/[pcre]/code/trunk/pcre_compile.c
ViewVC logotype

Contents of /code/trunk/pcre_compile.c

Parent Directory Parent Directory | Revision Log Revision Log


Revision 744 - (show annotations)
Sun Nov 13 16:31:38 2011 UTC (8 years ago) by zherczeg
File MIME type: text/plain
File size: 246028 byte(s)
Error occurred while calculating annotation data.
Correctly supporting \x and \u in JavaScript compatibility mode
1 /*************************************************
2 * Perl-Compatible Regular Expressions *
3 *************************************************/
4
5 /* PCRE is a library of functions to support regular expressions whose syntax
6 and semantics are as close as possible to those of the Perl 5 language.
7
8 Written by Philip Hazel
9 Copyright (c) 1997-2011 University of Cambridge
10
11 -----------------------------------------------------------------------------
12 Redistribution and use in source and binary forms, with or without
13 modification, are permitted provided that the following conditions are met:
14
15 * Redistributions of source code must retain the above copyright notice,
16 this list of conditions and the following disclaimer.
17
18 * Redistributions in binary form must reproduce the above copyright
19 notice, this list of conditions and the following disclaimer in the
20 documentation and/or other materials provided with the distribution.
21
22 * Neither the name of the University of Cambridge nor the names of its
23 contributors may be used to endorse or promote products derived from
24 this software without specific prior written permission.
25
26 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
27 AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
30 LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
31 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
32 SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
33 INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
34 CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
35 ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
36 POSSIBILITY OF SUCH DAMAGE.
37 -----------------------------------------------------------------------------
38 */
39
40
41 /* This module contains the external function pcre_compile(), along with
42 supporting internal functions that are not used by other modules. */
43
44
45 #ifdef HAVE_CONFIG_H
46 #include "config.h"
47 #endif
48
49 #define NLBLOCK cd /* Block containing newline information */
50 #define PSSTART start_pattern /* Field containing processed string start */
51 #define PSEND end_pattern /* Field containing processed string end */
52
53 #include "pcre_internal.h"
54
55
56 /* When PCRE_DEBUG is defined, we need the pcre_printint() function, which is
57 also used by pcretest. PCRE_DEBUG is not defined when building a production
58 library. */
59
60 #ifdef PCRE_DEBUG
61 #include "pcre_printint.src"
62 #endif
63
64
65 /* Macro for setting individual bits in class bitmaps. */
66
67 #define SETBIT(a,b) a[b/8] |= (1 << (b%8))
68
69 /* Maximum length value to check against when making sure that the integer that
70 holds the compiled pattern length does not overflow. We make it a bit less than
71 INT_MAX to allow for adding in group terminating bytes, so that we don't have
72 to check them every time. */
73
74 #define OFLOW_MAX (INT_MAX - 20)
75
76
77 /*************************************************
78 * Code parameters and static tables *
79 *************************************************/
80
81 /* This value specifies the size of stack workspace that is used during the
82 first pre-compile phase that determines how much memory is required. The regex
83 is partly compiled into this space, but the compiled parts are discarded as
84 soon as they can be, so that hopefully there will never be an overrun. The code
85 does, however, check for an overrun. The largest amount I've seen used is 218,
86 so this number is very generous.
