code == OP_NOTI)
3139 {
3140 #ifdef SUPPORT_UTF
3141 GETCHARTEST(c, previous);
3142 #else
3143 c = *previous;
3144 #endif
3145 }
3146
3147 /* Now compare the next item with the previous opcode. First, handle cases when
3148 the next item is a character. */
3149
3150 if (escape == 0)
3151 {
3152 /* For a caseless UTF match, the next character may have more than one other
3153 case, which maps to the special PT_CLIST property. Check this first. */
3154
3155 #ifdef SUPPORT_UCP
3156 if (utf && c != NOTACHAR && (options & PCRE_CASELESS) != 0)
3157 {
3158 unsigned int ocs = UCD_CASESET(next);
3159 if (ocs > 0) return check_char_prop(c, PT_CLIST, ocs, op_code >= OP_NOT);
3160 }
3161 #endif
3162
3163 switch(op_code)
3164 {
3165 case OP_CHAR:
3166 return c != next;
3167
3168 /* For CHARI (caseless character) we must check the other case. If we have
3169 Unicode property support, we can use it to test the other case of
3170 high-valued characters. We know that next can have only one other case,
3171 because multi-other-case characters are dealt with above. */
3172
3173 case OP_CHARI:
3174 if (c == next) return FALSE;
3175 #ifdef SUPPORT_UTF
3176 if (utf)
3177 {
3178 pcre_uint32 othercase;
3179 if (next < 128) othercase = cd->fcc[next]; else
3180 #ifdef SUPPORT_UCP
3181 othercase = UCD_OTHERCASE(next);
3182 #else
3183 othercase = NOTACHAR;
3184 #endif
3185 return c != othercase;
3186 }
3187 else
3188 #endif /* SUPPORT_UTF */
3189 return (c != TABLE_GET(next, cd->fcc, next)); /* Not UTF */
3190
3191 case OP_NOT:
3192 return c == next;
3193
3194 case OP_NOTI:
3195 if (c == next) return TRUE;
3196 #ifdef SUPPORT_UTF
3197 if (utf)
3198 {
3199 pcre_uint32 othercase;
3200 if (next < 128) othercase = cd->fcc[next]; else
3201 #ifdef SUPPORT_UCP
3202 othercase = UCD_OTHERCASE(next);
3203 #else
3204 othercase = NOTACHAR;
3205 #endif
3206 return c == othercase;
3207 }
3208 else
3209 #endif /* SUPPORT_UTF */
3210 return (c == TABLE_GET(next, cd->fcc, next)); /* Not UTF */
3211
3212 /* Note that OP_DIGIT etc. are generated only when PCRE_UCP is *not* set.
3213 When it is set, \d etc. are converted into OP_(NOT_)PROP codes. */
3214
3215 case OP_DIGIT:
3216 return next > 255 || (cd->ctypes[next] & ctype_digit) == 0;
3217
3218 case OP_NOT_DIGIT:
3219 return next <= 255 && (cd->ctypes[next] & ctype_digit) != 0;
3220
3221 case OP_WHITESPACE:
3222 return next > 255 || (cd->ctypes[next] & ctype_space) == 0;
3223
3224 case OP_NOT_WHITESPACE:
3225 return next <= 255 && (cd->ctypes[next] & ctype_space) != 0;
3226
3227 case OP_WORDCHAR:
3228 return next > 255 || (cd->ctypes[next] & ctype_word) == 0;
3229
3230 case OP_NOT_WORDCHAR:
3231 return next <= 255 && (cd->ctypes[next] & ctype_word) != 0;
3232
3233 case OP_HSPACE:
3234 case OP_NOT_HSPACE:
3235 switch(next)
3236 {
3237 HSPACE_CASES:
3238 return op_code == OP_NOT_HSPACE;
3239
3240 default:
3241 return op_code != OP_NOT_HSPACE;
3242 }
3243
3244 case OP_ANYNL:
3245 case OP_VSPACE:
3246 case OP_NOT_VSPACE:
3247 switch(next)
3248 {
3249 VSPACE_CASES:
3250 return op_code == OP_NOT_VSPACE;
3251
3252 default:
3253 return op_code != OP_NOT_VSPACE;
3254 }
3255
3256 #ifdef SUPPORT_UCP
3257 case OP_PROP:
3258 return check_char_prop(next, previous[0], previous[1], FALSE);
3259
3260 case OP_NOTPROP:
3261 return check_char_prop(next, previous[0], previous[1], TRUE);
3262 #endif
3263
3264 default:
3265 return FALSE;
3266 }
3267 }
3268
3269 /* Handle the case when the next item is \d, \s, etc. Note that when PCRE_UCP
3270 is set, \d turns into ESC_du rather than ESC_d, etc., so ESC_d etc. are
3271 generated only when PCRE_UCP is *not* set, that is, when only ASCII
3272 characteristics are recognized. Similarly, the opcodes OP_DIGIT etc. are
3273 replaced by OP_PROP codes when PCRE_UCP is set. */
3274
3275 switch(op_code)
3276 {
3277 case OP_CHAR:
3278 case OP_CHARI:
3279 switch(escape)
3280 {
3281 case ESC_d:
3282 return c > 255 || (cd->ctypes[c] & ctype_digit) == 0;
3283
3284 case ESC_D:
3285 return c <= 255 && (cd->ctypes[c] & ctype_digit) != 0;
3286
3287 case ESC_s:
3288 return c > 255 || (cd->ctypes[c] & ctype_space) == 0;
3289
3290 case ESC_S:
3291 return c <= 255 && (cd->ctypes[c] & ctype_space) != 0;
3292
3293 case ESC_w:
3294 return c > 255 || (cd->ctypes[c] & ctype_word) == 0;
3295
3296 case ESC_W:
3297 return c <= 255 && (cd->ctypes[c] & ctype_word) != 0;
3298
3299 case ESC_h:
3300 case ESC_H:
3301 switch(c)
3302 {
3303 HSPACE_CASES:
3304 return escape != ESC_h;
3305
3306 default:
3307 return escape == ESC_h;
3308 }
3309
3310 case ESC_v:
3311 case ESC_V:
3312 switch(c)
3313 {
3314 VSPACE_CASES:
3315 return escape != ESC_v;
3316
3317 default:
3318 return escape == ESC_v;
3319 }
3320
3321 /* When PCRE_UCP is set, these values get generated for \d etc. Find
3322 their substitutions and process them. The result will always be either
3323 ESC_p or ESC_P. Then fall through to process those values. */
3324
3325 #ifdef SUPPORT_UCP
3326 case ESC_du:
3327 case ESC_DU:
3328 case ESC_wu:
3329 case ESC_WU:
3330 case ESC_su:
3331 case ESC_SU:
3332 {
3333 int temperrorcode = 0;
3334 ptr = substitutes[escape - ESC_DU];
3335 escape = check_escape(&ptr, &next, &temperrorcode, 0, options, FALSE);
3336 if (temperrorcode != 0) return FALSE;
3337 ptr++; /* For compatibility */
3338 }
3339 /* Fall through */
3340
3341 case ESC_p:
3342 case ESC_P:
3343 {
3344 unsigned int ptype = 0, pdata = 0;
3345 int errorcodeptr;
3346 BOOL negated;
3347
3348 ptr--; /* Make ptr point at the p or P */
3349 if (!get_ucp(&ptr, &negated, &ptype, &pdata, &errorcodeptr))
3350 return FALSE;
3351 ptr++; /* Point past the final curly ket */
3352
3353 /* If the property item is optional, we have to give up. (When generated
3354 from \d etc by PCRE_UCP, this test will have been applied much earlier,
3355 to the original \d etc. At this point, ptr will point to a zero byte. */
3356
3357 if (*ptr == CHAR_ASTERISK || *ptr == CHAR_QUESTION_MARK ||
3358 STRNCMP_UC_C8(ptr, STR_LEFT_CURLY_BRACKET STR_0 STR_COMMA, 3) == 0)
3359 return FALSE;
3360
3361 /* Do the property check. */
3362
3363 return check_char_prop(c, ptype, pdata, (escape == ESC_P) != negated);
3364 }
3365 #endif
3366
3367 default:
3368 return FALSE;
3369 }
3370
3371 /* In principle, support for Unicode properties should be integrated here as
3372 well. It means re-organizing the above code so as to get hold of the property
3373 values before switching on the op-code. However, I wonder how many patterns
3374 combine ASCII \d etc with Unicode properties? (Note that if PCRE_UCP is set,
3375 these op-codes are never generated.) */
3376
3377 case OP_DIGIT:
3378 return escape == ESC_D || escape == ESC_s || escape == ESC_W ||
3379 escape == ESC_h || escape == ESC_v || escape == ESC_R;
3380
3381 case OP_NOT_DIGIT:
3382 return escape == ESC_d;
3383
3384 case OP_WHITESPACE:
3385 return escape == ESC_S || escape == ESC_d || escape == ESC_w;
3386
3387 case OP_NOT_WHITESPACE:
3388 return escape == ESC_s || escape == ESC_h || escape == ESC_v || escape == ESC_R;
3389
3390 case OP_HSPACE:
3391 return escape == ESC_S || escape == ESC_H || escape == ESC_d ||
3392 escape == ESC_w || escape == ESC_v || escape == ESC_R;
3393
3394 case OP_NOT_HSPACE:
3395 return escape == ESC_h;
3396
3397 /* Can't have \S in here because VT matches \S (Perl anomaly) */
3398 case OP_ANYNL:
3399 case OP_VSPACE:
3400 return escape == ESC_V || escape == ESC_d || escape == ESC_w;
3401
3402 case OP_NOT_VSPACE:
3403 return escape == ESC_v || escape == ESC_R;
3404
3405 case OP_WORDCHAR:
3406 return escape == ESC_W || escape == ESC_s || escape == ESC_h ||
3407 escape == ESC_v || escape == ESC_R;
3408
3409 case OP_NOT_WORDCHAR:
3410 return escape == ESC_w || escape == ESC_d;
3411
3412 default:
3413 return FALSE;
3414 }
3415
3416 /* Control does not reach here */
3417 }
3418
3419
3420
3421 /*************************************************
3422 * Add a character or range to a class *
3423 *************************************************/
3424
3425 /* This function packages up the logic of adding a character or range of
3426 characters to a class. The character values in the arguments will be within the
3427 valid values for the current mode (8-bit, 16-bit, UTF, etc). This function is
3428 mutually recursive with the function immediately below.
3429
3430 Arguments:
3431 classbits the bit map for characters < 256
3432 uchardptr points to the pointer for extra data
3433 options the options word
3434 cd contains pointers to tables etc.
3435 start start of range character
3436 end end of range character
3437
3438 Returns: the number of < 256 characters added
3439 the pointer to extra data is updated
3440 */
3441
3442 static int
3443 add_to_class(pcre_uint8 *classbits, pcre_uchar **uchardptr, int options,
3444 compile_data *cd, pcre_uint32 start, pcre_uint32 end)
3445 {
3446 pcre_uint32 c;
3447 int n8 = 0;
3448
3449 /* If caseless matching is required, scan the range and process alternate
3450 cases. In Unicode, there are 8-bit characters that have alternate cases that
3451 are greater than 255 and vice-versa. Sometimes we can just extend the original
3452 range. */
3453
3454 if ((options & PCRE_CASELESS) != 0)
3455 {
3456 #ifdef SUPPORT_UCP
3457 if ((options & PCRE_UTF8) != 0)
3458 {
3459 int rc;
3460 pcre_uint32 oc, od;
3461
3462 options &= ~PCRE_CASELESS; /* Remove for recursive calls */
3463 c = start;
3464
3465 while ((rc = get_othercase_range(&c, end, &oc, &od)) >= 0)
3466 {
3467 /* Handle a single character that has more than one other case. */
3468
3469 if (rc > 0) n8 += add_list_to_class(classbits, uchardptr, options, cd,
3470 PRIV(ucd_caseless_sets) + rc, oc);
3471
3472 /* Do nothing if the other case range is within the original range. */
3473
3474 else if (oc >= start && od <= end) continue;
3475
3476 /* Extend the original range if there is overlap, noting that if oc < c, we
3477 can't have od > end because a subrange is always shorter than the basic
3478 range. Otherwise, use a recursive call to add the additional range. */
3479
3480 else if (oc < start && od >= start - 1) start = oc; /* Extend downwards */
3481 else if (od > end && oc <= end + 1) end = od; /* Extend upwards */
3482 else n8 += add_to_class(classbits, uchardptr, options, cd, oc, od);
3483 }
3484 }
3485 else
3486 #endif /* SUPPORT_UCP */
3487
3488 /* Not UTF-mode, or no UCP */
3489
3490 for (c = start; c <= end && c < 256; c++)
3491 {
3492 SETBIT(classbits, cd->fcc[c]);
3493 n8++;
3494 }
3495 }
3496
3497 /* Now handle the original range. Adjust the final value according to the bit
3498 length - this means that the same lists of (e.g.) horizontal spaces can be used
3499 in all cases. */
3500
3501 #if defined COMPILE_PCRE8
3502 #ifdef SUPPORT_UTF
3503 if ((options & PCRE_UTF8) == 0)
3504 #endif
3505 if (end > 0xff) end = 0xff;
3506
3507 #elif defined COMPILE_PCRE16
3508 #ifdef SUPPORT_UTF
3509 if ((options & PCRE_UTF16) == 0)
3510 #endif
3511 if (end > 0xffff) end = 0xffff;
3512
3513 #endif /* COMPILE_PCRE[8|16] */
3514
3515 /* If all characters are less than 256, use the bit map. Otherwise use extra
3516 data. */
3517
3518 if (end < 0x100)
3519 {
3520 for (c = start; c <= end; c++)
3521 {
3522 n8++;
3523 SETBIT(classbits, c);
3524 }
3525 }
3526
3527 else
3528 {
3529 pcre_uchar *uchardata = *uchardptr;
3530
3531 #ifdef SUPPORT_UTF
3532 if ((options & PCRE_UTF8) != 0) /* All UTFs use the same flag bit */
3533 {
3534 if (start < end)
3535 {
3536 *uchardata++ = XCL_RANGE;
3537 uchardata += PRIV(ord2utf)(start, uchardata);
3538 uchardata += PRIV(ord2utf)(end, uchardata);
3539 }
3540 else if (start == end)
3541 {
3542 *uchardata++ = XCL_SINGLE;
3543 uchardata += PRIV(ord2utf)(start, uchardata);
3544 }
3545 }
3546 else
3547 #endif /* SUPPORT_UTF */
3548
3549 /* Without UTF support, character values are constrained by the bit length,
3550 and can only be > 256 for 16-bit and 32-bit libraries. */
3551
3552 #ifdef COMPILE_PCRE8
3553 {}
3554 #else
3555 if (start < end)
3556 {
3557 *uchardata++ = XCL_RANGE;
3558 *uchardata++ = start;
3559 *uchardata++ = end;
3560 }
3561 else if (start == end)
3562 {
3563 *uchardata++ = XCL_SINGLE;
3564 *uchardata++ = start;
3565 }
3566 #endif
3567
3568 *uchardptr = uchardata; /* Updata extra data pointer */
3569 }
3570
3571 return n8; /* Number of 8-bit characters */
3572 }
3573
3574
3575
3576
3577 /*************************************************
3578 * Add a list of characters to a class *
3579 *************************************************/
3580
3581 /* This function is used for adding a list of case-equivalent characters to a
3582 class, and also for adding a list of horizontal or vertical whitespace. If the
3583 list is in order (which it should be), ranges of characters are detected and
3584 handled appropriately. This function is mutually recursive with the function
3585 above.
3586
3587 Arguments:
3588 classbits the bit map for characters < 256
3589 uchardptr points to the pointer for extra data
3590 options the options word
3591 cd contains pointers to tables etc.
3592 p points to row of 32-bit values, terminated by NOTACHAR
3593 except character to omit; this is used when adding lists of
3594 case-equivalent characters to avoid including the one we
3595 already know about
3596
3597 Returns: the number of < 256 characters added
3598 the pointer to extra data is updated
3599 */
3600
3601 static int
3602 add_list_to_class(pcre_uint8 *classbits, pcre_uchar **uchardptr, int options,
3603 compile_data *cd, const pcre_uint32 *p, unsigned int except)
3604 {
3605 int n8 = 0;
3606 while (p[0] < NOTACHAR)
3607 {
3608 int n = 0;
3609 if (p[0] != except)
3610 {
3611 while(p[n+1] == p[0] + n + 1) n++;
3612 n8 += add_to_class(classbits, uchardptr, options, cd, p[0], p[n]);
3613 }
3614 p += n + 1;
3615 }
3616 return n8;
3617 }
3618
3619
3620
3621 /*************************************************
3622 * Add characters not in a list to a class *
3623 *************************************************/
3624
3625 /* This function is used for adding the complement of a list of horizontal or
3626 vertical whitespace to a class. The list must be in order.
