/[pcre]/code/trunk/pcre_compile.c
ViewVC logotype

Contents of /code/trunk/pcre_compile.c

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1147 - (show annotations)
Sat Oct 20 20:17:03 2012 UTC (6 years, 10 months ago) by chpe
File MIME type: text/plain
File size: 276056 byte(s)
Error occurred while calculating annotation data.
Fix overflow by unsigned conversion

Similar to rev 1146.
1 /*************************************************
2 * Perl-Compatible Regular Expressions *
3 *************************************************/
4
5 /* PCRE is a library of functions to support regular expressions whose syntax
6 and semantics are as close as possible to those of the Perl 5 language.
7
8 Written by Philip Hazel
9 Copyright (c) 1997-2012 University of Cambridge
10
11 -----------------------------------------------------------------------------
12 Redistribution and use in source and binary forms, with or without
13 modification, are permitted provided that the following conditions are met:
14
15 * Redistributions of source code must retain the above copyright notice,
16 this list of conditions and the following disclaimer.
17
18 * Redistributions in binary form must reproduce the above copyright
19 notice, this list of conditions and the following disclaimer in the
20 documentation and/or other materials provided with the distribution.
21
22 * Neither the name of the University of Cambridge nor the names of its
23 contributors may be used to endorse or promote products derived from
24 this software without specific prior written permission.
25
26 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
27 AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
30 LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
31 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
32 SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
33 INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
34 CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
35 ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
36 POSSIBILITY OF SUCH DAMAGE.
37 -----------------------------------------------------------------------------
38 */
39
40
41 /* This module contains the external function pcre_compile(), along with
42 supporting internal functions that are not used by other modules. */
43
44
45 #ifdef HAVE_CONFIG_H
46 #include "config.h"
47 #endif
48
49 #define NLBLOCK cd /* Block containing newline information */
50 #define PSSTART start_pattern /* Field containing processed string start */
51 #define PSEND end_pattern /* Field containing processed string end */
52
53 #include "pcre_internal.h"
54
55
56 /* When PCRE_DEBUG is defined, we need the pcre(16|32)_printint() function, which
57 is also used by pcretest. PCRE_DEBUG is not defined when building a production
58 library. We do not need to select pcre16_printint.c specially, because the
59 COMPILE_PCREx macro will already be appropriately set. */
60
61 #ifdef PCRE_DEBUG
62 /* pcre_printint.c should not include any headers */
63 #define PCRE_INCLUDED
64 #include "pcre_printint.c"
65 #undef PCRE_INCLUDED
66 #endif
67
68
69 /* Macro for setting individual bits in class bitmaps. */
70
71 #define SETBIT(a,b) a[(b)/8] |= (1 << ((b)&7))
72
73 /* Maximum length value to check against when making sure that the integer that
74 holds the compiled pattern length does not overflow. We make it a bit less than
75 INT_MAX to allow for adding in group terminating bytes, so that we don't have
76 to check them every time. */
77
78 #define OFLOW_MAX (INT_MAX - 20)
79
80 /* Definitions to allow mutual recursion */
81
82 static int
83 add_list_to_class(pcre_uint8 *, pcre_uchar **, int, compile_data *,
84 const pcre_uint32 *, unsigned int);
85
86 static BOOL
87 compile_regex(int, pcre_uchar **, const pcre_uchar **, int *, BOOL, BOOL, int, int,
88 pcre_uint32 *, pcre_int32 *, pcre_uint32 *, pcre_int32 *, branch_chain *,
89 compile_data *, int *);
90
91
92
93 /*************************************************
94 * Code parameters and static tables *
95 *************************************************/
96
97 /* This value specifies the size of stack workspace that is used during the
98 first pre-compile phase that determines how much memory is required. The regex
99 is partly compiled into this space, but the compiled parts are discarded as
100 soon as they can be, so that hopefully there will never be an overrun. The code
101 does, however, check for an overrun. The largest amount I've seen used is 218,
102 so this number is very generous.
103
104 The same workspace is used during the second, actual compile phase for
105 remembering forward references to groups so that they can be filled in at the
106 end. Each entry in this list occupies LINK_SIZE bytes, so even when LINK_SIZE
107 is 4 there is plenty of room for most patterns. However, the memory can get
108 filled up by repetitions of forward references, for example patterns like
109 /(?1){0,1999}(b)/, and one user did hit the limit. The code has been changed so
110 that the workspace is expanded using malloc() in this situation. The value
111 below is therefore a minimum, and we put a maximum on it for safety. The
112 minimum is now also defined in terms of LINK_SIZE so that the use of malloc()
113 kicks in at the same number of forward references in all cases. */
114
115 #define COMPILE_WORK_SIZE (2048*LINK_SIZE)
116 #define COMPILE_WORK_SIZE_MAX (100*COMPILE_WORK_SIZE)
117
118 /* The overrun tests check for a slightly smaller size so that they detect the
119 overrun before it actually does run off the end of the data block. */
120
121 #define WORK_SIZE_SAFETY_MARGIN (100)
122
123 /* Private flags added to firstchar and reqchar. */
124
125 #define REQ_CASELESS (1 << 0) /* Indicates caselessness */
126 #define REQ_VARY (1 << 1) /* Reqchar followed non-literal item */
127 /* Negative values for the firstchar and reqchar flags */
128 #define REQ_UNSET (-2)
129 #define REQ_NONE (-1)
130
131 /* Repeated character flags. */
132
133 #define UTF_LENGTH 0x10000000l /* The char contains its length. */
134
135 /* Table for handling escaped characters in the range '0'-'z'. Positive returns
136 are simple data values; negative values are for special things like \d and so
137 on. Zero means further processing is needed (for things like \x), or the escape
138 is invalid. */
139
140 #ifndef EBCDIC
141
142 /* This is the "normal" table for ASCII systems or for EBCDIC systems running
143 in UTF-8 mode. */
144
145 static const short int escapes[] = {
146 0, 0,
147 0, 0,
148 0, 0,
149 0, 0,
150 0, 0,
151 CHAR_COLON, CHAR_SEMICOLON,
152 CHAR_LESS_THAN_SIGN, CHAR_EQUALS_SIGN,
153 CHAR_GREATER_THAN_SIGN, CHAR_QUESTION_MARK,
154 CHAR_COMMERCIAL_AT, -ESC_A,
155 -ESC_B, -ESC_C,
156 -ESC_D, -ESC_E,
157 0, -ESC_G,
158 -ESC_H, 0,
159 0, -ESC_K,
160 0, 0,
161 -ESC_N, 0,
162 -ESC_P, -ESC_Q,
163 -ESC_R, -ESC_S,
164 0, 0,
165 -ESC_V, -ESC_W,
166 -ESC_X, 0,
167 -ESC_Z, CHAR_LEFT_SQUARE_BRACKET,
168 CHAR_BACKSLASH, CHAR_RIGHT_SQUARE_BRACKET,
169 CHAR_CIRCUMFLEX_ACCENT, CHAR_UNDERSCORE,
170 CHAR_GRAVE_ACCENT, 7,
171 -ESC_b, 0,
172 -ESC_d, ESC_e,
173 ESC_f, 0,
174 -ESC_h, 0,
175 0, -ESC_k,
176 0, 0,
177 ESC_n, 0,
178 -ESC_p, 0,
179 ESC_r, -ESC_s,
180 ESC_tee, 0,
181 -ESC_v, -ESC_w,
182 0, 0,
183 -ESC_z
184 };
185
186 #else
187
188 /* This is the "abnormal" table for EBCDIC systems without UTF-8 support. */
189
190 static const short int escapes[] = {
191 /* 48 */ 0, 0, 0, '.', '<', '(', '+', '|',
192 /* 50 */ '&', 0, 0, 0, 0, 0, 0, 0,
193 /* 58 */ 0, 0, '!', '$', '*', ')', ';', '~',
194 /* 60 */ '-', '/', 0, 0, 0, 0, 0, 0,
195 /* 68 */ 0, 0, '|', ',', '%', '_', '>', '?',
196 /* 70 */ 0, 0, 0, 0, 0, 0, 0, 0,
197 /* 78 */ 0, '`', ':', '#', '@', '\'', '=', '"',
198 /* 80 */ 0, 7, -ESC_b, 0, -ESC_d, ESC_e, ESC_f, 0,
199 /* 88 */-ESC_h, 0, 0, '{', 0, 0, 0, 0,
200 /* 90 */ 0, 0, -ESC_k, 'l', 0, ESC_n, 0, -ESC_p,
201 /* 98 */ 0, ESC_r, 0, '}', 0, 0, 0, 0,
202 /* A0 */ 0, '~', -ESC_s, ESC_tee, 0,-ESC_v, -ESC_w, 0,
203 /* A8 */ 0,-ESC_z, 0, 0, 0, '[', 0, 0,
204 /* B0 */ 0, 0, 0, 0, 0, 0, 0, 0,
205 /* B8 */ 0, 0, 0, 0, 0, ']', '=', '-',
206 /* C0 */ '{',-ESC_A, -ESC_B, -ESC_C, -ESC_D,-ESC_E, 0, -ESC_G,
207 /* C8 */-ESC_H, 0, 0, 0, 0, 0, 0, 0,
208 /* D0 */ '}', 0, -ESC_K, 0, 0,-ESC_N, 0, -ESC_P,
209 /* D8 */-ESC_Q,-ESC_R, 0, 0, 0, 0, 0, 0,
210 /* E0 */ '\\', 0, -ESC_S, 0, 0,-ESC_V, -ESC_W, -ESC_X,
211 /* E8 */ 0,-ESC_Z, 0, 0, 0, 0, 0, 0,
212 /* F0 */ 0, 0, 0, 0, 0, 0, 0, 0,
213 /* F8 */ 0, 0, 0, 0, 0, 0, 0, 0
214 };
215 #endif
216
217
218 /* Table of special "verbs" like (*PRUNE). This is a short table, so it is
219 searched linearly. Put all the names into a single string, in order to reduce
220 the number of relocations when a shared library is dynamically linked. The
221 string is built from string macros so that it works in UTF-8 mode on EBCDIC
222 platforms. */
223
224 typedef struct verbitem {
225 int len; /* Length of verb name */
226 int op; /* Op when no arg, or -1 if arg mandatory */
227 int op_arg; /* Op when arg present, or -1 if not allowed */
228 } verbitem;
229
230 static const char verbnames[] =
231 "\0" /* Empty name is a shorthand for MARK */
232 STRING_MARK0
233 STRING_ACCEPT0
234 STRING_COMMIT0
235 STRING_F0
236 STRING_FAIL0
237 STRING_PRUNE0
238 STRING_SKIP0
239 STRING_THEN;
240
241 static const verbitem verbs[] = {
242 { 0, -1, OP_MARK },
243 { 4, -1, OP_MARK },
244 { 6, OP_ACCEPT, -1 },
245 { 6, OP_COMMIT, -1 },
246 { 1, OP_FAIL, -1 },
247 { 4, OP_FAIL, -1 },
248 { 5, OP_PRUNE, OP_PRUNE_ARG },
249 { 4, OP_SKIP, OP_SKIP_ARG },
250 { 4, OP_THEN, OP_THEN_ARG }
251 };
252
253 static const int verbcount = sizeof(verbs)/sizeof(verbitem);
254
255
256 /* Tables of names of POSIX character classes and their lengths. The names are
257 now all in a single string, to reduce the number of relocations when a shared
258 library is dynamically loaded. The list of lengths is terminated by a zero
259 length entry. The first three must be alpha, lower, upper, as this is assumed
260 for handling case independence. */
261
262 static const char posix_names[] =
263 STRING_alpha0 STRING_lower0 STRING_upper0 STRING_alnum0
264 STRING_ascii0 STRING_blank0 STRING_cntrl0 STRING_digit0
265 STRING_graph0 STRING_print0 STRING_punct0 STRING_space0
266 STRING_word0 STRING_xdigit;
267
268 static const pcre_uint8 posix_name_lengths[] = {
269 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };
270
271 /* Table of class bit maps for each POSIX class. Each class is formed from a
272 base map, with an optional addition or removal of another map. Then, for some
273 classes, there is some additional tweaking: for [:blank:] the vertical space
274 characters are removed, and for [:alpha:] and [:alnum:] the underscore
275 character is removed. The triples in the table consist of the base map offset,
276 second map offset or -1 if no second map, and a non-negative value for map
277 addition or a negative value for map subtraction (if there are two maps). The
278 absolute value of the third field has these meanings: 0 => no tweaking, 1 =>
279 remove vertical space characters, 2 => remove underscore. */
280
281 static const int posix_class_maps[] = {
282 cbit_word, cbit_digit, -2, /* alpha */
283 cbit_lower, -1, 0, /* lower */
284 cbit_upper, -1, 0, /* upper */
285 cbit_word, -1, 2, /* alnum - word without underscore */
286 cbit_print, cbit_cntrl, 0, /* ascii */
287 cbit_space, -1, 1, /* blank - a GNU extension */
288 cbit_cntrl, -1, 0, /* cntrl */
289 cbit_digit, -1, 0, /* digit */
290 cbit_graph, -1, 0, /* graph */
291 cbit_print, -1, 0, /* print */
292 cbit_punct, -1, 0, /* punct */
293 cbit_space, -1, 0, /* space */
294 cbit_word, -1, 0, /* word - a Perl extension */
295 cbit_xdigit,-1, 0 /* xdigit */
296 };
297
298 /* Table of substitutes for \d etc when PCRE_UCP is set. The POSIX class
299 substitutes must be in the order of the names, defined above, and there are
300 both positive and negative cases. NULL means no substitute. */
301
302 #ifdef SUPPORT_UCP
303 static const pcre_uchar string_PNd[] = {
304 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
305 CHAR_N, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
306 static const pcre_uchar string_pNd[] = {
307 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
308 CHAR_N, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
309 static const pcre_uchar string_PXsp[] = {
310 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
311 CHAR_X, CHAR_s, CHAR_p, CHAR_RIGHT_CURLY_BRACKET, '\0' };
312 static const pcre_uchar string_pXsp[] = {
313 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
314 CHAR_X, CHAR_s, CHAR_p, CHAR_RIGHT_CURLY_BRACKET, '\0' };
315 static const pcre_uchar string_PXwd[] = {
316 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
317 CHAR_X, CHAR_w, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
318 static const pcre_uchar string_pXwd[] = {
319 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
320 CHAR_X, CHAR_w, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
321
322 static const pcre_uchar *substitutes[] = {
323 string_PNd, /* \D */
324 string_pNd, /* \d */
325 string_PXsp, /* \S */ /* NOTE: Xsp is Perl space */
326 string_pXsp, /* \s */
327 string_PXwd, /* \W */
328 string_pXwd /* \w */
329 };
330
331 static const pcre_uchar string_pL[] = {
332 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
333 CHAR_L, CHAR_RIGHT_CURLY_BRACKET, '\0' };
334 static const pcre_uchar string_pLl[] = {
335 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
336 CHAR_L, CHAR_l, CHAR_RIGHT_CURLY_BRACKET, '\0' };
337 static const pcre_uchar string_pLu[] = {
338 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
339 CHAR_L, CHAR_u, CHAR_RIGHT_CURLY_BRACKET, '\0' };
340 static const pcre_uchar string_pXan[] = {
341 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
342 CHAR_X, CHAR_a, CHAR_n, CHAR_RIGHT_CURLY_BRACKET, '\0' };
343 static const pcre_uchar string_h[] = {
344 CHAR_BACKSLASH, CHAR_h, '\0' };
345 static const pcre_uchar string_pXps[] = {
346 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
347 CHAR_X, CHAR_p, CHAR_s, CHAR_RIGHT_CURLY_BRACKET, '\0' };
348 static const pcre_uchar string_PL[] = {
349 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
350 CHAR_L, CHAR_RIGHT_CURLY_BRACKET, '\0' };
351 static const pcre_uchar string_PLl[] = {
352 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
353 CHAR_L, CHAR_l, CHAR_RIGHT_CURLY_BRACKET, '\0' };
354 static const pcre_uchar string_PLu[] = {
355 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
356 CHAR_L, CHAR_u, CHAR_RIGHT_CURLY_BRACKET, '\0' };
357 static const pcre_uchar string_PXan[] = {
358 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
359 CHAR_X, CHAR_a, CHAR_n, CHAR_RIGHT_CURLY_BRACKET, '\0' };
360 static const pcre_uchar string_H[] = {
361 CHAR_BACKSLASH, CHAR_H, '\0' };
362 static const pcre_uchar string_PXps[] = {
363 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
364 CHAR_X, CHAR_p, CHAR_s, CHAR_RIGHT_CURLY_BRACKET, '\0' };
365
366 static const pcre_uchar *posix_substitutes[] = {
367 string_pL, /* alpha */
368 string_pLl, /* lower */
369 string_pLu, /* upper */
370 string_pXan, /* alnum */
371 NULL, /* ascii */
372 string_h, /* blank */
373 NULL, /* cntrl */
374 string_pNd, /* digit */
375 NULL, /* graph */
376 NULL, /* print */
377 NULL, /* punct */
378 string_pXps, /* space */ /* NOTE: Xps is POSIX space */
379 string_pXwd, /* word */
380 NULL, /* xdigit */
381 /* Negated cases */
382 string_PL, /* ^alpha */
383 string_PLl, /* ^lower */
384 string_PLu, /* ^upper */
385 string_PXan, /* ^alnum */
386 NULL, /* ^ascii */
387 string_H, /* ^blank */
388 NULL, /* ^cntrl */
389 string_PNd, /* ^digit */
390 NULL, /* ^graph */
391 NULL, /* ^print */
392 NULL, /* ^punct */
393 string_PXps, /* ^space */ /* NOTE: Xps is POSIX space */
394 string_PXwd, /* ^word */
395 NULL /* ^xdigit */
396 };
397 #define POSIX_SUBSIZE (sizeof(posix_substitutes) / sizeof(pcre_uchar *))
398 #endif
399
400 #define STRING(a) # a
401 #define XSTRING(s) STRING(s)
402
403 /* The texts of compile-time error messages. These are "char *" because they
404 are passed to the outside world. Do not ever re-use any error number, because
405 they are documented. Always add a new error instead. Messages marked DEAD below
406 are no longer used. This used to be a table of strings, but in order to reduce
407 the number of relocations needed when a shared library is loaded dynamically,
408 it is now one long string. We cannot use a table of offsets, because the
409 lengths of inserts such as XSTRING(MAX_NAME_SIZE) are not known. Instead, we
410 simply count through to the one we want - this isn't a performance issue
411 because these strings are used only when there is a compilation error.
412
413 Each substring ends with \0 to insert a null character. This includes the final
414 substring, so that the whole string ends with \0\0, which can be detected when
415 counting through. */
416
417 static const char error_texts[] =
418 "no error\0"
419 "\\ at end of pattern\0"
420 "\\c at end of pattern\0"
421 "unrecognized character follows \\\0"
422 "numbers out of order in {} quantifier\0"
423 /* 5 */
424 "number too big in {} quantifier\0"
425 "missing terminating ] for character class\0"
426 "invalid escape sequence in character class\0"
427 "range out of order in character class\0"
428 "nothing to repeat\0"
429 /* 10 */
430 "operand of unlimited repeat could match the empty string\0" /** DEAD **/
431 "internal error: unexpected repeat\0"
432 "unrecognized character after (? or (?-\0"
433 "POSIX named classes are supported only within a class\0"
434 "missing )\0"
435 /* 15 */
436 "reference to non-existent subpattern\0"
437 "erroffset passed as NULL\0"
438 "unknown option bit(s) set\0"
439 "missing ) after comment\0"
440 "parentheses nested too deeply\0" /** DEAD **/
441 /* 20 */
442 "regular expression is too large\0"
443 "failed to get memory\0"
444 "unmatched parentheses\0"
445 "internal error: code overflow\0"
446 "unrecognized character after (?<\0"
447 /* 25 */
448 "lookbehind assertion is not fixed length\0"
449 "malformed number or name after (?(\0"
450 "conditional group contains more than two branches\0"
451 "assertion expected after (?(\0"
452 "(?R or (?[+-]digits must be followed by )\0"
453 /* 30 */
454 "unknown POSIX class name\0"
455 "POSIX collating elements are not supported\0"
456 "this version of PCRE is compiled without UTF support\0"
457 "spare error\0" /** DEAD **/
458 "character value in \\x{...} sequence is too large\0"
459 /* 35 */
460 "invalid condition (?(0)\0"
461 "\\C not allowed in lookbehind assertion\0"
462 "PCRE does not support \\L, \\l, \\N{name}, \\U, or \\u\0"
463 "number after (?C is > 255\0"
464 "closing ) for (?C expected\0"
465 /* 40 */
466 "recursive call could loop indefinitely\0"
467 "unrecognized character after (?P\0"
468 "syntax error in subpattern name (missing terminator)\0"
469 "two named subpatterns have the same name\0"
470 "invalid UTF-8 string\0"
471 /* 45 */
472 "support for \\P, \\p, and \\X has not been compiled\0"
473 "malformed \\P or \\p sequence\0"
474 "unknown property name after \\P or \\p\0"
475 "subpattern name is too long (maximum " XSTRING(MAX_NAME_SIZE) " characters)\0"
476 "too many named subpatterns (maximum " XSTRING(MAX_NAME_COUNT) ")\0"
477 /* 50 */
478 "repeated subpattern is too long\0" /** DEAD **/
479 "octal value is greater than \\377 in 8-bit non-UTF-8 mode\0"
480 "internal error: overran compiling workspace\0"
481 "internal error: previously-checked referenced subpattern not found\0"
482 "DEFINE group contains more than one branch\0"
483 /* 55 */
484 "repeating a DEFINE group is not allowed\0" /** DEAD **/
485 "inconsistent NEWLINE options\0"
486 "\\g is not followed by a braced, angle-bracketed, or quoted name/number or by a plain number\0"
487 "a numbered reference must not be zero\0"
488 "an argument is not allowed for (*ACCEPT), (*FAIL), or (*COMMIT)\0"
489 /* 60 */
490 "(*VERB) not recognized\0"
491 "number is too big\0"
492 "subpattern name expected\0"
493 "digit expected after (?+\0"
494 "] is an invalid data character in JavaScript compatibility mode\0"
495 /* 65 */
496 "different names for subpatterns of the same number are not allowed\0"
497 "(*MARK) must have an argument\0"
498 "this version of PCRE is not compiled with Unicode property support\0"
499 "\\c must be followed by an ASCII character\0"
500 "\\k is not followed by a braced, angle-bracketed, or quoted name\0"
501 /* 70 */
502 "internal error: unknown opcode in find_fixedlength()\0"
503 "\\N is not supported in a class\0"
504 "too many forward references\0"
505 "disallowed Unicode code point (>= 0xd800 && <= 0xdfff)\0"
506 "invalid UTF-16 string\0"
507 /* 75 */
508 "name is too long in (*MARK), (*PRUNE), (*SKIP), or (*THEN)\0"
509 "character value in \\u.... sequence is too large\0"
510 "invalid UTF-32 string\0"
511 ;
512
513 /* Table to identify digits and hex digits. This is used when compiling
514 patterns. Note that the tables in chartables are dependent on the locale, and
515 may mark arbitrary characters as digits - but the PCRE compiling code expects
516 to handle only 0-9, a-z, and A-Z as digits when compiling. That is why we have
517 a private table here. It costs 256 bytes, but it is a lot faster than doing
518 character value tests (at least in some simple cases I timed), and in some
519 applications one wants PCRE to compile efficiently as well as match
520 efficiently.
521
522 For convenience, we use the same bit definitions as in chartables:
523
524 0x04 decimal digit
525 0x08 hexadecimal digit
526
527 Then we can use ctype_digit and ctype_xdigit in the code. */
528
529 /* Using a simple comparison for decimal numbers rather than a memory read
530 is much faster, and the resulting code is simpler (the compiler turns it
531 into a subtraction and unsigned comparison). */
532
533 #define IS_DIGIT(x) ((x) >= CHAR_0 && (x) <= CHAR_9)
534
535 #ifndef EBCDIC
536
537 /* This is the "normal" case, for ASCII systems, and EBCDIC systems running in
538 UTF-8 mode. */
539
540 static const pcre_uint8 digitab[] =
541 {
542 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 0- 7 */
543 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 8- 15 */
544 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 16- 23 */
545 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */
546 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - ' */
547 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ( - / */
548 0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c, /* 0 - 7 */
549 0x0c,0x0c,0x00,0x00,0x00,0x00,0x00,0x00, /* 8 - ? */
550 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* @ - G */
551 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* H - O */
552 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* P - W */
553 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* X - _ */
554 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* ` - g */
555 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* h - o */
556 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* p - w */
557 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* x -127 */
558 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 128-135 */
559 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 136-143 */
560 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 144-151 */
561 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 152-159 */
562 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 160-167 */
563 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 168-175 */
564 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 176-183 */
565 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
566 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 192-199 */
567 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 200-207 */
568 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 208-215 */
569 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 216-223 */
570 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 224-231 */
571 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 232-239 */
572 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 240-247 */
573 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};/* 248-255 */
574
575 #else
576
577 /* This is the "abnormal" case, for EBCDIC systems not running in UTF-8 mode. */
578
579 static const pcre_uint8 digitab[] =
580 {
581 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 0- 7 0 */
582 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 8- 15 */
583 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 16- 23 10 */
584 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */
585 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 32- 39 20 */
586 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 40- 47 */
587 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 48- 55 30 */
588 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 56- 63 */
589 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - 71 40 */
590 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 72- | */
591 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* & - 87 50 */
592 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 88- 95 */
593 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - -103 60 */
594 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 104- ? */
595 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 70 */
596 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 120- " */
597 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* 128- g 80 */
598 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* h -143 */
599 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 144- p 90 */
600 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* q -159 */
601 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 160- x A0 */
602 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* y -175 */
603 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ^ -183 B0 */
604 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
605 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* { - G C0 */
606 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* H -207 */
607 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* } - P D0 */
608 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* Q -223 */
609 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* \ - X E0 */
610 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* Y -239 */
611 0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c, /* 0 - 7 F0 */
612 0x0c,0x0c,0x00,0x00,0x00,0x00,0x00,0x00};/* 8 -255 */
613
614 static const pcre_uint8 ebcdic_chartab[] = { /* chartable partial dup */
615 0x80,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /* 0- 7 */
616 0x00,0x00,0x00,0x00,0x01,0x01,0x00,0x00, /* 8- 15 */
617 0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /* 16- 23 */
618 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */
619 0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /* 32- 39 */
620 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 40- 47 */
621 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 48- 55 */
622 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 56- 63 */
623 0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - 71 */
624 0x00,0x00,0x00,0x80,0x00,0x80,0x80,0x80, /* 72- | */
625 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* & - 87 */
626 0x00,0x00,0x00,0x80,0x80,0x80,0x00,0x00, /* 88- 95 */
627 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - -103 */
628 0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x80, /* 104- ? */
629 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 */
630 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 120- " */
631 0x00,0x1a,0x1a,0x1a,0x1a,0x1a,0x1a,0x12, /* 128- g */
632 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* h -143 */
633 0x00,0x12,0x12,0x12,0x12,0x12,0x12,0x12, /* 144- p */
634 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* q -159 */
635 0x00,0x00,0x12,0x12,0x12,0x12,0x12,0x12, /* 160- x */
636 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* y -175 */
637 0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ^ -183 */
638 0x00,0x00,0x80,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
639 0x80,0x1a,0x1a,0x1a,0x1a,0x1a,0x1a,0x12, /* { - G */
640 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* H -207 */
641 0x00,0x12,0x12,0x12,0x12,0x12,0x12,0x12, /* } - P */
642 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* Q -223 */
643 0x00,0x00,0x12,0x12,0x12,0x12,0x12,0x12, /* \ - X */
644 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* Y -239 */
645 0x1c,0x1c,0x1c,0x1c,0x1c,0x1c,0x1c,0x1c, /* 0 - 7 */
646 0x1c,0x1c,0x00,0x00,0x00,0x00,0x00,0x00};/* 8 -255 */
647 #endif
648
649
650
651 /*************************************************
652 * Find an error text *
653 *************************************************/
654
655 /* The error texts are now all in one long string, to save on relocations. As
656 some of the text is of unknown length, we can't use a table of offsets.
657 Instead, just count through the strings. This is not a performance issue
658 because it happens only when there has been a compilation error.
659
660 Argument: the error number
661 Returns: pointer to the error string
662 */
663
664 static const char *
665 find_error_text(int n)
666 {
667 const char *s = error_texts;
668 for (; n > 0; n--)
669 {
670 while (*s++ != 0) {};
671 if (*s == 0) return "Error text not found (please report)";
672 }
673 return s;
674 }
675
676
677 /*************************************************
678 * Expand the workspace *
679 *************************************************/
680
681 /* This function is called during the second compiling phase, if the number of
682 forward references fills the existing workspace, which is originally a block on
683 the stack. A larger block is obtained from malloc() unless the ultimate limit
684 has been reached or the increase will be rather small.
685
686 Argument: pointer to the compile data block
687 Returns: 0 if all went well, else an error number
688 */
689
690 static int
691 expand_workspace(compile_data *cd)
692 {
693 pcre_uchar *newspace;
694 int newsize = cd->workspace_size * 2;
695
696 if (newsize > COMPILE_WORK_SIZE_MAX) newsize = COMPILE_WORK_SIZE_MAX;
697 if (cd->workspace_size >= COMPILE_WORK_SIZE_MAX ||
698 newsize - cd->workspace_size < WORK_SIZE_SAFETY_MARGIN)
699 return ERR72;
700
701 newspace = (PUBL(malloc))(IN_UCHARS(newsize));
702 if (newspace == NULL) return ERR21;
703 memcpy(newspace, cd->start_workspace, cd->workspace_size * sizeof(pcre_uchar));
704 cd->hwm = (pcre_uchar *)newspace + (cd->hwm - cd->start_workspace);
705 if (cd->workspace_size > COMPILE_WORK_SIZE)
706 (PUBL(free))((void *)cd->start_workspace);
707 cd->start_workspace = newspace;
708 cd->workspace_size = newsize;
709 return 0;
710 }
711
712
713
714 /*************************************************
715 * Check for counted repeat *
716 *************************************************/
717
718 /* This function is called when a '{' is encountered in a place where it might
719 start a quantifier. It looks ahead to see if it really is a quantifier or not.
720 It is only a quantifier if it is one of the forms {ddd} {ddd,} or {ddd,ddd}
721 where the ddds are digits.