87
88 The same workspace is used during the second, actual compile phase for
89 remembering forward references to groups so that they can be filled in at the
90 end. Each entry in this list occupies LINK_SIZE bytes, so even when LINK_SIZE
91 is 4 there is plenty of room. */
92
93 #define COMPILE_WORK_SIZE (4096)
94
95 /* The overrun tests check for a slightly smaller size so that they detect the
96 overrun before it actually does run off the end of the data block. */
97
98 #define WORK_SIZE_CHECK (COMPILE_WORK_SIZE - 100)
99
100
101 /* Table for handling escaped characters in the range '0'-'z'. Positive returns
102 are simple data values; negative values are for special things like \d and so
103 on. Zero means further processing is needed (for things like \x), or the escape
104 is invalid. */
105
106 #ifndef EBCDIC
107
108 /* This is the "normal" table for ASCII systems or for EBCDIC systems running
109 in UTF-8 mode. */
110
111 static const short int escapes[] = {
112 0, 0,
113 0, 0,
114 0, 0,
115 0, 0,
116 0, 0,
117 CHAR_COLON, CHAR_SEMICOLON,
118 CHAR_LESS_THAN_SIGN, CHAR_EQUALS_SIGN,
119 CHAR_GREATER_THAN_SIGN, CHAR_QUESTION_MARK,
120 CHAR_COMMERCIAL_AT, -ESC_A,
121 -ESC_B, -ESC_C,
122 -ESC_D, -ESC_E,
123 0, -ESC_G,
124 -ESC_H, 0,
125 0, -ESC_K,
126 0, 0,
127 -ESC_N, 0,
128 -ESC_P, -ESC_Q,
129 -ESC_R, -ESC_S,
130 0, 0,
131 -ESC_V, -ESC_W,
132 -ESC_X, 0,
133 -ESC_Z, CHAR_LEFT_SQUARE_BRACKET,
134 CHAR_BACKSLASH, CHAR_RIGHT_SQUARE_BRACKET,
135 CHAR_CIRCUMFLEX_ACCENT, CHAR_UNDERSCORE,
136 CHAR_GRAVE_ACCENT, 7,
137 -ESC_b, 0,
138 -ESC_d, ESC_e,
139 ESC_f, 0,
140 -ESC_h, 0,
141 0, -ESC_k,
142 0, 0,
143 ESC_n, 0,
144 -ESC_p, 0,
145 ESC_r, -ESC_s,
146 ESC_tee, 0,
147 -ESC_v, -ESC_w,
148 0, 0,
149 -ESC_z
150 };
151
152 #else
153
154 /* This is the "abnormal" table for EBCDIC systems without UTF-8 support. */
155
156 static const short int escapes[] = {
157 /* 48 */ 0, 0, 0, '.', '<', '(', '+', '|',
158 /* 50 */ '&', 0, 0, 0, 0, 0, 0, 0,
159 /* 58 */ 0, 0, '!', '$', '*', ')', ';', '~',
160 /* 60 */ '-', '/', 0, 0, 0, 0, 0, 0,
161 /* 68 */ 0, 0, '|', ',', '%', '_', '>', '?',
162 /* 70 */ 0, 0, 0, 0, 0, 0, 0, 0,
163 /* 78 */ 0, '`', ':', '#', '@', '\'', '=', '"',
164 /* 80 */ 0, 7, -ESC_b, 0, -ESC_d, ESC_e, ESC_f, 0,
165 /* 88 */-ESC_h, 0, 0, '{', 0, 0, 0, 0,
166 /* 90 */ 0, 0, -ESC_k, 'l', 0, ESC_n, 0, -ESC_p,
167 /* 98 */ 0, ESC_r, 0, '}', 0, 0, 0, 0,
168 /* A0 */ 0, '~', -ESC_s, ESC_tee, 0,-ESC_v, -ESC_w, 0,
169 /* A8 */ 0,-ESC_z, 0, 0, 0, '[', 0, 0,
170 /* B0 */ 0, 0, 0, 0, 0, 0, 0, 0,
171 /* B8 */ 0, 0, 0, 0, 0, ']', '=', '-',
172 /* C0 */ '{',-ESC_A, -ESC_B, -ESC_C, -ESC_D,-ESC_E, 0, -ESC_G,
173 /* C8 */-ESC_H, 0, 0, 0, 0, 0, 0, 0,
174 /* D0 */ '}', 0, -ESC_K, 0, 0,-ESC_N, 0, -ESC_P,
175 /* D8 */-ESC_Q,-ESC_R, 0, 0, 0, 0, 0, 0,
176 /* E0 */ '\\', 0, -ESC_S, 0, 0,-ESC_V, -ESC_W, -ESC_X,
177 /* E8 */ 0,-ESC_Z, 0, 0, 0, 0, 0, 0,
178 /* F0 */ 0, 0, 0, 0, 0, 0, 0, 0,
179 /* F8 */ 0, 0, 0, 0, 0, 0, 0, 0
180 };
181 #endif
182
183
184 /* Table of special "verbs" like (*PRUNE). This is a short table, so it is
185 searched linearly. Put all the names into a single string, in order to reduce
186 the number of relocations when a shared library is dynamically linked. The