3627
3628 Arguments:
3629 classbits the bit map for characters < 256
3630 uchardptr points to the pointer for extra data
3631 options the options word
3632 cd contains pointers to tables etc.
3633 p points to row of 32-bit values, terminated by NOTACHAR
3634
3635 Returns: the number of < 256 characters added
3636 the pointer to extra data is updated
3637 */
3638
3639 static int
3640 add_not_list_to_class(pcre_uint8 *classbits, pcre_uchar **uchardptr,
3641 int options, compile_data *cd, const pcre_uint32 *p)
3642 {
3643 BOOL utf = (options & PCRE_UTF8) != 0;
3644 int n8 = 0;
3645 if (p[0] > 0)
3646 n8 += add_to_class(classbits, uchardptr, options, cd, 0, p[0] - 1);
3647 while (p[0] < NOTACHAR)
3648 {
3649 while (p[1] == p[0] + 1) p++;
3650 n8 += add_to_class(classbits, uchardptr, options, cd, p[0] + 1,
3651 (p[1] == NOTACHAR) ? (utf ? 0x10ffffu : 0xffffffffu) : p[1] - 1);
3652 p++;
3653 }
3654 return n8;
3655 }
3656
3657
3658
3659 /*************************************************
3660 * Compile one branch *
3661 *************************************************/
3662
3663 /* Scan the pattern, compiling it into the a vector. If the options are
3664 changed during the branch, the pointer is used to change the external options
3665 bits. This function is used during the pre-compile phase when we are trying
3666 to find out the amount of memory needed, as well as during the real compile
3667 phase. The value of lengthptr distinguishes the two phases.
3668
3669 Arguments:
3670 optionsptr pointer to the option bits
3671 codeptr points to the pointer to the current code point
3672 ptrptr points to the current pattern pointer
3673 errorcodeptr points to error code variable
3674 firstcharptr place to put the first required character
3675 firstcharflagsptr place to put the first character flags, or a negative number
3676 reqcharptr place to put the last required character
3677 reqcharflagsptr place to put the last required character flags, or a negative number
3678 bcptr points to current branch chain
3679 cond_depth conditional nesting depth
3680 cd contains pointers to tables etc.
3681 lengthptr NULL during the real compile phase
3682 points to length accumulator during pre-compile phase
3683
3684 Returns: TRUE on success
3685 FALSE, with *errorcodeptr set non-zero on error
3686 */
3687
3688 static BOOL
3689 compile_branch(int *optionsptr, pcre_uchar **codeptr,
3690 const pcre_uchar **ptrptr, int *errorcodeptr,
3691 pcre_uint32 *firstcharptr, pcre_int32 *firstcharflagsptr,
3692 pcre_uint32 *reqcharptr, pcre_int32 *reqcharflagsptr,
3693 branch_chain *bcptr, int cond_depth,
3694 compile_data *cd, int *lengthptr)
3695 {
3696 int repeat_type, op_type;
3697 int repeat_min = 0, repeat_max = 0; /* To please picky compilers */
3698 int bravalue = 0;
3699 int greedy_default, greedy_non_default;
3700 pcre_uint32 firstchar, reqchar;
3701 pcre_int32 firstcharflags, reqcharflags;
3702 pcre_uint32 zeroreqchar, zerofirstchar;
3703 pcre_int32 zeroreqcharflags, zerofirstcharflags;
3704 pcre_int32 req_caseopt, reqvary, tempreqvary;
3705 int options = *optionsptr; /* May change dynamically */
3706 int after_manual_callout = 0;
3707 int length_prevgroup = 0;
3708 register pcre_uint32 c;
3709 int escape;
3710 register pcre_uchar *code = *codeptr;
3711 pcre_uchar *last_code = code;
3712 pcre_uchar *orig_code = code;
3713 pcre_uchar *tempcode;
3714 BOOL inescq = FALSE;
3715 BOOL groupsetfirstchar = FALSE;
3716 const pcre_uchar *ptr = *ptrptr;
3717 const pcre_uchar *tempptr;
3718 const pcre_uchar *nestptr = NULL;
3719 pcre_uchar *previous = NULL;
3720 pcre_uchar *previous_callout = NULL;
3721 pcre_uchar *save_hwm = NULL;
3722 pcre_uint8 classbits[32];
3723
3724 /* We can fish out the UTF-8 setting once and for all into a BOOL, but we
3725 must not do this for other options (e.g. PCRE_EXTENDED) because they may change
3726 dynamically as we process the pattern. */
3727
3728 #ifdef SUPPORT_UTF
3729 /* PCRE_UTF[16|32] have the same value as PCRE_UTF8. */
3730 BOOL utf = (options & PCRE_UTF8) != 0;
3731 #ifndef COMPILE_PCRE32
3732 pcre_uchar utf_chars[6];
3733 #endif
3734 #else
3735 BOOL utf = FALSE;
3736 #endif
3737
3738 /* Helper variables for OP_XCLASS opcode (for characters > 255). We define
3739 class_uchardata always so that it can be passed to add_to_class() always,
3740 though it will not be used in non-UTF 8-bit cases. This avoids having to supply
3741 alternative calls for the different cases. */
3742
3743 pcre_uchar *class_uchardata;
3744 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3745 BOOL xclass;
3746 pcre_uchar *class_uchardata_base;
3747 #endif
3748
3749 #ifdef PCRE_DEBUG
3750 if (lengthptr != NULL) DPRINTF((">> start branch\n"));
3751 #endif
3752
3753 /* Set up the default and non-default settings for greediness */
3754
3755 greedy_default = ((options & PCRE_UNGREEDY) != 0);
3756 greedy_non_default = greedy_default ^ 1;
3757
3758 /* Initialize no first byte, no required byte. REQ_UNSET means "no char
3759 matching encountered yet". It gets changed to REQ_NONE if we hit something that
3760 matches a non-fixed char first char; reqchar just remains unset if we never
3761 find one.
3762
3763 When we hit a repeat whose minimum is zero, we may have to adjust these values
3764 to take the zero repeat into account. This is implemented by setting them to
3765 zerofirstbyte and zeroreqchar when such a repeat is encountered. The individual
3766 item types that can be repeated set these backoff variables appropriately. */
3767
3768 firstchar = reqchar = zerofirstchar = zeroreqchar = 0;
3769 firstcharflags = reqcharflags = zerofirstcharflags = zeroreqcharflags = REQ_UNSET;
3770
3771 /* The variable req_caseopt contains either the REQ_CASELESS value
3772 or zero, according to the current setting of the caseless flag. The
3773 REQ_CASELESS leaves the lower 28 bit empty. It is added into the
3774 firstchar or reqchar variables to record the case status of the
3775 value. This is used only for ASCII characters. */
3776
3777 req_caseopt = ((options & PCRE_CASELESS) != 0)? REQ_CASELESS:0;
3778
3779 /* Switch on next character until the end of the branch */
3780
3781 for (;; ptr++)
3782 {
3783 BOOL negate_class;
3784 BOOL should_flip_negation;
3785 BOOL possessive_quantifier;
3786 BOOL is_quantifier;
3787 BOOL is_recurse;
3788 BOOL reset_bracount;
3789 int class_has_8bitchar;
3790 int class_one_char;
3791 int newoptions;
3792 int recno;
3793 int refsign;
3794 int skipbytes;
3795 pcre_uint32 subreqchar, subfirstchar;
3796 pcre_int32 subreqcharflags, subfirstcharflags;
3797 int terminator;
3798 unsigned int mclength;
3799 int tempbracount;
3800 pcre_uint32 ec;
3801 pcre_uchar mcbuffer[8];
3802
3803 /* Get next character in the pattern */
3804
3805 c = *ptr;
3806
3807 /* If we are at the end of a nested substitution, revert to the outer level
3808 string. Nesting only happens one level deep. */
3809
3810 if (c == 0 && nestptr != NULL)
3811 {
3812 ptr = nestptr;
3813 nestptr = NULL;
3814 c = *ptr;
3815 }
3816
3817 /* If we are in the pre-compile phase, accumulate the length used for the
3818 previous cycle of this loop. */
3819
3820 if (lengthptr != NULL)
3821 {
3822 #ifdef PCRE_DEBUG
3823 if (code > cd->hwm) cd->hwm = code; /* High water info */
3824 #endif
3825 if (code > cd->start_workspace + cd->workspace_size -
3826 WORK_SIZE_SAFETY_MARGIN) /* Check for overrun */
3827 {
3828 *errorcodeptr = ERR52;
3829 goto FAILED;
3830 }
3831
3832 /* There is at least one situation where code goes backwards: this is the
3833 case of a zero quantifier after a class (e.g. [ab]{0}). At compile time,
3834 the class is simply eliminated. However, it is created first, so we have to
3835 allow memory for it. Therefore, don't ever reduce the length at this point.
3836 */
3837
3838 if (code < last_code) code = last_code;
3839
3840 /* Paranoid check for integer overflow */
3841
3842 if (OFLOW_MAX - *lengthptr < code - last_code)
3843 {
3844 *errorcodeptr = ERR20;
3845 goto FAILED;
3846 }
3847
3848 *lengthptr += (int)(code - last_code);
3849 DPRINTF(("length=%d added %d c=%c (0x%x)\n", *lengthptr,
3850 (int)(code - last_code), c, c));
3851
3852 /* If "previous" is set and it is not at the start of the work space, move
3853 it back to there, in order to avoid filling up the work space. Otherwise,
3854 if "previous" is NULL, reset the current code pointer to the start. */
3855
3856 if (previous != NULL)
3857 {
3858 if (previous > orig_code)
3859 {
3860 memmove(orig_code, previous, IN_UCHARS(code - previous));
3861 code -= previous - orig_code;
3862 previous = orig_code;
3863 }
3864 }
3865 else code = orig_code;
3866
3867 /* Remember where this code item starts so we can pick up the length
3868 next time round. */
3869
3870 last_code = code;
3871 }
3872
3873 /* In the real compile phase, just check the workspace used by the forward
3874 reference list. */
3875
3876 else if (cd->hwm > cd->start_workspace + cd->workspace_size -
3877 WORK_SIZE_SAFETY_MARGIN)
3878 {
3879 *errorcodeptr = ERR52;
3880 goto FAILED;
3881 }
3882
3883 /* If in \Q...\E, check for the end; if not, we have a literal */
3884
3885 if (inescq && c != 0)
3886 {
3887 if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E)
3888 {
3889 inescq = FALSE;
3890 ptr++;
3891 continue;
3892 }
3893 else
3894 {
3895 if (previous_callout != NULL)
3896 {
3897 if (lengthptr == NULL) /* Don't attempt in pre-compile phase */
3898 complete_callout(previous_callout, ptr, cd);
3899 previous_callout = NULL;
3900 }
3901 if ((options & PCRE_AUTO_CALLOUT) != 0)
3902 {
3903 previous_callout = code;
3904 code = auto_callout(code, ptr, cd);
3905 }
3906 goto NORMAL_CHAR;
3907 }
3908 }
3909
3910 /* Fill in length of a previous callout, except when the next thing is
3911 a quantifier. */
3912
3913 is_quantifier =
3914 c == CHAR_ASTERISK || c == CHAR_PLUS || c == CHAR_QUESTION_MARK ||
3915 (c == CHAR_LEFT_CURLY_BRACKET && is_counted_repeat(ptr+1));
3916
3917 if (!is_quantifier && previous_callout != NULL &&
3918 after_manual_callout-- <= 0)
3919 {
3920 if (lengthptr == NULL) /* Don't attempt in pre-compile phase */
3921 complete_callout(previous_callout, ptr, cd);
3922 previous_callout = NULL;
3923 }
3924
3925 /* In extended mode, skip white space and comments. */
3926
3927 if ((options & PCRE_EXTENDED) != 0)
3928 {
3929 if (MAX_255(*ptr) && (cd->ctypes[c] & ctype_space) != 0) continue;
3930 if (c == CHAR_NUMBER_SIGN)
3931 {
3932 ptr++;
3933 while (*ptr != 0)
3934 {
3935 if (IS_NEWLINE(ptr)) { ptr += cd->nllen - 1; break; }
3936 ptr++;
3937 #ifdef SUPPORT_UTF
3938 if (utf) FORWARDCHAR(ptr);
3939 #endif
3940 }
3941 if (*ptr != 0) continue;
3942
3943 /* Else fall through to handle end of string */
3944 c = 0;
3945 }
3946 }
3947
3948 /* No auto callout for quantifiers. */
3949
3950 if ((options & PCRE_AUTO_CALLOUT) != 0 && !is_quantifier)
3951 {
3952 previous_callout = code;
3953 code = auto_callout(code, ptr, cd);
3954 }
3955
3956 switch(c)
3957 {
3958 /* ===================================================================*/
3959 case 0: /* The branch terminates at string end */
3960 case CHAR_VERTICAL_LINE: /* or | or ) */
3961 case CHAR_RIGHT_PARENTHESIS:
3962 *firstcharptr = firstchar;
3963 *firstcharflagsptr = firstcharflags;
3964 *reqcharptr = reqchar;
3965 *reqcharflagsptr = reqcharflags;
3966 *codeptr = code;
3967 *ptrptr = ptr;
3968 if (lengthptr != NULL)
3969 {
3970 if (OFLOW_MAX - *lengthptr < code - last_code)
3971 {
3972 *errorcodeptr = ERR20;
3973 goto FAILED;
3974 }
3975 *lengthptr += (int)(code - last_code); /* To include callout length */
3976 DPRINTF((">> end branch\n"));
3977 }
3978 return TRUE;
3979
3980
3981 /* ===================================================================*/
3982 /* Handle single-character metacharacters. In multiline mode, ^ disables
3983 the setting of any following char as a first character. */
3984
3985 case CHAR_CIRCUMFLEX_ACCENT:
3986 previous = NULL;
3987 if ((options & PCRE_MULTILINE) != 0)
3988 {
3989 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
3990 *code++ = OP_CIRCM;
3991 }
3992 else *code++ = OP_CIRC;
3993 break;
3994
3995 case CHAR_DOLLAR_SIGN:
3996 previous = NULL;
3997 *code++ = ((options & PCRE_MULTILINE) != 0)? OP_DOLLM : OP_DOLL;
3998 break;
3999
4000 /* There can never be a first char if '.' is first, whatever happens about
4001 repeats. The value of reqchar doesn't change either. */
4002
4003 case CHAR_DOT:
4004 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
4005 zerofirstchar = firstchar;
4006 zerofirstcharflags = firstcharflags;
4007 zeroreqchar = reqchar;
4008 zeroreqcharflags = reqcharflags;
4009 previous = code;
4010 *code++ = ((options & PCRE_DOTALL) != 0)? OP_ALLANY: OP_ANY;
4011 break;
4012
4013
4014 /* ===================================================================*/
4015 /* Character classes. If the included characters are all < 256, we build a
4016 32-byte bitmap of the permitted characters, except in the special case
4017 where there is only one such character. For negated classes, we build the
4018 map as usual, then invert it at the end. However, we use a different opcode
4019 so that data characters > 255 can be handled correctly.
4020
4021 If the class contains characters outside the 0-255 range, a different
4022 opcode is compiled. It may optionally have a bit map for characters < 256,
4023 but those above are are explicitly listed afterwards. A flag byte tells
4024 whether the bitmap is present, and whether this is a negated class or not.