722
723 Arguments:
724 p pointer to the first char after '{'
725
726 Returns: TRUE or FALSE
727 */
728
729 static BOOL
730 is_counted_repeat(const pcre_uchar *p)
731 {
732 if (!IS_DIGIT(*p)) return FALSE;
733 p++;
734 while (IS_DIGIT(*p)) p++;
735 if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
736
737 if (*p++ != CHAR_COMMA) return FALSE;
738 if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
739
740 if (!IS_DIGIT(*p)) return FALSE;
741 p++;
742 while (IS_DIGIT(*p)) p++;
743
744 return (*p == CHAR_RIGHT_CURLY_BRACKET);
745 }
746
747
748
749 /*************************************************
750 * Handle escapes *
751 *************************************************/
752
753 /* This function is called when a \ has been encountered. It either returns a
754 positive value for a simple escape such as \n, or 0 for a data character
755 which will be placed in chptr. A backreference to group n is returned as
756 negative n. When UTF-8 is enabled, a positive value greater than 255 may
757 be returned in chptr.
758 On entry,ptr is pointing at the \. On exit, it is on the final character of the
759 escape sequence.
760
761 Arguments:
762 ptrptr points to the pattern position pointer
763 chptr points to the data character
764 errorcodeptr points to the errorcode variable
765 bracount number of previous extracting brackets
766 options the options bits
767 isclass TRUE if inside a character class
768
769 Returns: zero => a data character
770 positive => a special escape sequence
771 negative => a back reference
772 on error, errorcodeptr is set
773 */
774
775 static int
776 check_escape(const pcre_uchar **ptrptr, pcre_uint32 *chptr, int *errorcodeptr,
777 int bracount, int options, BOOL isclass)
778 {
779 /* PCRE_UTF16 has the same value as PCRE_UTF8. */
780 BOOL utf = (options & PCRE_UTF8) != 0;
781 const pcre_uchar *ptr = *ptrptr + 1;
782 pcre_uint32 c;
783 int escape = 0;
784 int i;
785
786 GETCHARINCTEST(c, ptr); /* Get character value, increment pointer */
787 ptr--; /* Set pointer back to the last byte */
788
789 /* If backslash is at the end of the pattern, it's an error. */
790
791 if (c == 0) *errorcodeptr = ERR1;
792
793 /* Non-alphanumerics are literals. For digits or letters, do an initial lookup
794 in a table. A non-zero result is something that can be returned immediately.
795 Otherwise further processing may be required. */
796
797 #ifndef EBCDIC /* ASCII/UTF-8 coding */
798 /* Not alphanumeric */
799 else if (c < CHAR_0 || c > CHAR_z) {}
800 else if ((i = escapes[c - CHAR_0]) != 0) { if (i > 0) c = (pcre_uint32)i; else escape = -i; }
801
802 #else /* EBCDIC coding */
803 /* Not alphanumeric */
804 else if (c < CHAR_a || (!MAX_255(c) || (ebcdic_chartab[c] & 0x0E) == 0)) {}
805 else if ((i = escapes[c - 0x48]) != 0) { if (i > 0) c = (pcre_uint32)i; else escape = -i; }
806 #endif
807
808 /* Escapes that need further processing, or are illegal. */
809
810 else
811 {
812 const pcre_uchar *oldptr;
813 BOOL braced, negated, overflow;
814 int s;
815
816 switch (c)
817 {
818 /* A number of Perl escapes are not handled by PCRE. We give an explicit
819 error. */
820
821 case CHAR_l:
822 case CHAR_L:
823 *errorcodeptr = ERR37;
824 break;
825
826 case CHAR_u:
827 if ((options & PCRE_JAVASCRIPT_COMPAT) != 0)
828 {
829 /* In JavaScript, \u must be followed by four hexadecimal numbers.
830 Otherwise it is a lowercase u letter. */
831 if (MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0
832 && MAX_255(ptr[2]) && (digitab[ptr[2]] & ctype_xdigit) != 0
833 && MAX_255(ptr[3]) && (digitab[ptr[3]] & ctype_xdigit) != 0
834 && MAX_255(ptr[4]) && (digitab[ptr[4]] & ctype_xdigit) != 0)
835 {
836 c = 0;
837 for (i = 0; i < 4; ++i)
838 {
839 register pcre_uint32 cc = *(++ptr);
840 #ifndef EBCDIC /* ASCII/UTF-8 coding */
841 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
842 c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
843 #else /* EBCDIC coding */
844 if (cc >= CHAR_a && cc <= CHAR_z) cc += 64; /* Convert to upper case */
845 c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
846 #endif
847 }
848
849 #if defined COMPILE_PCRE8
850 if (c > (utf ? 0x10ffff : 0xff))
851 #elif defined COMPILE_PCRE16
852 if (c > (utf ? 0x10ffff : 0xffff))
853 #elif defined COMPILE_PCRE32
854 if (utf && c > 0x10ffff)
855 #endif
856 {
857 *errorcodeptr = ERR76;
858 }
859 else if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;
860 }
861 }
862 else
863 *errorcodeptr = ERR37;
864 break;
865
866 case CHAR_U:
867 /* In JavaScript, \U is an uppercase U letter. */
868 if ((options & PCRE_JAVASCRIPT_COMPAT) == 0) *errorcodeptr = ERR37;
869 break;
870
871 /* In a character class, \g is just a literal "g". Outside a character
872 class, \g must be followed by one of a number of specific things:
873
874 (1) A number, either plain or braced. If positive, it is an absolute
875 backreference. If negative, it is a relative backreference. This is a Perl
876 5.10 feature.
877
878 (2) Perl 5.10 also supports \g{name} as a reference to a named group. This
879 is part of Perl's movement towards a unified syntax for back references. As
880 this is synonymous with \k{name}, we fudge it up by pretending it really
881 was \k.
882
883 (3) For Oniguruma compatibility we also support \g followed by a name or a
884 number either in angle brackets or in single quotes. However, these are
885 (possibly recursive) subroutine calls, _not_ backreferences. Just return
886 the ESC_g code (cf \k). */
887
888 case CHAR_g:
889 if (isclass) break;
890 if (ptr[1] == CHAR_LESS_THAN_SIGN || ptr[1] == CHAR_APOSTROPHE)
891 {
892 escape = ESC_g;
893 break;
894 }
895
896 /* Handle the Perl-compatible cases */
897
898 if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
899 {
900 const pcre_uchar *p;
901 for (p = ptr+2; *p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET; p++)
902 if (*p != CHAR_MINUS && !IS_DIGIT(*p)) break;
903 if (*p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET)
904 {
905 escape = ESC_k;
906 break;
907 }
908 braced = TRUE;
909 ptr++;
910 }
911 else braced = FALSE;
912
913 if (ptr[1] == CHAR_MINUS)
914 {
915 negated = TRUE;
916 ptr++;
917 }
918 else negated = FALSE;
919
920 /* The integer range is limited by the machine's int representation. */
921 s = 0;
922 overflow = FALSE;
923 while (IS_DIGIT(ptr[1]))
924 {
925 if (s > INT_MAX / 10 - 1) /* Integer overflow */
926 {
927 overflow = TRUE;
928 break;
929 }
930 s = s * 10 + (int)(*(++ptr) - CHAR_0);
931 }
932 if (overflow) /* Integer overflow */
933 {
934 while (IS_DIGIT(ptr[1]))
935 ptr++;
936 *errorcodeptr = ERR61;
937 break;
938 }
939
940 if (braced && *(++ptr) != CHAR_RIGHT_CURLY_BRACKET)
941 {
942 *errorcodeptr = ERR57;
943 break;
944 }
945
946 if (s == 0)
947 {
948 *errorcodeptr = ERR58;
949 break;
950 }
951
952 if (negated)
953 {
954 if (s > bracount)
955 {
956 *errorcodeptr = ERR15;
957 break;
958 }
959 s = bracount - (s - 1);
960 }
961
962 escape = -s;
963 break;
964
965 /* The handling of escape sequences consisting of a string of digits
966 starting with one that is not zero is not straightforward. By experiment,
967 the way Perl works seems to be as follows:
968
969 Outside a character class, the digits are read as a decimal number. If the
970 number is less than 10, or if there are that many previous extracting
971 left brackets, then it is a back reference. Otherwise, up to three octal
972 digits are read to form an escaped byte. Thus \123 is likely to be octal
973 123 (cf \0123, which is octal 012 followed by the literal 3). If the octal
974 value is greater than 377, the least significant 8 bits are taken. Inside a
975 character class, \ followed by a digit is always an octal number. */
976
977 case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4: case CHAR_5:
978 case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
979
980 if (!isclass)
981 {
982 oldptr = ptr;
983 /* The integer range is limited by the machine's int representation. */
984 s = (int)(c -CHAR_0);
985 overflow = FALSE;
986 while (IS_DIGIT(ptr[1]))
987 {
988 if (s > INT_MAX / 10 - 1) /* Integer overflow */
989 {
990 overflow = TRUE;
991 break;
992 }
993 s = s * 10 + (int)(*(++ptr) - CHAR_0);
994 }
995 if (overflow) /* Integer overflow */
996 {
997 while (IS_DIGIT(ptr[1]))
998 ptr++;
999 *errorcodeptr = ERR61;
1000 break;
1001 }
1002 if (s < 10 || s <= bracount)
1003 {
1004 escape = -s;
1005 break;
1006 }
1007 ptr = oldptr; /* Put the pointer back and fall through */
1008 }
1009
1010 /* Handle an octal number following \. If the first digit is 8 or 9, Perl
1011 generates a binary zero byte and treats the digit as a following literal.
1012 Thus we have to pull back the pointer by one. */
1013
1014 if ((c = *ptr) >= CHAR_8)
1015 {
1016 ptr--;
1017 c = 0;
1018 break;
1019 }
1020
1021 /* \0 always starts an octal number, but we may drop through to here with a
1022 larger first octal digit. The original code used just to take the least
1023 significant 8 bits of octal numbers (I think this is what early Perls used
1024 to do). Nowadays we allow for larger numbers in UTF-8 mode and 16-bit mode,
1025 but no more than 3 octal digits. */
1026
1027 case CHAR_0:
1028 c -= CHAR_0;
1029 while(i++ < 2 && ptr[1] >= CHAR_0 && ptr[1] <= CHAR_7)
1030 c = c * 8 + *(++ptr) - CHAR_0;
1031 #ifdef COMPILE_PCRE8
1032 if (!utf && c > 0xff) *errorcodeptr = ERR51;
1033 #endif
1034 break;
1035
1036 /* \x is complicated. \x{ddd} is a character number which can be greater
1037 than 0xff in utf or non-8bit mode, but only if the ddd are hex digits.
1038 If not, { is treated as a data character. */
1039
1040 case CHAR_x:
1041 if ((options & PCRE_JAVASCRIPT_COMPAT) != 0)
1042 {
1043 /* In JavaScript, \x must be followed by two hexadecimal numbers.
1044 Otherwise it is a lowercase x letter. */
1045 if (MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0
1046 && MAX_255(ptr[2]) && (digitab[ptr[2]] & ctype_xdigit) != 0)
1047 {
1048 c = 0;
1049 for (i = 0; i < 2; ++i)
1050 {
1051 register pcre_uint32 cc = *(++ptr);
1052 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1053 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
1054 c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1055 #else /* EBCDIC coding */
1056 if (cc >= CHAR_a && cc <= CHAR_z) cc += 64; /* Convert to upper case */
1057 c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1058 #endif
1059 }
1060 }
1061 break;
1062 }
1063
1064 if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
1065 {
1066 const pcre_uchar *pt = ptr + 2;
1067
1068 c = 0;
1069 overflow = FALSE;
1070 while (MAX_255(*pt) && (digitab[*pt] & ctype_xdigit) != 0)
1071 {
1072 register pcre_uint32 cc = *pt++;
1073 if (c == 0 && cc == CHAR_0) continue; /* Leading zeroes */
1074
1075 #ifdef COMPILE_PCRE32
1076 if (c >= 0x10000000l) { overflow = TRUE; break; }
1077 #endif
1078
1079 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1080 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
1081 c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1082 #else /* EBCDIC coding */
1083 if (cc >= CHAR_a && cc <= CHAR_z) cc += 64; /* Convert to upper case */
1084 c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1085 #endif
1086
1087 #if defined COMPILE_PCRE8
1088 if (c > (utf ? 0x10ffff : 0xff)) { overflow = TRUE; break; }
1089 #elif defined COMPILE_PCRE16
1090 if (c > (utf ? 0x10ffff : 0xffff)) { overflow = TRUE; break; }
1091 #elif defined COMPILE_PCRE32
1092 if (utf && c > 0x10ffff) { overflow = TRUE; break; }
1093 #endif
1094 }
1095
1096 if (overflow)
1097 {
1098 while (MAX_255(*pt) && (digitab[*pt] & ctype_xdigit) != 0) pt++;
1099 *errorcodeptr = ERR34;
1100 }
1101
1102 if (*pt == CHAR_RIGHT_CURLY_BRACKET)
1103 {
1104 if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;
1105 ptr = pt;
1106 break;
1107 }
1108
1109 /* If the sequence of hex digits does not end with '}', then we don't
1110 recognize this construct; fall through to the normal \x handling. */
1111 }
1112
1113 /* Read just a single-byte hex-defined char */
1114
1115 c = 0;
1116 while (i++ < 2 && MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0)
1117 {
1118 pcre_uint32 cc; /* Some compilers don't like */
1119 cc = *(++ptr); /* ++ in initializers */
1120 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1121 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
1122 c = c * 16 + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1123 #else /* EBCDIC coding */
1124 if (cc <= CHAR_z) cc += 64; /* Convert to upper case */
1125 c = c * 16 + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1126 #endif
1127 }
1128 break;
1129
1130 /* For \c, a following letter is upper-cased; then the 0x40 bit is flipped.
1131 An error is given if the byte following \c is not an ASCII character. This
1132 coding is ASCII-specific, but then the whole concept of \cx is
1133 ASCII-specific. (However, an EBCDIC equivalent has now been added.) */
1134
1135 case CHAR_c:
1136 c = *(++ptr);
1137 if (c == 0)
1138 {
1139 *errorcodeptr = ERR2;
1140 break;
1141 }
1142 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1143 if (c > 127) /* Excludes all non-ASCII in either mode */
1144 {
1145 *errorcodeptr = ERR68;
1146 break;
1147 }
1148 if (c >= CHAR_a && c <= CHAR_z) c -= 32;
1149 c ^= 0x40;
1150 #else /* EBCDIC coding */
1151 if (c >= CHAR_a && c <= CHAR_z) c += 64;
1152 c ^= 0xC0;
1153 #endif
1154 break;
1155
1156 /* PCRE_EXTRA enables extensions to Perl in the matter of escapes. Any
1157 other alphanumeric following \ is an error if PCRE_EXTRA was set;
1158 otherwise, for Perl compatibility, it is a literal. This code looks a bit
1159 odd, but there used to be some cases other than the default, and there may
1160 be again in future, so I haven't "optimized" it. */
1161
1162 default:
1163 if ((options & PCRE_EXTRA) != 0) switch(c)
1164 {
1165 default:
1166 *errorcodeptr = ERR3;
1167 break;
1168 }
1169 break;
1170 }
1171 }
1172
1173 /* Perl supports \N{name} for character names, as well as plain \N for "not
1174 newline". PCRE does not support \N{name}. However, it does support
1175 quantification such as \N{2,3}. */
1176
1177 if (escape == ESC_N && ptr[1] == CHAR_LEFT_CURLY_BRACKET &&
1178 !is_counted_repeat(ptr+2))
1179 *errorcodeptr = ERR37;
1180
1181 /* If PCRE_UCP is set, we change the values for \d etc. */
1182
1183 if ((options & PCRE_UCP) != 0 && escape >= ESC_D && escape <= ESC_w)
1184 escape += (ESC_DU - ESC_D);
1185
1186 /* Set the pointer to the final character before returning. */
1187
1188 *ptrptr = ptr;
1189 *chptr = c;
1190 return escape;
1191 }
1192
1193 #ifdef SUPPORT_UCP
1194 /*************************************************
1195 * Handle \P and \p *
1196 *************************************************/
1197
1198 /* This function is called after \P or \p has been encountered, provided that
1199 PCRE is compiled with support for Unicode properties. On entry, ptrptr is
1200 pointing at the P or p. On exit, it is pointing at the final character of the
1201 escape sequence.
1202
1203 Argument:
1204 ptrptr points to the pattern position pointer
1205 negptr points to a boolean that is set TRUE for negation else FALSE
1206 ptypeptr points to an unsigned int that is set to the type value
1207 pdataptr points to an unsigned int that is set to the detailed property value
1208 errorcodeptr points to the error code variable
1209
1210 Returns: TRUE if the type value was found, or FALSE for an invalid type
1211 */
1212
1213 static BOOL
1214 get_ucp(const pcre_uchar **ptrptr, BOOL *negptr, unsigned int *ptypeptr,
1215 unsigned int *pdataptr, int *errorcodeptr)
1216 {
1217 pcre_uchar c;
1218 int i, bot, top;
1219 const pcre_uchar *ptr = *ptrptr;
1220 pcre_uchar name[32];
1221
1222 c = *(++ptr);
1223 if (c == 0) goto ERROR_RETURN;
1224
1225 *negptr = FALSE;
1226
1227 /* \P or \p can be followed by a name in {}, optionally preceded by ^ for
1228 negation. */
1229
1230 if (c == CHAR_LEFT_CURLY_BRACKET)
1231 {
1232 if (ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
1233 {
1234 *negptr = TRUE;
1235 ptr++;
1236 }
1237 for (i = 0; i < (int)(sizeof(name) / sizeof(pcre_uchar)) - 1; i++)
1238 {
1239 c = *(++ptr);
1240 if (c == 0) goto ERROR_RETURN;
1241 if (c == CHAR_RIGHT_CURLY_BRACKET) break;
1242 name[i] = c;
1243 }
1244 if (c != CHAR_RIGHT_CURLY_BRACKET) goto ERROR_RETURN;
1245 name[i] = 0;
1246 }
1247
1248 /* Otherwise there is just one following character */
1249
1250 else
1251 {
1252 name[0] = c;
1253 name[1] = 0;
1254 }
1255
1256 *ptrptr = ptr;
1257
1258 /* Search for a recognized property name using binary chop */
1259
1260 bot = 0;
1261 top = PRIV(utt_size);
1262
1263 while (bot < top)
1264 {
1265 int r;
1266 i = (bot + top) >> 1;
1267 r = STRCMP_UC_C8(name, PRIV(utt_names) + PRIV(utt)[i].name_offset);
1268 if (r == 0)
1269 {
1270 *ptypeptr = PRIV(utt)[i].type;
1271 *pdataptr = PRIV(utt)[i].value;
1272 return TRUE;
1273 }
1274 if (r > 0) bot = i + 1; else top = i;
1275 }
1276
1277 *errorcodeptr = ERR47;
1278 *ptrptr = ptr;
1279 return FALSE;
1280
1281 ERROR_RETURN:
1282 *errorcodeptr = ERR46;
1283 *ptrptr = ptr;
1284 return FALSE;
1285 }
1286 #endif
1287
1288
1289
1290
1291 /*************************************************
1292 * Read repeat counts *
1293 *************************************************/
1294
1295 /* Read an item of the form {n,m} and return the values. This is called only
1296 after is_counted_repeat() has confirmed that a repeat-count quantifier exists,
1297 so the syntax is guaranteed to be correct, but we need to check the values.
1298
1299 Arguments:
1300 p pointer to first char after '{'
1301 minp pointer to int for min
1302 maxp pointer to int for max
1303 returned as -1 if no max
1304 errorcodeptr points to error code variable
1305
1306 Returns: pointer to '}' on success;
1307 current ptr on error, with errorcodeptr set non-zero
1308 */
1309
1310 static const pcre_uchar *
1311 read_repeat_counts(const pcre_uchar *p, int *minp, int *maxp, int *errorcodeptr)
1312 {
1313 int min = 0;
1314 int max = -1;
1315
1316 /* Read the minimum value and do a paranoid check: a negative value indicates
1317 an integer overflow. */
1318
1319 while (IS_DIGIT(*p)) min = min * 10 + (int)(*p++ - CHAR_0);
1320 if (min < 0 || min > 65535)
1321 {
1322 *errorcodeptr = ERR5;
1323 return p;
1324 }
1325
1326 /* Read the maximum value if there is one, and again do a paranoid on its size.
1327 Also, max must not be less than min. */
1328
1329 if (*p == CHAR_RIGHT_CURLY_BRACKET) max = min; else
1330 {
1331 if (*(++p) != CHAR_RIGHT_CURLY_BRACKET)
1332 {
1333 max = 0;
1334 while(IS_DIGIT(*p)) max = max * 10 + (int)(*p++ - CHAR_0);
1335 if (max < 0 || max > 65535)
1336 {
1337 *errorcodeptr = ERR5;
1338 return p;
1339 }
1340 if (max < min)
1341 {
1342 *errorcodeptr = ERR4;
1343 return p;
1344 }
1345 }
1346 }
1347
1348 /* Fill in the required variables, and pass back the pointer to the terminating
1349 '}'. */
1350
1351 *minp = min;
1352 *maxp = max;
1353 return p;
1354 }
1355
1356
1357
1358 /*************************************************
1359 * Subroutine for finding forward reference *
1360 *************************************************/
1361
1362 /* This recursive function is called only from find_parens() below. The
1363 top-level call starts at the beginning of the pattern. All other calls must
1364 start at a parenthesis. It scans along a pattern's text looking for capturing
1365 subpatterns, and counting them. If it finds a named pattern that matches the
1366 name it is given, it returns its number. Alternatively, if the name is NULL, it
1367 returns when it reaches a given numbered subpattern. Recursion is used to keep
1368 track of subpatterns that reset the capturing group numbers - the (?| feature.
1369
1370 This function was originally called only from the second pass, in which we know
1371 that if (?< or (?' or (?P< is encountered, the name will be correctly
1372 terminated because that is checked in the first pass. There is now one call to
1373 this function in the first pass, to check for a recursive back reference by
1374 name (so that we can make the whole group atomic). In this case, we need check
1375 only up to the current position in the pattern, and that is still OK because
1376 and previous occurrences will have been checked. To make this work, the test
1377 for "end of pattern" is a check against cd->end_pattern in the main loop,
1378 instead of looking for a binary zero. This means that the special first-pass
1379 call can adjust cd->end_pattern temporarily. (Checks for binary zero while
1380 processing items within the loop are OK, because afterwards the main loop will
1381 terminate.)
1382
1383 Arguments:
1384 ptrptr address of the current character pointer (updated)
1385 cd compile background data
1386 name name to seek, or NULL if seeking a numbered subpattern
1387 lorn name length, or subpattern number if name is NULL
1388 xmode TRUE if we are in /x mode
1389 utf TRUE if we are in UTF-8 / UTF-16 / UTF-32 mode
1390 count pointer to the current capturing subpattern number (updated)
1391
1392 Returns: the number of the named subpattern, or -1 if not found
1393 */
1394
1395 static int
1396 find_parens_sub(pcre_uchar **ptrptr, compile_data *cd, const pcre_uchar *name, int lorn,
1397 BOOL xmode, BOOL utf, int *count)
1398 {
1399 pcre_uchar *ptr = *ptrptr;
1400 int start_count = *count;
1401 int hwm_count = start_count;
1402 BOOL dup_parens = FALSE;
1403
1404 /* If the first character is a parenthesis, check on the type of group we are
1405 dealing with. The very first call may not start with a parenthesis. */
1406
1407 if (ptr[0] == CHAR_LEFT_PARENTHESIS)
1408 {
1409 /* Handle specials such as (*SKIP) or (*UTF8) etc. */
1410
1411 if (ptr[1] == CHAR_ASTERISK) ptr += 2;
1412
1413 /* Handle a normal, unnamed capturing parenthesis. */
1414
1415 else if (ptr[1] != CHAR_QUESTION_MARK)
1416 {
1417 *count += 1;
1418 if (name == NULL && *count == lorn) return *count;
1419 ptr++;
1420 }
1421
1422 /* All cases now have (? at the start. Remember when we are in a group
1423 where the parenthesis numbers are duplicated. */
1424
1425 else if (ptr[2] == CHAR_VERTICAL_LINE)
1426 {
1427 ptr += 3;
1428 dup_parens = TRUE;
1429 }
1430
1431 /* Handle comments; all characters are allowed until a ket is reached. */
1432
1433 else if (ptr[2] == CHAR_NUMBER_SIGN)
1434 {
1435 for (ptr += 3; *ptr != 0; ptr++) if (*ptr == CHAR_RIGHT_PARENTHESIS) break;
1436 goto FAIL_EXIT;
1437 }
1438
1439 /* Handle a condition. If it is an assertion, just carry on so that it
1440 is processed as normal. If not, skip to the closing parenthesis of the
1441 condition (there can't be any nested parens). */
1442
1443 else if (ptr[2] == CHAR_LEFT_PARENTHESIS)
1444 {
1445 ptr += 2;
1446 if (ptr[1] != CHAR_QUESTION_MARK)
1447 {
1448 while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
1449 if (*ptr != 0) ptr++;
1450 }
1451 }
1452
1453 /* Start with (? but not a condition. */
1454
1455 else
1456 {
1457 ptr += 2;
1458 if (*ptr == CHAR_P) ptr++; /* Allow optional P */
1459
1460 /* We have to disambiguate (?<! and (?<= from (?<name> for named groups */
1461
1462 if ((*ptr == CHAR_LESS_THAN_SIGN && ptr[1] != CHAR_EXCLAMATION_MARK &&
1463 ptr[1] != CHAR_EQUALS_SIGN) || *ptr == CHAR_APOSTROPHE)
1464 {
1465 pcre_uchar term;
1466 const pcre_uchar *thisname;
1467 *count += 1;
1468 if (name == NULL && *count == lorn) return *count;
1469 term = *ptr++;
1470 if (term == CHAR_LESS_THAN_SIGN) term = CHAR_GREATER_THAN_SIGN;
1471 thisname = ptr;
1472 while (*ptr != term) ptr++;
1473 if (name != NULL && lorn == (int)(ptr - thisname) &&
1474 STRNCMP_UC_UC(name, thisname, (unsigned int)lorn) == 0)
1475 return *count;
1476 term++;
1477 }
1478 }
1479 }
1480
1481 /* Past any initial parenthesis handling, scan for parentheses or vertical
1482 bars. Stop if we get to cd->end_pattern. Note that this is important for the
1483 first-pass call when this value is temporarily adjusted to stop at the current
1484 position. So DO NOT change this to a test for binary zero. */
1485
1486 for (; ptr < cd->end_pattern; ptr++)
1487 {
1488 /* Skip over backslashed characters and also entire \Q...\E */
1489
1490 if (*ptr == CHAR_BACKSLASH)
1491 {
1492 if (*(++ptr) == 0) goto FAIL_EXIT;
1493 if (*ptr == CHAR_Q) for (;;)
1494 {
1495 while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};
1496 if (*ptr == 0) goto FAIL_EXIT;
1497 if (*(++ptr) == CHAR_E) break;
1498 }
1499 continue;
1500 }
1501
1502 /* Skip over character classes; this logic must be similar to the way they
1503 are handled for real. If the first character is '^', skip it. Also, if the
1504 first few characters (either before or after ^) are \Q\E or \E we skip them
1505 too. This makes for compatibility with Perl. Note the use of STR macros to
1506 encode "Q\\E" so that it works in UTF-8 on EBCDIC platforms. */
1507
1508 if (*ptr == CHAR_LEFT_SQUARE_BRACKET)
1509 {
1510 BOOL negate_class = FALSE;
1511 for (;;)
1512 {
1513 if (ptr[1] == CHAR_BACKSLASH)
1514 {
1515 if (ptr[2] == CHAR_E)
1516 ptr+= 2;
1517 else if (STRNCMP_UC_C8(ptr + 2,
1518 STR_Q STR_BACKSLASH STR_E, 3) == 0)
1519 ptr += 4;
1520 else
1521 break;
1522 }
1523 else if (!negate_class && ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
1524 {
1525 negate_class = TRUE;
1526 ptr++;
1527 }
1528 else break;
1529 }
1530
1531 /* If the next character is ']', it is a data character that must be
1532 skipped, except in JavaScript compatibility mode. */
1533
1534 if (ptr[1] == CHAR_RIGHT_SQUARE_BRACKET &&
1535 (cd->external_options & PCRE_JAVASCRIPT_COMPAT) == 0)
1536 ptr++;
1537
1538 while (*(++ptr) != CHAR_RIGHT_SQUARE_BRACKET)
1539 {
1540 if (*ptr == 0) return -1;
1541 if (*ptr == CHAR_BACKSLASH)
1542 {
1543 if (*(++ptr) == 0) goto FAIL_EXIT;
1544 if (*ptr == CHAR_Q) for (;;)
1545 {
1546 while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};
1547 if (*ptr == 0) goto FAIL_EXIT;
1548 if (*(++ptr) == CHAR_E) break;
1549 }
1550 continue;
1551 }
1552 }
1553 continue;
1554 }
1555
1556 /* Skip comments in /x mode */
1557
1558 if (xmode && *ptr == CHAR_NUMBER_SIGN)
1559 {
1560 ptr++;
1561 while (*ptr != 0)
1562 {
1563 if (IS_NEWLINE(ptr)) { ptr += cd->nllen - 1; break; }
1564 ptr++;
1565 #ifdef SUPPORT_UTF
1566 if (utf) FORWARDCHAR(ptr);
1567 #endif
1568 }
1569 if (*ptr == 0) goto FAIL_EXIT;
1570 continue;
1571 }
1572
1573 /* Check for the special metacharacters */
1574
1575 if (*ptr == CHAR_LEFT_PARENTHESIS)
1576 {
1577 int rc = find_parens_sub(&ptr, cd, name, lorn, xmode, utf, count);
1578 if (rc > 0) return rc;
1579 if (*ptr == 0) goto FAIL_EXIT;
1580 }
1581
1582 else if (*ptr == CHAR_RIGHT_PARENTHESIS)
1583 {
1584 if (dup_parens && *count < hwm_count) *count = hwm_count;
1585 goto FAIL_EXIT;
1586 }
1587
1588 else if (*ptr == CHAR_VERTICAL_LINE && dup_parens)
1589 {
1590 if (*count > hwm_count) hwm_count = *count;
1591 *count = start_count;
1592 }
1593 }
1594
1595 FAIL_EXIT:
1596 *ptrptr = ptr;
1597 return -1;
1598 }
1599
1600
1601
1602
1603 /*************************************************
1604 * Find forward referenced subpattern *
1605 *************************************************/
1606
1607 /* This function scans along a pattern's text looking for capturing
1608 subpatterns, and counting them. If it finds a named pattern that matches the
1609 name it is given, it returns its number. Alternatively, if the name is NULL, it
1610 returns when it reaches a given numbered subpattern. This is used for forward
1611 references to subpatterns. We used to be able to start this scan from the
1612 current compiling point, using the current count value from cd->bracount, and
1613 do it all in a single loop, but the addition of the possibility of duplicate
1614 subpattern numbers means that we have to scan from the very start, in order to
1615 take account of such duplicates, and to use a recursive function to keep track
1616 of the different types of group.