187 string is built from string macros so that it works in UTF-8 mode on EBCDIC
188 platforms. */
189
190 typedef struct verbitem {
191 int len; /* Length of verb name */
192 int op; /* Op when no arg, or -1 if arg mandatory */
193 int op_arg; /* Op when arg present, or -1 if not allowed */
194 } verbitem;
195
196 static const char verbnames[] =
197 "\0" /* Empty name is a shorthand for MARK */
198 STRING_MARK0
199 STRING_ACCEPT0
200 STRING_COMMIT0
201 STRING_F0
202 STRING_FAIL0
203 STRING_PRUNE0
204 STRING_SKIP0
205 STRING_THEN;
206
207 static const verbitem verbs[] = {
208 { 0, -1, OP_MARK },
209 { 4, -1, OP_MARK },
210 { 6, OP_ACCEPT, -1 },
211 { 6, OP_COMMIT, -1 },
212 { 1, OP_FAIL, -1 },
213 { 4, OP_FAIL, -1 },
214 { 5, OP_PRUNE, OP_PRUNE_ARG },
215 { 4, OP_SKIP, OP_SKIP_ARG },
216 { 4, OP_THEN, OP_THEN_ARG }
217 };
218
219 static const int verbcount = sizeof(verbs)/sizeof(verbitem);
220
221
222 /* Tables of names of POSIX character classes and their lengths. The names are
223 now all in a single string, to reduce the number of relocations when a shared
224 library is dynamically loaded. The list of lengths is terminated by a zero
225 length entry. The first three must be alpha, lower, upper, as this is assumed
226 for handling case independence. */
227
228 static const char posix_names[] =
229 STRING_alpha0 STRING_lower0 STRING_upper0 STRING_alnum0
230 STRING_ascii0 STRING_blank0 STRING_cntrl0 STRING_digit0
231 STRING_graph0 STRING_print0 STRING_punct0 STRING_space0
232 STRING_word0 STRING_xdigit;
233
234 static const uschar posix_name_lengths[] = {
235 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };
236
237 /* Table of class bit maps for each POSIX class. Each class is formed from a
238 base map, with an optional addition or removal of another map. Then, for some
239 classes, there is some additional tweaking: for [:blank:] the vertical space
240 characters are removed, and for [:alpha:] and [:alnum:] the underscore
241 character is removed. The triples in the table consist of the base map offset,
242 second map offset or -1 if no second map, and a non-negative value for map
243 addition or a negative value for map subtraction (if there are two maps). The
244 absolute value of the third field has these meanings: 0 => no tweaking, 1 =>
245 remove vertical space characters, 2 => remove underscore. */
246
247 static const int posix_class_maps[] = {
248 cbit_word, cbit_digit, -2, /* alpha */
249 cbit_lower, -1, 0, /* lower */
250 cbit_upper, -1, 0, /* upper */
251 cbit_word, -1, 2, /* alnum - word without underscore */
252 cbit_print, cbit_cntrl, 0, /* ascii */
253 cbit_space, -1, 1, /* blank - a GNU extension */
254 cbit_cntrl, -1, 0, /* cntrl */
255 cbit_digit, -1, 0, /* digit */
256 cbit_graph, -1, 0, /* graph */
257 cbit_print, -1, 0, /* print */
258 cbit_punct, -1, 0, /* punct */
259 cbit_space, -1, 0, /* space */
260 cbit_word, -1, 0, /* word - a Perl extension */
261 cbit_xdigit,-1, 0 /* xdigit */
262 };
263
264 /* Table of substitutes for \d etc when PCRE_UCP is set. The POSIX class
265 substitutes must be in the order of the names, defined above, and there are
266 both positive and negative cases. NULL means no substitute. */
267
268 #ifdef SUPPORT_UCP