4025
4026 In JavaScript compatibility mode, an isolated ']' causes an error. In
4027 default (Perl) mode, it is treated as a data character. */
4028
4029 case CHAR_RIGHT_SQUARE_BRACKET:
4030 if ((cd->external_options & PCRE_JAVASCRIPT_COMPAT) != 0)
4031 {
4032 *errorcodeptr = ERR64;
4033 goto FAILED;
4034 }
4035 goto NORMAL_CHAR;
4036
4037 case CHAR_LEFT_SQUARE_BRACKET:
4038 previous = code;
4039
4040 /* PCRE supports POSIX class stuff inside a class. Perl gives an error if
4041 they are encountered at the top level, so we'll do that too. */
4042
4043 if ((ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
4044 ptr[1] == CHAR_EQUALS_SIGN) &&
4045 check_posix_syntax(ptr, &tempptr))
4046 {
4047 *errorcodeptr = (ptr[1] == CHAR_COLON)? ERR13 : ERR31;
4048 goto FAILED;
4049 }
4050
4051 /* If the first character is '^', set the negation flag and skip it. Also,
4052 if the first few characters (either before or after ^) are \Q\E or \E we
4053 skip them too. This makes for compatibility with Perl. */
4054
4055 negate_class = FALSE;
4056 for (;;)
4057 {
4058 c = *(++ptr);
4059 if (c == CHAR_BACKSLASH)
4060 {
4061 if (ptr[1] == CHAR_E)
4062 ptr++;
4063 else if (STRNCMP_UC_C8(ptr + 1, STR_Q STR_BACKSLASH STR_E, 3) == 0)
4064 ptr += 3;
4065 else
4066 break;
4067 }
4068 else if (!negate_class && c == CHAR_CIRCUMFLEX_ACCENT)
4069 negate_class = TRUE;
4070 else break;
4071 }
4072
4073 /* Empty classes are allowed in JavaScript compatibility mode. Otherwise,
4074 an initial ']' is taken as a data character -- the code below handles
4075 that. In JS mode, [] must always fail, so generate OP_FAIL, whereas
4076 [^] must match any character, so generate OP_ALLANY. */
4077
4078 if (c == CHAR_RIGHT_SQUARE_BRACKET &&
4079 (cd->external_options & PCRE_JAVASCRIPT_COMPAT) != 0)
4080 {
4081 *code++ = negate_class? OP_ALLANY : OP_FAIL;
4082 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
4083 zerofirstchar = firstchar;
4084 zerofirstcharflags = firstcharflags;
4085 break;
4086 }
4087
4088 /* If a class contains a negative special such as \S, we need to flip the
4089 negation flag at the end, so that support for characters > 255 works
4090 correctly (they are all included in the class). */
4091
4092 should_flip_negation = FALSE;
4093
4094 /* For optimization purposes, we track some properties of the class:
4095 class_has_8bitchar will be non-zero if the class contains at least one <
4096 256 character; class_one_char will be 1 if the class contains just one
4097 character. */
4098
4099 class_has_8bitchar = 0;
4100 class_one_char = 0;
4101
4102 /* Initialize the 32-char bit map to all zeros. We build the map in a
4103 temporary bit of memory, in case the class contains fewer than two
4104 8-bit characters because in that case the compiled code doesn't use the bit
4105 map. */
4106
4107 memset(classbits, 0, 32 * sizeof(pcre_uint8));
4108
4109 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4110 xclass = FALSE;
4111 class_uchardata = code + LINK_SIZE + 2; /* For XCLASS items */
4112 class_uchardata_base = class_uchardata; /* Save the start */
4113 #endif
4114
4115 /* Process characters until ] is reached. By writing this as a "do" it
4116 means that an initial ] is taken as a data character. At the start of the
4117 loop, c contains the first byte of the character. */
4118
4119 if (c != 0) do
4120 {
4121 const pcre_uchar *oldptr;
4122
4123 #ifdef SUPPORT_UTF
4124 if (utf && HAS_EXTRALEN(c))
4125 { /* Braces are required because the */
4126 GETCHARLEN(c, ptr, ptr); /* macro generates multiple statements */
4127 }
4128 #endif
4129
4130 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4131 /* In the pre-compile phase, accumulate the length of any extra
4132 data and reset the pointer. This is so that very large classes that
4133 contain a zillion > 255 characters no longer overwrite the work space
4134 (which is on the stack). We have to remember that there was XCLASS data,
4135 however. */
4136
4137 if (lengthptr != NULL && class_uchardata > class_uchardata_base)
4138 {
4139 xclass = TRUE;
4140 *lengthptr += class_uchardata - class_uchardata_base;
4141 class_uchardata = class_uchardata_base;
4142 }
4143 #endif
4144
4145 /* Inside \Q...\E everything is literal except \E */
4146
4147 if (inescq)
4148 {
4149 if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E) /* If we are at \E */
4150 {
4151 inescq = FALSE; /* Reset literal state */
4152 ptr++; /* Skip the 'E' */
4153 continue; /* Carry on with next */
4154 }
4155 goto CHECK_RANGE; /* Could be range if \E follows */
4156 }
4157
4158 /* Handle POSIX class names. Perl allows a negation extension of the
4159 form [:^name:]. A square bracket that doesn't match the syntax is
4160 treated as a literal. We also recognize the POSIX constructions
4161 [.ch.] and [=ch=] ("collating elements") and fault them, as Perl
4162 5.6 and 5.8 do. */
4163
4164 if (c == CHAR_LEFT_SQUARE_BRACKET &&
4165 (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
4166 ptr[1] == CHAR_EQUALS_SIGN) && check_posix_syntax(ptr, &tempptr))
4167 {
4168 BOOL local_negate = FALSE;
4169 int posix_class, taboffset, tabopt;
4170 register const pcre_uint8 *cbits = cd->cbits;
4171 pcre_uint8 pbits[32];
4172
4173 if (ptr[1] != CHAR_COLON)
4174 {
4175 *errorcodeptr = ERR31;
4176 goto FAILED;
4177 }
4178
4179 ptr += 2;
4180 if (*ptr == CHAR_CIRCUMFLEX_ACCENT)
4181 {
4182 local_negate = TRUE;
4183 should_flip_negation = TRUE; /* Note negative special */
4184 ptr++;
4185 }
4186
4187 posix_class = check_posix_name(ptr, (int)(tempptr - ptr));
4188 if (posix_class < 0)
4189 {
4190 *errorcodeptr = ERR30;
4191 goto FAILED;
4192 }
4193
4194 /* If matching is caseless, upper and lower are converted to
4195 alpha. This relies on the fact that the class table starts with
4196 alpha, lower, upper as the first 3 entries. */
4197
4198 if ((options & PCRE_CASELESS) != 0 && posix_class <= 2)
4199 posix_class = 0;
4200
4201 /* When PCRE_UCP is set, some of the POSIX classes are converted to
4202 different escape sequences that use Unicode properties. */
4203
4204 #ifdef SUPPORT_UCP
4205 if ((options & PCRE_UCP) != 0)
4206 {
4207 int pc = posix_class + ((local_negate)? POSIX_SUBSIZE/2 : 0);
4208 if (posix_substitutes[pc] != NULL)
4209 {
4210 nestptr = tempptr + 1;
4211 ptr = posix_substitutes[pc] - 1;
4212 continue;
4213 }
4214 }
4215 #endif
4216 /* In the non-UCP case, we build the bit map for the POSIX class in a
4217 chunk of local store because we may be adding and subtracting from it,
4218 and we don't want to subtract bits that may be in the main map already.
4219 At the end we or the result into the bit map that is being built. */
4220
4221 posix_class *= 3;
4222
4223 /* Copy in the first table (always present) */
4224
4225 memcpy(pbits, cbits + posix_class_maps[posix_class],
4226 32 * sizeof(pcre_uint8));
4227
4228 /* If there is a second table, add or remove it as required. */
4229
4230 taboffset = posix_class_maps[posix_class + 1];
4231 tabopt = posix_class_maps[posix_class + 2];
4232
4233 if (taboffset >= 0)
4234 {
4235 if (tabopt >= 0)
4236 for (c = 0; c < 32; c++) pbits[c] |= cbits[c + taboffset];
4237 else
4238 for (c = 0; c < 32; c++) pbits[c] &= ~cbits[c + taboffset];
4239 }
4240
4241 /* Now see if we need to remove any special characters. An option
4242 value of 1 removes vertical space and 2 removes underscore. */
4243
4244 if (tabopt < 0) tabopt = -tabopt;
4245 if (tabopt == 1) pbits[1] &= ~0x3c;
4246 else if (tabopt == 2) pbits[11] &= 0x7f;
4247
4248 /* Add the POSIX table or its complement into the main table that is
4249 being built and we are done. */
4250
4251 if (local_negate)
4252 for (c = 0; c < 32; c++) classbits[c] |= ~pbits[c];
4253 else
4254 for (c = 0; c < 32; c++) classbits[c] |= pbits[c];
4255
4256 ptr = tempptr + 1;
4257 /* Every class contains at least one < 256 character. */
4258 class_has_8bitchar = 1;
4259 /* Every class contains at least two characters. */
4260 class_one_char = 2;
4261 continue; /* End of POSIX syntax handling */
4262 }
4263
4264 /* Backslash may introduce a single character, or it may introduce one
4265 of the specials, which just set a flag. The sequence \b is a special
4266 case. Inside a class (and only there) it is treated as backspace. We
4267 assume that other escapes have more than one character in them, so
4268 speculatively set both class_has_8bitchar and class_one_char bigger
4269 than one. Unrecognized escapes fall through and are either treated
4270 as literal characters (by default), or are faulted if
4271 PCRE_EXTRA is set. */
4272
4273 if (c == CHAR_BACKSLASH)
4274 {
4275 escape = check_escape(&ptr, &ec, errorcodeptr, cd->bracount, options, TRUE);
4276
4277 if (*errorcodeptr != 0) goto FAILED;
4278
4279 if (escape == 0)
4280 c = ec;
4281 else if (escape == ESC_b) c = CHAR_BS; /* \b is backspace in a class */
4282 else if (escape == ESC_N) /* \N is not supported in a class */
4283 {
4284 *errorcodeptr = ERR71;
4285 goto FAILED;
4286 }
4287 else if (escape == ESC_Q) /* Handle start of quoted string */
4288 {
4289 if (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
4290 {
4291 ptr += 2; /* avoid empty string */
4292 }
4293 else inescq = TRUE;
4294 continue;
4295 }
4296 else if (escape == ESC_E) continue; /* Ignore orphan \E */
4297
4298 else
4299 {
4300 register const pcre_uint8 *cbits = cd->cbits;
4301 /* Every class contains at least two < 256 characters. */
4302 class_has_8bitchar++;
4303 /* Every class contains at least two characters. */
4304 class_one_char += 2;
4305
4306 switch (escape)
4307 {
4308 #ifdef SUPPORT_UCP
4309 case ESC_du: /* These are the values given for \d etc */
4310 case ESC_DU: /* when PCRE_UCP is set. We replace the */
4311 case ESC_wu: /* escape sequence with an appropriate \p */
4312 case ESC_WU: /* or \P to test Unicode properties instead */
4313 case ESC_su: /* of the default ASCII testing. */
4314 case ESC_SU:
4315 nestptr = ptr;
4316 ptr = substitutes[escape - ESC_DU] - 1; /* Just before substitute */
4317 class_has_8bitchar--; /* Undo! */
4318 continue;
4319 #endif
4320 case ESC_d:
4321 for (c = 0; c < 32; c++) classbits[c] |= cbits[c+cbit_digit];
4322 continue;
4323
4324 case ESC_D:
4325 should_flip_negation = TRUE;
4326 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_digit];
4327 continue;
4328
4329 case ESC_w:
4330 for (c = 0; c < 32; c++) classbits[c] |= cbits[c+cbit_word];
4331 continue;
4332
4333 case ESC_W:
4334 should_flip_negation = TRUE;
4335 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_word];
4336 continue;
4337
4338 /* Perl 5.004 onwards omits VT from \s, but we must preserve it
4339 if it was previously set by something earlier in the character
4340 class. Luckily, the value of CHAR_VT is 0x0b in both ASCII and
4341 EBCDIC, so we lazily just adjust the appropriate bit. */
4342
4343 case ESC_s:
4344 classbits[0] |= cbits[cbit_space];
4345 classbits[1] |= cbits[cbit_space+1] & ~0x08;
4346 for (c = 2; c < 32; c++) classbits[c] |= cbits[c+cbit_space];
4347 continue;
4348
4349 case ESC_S:
4350 should_flip_negation = TRUE;
4351 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_space];
4352 classbits[1] |= 0x08; /* Perl 5.004 onwards omits VT from \s */
4353 continue;
4354
4355 /* The rest apply in both UCP and non-UCP cases. */
4356
4357 case ESC_h:
4358 (void)add_list_to_class(classbits, &class_uchardata, options, cd,
4359 PRIV(hspace_list), NOTACHAR);
4360 continue;
4361
4362 case ESC_H:
4363 (void)add_not_list_to_class(classbits, &class_uchardata, options,
4364 cd, PRIV(hspace_list));
4365 continue;
4366
4367 case ESC_v:
4368 (void)add_list_to_class(classbits, &class_uchardata, options, cd,
4369 PRIV(vspace_list), NOTACHAR);
4370 continue;
4371
4372 case ESC_V:
4373 (void)add_not_list_to_class(classbits, &class_uchardata, options,
4374 cd, PRIV(vspace_list));
4375 continue;
4376
4377 #ifdef SUPPORT_UCP
4378 case ESC_p:
4379 case ESC_P:
4380 {
4381 BOOL negated;
4382 unsigned int ptype = 0, pdata = 0;
4383 if (!get_ucp(&ptr, &negated, &ptype, &pdata, errorcodeptr))
4384 goto FAILED;
4385 *class_uchardata++ = ((escape == ESC_p) != negated)?
4386 XCL_PROP : XCL_NOTPROP;
4387 *class_uchardata++ = ptype;
4388 *class_uchardata++ = pdata;
4389 class_has_8bitchar--; /* Undo! */
4390 continue;
4391 }
4392 #endif
4393 /* Unrecognized escapes are faulted if PCRE is running in its
4394 strict mode. By default, for compatibility with Perl, they are
4395 treated as literals. */
4396
4397 default:
4398 if ((options & PCRE_EXTRA) != 0)
4399 {
4400 *errorcodeptr = ERR7;
4401 goto FAILED;
4402 }
4403 class_has_8bitchar--; /* Undo the speculative increase. */
4404 class_one_char -= 2; /* Undo the speculative increase. */
4405 c = *ptr; /* Get the final character and fall through */
4406 break;
4407 }
4408 }
4409
4410 /* Fall through if the escape just defined a single character (c >= 0).