1617
1618 Arguments:
1619 cd compile background data
1620 name name to seek, or NULL if seeking a numbered subpattern
1621 lorn name length, or subpattern number if name is NULL
1622 xmode TRUE if we are in /x mode
1623 utf TRUE if we are in UTF-8 / UTF-16 / UTF-32 mode
1624
1625 Returns: the number of the found subpattern, or -1 if not found
1626 */
1627
1628 static int
1629 find_parens(compile_data *cd, const pcre_uchar *name, int lorn, BOOL xmode,
1630 BOOL utf)
1631 {
1632 pcre_uchar *ptr = (pcre_uchar *)cd->start_pattern;
1633 int count = 0;
1634 int rc;
1635
1636 /* If the pattern does not start with an opening parenthesis, the first call
1637 to find_parens_sub() will scan right to the end (if necessary). However, if it
1638 does start with a parenthesis, find_parens_sub() will return when it hits the
1639 matching closing parens. That is why we have to have a loop. */
1640
1641 for (;;)
1642 {
1643 rc = find_parens_sub(&ptr, cd, name, lorn, xmode, utf, &count);
1644 if (rc > 0 || *ptr++ == 0) break;
1645 }
1646
1647 return rc;
1648 }
1649
1650
1651
1652
1653 /*************************************************
1654 * Find first significant op code *
1655 *************************************************/
1656
1657 /* This is called by several functions that scan a compiled expression looking
1658 for a fixed first character, or an anchoring op code etc. It skips over things
1659 that do not influence this. For some calls, it makes sense to skip negative
1660 forward and all backward assertions, and also the \b assertion; for others it
1661 does not.
1662
1663 Arguments:
1664 code pointer to the start of the group
1665 skipassert TRUE if certain assertions are to be skipped
1666
1667 Returns: pointer to the first significant opcode
1668 */
1669
1670 static const pcre_uchar*
1671 first_significant_code(const pcre_uchar *code, BOOL skipassert)
1672 {
1673 for (;;)
1674 {
1675 switch ((int)*code)
1676 {
1677 case OP_ASSERT_NOT:
1678 case OP_ASSERTBACK:
1679 case OP_ASSERTBACK_NOT:
1680 if (!skipassert) return code;
1681 do code += GET(code, 1); while (*code == OP_ALT);
1682 code += PRIV(OP_lengths)[*code];
1683 break;
1684
1685 case OP_WORD_BOUNDARY:
1686 case OP_NOT_WORD_BOUNDARY:
1687 if (!skipassert) return code;
1688 /* Fall through */
1689
1690 case OP_CALLOUT:
1691 case OP_CREF:
1692 case OP_NCREF:
1693 case OP_RREF:
1694 case OP_NRREF:
1695 case OP_DEF:
1696 code += PRIV(OP_lengths)[*code];
1697 break;
1698
1699 default:
1700 return code;
1701 }
1702 }
1703 /* Control never reaches here */
1704 }
1705
1706
1707
1708
1709 /*************************************************
1710 * Find the fixed length of a branch *
1711 *************************************************/
1712
1713 /* Scan a branch and compute the fixed length of subject that will match it,
1714 if the length is fixed. This is needed for dealing with backward assertions.
1715 In UTF8 mode, the result is in characters rather than bytes. The branch is
1716 temporarily terminated with OP_END when this function is called.
1717
1718 This function is called when a backward assertion is encountered, so that if it
1719 fails, the error message can point to the correct place in the pattern.
1720 However, we cannot do this when the assertion contains subroutine calls,
1721 because they can be forward references. We solve this by remembering this case
1722 and doing the check at the end; a flag specifies which mode we are running in.
1723
1724 Arguments:
1725 code points to the start of the pattern (the bracket)
1726 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
1727 atend TRUE if called when the pattern is complete
1728 cd the "compile data" structure
1729
1730 Returns: the fixed length,
1731 or -1 if there is no fixed length,
1732 or -2 if \C was encountered (in UTF-8 mode only)
1733 or -3 if an OP_RECURSE item was encountered and atend is FALSE
1734 or -4 if an unknown opcode was encountered (internal error)
1735 */
1736
1737 static int
1738 find_fixedlength(pcre_uchar *code, BOOL utf, BOOL atend, compile_data *cd)
1739 {
1740 int length = -1;
1741
1742 register int branchlength = 0;
1743 register pcre_uchar *cc = code + 1 + LINK_SIZE;
1744
1745 /* Scan along the opcodes for this branch. If we get to the end of the
1746 branch, check the length against that of the other branches. */
1747
1748 for (;;)
1749 {
1750 int d;
1751 pcre_uchar *ce, *cs;
1752 register pcre_uchar op = *cc;
1753
1754 switch (op)
1755 {
1756 /* We only need to continue for OP_CBRA (normal capturing bracket) and
1757 OP_BRA (normal non-capturing bracket) because the other variants of these
1758 opcodes are all concerned with unlimited repeated groups, which of course
1759 are not of fixed length. */
1760
1761 case OP_CBRA:
1762 case OP_BRA:
1763 case OP_ONCE:
1764 case OP_ONCE_NC:
1765 case OP_COND:
1766 d = find_fixedlength(cc + ((op == OP_CBRA)? IMM2_SIZE : 0), utf, atend, cd);
1767 if (d < 0) return d;
1768 branchlength += d;
1769 do cc += GET(cc, 1); while (*cc == OP_ALT);
1770 cc += 1 + LINK_SIZE;
1771 break;
1772
1773 /* Reached end of a branch; if it's a ket it is the end of a nested call.
1774 If it's ALT it is an alternation in a nested call. An ACCEPT is effectively
1775 an ALT. If it is END it's the end of the outer call. All can be handled by
1776 the same code. Note that we must not include the OP_KETRxxx opcodes here,
1777 because they all imply an unlimited repeat. */
1778
1779 case OP_ALT:
1780 case OP_KET:
1781 case OP_END:
1782 case OP_ACCEPT:
1783 case OP_ASSERT_ACCEPT:
1784 if (length < 0) length = branchlength;
1785 else if (length != branchlength) return -1;
1786 if (*cc != OP_ALT) return length;
1787 cc += 1 + LINK_SIZE;
1788 branchlength = 0;
1789 break;
1790
1791 /* A true recursion implies not fixed length, but a subroutine call may
1792 be OK. If the subroutine is a forward reference, we can't deal with
1793 it until the end of the pattern, so return -3. */
1794
1795 case OP_RECURSE:
1796 if (!atend) return -3;
1797 cs = ce = (pcre_uchar *)cd->start_code + GET(cc, 1); /* Start subpattern */
1798 do ce += GET(ce, 1); while (*ce == OP_ALT); /* End subpattern */
1799 if (cc > cs && cc < ce) return -1; /* Recursion */
1800 d = find_fixedlength(cs + IMM2_SIZE, utf, atend, cd);
1801 if (d < 0) return d;
1802 branchlength += d;
1803 cc += 1 + LINK_SIZE;
1804 break;
1805
1806 /* Skip over assertive subpatterns */
1807
1808 case OP_ASSERT:
1809 case OP_ASSERT_NOT:
1810 case OP_ASSERTBACK:
1811 case OP_ASSERTBACK_NOT:
1812 do cc += GET(cc, 1); while (*cc == OP_ALT);
1813 cc += PRIV(OP_lengths)[*cc];
1814 break;
1815
1816 /* Skip over things that don't match chars */
1817
1818 case OP_MARK:
1819 case OP_PRUNE_ARG:
1820 case OP_SKIP_ARG:
1821 case OP_THEN_ARG:
1822 cc += cc[1] + PRIV(OP_lengths)[*cc];
1823 break;
1824
1825 case OP_CALLOUT:
1826 case OP_CIRC:
1827 case OP_CIRCM:
1828 case OP_CLOSE:
1829 case OP_COMMIT:
1830 case OP_CREF:
1831 case OP_DEF:
1832 case OP_DOLL:
1833 case OP_DOLLM:
1834 case OP_EOD:
1835 case OP_EODN:
1836 case OP_FAIL:
1837 case OP_NCREF:
1838 case OP_NRREF:
1839 case OP_NOT_WORD_BOUNDARY:
1840 case OP_PRUNE:
1841 case OP_REVERSE:
1842 case OP_RREF:
1843 case OP_SET_SOM:
1844 case OP_SKIP:
1845 case OP_SOD:
1846 case OP_SOM:
1847 case OP_THEN:
1848 case OP_WORD_BOUNDARY:
1849 cc += PRIV(OP_lengths)[*cc];
1850 break;
1851
1852 /* Handle literal characters */
1853
1854 case OP_CHAR:
1855 case OP_CHARI:
1856 case OP_NOT:
1857 case OP_NOTI:
1858 branchlength++;
1859 cc += 2;
1860 #ifdef SUPPORT_UTF
1861 if (utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]);
1862 #endif
1863 break;
1864
1865 /* Handle exact repetitions. The count is already in characters, but we
1866 need to skip over a multibyte character in UTF8 mode. */
1867
1868 case OP_EXACT:
1869 case OP_EXACTI:
1870 case OP_NOTEXACT:
1871 case OP_NOTEXACTI:
1872 branchlength += (int)GET2(cc,1);
1873 cc += 2 + IMM2_SIZE;
1874 #ifdef SUPPORT_UTF
1875 if (utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]);
1876 #endif
1877 break;
1878
1879 case OP_TYPEEXACT:
1880 branchlength += GET2(cc,1);
1881 if (cc[1 + IMM2_SIZE] == OP_PROP || cc[1 + IMM2_SIZE] == OP_NOTPROP)
1882 cc += 2;
1883 cc += 1 + IMM2_SIZE + 1;
1884 break;
1885
1886 /* Handle single-char matchers */
1887
1888 case OP_PROP:
1889 case OP_NOTPROP:
1890 cc += 2;
1891 /* Fall through */
1892
1893 case OP_HSPACE:
1894 case OP_VSPACE:
1895 case OP_NOT_HSPACE:
1896 case OP_NOT_VSPACE:
1897 case OP_NOT_DIGIT:
1898 case OP_DIGIT:
1899 case OP_NOT_WHITESPACE:
1900 case OP_WHITESPACE:
1901 case OP_NOT_WORDCHAR:
1902 case OP_WORDCHAR:
1903 case OP_ANY:
1904 case OP_ALLANY:
1905 branchlength++;
1906 cc++;
1907 break;
1908
1909 /* The single-byte matcher isn't allowed. This only happens in UTF-8 mode;
1910 otherwise \C is coded as OP_ALLANY. */
1911
1912 case OP_ANYBYTE:
1913 return -2;
1914
1915 /* Check a class for variable quantification */
1916
1917 #if defined SUPPORT_UTF || defined COMPILE_PCRE16 || defined COMPILE_PCRE32
1918 case OP_XCLASS:
1919 #endif
1920 case OP_CLASS:
1921 case OP_NCLASS:
1922
1923 switch (op)
1924 {
1925 #if defined SUPPORT_UTF || defined COMPILE_PCRE16 || defined COMPILE_PCRE32
1926 case OP_XCLASS:
1927 cc += GET(cc, 1);
1928 break;
1929 #endif
1930
1931 case OP_CLASS:
1932 case OP_NCLASS:
1933 cc += PRIV(OP_lengths)[OP_CLASS];
1934 break;
1935 }
1936
1937 switch (*cc)
1938 {
1939 case OP_CRPLUS:
1940 case OP_CRMINPLUS:
1941 case OP_CRSTAR:
1942 case OP_CRMINSTAR:
1943 case OP_CRQUERY:
1944 case OP_CRMINQUERY:
1945 return -1;
1946
1947 case OP_CRRANGE:
1948 case OP_CRMINRANGE:
1949 if (GET2(cc,1) != GET2(cc,1+IMM2_SIZE)) return -1;
1950 branchlength += (int)GET2(cc,1);
1951 cc += 1 + 2 * IMM2_SIZE;
1952 break;
1953
1954 default:
1955 branchlength++;
1956 }
1957 break;
1958
1959 /* Anything else is variable length */
1960
1961 case OP_ANYNL:
1962 case OP_BRAMINZERO:
1963 case OP_BRAPOS:
1964 case OP_BRAPOSZERO:
1965 case OP_BRAZERO:
1966 case OP_CBRAPOS:
1967 case OP_EXTUNI:
1968 case OP_KETRMAX:
1969 case OP_KETRMIN:
1970 case OP_KETRPOS:
1971 case OP_MINPLUS:
1972 case OP_MINPLUSI:
1973 case OP_MINQUERY:
1974 case OP_MINQUERYI:
1975 case OP_MINSTAR:
1976 case OP_MINSTARI:
1977 case OP_MINUPTO:
1978 case OP_MINUPTOI:
1979 case OP_NOTMINPLUS:
1980 case OP_NOTMINPLUSI:
1981 case OP_NOTMINQUERY:
1982 case OP_NOTMINQUERYI:
1983 case OP_NOTMINSTAR:
1984 case OP_NOTMINSTARI:
1985 case OP_NOTMINUPTO:
1986 case OP_NOTMINUPTOI:
1987 case OP_NOTPLUS:
1988 case OP_NOTPLUSI:
1989 case OP_NOTPOSPLUS:
1990 case OP_NOTPOSPLUSI:
1991 case OP_NOTPOSQUERY:
1992 case OP_NOTPOSQUERYI:
1993 case OP_NOTPOSSTAR:
1994 case OP_NOTPOSSTARI:
1995 case OP_NOTPOSUPTO:
1996 case OP_NOTPOSUPTOI:
1997 case OP_NOTQUERY:
1998 case OP_NOTQUERYI:
1999 case OP_NOTSTAR:
2000 case OP_NOTSTARI:
2001 case OP_NOTUPTO:
2002 case OP_NOTUPTOI:
2003 case OP_PLUS:
2004 case OP_PLUSI:
2005 case OP_POSPLUS:
2006 case OP_POSPLUSI:
2007 case OP_POSQUERY:
2008 case OP_POSQUERYI:
2009 case OP_POSSTAR:
2010 case OP_POSSTARI:
2011 case OP_POSUPTO:
2012 case OP_POSUPTOI:
2013 case OP_QUERY:
2014 case OP_QUERYI:
2015 case OP_REF:
2016 case OP_REFI:
2017 case OP_SBRA:
2018 case OP_SBRAPOS:
2019 case OP_SCBRA:
2020 case OP_SCBRAPOS:
2021 case OP_SCOND:
2022 case OP_SKIPZERO:
2023 case OP_STAR:
2024 case OP_STARI:
2025 case OP_TYPEMINPLUS:
2026 case OP_TYPEMINQUERY:
2027 case OP_TYPEMINSTAR:
2028 case OP_TYPEMINUPTO:
2029 case OP_TYPEPLUS:
2030 case OP_TYPEPOSPLUS:
2031 case OP_TYPEPOSQUERY:
2032 case OP_TYPEPOSSTAR:
2033 case OP_TYPEPOSUPTO:
2034 case OP_TYPEQUERY:
2035 case OP_TYPESTAR:
2036 case OP_TYPEUPTO:
2037 case OP_UPTO:
2038 case OP_UPTOI:
2039 return -1;
2040
2041 /* Catch unrecognized opcodes so that when new ones are added they
2042 are not forgotten, as has happened in the past. */
2043
2044 default:
2045 return -4;
2046 }
2047 }
2048 /* Control never gets here */
2049 }
2050
2051
2052
2053
2054 /*************************************************
2055 * Scan compiled regex for specific bracket *
2056 *************************************************/
2057
2058 /* This little function scans through a compiled pattern until it finds a
2059 capturing bracket with the given number, or, if the number is negative, an
2060 instance of OP_REVERSE for a lookbehind. The function is global in the C sense
2061 so that it can be called from pcre_study() when finding the minimum matching
2062 length.
2063
2064 Arguments:
2065 code points to start of expression
2066 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
2067 number the required bracket number or negative to find a lookbehind
2068
2069 Returns: pointer to the opcode for the bracket, or NULL if not found
2070 */
2071
2072 const pcre_uchar *
2073 PRIV(find_bracket)(const pcre_uchar *code, BOOL utf, int number)
2074 {
2075 for (;;)
2076 {
2077 register pcre_uchar c = *code;
2078
2079 if (c == OP_END) return NULL;
2080
2081 /* XCLASS is used for classes that cannot be represented just by a bit
2082 map. This includes negated single high-valued characters. The length in
2083 the table is zero; the actual length is stored in the compiled code. */
2084
2085 if (c == OP_XCLASS) code += GET(code, 1);
2086
2087 /* Handle recursion */
2088
2089 else if (c == OP_REVERSE)
2090 {
2091 if (number < 0) return (pcre_uchar *)code;
2092 code += PRIV(OP_lengths)[c];
2093 }
2094
2095 /* Handle capturing bracket */
2096
2097 else if (c == OP_CBRA || c == OP_SCBRA ||
2098 c == OP_CBRAPOS || c == OP_SCBRAPOS)
2099 {
2100 int n = (int)GET2(code, 1+LINK_SIZE);
2101 if (n == number) return (pcre_uchar *)code;
2102 code += PRIV(OP_lengths)[c];
2103 }
2104
2105 /* Otherwise, we can get the item's length from the table, except that for
2106 repeated character types, we have to test for \p and \P, which have an extra
2107 two bytes of parameters, and for MARK/PRUNE/SKIP/THEN with an argument, we
2108 must add in its length. */
2109
2110 else
2111 {
2112 switch(c)
2113 {
2114 case OP_TYPESTAR:
2115 case OP_TYPEMINSTAR:
2116 case OP_TYPEPLUS:
2117 case OP_TYPEMINPLUS:
2118 case OP_TYPEQUERY:
2119 case OP_TYPEMINQUERY:
2120 case OP_TYPEPOSSTAR:
2121 case OP_TYPEPOSPLUS:
2122 case OP_TYPEPOSQUERY:
2123 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2124 break;
2125
2126 case OP_TYPEUPTO:
2127 case OP_TYPEMINUPTO:
2128 case OP_TYPEEXACT:
2129 case OP_TYPEPOSUPTO:
2130 if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2131 code += 2;
2132 break;
2133
2134 case OP_MARK:
2135 case OP_PRUNE_ARG:
2136 case OP_SKIP_ARG:
2137 code += code[1];
2138 break;
2139
2140 case OP_THEN_ARG:
2141 code += code[1];
2142 break;
2143 }
2144
2145 /* Add in the fixed length from the table */
2146
2147 code += PRIV(OP_lengths)[c];
2148
2149 /* In UTF-8 mode, opcodes that are followed by a character may be followed by
2150 a multi-byte character. The length in the table is a minimum, so we have to
2151 arrange to skip the extra bytes. */
2152
2153 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2154 if (utf) switch(c)
2155 {
2156 case OP_CHAR:
2157 case OP_CHARI:
2158 case OP_EXACT:
2159 case OP_EXACTI:
2160 case OP_UPTO:
2161 case OP_UPTOI:
2162 case OP_MINUPTO:
2163 case OP_MINUPTOI:
2164 case OP_POSUPTO:
2165 case OP_POSUPTOI:
2166 case OP_STAR:
2167 case OP_STARI:
2168 case OP_MINSTAR:
2169 case OP_MINSTARI:
2170 case OP_POSSTAR:
2171 case OP_POSSTARI:
2172 case OP_PLUS:
2173 case OP_PLUSI:
2174 case OP_MINPLUS:
2175 case OP_MINPLUSI:
2176 case OP_POSPLUS:
2177 case OP_POSPLUSI:
2178 case OP_QUERY:
2179 case OP_QUERYI:
2180 case OP_MINQUERY:
2181 case OP_MINQUERYI:
2182 case OP_POSQUERY:
2183 case OP_POSQUERYI:
2184 if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);
2185 break;
2186 }
2187 #else
2188 (void)(utf); /* Keep compiler happy by referencing function argument */
2189 #endif
2190 }
2191 }
2192 }
2193
2194
2195
2196 /*************************************************
2197 * Scan compiled regex for recursion reference *
2198 *************************************************/
2199
2200 /* This little function scans through a compiled pattern until it finds an
2201 instance of OP_RECURSE.
2202
2203 Arguments:
2204 code points to start of expression
2205 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
2206
2207 Returns: pointer to the opcode for OP_RECURSE, or NULL if not found
2208 */
2209
2210 static const pcre_uchar *
2211 find_recurse(const pcre_uchar *code, BOOL utf)
2212 {
2213 for (;;)
2214 {
2215 register pcre_uchar c = *code;
2216 if (c == OP_END) return NULL;
2217 if (c == OP_RECURSE) return code;
2218
2219 /* XCLASS is used for classes that cannot be represented just by a bit
2220 map. This includes negated single high-valued characters. The length in
2221 the table is zero; the actual length is stored in the compiled code. */
2222
2223 if (c == OP_XCLASS) code += GET(code, 1);
2224
2225 /* Otherwise, we can get the item's length from the table, except that for
2226 repeated character types, we have to test for \p and \P, which have an extra
2227 two bytes of parameters, and for MARK/PRUNE/SKIP/THEN with an argument, we
2228 must add in its length. */
2229
2230 else
2231 {
2232 switch(c)
2233 {
2234 case OP_TYPESTAR:
2235 case OP_TYPEMINSTAR:
2236 case OP_TYPEPLUS:
2237 case OP_TYPEMINPLUS:
2238 case OP_TYPEQUERY:
2239 case OP_TYPEMINQUERY:
2240 case OP_TYPEPOSSTAR:
2241 case OP_TYPEPOSPLUS:
2242 case OP_TYPEPOSQUERY:
2243 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2244 break;
2245
2246 case OP_TYPEPOSUPTO:
2247 case OP_TYPEUPTO:
2248 case OP_TYPEMINUPTO:
2249 case OP_TYPEEXACT:
2250 if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2251 code += 2;
2252 break;
2253
2254 case OP_MARK:
2255 case OP_PRUNE_ARG:
2256 case OP_SKIP_ARG:
2257 code += code[1];
2258 break;
2259
2260 case OP_THEN_ARG:
2261 code += code[1];
2262 break;
2263 }
2264
2265 /* Add in the fixed length from the table */
2266
2267 code += PRIV(OP_lengths)[c];
2268
2269 /* In UTF-8 mode, opcodes that are followed by a character may be followed
2270 by a multi-byte character. The length in the table is a minimum, so we have
2271 to arrange to skip the extra bytes. */
2272
2273 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2274 if (utf) switch(c)
2275 {
2276 case OP_CHAR:
2277 case OP_CHARI:
2278 case OP_NOT:
2279 case OP_NOTI:
2280 case OP_EXACT:
2281 case OP_EXACTI:
2282 case OP_NOTEXACT:
2283 case OP_NOTEXACTI:
2284 case OP_UPTO:
2285 case OP_UPTOI:
2286 case OP_NOTUPTO:
2287 case OP_NOTUPTOI:
2288 case OP_MINUPTO:
2289 case OP_MINUPTOI:
2290 case OP_NOTMINUPTO:
2291 case OP_NOTMINUPTOI:
2292 case OP_POSUPTO:
2293 case OP_POSUPTOI:
2294 case OP_NOTPOSUPTO:
2295 case OP_NOTPOSUPTOI:
2296 case OP_STAR:
2297 case OP_STARI:
2298 case OP_NOTSTAR:
2299 case OP_NOTSTARI:
2300 case OP_MINSTAR:
2301 case OP_MINSTARI:
2302 case OP_NOTMINSTAR:
2303 case OP_NOTMINSTARI:
2304 case OP_POSSTAR:
2305 case OP_POSSTARI:
2306 case OP_NOTPOSSTAR:
2307 case OP_NOTPOSSTARI:
2308 case OP_PLUS:
2309 case OP_PLUSI:
2310 case OP_NOTPLUS:
2311 case OP_NOTPLUSI:
2312 case OP_MINPLUS:
2313 case OP_MINPLUSI:
2314 case OP_NOTMINPLUS:
2315 case OP_NOTMINPLUSI:
2316 case OP_POSPLUS:
2317 case OP_POSPLUSI:
2318 case OP_NOTPOSPLUS:
2319 case OP_NOTPOSPLUSI:
2320 case OP_QUERY:
2321 case OP_QUERYI:
2322 case OP_NOTQUERY:
2323 case OP_NOTQUERYI:
2324 case OP_MINQUERY:
2325 case OP_MINQUERYI:
2326 case OP_NOTMINQUERY:
2327 case OP_NOTMINQUERYI:
2328 case OP_POSQUERY:
2329 case OP_POSQUERYI:
2330 case OP_NOTPOSQUERY:
2331 case OP_NOTPOSQUERYI:
2332 if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);
2333 break;
2334 }
2335 #else
2336 (void)(utf); /* Keep compiler happy by referencing function argument */
2337 #endif
2338 }
2339 }
2340 }
2341
2342
2343
2344 /*************************************************
2345 * Scan compiled branch for non-emptiness *
2346 *************************************************/
2347
2348 /* This function scans through a branch of a compiled pattern to see whether it
2349 can match the empty string or not. It is called from could_be_empty()
2350 below and from compile_branch() when checking for an unlimited repeat of a
2351 group that can match nothing. Note that first_significant_code() skips over
2352 backward and negative forward assertions when its final argument is TRUE. If we
2353 hit an unclosed bracket, we return "empty" - this means we've struck an inner
2354 bracket whose current branch will already have been scanned.
2355
2356 Arguments:
2357 code points to start of search
2358 endcode points to where to stop
2359 utf TRUE if in UTF-8 / UTF-16 / UTF-32 mode
2360 cd contains pointers to tables etc.
2361
2362 Returns: TRUE if what is matched could be empty
2363 */
2364
2365 static BOOL
2366 could_be_empty_branch(const pcre_uchar *code, const pcre_uchar *endcode,
2367 BOOL utf, compile_data *cd)
2368 {
2369 register pcre_uchar c;
2370 for (code = first_significant_code(code + PRIV(OP_lengths)[*code], TRUE);
2371 code < endcode;
2372 code = first_significant_code(code + PRIV(OP_lengths)[c], TRUE))
2373 {
2374 const pcre_uchar *ccode;
2375
2376 c = *code;
2377
2378 /* Skip over forward assertions; the other assertions are skipped by
2379 first_significant_code() with a TRUE final argument. */
2380
2381 if (c == OP_ASSERT)
2382 {
2383 do code += GET(code, 1); while (*code == OP_ALT);
2384 c = *code;
2385 continue;
2386 }
2387
2388 /* For a recursion/subroutine call, if its end has been reached, which
2389 implies a backward reference subroutine call, we can scan it. If it's a
2390 forward reference subroutine call, we can't. To detect forward reference
2391 we have to scan up the list that is kept in the workspace. This function is
2392 called only when doing the real compile, not during the pre-compile that
2393 measures the size of the compiled pattern. */
2394
2395 if (c == OP_RECURSE)
2396 {
2397 const pcre_uchar *scode;
2398 BOOL empty_branch;
2399
2400 /* Test for forward reference */
2401
2402 for (scode = cd->start_workspace; scode < cd->hwm; scode += LINK_SIZE)
2403 if ((int)GET(scode, 0) == (int)(code + 1 - cd->start_code)) return TRUE;
2404
2405 /* Not a forward reference, test for completed backward reference */
2406
2407 empty_branch = FALSE;
2408 scode = cd->start_code + GET(code, 1);
2409 if (GET(scode, 1) == 0) return TRUE; /* Unclosed */
2410
2411 /* Completed backwards reference */
2412
2413 do
2414 {
2415 if (could_be_empty_branch(scode, endcode, utf, cd))
2416 {
2417 empty_branch = TRUE;
2418 break;
2419 }
2420 scode += GET(scode, 1);
2421 }
2422 while (*scode == OP_ALT);
2423
2424 if (!empty_branch) return FALSE; /* All branches are non-empty */
2425 continue;
2426 }
2427
2428 /* Groups with zero repeats can of course be empty; skip them. */
2429
2430 if (c == OP_BRAZERO || c == OP_BRAMINZERO || c == OP_SKIPZERO ||
2431 c == OP_BRAPOSZERO)
2432 {
2433 code += PRIV(OP_lengths)[c];
2434 do code += GET(code, 1); while (*code == OP_ALT);
2435 c = *code;
2436 continue;
2437 }
2438
2439 /* A nested group that is already marked as "could be empty" can just be
2440 skipped. */
2441
2442 if (c == OP_SBRA || c == OP_SBRAPOS ||
2443 c == OP_SCBRA || c == OP_SCBRAPOS)
2444 {
2445 do code += GET(code, 1); while (*code == OP_ALT);
2446 c = *code;
2447 continue;
2448 }
2449
2450 /* For other groups, scan the branches. */
2451
2452 if (c == OP_BRA || c == OP_BRAPOS ||
2453 c == OP_CBRA || c == OP_CBRAPOS ||
2454 c == OP_ONCE || c == OP_ONCE_NC ||
2455 c == OP_COND)
2456 {
2457 BOOL empty_branch;
2458 if (GET(code, 1) == 0) return TRUE; /* Hit unclosed bracket */
2459
2460 /* If a conditional group has only one branch, there is a second, implied,
2461 empty branch, so just skip over the conditional, because it could be empty.