269 static const uschar *substitutes[] = {
270 (uschar *)"\\P{Nd}", /* \D */
271 (uschar *)"\\p{Nd}", /* \d */
272 (uschar *)"\\P{Xsp}", /* \S */ /* NOTE: Xsp is Perl space */
273 (uschar *)"\\p{Xsp}", /* \s */
274 (uschar *)"\\P{Xwd}", /* \W */
275 (uschar *)"\\p{Xwd}" /* \w */
276 };
277
278 static const uschar *posix_substitutes[] = {
279 (uschar *)"\\p{L}", /* alpha */
280 (uschar *)"\\p{Ll}", /* lower */
281 (uschar *)"\\p{Lu}", /* upper */
282 (uschar *)"\\p{Xan}", /* alnum */
283 NULL, /* ascii */
284 (uschar *)"\\h", /* blank */
285 NULL, /* cntrl */
286 (uschar *)"\\p{Nd}", /* digit */
287 NULL, /* graph */
288 NULL, /* print */
289 NULL, /* punct */
290 (uschar *)"\\p{Xps}", /* space */ /* NOTE: Xps is POSIX space */
291 (uschar *)"\\p{Xwd}", /* word */
292 NULL, /* xdigit */
293 /* Negated cases */
294 (uschar *)"\\P{L}", /* ^alpha */
295 (uschar *)"\\P{Ll}", /* ^lower */
296 (uschar *)"\\P{Lu}", /* ^upper */
297 (uschar *)"\\P{Xan}", /* ^alnum */
298 NULL, /* ^ascii */
299 (uschar *)"\\H", /* ^blank */
300 NULL, /* ^cntrl */
301 (uschar *)"\\P{Nd}", /* ^digit */
302 NULL, /* ^graph */
303 NULL, /* ^print */
304 NULL, /* ^punct */
305 (uschar *)"\\P{Xps}", /* ^space */ /* NOTE: Xps is POSIX space */
306 (uschar *)"\\P{Xwd}", /* ^word */
307 NULL /* ^xdigit */
308 };
309 #define POSIX_SUBSIZE (sizeof(posix_substitutes)/sizeof(uschar *))
310 #endif
311
312 #define STRING(a) # a
313 #define XSTRING(s) STRING(s)
314
315 /* The texts of compile-time error messages. These are "char *" because they
316 are passed to the outside world. Do not ever re-use any error number, because
317 they are documented. Always add a new error instead. Messages marked DEAD below
318 are no longer used. This used to be a table of strings, but in order to reduce
319 the number of relocations needed when a shared library is loaded dynamically,
320 it is now one long string. We cannot use a table of offsets, because the
321 lengths of inserts such as XSTRING(MAX_NAME_SIZE) are not known. Instead, we
322 simply count through to the one we want - this isn't a performance issue
323 because these strings are used only when there is a compilation error.
324
325 Each substring ends with \0 to insert a null character. This includes the final
326 substring, so that the whole string ends with \0\0, which can be detected when
327 counting through. */
328
329 static const char error_texts[] =
330 "no error\0"
331 "\\ at end of pattern\0"
332 "\\c at end of pattern\0"
333 "unrecognized character follows \\\0"
334 "numbers out of order in {} quantifier\0"
335 /* 5 */
336 "number too big in {} quantifier\0"
337 "missing terminating ] for character class\0"
338 "invalid escape sequence in character class\0"
339 "range out of order in character class\0"
340 "nothing to repeat\0"
341 /* 10 */
342 "operand of unlimited repeat could match the empty string\0" /** DEAD **/
343 "internal error: unexpected repeat\0"
344 "unrecognized character after (? or (?-\0"
345 "POSIX named classes are supported only within a class\0"
346 "missing )\0"
347 /* 15 */
348 "reference to non-existent subpattern\0"
349 "erroffset passed as NULL\0"
350 "unknown option bit(s) set\0"
351 "missing ) after comment\0"
352 "parentheses nested too deeply\0" /** DEAD **/