4411 This may be greater than 256. */
4412
4413 escape = 0;
4414
4415 } /* End of backslash handling */
4416
4417 /* A character may be followed by '-' to form a range. However, Perl does
4418 not permit ']' to be the end of the range. A '-' character at the end is
4419 treated as a literal. Perl ignores orphaned \E sequences entirely. The
4420 code for handling \Q and \E is messy. */
4421
4422 CHECK_RANGE:
4423 while (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
4424 {
4425 inescq = FALSE;
4426 ptr += 2;
4427 }
4428 oldptr = ptr;
4429
4430 /* Remember if \r or \n were explicitly used */
4431
4432 if (c == CHAR_CR || c == CHAR_NL) cd->external_flags |= PCRE_HASCRORLF;
4433
4434 /* Check for range */
4435
4436 if (!inescq && ptr[1] == CHAR_MINUS)
4437 {
4438 pcre_uint32 d;
4439 ptr += 2;
4440 while (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_E) ptr += 2;
4441
4442 /* If we hit \Q (not followed by \E) at this point, go into escaped
4443 mode. */
4444
4445 while (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_Q)
4446 {
4447 ptr += 2;
4448 if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_E)
4449 { ptr += 2; continue; }
4450 inescq = TRUE;
4451 break;
4452 }
4453
4454 /* Minus (hyphen) at the end of a class is treated as a literal, so put
4455 back the pointer and jump to handle the character that preceded it. */
4456
4457 if (*ptr == 0 || (!inescq && *ptr == CHAR_RIGHT_SQUARE_BRACKET))
4458 {
4459 ptr = oldptr;
4460 goto CLASS_SINGLE_CHARACTER;
4461 }
4462
4463 /* Otherwise, we have a potential range; pick up the next character */
4464
4465 #ifdef SUPPORT_UTF
4466 if (utf)
4467 { /* Braces are required because the */
4468 GETCHARLEN(d, ptr, ptr); /* macro generates multiple statements */
4469 }
4470 else
4471 #endif
4472 d = *ptr; /* Not UTF-8 mode */
4473
4474 /* The second part of a range can be a single-character escape, but
4475 not any of the other escapes. Perl 5.6 treats a hyphen as a literal
4476 in such circumstances. */
4477
4478 if (!inescq && d == CHAR_BACKSLASH)
4479 {
4480 int descape;
4481 descape = check_escape(&ptr, &d, errorcodeptr, cd->bracount, options, TRUE);
4482 if (*errorcodeptr != 0) goto FAILED;
4483
4484 /* \b is backspace; any other special means the '-' was literal. */
4485
4486 if (descape != 0)
4487 {
4488 if (descape == ESC_b) d = CHAR_BS; else
4489 {
4490 ptr = oldptr;
4491 goto CLASS_SINGLE_CHARACTER; /* A few lines below */
4492 }
4493 }
4494 }
4495
4496 /* Check that the two values are in the correct order. Optimize
4497 one-character ranges. */
4498
4499 if (d < c)
4500 {
4501 *errorcodeptr = ERR8;
4502 goto FAILED;
4503 }
4504 if (d == c) goto CLASS_SINGLE_CHARACTER; /* A few lines below */
4505
4506 /* We have found a character range, so single character optimizations
4507 cannot be done anymore. Any value greater than 1 indicates that there
4508 is more than one character. */
4509
4510 class_one_char = 2;
4511
4512 /* Remember an explicit \r or \n, and add the range to the class. */
4513
4514 if (d == CHAR_CR || d == CHAR_NL) cd->external_flags |= PCRE_HASCRORLF;
4515
4516 class_has_8bitchar +=
4517 add_to_class(classbits, &class_uchardata, options, cd, c, d);
4518
4519 continue; /* Go get the next char in the class */
4520 }
4521
4522 /* Handle a single character - we can get here for a normal non-escape
4523 char, or after \ that introduces a single character or for an apparent
4524 range that isn't. Only the value 1 matters for class_one_char, so don't
4525 increase it if it is already 2 or more ... just in case there's a class
4526 with a zillion characters in it. */
4527
4528 CLASS_SINGLE_CHARACTER:
4529 if (class_one_char < 2) class_one_char++;
4530
4531 /* If class_one_char is 1, we have the first single character in the
4532 class, and there have been no prior ranges, or XCLASS items generated by
4533 escapes. If this is the final character in the class, we can optimize by
4534 turning the item into a 1-character OP_CHAR[I] if it's positive, or
4535 OP_NOT[I] if it's negative. In the positive case, it can cause firstchar
4536 to be set. Otherwise, there can be no first char if this item is first,
4537 whatever repeat count may follow. In the case of reqchar, save the
4538 previous value for reinstating. */
4539
4540 if (class_one_char == 1 && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
4541 {
4542 ptr++;
4543 zeroreqchar = reqchar;
4544 zeroreqcharflags = reqcharflags;
4545
4546 if (negate_class)
4547 {
4548 #ifdef SUPPORT_UCP
4549 int d;
4550 #endif
4551 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
4552 zerofirstchar = firstchar;
4553 zerofirstcharflags = firstcharflags;
4554
4555 /* For caseless UTF-8 mode when UCP support is available, check
4556 whether this character has more than one other case. If so, generate
4557 a special OP_NOTPROP item instead of OP_NOTI. */
4558
4559 #ifdef SUPPORT_UCP
4560 if (utf && (options & PCRE_CASELESS) != 0 &&
4561 (d = UCD_CASESET(c)) != 0)
4562 {
4563 *code++ = OP_NOTPROP;
4564 *code++ = PT_CLIST;
4565 *code++ = d;
4566 }
4567 else
4568 #endif
4569 /* Char has only one other case, or UCP not available */
4570
4571 {
4572 *code++ = ((options & PCRE_CASELESS) != 0)? OP_NOTI: OP_NOT;
4573 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4574 if (utf && c > MAX_VALUE_FOR_SINGLE_CHAR)
4575 code += PRIV(ord2utf)(c, code);
4576 else
4577 #endif
4578 *code++ = c;
4579 }
4580
4581 /* We are finished with this character class */
4582
4583 goto END_CLASS;
4584 }
4585
4586 /* For a single, positive character, get the value into mcbuffer, and
4587 then we can handle this with the normal one-character code. */
4588
4589 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4590 if (utf && c > MAX_VALUE_FOR_SINGLE_CHAR)
4591 mclength = PRIV(ord2utf)(c, mcbuffer);
4592 else
4593 #endif
4594 {
4595 mcbuffer[0] = c;
4596 mclength = 1;
4597 }
4598 goto ONE_CHAR;
4599 } /* End of 1-char optimization */
4600
4601 /* There is more than one character in the class, or an XCLASS item
4602 has been generated. Add this character to the class. */
4603
4604 class_has_8bitchar +=
4605 add_to_class(classbits, &class_uchardata, options, cd, c, c);
4606 }
4607
4608 /* Loop until ']' reached. This "while" is the end of the "do" far above.
4609 If we are at the end of an internal nested string, revert to the outer
4610 string. */
4611
4612 while (((c = *(++ptr)) != 0 ||
4613 (nestptr != NULL &&
4614 (ptr = nestptr, nestptr = NULL, c = *(++ptr)) != 0)) &&
4615 (c != CHAR_RIGHT_SQUARE_BRACKET || inescq));
4616
4617 /* Check for missing terminating ']' */
4618
4619 if (c == 0)
4620 {
4621 *errorcodeptr = ERR6;
4622 goto FAILED;
4623 }
4624
4625 /* We will need an XCLASS if data has been placed in class_uchardata. In
4626 the second phase this is a sufficient test. However, in the pre-compile
4627 phase, class_uchardata gets emptied to prevent workspace overflow, so it
4628 only if the very last character in the class needs XCLASS will it contain
4629 anything at this point. For this reason, xclass gets set TRUE above when
4630 uchar_classdata is emptied, and that's why this code is the way it is here
4631 instead of just doing a test on class_uchardata below. */
4632
4633 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4634 if (class_uchardata > class_uchardata_base) xclass = TRUE;
4635 #endif
4636
4637 /* If this is the first thing in the branch, there can be no first char
4638 setting, whatever the repeat count. Any reqchar setting must remain
4639 unchanged after any kind of repeat. */
4640
4641 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
4642 zerofirstchar = firstchar;
4643 zerofirstcharflags = firstcharflags;
4644 zeroreqchar = reqchar;
4645 zeroreqcharflags = reqcharflags;
4646
4647 /* If there are characters with values > 255, we have to compile an
4648 extended class, with its own opcode, unless there was a negated special
4649 such as \S in the class, and PCRE_UCP is not set, because in that case all
4650 characters > 255 are in the class, so any that were explicitly given as
4651 well can be ignored. If (when there are explicit characters > 255 that must
4652 be listed) there are no characters < 256, we can omit the bitmap in the
4653 actual compiled code. */
4654
4655 #ifdef SUPPORT_UTF
4656 if (xclass && (!should_flip_negation || (options & PCRE_UCP) != 0))
4657 #elif !defined COMPILE_PCRE8
4658 if (xclass && !should_flip_negation)
4659 #endif
4660 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4661 {
4662 *class_uchardata++ = XCL_END; /* Marks the end of extra data */
4663 *code++ = OP_XCLASS;
4664 code += LINK_SIZE;
4665 *code = negate_class? XCL_NOT:0;
4666
4667 /* If the map is required, move up the extra data to make room for it;
4668 otherwise just move the code pointer to the end of the extra data. */
4669
4670 if (class_has_8bitchar > 0)
4671 {
4672 *code++ |= XCL_MAP;
4673 memmove(code + (32 / sizeof(pcre_uchar)), code,
4674 IN_UCHARS(class_uchardata - code));
4675 memcpy(code, classbits, 32);
4676 code = class_uchardata + (32 / sizeof(pcre_uchar));
4677 }
4678 else code = class_uchardata;
4679
4680 /* Now fill in the complete length of the item */
4681
4682 PUT(previous, 1, (int)(code - previous));
4683 break; /* End of class handling */
4684 }
4685 #endif
4686
4687 /* If there are no characters > 255, or they are all to be included or
4688 excluded, set the opcode to OP_CLASS or OP_NCLASS, depending on whether the
4689 whole class was negated and whether there were negative specials such as \S
4690 (non-UCP) in the class. Then copy the 32-byte map into the code vector,
4691 negating it if necessary. */
4692
4693 *code++ = (negate_class == should_flip_negation) ? OP_CLASS : OP_NCLASS;
4694 if (lengthptr == NULL) /* Save time in the pre-compile phase */
4695 {
4696 if (negate_class)
4697 for (c = 0; c < 32; c++) classbits[c] = ~classbits[c];
4698 memcpy(code, classbits, 32);
4699 }
4700 code += 32 / sizeof(pcre_uchar);
4701
4702 END_CLASS:
4703 break;
4704
4705
4706 /* ===================================================================*/
4707 /* Various kinds of repeat; '{' is not necessarily a quantifier, but this
4708 has been tested above. */
4709
4710 case CHAR_LEFT_CURLY_BRACKET:
4711 if (!is_quantifier) goto NORMAL_CHAR;
4712 ptr = read_repeat_counts(ptr+1, &repeat_min, &repeat_max, errorcodeptr);
4713 if (*errorcodeptr != 0) goto FAILED;
4714 goto REPEAT;
4715
4716 case CHAR_ASTERISK:
4717 repeat_min = 0;
4718 repeat_max = -1;
4719 goto REPEAT;
4720
4721 case CHAR_PLUS:
4722 repeat_min = 1;
4723 repeat_max = -1;
4724 goto REPEAT;
4725
4726 case CHAR_QUESTION_MARK:
4727 repeat_min = 0;
4728 repeat_max = 1;
4729
4730 REPEAT:
4731 if (previous == NULL)
4732 {
4733 *errorcodeptr = ERR9;
4734 goto FAILED;
4735 }
4736
4737 if (repeat_min == 0)
4738 {
4739 firstchar = zerofirstchar; /* Adjust for zero repeat */
4740 firstcharflags = zerofirstcharflags;
4741 reqchar = zeroreqchar; /* Ditto */
4742 reqcharflags = zeroreqcharflags;
4743 }
4744
4745 /* Remember whether this is a variable length repeat */
4746
4747 reqvary = (repeat_min == repeat_max)? 0 : REQ_VARY;
4748
4749 op_type = 0; /* Default single-char op codes */
4750 possessive_quantifier = FALSE; /* Default not possessive quantifier */
4751
4752 /* Save start of previous item, in case we have to move it up in order to
4753 insert something before it. */
4754
4755 tempcode = previous;
4756
4757 /* If the next character is '+', we have a possessive quantifier. This
4758 implies greediness, whatever the setting of the PCRE_UNGREEDY option.
4759 If the next character is '?' this is a minimizing repeat, by default,
4760 but if PCRE_UNGREEDY is set, it works the other way round. We change the
4761 repeat type to the non-default. */
4762
4763 if (ptr[1] == CHAR_PLUS)
4764 {
4765 repeat_type = 0; /* Force greedy */
4766 possessive_quantifier = TRUE;
4767 ptr++;
4768 }
4769 else if (ptr[1] == CHAR_QUESTION_MARK)
4770 {
4771 repeat_type = greedy_non_default;
4772 ptr++;
4773 }
4774 else repeat_type = greedy_default;
4775
4776 /* If previous was a recursion call, wrap it in atomic brackets so that
4777 previous becomes the atomic group. All recursions were so wrapped in the
4778 past, but it no longer happens for non-repeated recursions. In fact, the
4779 repeated ones could be re-implemented independently so as not to need this,
4780 but for the moment we rely on the code for repeating groups. */
4781
4782 if (*previous == OP_RECURSE)
4783 {
4784 memmove(previous + 1 + LINK_SIZE, previous, IN_UCHARS(1 + LINK_SIZE));
4785 *previous = OP_ONCE;
4786 PUT(previous, 1, 2 + 2*LINK_SIZE);
4787 previous[2 + 2*LINK_SIZE] = OP_KET;
4788 PUT(previous, 3 + 2*LINK_SIZE, 2 + 2*LINK_SIZE);
4789 code += 2 + 2 * LINK_SIZE;
4790 length_prevgroup = 3 + 3*LINK_SIZE;
4791
4792 /* When actually compiling, we need to check whether this was a forward
4793 reference, and if so, adjust the offset. */
4794
4795 if (lengthptr == NULL && cd->hwm >= cd->start_workspace + LINK_SIZE)
4796 {
4797 int offset = GET(cd->hwm, -LINK_SIZE);
4798 if (offset == previous + 1 - cd->start_code)
4799 PUT(cd->hwm, -LINK_SIZE, offset + 1 + LINK_SIZE);
4800 }
4801 }
4802
4803 /* Now handle repetition for the different types of item. */
4804
4805 /* If previous was a character or negated character match, abolish the item
4806 and generate a repeat item instead. If a char item has a minimum of more
4807 than one, ensure that it is set in reqchar - it might not be if a sequence
4808 such as x{3} is the first thing in a branch because the x will have gone
4809 into firstchar instead. */
4810
4811 if (*previous == OP_CHAR || *previous == OP_CHARI
4812 || *previous == OP_NOT || *previous == OP_NOTI)
4813 {
4814 switch (*previous)
4815 {
4816 default: /* Make compiler happy. */
4817 case OP_CHAR: op_type = OP_STAR - OP_STAR; break;
4818 case OP_CHARI: op_type = OP_STARI - OP_STAR; break;
4819 case OP_NOT: op_type = OP_NOTSTAR - OP_STAR; break;
4820 case OP_NOTI: op_type = OP_NOTSTARI - OP_STAR; break;
4821 }
4822
4823 /* Deal with UTF characters that take up more than one character. It's
4824 easier to write this out separately than try to macrify it. Use c to
4825 hold the length of the character in bytes, plus UTF_LENGTH to flag that
4826 it's a length rather than a small character. */
4827
4828 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4829 if (utf && NOT_FIRSTCHAR(code[-1]))
4830 {
4831 pcre_uchar *lastchar = code - 1;
4832 BACKCHAR(lastchar);
4833 c = (int)(code - lastchar); /* Length of UTF-8 character */
4834 memcpy(utf_chars, lastchar, IN_UCHARS(c)); /* Save the char */
4835 c |= UTF_LENGTH; /* Flag c as a length */
4836 }
4837 else
4838 #endif /* SUPPORT_UTF */
4839
4840 /* Handle the case of a single charater - either with no UTF support, or
4841 with UTF disabled, or for a single character UTF character. */
4842 {
4843 c = code[-1];
4844 if (*previous <= OP_CHARI && repeat_min > 1)
4845 {
4846 reqchar = c;
4847 reqcharflags = req_caseopt | cd->req_varyopt;
4848 }
4849 }
4850
4851 /* If the repetition is unlimited, it pays to see if the next thing on
4852 the line is something that cannot possibly match this character. If so,
4853 automatically possessifying this item gains some performance in the case
4854 where the match fails. */
4855
4856 if (!possessive_quantifier &&
4857 repeat_max < 0 &&
4858 check_auto_possessive(previous, utf, ptr + 1, options, cd))
4859 {
4860 repeat_type = 0; /* Force greedy */
4861 possessive_quantifier = TRUE;
4862 }
4863
4864 goto OUTPUT_SINGLE_REPEAT; /* Code shared with single character types */
4865 }
4866
4867 /* If previous was a character type match (\d or similar), abolish it and
4868 create a suitable repeat item. The code is shared with single-character
4869 repeats by setting op_type to add a suitable offset into repeat_type. Note
4870 the the Unicode property types will be present only when SUPPORT_UCP is
4871 defined, but we don't wrap the little bits of code here because it just
4872 makes it horribly messy. */
4873
4874 else if (*previous < OP_EODN)
4875 {
4876 pcre_uchar *oldcode;
4877 int prop_type, prop_value;
4878 op_type = OP_TYPESTAR - OP_STAR; /* Use type opcodes */
4879 c = *previous;
4880
4881 if (!possessive_quantifier &&
4882 repeat_max < 0 &&