2462 Otherwise, scan the individual branches of the group. */
2463
2464 if (c == OP_COND && code[GET(code, 1)] != OP_ALT)
2465 code += GET(code, 1);
2466 else
2467 {
2468 empty_branch = FALSE;
2469 do
2470 {
2471 if (!empty_branch && could_be_empty_branch(code, endcode, utf, cd))
2472 empty_branch = TRUE;
2473 code += GET(code, 1);
2474 }
2475 while (*code == OP_ALT);
2476 if (!empty_branch) return FALSE; /* All branches are non-empty */
2477 }
2478
2479 c = *code;
2480 continue;
2481 }
2482
2483 /* Handle the other opcodes */
2484
2485 switch (c)
2486 {
2487 /* Check for quantifiers after a class. XCLASS is used for classes that
2488 cannot be represented just by a bit map. This includes negated single
2489 high-valued characters. The length in PRIV(OP_lengths)[] is zero; the
2490 actual length is stored in the compiled code, so we must update "code"
2491 here. */
2492
2493 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
2494 case OP_XCLASS:
2495 ccode = code += GET(code, 1);
2496 goto CHECK_CLASS_REPEAT;
2497 #endif
2498
2499 case OP_CLASS:
2500 case OP_NCLASS:
2501 ccode = code + PRIV(OP_lengths)[OP_CLASS];
2502
2503 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
2504 CHECK_CLASS_REPEAT:
2505 #endif
2506
2507 switch (*ccode)
2508 {
2509 case OP_CRSTAR: /* These could be empty; continue */
2510 case OP_CRMINSTAR:
2511 case OP_CRQUERY:
2512 case OP_CRMINQUERY:
2513 break;
2514
2515 default: /* Non-repeat => class must match */
2516 case OP_CRPLUS: /* These repeats aren't empty */
2517 case OP_CRMINPLUS:
2518 return FALSE;
2519
2520 case OP_CRRANGE:
2521 case OP_CRMINRANGE:
2522 if (GET2(ccode, 1) > 0) return FALSE; /* Minimum > 0 */
2523 break;
2524 }
2525 break;
2526
2527 /* Opcodes that must match a character */
2528
2529 case OP_PROP:
2530 case OP_NOTPROP:
2531 case OP_EXTUNI:
2532 case OP_NOT_DIGIT:
2533 case OP_DIGIT:
2534 case OP_NOT_WHITESPACE:
2535 case OP_WHITESPACE:
2536 case OP_NOT_WORDCHAR:
2537 case OP_WORDCHAR:
2538 case OP_ANY:
2539 case OP_ALLANY:
2540 case OP_ANYBYTE:
2541 case OP_CHAR:
2542 case OP_CHARI:
2543 case OP_NOT:
2544 case OP_NOTI:
2545 case OP_PLUS:
2546 case OP_MINPLUS:
2547 case OP_POSPLUS:
2548 case OP_EXACT:
2549 case OP_NOTPLUS:
2550 case OP_NOTMINPLUS:
2551 case OP_NOTPOSPLUS:
2552 case OP_NOTEXACT:
2553 case OP_TYPEPLUS:
2554 case OP_TYPEMINPLUS:
2555 case OP_TYPEPOSPLUS:
2556 case OP_TYPEEXACT:
2557 return FALSE;
2558
2559 /* These are going to continue, as they may be empty, but we have to
2560 fudge the length for the \p and \P cases. */
2561
2562 case OP_TYPESTAR:
2563 case OP_TYPEMINSTAR:
2564 case OP_TYPEPOSSTAR:
2565 case OP_TYPEQUERY:
2566 case OP_TYPEMINQUERY:
2567 case OP_TYPEPOSQUERY:
2568 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2569 break;
2570
2571 /* Same for these */
2572
2573 case OP_TYPEUPTO:
2574 case OP_TYPEMINUPTO:
2575 case OP_TYPEPOSUPTO:
2576 if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2577 code += 2;
2578 break;
2579
2580 /* End of branch */
2581
2582 case OP_KET:
2583 case OP_KETRMAX:
2584 case OP_KETRMIN:
2585 case OP_KETRPOS:
2586 case OP_ALT:
2587 return TRUE;
2588
2589 /* In UTF-8 mode, STAR, MINSTAR, POSSTAR, QUERY, MINQUERY, POSQUERY, UPTO,
2590 MINUPTO, and POSUPTO may be followed by a multibyte character */
2591
2592 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2593 case OP_STAR:
2594 case OP_STARI:
2595 case OP_MINSTAR:
2596 case OP_MINSTARI:
2597 case OP_POSSTAR:
2598 case OP_POSSTARI:
2599 case OP_QUERY:
2600 case OP_QUERYI:
2601 case OP_MINQUERY:
2602 case OP_MINQUERYI:
2603 case OP_POSQUERY:
2604 case OP_POSQUERYI:
2605 if (utf && HAS_EXTRALEN(code[1])) code += GET_EXTRALEN(code[1]);
2606 break;
2607
2608 case OP_UPTO:
2609 case OP_UPTOI:
2610 case OP_MINUPTO:
2611 case OP_MINUPTOI:
2612 case OP_POSUPTO:
2613 case OP_POSUPTOI:
2614 if (utf && HAS_EXTRALEN(code[1 + IMM2_SIZE])) code += GET_EXTRALEN(code[1 + IMM2_SIZE]);
2615 break;
2616 #endif
2617
2618 /* MARK, and PRUNE/SKIP/THEN with an argument must skip over the argument
2619 string. */
2620
2621 case OP_MARK:
2622 case OP_PRUNE_ARG:
2623 case OP_SKIP_ARG:
2624 code += code[1];
2625 break;
2626
2627 case OP_THEN_ARG:
2628 code += code[1];
2629 break;
2630
2631 /* None of the remaining opcodes are required to match a character. */
2632
2633 default:
2634 break;
2635 }
2636 }
2637
2638 return TRUE;
2639 }
2640
2641
2642
2643 /*************************************************
2644 * Scan compiled regex for non-emptiness *
2645 *************************************************/
2646
2647 /* This function is called to check for left recursive calls. We want to check
2648 the current branch of the current pattern to see if it could match the empty
2649 string. If it could, we must look outwards for branches at other levels,
2650 stopping when we pass beyond the bracket which is the subject of the recursion.
2651 This function is called only during the real compile, not during the
2652 pre-compile.
2653
2654 Arguments:
2655 code points to start of the recursion
2656 endcode points to where to stop (current RECURSE item)
2657 bcptr points to the chain of current (unclosed) branch starts
2658 utf TRUE if in UTF-8 / UTF-16 / UTF-32 mode
2659 cd pointers to tables etc
2660
2661 Returns: TRUE if what is matched could be empty
2662 */
2663
2664 static BOOL
2665 could_be_empty(const pcre_uchar *code, const pcre_uchar *endcode,
2666 branch_chain *bcptr, BOOL utf, compile_data *cd)
2667 {
2668 while (bcptr != NULL && bcptr->current_branch >= code)
2669 {
2670 if (!could_be_empty_branch(bcptr->current_branch, endcode, utf, cd))
2671 return FALSE;
2672 bcptr = bcptr->outer;
2673 }
2674 return TRUE;
2675 }
2676
2677
2678
2679 /*************************************************
2680 * Check for POSIX class syntax *
2681 *************************************************/
2682
2683 /* This function is called when the sequence "[:" or "[." or "[=" is
2684 encountered in a character class. It checks whether this is followed by a
2685 sequence of characters terminated by a matching ":]" or ".]" or "=]". If we
2686 reach an unescaped ']' without the special preceding character, return FALSE.
2687
2688 Originally, this function only recognized a sequence of letters between the
2689 terminators, but it seems that Perl recognizes any sequence of characters,
2690 though of course unknown POSIX names are subsequently rejected. Perl gives an
2691 "Unknown POSIX class" error for [:f\oo:] for example, where previously PCRE
2692 didn't consider this to be a POSIX class. Likewise for [:1234:].
2693
2694 The problem in trying to be exactly like Perl is in the handling of escapes. We
2695 have to be sure that [abc[:x\]pqr] is *not* treated as containing a POSIX
2696 class, but [abc[:x\]pqr:]] is (so that an error can be generated). The code
2697 below handles the special case of \], but does not try to do any other escape
2698 processing. This makes it different from Perl for cases such as [:l\ower:]
2699 where Perl recognizes it as the POSIX class "lower" but PCRE does not recognize
2700 "l\ower". This is a lesser evil that not diagnosing bad classes when Perl does,
2701 I think.
2702
2703 A user pointed out that PCRE was rejecting [:a[:digit:]] whereas Perl was not.
2704 It seems that the appearance of a nested POSIX class supersedes an apparent
2705 external class. For example, [:a[:digit:]b:] matches "a", "b", ":", or
2706 a digit.
2707
2708 In Perl, unescaped square brackets may also appear as part of class names. For
2709 example, [:a[:abc]b:] gives unknown POSIX class "[:abc]b:]". However, for
2710 [:a[:abc]b][b:] it gives unknown POSIX class "[:abc]b][b:]", which does not
2711 seem right at all. PCRE does not allow closing square brackets in POSIX class
2712 names.
2713
2714 Arguments:
2715 ptr pointer to the initial [
2716 endptr where to return the end pointer
2717
2718 Returns: TRUE or FALSE
2719 */
2720
2721 static BOOL
2722 check_posix_syntax(const pcre_uchar *ptr, const pcre_uchar **endptr)
2723 {
2724 pcre_uchar terminator; /* Don't combine these lines; the Solaris cc */
2725 terminator = *(++ptr); /* compiler warns about "non-constant" initializer. */
2726 for (++ptr; *ptr != 0; ptr++)
2727 {
2728 if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
2729 ptr++;
2730 else if (*ptr == CHAR_RIGHT_SQUARE_BRACKET) return FALSE;
2731 else
2732 {
2733 if (*ptr == terminator && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
2734 {
2735 *endptr = ptr;
2736 return TRUE;
2737 }
2738 if (*ptr == CHAR_LEFT_SQUARE_BRACKET &&
2739 (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
2740 ptr[1] == CHAR_EQUALS_SIGN) &&
2741 check_posix_syntax(ptr, endptr))
2742 return FALSE;
2743 }
2744 }
2745 return FALSE;
2746 }
2747
2748
2749
2750
2751 /*************************************************
2752 * Check POSIX class name *
2753 *************************************************/
2754
2755 /* This function is called to check the name given in a POSIX-style class entry
2756 such as [:alnum:].
2757
2758 Arguments:
2759 ptr points to the first letter
2760 len the length of the name
2761
2762 Returns: a value representing the name, or -1 if unknown
2763 */
2764
2765 static int
2766 check_posix_name(const pcre_uchar *ptr, int len)
2767 {
2768 const char *pn = posix_names;
2769 register int yield = 0;
2770 while (posix_name_lengths[yield] != 0)
2771 {
2772 if (len == posix_name_lengths[yield] &&
2773 STRNCMP_UC_C8(ptr, pn, (unsigned int)len) == 0) return yield;
2774 pn += posix_name_lengths[yield] + 1;
2775 yield++;
2776 }
2777 return -1;
2778 }
2779
2780
2781 /*************************************************
2782 * Adjust OP_RECURSE items in repeated group *
2783 *************************************************/
2784
2785 /* OP_RECURSE items contain an offset from the start of the regex to the group
2786 that is referenced. This means that groups can be replicated for fixed
2787 repetition simply by copying (because the recursion is allowed to refer to
2788 earlier groups that are outside the current group). However, when a group is
2789 optional (i.e. the minimum quantifier is zero), OP_BRAZERO or OP_SKIPZERO is
2790 inserted before it, after it has been compiled. This means that any OP_RECURSE
2791 items within it that refer to the group itself or any contained groups have to
2792 have their offsets adjusted. That one of the jobs of this function. Before it
2793 is called, the partially compiled regex must be temporarily terminated with
2794 OP_END.
2795
2796 This function has been extended with the possibility of forward references for
2797 recursions and subroutine calls. It must also check the list of such references
2798 for the group we are dealing with. If it finds that one of the recursions in
2799 the current group is on this list, it adjusts the offset in the list, not the
2800 value in the reference (which is a group number).
2801
2802 Arguments:
2803 group points to the start of the group
2804 adjust the amount by which the group is to be moved
2805 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
2806 cd contains pointers to tables etc.
2807 save_hwm the hwm forward reference pointer at the start of the group
2808
2809 Returns: nothing
2810 */
2811
2812 static void
2813 adjust_recurse(pcre_uchar *group, int adjust, BOOL utf, compile_data *cd,
2814 pcre_uchar *save_hwm)
2815 {
2816 pcre_uchar *ptr = group;
2817
2818 while ((ptr = (pcre_uchar *)find_recurse(ptr, utf)) != NULL)
2819 {
2820 int offset;
2821 pcre_uchar *hc;
2822
2823 /* See if this recursion is on the forward reference list. If so, adjust the
2824 reference. */
2825
2826 for (hc = save_hwm; hc < cd->hwm; hc += LINK_SIZE)
2827 {
2828 offset = (int)GET(hc, 0);
2829 if (cd->start_code + offset == ptr + 1)
2830 {
2831 PUT(hc, 0, offset + adjust);
2832 break;
2833 }
2834 }
2835
2836 /* Otherwise, adjust the recursion offset if it's after the start of this
2837 group. */
2838
2839 if (hc >= cd->hwm)
2840 {
2841 offset = (int)GET(ptr, 1);
2842 if (cd->start_code + offset >= group) PUT(ptr, 1, offset + adjust);
2843 }
2844
2845 ptr += 1 + LINK_SIZE;
2846 }
2847 }
2848
2849
2850
2851 /*************************************************
2852 * Insert an automatic callout point *
2853 *************************************************/
2854
2855 /* This function is called when the PCRE_AUTO_CALLOUT option is set, to insert
2856 callout points before each pattern item.
2857
2858 Arguments:
2859 code current code pointer
2860 ptr current pattern pointer
2861 cd pointers to tables etc
2862
2863 Returns: new code pointer
2864 */
2865
2866 static pcre_uchar *
2867 auto_callout(pcre_uchar *code, const pcre_uchar *ptr, compile_data *cd)
2868 {
2869 *code++ = OP_CALLOUT;
2870 *code++ = 255;
2871 PUT(code, 0, (int)(ptr - cd->start_pattern)); /* Pattern offset */
2872 PUT(code, LINK_SIZE, 0); /* Default length */
2873 return code + 2 * LINK_SIZE;
2874 }
2875
2876
2877
2878 /*************************************************
2879 * Complete a callout item *
2880 *************************************************/
2881
2882 /* A callout item contains the length of the next item in the pattern, which
2883 we can't fill in till after we have reached the relevant point. This is used
2884 for both automatic and manual callouts.
2885
2886 Arguments:
2887 previous_callout points to previous callout item
2888 ptr current pattern pointer
2889 cd pointers to tables etc
2890
2891 Returns: nothing
2892 */
2893
2894 static void
2895 complete_callout(pcre_uchar *previous_callout, const pcre_uchar *ptr, compile_data *cd)
2896 {
2897 int length = (int)(ptr - cd->start_pattern - GET(previous_callout, 2));
2898 PUT(previous_callout, 2 + LINK_SIZE, length);
2899 }
2900
2901
2902
2903 #ifdef SUPPORT_UCP
2904 /*************************************************
2905 * Get othercase range *
2906 *************************************************/
2907
2908 /* This function is passed the start and end of a class range, in UTF-8 mode
2909 with UCP support. It searches up the characters, looking for ranges of
2910 characters in the "other" case. Each call returns the next one, updating the
2911 start address. A character with multiple other cases is returned on its own
2912 with a special return value.
2913
2914 Arguments:
2915 cptr points to starting character value; updated
2916 d end value
2917 ocptr where to put start of othercase range
2918 odptr where to put end of othercase range
2919
2920 Yield: -1 when no more
2921 0 when a range is returned
2922 >0 the CASESET offset for char with multiple other cases
2923 in this case, ocptr contains the original
2924 */
2925
2926 static int
2927 get_othercase_range(pcre_uint32 *cptr, pcre_uint32 d, pcre_uint32 *ocptr,
2928 pcre_uint32 *odptr)
2929 {
2930 pcre_uint32 c, othercase, next;
2931 unsigned int co;
2932
2933 /* Find the first character that has an other case. If it has multiple other
2934 cases, return its case offset value. */
2935
2936 for (c = *cptr; c <= d; c++)
2937 {
2938 if ((co = UCD_CASESET(c)) != 0)
2939 {
2940 *ocptr = c++; /* Character that has the set */
2941 *cptr = c; /* Rest of input range */
2942 return (int)co;
2943 }
2944 if ((othercase = UCD_OTHERCASE(c)) != c) break;
2945 }
2946
2947 if (c > d) return -1; /* Reached end of range */
2948
2949 *ocptr = othercase;
2950 next = othercase + 1;
2951
2952 for (++c; c <= d; c++)
2953 {
2954 if (UCD_OTHERCASE(c) != next) break;
2955 next++;
2956 }
2957
2958 *odptr = next - 1; /* End of othercase range */
2959 *cptr = c; /* Rest of input range */
2960 return 0;
2961 }
2962
2963
2964
2965 /*************************************************
2966 * Check a character and a property *
2967 *************************************************/
2968
2969 /* This function is called by check_auto_possessive() when a property item
2970 is adjacent to a fixed character.
2971
2972 Arguments:
2973 c the character
2974 ptype the property type
2975 pdata the data for the type
2976 negated TRUE if it's a negated property (\P or \p{^)
2977
2978 Returns: TRUE if auto-possessifying is OK
2979 */
2980
2981 static BOOL
2982 check_char_prop(pcre_uint32 c, unsigned int ptype, unsigned int pdata, BOOL negated)
2983 {
2984 #ifdef SUPPORT_UCP
2985 const pcre_uint32 *p;
2986 #endif
2987
2988 const ucd_record *prop = GET_UCD(c);
2989
2990 switch(ptype)
2991 {
2992 case PT_LAMP:
2993 return (prop->chartype == ucp_Lu ||
2994 prop->chartype == ucp_Ll ||
2995 prop->chartype == ucp_Lt) == negated;
2996
2997 case PT_GC:
2998 return (pdata == PRIV(ucp_gentype)[prop->chartype]) == negated;
2999
3000 case PT_PC:
3001 return (pdata == prop->chartype) == negated;
3002
3003 case PT_SC:
3004 return (pdata == prop->script) == negated;
3005
3006 /* These are specials */
3007
3008 case PT_ALNUM:
3009 return (PRIV(ucp_gentype)[prop->chartype] == ucp_L ||
3010 PRIV(ucp_gentype)[prop->chartype] == ucp_N) == negated;
3011
3012 case PT_SPACE: /* Perl space */
3013 return (PRIV(ucp_gentype)[prop->chartype] == ucp_Z ||
3014 c == CHAR_HT || c == CHAR_NL || c == CHAR_FF || c == CHAR_CR)
3015 == negated;
3016
3017 case PT_PXSPACE: /* POSIX space */
3018 return (PRIV(ucp_gentype)[prop->chartype] == ucp_Z ||
3019 c == CHAR_HT || c == CHAR_NL || c == CHAR_VT ||
3020 c == CHAR_FF || c == CHAR_CR)
3021 == negated;
3022
3023 case PT_WORD:
3024 return (PRIV(ucp_gentype)[prop->chartype] == ucp_L ||
3025 PRIV(ucp_gentype)[prop->chartype] == ucp_N ||
3026 c == CHAR_UNDERSCORE) == negated;
3027
3028 #ifdef SUPPORT_UCP
3029 case PT_CLIST:
3030 p = PRIV(ucd_caseless_sets) + prop->caseset;
3031 for (;;)
3032 {
3033 if ((unsigned int)c < *p) return !negated;
3034 if ((unsigned int)c == *p++) return negated;
3035 }
3036 break; /* Control never reaches here */
3037 #endif
3038 }
3039
3040 return FALSE;
3041 }
3042 #endif /* SUPPORT_UCP */
3043
3044
3045
3046 /*************************************************
3047 * Check if auto-possessifying is possible *
3048 *************************************************/
3049
3050 /* This function is called for unlimited repeats of certain items, to see
3051 whether the next thing could possibly match the repeated item. If not, it makes
3052 sense to automatically possessify the repeated item.
3053
3054 Arguments:
3055 previous pointer to the repeated opcode
3056 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
3057 ptr next character in pattern
3058 options options bits
3059 cd contains pointers to tables etc.
3060
3061 Returns: TRUE if possessifying is wanted
3062 */
3063
3064 static BOOL
3065 check_auto_possessive(const pcre_uchar *previous, BOOL utf,
3066 const pcre_uchar *ptr, int options, compile_data *cd)
3067 {
3068 pcre_uint32 c = NOTACHAR;
3069 pcre_uint32 next;
3070 int escape;
3071 pcre_uchar op_code = *previous++;
3072
3073 /* Skip whitespace and comments in extended mode */
3074
3075 if ((options & PCRE_EXTENDED) != 0)
3076 {
3077 for (;;)
3078 {
3079 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_space) != 0) ptr++;
3080 if (*ptr == CHAR_NUMBER_SIGN)
3081 {
3082 ptr++;
3083 while (*ptr != 0)
3084 {
3085 if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }
3086 ptr++;
3087 #ifdef SUPPORT_UTF
3088 if (utf) FORWARDCHAR(ptr);
3089 #endif
3090 }
3091 }
3092 else break;
3093 }
3094 }
3095
3096 /* If the next item is one that we can handle, get its value. A non-negative
3097 value is a character, a negative value is an escape value. */
3098
3099 if (*ptr == CHAR_BACKSLASH)
3100 {
3101 int temperrorcode = 0;
3102 escape = check_escape(&ptr, &next, &temperrorcode, cd->bracount, options, FALSE);
3103 if (temperrorcode != 0) return FALSE;
3104 ptr++; /* Point after the escape sequence */
3105 }
3106 else if (!MAX_255(*ptr) || (cd->ctypes[*ptr] & ctype_meta) == 0)
3107 {
3108 escape = 0;
3109 #ifdef SUPPORT_UTF
3110 if (utf) { GETCHARINC(next, ptr); } else
3111 #endif
3112 next = *ptr++;
3113 }
3114 else return FALSE;
3115
3116 /* Skip whitespace and comments in extended mode */
3117
3118 if ((options & PCRE_EXTENDED) != 0)
3119 {
3120 for (;;)
3121 {
3122 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_space) != 0) ptr++;
3123 if (*ptr == CHAR_NUMBER_SIGN)
3124 {
3125 ptr++;
3126 while (*ptr != 0)
3127 {
3128 if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }
3129 ptr++;
3130 #ifdef SUPPORT_UTF
3131 if (utf) FORWARDCHAR(ptr);
3132 #endif
3133 }
3134 }
3135 else break;
3136 }
3137 }
3138
3139 /* If the next thing is itself optional, we have to give up. */
3140
3141 if (*ptr == CHAR_ASTERISK || *ptr == CHAR_QUESTION_MARK ||
3142 STRNCMP_UC_C8(ptr, STR_LEFT_CURLY_BRACKET STR_0 STR_COMMA, 3) == 0)
3143 return FALSE;
3144
3145 /* If the previous item is a character, get its value. */
3146
3147 if (op_code == OP_CHAR || op_code == OP_CHARI ||
3148 op_code == OP_NOT || op_code == OP_NOTI)
3149 {
3150 #ifdef SUPPORT_UTF
3151 GETCHARTEST(c, previous);
3152 #else
3153 c = *previous;
3154 #endif
3155 }
3156
3157 /* Now compare the next item with the previous opcode. First, handle cases when
3158 the next item is a character. */
3159
3160 if (escape == 0)
3161 {
3162 /* For a caseless UTF match, the next character may have more than one other
3163 case, which maps to the special PT_CLIST property. Check this first. */
3164
3165 #ifdef SUPPORT_UCP
3166 if (utf && c != NOTACHAR && (options & PCRE_CASELESS) != 0)
3167 {
3168 unsigned int ocs = UCD_CASESET(next);
3169 if (ocs > 0) return check_char_prop(c, PT_CLIST, ocs, op_code >= OP_NOT);
3170 }
3171 #endif
3172
3173 switch(op_code)
3174 {
3175 case OP_CHAR:
3176 return c != next;
3177
3178 /* For CHARI (caseless character) we must check the other case. If we have
3179 Unicode property support, we can use it to test the other case of
3180 high-valued characters. We know that next can have only one other case,
3181 because multi-other-case characters are dealt with above. */
3182
3183 case OP_CHARI:
3184 if (c == next) return FALSE;
3185 #ifdef SUPPORT_UTF
3186 if (utf)
3187 {
3188 pcre_uint32 othercase;
3189 if (next < 128) othercase = cd->fcc[next]; else
3190 #ifdef SUPPORT_UCP
3191 othercase = UCD_OTHERCASE(next);
3192 #else
3193 othercase = NOTACHAR;
3194 #endif
3195 return c != othercase;
3196 }
3197 else
3198 #endif /* SUPPORT_UTF */
3199 return (c != TABLE_GET(next, cd->fcc, next)); /* Not UTF */
3200
3201 case OP_NOT:
3202 return c == next;
3203
3204 case OP_NOTI:
3205 if (c == next) return TRUE;
3206 #ifdef SUPPORT_UTF
3207 if (utf)
3208 {
3209 pcre_uint32 othercase;
3210 if (next < 128) othercase = cd->fcc[next]; else
3211 #ifdef SUPPORT_UCP
3212 othercase = UCD_OTHERCASE(next);
3213 #else
3214 othercase = NOTACHAR;
3215 #endif
3216 return c == othercase;
3217 }
3218 else
3219 #endif /* SUPPORT_UTF */
3220 return (c == TABLE_GET(next, cd->fcc, next)); /* Not UTF */
3221
3222 /* Note that OP_DIGIT etc. are generated only when PCRE_UCP is *not* set.
3223 When it is set, \d etc. are converted into OP_(NOT_)PROP codes. */
3224
3225 case OP_DIGIT:
3226 return next > 255 || (cd->ctypes[next] & ctype_digit) == 0;
3227
3228 case OP_NOT_DIGIT:
3229 return next <= 255 && (cd->ctypes[next] & ctype_digit) != 0;
3230
3231 case OP_WHITESPACE:
3232 return next > 255 || (cd->ctypes[next] & ctype_space) == 0;
3233
3234 case OP_NOT_WHITESPACE:
3235 return next <= 255 && (cd->ctypes[next] & ctype_space) != 0;
3236
3237 case OP_WORDCHAR:
3238 return next > 255 || (cd->ctypes[next] & ctype_word) == 0;
3239
3240 case OP_NOT_WORDCHAR:
3241 return next <= 255 && (cd->ctypes[next] & ctype_word) != 0;
3242
3243 case OP_HSPACE:
3244 case OP_NOT_HSPACE:
3245 switch(next)
3246 {
3247 HSPACE_CASES:
3248 return op_code == OP_NOT_HSPACE;
3249
3250 default:
3251 return op_code != OP_NOT_HSPACE;
3252 }
3253
3254 case OP_ANYNL:
3255 case OP_VSPACE:
3256 case OP_NOT_VSPACE:
3257 switch(next)
3258 {
3259 VSPACE_CASES:
3260 return op_code == OP_NOT_VSPACE;
3261
3262 default:
3263 return op_code != OP_NOT_VSPACE;
3264 }
3265
3266 #ifdef SUPPORT_UCP
3267 case OP_PROP:
3268 return check_char_prop(next, previous[0], previous[1], FALSE);
3269
3270 case OP_NOTPROP:
3271 return check_char_prop(next, previous[0], previous[1], TRUE);
3272 #endif
3273
3274 default:
3275 return FALSE;
3276 }
3277 }
3278
3279 /* Handle the case when the next item is \d, \s, etc. Note that when PCRE_UCP
3280 is set, \d turns into ESC_du rather than ESC_d, etc., so ESC_d etc. are
3281 generated only when PCRE_UCP is *not* set, that is, when only ASCII
3282 characteristics are recognized. Similarly, the opcodes OP_DIGIT etc. are
3283 replaced by OP_PROP codes when PCRE_UCP is set. */
3284
3285 switch(op_code)
3286 {
3287 case OP_CHAR:
3288 case OP_CHARI:
3289 switch(escape)
3290 {
3291 case ESC_d:
3292 return c > 255 || (cd->ctypes[c] & ctype_digit) == 0;
3293
3294 case ESC_D:
3295 return c <= 255 && (cd->ctypes[c] & ctype_digit) != 0;
3296
3297 case ESC_s:
3298 return c > 255 || (cd->ctypes[c] & ctype_space) == 0;
3299
3300 case ESC_S:
3301 return c <= 255 && (cd->ctypes[c] & ctype_space) != 0;
3302
3303 case ESC_w:
3304 return c > 255 || (cd->ctypes[c] & ctype_word) == 0;
3305
3306 case ESC_W:
3307 return c <= 255 && (cd->ctypes[c] & ctype_word) != 0;
3308
3309 case ESC_h:
3310 case ESC_H:
3311 switch(c)
3312 {
3313 HSPACE_CASES:
3314 return escape != ESC_h;
3315
3316 default:
3317 return escape == ESC_h;
3318 }
3319
3320 case ESC_v:
3321 case ESC_V:
3322 switch(c)
3323 {
3324 VSPACE_CASES:
3325 return escape != ESC_v;
3326
3327 default:
3328 return escape == ESC_v;
3329 }
3330
3331 /* When PCRE_UCP is set, these values get generated for \d etc. Find
3332 their substitutions and process them. The result will always be either
3333 ESC_p or ESC_P. Then fall through to process those values. */
3334
3335 #ifdef SUPPORT_UCP
3336 case ESC_du:
3337 case ESC_DU:
3338 case ESC_wu:
3339 case ESC_WU:
3340 case ESC_su:
3341 case ESC_SU:
3342 {
3343 int temperrorcode = 0;
3344 ptr = substitutes[escape - ESC_DU];
3345 escape = check_escape(&ptr, &next, &temperrorcode, 0, options, FALSE);
3346 if (temperrorcode != 0) return FALSE;
3347 ptr++; /* For compatibility */
3348 }
3349 /* Fall through */
3350
3351 case ESC_p:
3352 case ESC_P:
3353 {
3354 unsigned int ptype = 0, pdata = 0;
3355 int errorcodeptr;
3356 BOOL negated;
3357
3358 ptr--; /* Make ptr point at the p or P */
3359 if (!get_ucp(&ptr, &negated, &ptype, &pdata, &errorcodeptr))
3360 return FALSE;
3361 ptr++; /* Point past the final curly ket */
3362
3363 /* If the property item is optional, we have to give up. (When generated
3364 from \d etc by PCRE_UCP, this test will have been applied much earlier,
3365 to the original \d etc. At this point, ptr will point to a zero byte. */
3366
3367 if (*ptr == CHAR_ASTERISK || *ptr == CHAR_QUESTION_MARK ||
3368 STRNCMP_UC_C8(ptr, STR_LEFT_CURLY_BRACKET STR_0 STR_COMMA, 3) == 0)
3369 return FALSE;
3370
3371 /* Do the property check. */
3372
3373 return check_char_prop(c, ptype, pdata, (escape == ESC_P) != negated);
3374 }
3375 #endif
3376
3377 default:
3378 return FALSE;
3379 }
3380
3381 /* In principle, support for Unicode properties should be integrated here as
3382 well. It means re-organizing the above code so as to get hold of the property
3383 values before switching on the op-code. However, I wonder how many patterns
3384 combine ASCII \d etc with Unicode properties? (Note that if PCRE_UCP is set,
3385 these op-codes are never generated.) */
3386
3387 case OP_DIGIT:
3388 return escape == ESC_D || escape == ESC_s || escape == ESC_W ||
3389 escape == ESC_h || escape == ESC_v || escape == ESC_R;
3390
3391 case OP_NOT_DIGIT:
3392 return escape == ESC_d;
3393
3394 case OP_WHITESPACE:
3395 return escape == ESC_S || escape == ESC_d || escape == ESC_w;
3396
3397 case OP_NOT_WHITESPACE:
3398 return escape == ESC_s || escape == ESC_h || escape == ESC_v || escape == ESC_R;
3399
3400 case OP_HSPACE:
3401 return escape == ESC_S || escape == ESC_H || escape == ESC_d ||
3402 escape == ESC_w || escape == ESC_v || escape == ESC_R;
3403
3404 case OP_NOT_HSPACE:
3405 return escape == ESC_h;
3406
3407 /* Can't have \S in here because VT matches \S (Perl anomaly) */
3408 case OP_ANYNL:
3409 case OP_VSPACE:
3410 return escape == ESC_V || escape == ESC_d || escape == ESC_w;
3411
3412 case OP_NOT_VSPACE:
3413 return escape == ESC_v || escape == ESC_R;
3414
3415 case OP_WORDCHAR:
3416 return escape == ESC_W || escape == ESC_s || escape == ESC_h ||
3417 escape == ESC_v || escape == ESC_R;
3418
3419 case OP_NOT_WORDCHAR:
3420 return escape == ESC_w || escape == ESC_d;
3421
3422 default:
3423 return FALSE;
3424 }
3425
3426 /* Control does not reach here */
3427 }
3428
3429
3430
3431 /*************************************************
3432 * Add a character or range to a class *
3433 *************************************************/
3434
3435 /* This function packages up the logic of adding a character or range of
3436 characters to a class. The character values in the arguments will be within the
3437 valid values for the current mode (8-bit, 16-bit, UTF, etc). This function is
3438 mutually recursive with the function immediately below.