353 /* 20 */
354 "regular expression is too large\0"
355 "failed to get memory\0"
356 "unmatched parentheses\0"
357 "internal error: code overflow\0"
358 "unrecognized character after (?<\0"
359 /* 25 */
360 "lookbehind assertion is not fixed length\0"
361 "malformed number or name after (?(\0"
362 "conditional group contains more than two branches\0"
363 "assertion expected after (?(\0"
364 "(?R or (?[+-]digits must be followed by )\0"
365 /* 30 */
366 "unknown POSIX class name\0"
367 "POSIX collating elements are not supported\0"
368 "this version of PCRE is not compiled with PCRE_UTF8 support\0"
369 "spare error\0" /** DEAD **/
370 "character value in \\x{...} sequence is too large\0"
371 /* 35 */
372 "invalid condition (?(0)\0"
373 "\\C not allowed in lookbehind assertion\0"
374 "PCRE does not support \\L, \\l, \\N{name}, \\U, or \\u\0"
375 "number after (?C is > 255\0"
376 "closing ) for (?C expected\0"
377 /* 40 */
378 "recursive call could loop indefinitely\0"
379 "unrecognized character after (?P\0"
380 "syntax error in subpattern name (missing terminator)\0"
381 "two named subpatterns have the same name\0"
382 "invalid UTF-8 string\0"
383 /* 45 */
384 "support for \\P, \\p, and \\X has not been compiled\0"
385 "malformed \\P or \\p sequence\0"
386 "unknown property name after \\P or \\p\0"
387 "subpattern name is too long (maximum " XSTRING(MAX_NAME_SIZE) " characters)\0"
388 "too many named subpatterns (maximum " XSTRING(MAX_NAME_COUNT) ")\0"
389 /* 50 */
390 "repeated subpattern is too long\0" /** DEAD **/
391 "octal value is greater than \\377 (not in UTF-8 mode)\0"
392 "internal error: overran compiling workspace\0"
393 "internal error: previously-checked referenced subpattern not found\0"
394 "DEFINE group contains more than one branch\0"
395 /* 55 */
396 "repeating a DEFINE group is not allowed\0" /** DEAD **/
397 "inconsistent NEWLINE options\0"
398 "\\g is not followed by a braced, angle-bracketed, or quoted name/number or by a plain number\0"
399 "a numbered reference must not be zero\0"
400 "an argument is not allowed for (*ACCEPT), (*FAIL), or (*COMMIT)\0"
401 /* 60 */
402 "(*VERB) not recognized\0"
403 "number is too big\0"
404 "subpattern name expected\0"
405 "digit expected after (?+\0"
406 "] is an invalid data character in JavaScript compatibility mode\0"
407 /* 65 */
408 "different names for subpatterns of the same number are not allowed\0"
409 "(*MARK) must have an argument\0"
410 "this version of PCRE is not compiled with PCRE_UCP support\0"
411 "\\c must be followed by an ASCII character\0"
412 "\\k is not followed by a braced, angle-bracketed, or quoted name\0"
413 ;
414
415 /* Table to identify digits and hex digits. This is used when compiling
416 patterns. Note that the tables in chartables are dependent on the locale, and
417 may mark arbitrary characters as digits - but the PCRE compiling code expects
418 to handle only 0-9, a-z, and A-Z as digits when compiling. That is why we have
419 a private table here. It costs 256 bytes, but it is a lot faster than doing
420 character value tests (at least in some simple cases I timed), and in some
421 applications one wants PCRE to compile efficiently as well as match
422 efficiently.