4883 check_auto_possessive(previous, utf, ptr + 1, options, cd))
4884 {
4885 repeat_type = 0; /* Force greedy */
4886 possessive_quantifier = TRUE;
4887 }
4888
4889 OUTPUT_SINGLE_REPEAT:
4890 if (*previous == OP_PROP || *previous == OP_NOTPROP)
4891 {
4892 prop_type = previous[1];
4893 prop_value = previous[2];
4894 }
4895 else prop_type = prop_value = -1;
4896
4897 oldcode = code;
4898 code = previous; /* Usually overwrite previous item */
4899
4900 /* If the maximum is zero then the minimum must also be zero; Perl allows
4901 this case, so we do too - by simply omitting the item altogether. */
4902
4903 if (repeat_max == 0) goto END_REPEAT;
4904
4905 /*--------------------------------------------------------------------*/
4906 /* This code is obsolete from release 8.00; the restriction was finally
4907 removed: */
4908
4909 /* All real repeats make it impossible to handle partial matching (maybe
4910 one day we will be able to remove this restriction). */
4911
4912 /* if (repeat_max != 1) cd->external_flags |= PCRE_NOPARTIAL; */
4913 /*--------------------------------------------------------------------*/
4914
4915 /* Combine the op_type with the repeat_type */
4916
4917 repeat_type += op_type;
4918
4919 /* A minimum of zero is handled either as the special case * or ?, or as
4920 an UPTO, with the maximum given. */
4921
4922 if (repeat_min == 0)
4923 {
4924 if (repeat_max == -1) *code++ = OP_STAR + repeat_type;
4925 else if (repeat_max == 1) *code++ = OP_QUERY + repeat_type;
4926 else
4927 {
4928 *code++ = OP_UPTO + repeat_type;
4929 PUT2INC(code, 0, repeat_max);
4930 }
4931 }
4932
4933 /* A repeat minimum of 1 is optimized into some special cases. If the
4934 maximum is unlimited, we use OP_PLUS. Otherwise, the original item is
4935 left in place and, if the maximum is greater than 1, we use OP_UPTO with
4936 one less than the maximum. */
4937
4938 else if (repeat_min == 1)
4939 {
4940 if (repeat_max == -1)
4941 *code++ = OP_PLUS + repeat_type;
4942 else
4943 {
4944 code = oldcode; /* leave previous item in place */
4945 if (repeat_max == 1) goto END_REPEAT;
4946 *code++ = OP_UPTO + repeat_type;
4947 PUT2INC(code, 0, repeat_max - 1);
4948 }
4949 }
4950
4951 /* The case {n,n} is just an EXACT, while the general case {n,m} is
4952 handled as an EXACT followed by an UPTO. */
4953
4954 else
4955 {
4956 *code++ = OP_EXACT + op_type; /* NB EXACT doesn't have repeat_type */
4957 PUT2INC(code, 0, repeat_min);
4958
4959 /* If the maximum is unlimited, insert an OP_STAR. Before doing so,
4960 we have to insert the character for the previous code. For a repeated
4961 Unicode property match, there are two extra bytes that define the
4962 required property. In UTF-8 mode, long characters have their length in
4963 c, with the UTF_LENGTH bit as a flag. */
4964
4965 if (repeat_max < 0)
4966 {
4967 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4968 if (utf && (c & UTF_LENGTH) != 0)
4969 {
4970 memcpy(code, utf_chars, IN_UCHARS(c & 7));
4971 code += c & 7;
4972 }
4973 else
4974 #endif
4975 {
4976 *code++ = c;
4977 if (prop_type >= 0)
4978 {
4979 *code++ = prop_type;
4980 *code++ = prop_value;
4981 }
4982 }
4983 *code++ = OP_STAR + repeat_type;
4984 }
4985
4986 /* Else insert an UPTO if the max is greater than the min, again
4987 preceded by the character, for the previously inserted code. If the
4988 UPTO is just for 1 instance, we can use QUERY instead. */
4989
4990 else if (repeat_max != repeat_min)
4991 {
4992 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4993 if (utf && (c & UTF_LENGTH) != 0)
4994 {
4995 memcpy(code, utf_chars, IN_UCHARS(c & 7));
4996 code += c & 7;
4997 }
4998 else
4999 #endif
5000 *code++ = c;
5001 if (prop_type >= 0)
5002 {
5003 *code++ = prop_type;
5004 *code++ = prop_value;
5005 }
5006 repeat_max -= repeat_min;
5007
5008 if (repeat_max == 1)
5009 {
5010 *code++ = OP_QUERY + repeat_type;
5011 }
5012 else
5013 {
5014 *code++ = OP_UPTO + repeat_type;
5015 PUT2INC(code, 0, repeat_max);
5016 }
5017 }
5018 }
5019
5020 /* The character or character type itself comes last in all cases. */
5021
5022 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
5023 if (utf && (c & UTF_LENGTH) != 0)
5024 {
5025 memcpy(code, utf_chars, IN_UCHARS(c & 7));
5026 code += c & 7;
5027 }
5028 else
5029 #endif
5030 *code++ = c;
5031
5032 /* For a repeated Unicode property match, there are two extra bytes that
5033 define the required property. */
5034
5035 #ifdef SUPPORT_UCP
5036 if (prop_type >= 0)
5037 {
5038 *code++ = prop_type;
5039 *code++ = prop_value;
5040 }
5041 #endif
5042 }
5043
5044 /* If previous was a character class or a back reference, we put the repeat
5045 stuff after it, but just skip the item if the repeat was {0,0}. */
5046
5047 else if (*previous == OP_CLASS ||
5048 *previous == OP_NCLASS ||
5049 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
5050 *previous == OP_XCLASS ||
5051 #endif
5052 *previous == OP_REF ||
5053 *previous == OP_REFI)
5054 {
5055 if (repeat_max == 0)
5056 {
5057 code = previous;
5058 goto END_REPEAT;
5059 }
5060
5061 /*--------------------------------------------------------------------*/
5062 /* This code is obsolete from release 8.00; the restriction was finally
5063 removed: */
5064
5065 /* All real repeats make it impossible to handle partial matching (maybe
5066 one day we will be able to remove this restriction). */
5067
5068 /* if (repeat_max != 1) cd->external_flags |= PCRE_NOPARTIAL; */
5069 /*--------------------------------------------------------------------*/
5070
5071 if (repeat_min == 0 && repeat_max == -1)
5072 *code++ = OP_CRSTAR + repeat_type;
5073 else if (repeat_min == 1 && repeat_max == -1)
5074 *code++ = OP_CRPLUS + repeat_type;
5075 else if (repeat_min == 0 && repeat_max == 1)
5076 *code++ = OP_CRQUERY + repeat_type;
5077 else
5078 {
5079 *code++ = OP_CRRANGE + repeat_type;
5080 PUT2INC(code, 0, repeat_min);
5081 if (repeat_max == -1) repeat_max = 0; /* 2-byte encoding for max */
5082 PUT2INC(code, 0, repeat_max);
5083 }
5084 }
5085
5086 /* If previous was a bracket group, we may have to replicate it in certain
5087 cases. Note that at this point we can encounter only the "basic" bracket
5088 opcodes such as BRA and CBRA, as this is the place where they get converted
5089 into the more special varieties such as BRAPOS and SBRA. A test for >=
5090 OP_ASSERT and <= OP_COND includes ASSERT, ASSERT_NOT, ASSERTBACK,
5091 ASSERTBACK_NOT, ONCE, BRA, CBRA, and COND. Originally, PCRE did not allow
5092 repetition of assertions, but now it does, for Perl compatibility. */
5093
5094 else if (*previous >= OP_ASSERT && *previous <= OP_COND)
5095 {
5096 register int i;
5097 int len = (int)(code - previous);
5098 pcre_uchar *bralink = NULL;
5099 pcre_uchar *brazeroptr = NULL;
5100
5101 /* Repeating a DEFINE group is pointless, but Perl allows the syntax, so
5102 we just ignore the repeat. */
5103
5104 if (*previous == OP_COND && previous[LINK_SIZE+1] == OP_DEF)
5105 goto END_REPEAT;
5106
5107 /* There is no sense in actually repeating assertions. The only potential
5108 use of repetition is in cases when the assertion is optional. Therefore,
5109 if the minimum is greater than zero, just ignore the repeat. If the
5110 maximum is not not zero or one, set it to 1. */
5111
5112 if (*previous < OP_ONCE) /* Assertion */
5113 {
5114 if (repeat_min > 0) goto END_REPEAT;
5115 if (repeat_max < 0 || repeat_max > 1) repeat_max = 1;
5116 }
5117
5118 /* The case of a zero minimum is special because of the need to stick
5119 OP_BRAZERO in front of it, and because the group appears once in the
5120 data, whereas in other cases it appears the minimum number of times. For
5121 this reason, it is simplest to treat this case separately, as otherwise
5122 the code gets far too messy. There are several special subcases when the
5123 minimum is zero. */
5124
5125 if (repeat_min == 0)
5126 {
5127 /* If the maximum is also zero, we used to just omit the group from the
5128 output altogether, like this:
5129
5130 ** if (repeat_max == 0)
5131 ** {
5132 ** code = previous;
5133 ** goto END_REPEAT;
5134 ** }
5135
5136 However, that fails when a group or a subgroup within it is referenced
5137 as a subroutine from elsewhere in the pattern, so now we stick in
5138 OP_SKIPZERO in front of it so that it is skipped on execution. As we
5139 don't have a list of which groups are referenced, we cannot do this
5140 selectively.
5141
5142 If the maximum is 1 or unlimited, we just have to stick in the BRAZERO
5143 and do no more at this point. However, we do need to adjust any
5144 OP_RECURSE calls inside the group that refer to the group itself or any
5145 internal or forward referenced group, because the offset is from the
5146 start of the whole regex. Temporarily terminate the pattern while doing
5147 this. */
5148
5149 if (repeat_max <= 1) /* Covers 0, 1, and unlimited */
5150 {
5151 *code = OP_END;
5152 adjust_recurse(previous, 1, utf, cd, save_hwm);
5153 memmove(previous + 1, previous, IN_UCHARS(len));
5154 code++;
5155 if (repeat_max == 0)
5156 {
5157 *previous++ = OP_SKIPZERO;
5158 goto END_REPEAT;
5159 }
5160 brazeroptr = previous; /* Save for possessive optimizing */
5161 *previous++ = OP_BRAZERO + repeat_type;
5162 }
5163
5164 /* If the maximum is greater than 1 and limited, we have to replicate
5165 in a nested fashion, sticking OP_BRAZERO before each set of brackets.
5166 The first one has to be handled carefully because it's the original
5167 copy, which has to be moved up. The remainder can be handled by code
5168 that is common with the non-zero minimum case below. We have to
5169 adjust the value or repeat_max, since one less copy is required. Once
5170 again, we may have to adjust any OP_RECURSE calls inside the group. */
5171
5172 else
5173 {
5174 int offset;
5175 *code = OP_END;
5176 adjust_recurse(previous, 2 + LINK_SIZE, utf, cd, save_hwm);
5177 memmove(previous + 2 + LINK_SIZE, previous, IN_UCHARS(len));
5178 code += 2 + LINK_SIZE;
5179 *previous++ = OP_BRAZERO + repeat_type;
5180 *previous++ = OP_BRA;
5181
5182 /* We chain together the bracket offset fields that have to be
5183 filled in later when the ends of the brackets are reached. */
5184
5185 offset = (bralink == NULL)? 0 : (int)(previous - bralink);
5186 bralink = previous;
5187 PUTINC(previous, 0, offset);
5188 }
5189
5190 repeat_max--;
5191 }
5192
5193 /* If the minimum is greater than zero, replicate the group as many
5194 times as necessary, and adjust the maximum to the number of subsequent
5195 copies that we need. If we set a first char from the group, and didn't
5196 set a required char, copy the latter from the former. If there are any
5197 forward reference subroutine calls in the group, there will be entries on
5198 the workspace list; replicate these with an appropriate increment. */
5199
5200 else
5201 {
5202 if (repeat_min > 1)
5203 {
5204 /* In the pre-compile phase, we don't actually do the replication. We
5205 just adjust the length as if we had. Do some paranoid checks for
5206 potential integer overflow. The INT64_OR_DOUBLE type is a 64-bit
5207 integer type when available, otherwise double. */
5208
5209 if (lengthptr != NULL)
5210 {
5211 int delta = (repeat_min - 1)*length_prevgroup;
5212 if ((INT64_OR_DOUBLE)(repeat_min - 1)*
5213 (INT64_OR_DOUBLE)length_prevgroup >
5214 (INT64_OR_DOUBLE)INT_MAX ||
5215 OFLOW_MAX - *lengthptr < delta)
5216 {
5217 *errorcodeptr = ERR20;
5218 goto FAILED;
5219 }
5220 *lengthptr += delta;
5221 }
5222
5223 /* This is compiling for real. If there is a set first byte for
5224 the group, and we have not yet set a "required byte", set it. Make
5225 sure there is enough workspace for copying forward references before
5226 doing the copy. */
5227
5228 else
5229 {
5230 if (groupsetfirstchar && reqcharflags < 0)
5231 {
5232 reqchar = firstchar;
5233 reqcharflags = firstcharflags;
5234 }
5235
5236 for (i = 1; i < repeat_min; i++)
5237 {
5238 pcre_uchar *hc;
5239 pcre_uchar *this_hwm = cd->hwm;
5240 memcpy(code, previous, IN_UCHARS(len));
5241
5242 while (cd->hwm > cd->start_workspace + cd->workspace_size -
5243 WORK_SIZE_SAFETY_MARGIN - (this_hwm - save_hwm))
5244 {
5245 int save_offset = save_hwm - cd->start_workspace;
5246 int this_offset = this_hwm - cd->start_workspace;
5247 *errorcodeptr = expand_workspace(cd);
5248 if (*errorcodeptr != 0) goto FAILED;
5249 save_hwm = (pcre_uchar *)cd->start_workspace + save_offset;
5250 this_hwm = (pcre_uchar *)cd->start_workspace + this_offset;
5251 }
5252
5253 for (hc = save_hwm; hc < this_hwm; hc += LINK_SIZE)
5254 {
5255 PUT(cd->hwm, 0, GET(hc, 0) + len);
5256 cd->hwm += LINK_SIZE;
5257 }
5258 save_hwm = this_hwm;
5259 code += len;
5260 }
5261 }
5262 }
5263
5264 if (repeat_max > 0) repeat_max -= repeat_min;
5265 }
5266
5267 /* This code is common to both the zero and non-zero minimum cases. If
5268 the maximum is limited, it replicates the group in a nested fashion,
5269 remembering the bracket starts on a stack. In the case of a zero minimum,
5270 the first one was set up above. In all cases the repeat_max now specifies
5271 the number of additional copies needed. Again, we must remember to
5272 replicate entries on the forward reference list. */
5273
5274 if (repeat_max >= 0)
5275 {
5276 /* In the pre-compile phase, we don't actually do the replication. We
5277 just adjust the length as if we had. For each repetition we must add 1
5278 to the length for BRAZERO and for all but the last repetition we must
5279 add 2 + 2*LINKSIZE to allow for the nesting that occurs. Do some
5280 paranoid checks to avoid integer overflow. The INT64_OR_DOUBLE type is
5281 a 64-bit integer type when available, otherwise double. */
5282
5283 if (lengthptr != NULL && repeat_max > 0)
5284 {
5285 int delta = repeat_max * (length_prevgroup + 1 + 2 + 2*LINK_SIZE) -
5286 2 - 2*LINK_SIZE; /* Last one doesn't nest */
5287 if ((INT64_OR_DOUBLE)repeat_max *
5288 (INT64_OR_DOUBLE)(length_prevgroup + 1 + 2 + 2*LINK_SIZE)
5289 > (INT64_OR_DOUBLE)INT_MAX ||
5290 OFLOW_MAX - *lengthptr < delta)
5291 {
5292 *errorcodeptr = ERR20;
5293 goto FAILED;
5294 }
5295 *lengthptr += delta;
5296 }
5297
5298 /* This is compiling for real */
5299
5300 else for (i = repeat_max - 1; i >= 0; i--)
5301 {
5302 pcre_uchar *hc;
5303 pcre_uchar *this_hwm = cd->hwm;
5304
5305 *code++ = OP_BRAZERO + repeat_type;
5306
5307 /* All but the final copy start a new nesting, maintaining the
5308 chain of brackets outstanding. */
5309
5310 if (i != 0)
5311 {
5312 int offset;
5313 *code++ = OP_BRA;
5314 offset = (bralink == NULL)? 0 : (int)(code - bralink);
5315 bralink = code;
5316 PUTINC(code, 0, offset);
5317 }
5318
5319 memcpy(code, previous, IN_UCHARS(len));
5320
5321 /* Ensure there is enough workspace for forward references before
5322 copying them. */
5323
5324 while (cd->hwm > cd->start_workspace + cd->workspace_size -
5325 WORK_SIZE_SAFETY_MARGIN - (this_hwm - save_hwm))
5326 {
5327 int save_offset = save_hwm - cd->start_workspace;
5328 int this_offset = this_hwm - cd->start_workspace;
5329 *errorcodeptr = expand_workspace(cd);
5330 if (*errorcodeptr != 0) goto FAILED;
5331 save_hwm = (pcre_uchar *)cd->start_workspace + save_offset;
5332 this_hwm = (pcre_uchar *)cd->start_workspace + this_offset;
5333 }
5334
5335 for (hc = save_hwm; hc < this_hwm; hc += LINK_SIZE)
5336 {
5337 PUT(cd->hwm, 0, GET(hc, 0) + len + ((i != 0)? 2+LINK_SIZE : 1));
5338 cd->hwm += LINK_SIZE;
5339 }
5340 save_hwm = this_hwm;
5341 code += len;
5342 }
5343
5344 /* Now chain through the pending brackets, and fill in their length
5345 fields (which are holding the chain links pro tem). */
5346
5347 while (bralink != NULL)
5348 {
5349 int oldlinkoffset;
5350 int offset = (int)(code - bralink + 1);
5351 pcre_uchar *bra = code - offset;
5352 oldlinkoffset = GET(bra, 1);
5353 bralink = (oldlinkoffset == 0)? NULL : bralink - oldlinkoffset;
5354 *code++ = OP_KET;
5355 PUTINC(code, 0, offset);
5356 PUT(bra, 1, offset);
5357 }
5358 }
5359
5360 /* If the maximum is unlimited, set a repeater in the final copy. For
5361 ONCE brackets, that's all we need to do. However, possessively repeated
5362 ONCE brackets can be converted into non-capturing brackets, as the
5363 behaviour of (?:xx)++ is the same as (?>xx)++ and this saves having to
5364 deal with possessive ONCEs specially.