3439
3440 Arguments:
3441 classbits the bit map for characters < 256
3442 uchardptr points to the pointer for extra data
3443 options the options word
3444 cd contains pointers to tables etc.
3445 start start of range character
3446 end end of range character
3447
3448 Returns: the number of < 256 characters added
3449 the pointer to extra data is updated
3450 */
3451
3452 static int
3453 add_to_class(pcre_uint8 *classbits, pcre_uchar **uchardptr, int options,
3454 compile_data *cd, pcre_uint32 start, pcre_uint32 end)
3455 {
3456 pcre_uint32 c;
3457 int n8 = 0;
3458
3459 /* If caseless matching is required, scan the range and process alternate
3460 cases. In Unicode, there are 8-bit characters that have alternate cases that
3461 are greater than 255 and vice-versa. Sometimes we can just extend the original
3462 range. */
3463
3464 if ((options & PCRE_CASELESS) != 0)
3465 {
3466 #ifdef SUPPORT_UCP
3467 if ((options & PCRE_UTF8) != 0)
3468 {
3469 int rc;
3470 pcre_uint32 oc, od;
3471
3472 options &= ~PCRE_CASELESS; /* Remove for recursive calls */
3473 c = start;
3474
3475 while ((rc = get_othercase_range(&c, end, &oc, &od)) >= 0)
3476 {
3477 /* Handle a single character that has more than one other case. */
3478
3479 if (rc > 0) n8 += add_list_to_class(classbits, uchardptr, options, cd,
3480 PRIV(ucd_caseless_sets) + rc, oc);
3481
3482 /* Do nothing if the other case range is within the original range. */
3483
3484 else if (oc >= start && od <= end) continue;
3485
3486 /* Extend the original range if there is overlap, noting that if oc < c, we
3487 can't have od > end because a subrange is always shorter than the basic
3488 range. Otherwise, use a recursive call to add the additional range. */
3489
3490 else if (oc < start && od >= start - 1) start = oc; /* Extend downwards */
3491 else if (od > end && oc <= end + 1) end = od; /* Extend upwards */
3492 else n8 += add_to_class(classbits, uchardptr, options, cd, oc, od);
3493 }
3494 }
3495 else
3496 #endif /* SUPPORT_UCP */
3497
3498 /* Not UTF-mode, or no UCP */
3499
3500 for (c = start; c <= end && c < 256; c++)
3501 {
3502 SETBIT(classbits, cd->fcc[c]);
3503 n8++;
3504 }
3505 }
3506
3507 /* Now handle the original range. Adjust the final value according to the bit
3508 length - this means that the same lists of (e.g.) horizontal spaces can be used
3509 in all cases. */
3510
3511 #if defined COMPILE_PCRE8
3512 #ifdef SUPPORT_UTF
3513 if ((options & PCRE_UTF8) == 0)
3514 #endif
3515 if (end > 0xff) end = 0xff;
3516
3517 #elif defined COMPILE_PCRE16
3518 #ifdef SUPPORT_UTF
3519 if ((options & PCRE_UTF16) == 0)
3520 #endif
3521 if (end > 0xffff) end = 0xffff;
3522
3523 #endif /* COMPILE_PCRE[8|16] */
3524
3525 /* If all characters are less than 256, use the bit map. Otherwise use extra
3526 data. */
3527
3528 if (end < 0x100)
3529 {
3530 for (c = start; c <= end; c++)
3531 {
3532 n8++;
3533 SETBIT(classbits, c);
3534 }
3535 }
3536
3537 else
3538 {
3539 pcre_uchar *uchardata = *uchardptr;
3540
3541 #ifdef SUPPORT_UTF
3542 if ((options & PCRE_UTF8) != 0) /* All UTFs use the same flag bit */
3543 {
3544 if (start < end)
3545 {
3546 *uchardata++ = XCL_RANGE;
3547 uchardata += PRIV(ord2utf)(start, uchardata);
3548 uchardata += PRIV(ord2utf)(end, uchardata);
3549 }
3550 else if (start == end)
3551 {
3552 *uchardata++ = XCL_SINGLE;
3553 uchardata += PRIV(ord2utf)(start, uchardata);
3554 }
3555 }
3556 else
3557 #endif /* SUPPORT_UTF */
3558
3559 /* Without UTF support, character values are constrained by the bit length,
3560 and can only be > 256 for 16-bit and 32-bit libraries. */
3561
3562 #ifdef COMPILE_PCRE8
3563 {}
3564 #else
3565 if (start < end)
3566 {
3567 *uchardata++ = XCL_RANGE;
3568 *uchardata++ = start;
3569 *uchardata++ = end;
3570 }
3571 else if (start == end)
3572 {
3573 *uchardata++ = XCL_SINGLE;
3574 *uchardata++ = start;
3575 }
3576 #endif
3577
3578 *uchardptr = uchardata; /* Updata extra data pointer */
3579 }
3580
3581 return n8; /* Number of 8-bit characters */
3582 }
3583
3584
3585
3586
3587 /*************************************************
3588 * Add a list of characters to a class *
3589 *************************************************/
3590
3591 /* This function is used for adding a list of case-equivalent characters to a
3592 class, and also for adding a list of horizontal or vertical whitespace. If the
3593 list is in order (which it should be), ranges of characters are detected and
3594 handled appropriately. This function is mutually recursive with the function
3595 above.
3596
3597 Arguments:
3598 classbits the bit map for characters < 256
3599 uchardptr points to the pointer for extra data
3600 options the options word
3601 cd contains pointers to tables etc.
3602 p points to row of 32-bit values, terminated by NOTACHAR
3603 except character to omit; this is used when adding lists of
3604 case-equivalent characters to avoid including the one we
3605 already know about
3606
3607 Returns: the number of < 256 characters added
3608 the pointer to extra data is updated
3609 */
3610
3611 static int
3612 add_list_to_class(pcre_uint8 *classbits, pcre_uchar **uchardptr, int options,
3613 compile_data *cd, const pcre_uint32 *p, unsigned int except)
3614 {
3615 int n8 = 0;
3616 while (p[0] < NOTACHAR)
3617 {
3618 int n = 0;
3619 if (p[0] != except)
3620 {
3621 while(p[n+1] == p[0] + n + 1) n++;
3622 n8 += add_to_class(classbits, uchardptr, options, cd, p[0], p[n]);
3623 }
3624 p += n + 1;
3625 }
3626 return n8;
3627 }
3628
3629
3630
3631 /*************************************************
3632 * Add characters not in a list to a class *
3633 *************************************************/
3634
3635 /* This function is used for adding the complement of a list of horizontal or
3636 vertical whitespace to a class. The list must be in order.
3637
3638 Arguments:
3639 classbits the bit map for characters < 256
3640 uchardptr points to the pointer for extra data
3641 options the options word
3642 cd contains pointers to tables etc.
3643 p points to row of 32-bit values, terminated by NOTACHAR
3644
3645 Returns: the number of < 256 characters added
3646 the pointer to extra data is updated
3647 */
3648
3649 static int
3650 add_not_list_to_class(pcre_uint8 *classbits, pcre_uchar **uchardptr,
3651 int options, compile_data *cd, const pcre_uint32 *p)
3652 {
3653 BOOL utf = (options & PCRE_UTF8) != 0;
3654 int n8 = 0;
3655 if (p[0] > 0)
3656 n8 += add_to_class(classbits, uchardptr, options, cd, 0, p[0] - 1);
3657 while (p[0] < NOTACHAR)
3658 {
3659 while (p[1] == p[0] + 1) p++;
3660 n8 += add_to_class(classbits, uchardptr, options, cd, p[0] + 1,
3661 (p[1] == NOTACHAR) ? (utf ? 0x10ffffu : 0xffffffffu) : p[1] - 1);
3662 p++;
3663 }
3664 return n8;
3665 }
3666
3667
3668
3669 /*************************************************
3670 * Compile one branch *
3671 *************************************************/
3672
3673 /* Scan the pattern, compiling it into the a vector. If the options are
3674 changed during the branch, the pointer is used to change the external options
3675 bits. This function is used during the pre-compile phase when we are trying
3676 to find out the amount of memory needed, as well as during the real compile
3677 phase. The value of lengthptr distinguishes the two phases.
3678
3679 Arguments:
3680 optionsptr pointer to the option bits
3681 codeptr points to the pointer to the current code point
3682 ptrptr points to the current pattern pointer
3683 errorcodeptr points to error code variable
3684 firstcharptr place to put the first required character
3685 firstcharflagsptr place to put the first character flags, or a negative number
3686 reqcharptr place to put the last required character
3687 reqcharflagsptr place to put the last required character flags, or a negative number
3688 bcptr points to current branch chain
3689 cond_depth conditional nesting depth
3690 cd contains pointers to tables etc.
3691 lengthptr NULL during the real compile phase
3692 points to length accumulator during pre-compile phase
3693
3694 Returns: TRUE on success
3695 FALSE, with *errorcodeptr set non-zero on error
3696 */
3697
3698 static BOOL
3699 compile_branch(int *optionsptr, pcre_uchar **codeptr,
3700 const pcre_uchar **ptrptr, int *errorcodeptr,
3701 pcre_uint32 *firstcharptr, pcre_int32 *firstcharflagsptr,
3702 pcre_uint32 *reqcharptr, pcre_int32 *reqcharflagsptr,
3703 branch_chain *bcptr, int cond_depth,
3704 compile_data *cd, int *lengthptr)
3705 {
3706 int repeat_type, op_type;
3707 int repeat_min = 0, repeat_max = 0; /* To please picky compilers */
3708 int bravalue = 0;
3709 int greedy_default, greedy_non_default;
3710 pcre_uint32 firstchar, reqchar;
3711 pcre_int32 firstcharflags, reqcharflags;
3712 pcre_uint32 zeroreqchar, zerofirstchar;
3713 pcre_int32 zeroreqcharflags, zerofirstcharflags;
3714 pcre_int32 req_caseopt, reqvary, tempreqvary;
3715 int options = *optionsptr; /* May change dynamically */
3716 int after_manual_callout = 0;
3717 int length_prevgroup = 0;
3718 register pcre_uint32 c;
3719 int escape;
3720 register pcre_uchar *code = *codeptr;
3721 pcre_uchar *last_code = code;
3722 pcre_uchar *orig_code = code;
3723 pcre_uchar *tempcode;
3724 BOOL inescq = FALSE;
3725 BOOL groupsetfirstchar = FALSE;
3726 const pcre_uchar *ptr = *ptrptr;
3727 const pcre_uchar *tempptr;
3728 const pcre_uchar *nestptr = NULL;
3729 pcre_uchar *previous = NULL;
3730 pcre_uchar *previous_callout = NULL;
3731 pcre_uchar *save_hwm = NULL;
3732 pcre_uint8 classbits[32];
3733
3734 /* We can fish out the UTF-8 setting once and for all into a BOOL, but we
3735 must not do this for other options (e.g. PCRE_EXTENDED) because they may change
3736 dynamically as we process the pattern. */
3737
3738 #ifdef SUPPORT_UTF
3739 /* PCRE_UTF[16|32] have the same value as PCRE_UTF8. */
3740 BOOL utf = (options & PCRE_UTF8) != 0;
3741 #ifndef COMPILE_PCRE32
3742 pcre_uchar utf_chars[6];
3743 #endif
3744 #else
3745 BOOL utf = FALSE;
3746 #endif
3747
3748 /* Helper variables for OP_XCLASS opcode (for characters > 255). We define
3749 class_uchardata always so that it can be passed to add_to_class() always,
3750 though it will not be used in non-UTF 8-bit cases. This avoids having to supply
3751 alternative calls for the different cases. */
3752
3753 pcre_uchar *class_uchardata;
3754 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3755 BOOL xclass;
3756 pcre_uchar *class_uchardata_base;
3757 #endif
3758
3759 #ifdef PCRE_DEBUG
3760 if (lengthptr != NULL) DPRINTF((">> start branch\n"));
3761 #endif
3762
3763 /* Set up the default and non-default settings for greediness */
3764
3765 greedy_default = ((options & PCRE_UNGREEDY) != 0);
3766 greedy_non_default = greedy_default ^ 1;
3767
3768 /* Initialize no first byte, no required byte. REQ_UNSET means "no char
3769 matching encountered yet". It gets changed to REQ_NONE if we hit something that
3770 matches a non-fixed char first char; reqchar just remains unset if we never
3771 find one.
3772
3773 When we hit a repeat whose minimum is zero, we may have to adjust these values
3774 to take the zero repeat into account. This is implemented by setting them to
3775 zerofirstbyte and zeroreqchar when such a repeat is encountered. The individual
3776 item types that can be repeated set these backoff variables appropriately. */
3777
3778 firstchar = reqchar = zerofirstchar = zeroreqchar = 0;
3779 firstcharflags = reqcharflags = zerofirstcharflags = zeroreqcharflags = REQ_UNSET;
3780
3781 /* The variable req_caseopt contains either the REQ_CASELESS value
3782 or zero, according to the current setting of the caseless flag. The
3783 REQ_CASELESS leaves the lower 28 bit empty. It is added into the
3784 firstchar or reqchar variables to record the case status of the
3785 value. This is used only for ASCII characters. */
3786
3787 req_caseopt = ((options & PCRE_CASELESS) != 0)? REQ_CASELESS:0;
3788
3789 /* Switch on next character until the end of the branch */
3790
3791 for (;; ptr++)
3792 {
3793 BOOL negate_class;
3794 BOOL should_flip_negation;
3795 BOOL possessive_quantifier;
3796 BOOL is_quantifier;
3797 BOOL is_recurse;
3798 BOOL reset_bracount;
3799 int class_has_8bitchar;
3800 int class_one_char;
3801 int newoptions;
3802 int recno;
3803 int refsign;
3804 int skipbytes;
3805 pcre_uint32 subreqchar, subfirstchar;
3806 pcre_int32 subreqcharflags, subfirstcharflags;
3807 int terminator;
3808 unsigned int mclength;
3809 unsigned int tempbracount;
3810 pcre_uint32 ec;
3811 pcre_uchar mcbuffer[8];
3812
3813 /* Get next character in the pattern */
3814
3815 c = *ptr;
3816
3817 /* If we are at the end of a nested substitution, revert to the outer level
3818 string. Nesting only happens one level deep. */
3819
3820 if (c == 0 && nestptr != NULL)
3821 {
3822 ptr = nestptr;
3823 nestptr = NULL;
3824 c = *ptr;
3825 }
3826
3827 /* If we are in the pre-compile phase, accumulate the length used for the
3828 previous cycle of this loop. */
3829
3830 if (lengthptr != NULL)
3831 {
3832 #ifdef PCRE_DEBUG
3833 if (code > cd->hwm) cd->hwm = code; /* High water info */
3834 #endif
3835 if (code > cd->start_workspace + cd->workspace_size -
3836 WORK_SIZE_SAFETY_MARGIN) /* Check for overrun */
3837 {
3838 *errorcodeptr = ERR52;
3839 goto FAILED;
3840 }
3841
3842 /* There is at least one situation where code goes backwards: this is the
3843 case of a zero quantifier after a class (e.g. [ab]{0}). At compile time,
3844 the class is simply eliminated. However, it is created first, so we have to
3845 allow memory for it. Therefore, don't ever reduce the length at this point.
3846 */
3847
3848 if (code < last_code) code = last_code;
3849
3850 /* Paranoid check for integer overflow */
3851
3852 if (OFLOW_MAX - *lengthptr < code - last_code)
3853 {
3854 *errorcodeptr = ERR20;
3855 goto FAILED;
3856 }
3857
3858 *lengthptr += (int)(code - last_code);
3859 DPRINTF(("length=%d added %d c=%c (0x%x)\n", *lengthptr,
3860 (int)(code - last_code), c, c));
3861
3862 /* If "previous" is set and it is not at the start of the work space, move
3863 it back to there, in order to avoid filling up the work space. Otherwise,
3864 if "previous" is NULL, reset the current code pointer to the start. */
3865
3866 if (previous != NULL)
3867 {
3868 if (previous > orig_code)
3869 {
3870 memmove(orig_code, previous, IN_UCHARS(code - previous));
3871 code -= previous - orig_code;
3872 previous = orig_code;
3873 }
3874 }
3875 else code = orig_code;
3876
3877 /* Remember where this code item starts so we can pick up the length
3878 next time round. */
3879
3880 last_code = code;
3881 }
3882
3883 /* In the real compile phase, just check the workspace used by the forward
3884 reference list. */
3885
3886 else if (cd->hwm > cd->start_workspace + cd->workspace_size -
3887 WORK_SIZE_SAFETY_MARGIN)
3888 {
3889 *errorcodeptr = ERR52;
3890 goto FAILED;
3891 }
3892
3893 /* If in \Q...\E, check for the end; if not, we have a literal */
3894
3895 if (inescq && c != 0)
3896 {
3897 if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E)
3898 {
3899 inescq = FALSE;
3900 ptr++;
3901 continue;
3902 }
3903 else
3904 {
3905 if (previous_callout != NULL)
3906 {
3907 if (lengthptr == NULL) /* Don't attempt in pre-compile phase */
3908 complete_callout(previous_callout, ptr, cd);
3909 previous_callout = NULL;
3910 }
3911 if ((options & PCRE_AUTO_CALLOUT) != 0)
3912 {
3913 previous_callout = code;
3914 code = auto_callout(code, ptr, cd);
3915 }
3916 goto NORMAL_CHAR;
3917 }
3918 }
3919
3920 /* Fill in length of a previous callout, except when the next thing is
3921 a quantifier. */
3922
3923 is_quantifier =
3924 c == CHAR_ASTERISK || c == CHAR_PLUS || c == CHAR_QUESTION_MARK ||
3925 (c == CHAR_LEFT_CURLY_BRACKET && is_counted_repeat(ptr+1));
3926
3927 if (!is_quantifier && previous_callout != NULL &&
3928 after_manual_callout-- <= 0)
3929 {
3930 if (lengthptr == NULL) /* Don't attempt in pre-compile phase */
3931 complete_callout(previous_callout, ptr, cd);
3932 previous_callout = NULL;
3933 }
3934
3935 /* In extended mode, skip white space and comments. */
3936
3937 if ((options & PCRE_EXTENDED) != 0)
3938 {
3939 if (MAX_255(*ptr) && (cd->ctypes[c] & ctype_space) != 0) continue;
3940 if (c == CHAR_NUMBER_SIGN)
3941 {
3942 ptr++;
3943 while (*ptr != 0)
3944 {
3945 if (IS_NEWLINE(ptr)) { ptr += cd->nllen - 1; break; }
3946 ptr++;
3947 #ifdef SUPPORT_UTF
3948 if (utf) FORWARDCHAR(ptr);
3949 #endif
3950 }
3951 if (*ptr != 0) continue;
3952
3953 /* Else fall through to handle end of string */
3954 c = 0;
3955 }
3956 }
3957
3958 /* No auto callout for quantifiers. */
3959
3960 if ((options & PCRE_AUTO_CALLOUT) != 0 && !is_quantifier)
3961 {
3962 previous_callout = code;
3963 code = auto_callout(code, ptr, cd);
3964 }
3965
3966 switch(c)
3967 {
3968 /* ===================================================================*/
3969 case 0: /* The branch terminates at string end */
3970 case CHAR_VERTICAL_LINE: /* or | or ) */
3971 case CHAR_RIGHT_PARENTHESIS:
3972 *firstcharptr = firstchar;
3973 *firstcharflagsptr = firstcharflags;
3974 *reqcharptr = reqchar;
3975 *reqcharflagsptr = reqcharflags;
3976 *codeptr = code;
3977 *ptrptr = ptr;
3978 if (lengthptr != NULL)
3979 {
3980 if (OFLOW_MAX - *lengthptr < code - last_code)
3981 {
3982 *errorcodeptr = ERR20;
3983 goto FAILED;
3984 }
3985 *lengthptr += (int)(code - last_code); /* To include callout length */
3986 DPRINTF((">> end branch\n"));
3987 }
3988 return TRUE;
3989
3990
3991 /* ===================================================================*/
3992 /* Handle single-character metacharacters. In multiline mode, ^ disables
3993 the setting of any following char as a first character. */
3994
3995 case CHAR_CIRCUMFLEX_ACCENT:
3996 previous = NULL;
3997 if ((options & PCRE_MULTILINE) != 0)
3998 {
3999 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
4000 *code++ = OP_CIRCM;
4001 }
4002 else *code++ = OP_CIRC;
4003 break;
4004
4005 case CHAR_DOLLAR_SIGN:
4006 previous = NULL;
4007 *code++ = ((options & PCRE_MULTILINE) != 0)? OP_DOLLM : OP_DOLL;
4008 break;
4009
4010 /* There can never be a first char if '.' is first, whatever happens about
4011 repeats. The value of reqchar doesn't change either. */
4012
4013 case CHAR_DOT:
4014 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
4015 zerofirstchar = firstchar;
4016 zerofirstcharflags = firstcharflags;
4017 zeroreqchar = reqchar;
4018 zeroreqcharflags = reqcharflags;
4019 previous = code;
4020 *code++ = ((options & PCRE_DOTALL) != 0)? OP_ALLANY: OP_ANY;
4021 break;
4022
4023
4024 /* ===================================================================*/
4025 /* Character classes. If the included characters are all < 256, we build a
4026 32-byte bitmap of the permitted characters, except in the special case
4027 where there is only one such character. For negated classes, we build the
4028 map as usual, then invert it at the end. However, we use a different opcode
4029 so that data characters > 255 can be handled correctly.
4030
4031 If the class contains characters outside the 0-255 range, a different
4032 opcode is compiled. It may optionally have a bit map for characters < 256,
4033 but those above are are explicitly listed afterwards. A flag byte tells
4034 whether the bitmap is present, and whether this is a negated class or not.
4035
4036 In JavaScript compatibility mode, an isolated ']' causes an error. In
4037 default (Perl) mode, it is treated as a data character. */
4038
4039 case CHAR_RIGHT_SQUARE_BRACKET:
4040 if ((cd->external_options & PCRE_JAVASCRIPT_COMPAT) != 0)
4041 {
4042 *errorcodeptr = ERR64;
4043 goto FAILED;
4044 }
4045 goto NORMAL_CHAR;
4046
4047 case CHAR_LEFT_SQUARE_BRACKET:
4048 previous = code;
4049
4050 /* PCRE supports POSIX class stuff inside a class. Perl gives an error if
4051 they are encountered at the top level, so we'll do that too. */
4052
4053 if ((ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
4054 ptr[1] == CHAR_EQUALS_SIGN) &&
4055 check_posix_syntax(ptr, &tempptr))
4056 {
4057 *errorcodeptr = (ptr[1] == CHAR_COLON)? ERR13 : ERR31;
4058 goto FAILED;
4059 }
4060
4061 /* If the first character is '^', set the negation flag and skip it. Also,
4062 if the first few characters (either before or after ^) are \Q\E or \E we
4063 skip them too. This makes for compatibility with Perl. */
4064
4065 negate_class = FALSE;
4066 for (;;)
4067 {
4068 c = *(++ptr);
4069 if (c == CHAR_BACKSLASH)
4070 {
4071 if (ptr[1] == CHAR_E)
4072 ptr++;
4073 else if (STRNCMP_UC_C8(ptr + 1, STR_Q STR_BACKSLASH STR_E, 3) == 0)
4074 ptr += 3;
4075 else
4076 break;
4077 }
4078 else if (!negate_class && c == CHAR_CIRCUMFLEX_ACCENT)
4079 negate_class = TRUE;
4080 else break;
4081 }
4082
4083 /* Empty classes are allowed in JavaScript compatibility mode. Otherwise,
4084 an initial ']' is taken as a data character -- the code below handles
4085 that. In JS mode, [] must always fail, so generate OP_FAIL, whereas
4086 [^] must match any character, so generate OP_ALLANY. */
4087
4088 if (c == CHAR_RIGHT_SQUARE_BRACKET &&
4089 (cd->external_options & PCRE_JAVASCRIPT_COMPAT) != 0)
4090 {
4091 *code++ = negate_class? OP_ALLANY : OP_FAIL;
4092 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
4093 zerofirstchar = firstchar;
4094 zerofirstcharflags = firstcharflags;
4095 break;
4096 }
4097
4098 /* If a class contains a negative special such as \S, we need to flip the
4099 negation flag at the end, so that support for characters > 255 works
4100 correctly (they are all included in the class). */
4101
4102 should_flip_negation = FALSE;
4103
4104 /* For optimization purposes, we track some properties of the class:
4105 class_has_8bitchar will be non-zero if the class contains at least one <
4106 256 character; class_one_char will be 1 if the class contains just one
4107 character. */
4108
4109 class_has_8bitchar = 0;
4110 class_one_char = 0;
4111
4112 /* Initialize the 32-char bit map to all zeros. We build the map in a
4113 temporary bit of memory, in case the class contains fewer than two
4114 8-bit characters because in that case the compiled code doesn't use the bit
4115 map. */
4116
4117 memset(classbits, 0, 32 * sizeof(pcre_uint8));
4118
4119 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4120 xclass = FALSE;
4121 class_uchardata = code + LINK_SIZE + 2; /* For XCLASS items */
4122 class_uchardata_base = class_uchardata; /* Save the start */
4123 #endif
4124
4125 /* Process characters until ] is reached. By writing this as a "do" it
4126 means that an initial ] is taken as a data character. At the start of the
4127 loop, c contains the first byte of the character. */
4128
4129 if (c != 0) do
4130 {
4131 const pcre_uchar *oldptr;
4132
4133 #ifdef SUPPORT_UTF
4134 if (utf && HAS_EXTRALEN(c))
4135 { /* Braces are required because the */
4136 GETCHARLEN(c, ptr, ptr); /* macro generates multiple statements */
4137 }
4138 #endif
4139
4140 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4141 /* In the pre-compile phase, accumulate the length of any extra
4142 data and reset the pointer. This is so that very large classes that
4143 contain a zillion > 255 characters no longer overwrite the work space
4144 (which is on the stack). We have to remember that there was XCLASS data,
4145 however. */
4146
4147 if (lengthptr != NULL && class_uchardata > class_uchardata_base)
4148 {
4149 xclass = TRUE;
4150 *lengthptr += class_uchardata - class_uchardata_base;
4151 class_uchardata = class_uchardata_base;
4152 }
4153 #endif
4154
4155 /* Inside \Q...\E everything is literal except \E */
4156
4157 if (inescq)
4158 {
4159 if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E) /* If we are at \E */
4160 {
4161 inescq = FALSE; /* Reset literal state */
4162 ptr++; /* Skip the 'E' */
4163 continue; /* Carry on with next */
4164 }
4165 goto CHECK_RANGE; /* Could be range if \E follows */
4166 }
4167
4168 /* Handle POSIX class names. Perl allows a negation extension of the
4169 form [:^name:]. A square bracket that doesn't match the syntax is
4170 treated as a literal. We also recognize the POSIX constructions
4171 [.ch.] and [=ch=] ("collating elements") and fault them, as Perl
4172 5.6 and 5.8 do. */
4173
4174 if (c == CHAR_LEFT_SQUARE_BRACKET &&
4175 (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
4176 ptr[1] == CHAR_EQUALS_SIGN) && check_posix_syntax(ptr, &tempptr))
4177 {
4178 BOOL local_negate = FALSE;
4179 int posix_class, taboffset, tabopt;
4180 register const pcre_uint8 *cbits = cd->cbits;
4181 pcre_uint8 pbits[32];
4182
4183 if (ptr[1] != CHAR_COLON)
4184 {
4185 *errorcodeptr = ERR31;
4186 goto FAILED;
4187 }
4188
4189 ptr += 2;
4190 if (*ptr == CHAR_CIRCUMFLEX_ACCENT)
4191 {
4192 local_negate = TRUE;
4193 should_flip_negation = TRUE; /* Note negative special */
4194 ptr++;
4195 }
4196
4197 posix_class = check_posix_name(ptr, (int)(tempptr - ptr));
4198 if (posix_class < 0)
4199 {
4200 *errorcodeptr = ERR30;
4201 goto FAILED;
4202 }
4203
4204 /* If matching is caseless, upper and lower are converted to
4205 alpha. This relies on the fact that the class table starts with
4206 alpha, lower, upper as the first 3 entries. */
4207
4208 if ((options & PCRE_CASELESS) != 0 && posix_class <= 2)
4209 posix_class = 0;
4210
4211 /* When PCRE_UCP is set, some of the POSIX classes are converted to
4212 different escape sequences that use Unicode properties. */
4213
4214 #ifdef SUPPORT_UCP
4215 if ((options & PCRE_UCP) != 0)
4216 {
4217 int pc = posix_class + ((local_negate)? POSIX_SUBSIZE/2 : 0);
4218 if (posix_substitutes[pc] != NULL)
4219 {
4220 nestptr = tempptr + 1;
4221 ptr = posix_substitutes[pc] - 1;
4222 continue;
4223 }
4224 }
4225 #endif
4226 /* In the non-UCP case, we build the bit map for the POSIX class in a
4227 chunk of local store because we may be adding and subtracting from it,
4228 and we don't want to subtract bits that may be in the main map already.