423
424 For convenience, we use the same bit definitions as in chartables:
425
426 0x04 decimal digit
427 0x08 hexadecimal digit
428
429 Then we can use ctype_digit and ctype_xdigit in the code. */
430
431 #ifndef EBCDIC
432
433 /* This is the "normal" case, for ASCII systems, and EBCDIC systems running in
434 UTF-8 mode. */
435
436 static const unsigned char digitab[] =
437 {
438 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 0- 7 */
439 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 8- 15 */
440 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 16- 23 */
441 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */
442 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - ' */
443 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ( - / */
444 0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c, /* 0 - 7 */
445 0x0c,0x0c,0x00,0x00,0x00,0x00,0x00,0x00, /* 8 - ? */
446 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* @ - G */
447 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* H - O */
448 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* P - W */
449 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* X - _ */
450 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* ` - g */
451 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* h - o */
452 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* p - w */
453 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* x -127 */
454 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 128-135 */
455 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 136-143 */
456 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 144-151 */
457 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 152-159 */
458 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 160-167 */
459 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 168-175 */
460 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 176-183 */
461 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
462 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 192-199 */
463 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 200-207 */
464 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 208-215 */
465 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 216-223 */
466 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 224-231 */
467 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 232-239 */
468 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 240-247 */
469 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};/* 248-255 */
470
471 #else
472
473 /* This is the "abnormal" case, for EBCDIC systems not running in UTF-8 mode. */
474
475 static const unsigned char digitab[] =
476 {
477 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 0- 7 0 */
478 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 8- 15 */
479 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 16- 23 10 */
480 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */
481 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 32- 39 20 */
482 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 40- 47 */
483 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 48- 55 30 */
484 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 56- 63 */
485 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - 71 40 */
486 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 72- | */
487 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* & - 87 50 */
488 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 88- 95 */
489 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - -103 60 */
490 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 104- ? */
491 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 70 */
492 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 120- " */
493 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* 128- g 80 */
494 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* h -143 */
495 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 144- p 90 */
496 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* q -159 */
497 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 160- x A0 */
498 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* y -175 */
499 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ^ -183 B0 */
500 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
501 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* { - G C0 */
502 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* H -207 */
503 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* } - P D0 */
504 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* Q -223 */
505 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* \ - X E0 */
506 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* Y -239 */
507 0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c, /* 0 - 7 F0 */
508 0x0c,0x0c,0x00,0x00,0x00,0x00,0x00,0x00};/* 8 -255 */
509
510 static const unsigned char ebcdic_chartab[] = { /* chartable partial dup */
511 0x80,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /* 0- 7 */
512 0x00,0x00,0x00,0x00,0x01,0x01,0x00,0x00, /* 8- 15 */
513 0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /* 16- 23 */
514 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */
515 0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /* 32- 39 */
516 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 40- 47 */
517 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 48- 55 */
518 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 56- 63 */
519 0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - 71 */
520 0x00,0x00,0x00,0x80,0x00,0x80,0x80,0x80, /* 72- | */
521 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* & - 87 */
522 0x00,0x00,0x00,0x80,0x80,0x80,0x00,0x00, /* 88- 95 */
523 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - -103 */
524 0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x80, /* 104- ? */
525 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 */
526 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 120- " */
527 0x00,0x1a,0x1a,0x1a,0x1a,0x1a,0x1a,0x12, /* 128- g */
528 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* h -143 */
529 0x00,0x12,0x12,0x12,0x12,0x12,0x12,0x12, /* 144- p */
530 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* q -159 */
531 0x00,0x00,0x12,0x12,0x12,0x12,0x12,0x12, /* 160- x */
532 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* y -175 */
533 0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ^ -183 */
534 0x00,0x00,0x80,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
535 0x80,0x1a,0x1a,0x1a,0x1a,0x1a,0x1a,0x12, /* { - G */
536 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* H -207 */
537 0x00,0x12,0x12,0x12,0x12,0x12,0x12,0x12, /* } - P */
538 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* Q -223 */
539 0x00,0x00,0x12,0x12,0x12,0x12,0x12,0x12, /* \ - X */
540 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* Y -239 */
541 0x1c,0x1c,0x1c,0x1c,0x1c,0x1c,0x1c,0x1c, /* 0 - 7 */
542 0x1c,0x1c,0x00,0x00,0x00,0x00,0x00,0x00};/* 8 -255 */
543 #endif
544
545
546 /* Definition to allow mutual recursion */
547
548 static BOOL
549 compile_regex(int, uschar **, const uschar **, int *, BOOL, BOOL, int, int,
550 int *, int *, branch_chain *, compile_data *, int *);
551
552
553
554 /*************************************************
555 * Find an error text *
556 *************************************************/
557
558 /* The error texts are now all in one long string, to save on relocations. As
559 some of the text is of unknown length, we can't use a table of offsets.
560 Instead, just count through the strings. This is not a performance issue
561 because it happens only when there has been a compilation error.
562
563 Argument: the error number
564 Returns: pointer to the error string
565 */
566
567 static const char *
568 find_error_text(int n)
569 {
570 const char *s = error_texts;
571 for (; n > 0; n--)
572 {
573 while (*s++ != 0) {};
574 if (*s == 0) return "Error text not found (please report)";
575 }
576 return s;
577 }
578
579
580 /*************************************************
581 * Check for counted repeat *
582 *************************************************/
583
584 /* This function is called when a '{' is encountered in a place where it might
585 start a quantifier. It looks ahead to see if it really is a quantifier or not.