5365
5366 Otherwise, when we are doing the actual compile phase, check to see
5367 whether this group is one that could match an empty string. If so,
5368 convert the initial operator to the S form (e.g. OP_BRA -> OP_SBRA) so
5369 that runtime checking can be done. [This check is also applied to ONCE
5370 groups at runtime, but in a different way.]
5371
5372 Then, if the quantifier was possessive and the bracket is not a
5373 conditional, we convert the BRA code to the POS form, and the KET code to
5374 KETRPOS. (It turns out to be convenient at runtime to detect this kind of
5375 subpattern at both the start and at the end.) The use of special opcodes
5376 makes it possible to reduce greatly the stack usage in pcre_exec(). If
5377 the group is preceded by OP_BRAZERO, convert this to OP_BRAPOSZERO.
5378
5379 Then, if the minimum number of matches is 1 or 0, cancel the possessive
5380 flag so that the default action below, of wrapping everything inside
5381 atomic brackets, does not happen. When the minimum is greater than 1,
5382 there will be earlier copies of the group, and so we still have to wrap
5383 the whole thing. */
5384
5385 else
5386 {
5387 pcre_uchar *ketcode = code - 1 - LINK_SIZE;
5388 pcre_uchar *bracode = ketcode - GET(ketcode, 1);
5389
5390 /* Convert possessive ONCE brackets to non-capturing */
5391
5392 if ((*bracode == OP_ONCE || *bracode == OP_ONCE_NC) &&
5393 possessive_quantifier) *bracode = OP_BRA;
5394
5395 /* For non-possessive ONCE brackets, all we need to do is to
5396 set the KET. */
5397
5398 if (*bracode == OP_ONCE || *bracode == OP_ONCE_NC)
5399 *ketcode = OP_KETRMAX + repeat_type;
5400
5401 /* Handle non-ONCE brackets and possessive ONCEs (which have been
5402 converted to non-capturing above). */
5403
5404 else
5405 {
5406 /* In the compile phase, check for empty string matching. */
5407
5408 if (lengthptr == NULL)
5409 {
5410 pcre_uchar *scode = bracode;
5411 do
5412 {
5413 if (could_be_empty_branch(scode, ketcode, utf, cd))
5414 {
5415 *bracode += OP_SBRA - OP_BRA;
5416 break;
5417 }
5418 scode += GET(scode, 1);
5419 }
5420 while (*scode == OP_ALT);
5421 }
5422
5423 /* Handle possessive quantifiers. */
5424
5425 if (possessive_quantifier)
5426 {
5427 /* For COND brackets, we wrap the whole thing in a possessively
5428 repeated non-capturing bracket, because we have not invented POS
5429 versions of the COND opcodes. Because we are moving code along, we
5430 must ensure that any pending recursive references are updated. */
5431
5432 if (*bracode == OP_COND || *bracode == OP_SCOND)
5433 {
5434 int nlen = (int)(code - bracode);
5435 *code = OP_END;
5436 adjust_recurse(bracode, 1 + LINK_SIZE, utf, cd, save_hwm);
5437 memmove(bracode + 1 + LINK_SIZE, bracode, IN_UCHARS(nlen));
5438 code += 1 + LINK_SIZE;
5439 nlen += 1 + LINK_SIZE;
5440 *bracode = OP_BRAPOS;
5441 *code++ = OP_KETRPOS;
5442 PUTINC(code, 0, nlen);
5443 PUT(bracode, 1, nlen);
5444 }
5445
5446 /* For non-COND brackets, we modify the BRA code and use KETRPOS. */
5447
5448 else
5449 {
5450 *bracode += 1; /* Switch to xxxPOS opcodes */
5451 *ketcode = OP_KETRPOS;
5452 }
5453
5454 /* If the minimum is zero, mark it as possessive, then unset the
5455 possessive flag when the minimum is 0 or 1. */
5456
5457 if (brazeroptr != NULL) *brazeroptr = OP_BRAPOSZERO;
5458 if (repeat_min < 2) possessive_quantifier = FALSE;
5459 }
5460
5461 /* Non-possessive quantifier */
5462
5463 else *ketcode = OP_KETRMAX + repeat_type;
5464 }
5465 }
5466 }
5467
5468 /* If previous is OP_FAIL, it was generated by an empty class [] in
5469 JavaScript mode. The other ways in which OP_FAIL can be generated, that is
5470 by (*FAIL) or (?!) set previous to NULL, which gives a "nothing to repeat"
5471 error above. We can just ignore the repeat in JS case. */
5472
5473 else if (*previous == OP_FAIL) goto END_REPEAT;
5474
5475 /* Else there's some kind of shambles */
5476
5477 else
5478 {
5479 *errorcodeptr = ERR11;
5480 goto FAILED;
5481 }
5482
5483 /* If the character following a repeat is '+', or if certain optimization
5484 tests above succeeded, possessive_quantifier is TRUE. For some opcodes,
5485 there are special alternative opcodes for this case. For anything else, we
5486 wrap the entire repeated item inside OP_ONCE brackets. Logically, the '+'
5487 notation is just syntactic sugar, taken from Sun's Java package, but the
5488 special opcodes can optimize it.
5489
5490 Some (but not all) possessively repeated subpatterns have already been
5491 completely handled in the code just above. For them, possessive_quantifier
5492 is always FALSE at this stage.
5493
5494 Note that the repeated item starts at tempcode, not at previous, which
5495 might be the first part of a string whose (former) last char we repeated.
5496
5497 Possessifying an 'exact' quantifier has no effect, so we can ignore it. But
5498 an 'upto' may follow. We skip over an 'exact' item, and then test the
5499 length of what remains before proceeding. */
5500
5501 if (possessive_quantifier)
5502 {
5503 int len;
5504
5505 if (*tempcode == OP_TYPEEXACT)
5506 tempcode += PRIV(OP_lengths)[*tempcode] +
5507 ((tempcode[1 + IMM2_SIZE] == OP_PROP
5508 || tempcode[1 + IMM2_SIZE] == OP_NOTPROP)? 2 : 0);
5509
5510 else if (*tempcode == OP_EXACT || *tempcode == OP_NOTEXACT)
5511 {
5512 tempcode += PRIV(OP_lengths)[*tempcode];
5513 #ifdef SUPPORT_UTF
5514 if (utf && HAS_EXTRALEN(tempcode[-1]))
5515 tempcode += GET_EXTRALEN(tempcode[-1]);
5516 #endif
5517 }
5518
5519 len = (int)(code - tempcode);
5520 if (len > 0) switch (*tempcode)
5521 {
5522 case OP_STAR: *tempcode = OP_POSSTAR; break;
5523 case OP_PLUS: *tempcode = OP_POSPLUS; break;
5524 case OP_QUERY: *tempcode = OP_POSQUERY; break;
5525 case OP_UPTO: *tempcode = OP_POSUPTO; break;
5526
5527 case OP_STARI: *tempcode = OP_POSSTARI; break;
5528 case OP_PLUSI: *tempcode = OP_POSPLUSI; break;
5529 case OP_QUERYI: *tempcode = OP_POSQUERYI; break;
5530 case OP_UPTOI: *tempcode = OP_POSUPTOI; break;
5531
5532 case OP_NOTSTAR: *tempcode = OP_NOTPOSSTAR; break;
5533 case OP_NOTPLUS: *tempcode = OP_NOTPOSPLUS; break;
5534 case OP_NOTQUERY: *tempcode = OP_NOTPOSQUERY; break;
5535 case OP_NOTUPTO: *tempcode = OP_NOTPOSUPTO; break;
5536
5537 case OP_NOTSTARI: *tempcode = OP_NOTPOSSTARI; break;
5538 case OP_NOTPLUSI: *tempcode = OP_NOTPOSPLUSI; break;
5539 case OP_NOTQUERYI: *tempcode = OP_NOTPOSQUERYI; break;
5540 case OP_NOTUPTOI: *tempcode = OP_NOTPOSUPTOI; break;
5541
5542 case OP_TYPESTAR: *tempcode = OP_TYPEPOSSTAR; break;
5543 case OP_TYPEPLUS: *tempcode = OP_TYPEPOSPLUS; break;
5544 case OP_TYPEQUERY: *tempcode = OP_TYPEPOSQUERY; break;
5545 case OP_TYPEUPTO: *tempcode = OP_TYPEPOSUPTO; break;
5546
5547 /* Because we are moving code along, we must ensure that any
5548 pending recursive references are updated. */
5549
5550 default:
5551 *code = OP_END;
5552 adjust_recurse(tempcode, 1 + LINK_SIZE, utf, cd, save_hwm);
5553 memmove(tempcode + 1 + LINK_SIZE, tempcode, IN_UCHARS(len));
5554 code += 1 + LINK_SIZE;
5555 len += 1 + LINK_SIZE;
5556 tempcode[0] = OP_ONCE;
5557 *code++ = OP_KET;
5558 PUTINC(code, 0, len);
5559 PUT(tempcode, 1, len);
5560 break;
5561 }
5562 }
5563
5564 /* In all case we no longer have a previous item. We also set the
5565 "follows varying string" flag for subsequently encountered reqchars if
5566 it isn't already set and we have just passed a varying length item. */
5567
5568 END_REPEAT:
5569 previous = NULL;
5570 cd->req_varyopt |= reqvary;
5571 break;
5572
5573
5574 /* ===================================================================*/
5575 /* Start of nested parenthesized sub-expression, or comment or lookahead or
5576 lookbehind or option setting or condition or all the other extended
5577 parenthesis forms. */
5578
5579 case CHAR_LEFT_PARENTHESIS:
5580 newoptions = options;
5581 skipbytes = 0;
5582 bravalue = OP_CBRA;
5583 save_hwm = cd->hwm;
5584 reset_bracount = FALSE;
5585
5586 /* First deal with various "verbs" that can be introduced by '*'. */
5587
5588 ptr++;
5589 if (ptr[0] == CHAR_ASTERISK && (ptr[1] == ':'
5590 || (MAX_255(ptr[1]) && ((cd->ctypes[ptr[1]] & ctype_letter) != 0))))
5591 {
5592 int i, namelen;
5593 int arglen = 0;
5594 const char *vn = verbnames;
5595 const pcre_uchar *name = ptr + 1;
5596 const pcre_uchar *arg = NULL;
5597 previous = NULL;
5598 ptr++;
5599 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_letter) != 0) ptr++;
5600 namelen = (int)(ptr - name);
5601
5602 /* It appears that Perl allows any characters whatsoever, other than
5603 a closing parenthesis, to appear in arguments, so we no longer insist on
5604 letters, digits, and underscores. */
5605
5606 if (*ptr == CHAR_COLON)
5607 {
5608 arg = ++ptr;
5609 while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
5610 arglen = (int)(ptr - arg);
5611 if ((unsigned int)arglen > MAX_MARK)
5612 {
5613 *errorcodeptr = ERR75;
5614 goto FAILED;
5615 }
5616 }
5617
5618 if (*ptr != CHAR_RIGHT_PARENTHESIS)
5619 {
5620 *errorcodeptr = ERR60;
5621 goto FAILED;
5622 }
5623
5624 /* Scan the table of verb names */
5625
5626 for (i = 0; i < verbcount; i++)
5627 {
5628 if (namelen == verbs[i].len &&
5629 STRNCMP_UC_C8(name, vn, namelen) == 0)
5630 {
5631 int setverb;
5632
5633 /* Check for open captures before ACCEPT and convert it to
5634 ASSERT_ACCEPT if in an assertion. */
5635
5636 if (verbs[i].op == OP_ACCEPT)
5637 {
5638 open_capitem *oc;
5639 if (arglen != 0)
5640 {
5641 *errorcodeptr = ERR59;
5642 goto FAILED;
5643 }
5644 cd->had_accept = TRUE;
5645 for (oc = cd->open_caps; oc != NULL; oc = oc->next)
5646 {
5647 *code++ = OP_CLOSE;
5648 PUT2INC(code, 0, oc->number);
5649 }
5650 setverb = *code++ =
5651 (cd->assert_depth > 0)? OP_ASSERT_ACCEPT : OP_ACCEPT;
5652
5653 /* Do not set firstchar after *ACCEPT */
5654 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
5655 }
5656
5657 /* Handle other cases with/without an argument */
5658
5659 else if (arglen == 0)
5660 {
5661 if (verbs[i].op < 0) /* Argument is mandatory */
5662 {
5663 *errorcodeptr = ERR66;
5664 goto FAILED;
5665 }
5666 setverb = *code++ = verbs[i].op;
5667 }
5668
5669 else
5670 {
5671 if (verbs[i].op_arg < 0) /* Argument is forbidden */
5672 {
5673 *errorcodeptr = ERR59;
5674 goto FAILED;
5675 }
5676 setverb = *code++ = verbs[i].op_arg;
5677 *code++ = arglen;
5678 memcpy(code, arg, IN_UCHARS(arglen));
5679 code += arglen;
5680 *code++ = 0;
5681 }
5682
5683 switch (setverb)
5684 {
5685 case OP_THEN:
5686 case OP_THEN_ARG:
5687 cd->external_flags |= PCRE_HASTHEN;
5688 break;
5689
5690 case OP_PRUNE:
5691 case OP_PRUNE_ARG:
5692 case OP_SKIP:
5693 case OP_SKIP_ARG:
5694 cd->had_pruneorskip = TRUE;
5695 break;
5696 }
5697
5698 break; /* Found verb, exit loop */
5699 }
5700
5701 vn += verbs[i].len + 1;
5702 }
5703
5704 if (i < verbcount) continue; /* Successfully handled a verb */
5705 *errorcodeptr = ERR60; /* Verb not recognized */
5706 goto FAILED;
5707 }
5708
5709 /* Deal with the extended parentheses; all are introduced by '?', and the
5710 appearance of any of them means that this is not a capturing group. */
5711
5712 else if (*ptr == CHAR_QUESTION_MARK)
5713 {
5714 int i, set, unset, namelen;
5715 int *optset;
5716 const pcre_uchar *name;
5717 pcre_uchar *slot;
5718
5719 switch (*(++ptr))
5720 {
5721 case CHAR_NUMBER_SIGN: /* Comment; skip to ket */
5722 ptr++;
5723 while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
5724 if (*ptr == 0)
5725 {
5726 *errorcodeptr = ERR18;
5727 goto FAILED;
5728 }
5729 continue;
5730
5731
5732 /* ------------------------------------------------------------ */
5733 case CHAR_VERTICAL_LINE: /* Reset capture count for each branch */
5734 reset_bracount = TRUE;
5735 /* Fall through */
5736
5737 /* ------------------------------------------------------------ */
5738 case CHAR_COLON: /* Non-capturing bracket */
5739 bravalue = OP_BRA;
5740 ptr++;
5741 break;
5742
5743
5744 /* ------------------------------------------------------------ */
5745 case CHAR_LEFT_PARENTHESIS:
5746 bravalue = OP_COND; /* Conditional group */
5747
5748 /* A condition can be an assertion, a number (referring to a numbered
5749 group), a name (referring to a named group), or 'R', referring to
5750 recursion. R<digits> and R&name are also permitted for recursion tests.