4229 At the end we or the result into the bit map that is being built. */
4230
4231 posix_class *= 3;
4232
4233 /* Copy in the first table (always present) */
4234
4235 memcpy(pbits, cbits + posix_class_maps[posix_class],
4236 32 * sizeof(pcre_uint8));
4237
4238 /* If there is a second table, add or remove it as required. */
4239
4240 taboffset = posix_class_maps[posix_class + 1];
4241 tabopt = posix_class_maps[posix_class + 2];
4242
4243 if (taboffset >= 0)
4244 {
4245 if (tabopt >= 0)
4246 for (c = 0; c < 32; c++) pbits[c] |= cbits[c + taboffset];
4247 else
4248 for (c = 0; c < 32; c++) pbits[c] &= ~cbits[c + taboffset];
4249 }
4250
4251 /* Now see if we need to remove any special characters. An option
4252 value of 1 removes vertical space and 2 removes underscore. */
4253
4254 if (tabopt < 0) tabopt = -tabopt;
4255 if (tabopt == 1) pbits[1] &= ~0x3c;
4256 else if (tabopt == 2) pbits[11] &= 0x7f;
4257
4258 /* Add the POSIX table or its complement into the main table that is
4259 being built and we are done. */
4260
4261 if (local_negate)
4262 for (c = 0; c < 32; c++) classbits[c] |= ~pbits[c];
4263 else
4264 for (c = 0; c < 32; c++) classbits[c] |= pbits[c];
4265
4266 ptr = tempptr + 1;
4267 /* Every class contains at least one < 256 character. */
4268 class_has_8bitchar = 1;
4269 /* Every class contains at least two characters. */
4270 class_one_char = 2;
4271 continue; /* End of POSIX syntax handling */
4272 }
4273
4274 /* Backslash may introduce a single character, or it may introduce one
4275 of the specials, which just set a flag. The sequence \b is a special
4276 case. Inside a class (and only there) it is treated as backspace. We
4277 assume that other escapes have more than one character in them, so
4278 speculatively set both class_has_8bitchar and class_one_char bigger
4279 than one. Unrecognized escapes fall through and are either treated
4280 as literal characters (by default), or are faulted if
4281 PCRE_EXTRA is set. */
4282
4283 if (c == CHAR_BACKSLASH)
4284 {
4285 escape = check_escape(&ptr, &ec, errorcodeptr, cd->bracount, options, TRUE);
4286
4287 if (*errorcodeptr != 0) goto FAILED;
4288
4289 if (escape == 0)
4290 c = ec;
4291 else if (escape == ESC_b) c = CHAR_BS; /* \b is backspace in a class */
4292 else if (escape == ESC_N) /* \N is not supported in a class */
4293 {
4294 *errorcodeptr = ERR71;
4295 goto FAILED;
4296 }
4297 else if (escape == ESC_Q) /* Handle start of quoted string */
4298 {
4299 if (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
4300 {
4301 ptr += 2; /* avoid empty string */
4302 }
4303 else inescq = TRUE;
4304 continue;
4305 }
4306 else if (escape == ESC_E) continue; /* Ignore orphan \E */
4307
4308 else
4309 {
4310 register const pcre_uint8 *cbits = cd->cbits;
4311 /* Every class contains at least two < 256 characters. */
4312 class_has_8bitchar++;
4313 /* Every class contains at least two characters. */
4314 class_one_char += 2;
4315
4316 switch (escape)
4317 {
4318 #ifdef SUPPORT_UCP
4319 case ESC_du: /* These are the values given for \d etc */
4320 case ESC_DU: /* when PCRE_UCP is set. We replace the */
4321 case ESC_wu: /* escape sequence with an appropriate \p */
4322 case ESC_WU: /* or \P to test Unicode properties instead */
4323 case ESC_su: /* of the default ASCII testing. */
4324 case ESC_SU:
4325 nestptr = ptr;
4326 ptr = substitutes[escape - ESC_DU] - 1; /* Just before substitute */
4327 class_has_8bitchar--; /* Undo! */
4328 continue;
4329 #endif
4330 case ESC_d:
4331 for (c = 0; c < 32; c++) classbits[c] |= cbits[c+cbit_digit];
4332 continue;
4333
4334 case ESC_D:
4335 should_flip_negation = TRUE;
4336 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_digit];
4337 continue;
4338
4339 case ESC_w:
4340 for (c = 0; c < 32; c++) classbits[c] |= cbits[c+cbit_word];
4341 continue;
4342
4343 case ESC_W:
4344 should_flip_negation = TRUE;
4345 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_word];
4346 continue;
4347
4348 /* Perl 5.004 onwards omits VT from \s, but we must preserve it
4349 if it was previously set by something earlier in the character
4350 class. Luckily, the value of CHAR_VT is 0x0b in both ASCII and
4351 EBCDIC, so we lazily just adjust the appropriate bit. */
4352
4353 case ESC_s:
4354 classbits[0] |= cbits[cbit_space];
4355 classbits[1] |= cbits[cbit_space+1] & ~0x08;
4356 for (c = 2; c < 32; c++) classbits[c] |= cbits[c+cbit_space];
4357 continue;
4358
4359 case ESC_S:
4360 should_flip_negation = TRUE;
4361 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_space];
4362 classbits[1] |= 0x08; /* Perl 5.004 onwards omits VT from \s */
4363 continue;
4364
4365 /* The rest apply in both UCP and non-UCP cases. */
4366
4367 case ESC_h:
4368 (void)add_list_to_class(classbits, &class_uchardata, options, cd,
4369 PRIV(hspace_list), NOTACHAR);
4370 continue;
4371
4372 case ESC_H:
4373 (void)add_not_list_to_class(classbits, &class_uchardata, options,
4374 cd, PRIV(hspace_list));
4375 continue;
4376
4377 case ESC_v:
4378 (void)add_list_to_class(classbits, &class_uchardata, options, cd,
4379 PRIV(vspace_list), NOTACHAR);
4380 continue;
4381
4382 case ESC_V:
4383 (void)add_not_list_to_class(classbits, &class_uchardata, options,
4384 cd, PRIV(vspace_list));
4385 continue;
4386
4387 #ifdef SUPPORT_UCP
4388 case ESC_p:
4389 case ESC_P:
4390 {
4391 BOOL negated;
4392 unsigned int ptype = 0, pdata = 0;
4393 if (!get_ucp(&ptr, &negated, &ptype, &pdata, errorcodeptr))
4394 goto FAILED;
4395 *class_uchardata++ = ((escape == ESC_p) != negated)?
4396 XCL_PROP : XCL_NOTPROP;
4397 *class_uchardata++ = ptype;
4398 *class_uchardata++ = pdata;
4399 class_has_8bitchar--; /* Undo! */
4400 continue;
4401 }
4402 #endif
4403 /* Unrecognized escapes are faulted if PCRE is running in its
4404 strict mode. By default, for compatibility with Perl, they are
4405 treated as literals. */
4406
4407 default:
4408 if ((options & PCRE_EXTRA) != 0)
4409 {
4410 *errorcodeptr = ERR7;
4411 goto FAILED;
4412 }
4413 class_has_8bitchar--; /* Undo the speculative increase. */
4414 class_one_char -= 2; /* Undo the speculative increase. */
4415 c = *ptr; /* Get the final character and fall through */
4416 break;
4417 }
4418 }
4419
4420 /* Fall through if the escape just defined a single character (c >= 0).
4421 This may be greater than 256. */
4422
4423 escape = 0;
4424
4425 } /* End of backslash handling */
4426
4427 /* A character may be followed by '-' to form a range. However, Perl does
4428 not permit ']' to be the end of the range. A '-' character at the end is
4429 treated as a literal. Perl ignores orphaned \E sequences entirely. The
4430 code for handling \Q and \E is messy. */
4431
4432 CHECK_RANGE:
4433 while (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
4434 {
4435 inescq = FALSE;
4436 ptr += 2;
4437 }
4438 oldptr = ptr;
4439
4440 /* Remember if \r or \n were explicitly used */
4441
4442 if (c == CHAR_CR || c == CHAR_NL) cd->external_flags |= PCRE_HASCRORLF;
4443
4444 /* Check for range */
4445
4446 if (!inescq && ptr[1] == CHAR_MINUS)
4447 {
4448 pcre_uint32 d;
4449 ptr += 2;
4450 while (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_E) ptr += 2;
4451
4452 /* If we hit \Q (not followed by \E) at this point, go into escaped
4453 mode. */
4454
4455 while (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_Q)
4456 {
4457 ptr += 2;
4458 if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_E)
4459 { ptr += 2; continue; }
4460 inescq = TRUE;
4461 break;
4462 }
4463
4464 /* Minus (hyphen) at the end of a class is treated as a literal, so put
4465 back the pointer and jump to handle the character that preceded it. */
4466
4467 if (*ptr == 0 || (!inescq && *ptr == CHAR_RIGHT_SQUARE_BRACKET))
4468 {
4469 ptr = oldptr;
4470 goto CLASS_SINGLE_CHARACTER;
4471 }
4472
4473 /* Otherwise, we have a potential range; pick up the next character */
4474
4475 #ifdef SUPPORT_UTF
4476 if (utf)
4477 { /* Braces are required because the */
4478 GETCHARLEN(d, ptr, ptr); /* macro generates multiple statements */
4479 }
4480 else
4481 #endif
4482 d = *ptr; /* Not UTF-8 mode */
4483
4484 /* The second part of a range can be a single-character escape, but
4485 not any of the other escapes. Perl 5.6 treats a hyphen as a literal
4486 in such circumstances. */
4487
4488 if (!inescq && d == CHAR_BACKSLASH)
4489 {
4490 int descape;
4491 descape = check_escape(&ptr, &d, errorcodeptr, cd->bracount, options, TRUE);
4492 if (*errorcodeptr != 0) goto FAILED;
4493
4494 /* \b is backspace; any other special means the '-' was literal. */
4495
4496 if (descape != 0)
4497 {
4498 if (descape == ESC_b) d = CHAR_BS; else
4499 {
4500 ptr = oldptr;
4501 goto CLASS_SINGLE_CHARACTER; /* A few lines below */
4502 }
4503 }
4504 }
4505
4506 /* Check that the two values are in the correct order. Optimize
4507 one-character ranges. */
4508
4509 if (d < c)
4510 {
4511 *errorcodeptr = ERR8;
4512 goto FAILED;
4513 }
4514 if (d == c) goto CLASS_SINGLE_CHARACTER; /* A few lines below */
4515
4516 /* We have found a character range, so single character optimizations
4517 cannot be done anymore. Any value greater than 1 indicates that there
4518 is more than one character. */
4519
4520 class_one_char = 2;
4521
4522 /* Remember an explicit \r or \n, and add the range to the class. */
4523
4524 if (d == CHAR_CR || d == CHAR_NL) cd->external_flags |= PCRE_HASCRORLF;
4525
4526 class_has_8bitchar +=
4527 add_to_class(classbits, &class_uchardata, options, cd, c, d);
4528
4529 continue; /* Go get the next char in the class */
4530 }
4531
4532 /* Handle a single character - we can get here for a normal non-escape
4533 char, or after \ that introduces a single character or for an apparent
4534 range that isn't. Only the value 1 matters for class_one_char, so don't
4535 increase it if it is already 2 or more ... just in case there's a class
4536 with a zillion characters in it. */
4537
4538 CLASS_SINGLE_CHARACTER:
4539 if (class_one_char < 2) class_one_char++;
4540
4541 /* If class_one_char is 1, we have the first single character in the
4542 class, and there have been no prior ranges, or XCLASS items generated by
4543 escapes. If this is the final character in the class, we can optimize by
4544 turning the item into a 1-character OP_CHAR[I] if it's positive, or
4545 OP_NOT[I] if it's negative. In the positive case, it can cause firstchar
4546 to be set. Otherwise, there can be no first char if this item is first,
4547 whatever repeat count may follow. In the case of reqchar, save the
4548 previous value for reinstating. */
4549
4550 if (class_one_char == 1 && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
4551 {
4552 ptr++;
4553 zeroreqchar = reqchar;
4554 zeroreqcharflags = reqcharflags;
4555
4556 if (negate_class)
4557 {
4558 #ifdef SUPPORT_UCP
4559 int d;
4560 #endif
4561 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
4562 zerofirstchar = firstchar;
4563 zerofirstcharflags = firstcharflags;
4564
4565 /* For caseless UTF-8 mode when UCP support is available, check
4566 whether this character has more than one other case. If so, generate
4567 a special OP_NOTPROP item instead of OP_NOTI. */
4568
4569 #ifdef SUPPORT_UCP
4570 if (utf && (options & PCRE_CASELESS) != 0 &&
4571 (d = UCD_CASESET(c)) != 0)
4572 {
4573 *code++ = OP_NOTPROP;
4574 *code++ = PT_CLIST;
4575 *code++ = d;
4576 }
4577 else
4578 #endif
4579 /* Char has only one other case, or UCP not available */
4580
4581 {
4582 *code++ = ((options & PCRE_CASELESS) != 0)? OP_NOTI: OP_NOT;
4583 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4584 if (utf && c > MAX_VALUE_FOR_SINGLE_CHAR)
4585 code += PRIV(ord2utf)(c, code);
4586 else
4587 #endif
4588 *code++ = c;
4589 }
4590
4591 /* We are finished with this character class */
4592
4593 goto END_CLASS;
4594 }
4595
4596 /* For a single, positive character, get the value into mcbuffer, and
4597 then we can handle this with the normal one-character code. */
4598
4599 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4600 if (utf && c > MAX_VALUE_FOR_SINGLE_CHAR)
4601 mclength = PRIV(ord2utf)(c, mcbuffer);
4602 else
4603 #endif
4604 {
4605 mcbuffer[0] = c;
4606 mclength = 1;
4607 }
4608 goto ONE_CHAR;
4609 } /* End of 1-char optimization */
4610
4611 /* There is more than one character in the class, or an XCLASS item
4612 has been generated. Add this character to the class. */
4613
4614 class_has_8bitchar +=
4615 add_to_class(classbits, &class_uchardata, options, cd, c, c);
4616 }
4617
4618 /* Loop until ']' reached. This "while" is the end of the "do" far above.
4619 If we are at the end of an internal nested string, revert to the outer
4620 string. */
4621
4622 while (((c = *(++ptr)) != 0 ||
4623 (nestptr != NULL &&
4624 (ptr = nestptr, nestptr = NULL, c = *(++ptr)) != 0)) &&
4625 (c != CHAR_RIGHT_SQUARE_BRACKET || inescq));
4626
4627 /* Check for missing terminating ']' */
4628
4629 if (c == 0)
4630 {
4631 *errorcodeptr = ERR6;
4632 goto FAILED;
4633 }
4634
4635 /* We will need an XCLASS if data has been placed in class_uchardata. In
4636 the second phase this is a sufficient test. However, in the pre-compile
4637 phase, class_uchardata gets emptied to prevent workspace overflow, so it
4638 only if the very last character in the class needs XCLASS will it contain
4639 anything at this point. For this reason, xclass gets set TRUE above when
4640 uchar_classdata is emptied, and that's why this code is the way it is here
4641 instead of just doing a test on class_uchardata below. */
4642
4643 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4644 if (class_uchardata > class_uchardata_base) xclass = TRUE;
4645 #endif
4646
4647 /* If this is the first thing in the branch, there can be no first char
4648 setting, whatever the repeat count. Any reqchar setting must remain
4649 unchanged after any kind of repeat. */
4650
4651 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
4652 zerofirstchar = firstchar;
4653 zerofirstcharflags = firstcharflags;
4654 zeroreqchar = reqchar;
4655 zeroreqcharflags = reqcharflags;
4656
4657 /* If there are characters with values > 255, we have to compile an
4658 extended class, with its own opcode, unless there was a negated special
4659 such as \S in the class, and PCRE_UCP is not set, because in that case all
4660 characters > 255 are in the class, so any that were explicitly given as
4661 well can be ignored. If (when there are explicit characters > 255 that must
4662 be listed) there are no characters < 256, we can omit the bitmap in the
4663 actual compiled code. */
4664
4665 #ifdef SUPPORT_UTF
4666 if (xclass && (!should_flip_negation || (options & PCRE_UCP) != 0))
4667 #elif !defined COMPILE_PCRE8
4668 if (xclass && !should_flip_negation)
4669 #endif
4670 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4671 {
4672 *class_uchardata++ = XCL_END; /* Marks the end of extra data */
4673 *code++ = OP_XCLASS;
4674 code += LINK_SIZE;
4675 *code = negate_class? XCL_NOT:0;
4676
4677 /* If the map is required, move up the extra data to make room for it;
4678 otherwise just move the code pointer to the end of the extra data. */
4679
4680 if (class_has_8bitchar > 0)
4681 {
4682 *code++ |= XCL_MAP;
4683 memmove(code + (32 / sizeof(pcre_uchar)), code,
4684 IN_UCHARS(class_uchardata - code));
4685 memcpy(code, classbits, 32);
4686 code = class_uchardata + (32 / sizeof(pcre_uchar));
4687 }
4688 else code = class_uchardata;
4689
4690 /* Now fill in the complete length of the item */
4691
4692 PUT(previous, 1, (int)(code - previous));
4693 break; /* End of class handling */
4694 }
4695 #endif
4696
4697 /* If there are no characters > 255, or they are all to be included or
4698 excluded, set the opcode to OP_CLASS or OP_NCLASS, depending on whether the
4699 whole class was negated and whether there were negative specials such as \S
4700 (non-UCP) in the class. Then copy the 32-byte map into the code vector,
4701 negating it if necessary. */
4702
4703 *code++ = (negate_class == should_flip_negation) ? OP_CLASS : OP_NCLASS;
4704 if (lengthptr == NULL) /* Save time in the pre-compile phase */
4705 {
4706 if (negate_class)
4707 for (c = 0; c < 32; c++) classbits[c] = ~classbits[c];
4708 memcpy(code, classbits, 32);
4709 }
4710 code += 32 / sizeof(pcre_uchar);
4711
4712 END_CLASS:
4713 break;
4714
4715
4716 /* ===================================================================*/
4717 /* Various kinds of repeat; '{' is not necessarily a quantifier, but this
4718 has been tested above. */
4719
4720 case CHAR_LEFT_CURLY_BRACKET:
4721 if (!is_quantifier) goto NORMAL_CHAR;
4722 ptr = read_repeat_counts(ptr+1, &repeat_min, &repeat_max, errorcodeptr);
4723 if (*errorcodeptr != 0) goto FAILED;
4724 goto REPEAT;
4725
4726 case CHAR_ASTERISK:
4727 repeat_min = 0;
4728 repeat_max = -1;
4729 goto REPEAT;
4730
4731 case CHAR_PLUS:
4732 repeat_min = 1;
4733 repeat_max = -1;
4734 goto REPEAT;
4735
4736 case CHAR_QUESTION_MARK:
4737 repeat_min = 0;
4738 repeat_max = 1;
4739
4740 REPEAT:
4741 if (previous == NULL)
4742 {
4743 *errorcodeptr = ERR9;
4744 goto FAILED;
4745 }
4746
4747 if (repeat_min == 0)
4748 {
4749 firstchar = zerofirstchar; /* Adjust for zero repeat */
4750 firstcharflags = zerofirstcharflags;
4751 reqchar = zeroreqchar; /* Ditto */
4752 reqcharflags = zeroreqcharflags;
4753 }
4754
4755 /* Remember whether this is a variable length repeat */
4756
4757 reqvary = (repeat_min == repeat_max)? 0 : REQ_VARY;
4758
4759 op_type = 0; /* Default single-char op codes */
4760 possessive_quantifier = FALSE; /* Default not possessive quantifier */
4761
4762 /* Save start of previous item, in case we have to move it up in order to
4763 insert something before it. */
4764
4765 tempcode = previous;
4766
4767 /* If the next character is '+', we have a possessive quantifier. This
4768 implies greediness, whatever the setting of the PCRE_UNGREEDY option.
4769 If the next character is '?' this is a minimizing repeat, by default,
4770 but if PCRE_UNGREEDY is set, it works the other way round. We change the
4771 repeat type to the non-default. */
4772
4773 if (ptr[1] == CHAR_PLUS)
4774 {
4775 repeat_type = 0; /* Force greedy */
4776 possessive_quantifier = TRUE;
4777 ptr++;
4778 }
4779 else if (ptr[1] == CHAR_QUESTION_MARK)
4780 {
4781 repeat_type = greedy_non_default;
4782 ptr++;
4783 }
4784 else repeat_type = greedy_default;
4785
4786 /* If previous was a recursion call, wrap it in atomic brackets so that
4787 previous becomes the atomic group. All recursions were so wrapped in the
4788 past, but it no longer happens for non-repeated recursions. In fact, the
4789 repeated ones could be re-implemented independently so as not to need this,
4790 but for the moment we rely on the code for repeating groups. */
4791
4792 if (*previous == OP_RECURSE)
4793 {
4794 memmove(previous + 1 + LINK_SIZE, previous, IN_UCHARS(1 + LINK_SIZE));
4795 *previous = OP_ONCE;
4796 PUT(previous, 1, 2 + 2*LINK_SIZE);
4797 previous[2 + 2*LINK_SIZE] = OP_KET;
4798 PUT(previous, 3 + 2*LINK_SIZE, 2 + 2*LINK_SIZE);
4799 code += 2 + 2 * LINK_SIZE;
4800 length_prevgroup = 3 + 3*LINK_SIZE;
4801
4802 /* When actually compiling, we need to check whether this was a forward
4803 reference, and if so, adjust the offset. */
4804
4805 if (lengthptr == NULL && cd->hwm >= cd->start_workspace + LINK_SIZE)
4806 {
4807 int offset = GET(cd->hwm, -LINK_SIZE);
4808 if (offset == previous + 1 - cd->start_code)
4809 PUT(cd->hwm, -LINK_SIZE, offset + 1 + LINK_SIZE);
4810 }
4811 }
4812
4813 /* Now handle repetition for the different types of item. */
4814
4815 /* If previous was a character or negated character match, abolish the item
4816 and generate a repeat item instead. If a char item has a minimum of more
4817 than one, ensure that it is set in reqchar - it might not be if a sequence
4818 such as x{3} is the first thing in a branch because the x will have gone
4819 into firstchar instead. */
4820
4821 if (*previous == OP_CHAR || *previous == OP_CHARI
4822 || *previous == OP_NOT || *previous == OP_NOTI)
4823 {
4824 switch (*previous)
4825 {
4826 default: /* Make compiler happy. */
4827 case OP_CHAR: op_type = OP_STAR - OP_STAR; break;
4828 case OP_CHARI: op_type = OP_STARI - OP_STAR; break;
4829 case OP_NOT: op_type = OP_NOTSTAR - OP_STAR; break;
4830 case OP_NOTI: op_type = OP_NOTSTARI - OP_STAR; break;
4831 }
4832
4833 /* Deal with UTF characters that take up more than one character. It's
4834 easier to write this out separately than try to macrify it. Use c to
4835 hold the length of the character in bytes, plus UTF_LENGTH to flag that
4836 it's a length rather than a small character. */
4837
4838 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4839 if (utf && NOT_FIRSTCHAR(code[-1]))
4840 {
4841 pcre_uchar *lastchar = code - 1;
4842 BACKCHAR(lastchar);
4843 c = (int)(code - lastchar); /* Length of UTF-8 character */
4844 memcpy(utf_chars, lastchar, IN_UCHARS(c)); /* Save the char */
4845 c |= UTF_LENGTH; /* Flag c as a length */
4846 }
4847 else
4848 #endif /* SUPPORT_UTF */
4849
4850 /* Handle the case of a single charater - either with no UTF support, or
4851 with UTF disabled, or for a single character UTF character. */
4852 {
4853 c = code[-1];
4854 if (*previous <= OP_CHARI && repeat_min > 1)
4855 {
4856 reqchar = c;
4857 reqcharflags = req_caseopt | cd->req_varyopt;
4858 }
4859 }
4860
4861 /* If the repetition is unlimited, it pays to see if the next thing on
4862 the line is something that cannot possibly match this character. If so,
4863 automatically possessifying this item gains some performance in the case
4864 where the match fails. */
4865
4866 if (!possessive_quantifier &&
4867 repeat_max < 0 &&
4868 check_auto_possessive(previous, utf, ptr + 1, options, cd))
4869 {
4870 repeat_type = 0; /* Force greedy */
4871 possessive_quantifier = TRUE;
4872 }
4873
4874 goto OUTPUT_SINGLE_REPEAT; /* Code shared with single character types */
4875 }
4876
4877 /* If previous was a character type match (\d or similar), abolish it and
4878 create a suitable repeat item. The code is shared with single-character
4879 repeats by setting op_type to add a suitable offset into repeat_type. Note
4880 the the Unicode property types will be present only when SUPPORT_UCP is
4881 defined, but we don't wrap the little bits of code here because it just
4882 makes it horribly messy. */
4883
4884 else if (*previous < OP_EODN)
4885 {
4886 pcre_uchar *oldcode;
4887 int prop_type, prop_value;
4888 op_type = OP_TYPESTAR - OP_STAR; /* Use type opcodes */
4889 c = *previous;
4890
4891 if (!possessive_quantifier &&
4892 repeat_max < 0 &&
4893 check_auto_possessive(previous, utf, ptr + 1, options, cd))
4894 {
4895 repeat_type = 0; /* Force greedy */
4896 possessive_quantifier = TRUE;
4897 }
4898
4899 OUTPUT_SINGLE_REPEAT:
4900 if (*previous == OP_PROP || *previous == OP_NOTPROP)
4901 {
4902 prop_type = previous[1];
4903 prop_value = previous[2];
4904 }
4905 else prop_type = prop_value = -1;
4906
4907 oldcode = code;
4908 code = previous; /* Usually overwrite previous item */
4909
4910 /* If the maximum is zero then the minimum must also be zero; Perl allows
4911 this case, so we do too - by simply omitting the item altogether. */
4912
4913 if (repeat_max == 0) goto END_REPEAT;
4914
4915 /*--------------------------------------------------------------------*/
4916 /* This code is obsolete from release 8.00; the restriction was finally
4917 removed: */
4918
4919 /* All real repeats make it impossible to handle partial matching (maybe
4920 one day we will be able to remove this restriction). */
4921
4922 /* if (repeat_max != 1) cd->external_flags |= PCRE_NOPARTIAL; */
4923 /*--------------------------------------------------------------------*/
4924
4925 /* Combine the op_type with the repeat_type */
4926
4927 repeat_type += op_type;
4928
4929 /* A minimum of zero is handled either as the special case * or ?, or as
4930 an UPTO, with the maximum given. */
4931
4932 if (repeat_min == 0)
4933 {
4934 if (repeat_max == -1) *code++ = OP_STAR + repeat_type;
4935 else if (repeat_max == 1) *code++ = OP_QUERY + repeat_type;
4936 else
4937 {
4938 *code++ = OP_UPTO + repeat_type;
4939 PUT2INC(code, 0, repeat_max);
4940 }
4941 }
4942
4943 /* A repeat minimum of 1 is optimized into some special cases. If the
4944 maximum is unlimited, we use OP_PLUS. Otherwise, the original item is
4945 left in place and, if the maximum is greater than 1, we use OP_UPTO with
4946 one less than the maximum. */
4947
4948 else if (repeat_min == 1)
4949 {
4950 if (repeat_max == -1)
4951 *code++ = OP_PLUS + repeat_type;
4952 else
4953 {
4954 code = oldcode; /* leave previous item in place */
4955 if (repeat_max == 1) goto END_REPEAT;
4956 *code++ = OP_UPTO + repeat_type;
4957 PUT2INC(code, 0, repeat_max - 1);
4958 }
4959 }
4960
4961 /* The case {n,n} is just an EXACT, while the general case {n,m} is
4962 handled as an EXACT followed by an UPTO. */
4963
4964 else
4965 {
4966 *code++ = OP_EXACT + op_type; /* NB EXACT doesn't have repeat_type */
4967 PUT2INC(code, 0, repeat_min);
4968
4969 /* If the maximum is unlimited, insert an OP_STAR. Before doing so,
4970 we have to insert the character for the previous code. For a repeated
4971 Unicode property match, there are two extra bytes that define the
4972 required property. In UTF-8 mode, long characters have their length in
4973 c, with the UTF_LENGTH bit as a flag. */
4974
4975 if (repeat_max < 0)
4976 {
4977 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4978 if (utf && (c & UTF_LENGTH) != 0)
4979 {
4980 memcpy(code, utf_chars, IN_UCHARS(c & 7));
4981 code += c & 7;
4982 }
4983 else
4984 #endif
4985 {
4986 *code++ = c;
4987 if (prop_type >= 0)
4988 {
4989 *code++ = prop_type;
4990 *code++ = prop_value;
4991 }
4992 }
4993 *code++ = OP_STAR + repeat_type;
4994 }
4995
4996 /* Else insert an UPTO if the max is greater than the min, again
4997 preceded by the character, for the previously inserted code. If the
4998 UPTO is just for 1 instance, we can use QUERY instead. */
4999
5000 else if (repeat_max != repeat_min)
5001 {
5002 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
5003 if (utf && (c & UTF_LENGTH) != 0)
5004 {
5005 memcpy(code, utf_chars, IN_UCHARS(c & 7));
5006 code += c & 7;
5007 }
5008 else
5009 #endif
5010 *code++ = c;
5011 if (prop_type >= 0)
5012 {
5013 *code++ = prop_type;
5014 *code++ = prop_value;
5015 }
5016 repeat_max -= repeat_min;
5017
5018 if (repeat_max == 1)
5019 {
5020 *code++ = OP_QUERY + repeat_type;
5021 }
5022 else
5023 {
5024 *code++ = OP_UPTO + repeat_type;
5025 PUT2INC(code, 0, repeat_max);
5026 }
5027 }
5028 }
5029
5030 /* The character or character type itself comes last in all cases. */
5031
5032 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
5033 if (utf && (c & UTF_LENGTH) != 0)
5034 {
5035 memcpy(code, utf_chars, IN_UCHARS(c & 7));
5036 code += c & 7;
5037 }
5038 else
5039 #endif
5040 *code++ = c;
5041
5042 /* For a repeated Unicode property match, there are two extra bytes that
5043 define the required property. */
5044
5045 #ifdef SUPPORT_UCP
5046 if (prop_type >= 0)
5047 {
5048 *code++ = prop_type;
5049 *code++ = prop_value;
5050 }
5051 #endif
5052 }
5053
5054 /* If previous was a character class or a back reference, we put the repeat
5055 stuff after it, but just skip the item if the repeat was {0,0}. */
5056
5057 else if (*previous == OP_CLASS ||
5058 *previous == OP_NCLASS ||
5059 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
5060 *previous == OP_XCLASS ||
5061 #endif
5062 *previous == OP_REF ||
5063 *previous == OP_REFI)
5064 {
5065 if (repeat_max == 0)
5066 {
5067 code = previous;
5068 goto END_REPEAT;
5069 }
5070
5071 /*--------------------------------------------------------------------*/
5072 /* This code is obsolete from release 8.00; the restriction was finally
5073 removed: */
5074
5075 /* All real repeats make it impossible to handle partial matching (maybe
5076 one day we will be able to remove this restriction). */
5077
5078 /* if (repeat_max != 1) cd->external_flags |= PCRE_NOPARTIAL; */
5079 /*--------------------------------------------------------------------*/
5080
5081 if (repeat_min == 0 && repeat_max == -1)
5082 *code++ = OP_CRSTAR + repeat_type;
5083 else if (repeat_min == 1 && repeat_max == -1)
5084 *code++ = OP_CRPLUS + repeat_type;
5085 else if (repeat_min == 0 && repeat_max == 1)
5086 *code++ = OP_CRQUERY + repeat_type;
5087 else
5088 {
5089 *code++ = OP_CRRANGE + repeat_type;
5090 PUT2INC(code, 0, repeat_min);
5091 if (repeat_max == -1) repeat_max = 0; /* 2-byte encoding for max */
5092 PUT2INC(code, 0, repeat_max);
5093 }
5094 }
5095
5096 /* If previous was a bracket group, we may have to replicate it in certain
5097 cases. Note that at this point we can encounter only the "basic" bracket
5098 opcodes such as BRA and CBRA, as this is the place where they get converted
5099 into the more special varieties such as BRAPOS and SBRA. A test for >=
5100 OP_ASSERT and <= OP_COND includes ASSERT, ASSERT_NOT, ASSERTBACK,
5101 ASSERTBACK_NOT, ONCE, BRA, CBRA, and COND. Originally, PCRE did not allow
5102 repetition of assertions, but now it does, for Perl compatibility. */
5103
5104 else if (*previous >= OP_ASSERT && *previous <= OP_COND)
5105 {
5106 register int i;
5107 int len = (int)(code - previous);
5108 pcre_uchar *bralink = NULL;
5109 pcre_uchar *brazeroptr = NULL;
5110
5111 /* Repeating a DEFINE group is pointless, but Perl allows the syntax, so
5112 we just ignore the repeat. */
5113
5114 if (*previous == OP_COND && previous[LINK_SIZE+1] == OP_DEF)
5115 goto END_REPEAT;
5116
5117 /* There is no sense in actually repeating assertions. The only potential
5118 use of repetition is in cases when the assertion is optional. Therefore,
5119 if the minimum is greater than zero, just ignore the repeat. If the
5120 maximum is not not zero or one, set it to 1. */
5121
5122 if (*previous < OP_ONCE) /* Assertion */
5123 {
5124 if (repeat_min > 0) goto END_REPEAT;
5125 if (repeat_max < 0 || repeat_max > 1) repeat_max = 1;
5126 }
5127
5128 /* The case of a zero minimum is special because of the need to stick
5129 OP_BRAZERO in front of it, and because the group appears once in the
5130 data, whereas in other cases it appears the minimum number of times. For
5131 this reason, it is simplest to treat this case separately, as otherwise
5132 the code gets far too messy. There are several special subcases when the
5133 minimum is zero. */
5134
5135 if (repeat_min == 0)
5136 {
5137 /* If the maximum is also zero, we used to just omit the group from the
5138 output altogether, like this:
5139
5140 ** if (repeat_max == 0)
5141 ** {
5142 ** code = previous;
5143 ** goto END_REPEAT;
5144 ** }
5145
5146 However, that fails when a group or a subgroup within it is referenced
5147 as a subroutine from elsewhere in the pattern, so now we stick in
5148 OP_SKIPZERO in front of it so that it is skipped on execution. As we
5149 don't have a list of which groups are referenced, we cannot do this
5150 selectively.