5751
5752 There are several syntaxes for testing a named group: (?(name)) is used
5753 by Python; Perl 5.10 onwards uses (?(<name>) or (?('name')).
5754
5755 There are two unfortunate ambiguities, caused by history. (a) 'R' can
5756 be the recursive thing or the name 'R' (and similarly for 'R' followed
5757 by digits), and (b) a number could be a name that consists of digits.
5758 In both cases, we look for a name first; if not found, we try the other
5759 cases. */
5760
5761 /* For conditions that are assertions, check the syntax, and then exit
5762 the switch. This will take control down to where bracketed groups,
5763 including assertions, are processed. */
5764
5765 if (ptr[1] == CHAR_QUESTION_MARK && (ptr[2] == CHAR_EQUALS_SIGN ||
5766 ptr[2] == CHAR_EXCLAMATION_MARK || ptr[2] == CHAR_LESS_THAN_SIGN))
5767 break;
5768
5769 /* Most other conditions use OP_CREF (a couple change to OP_RREF
5770 below), and all need to skip 1+IMM2_SIZE bytes at the start of the group. */
5771
5772 code[1+LINK_SIZE] = OP_CREF;
5773 skipbytes = 1+IMM2_SIZE;
5774 refsign = -1;
5775
5776 /* Check for a test for recursion in a named group. */
5777
5778 if (ptr[1] == CHAR_R && ptr[2] == CHAR_AMPERSAND)
5779 {
5780 terminator = -1;
5781 ptr += 2;
5782 code[1+LINK_SIZE] = OP_RREF; /* Change the type of test */
5783 }
5784
5785 /* Check for a test for a named group's having been set, using the Perl
5786 syntax (?(<name>) or (?('name') */
5787
5788 else if (ptr[1] == CHAR_LESS_THAN_SIGN)
5789 {
5790 terminator = CHAR_GREATER_THAN_SIGN;
5791 ptr++;
5792 }
5793 else if (ptr[1] == CHAR_APOSTROPHE)
5794 {
5795 terminator = CHAR_APOSTROPHE;
5796 ptr++;
5797 }
5798 else
5799 {
5800 terminator = 0;
5801 if (ptr[1] == CHAR_MINUS || ptr[1] == CHAR_PLUS) refsign = *(++ptr);
5802 }
5803
5804 /* We now expect to read a name; any thing else is an error */
5805
5806 if (!MAX_255(ptr[1]) || (cd->ctypes[ptr[1]] & ctype_word) == 0)
5807 {
5808 ptr += 1; /* To get the right offset */
5809 *errorcodeptr = ERR28;
5810 goto FAILED;
5811 }
5812
5813 /* Read the name, but also get it as a number if it's all digits */
5814
5815 recno = 0;
5816 name = ++ptr;
5817 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_word) != 0)
5818 {
5819 if (recno >= 0)
5820 recno = (IS_DIGIT(*ptr))? recno * 10 + (int)(*ptr - CHAR_0) : -1;
5821 ptr++;
5822 }
5823 namelen = (int)(ptr - name);
5824
5825 if ((terminator > 0 && *ptr++ != (pcre_uchar)terminator) ||
5826 *ptr++ != CHAR_RIGHT_PARENTHESIS)
5827 {
5828 ptr--; /* Error offset */
5829 *errorcodeptr = ERR26;
5830 goto FAILED;
5831 }
5832
5833 /* Do no further checking in the pre-compile phase. */
5834
5835 if (lengthptr != NULL) break;
5836
5837 /* In the real compile we do the work of looking for the actual
5838 reference. If the string started with "+" or "-" we require the rest to
5839 be digits, in which case recno will be set. */
5840
5841 if (refsign > 0)
5842 {
5843 if (recno <= 0)
5844 {
5845 *errorcodeptr = ERR58;
5846 goto FAILED;
5847 }
5848 recno = (refsign == CHAR_MINUS)?
5849 cd->bracount - recno + 1 : recno +cd->bracount;
5850 if (recno <= 0 || recno > cd->final_bracount)
5851 {
5852 *errorcodeptr = ERR15;
5853 goto FAILED;
5854 }
5855 PUT2(code, 2+LINK_SIZE, recno);
5856 break;
5857 }
5858
5859 /* Otherwise (did not start with "+" or "-"), start by looking for the
5860 name. If we find a name, add one to the opcode to change OP_CREF or
5861 OP_RREF into OP_NCREF or OP_NRREF. These behave exactly the same,
5862 except they record that the reference was originally to a name. The
5863 information is used to check duplicate names. */
5864
5865 slot = cd->name_table;
5866 for (i = 0; i < cd->names_found; i++)
5867 {
5868 if (STRNCMP_UC_UC(name, slot+IMM2_SIZE, namelen) == 0) break;
5869 slot += cd->name_entry_size;
5870 }
5871
5872 /* Found a previous named subpattern */
5873
5874 if (i < cd->names_found)
5875 {
5876 recno = GET2(slot, 0);
5877 PUT2(code, 2+LINK_SIZE, recno);
5878 code[1+LINK_SIZE]++;
5879 }
5880
5881 /* Search the pattern for a forward reference */
5882
5883 else if ((i = find_parens(cd, name, namelen,
5884 (options & PCRE_EXTENDED) != 0, utf)) > 0)
5885 {
5886 PUT2(code, 2+LINK_SIZE, i);
5887 code[1+LINK_SIZE]++;
5888 }
5889
5890 /* If terminator == 0 it means that the name followed directly after
5891 the opening parenthesis [e.g. (?(abc)...] and in this case there are
5892 some further alternatives to try. For the cases where terminator != 0
5893 [things like (?(<name>... or (?('name')... or (?(R&name)... ] we have
5894 now checked all the possibilities, so give an error. */
5895
5896 else if (terminator != 0)
5897 {
5898 *errorcodeptr = ERR15;
5899 goto FAILED;
5900 }
5901
5902 /* Check for (?(R) for recursion. Allow digits after R to specify a
5903 specific group number. */
5904
5905 else if (*name == CHAR_R)
5906 {
5907 recno = 0;
5908 for (i = 1; i < namelen; i++)
5909 {
5910 if (!IS_DIGIT(name[i]))
5911 {
5912 *errorcodeptr = ERR15;
5913 goto FAILED;
5914 }
5915 recno = recno * 10 + name[i] - CHAR_0;
5916 }
5917 if (recno == 0) recno = RREF_ANY;
5918 code[1+LINK_SIZE] = OP_RREF; /* Change test type */
5919 PUT2(code, 2+LINK_SIZE, recno);
5920 }
5921
5922 /* Similarly, check for the (?(DEFINE) "condition", which is always
5923 false. */
5924
5925 else if (namelen == 6 && STRNCMP_UC_C8(name, STRING_DEFINE, 6) == 0)
5926 {
5927 code[1+LINK_SIZE] = OP_DEF;
5928 skipbytes = 1;
5929 }
5930
5931 /* Check for the "name" actually being a subpattern number. We are
5932 in the second pass here, so final_bracount is set. */
5933
5934 else if (recno > 0 && recno <= cd->final_bracount)
5935 {
5936 PUT2(code, 2+LINK_SIZE, recno);
5937 }
5938
5939 /* Either an unidentified subpattern, or a reference to (?(0) */
5940
5941 else
5942 {
5943 *errorcodeptr = (recno == 0)? ERR35: ERR15;
5944 goto FAILED;
5945 }
5946 break;
5947
5948
5949 /* ------------------------------------------------------------ */
5950 case CHAR_EQUALS_SIGN: /* Positive lookahead */
5951 bravalue = OP_ASSERT;
5952 cd->assert_depth += 1;
5953 ptr++;
5954 break;
5955
5956
5957 /* ------------------------------------------------------------ */
5958 case CHAR_EXCLAMATION_MARK: /* Negative lookahead */
5959 ptr++;
5960 if (*ptr == CHAR_RIGHT_PARENTHESIS) /* Optimize (?!) */
5961 {
5962 *code++ = OP_FAIL;
5963 previous = NULL;
5964 continue;
5965 }
5966 bravalue = OP_ASSERT_NOT;
5967 cd->assert_depth += 1;
5968 break;
5969
5970
5971 /* ------------------------------------------------------------ */
5972 case CHAR_LESS_THAN_SIGN: /* Lookbehind or named define */
5973 switch (ptr[1])
5974 {
5975 case CHAR_EQUALS_SIGN: /* Positive lookbehind */
5976 bravalue = OP_ASSERTBACK;
5977 cd->assert_depth += 1;
5978 ptr += 2;
5979 break;
5980
5981 case CHAR_EXCLAMATION_MARK: /* Negative lookbehind */
5982 bravalue = OP_ASSERTBACK_NOT;
5983 cd->assert_depth += 1;
5984 ptr += 2;
5985 break;
5986
5987 default: /* Could be name define, else bad */
5988 if (MAX_255(ptr[1]) && (cd->ctypes[ptr[1]] & ctype_word) != 0)
5989 goto DEFINE_NAME;
5990 ptr++; /* Correct offset for error */
5991 *errorcodeptr = ERR24;
5992 goto FAILED;
5993 }
5994 break;
5995
5996
5997 /* ------------------------------------------------------------ */
5998 case CHAR_GREATER_THAN_SIGN: /* One-time brackets */
5999 bravalue = OP_ONCE;
6000 ptr++;
6001 break;
6002
6003
6004 /* ------------------------------------------------------------ */
6005 case CHAR_C: /* Callout - may be followed by digits; */
6006 previous_callout = code; /* Save for later completion */
6007 after_manual_callout = 1; /* Skip one item before completing */
6008 *code++ = OP_CALLOUT;
6009 {
6010 int n = 0;
6011 ptr++;
6012 while(IS_DIGIT(*ptr))
6013 n = n * 10 + *ptr++ - CHAR_0;
6014 if (*ptr != CHAR_RIGHT_PARENTHESIS)
6015 {
6016 *errorcodeptr = ERR39;
6017 goto FAILED;
6018 }
6019 if (n > 255)
6020 {
6021 *errorcodeptr = ERR38;
6022 goto FAILED;
6023 }
6024 *code++ = n;
6025 PUT(code, 0, (int)(ptr - cd->start_pattern + 1)); /* Pattern offset */
6026 PUT(code, LINK_SIZE, 0); /* Default length */
6027 code += 2 * LINK_SIZE;
6028 }
6029 previous = NULL;
6030 continue;
6031
6032
6033 /* ------------------------------------------------------------ */
6034 case CHAR_P: /* Python-style named subpattern handling */
6035 if (*(++ptr) == CHAR_EQUALS_SIGN ||
6036 *ptr == CHAR_GREATER_THAN_SIGN) /* Reference or recursion */
6037 {
6038 is_recurse = *ptr == CHAR_GREATER_THAN_SIGN;
6039 terminator = CHAR_RIGHT_PARENTHESIS;
6040 goto NAMED_REF_OR_RECURSE;
6041 }
6042 else if (*ptr != CHAR_LESS_THAN_SIGN) /* Test for Python-style defn */
6043 {
6044 *errorcodeptr = ERR41;
6045 goto FAILED;
6046 }
6047 /* Fall through to handle (?P< as (?< is handled */
6048
6049
6050 /* ------------------------------------------------------------ */
6051 DEFINE_NAME: /* Come here from (?< handling */
6052 case CHAR_APOSTROPHE:
6053 {
6054 terminator = (*ptr == CHAR_LESS_THAN_SIGN)?
6055 CHAR_GREATER_THAN_SIGN : CHAR_APOSTROPHE;
6056 name = ++ptr;
6057
6058 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_word) != 0) ptr++;
6059 namelen = (int)(ptr - name);
6060
6061 /* In the pre-compile phase, just do a syntax check. */
6062
6063 if (lengthptr != NULL)
6064 {
6065 if (*ptr != (pcre_uchar)terminator)
6066 {
6067 *errorcodeptr = ERR42;
6068 goto FAILED;
6069 }
6070 if (cd->names_found >= MAX_NAME_COUNT)
6071 {
6072 *errorcodeptr = ERR49;
6073 goto FAILED;
6074 }
6075 if (namelen + IMM2_SIZE + 1 > cd->name_entry_size)
6076 {
6077 cd->name_entry_size = namelen + IMM2_SIZE + 1;
6078 if (namelen > MAX_NAME_SIZE)
6079 {
6080 *errorcodeptr = ERR48;
6081 goto FAILED;
6082 }
6083 }
6084 }
6085
6086 /* In the real compile, create the entry in the table, maintaining
6087 alphabetical order. Duplicate names for different numbers are
6088 permitted only if PCRE_DUPNAMES is set. Duplicate names for the same
6089 number are always OK. (An existing number can be re-used if (?|
6090 appears in the pattern.) In either event, a duplicate name results in
6091 a duplicate entry in the table, even if the number is the same. This
6092 is because the number of names, and hence the table size, is computed
6093 in the pre-compile, and it affects various numbers and pointers which
6094 would all have to be modified, and the compiled code moved down, if
6095 duplicates with the same number were omitted from the table. This
6096 doesn't seem worth the hassle. However, *different* names for the
6097 same number are not permitted. */
6098
6099 else
6100 {
6101 BOOL dupname = FALSE;
6102 slot = cd->name_table;
6103
6104 for (i = 0; i < cd->names_found; i++)
6105 {
6106 int crc = memcmp(name, slot+IMM2_SIZE, IN_UCHARS(namelen));
6107 if (crc == 0)
6108 {
6109 if (slot[IMM2_SIZE+namelen] == 0)
6110 {
6111 if (GET2(slot, 0) != cd->bracount + 1 &&
6112 (options & PCRE_DUPNAMES) == 0)
6113 {
6114 *errorcodeptr = ERR43;
6115 goto FAILED;
6116 }
6117 else dupname = TRUE;
6118 }
6119 else crc = -1; /* Current name is a substring */
6120 }
6121
6122 /* Make space in the table and break the loop for an earlier
6123 name. For a duplicate or later name, carry on. We do this for
6124 duplicates so that in the simple case (when ?(| is not used) they
6125 are in order of their numbers. */
6126
6127 if (crc < 0)
6128 {
6129 memmove(slot + cd->name_entry_size, slot,
6130 IN_UCHARS((cd->names_found - i) * cd->name_entry_size));
6131 break;
6132 }
6133
6134 /* Continue the loop for a later or duplicate name */
6135
6136 slot += cd->name_entry_size;
6137 }
6138
6139 /* For non-duplicate names, check for a duplicate number before
6140 adding the new name. */
6141
6142 if (!dupname)
6143 {
6144 pcre_uchar *cslot = cd->name_table;
6145 for (i = 0; i < cd->names_found; i++)
6146 {
6147 if (cslot != slot)
6148 {
6149 if (GET2(cslot, 0) == cd->bracount + 1)
6150 {
6151 *errorcodeptr = ERR65;
6152 goto FAILED;
6153 }
6154 }
6155 else i--;
6156 cslot += cd->name_entry_size;
6157 }
6158 }
6159
6160 PUT2(slot, 0, cd->bracount + 1);
6161 memcpy(slot + IMM2_SIZE, name, IN_UCHARS(namelen));
6162 slot[IMM2_SIZE + namelen] = 0;
6163 }
6164 }
6165
6166 /* In both pre-compile and compile, count the number of names we've
6167 encountered. */
6168
6169 cd->names_found++;
6170 ptr++; /* Move past > or ' */
6171 goto NUMBERED_GROUP;
6172
6173
6174 /* ------------------------------------------------------------ */
6175 case CHAR_AMPERSAND: /* Perl recursion/subroutine syntax */
6176 terminator = CHAR_RIGHT_PARENTHESIS;
6177 is_recurse = TRUE;
6178 /* Fall through */
6179
6180 /* We come here from the Python syntax above that handles both
6181 references (?P=name) and recursion (?P>name), as well as falling
6182 through from the Perl recursion syntax (?&name). We also come here from
6183 the Perl \k<name> or \k'name' back reference syntax and the \k{name}
6184 .NET syntax, and the Oniguruma \g<...> and \g'...' subroutine syntax. */
6185
6186 NAMED_REF_OR_RECURSE:
6187 name = ++ptr;
6188 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_word) != 0) ptr++;
6189 namelen = (int)(ptr - name);
6190
6191 /* In the pre-compile phase, do a syntax check. We used to just set
6192 a dummy reference number, because it was not used in the first pass.