5151
5152 If the maximum is 1 or unlimited, we just have to stick in the BRAZERO
5153 and do no more at this point. However, we do need to adjust any
5154 OP_RECURSE calls inside the group that refer to the group itself or any
5155 internal or forward referenced group, because the offset is from the
5156 start of the whole regex. Temporarily terminate the pattern while doing
5157 this. */
5158
5159 if (repeat_max <= 1) /* Covers 0, 1, and unlimited */
5160 {
5161 *code = OP_END;
5162 adjust_recurse(previous, 1, utf, cd, save_hwm);
5163 memmove(previous + 1, previous, IN_UCHARS(len));
5164 code++;
5165 if (repeat_max == 0)
5166 {
5167 *previous++ = OP_SKIPZERO;
5168 goto END_REPEAT;
5169 }
5170 brazeroptr = previous; /* Save for possessive optimizing */
5171 *previous++ = OP_BRAZERO + repeat_type;
5172 }
5173
5174 /* If the maximum is greater than 1 and limited, we have to replicate
5175 in a nested fashion, sticking OP_BRAZERO before each set of brackets.
5176 The first one has to be handled carefully because it's the original
5177 copy, which has to be moved up. The remainder can be handled by code
5178 that is common with the non-zero minimum case below. We have to
5179 adjust the value or repeat_max, since one less copy is required. Once
5180 again, we may have to adjust any OP_RECURSE calls inside the group. */
5181
5182 else
5183 {
5184 int offset;
5185 *code = OP_END;
5186 adjust_recurse(previous, 2 + LINK_SIZE, utf, cd, save_hwm);
5187 memmove(previous + 2 + LINK_SIZE, previous, IN_UCHARS(len));
5188 code += 2 + LINK_SIZE;
5189 *previous++ = OP_BRAZERO + repeat_type;
5190 *previous++ = OP_BRA;
5191
5192 /* We chain together the bracket offset fields that have to be
5193 filled in later when the ends of the brackets are reached. */
5194
5195 offset = (bralink == NULL)? 0 : (int)(previous - bralink);
5196 bralink = previous;
5197 PUTINC(previous, 0, offset);
5198 }
5199
5200 repeat_max--;
5201 }
5202
5203 /* If the minimum is greater than zero, replicate the group as many
5204 times as necessary, and adjust the maximum to the number of subsequent
5205 copies that we need. If we set a first char from the group, and didn't
5206 set a required char, copy the latter from the former. If there are any
5207 forward reference subroutine calls in the group, there will be entries on
5208 the workspace list; replicate these with an appropriate increment. */
5209
5210 else
5211 {
5212 if (repeat_min > 1)
5213 {
5214 /* In the pre-compile phase, we don't actually do the replication. We
5215 just adjust the length as if we had. Do some paranoid checks for
5216 potential integer overflow. The INT64_OR_DOUBLE type is a 64-bit
5217 integer type when available, otherwise double. */
5218
5219 if (lengthptr != NULL)
5220 {
5221 int delta = (repeat_min - 1)*length_prevgroup;
5222 if ((INT64_OR_DOUBLE)(repeat_min - 1)*
5223 (INT64_OR_DOUBLE)length_prevgroup >
5224 (INT64_OR_DOUBLE)INT_MAX ||
5225 OFLOW_MAX - *lengthptr < delta)
5226 {
5227 *errorcodeptr = ERR20;
5228 goto FAILED;
5229 }
5230 *lengthptr += delta;
5231 }
5232
5233 /* This is compiling for real. If there is a set first byte for
5234 the group, and we have not yet set a "required byte", set it. Make
5235 sure there is enough workspace for copying forward references before
5236 doing the copy. */
5237
5238 else
5239 {
5240 if (groupsetfirstchar && reqcharflags < 0)
5241 {
5242 reqchar = firstchar;
5243 reqcharflags = firstcharflags;
5244 }
5245
5246 for (i = 1; i < repeat_min; i++)
5247 {
5248 pcre_uchar *hc;
5249 pcre_uchar *this_hwm = cd->hwm;
5250 memcpy(code, previous, IN_UCHARS(len));
5251
5252 while (cd->hwm > cd->start_workspace + cd->workspace_size -
5253 WORK_SIZE_SAFETY_MARGIN - (this_hwm - save_hwm))
5254 {
5255 int save_offset = save_hwm - cd->start_workspace;
5256 int this_offset = this_hwm - cd->start_workspace;
5257 *errorcodeptr = expand_workspace(cd);
5258 if (*errorcodeptr != 0) goto FAILED;
5259 save_hwm = (pcre_uchar *)cd->start_workspace + save_offset;
5260 this_hwm = (pcre_uchar *)cd->start_workspace + this_offset;
5261 }
5262
5263 for (hc = save_hwm; hc < this_hwm; hc += LINK_SIZE)
5264 {
5265 PUT(cd->hwm, 0, GET(hc, 0) + len);
5266 cd->hwm += LINK_SIZE;
5267 }
5268 save_hwm = this_hwm;
5269 code += len;
5270 }
5271 }
5272 }
5273
5274 if (repeat_max > 0) repeat_max -= repeat_min;
5275 }
5276
5277 /* This code is common to both the zero and non-zero minimum cases. If
5278 the maximum is limited, it replicates the group in a nested fashion,
5279 remembering the bracket starts on a stack. In the case of a zero minimum,
5280 the first one was set up above. In all cases the repeat_max now specifies
5281 the number of additional copies needed. Again, we must remember to
5282 replicate entries on the forward reference list. */
5283
5284 if (repeat_max >= 0)
5285 {
5286 /* In the pre-compile phase, we don't actually do the replication. We
5287 just adjust the length as if we had. For each repetition we must add 1
5288 to the length for BRAZERO and for all but the last repetition we must
5289 add 2 + 2*LINKSIZE to allow for the nesting that occurs. Do some
5290 paranoid checks to avoid integer overflow. The INT64_OR_DOUBLE type is
5291 a 64-bit integer type when available, otherwise double. */
5292
5293 if (lengthptr != NULL && repeat_max > 0)
5294 {
5295 int delta = repeat_max * (length_prevgroup + 1 + 2 + 2*LINK_SIZE) -
5296 2 - 2*LINK_SIZE; /* Last one doesn't nest */
5297 if ((INT64_OR_DOUBLE)repeat_max *
5298 (INT64_OR_DOUBLE)(length_prevgroup + 1 + 2 + 2*LINK_SIZE)
5299 > (INT64_OR_DOUBLE)INT_MAX ||
5300 OFLOW_MAX - *lengthptr < delta)
5301 {
5302 *errorcodeptr = ERR20;
5303 goto FAILED;
5304 }
5305 *lengthptr += delta;
5306 }
5307
5308 /* This is compiling for real */
5309
5310 else for (i = repeat_max - 1; i >= 0; i--)
5311 {
5312 pcre_uchar *hc;
5313 pcre_uchar *this_hwm = cd->hwm;
5314
5315 *code++ = OP_BRAZERO + repeat_type;
5316
5317 /* All but the final copy start a new nesting, maintaining the
5318 chain of brackets outstanding. */
5319
5320 if (i != 0)
5321 {
5322 int offset;
5323 *code++ = OP_BRA;
5324 offset = (bralink == NULL)? 0 : (int)(code - bralink);
5325 bralink = code;
5326 PUTINC(code, 0, offset);
5327 }
5328
5329 memcpy(code, previous, IN_UCHARS(len));
5330
5331 /* Ensure there is enough workspace for forward references before
5332 copying them. */
5333
5334 while (cd->hwm > cd->start_workspace + cd->workspace_size -
5335 WORK_SIZE_SAFETY_MARGIN - (this_hwm - save_hwm))
5336 {
5337 int save_offset = save_hwm - cd->start_workspace;
5338 int this_offset = this_hwm - cd->start_workspace;
5339 *errorcodeptr = expand_workspace(cd);
5340 if (*errorcodeptr != 0) goto FAILED;
5341 save_hwm = (pcre_uchar *)cd->start_workspace + save_offset;
5342 this_hwm = (pcre_uchar *)cd->start_workspace + this_offset;
5343 }
5344
5345 for (hc = save_hwm; hc < this_hwm; hc += LINK_SIZE)
5346 {
5347 PUT(cd->hwm, 0, GET(hc, 0) + len + ((i != 0)? 2+LINK_SIZE : 1));
5348 cd->hwm += LINK_SIZE;
5349 }
5350 save_hwm = this_hwm;
5351 code += len;
5352 }
5353
5354 /* Now chain through the pending brackets, and fill in their length
5355 fields (which are holding the chain links pro tem). */
5356
5357 while (bralink != NULL)
5358 {
5359 int oldlinkoffset;
5360 int offset = (int)(code - bralink + 1);
5361 pcre_uchar *bra = code - offset;
5362 oldlinkoffset = GET(bra, 1);
5363 bralink = (oldlinkoffset == 0)? NULL : bralink - oldlinkoffset;
5364 *code++ = OP_KET;
5365 PUTINC(code, 0, offset);
5366 PUT(bra, 1, offset);
5367 }
5368 }
5369
5370 /* If the maximum is unlimited, set a repeater in the final copy. For
5371 ONCE brackets, that's all we need to do. However, possessively repeated
5372 ONCE brackets can be converted into non-capturing brackets, as the
5373 behaviour of (?:xx)++ is the same as (?>xx)++ and this saves having to
5374 deal with possessive ONCEs specially.
5375
5376 Otherwise, when we are doing the actual compile phase, check to see
5377 whether this group is one that could match an empty string. If so,
5378 convert the initial operator to the S form (e.g. OP_BRA -> OP_SBRA) so
5379 that runtime checking can be done. [This check is also applied to ONCE
5380 groups at runtime, but in a different way.]
5381
5382 Then, if the quantifier was possessive and the bracket is not a
5383 conditional, we convert the BRA code to the POS form, and the KET code to
5384 KETRPOS. (It turns out to be convenient at runtime to detect this kind of
5385 subpattern at both the start and at the end.) The use of special opcodes
5386 makes it possible to reduce greatly the stack usage in pcre_exec(). If
5387 the group is preceded by OP_BRAZERO, convert this to OP_BRAPOSZERO.
5388
5389 Then, if the minimum number of matches is 1 or 0, cancel the possessive
5390 flag so that the default action below, of wrapping everything inside
5391 atomic brackets, does not happen. When the minimum is greater than 1,
5392 there will be earlier copies of the group, and so we still have to wrap
5393 the whole thing. */
5394
5395 else
5396 {
5397 pcre_uchar *ketcode = code - 1 - LINK_SIZE;
5398 pcre_uchar *bracode = ketcode - GET(ketcode, 1);
5399
5400 /* Convert possessive ONCE brackets to non-capturing */
5401
5402 if ((*bracode == OP_ONCE || *bracode == OP_ONCE_NC) &&
5403 possessive_quantifier) *bracode = OP_BRA;
5404
5405 /* For non-possessive ONCE brackets, all we need to do is to
5406 set the KET. */
5407
5408 if (*bracode == OP_ONCE || *bracode == OP_ONCE_NC)
5409 *ketcode = OP_KETRMAX + repeat_type;
5410
5411 /* Handle non-ONCE brackets and possessive ONCEs (which have been
5412 converted to non-capturing above). */
5413
5414 else
5415 {
5416 /* In the compile phase, check for empty string matching. */
5417
5418 if (lengthptr == NULL)
5419 {
5420 pcre_uchar *scode = bracode;
5421 do
5422 {
5423 if (could_be_empty_branch(scode, ketcode, utf, cd))
5424 {
5425 *bracode += OP_SBRA - OP_BRA;
5426 break;
5427 }
5428 scode += GET(scode, 1);
5429 }
5430 while (*scode == OP_ALT);
5431 }
5432
5433 /* Handle possessive quantifiers. */
5434
5435 if (possessive_quantifier)
5436 {
5437 /* For COND brackets, we wrap the whole thing in a possessively
5438 repeated non-capturing bracket, because we have not invented POS
5439 versions of the COND opcodes. Because we are moving code along, we
5440 must ensure that any pending recursive references are updated. */
5441
5442 if (*bracode == OP_COND || *bracode == OP_SCOND)
5443 {
5444 int nlen = (int)(code - bracode);
5445 *code = OP_END;
5446 adjust_recurse(bracode, 1 + LINK_SIZE, utf, cd, save_hwm);
5447 memmove(bracode + 1 + LINK_SIZE, bracode, IN_UCHARS(nlen));
5448 code += 1 + LINK_SIZE;
5449 nlen += 1 + LINK_SIZE;
5450 *bracode = OP_BRAPOS;
5451 *code++ = OP_KETRPOS;
5452 PUTINC(code, 0, nlen);
5453 PUT(bracode, 1, nlen);
5454 }
5455
5456 /* For non-COND brackets, we modify the BRA code and use KETRPOS. */
5457
5458 else
5459 {
5460 *bracode += 1; /* Switch to xxxPOS opcodes */
5461 *ketcode = OP_KETRPOS;
5462 }
5463
5464 /* If the minimum is zero, mark it as possessive, then unset the
5465 possessive flag when the minimum is 0 or 1. */
5466
5467 if (brazeroptr != NULL) *brazeroptr = OP_BRAPOSZERO;
5468 if (repeat_min < 2) possessive_quantifier = FALSE;
5469 }
5470
5471 /* Non-possessive quantifier */
5472
5473 else *ketcode = OP_KETRMAX + repeat_type;
5474 }
5475 }
5476 }
5477
5478 /* If previous is OP_FAIL, it was generated by an empty class [] in
5479 JavaScript mode. The other ways in which OP_FAIL can be generated, that is
5480 by (*FAIL) or (?!) set previous to NULL, which gives a "nothing to repeat"
5481 error above. We can just ignore the repeat in JS case. */
5482
5483 else if (*previous == OP_FAIL) goto END_REPEAT;
5484
5485 /* Else there's some kind of shambles */
5486
5487 else
5488 {
5489 *errorcodeptr = ERR11;
5490 goto FAILED;
5491 }
5492
5493 /* If the character following a repeat is '+', or if certain optimization
5494 tests above succeeded, possessive_quantifier is TRUE. For some opcodes,
5495 there are special alternative opcodes for this case. For anything else, we
5496 wrap the entire repeated item inside OP_ONCE brackets. Logically, the '+'
5497 notation is just syntactic sugar, taken from Sun's Java package, but the
5498 special opcodes can optimize it.
5499
5500 Some (but not all) possessively repeated subpatterns have already been
5501 completely handled in the code just above. For them, possessive_quantifier
5502 is always FALSE at this stage.
5503
5504 Note that the repeated item starts at tempcode, not at previous, which
5505 might be the first part of a string whose (former) last char we repeated.
5506
5507 Possessifying an 'exact' quantifier has no effect, so we can ignore it. But
5508 an 'upto' may follow. We skip over an 'exact' item, and then test the
5509 length of what remains before proceeding. */
5510
5511 if (possessive_quantifier)
5512 {
5513 int len;
5514
5515 if (*tempcode == OP_TYPEEXACT)
5516 tempcode += PRIV(OP_lengths)[*tempcode] +
5517 ((tempcode[1 + IMM2_SIZE] == OP_PROP
5518 || tempcode[1 + IMM2_SIZE] == OP_NOTPROP)? 2 : 0);
5519
5520 else if (*tempcode == OP_EXACT || *tempcode == OP_NOTEXACT)
5521 {
5522 tempcode += PRIV(OP_lengths)[*tempcode];
5523 #ifdef SUPPORT_UTF
5524 if (utf && HAS_EXTRALEN(tempcode[-1]))
5525 tempcode += GET_EXTRALEN(tempcode[-1]);
5526 #endif
5527 }
5528
5529 len = (int)(code - tempcode);
5530 if (len > 0) switch (*tempcode)
5531 {
5532 case OP_STAR: *tempcode = OP_POSSTAR; break;
5533 case OP_PLUS: *tempcode = OP_POSPLUS; break;
5534 case OP_QUERY: *tempcode = OP_POSQUERY; break;
5535 case OP_UPTO: *tempcode = OP_POSUPTO; break;
5536
5537 case OP_STARI: *tempcode = OP_POSSTARI; break;
5538 case OP_PLUSI: *tempcode = OP_POSPLUSI; break;
5539 case OP_QUERYI: *tempcode = OP_POSQUERYI; break;
5540 case OP_UPTOI: *tempcode = OP_POSUPTOI; break;
5541
5542 case OP_NOTSTAR: *tempcode = OP_NOTPOSSTAR; break;
5543 case OP_NOTPLUS: *tempcode = OP_NOTPOSPLUS; break;
5544 case OP_NOTQUERY: *tempcode = OP_NOTPOSQUERY; break;
5545 case OP_NOTUPTO: *tempcode = OP_NOTPOSUPTO; break;
5546
5547 case OP_NOTSTARI: *tempcode = OP_NOTPOSSTARI; break;
5548 case OP_NOTPLUSI: *tempcode = OP_NOTPOSPLUSI; break;
5549 case OP_NOTQUERYI: *tempcode = OP_NOTPOSQUERYI; break;
5550 case OP_NOTUPTOI: *tempcode = OP_NOTPOSUPTOI; break;
5551
5552 case OP_TYPESTAR: *tempcode = OP_TYPEPOSSTAR; break;
5553 case OP_TYPEPLUS: *tempcode = OP_TYPEPOSPLUS; break;
5554 case OP_TYPEQUERY: *tempcode = OP_TYPEPOSQUERY; break;
5555 case OP_TYPEUPTO: *tempcode = OP_TYPEPOSUPTO; break;
5556
5557 /* Because we are moving code along, we must ensure that any
5558 pending recursive references are updated. */
5559
5560 default:
5561 *code = OP_END;
5562 adjust_recurse(tempcode, 1 + LINK_SIZE, utf, cd, save_hwm);
5563 memmove(tempcode + 1 + LINK_SIZE, tempcode, IN_UCHARS(len));
5564 code += 1 + LINK_SIZE;
5565 len += 1 + LINK_SIZE;
5566 tempcode[0] = OP_ONCE;
5567 *code++ = OP_KET;
5568 PUTINC(code, 0, len);
5569 PUT(tempcode, 1, len);
5570 break;
5571 }
5572 }
5573
5574 /* In all case we no longer have a previous item. We also set the
5575 "follows varying string" flag for subsequently encountered reqchars if
5576 it isn't already set and we have just passed a varying length item. */
5577
5578 END_REPEAT:
5579 previous = NULL;
5580 cd->req_varyopt |= reqvary;
5581 break;
5582
5583
5584 /* ===================================================================*/
5585 /* Start of nested parenthesized sub-expression, or comment or lookahead or
5586 lookbehind or option setting or condition or all the other extended
5587 parenthesis forms. */
5588
5589 case CHAR_LEFT_PARENTHESIS:
5590 newoptions = options;
5591 skipbytes = 0;
5592 bravalue = OP_CBRA;
5593 save_hwm = cd->hwm;
5594 reset_bracount = FALSE;
5595
5596 /* First deal with various "verbs" that can be introduced by '*'. */
5597
5598 ptr++;
5599 if (ptr[0] == CHAR_ASTERISK && (ptr[1] == ':'
5600 || (MAX_255(ptr[1]) && ((cd->ctypes[ptr[1]] & ctype_letter) != 0))))
5601 {
5602 int i, namelen;
5603 int arglen = 0;
5604 const char *vn = verbnames;
5605 const pcre_uchar *name = ptr + 1;
5606 const pcre_uchar *arg = NULL;
5607 previous = NULL;
5608 ptr++;
5609 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_letter) != 0) ptr++;
5610 namelen = (int)(ptr - name);
5611
5612 /* It appears that Perl allows any characters whatsoever, other than
5613 a closing parenthesis, to appear in arguments, so we no longer insist on
5614 letters, digits, and underscores. */
5615
5616 if (*ptr == CHAR_COLON)
5617 {
5618 arg = ++ptr;
5619 while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
5620 arglen = (int)(ptr - arg);
5621 if ((unsigned int)arglen > MAX_MARK)
5622 {
5623 *errorcodeptr = ERR75;
5624 goto FAILED;
5625 }
5626 }
5627
5628 if (*ptr != CHAR_RIGHT_PARENTHESIS)
5629 {
5630 *errorcodeptr = ERR60;
5631 goto FAILED;
5632 }
5633
5634 /* Scan the table of verb names */
5635
5636 for (i = 0; i < verbcount; i++)
5637 {
5638 if (namelen == verbs[i].len &&
5639 STRNCMP_UC_C8(name, vn, namelen) == 0)
5640 {
5641 int setverb;
5642
5643 /* Check for open captures before ACCEPT and convert it to
5644 ASSERT_ACCEPT if in an assertion. */
5645
5646 if (verbs[i].op == OP_ACCEPT)
5647 {
5648 open_capitem *oc;
5649 if (arglen != 0)
5650 {
5651 *errorcodeptr = ERR59;
5652 goto FAILED;
5653 }
5654 cd->had_accept = TRUE;
5655 for (oc = cd->open_caps; oc != NULL; oc = oc->next)
5656 {
5657 *code++ = OP_CLOSE;
5658 PUT2INC(code, 0, oc->number);
5659 }
5660 setverb = *code++ =
5661 (cd->assert_depth > 0)? OP_ASSERT_ACCEPT : OP_ACCEPT;
5662
5663 /* Do not set firstchar after *ACCEPT */
5664 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
5665 }
5666
5667 /* Handle other cases with/without an argument */
5668
5669 else if (arglen == 0)
5670 {
5671 if (verbs[i].op < 0) /* Argument is mandatory */
5672 {
5673 *errorcodeptr = ERR66;
5674 goto FAILED;
5675 }
5676 setverb = *code++ = verbs[i].op;
5677 }
5678
5679 else
5680 {
5681 if (verbs[i].op_arg < 0) /* Argument is forbidden */
5682 {
5683 *errorcodeptr = ERR59;
5684 goto FAILED;
5685 }
5686 setverb = *code++ = verbs[i].op_arg;
5687 *code++ = arglen;
5688 memcpy(code, arg, IN_UCHARS(arglen));
5689 code += arglen;
5690 *code++ = 0;
5691 }
5692
5693 switch (setverb)
5694 {
5695 case OP_THEN:
5696 case OP_THEN_ARG:
5697 cd->external_flags |= PCRE_HASTHEN;
5698 break;
5699
5700 case OP_PRUNE:
5701 case OP_PRUNE_ARG:
5702 case OP_SKIP:
5703 case OP_SKIP_ARG:
5704 cd->had_pruneorskip = TRUE;
5705 break;
5706 }
5707
5708 break; /* Found verb, exit loop */
5709 }
5710
5711 vn += verbs[i].len + 1;
5712 }
5713
5714 if (i < verbcount) continue; /* Successfully handled a verb */
5715 *errorcodeptr = ERR60; /* Verb not recognized */
5716 goto FAILED;
5717 }
5718
5719 /* Deal with the extended parentheses; all are introduced by '?', and the
5720 appearance of any of them means that this is not a capturing group. */
5721
5722 else if (*ptr == CHAR_QUESTION_MARK)
5723 {
5724 int i, set, unset, namelen;
5725 int *optset;
5726 const pcre_uchar *name;
5727 pcre_uchar *slot;
5728
5729 switch (*(++ptr))
5730 {
5731 case CHAR_NUMBER_SIGN: /* Comment; skip to ket */
5732 ptr++;
5733 while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
5734 if (*ptr == 0)
5735 {
5736 *errorcodeptr = ERR18;
5737 goto FAILED;
5738 }
5739 continue;
5740
5741
5742 /* ------------------------------------------------------------ */
5743 case CHAR_VERTICAL_LINE: /* Reset capture count for each branch */
5744 reset_bracount = TRUE;
5745 /* Fall through */
5746
5747 /* ------------------------------------------------------------ */
5748 case CHAR_COLON: /* Non-capturing bracket */
5749 bravalue = OP_BRA;
5750 ptr++;
5751 break;
5752
5753
5754 /* ------------------------------------------------------------ */
5755 case CHAR_LEFT_PARENTHESIS:
5756 bravalue = OP_COND; /* Conditional group */
5757
5758 /* A condition can be an assertion, a number (referring to a numbered
5759 group), a name (referring to a named group), or 'R', referring to
5760 recursion. R<digits> and R&name are also permitted for recursion tests.
5761
5762 There are several syntaxes for testing a named group: (?(name)) is used
5763 by Python; Perl 5.10 onwards uses (?(<name>) or (?('name')).
5764
5765 There are two unfortunate ambiguities, caused by history. (a) 'R' can
5766 be the recursive thing or the name 'R' (and similarly for 'R' followed
5767 by digits), and (b) a number could be a name that consists of digits.
5768 In both cases, we look for a name first; if not found, we try the other
5769 cases. */
5770
5771 /* For conditions that are assertions, check the syntax, and then exit
5772 the switch. This will take control down to where bracketed groups,
5773 including assertions, are processed. */
5774
5775 if (ptr[1] == CHAR_QUESTION_MARK && (ptr[2] == CHAR_EQUALS_SIGN ||
5776 ptr[2] == CHAR_EXCLAMATION_MARK || ptr[2] == CHAR_LESS_THAN_SIGN))
5777 break;
5778
5779 /* Most other conditions use OP_CREF (a couple change to OP_RREF
5780 below), and all need to skip 1+IMM2_SIZE bytes at the start of the group. */
5781
5782 code[1+LINK_SIZE] = OP_CREF;
5783 skipbytes = 1+IMM2_SIZE;
5784 refsign = -1;
5785
5786 /* Check for a test for recursion in a named group. */
5787
5788 if (ptr[1] == CHAR_R && ptr[2] == CHAR_AMPERSAND)
5789 {
5790 terminator = -1;
5791 ptr += 2;
5792 code[1+LINK_SIZE] = OP_RREF; /* Change the type of test */
5793 }
5794
5795 /* Check for a test for a named group's having been set, using the Perl
5796 syntax (?(<name>) or (?('name') */
5797
5798 else if (ptr[1] == CHAR_LESS_THAN_SIGN)
5799 {
5800 terminator = CHAR_GREATER_THAN_SIGN;
5801 ptr++;
5802 }
5803 else if (ptr[1] == CHAR_APOSTROPHE)
5804 {
5805 terminator = CHAR_APOSTROPHE;
5806 ptr++;
5807 }
5808 else
5809 {
5810 terminator = 0;
5811 if (ptr[1] == CHAR_MINUS || ptr[1] == CHAR_PLUS) refsign = *(++ptr);
5812 }
5813
5814 /* We now expect to read a name; any thing else is an error */
5815
5816 if (!MAX_255(ptr[1]) || (cd->ctypes[ptr[1]] & ctype_word) == 0)
5817 {
5818 ptr += 1; /* To get the right offset */
5819 *errorcodeptr = ERR28;
5820 goto FAILED;
5821 }
5822
5823 /* Read the name, but also get it as a number if it's all digits */
5824
5825 recno = 0;
5826 name = ++ptr;
5827 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_word) != 0)
5828 {
5829 if (recno >= 0)
5830 recno = (IS_DIGIT(*ptr))? recno * 10 + (int)(*ptr - CHAR_0) : -1;
5831 ptr++;
5832 }
5833 namelen = (int)(ptr - name);
5834
5835 if ((terminator > 0 && *ptr++ != (pcre_uchar)terminator) ||
5836 *ptr++ != CHAR_RIGHT_PARENTHESIS)
5837 {
5838 ptr--; /* Error offset */
5839 *errorcodeptr = ERR26;
5840 goto FAILED;
5841 }
5842
5843 /* Do no further checking in the pre-compile phase. */
5844
5845 if (lengthptr != NULL) break;
5846
5847 /* In the real compile we do the work of looking for the actual
5848 reference. If the string started with "+" or "-" we require the rest to
5849 be digits, in which case recno will be set. */
5850
5851 if (refsign > 0)
5852 {
5853 if (recno <= 0)
5854 {
5855 *errorcodeptr = ERR58;
5856 goto FAILED;
5857 }
5858 recno = (refsign == CHAR_MINUS)?
5859 cd->bracount - recno + 1 : recno +cd->bracount;
5860 if (recno <= 0 || recno > cd->final_bracount)
5861 {
5862 *errorcodeptr = ERR15;
5863 goto FAILED;
5864 }
5865 PUT2(code, 2+LINK_SIZE, recno);
5866 break;
5867 }
5868
5869 /* Otherwise (did not start with "+" or "-"), start by looking for the
5870 name. If we find a name, add one to the opcode to change OP_CREF or
5871 OP_RREF into OP_NCREF or OP_NRREF. These behave exactly the same,
5872 except they record that the reference was originally to a name. The
5873 information is used to check duplicate names. */
5874
5875 slot = cd->name_table;
5876 for (i = 0; i < cd->names_found; i++)
5877 {
5878 if (STRNCMP_UC_UC(name, slot+IMM2_SIZE, namelen) == 0) break;
5879 slot += cd->name_entry_size;
5880 }
5881
5882 /* Found a previous named subpattern */
5883
5884 if (i < cd->names_found)
5885 {
5886 recno = GET2(slot, 0);
5887 PUT2(code, 2+LINK_SIZE, recno);
5888 code[1+LINK_SIZE]++;
5889 }
5890
5891 /* Search the pattern for a forward reference */
5892
5893 else if ((i = find_parens(cd, name, namelen,
5894 (options & PCRE_EXTENDED) != 0, utf)) > 0)
5895 {
5896 PUT2(code, 2+LINK_SIZE, i);
5897 code[1+LINK_SIZE]++;
5898 }
5899
5900 /* If terminator == 0 it means that the name followed directly after
5901 the opening parenthesis [e.g. (?(abc)...] and in this case there are
5902 some further alternatives to try. For the cases where terminator != 0
5903 [things like (?(<name>... or (?('name')... or (?(R&name)... ] we have
5904 now checked all the possibilities, so give an error. */
5905
5906 else if (terminator != 0)
5907 {
5908 *errorcodeptr = ERR15;
5909 goto FAILED;
5910 }
5911
5912 /* Check for (?(R) for recursion. Allow digits after R to specify a
5913 specific group number. */
5914
5915 else if (*name == CHAR_R)
5916 {
5917 recno = 0;
5918 for (i = 1; i < namelen; i++)
5919 {
5920 if (!IS_DIGIT(name[i]))
5921 {
5922 *errorcodeptr = ERR15;
5923 goto FAILED;
5924 }
5925 recno = recno * 10 + name[i] - CHAR_0;
5926 }
5927 if (recno == 0) recno = RREF_ANY;
5928 code[1+LINK_SIZE] = OP_RREF; /* Change test type */
5929 PUT2(code, 2+LINK_SIZE, recno);
5930 }
5931
5932 /* Similarly, check for the (?(DEFINE) "condition", which is always
5933 false. */
5934
5935 else if (namelen == 6 && STRNCMP_UC_C8(name, STRING_DEFINE, 6) == 0)
5936 {
5937 code[1+LINK_SIZE] = OP_DEF;
5938 skipbytes = 1;
5939 }
5940
5941 /* Check for the "name" actually being a subpattern number. We are
5942 in the second pass here, so final_bracount is set. */
5943
5944 else if (recno > 0 && recno <= cd->final_bracount)
5945 {
5946 PUT2(code, 2+LINK_SIZE, recno);
5947 }
5948
5949 /* Either an unidentified subpattern, or a reference to (?(0) */
5950
5951 else
5952 {
5953 *errorcodeptr = (recno == 0)? ERR35: ERR15;
5954 goto FAILED;
5955 }
5956 break;
5957
5958
5959 /* ------------------------------------------------------------ */
5960 case CHAR_EQUALS_SIGN: /* Positive lookahead */
5961 bravalue = OP_ASSERT;
5962 cd->assert_depth += 1;
5963 ptr++;
5964 break;
5965
5966
5967 /* ------------------------------------------------------------ */
5968 case CHAR_EXCLAMATION_MARK: /* Negative lookahead */
5969 ptr++;
5970 if (*ptr == CHAR_RIGHT_PARENTHESIS) /* Optimize (?!) */
5971 {
5972 *code++ = OP_FAIL;
5973 previous = NULL;
5974 continue;
5975 }
5976 bravalue = OP_ASSERT_NOT;
5977 cd->assert_depth += 1;
5978 break;
5979
5980
5981 /* ------------------------------------------------------------ */
5982 case CHAR_LESS_THAN_SIGN: /* Lookbehind or named define */
5983 switch (ptr[1])
5984 {
5985 case CHAR_EQUALS_SIGN: /* Positive lookbehind */
5986 bravalue = OP_ASSERTBACK;
5987 cd->assert_depth += 1;
5988 ptr += 2;
5989 break;
5990
5991 case CHAR_EXCLAMATION_MARK: /* Negative lookbehind */
5992 bravalue = OP_ASSERTBACK_NOT;
5993 cd->assert_depth += 1;
5994 ptr += 2;
5995 break;
5996
5997 default: /* Could be name define, else bad */
5998 if (MAX_255(ptr[1]) && (cd->ctypes[ptr[1]] & ctype_word) != 0)
5999 goto DEFINE_NAME;
6000 ptr++; /* Correct offset for error */
6001 *errorcodeptr = ERR24;
6002 goto FAILED;
6003 }
6004 break;
6005
6006
6007 /* ------------------------------------------------------------ */
6008 case CHAR_GREATER_THAN_SIGN: /* One-time brackets */
6009 bravalue = OP_ONCE;
6010 ptr++;
6011 break;
6012
6013
6014 /* ------------------------------------------------------------ */
6015 case CHAR_C: /* Callout - may be followed by digits; */
6016 previous_callout = code; /* Save for later completion */
6017 after_manual_callout = 1; /* Skip one item before completing */
6018 *code++ = OP_CALLOUT;
6019 {
6020 int n = 0;
6021 ptr++;
6022 while(IS_DIGIT(*ptr))
6023 n = n * 10 + *ptr++ - CHAR_0;
6024 if (*ptr != CHAR_RIGHT_PARENTHESIS)
6025 {
6026 *errorcodeptr = ERR39;
6027 goto FAILED;
6028 }
6029 if (n > 255)
6030 {
6031 *errorcodeptr = ERR38;
6032 goto FAILED;
6033 }
6034 *code++ = n;
6035 PUT(code, 0, (int)(ptr - cd->start_pattern + 1)); /* Pattern offset */
6036 PUT(code, LINK_SIZE, 0); /* Default length */
6037 code += 2 * LINK_SIZE;
6038 }
6039 previous = NULL;
6040 continue;
6041
6042
6043 /* ------------------------------------------------------------ */
6044 case CHAR_P: /* Python-style named subpattern handling */
6045 if (*(++ptr) == CHAR_EQUALS_SIGN ||
6046 *ptr == CHAR_GREATER_THAN_SIGN) /* Reference or recursion */
6047 {
6048 is_recurse = *ptr == CHAR_GREATER_THAN_SIGN;
6049 terminator = CHAR_RIGHT_PARENTHESIS;
6050 goto NAMED_REF_OR_RECURSE;
6051 }
6052 else if (*ptr != CHAR_LESS_THAN_SIGN) /* Test for Python-style defn */
6053 {
6054 *errorcodeptr = ERR41;
6055 goto FAILED;
6056 }
6057 /* Fall through to handle (?P< as (?< is handled */
6058
6059
6060 /* ------------------------------------------------------------ */
6061 DEFINE_NAME: /* Come here from (?< handling */
6062 case CHAR_APOSTROPHE:
6063 {
6064 terminator = (*ptr == CHAR_LESS_THAN_SIGN)?
6065 CHAR_GREATER_THAN_SIGN : CHAR_APOSTROPHE;
6066 name = ++ptr;
6067
6068 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_word) != 0) ptr++;
6069 namelen = (int)(ptr - name);
6070
6071 /* In the pre-compile phase, just do a syntax check. */
6072
6073 if (lengthptr != NULL)
6074 {
6075 if (*ptr != (pcre_uchar)terminator)
6076 {
6077 *errorcodeptr = ERR42;
6078 goto FAILED;
6079 }
6080 if (cd->names_found >= MAX_NAME_COUNT)
6081 {
6082 *errorcodeptr = ERR49;
6083 goto FAILED;
6084 }
6085 if (namelen + IMM2_SIZE + 1 > cd->name_entry_size)
6086 {
6087 cd->name_entry_size = namelen + IMM2_SIZE + 1;
6088 if (namelen > MAX_NAME_SIZE)
6089 {
6090 *errorcodeptr = ERR48;
6091 goto FAILED;
6092 }
6093 }
6094 }
6095
6096 /* In the real compile, create the entry in the table, maintaining
6097 alphabetical order. Duplicate names for different numbers are
6098 permitted only if PCRE_DUPNAMES is set. Duplicate names for the same
6099 number are always OK. (An existing number can be re-used if (?|
6100 appears in the pattern.) In either event, a duplicate name results in
6101 a duplicate entry in the table, even if the number is the same. This
6102 is because the number of names, and hence the table size, is computed
6103 in the pre-compile, and it affects various numbers and pointers which
6104 would all have to be modified, and the compiled code moved down, if
6105 duplicates with the same number were omitted from the table. This
6106 doesn't seem worth the hassle. However, *different* names for the
6107 same number are not permitted. */
6108
6109 else
6110 {
6111 BOOL dupname = FALSE;
6112 slot = cd->name_table;
6113
6114 for (i = 0; i < cd->names_found; i++)
6115 {
6116 int crc = memcmp(name, slot+IMM2_SIZE, IN_UCHARS(namelen));
6117 if (crc == 0)
6118 {
6119 if (slot[IMM2_SIZE+namelen] == 0)
6120 {
6121 if (GET2(slot, 0) != cd->bracount + 1 &&
6122 (options & PCRE_DUPNAMES) == 0)
6123 {
6124 *errorcodeptr = ERR43;
6125 goto FAILED;
6126 }
6127 else dupname = TRUE;
6128 }
6129 else crc = -1; /* Current name is a substring */
6130 }
6131
6132 /* Make space in the table and break the loop for an earlier
6133 name. For a duplicate or later name, carry on. We do this for
6134 duplicates so that in the simple case (when ?(| is not used) they
6135 are in order of their numbers. */
6136
6137 if (crc < 0)
6138 {
6139 memmove(slot + cd->name_entry_size, slot,
6140 IN_UCHARS((cd->names_found - i) * cd->name_entry_size));
6141 break;
6142 }
6143
6144 /* Continue the loop for a later or duplicate name */
6145
6146 slot += cd->name_entry_size;
6147 }
6148
6149 /* For non-duplicate names, check for a duplicate number before
6150 adding the new name. */
6151
6152 if (!dupname)
6153 {
6154 pcre_uchar *cslot = cd->name_table;
6155 for (i = 0; i < cd->names_found; i++)
6156 {
6157 if (cslot != slot)
6158 {
6159 if (GET2(cslot, 0) == cd->bracount + 1)
6160 {
6161 *errorcodeptr = ERR65;
6162 goto FAILED;
6163 }
6164 }
6165 else i--;
6166 cslot += cd->name_entry_size;
6167 }
6168 }
6169
6170 PUT2(slot, 0, cd->bracount + 1);
6171 memcpy(slot + IMM2_SIZE, name, IN_UCHARS(namelen));
6172 slot[IMM2_SIZE + namelen] = 0;
6173 }
6174 }
6175
6176 /* In both pre-compile and compile, count the number of names we've
6177 encountered. */
6178
6179 cd->names_found++;
6180 ptr++; /* Move past > or ' */
6181 goto NUMBERED_GROUP;
6182
6183
6184 /* ------------------------------------------------------------ */
6185 case CHAR_AMPERSAND: /* Perl recursion/subroutine syntax */
6186 terminator = CHAR_RIGHT_PARENTHESIS;
6187 is_recurse = TRUE;
6188 /* Fall through */
6189
6190 /* We come here from the Python syntax above that handles both
6191 references (?P=name) and recursion (?P>name), as well as falling
6192 through from the Perl recursion syntax (?&name). We also come here from
6193 the Perl \k<name> or \k'name' back reference syntax and the \k{name}
6194 .NET syntax, and the Oniguruma \g<...> and \g'...' subroutine syntax. */
6195
6196 NAMED_REF_OR_RECURSE:
6197 name = ++ptr;
6198 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_word) != 0) ptr++;
6199 namelen = (int)(ptr - name);
6200
6201 /* In the pre-compile phase, do a syntax check. We used to just set
6202 a dummy reference number, because it was not used in the first pass.
6203 However, with the change of recursive back references to be atomic,
6204 we have to look for the number so that this state can be identified, as
6205 otherwise the incorrect length is computed. If it's not a backwards
6206 reference, the dummy number will do. */
6207
6208 if (lengthptr != NULL)
6209 {
6210 const pcre_uchar *temp;
6211
6212 if (namelen == 0)
6213 {
6214 *errorcodeptr = ERR62;
6215 goto FAILED;
6216 }
6217 if (*ptr != (pcre_uchar)terminator)
6218 {
6219 *errorcodeptr = ERR42;
6220 goto FAILED;
6221 }
6222 if (namelen > MAX_NAME_SIZE)
6223 {
6224 *errorcodeptr = ERR48;
6225 goto FAILED;
6226 }
6227
6228 /* The name table does not exist in the first pass, so we cannot
6229 do a simple search as in the code below. Instead, we have to scan the
6230 pattern to find the number. It is important that we scan it only as
6231 far as we have got because the syntax of named subpatterns has not
6232 been checked for the rest of the pattern, and find_parens() assumes
6233 correct syntax. In any case, it's a waste of resources to scan
6234 further. We stop the scan at the current point by temporarily
6235 adjusting the value of cd->endpattern. */
6236
6237 temp = cd->end_pattern;
6238 cd->end_pattern = ptr;
6239 recno = find_parens(cd, name, namelen,
6240 (options & PCRE_EXTENDED) != 0, utf);
6241 cd->end_pattern = temp;
6242 if (recno < 0) recno = 0; /* Forward ref; set dummy number */
6243 }
6244
6245 /* In the real compile, seek the name in the table. We check the name
6246 first, and then check that we have reached the end of the name in the
6247 table. That way, if the name that is longer than any in the table,
6248 the comparison will fail without reading beyond the table entry. */
6249
6250 else
6251 {
6252 slot = cd->name_table;
6253 for (i = 0; i < cd->names_found; i++)
6254 {
6255 if (STRNCMP_UC_UC(name, slot+IMM2_SIZE, namelen) == 0 &&
6256 slot[IMM2_SIZE+namelen] == 0)
6257 break;
6258 slot += cd->name_entry_size;
6259 }
6260
6261 if (i < cd->names_found) /* Back reference */
6262 {
6263 recno = GET2(slot, 0);
6264 }
6265 else if ((recno = /* Forward back reference */
6266 find_parens(cd, name, namelen,
6267 (options & PCRE_EXTENDED) != 0, utf)) <= 0)
6268 {
6269 *errorcodeptr = ERR15;
6270 goto FAILED;
6271 }
6272 }
6273
6274 /* In both phases, we can now go to the code than handles numerical
6275 recursion or backreferences. */
6276
6277 if (is_recurse) goto HANDLE_RECURSION;
6278 else goto HANDLE_REFERENCE;
6279
6280
6281 /* ------------------------------------------------------------ */
6282 case CHAR_R: /* Recursion */
6283 ptr++; /* Same as (?0) */
6284 /* Fall through */
6285
6286
6287 /* ------------------------------------------------------------ */
6288 case CHAR_MINUS: case CHAR_PLUS: /* Recursion or subroutine */
6289 case CHAR_0: case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4:
6290 case CHAR_5: case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
6291 {
6292 const pcre_uchar *called;
6293 terminator = CHAR_RIGHT_PARENTHESIS;
6294
6295 /* Come here from the \g<...> and \g'...' code (Oniguruma
6296 compatibility). However, the syntax has been checked to ensure that
6297 the ... are a (signed) number, so that neither ERR63 nor ERR29 will
6298 be called on this path, nor with the jump to OTHER_CHAR_AFTER_QUERY
6299 ever be taken. */
6300
6301 HANDLE_NUMERICAL_RECURSION:
6302
6303 if ((refsign = *ptr) == CHAR_PLUS)
6304 {
6305 ptr++;
6306 if (!IS_DIGIT(*ptr))
6307 {
6308 *errorcodeptr = ERR63;
6309 goto FAILED;
6310 }
6311 }
6312 else if (refsign == CHAR_MINUS)
6313 {
6314 if (!IS_DIGIT(ptr[1]))
6315 goto OTHER_CHAR_AFTER_QUERY;
6316 ptr++;
6317 }
6318
6319 recno = 0;
6320 while(IS_DIGIT(*ptr))
6321 recno = recno * 10 + *ptr++ - CHAR_0;
6322
6323 if (*ptr != (pcre_uchar)terminator)
6324 {
6325 *errorcodeptr = ERR29;
6326 goto FAILED;
6327 }
6328
6329 if (refsign == CHAR_MINUS)
6330 {
6331 if (recno == 0)
6332 {
6333 *errorcodeptr = ERR58;
6334 goto FAILED;
6335 }
6336 recno = cd->bracount - recno + 1;
6337 if (recno <= 0)
6338 {
6339 *errorcodeptr = ERR15;
6340 goto FAILED;
6341 }
6342 }
6343 else if (refsign == CHAR_PLUS)
6344 {
6345 if (recno == 0)
6346 {
6347 *errorcodeptr = ERR58;
6348 goto FAILED;
6349 }
6350 recno += cd->bracount;
6351 }
6352
6353 /* Come here from code above that handles a named recursion */
6354
6355 HANDLE_RECURSION:
6356
6357 previous = code;
6358 called = cd->start_code;
6359
6360 /* When we are actually compiling, find the bracket that is being
6361 referenced. Temporarily end the regex in case it doesn't exist before
6362 this point. If we end up with a forward reference, first check that
6363 the bracket does occur later so we can give the error (and position)
6364 now. Then remember this forward reference in the workspace so it can
6365 be filled in at the end. */
6366
6367 if (lengthptr == NULL)
6368 {
6369 *code = OP_END;
6370 if (recno != 0)
6371 called = PRIV(find_bracket)(cd->start_code, utf, recno);
6372
6373 /* Forward reference */
6374
6375 if (called == NULL)
6376 {
6377 if (find_parens(cd, NULL, recno,
6378 (options & PCRE_EXTENDED) != 0, utf) < 0)
6379 {
6380 *errorcodeptr = ERR15;
6381 goto FAILED;
6382 }
6383
6384 /* Fudge the value of "called" so that when it is inserted as an
6385 offset below, what it actually inserted is the reference number
6386 of the group. Then remember the forward reference. */
6387
6388 called = cd->start_code + recno;
6389 if (cd->hwm >= cd->start_workspace + cd->workspace_size -
6390 WORK_SIZE_SAFETY_MARGIN)
6391 {
6392 *errorcodeptr = expand_workspace(cd);
6393 if (*errorcodeptr != 0) goto FAILED;
6394 }
6395 PUTINC(cd->hwm, 0, (int)(code + 1 - cd->start_code));
6396 }
6397
6398 /* If not a forward reference, and the subpattern is still open,
6399 this is a recursive call. We check to see if this is a left
6400 recursion that could loop for ever, and diagnose that case. We
6401 must not, however, do this check if we are in a conditional
6402 subpattern because the condition might be testing for recursion in
6403 a pattern such as /(?(R)a+|(?R)b)/, which is perfectly valid.
6404 Forever loops are also detected at runtime, so those that occur in
6405 conditional subpatterns will be picked up then. */
6406
6407 else if (GET(called, 1) == 0 && cond_depth <= 0 &&
6408 could_be_empty(called, code, bcptr, utf, cd))
6409 {
6410 *errorcodeptr = ERR40;
6411 goto FAILED;
6412 }
6413 }
6414
6415 /* Insert the recursion/subroutine item. It does not have a set first
6416 character (relevant if it is repeated, because it will then be
6417 wrapped with ONCE brackets). */
6418
6419 *code = OP_RECURSE;
6420 PUT(code, 1, (int)(called - cd->start_code));
6421 code += 1 + LINK_SIZE;
6422 groupsetfirstchar = FALSE;
6423 }
6424
6425 /* Can't determine a first byte now */
6426
6427 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
6428 continue;
6429
6430
6431 /* ------------------------------------------------------------ */
6432 default: /* Other characters: check option setting */
6433 OTHER_CHAR_AFTER_QUERY:
6434 set = unset = 0;
6435 optset = &set;
6436
6437 while (*ptr != CHAR_RIGHT_PARENTHESIS && *ptr != CHAR_COLON)
6438 {
6439 switch (*ptr++)
6440 {
6441 case CHAR_MINUS: optset = &unset; break;
6442
6443 case CHAR_J: /* Record that it changed in the external options */
6444 *optset |= PCRE_DUPNAMES;
6445 cd->external_flags |= PCRE_JCHANGED;
6446 break;
6447
6448 case CHAR_i: *optset |= PCRE_CASELESS; break;
6449 case CHAR_m: *optset |= PCRE_MULTILINE; break;
6450 case CHAR_s: *optset |= PCRE_DOTALL; break;
6451 case CHAR_x: *optset |= PCRE_EXTENDED; break;
6452 case CHAR_U: *optset |= PCRE_UNGREEDY; break;
6453 case CHAR_X: *optset |= PCRE_EXTRA; break;
6454
6455 default: *errorcodeptr = ERR12;
6456 ptr--; /* Correct the offset */
6457 goto FAILED;
6458 }
6459 }
6460
6461 /* Set up the changed option bits, but don't change anything yet. */
6462
6463 newoptions = (options | set) & (~unset);
6464
6465 /* If the options ended with ')' this is not the start of a nested
6466 group with option changes, so the options change at this level. If this
6467 item is right at the start of the pattern, the options can be
6468 abstracted and made external in the pre-compile phase, and ignored in
6469 the compile phase. This can be helpful when matching -- for instance in
6470 caseless checking of required bytes.
6471
6472 If the code pointer is not (cd->start_code + 1 + LINK_SIZE), we are
6473 definitely *not* at the start of the pattern because something has been
6474 compiled. In the pre-compile phase, however, the code pointer can have
6475 that value after the start, because it gets reset as code is discarded
6476 during the pre-compile. However, this can happen only at top level - if
6477 we are within parentheses, the starting BRA will still be present. At
6478 any parenthesis level, the length value can be used to test if anything
6479 has been compiled at that level. Thus, a test for both these conditions
6480 is necessary to ensure we correctly detect the start of the pattern in
6481 both phases.
6482
6483 If we are not at the pattern start, reset the greedy defaults and the
6484 case value for firstchar and reqchar. */
6485
6486 if (*ptr == CHAR_RIGHT_PARENTHESIS)
6487 {
6488 if (code == cd->start_code + 1 + LINK_SIZE &&
6489 (lengthptr == NULL || *lengthptr == 2 + 2*LINK_SIZE))
6490 {
6491 cd->external_options = newoptions;
6492 }
6493 else
6494 {
6495 greedy_default = ((newoptions & PCRE_UNGREEDY) != 0);
6496 greedy_non_default = greedy_default ^ 1;
6497 req_caseopt = ((newoptions & PCRE_CASELESS) != 0)? REQ_CASELESS:0;
6498 }
6499
6500 /* Change options at this level, and pass them back for use
6501 in subsequent branches. */
6502
6503 *optionsptr = options = newoptions;
6504 previous = NULL; /* This item can't be repeated */
6505 continue; /* It is complete */
6506 }
6507
6508 /* If the options ended with ':' we are heading into a nested group
6509 with possible change of options. Such groups are non-capturing and are
6510 not assertions of any kind. All we need to do is skip over the ':';
6511 the newoptions value is handled below. */
6512
6513 bravalue = OP_BRA;
6514 ptr++;
6515 } /* End of switch for character following (? */
6516 } /* End of (? handling */
6517
6518 /* Opening parenthesis not followed by '*' or '?'. If PCRE_NO_AUTO_CAPTURE
6519 is set, all unadorned brackets become non-capturing and behave like (?:...)
6520 brackets. */
6521
6522 else if ((options & PCRE_NO_AUTO_CAPTURE) != 0)
6523 {
6524 bravalue = OP_BRA;
6525 }
6526
6527 /* Else we have a capturing group. */
6528
6529 else
6530 {
6531 NUMBERED_GROUP:
6532 cd->bracount += 1;
6533 PUT2(code, 1+LINK_SIZE, cd->bracount);
6534 skipbytes = IMM2_SIZE;
6535 }
6536
6537 /* Process nested bracketed regex. Assertions used not to be repeatable,
6538 but this was changed for Perl compatibility, so all kinds can now be
6539 repeated. We copy code into a non-register variable (tempcode) in order to
6540 be able to pass its address because some compilers complain otherwise. */
6541
6542 previous = code; /* For handling repetition */
6543 *code = bravalue;
6544 tempcode = code;
6545 tempreqvary = cd->req_varyopt; /* Save value before bracket */
6546 tempbracount = cd->bracount; /* Save value before bracket */
6547 length_prevgroup = 0; /* Initialize for pre-compile phase */
6548
6549 if (!compile_regex(
6550 newoptions, /* The complete new option state */
6551 &tempcode, /* Where to put code (updated) */
6552 &ptr, /* Input pointer (updated) */
6553 errorcodeptr, /* Where to put an error message */
6554 (bravalue == OP_ASSERTBACK ||
6555 bravalue == OP_ASSERTBACK_NOT), /* TRUE if back assert */
6556 reset_bracount, /* True if (?| group */
6557 skipbytes, /* Skip over bracket number */
6558 cond_depth +
6559 ((bravalue == OP_COND)?1:0), /* Depth of condition subpatterns */
6560 &subfirstchar, /* For possible first char */
6561 &subfirstcharflags,
6562 &subreqchar, /* For possible last char */
6563 &subreqcharflags,
6564 bcptr, /* Current branch chain */
6565 cd, /* Tables block */
6566 (lengthptr == NULL)? NULL : /* Actual compile phase */
6567 &length_prevgroup /* Pre-compile phase */
6568 ))
6569 goto FAILED;
6570
6571 /* If this was an atomic group and there are no capturing groups within it,
6572 generate OP_ONCE_NC instead of OP_ONCE. */
6573
6574 if (bravalue == OP_ONCE && cd->bracount <= tempbracount)
6575 *code = OP_ONCE_NC;
6576
6577 if (bravalue >= OP_ASSERT && bravalue <= OP_ASSERTBACK_NOT)
6578 cd->assert_depth -= 1;
6579
6580 /* At the end of compiling, code is still pointing to the start of the
6581 group, while tempcode has been updated to point past the end of the group.
6582 The pattern pointer (ptr) is on the bracket.
6583
6584 If this is a conditional bracket, check that there are no more than
6585 two branches in the group, or just one if it's a DEFINE group. We do this
6586 in the real compile phase, not in the pre-pass, where the whole group may
6587 not be available. */
6588
6589 if (bravalue == OP_COND && lengthptr == NULL)
6590 {
6591 pcre_uchar *tc = code;
6592 int condcount = 0;
6593
6594 do {
6595 condcount++;
6596 tc += GET(tc,1);
6597 }
6598 while (*tc != OP_KET);
6599
6600 /* A DEFINE group is never obeyed inline (the "condition" is always
6601 false). It must have only one branch. */
6602
6603 if (code[LINK_SIZE+1] == OP_DEF)
6604 {
6605 if (condcount > 1)
6606 {
6607 *errorcodeptr = ERR54;
6608 goto FAILED;
6609 }
6610 bravalue = OP_DEF; /* Just a flag to suppress char handling below */
6611 }
6612
6613 /* A "normal" conditional group. If there is just one branch, we must not
6614 make use of its firstchar or reqchar, because this is equivalent to an
6615 empty second branch. */
6616
6617 else
6618 {
6619 if (condcount > 2)
6620 {
6621 *errorcodeptr = ERR27;
6622 goto FAILED;
6623 }
6624 if (condcount == 1) subfirstcharflags = subreqcharflags = REQ_NONE;
6625 }
6626 }
6627
6628 /* Error if hit end of pattern */
6629
6630 if (*ptr != CHAR_RIGHT_PARENTHESIS)
6631 {
6632 *errorcodeptr = ERR14;
6633 goto FAILED;
6634 }
6635
6636 /* In the pre-compile phase, update the length by the length of the group,
6637 less the brackets at either end. Then reduce the compiled code to just a
6638 set of non-capturing brackets so that it doesn't use much memory if it is
6639 duplicated by a quantifier.*/
6640