6193 However, with the change of recursive back references to be atomic,
6194 we have to look for the number so that this state can be identified, as
6195 otherwise the incorrect length is computed. If it's not a backwards
6196 reference, the dummy number will do. */
6197
6198 if (lengthptr != NULL)
6199 {
6200 const pcre_uchar *temp;
6201
6202 if (namelen == 0)
6203 {
6204 *errorcodeptr = ERR62;
6205 goto FAILED;
6206 }
6207 if (*ptr != (pcre_uchar)terminator)
6208 {
6209 *errorcodeptr = ERR42;
6210 goto FAILED;
6211 }
6212 if (namelen > MAX_NAME_SIZE)
6213 {
6214 *errorcodeptr = ERR48;
6215 goto FAILED;
6216 }
6217
6218 /* The name table does not exist in the first pass, so we cannot
6219 do a simple search as in the code below. Instead, we have to scan the
6220 pattern to find the number. It is important that we scan it only as
6221 far as we have got because the syntax of named subpatterns has not
6222 been checked for the rest of the pattern, and find_parens() assumes
6223 correct syntax. In any case, it's a waste of resources to scan
6224 further. We stop the scan at the current point by temporarily
6225 adjusting the value of cd->endpattern. */
6226
6227 temp = cd->end_pattern;
6228 cd->end_pattern = ptr;
6229 recno = find_parens(cd, name, namelen,
6230 (options & PCRE_EXTENDED) != 0, utf);
6231 cd->end_pattern = temp;
6232 if (recno < 0) recno = 0; /* Forward ref; set dummy number */
6233 }
6234
6235 /* In the real compile, seek the name in the table. We check the name
6236 first, and then check that we have reached the end of the name in the
6237 table. That way, if the name that is longer than any in the table,
6238 the comparison will fail without reading beyond the table entry. */
6239
6240 else
6241 {
6242 slot = cd->name_table;
6243 for (i = 0; i < cd->names_found; i++)
6244 {
6245 if (STRNCMP_UC_UC(name, slot+IMM2_SIZE, namelen) == 0 &&
6246 slot[IMM2_SIZE+namelen] == 0)
6247 break;
6248 slot += cd->name_entry_size;
6249 }
6250
6251 if (i < cd->names_found) /* Back reference */
6252 {
6253 recno = GET2(slot, 0);
6254 }
6255 else if ((recno = /* Forward back reference */
6256 find_parens(cd, name, namelen,
6257 (options & PCRE_EXTENDED) != 0, utf)) <= 0)
6258 {
6259 *errorcodeptr = ERR15;
6260 goto FAILED;
6261 }
6262 }
6263
6264 /* In both phases, we can now go to the code than handles numerical
6265 recursion or backreferences. */
6266
6267 if (is_recurse) goto HANDLE_RECURSION;
6268 else goto HANDLE_REFERENCE;
6269
6270
6271 /* ------------------------------------------------------------ */
6272 case CHAR_R: /* Recursion */
6273 ptr++; /* Same as (?0) */
6274 /* Fall through */
6275
6276
6277 /* ------------------------------------------------------------ */
6278 case CHAR_MINUS: case CHAR_PLUS: /* Recursion or subroutine */
6279 case CHAR_0: case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4:
6280 case CHAR_5: case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
6281 {
6282 const pcre_uchar *called;
6283 terminator = CHAR_RIGHT_PARENTHESIS;
6284
6285 /* Come here from the \g<...> and \g'...' code (Oniguruma
6286 compatibility). However, the syntax has been checked to ensure that
6287 the ... are a (signed) number, so that neither ERR63 nor ERR29 will
6288 be called on this path, nor with the jump to OTHER_CHAR_AFTER_QUERY
6289 ever be taken. */
6290
6291 HANDLE_NUMERICAL_RECURSION:
6292
6293 if ((refsign = *ptr) == CHAR_PLUS)
6294 {
6295 ptr++;
6296 if (!IS_DIGIT(*ptr))
6297 {
6298 *errorcodeptr = ERR63;
6299 goto FAILED;
6300 }
6301 }
6302 else if (refsign == CHAR_MINUS)
6303 {
6304 if (!IS_DIGIT(ptr[1]))
6305 goto OTHER_CHAR_AFTER_QUERY;
6306 ptr++;
6307 }
6308
6309 recno = 0;
6310 while(IS_DIGIT(*ptr))
6311 recno = recno * 10 + *ptr++ - CHAR_0;
6312
6313 if (*ptr != (pcre_uchar)terminator)
6314 {
6315 *errorcodeptr = ERR29;
6316 goto FAILED;
6317 }
6318
6319 if (refsign == CHAR_MINUS)
6320 {
6321 if (recno == 0)
6322 {
6323 *errorcodeptr = ERR58;
6324 goto FAILED;
6325 }
6326 recno = cd->bracount - recno + 1;
6327 if (recno <= 0)
6328 {
6329 *errorcodeptr = ERR15;
6330 goto FAILED;
6331 }
6332 }
6333 else if (refsign == CHAR_PLUS)
6334 {
6335 if (recno == 0)
6336 {
6337 *errorcodeptr = ERR58;
6338 goto FAILED;
6339 }
6340 recno += cd->bracount;
6341 }
6342
6343 /* Come here from code above that handles a named recursion */
6344
6345 HANDLE_RECURSION:
6346
6347 previous = code;
6348 called = cd->start_code;
6349
6350 /* When we are actually compiling, find the bracket that is being
6351 referenced. Temporarily end the regex in case it doesn't exist before
6352 this point. If we end up with a forward reference, first check that
6353 the bracket does occur later so we can give the error (and position)
6354 now. Then remember this forward reference in the workspace so it can
6355 be filled in at the end. */
6356
6357 if (lengthptr == NULL)
6358 {
6359 *code = OP_END;
6360 if (recno != 0)
6361 called = PRIV(find_bracket)(cd->start_code, utf, recno);
6362
6363 /* Forward reference */
6364
6365 if (called == NULL)
6366 {
6367 if (find_parens(cd, NULL, recno,
6368 (options & PCRE_EXTENDED) != 0, utf) < 0)
6369 {
6370 *errorcodeptr = ERR15;
6371 goto FAILED;
6372 }
6373
6374 /* Fudge the value of "called" so that when it is inserted as an
6375 offset below, what it actually inserted is the reference number
6376 of the group. Then remember the forward reference. */
6377
6378 called = cd->start_code + recno;
6379 if (cd->hwm >= cd->start_workspace + cd->workspace_size -
6380 WORK_SIZE_SAFETY_MARGIN)
6381 {
6382 *errorcodeptr = expand_workspace(cd);
6383 if (*errorcodeptr != 0) goto FAILED;
6384 }
6385 PUTINC(cd->hwm, 0, (int)(code + 1 - cd->start_code));
6386 }
6387
6388 /* If not a forward reference, and the subpattern is still open,
6389 this is a recursive call. We check to see if this is a left
6390 recursion that could loop for ever, and diagnose that case. We
6391 must not, however, do this check if we are in a conditional
6392 subpattern because the condition might be testing for recursion in
6393 a pattern such as /(?(R)a+|(?R)b)/, which is perfectly valid.
6394 Forever loops are also detected at runtime, so those that occur in
6395 conditional subpatterns will be picked up then. */
6396
6397 else if (GET(called, 1) == 0 && cond_depth <= 0 &&
6398 could_be_empty(called, code, bcptr, utf, cd))
6399 {
6400 *errorcodeptr = ERR40;
6401 goto FAILED;
6402 }
6403 }
6404
6405 /* Insert the recursion/subroutine item. It does not have a set first
6406 character (relevant if it is repeated, because it will then be
6407 wrapped with ONCE brackets). */
6408
6409 *code = OP_RECURSE;
6410 PUT(code, 1, (int)(called - cd->start_code));
6411 code += 1 + LINK_SIZE;
6412 groupsetfirstchar = FALSE;
6413 }
6414
6415 /* Can't determine a first byte now */
6416
6417 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
6418 continue;
6419
6420
6421 /* ------------------------------------------------------------ */
6422 default: /* Other characters: check option setting */
6423 OTHER_CHAR_AFTER_QUERY:
6424 set = unset = 0;
6425 optset = &set;
6426
6427 while (*ptr != CHAR_RIGHT_PARENTHESIS && *ptr != CHAR_COLON)
6428 {
6429 switch (*ptr++)
6430 {
6431 case CHAR_MINUS: optset = &unset; break;
6432
6433 case CHAR_J: /* Record that it changed in the external options */
6434 *optset |= PCRE_DUPNAMES;
6435 cd->external_flags |= PCRE_JCHANGED;
6436 break;
6437
6438 case CHAR_i: *optset |= PCRE_CASELESS; break;
6439 case CHAR_m: *optset |= PCRE_MULTILINE; break;
6440 case CHAR_s: *optset |= PCRE_DOTALL; break;
6441 case CHAR_x: *optset |= PCRE_EXTENDED; break;
6442 case CHAR_U: *optset |= PCRE_UNGREEDY; break;
6443 case CHAR_X: *optset |= PCRE_EXTRA; break;
6444
6445 default: *errorcodeptr = ERR12;
6446 ptr--; /* Correct the offset */
6447 goto FAILED;
6448 }
6449 }
6450
6451 /* Set up the changed option bits, but don't change anything yet. */
6452
6453 newoptions = (options | set) & (~unset);
6454
6455 /* If the options ended with ')' this is not the start of a nested
6456 group with option changes, so the options change at this level. If this
6457 item is right at the start of the pattern, the options can be
6458 abstracted and made external in the pre-compile phase, and ignored in
6459 the compile phase. This can be helpful when matching -- for instance in
6460 caseless checking of required bytes.
6461
6462 If the code pointer is not (cd->start_code + 1 + LINK_SIZE), we are
6463 definitely *not* at the start of the pattern because something has been
6464 compiled. In the pre-compile phase, however, the code pointer can have
6465 that value after the start, because it gets reset as code is discarded
6466 during the pre-compile. However, this can happen only at top level - if
6467 we are within parentheses, the starting BRA will still be present. At
6468 any parenthesis level, the length value can be used to test if anything
6469 has been compiled at that level. Thus, a test for both these conditions
6470 is necessary to ensure we correctly detect the start of the pattern in
6471 both phases.
6472
6473 If we are not at the pattern start, reset the greedy defaults and the
6474 case value for firstchar and reqchar. */
6475
6476 if (*ptr == CHAR_RIGHT_PARENTHESIS)
6477 {
6478 if (code == cd->start_code + 1 + LINK_SIZE &&
6479 (lengthptr == NULL || *lengthptr == 2 + 2*LINK_SIZE))
6480 {
6481 cd->external_options = newoptions;
6482 }
6483 else
6484 {
6485 greedy_default = ((newoptions & PCRE_UNGREEDY) != 0);
6486 greedy_non_default = greedy_default ^ 1;
6487 req_caseopt = ((newoptions & PCRE_CASELESS) != 0)? REQ_CASELESS:0;
6488 }
6489
6490 /* Change options at this level, and pass them back for use
6491 in subsequent branches. */
6492
6493 *optionsptr = options = newoptions;
6494 previous = NULL; /* This item can't be repeated */
6495 continue; /* It is complete */
6496 }
6497
6498 /* If the options ended with ':' we are heading into a nested group
6499 with possible change of options. Such groups are non-capturing and are
6500 not assertions of any kind. All we need to do is skip over the ':';
6501 the newoptions value is handled below. */
6502
6503 bravalue = OP_BRA;
6504 ptr++;
6505 } /* End of switch for character following (? */
6506 } /* End of (? handling */
6507
6508 /* Opening parenthesis not followed by '*' or '?'. If PCRE_NO_AUTO_CAPTURE
6509 is set, all unadorned brackets become non-capturing and behave like (?:...)
6510 brackets. */
6511
6512 else if ((options & PCRE_NO_AUTO_CAPTURE) != 0)
6513 {
6514 bravalue = OP_BRA;
6515 }
6516
6517 /* Else we have a capturing group. */
6518
6519 else
6520 {
6521 NUMBERED_GROUP:
6522 cd->bracount += 1;
6523 PUT2(code, 1+LINK_SIZE, cd->bracount);
6524 skipbytes = IMM2_SIZE;
6525 }
6526
6527 /* Process nested bracketed regex. Assertions used not to be repeatable,
6528 but this was changed for Perl compatibility, so all kinds can now be
6529 repeated. We copy code into a non-register variable (tempcode) in order to
6530 be able to pass its address because some compilers complain otherwise. */
6531
6532 previous = code; /* For handling repetition */
6533 *code = bravalue;
6534 tempcode = code;
6535 tempreqvary = cd->req_varyopt; /* Save value before bracket */
6536 tempbracount = cd->bracount; /* Save value before bracket */
6537 length_prevgroup = 0; /* Initialize for pre-compile phase */
6538
6539 if (!compile_regex(
6540 newoptions, /* The complete new option state */
6541 &tempcode, /* Where to put code (updated) */
6542 &ptr, /* Input pointer (updated) */
6543 errorcodeptr, /* Where to put an error message */
6544 (bravalue == OP_ASSERTBACK ||
6545 bravalue == OP_ASSERTBACK_NOT), /* TRUE if back assert */
6546 reset_bracount, /* True if (?| group */
6547 skipbytes, /* Skip over bracket number */
6548 cond_depth +
6549 ((bravalue == OP_COND)?1:0), /* Depth of condition subpatterns */
6550 &subfirstchar, /* For possible first char */
6551 &subfirstcharflags,
6552 &subreqchar, /* For possible last char */
6553 &subreqcharflags,
6554 bcptr, /* Current branch chain */
6555 cd, /* Tables block */
6556 (lengthptr == NULL)? NULL : /* Actual compile phase */
6557 &length_prevgroup /* Pre-compile phase */
6558 ))
6559 goto FAILED;
6560
6561 /* If this was an atomic group and there are no capturing groups within it,
6562 generate OP_ONCE_NC instead of OP_ONCE. */
6563
6564 if (bravalue == OP_ONCE && cd->bracount <= tempbracount)
6565 *code = OP_ONCE_NC;
6566
6567 if (bravalue >= OP_ASSERT && bravalue <= OP_ASSERTBACK_NOT)
6568 cd->assert_depth -= 1;
6569
6570 /* At the end of compiling, code is still pointing to the start of the
6571 group, while tempcode has been updated to point past the end of the group.
6572 The pattern pointer (ptr) is on the bracket.
6573
6574 If this is a conditional bracket, check that there are no more than
6575 two branches in the group, or just one if it's a DEFINE group. We do this
6576 in the real compile phase, not in the pre-pass, where the whole group may
6577 not be available. */
6578
6579 if (bravalue == OP_COND && lengthptr == NULL)
6580 {
6581 pcre_uchar *tc = code;
6582 int condcount = 0;
6583
6584 do {
6585 condcount++;
6586 tc += GET(tc,1);
6587 }
6588 while (*tc != OP_KET);
6589
6590 /* A DEFINE group is never obeyed inline (the "condition" is always
6591 false). It must have only one branch. */
6592
6593 if (code[LINK_SIZE+1] == OP_DEF)
6594 {
6595 if (condcount > 1)
6596 {
6597 *errorcodeptr = ERR54;
6598 goto FAILED;
6599 }
6600 bravalue = OP_DEF; /* Just a flag to suppress char handling below */
6601 }
6602
6603 /* A "normal" conditional group. If there is just one branch, we must not
6604 make use of its firstchar or reqchar, because this is equivalent to an
6605 empty second branch. */
6606
6607 else
6608 {
6609 if (condcount > 2)
6610 {
6611 *errorcodeptr = ERR27;
6612 goto FAILED;
6613 }
6614 if (condcount == 1) subfirstcharflags = subreqcharflags = REQ_NONE;
6615 }
6616 }
6617
6618 /* Error if hit end of pattern */
6619
6620 if (*ptr != CHAR_RIGHT_PARENTHESIS)
6621 {
6622 *errorcodeptr = ERR14;
6623 goto FAILED;
6624 }
6625
6626 /* In the pre-compile phase, update the length by the length of the group,
6627 less the brackets at either end. Then reduce the compiled code to just a
6628 set of non-capturing brackets so that it doesn't use much memory if it is
6629 duplicated by a quantifier.*/
6630
6631 if (lengthptr != NULL)
6632 {
6633 if (OFLOW_MAX - *lengthptr < length_prevgroup - 2 - 2*LINK_SIZE)
6634 {
6635 *errorcodeptr = ERR20;
6636 goto FAILED;
6637 }
6638 *lengthptr += length_prevgroup - 2 - 2*LINK_SIZE;
6639 code++; /* This already contains bravalue */