586 It is only a quantifier if it is one of the forms {ddd} {ddd,} or {ddd,ddd}
587 where the ddds are digits.
588
589 Arguments:
590 p pointer to the first char after '{'
591
592 Returns: TRUE or FALSE
593 */
594
595 static BOOL
596 is_counted_repeat(const uschar *p)
597 {
598 if ((digitab[*p++] & ctype_digit) == 0) return FALSE;
599 while ((digitab[*p] & ctype_digit) != 0) p++;
600 if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
601
602 if (*p++ != CHAR_COMMA) return FALSE;
603 if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
604
605 if ((digitab[*p++] & ctype_digit) == 0) return FALSE;
606 while ((digitab[*p] & ctype_digit) != 0) p++;
607
608 return (*p == CHAR_RIGHT_CURLY_BRACKET);
609 }
610
611
612
613 /*************************************************
614 * Handle escapes *
615 *************************************************/
616
617 /* This function is called when a \ has been encountered. It either returns a
618 positive value for a simple escape such as \n, or a negative value which
619 encodes one of the more complicated things such as \d. A backreference to group
620 n is returned as -(ESC_REF + n); ESC_REF is the highest ESC_xxx macro. When
621 UTF-8 is enabled, a positive value greater than 255 may be returned. On entry,
622 ptr is pointing at the \. On exit, it is on the final character of the escape
623 sequence.
624
625 Arguments:
626 ptrptr points to the pattern position pointer
627 errorcodeptr points to the errorcode variable
628 bracount number of previous extracting brackets
629 options the options bits
630 isclass TRUE if inside a character class
631
632 Returns: zero or positive => a data character
633 negative => a special escape sequence
634 on error, errorcodeptr is set
635 */
636
637 static int
638 check_escape(const uschar **ptrptr, int *errorcodeptr, int bracount,
639 int options, BOOL isclass)
640 {
641 BOOL utf8 = (options & PCRE_UTF8) != 0;
642 const uschar *ptr = *ptrptr + 1;
643 int c, i;
644
645 GETCHARINCTEST(c, ptr); /* Get character value, increment pointer */
646 ptr--; /* Set pointer back to the last byte */
647
648 /* If backslash is at the end of the pattern, it's an error. */
649
650 if (c == 0) *errorcodeptr = ERR1;
651
652 /* Non-alphanumerics are literals. For digits or letters, do an initial lookup
653 in a table. A non-zero result is something that can be returned immediately.
654 Otherwise further processing may be required. */
655
656 #ifndef EBCDIC /* ASCII/UTF-8 coding */
657 else if (c < CHAR_0 || c > CHAR_z) {} /* Not alphanumeric */
658 else if ((i = escapes[c - CHAR_0]) != 0) c = i;
659
660 #else /* EBCDIC coding */
661 else if (c < 'a' || (ebcdic_chartab[c] & 0x0E) == 0) {} /* Not alphanumeric */
662 else if ((i = escapes[c - 0x48]) != 0) c = i;
663 #endif
664
665 /* Escapes that need further processing, or are illegal. */
666
667 else
668 {
669 const uschar *oldptr;
670 BOOL braced, negated;
671
672 switch (c)
673 {
674 /* A number of Perl escapes are not handled by PCRE. We give an explicit
675 error. */
676
677 case CHAR_l:
678 case CHAR_L:
679 *errorcodeptr = ERR37;
680 break;
681
682 case CHAR_u:
683 if ((options & PCRE_JAVASCRIPT_COMPAT) != 0)
684 {
685 /* In JavaScript, \u must be followed by four hexadecimal numbers.
686 Otherwise it is a lowercase u letter. */
687 if ((digitab[ptr[1]] & ctype_xdigit) != 0 && (digitab[ptr[2]] & ctype_xdigit) != 0
688 && (digitab[ptr[3]] & ctype_xdigit) != 0 && (digitab[ptr[4]] & ctype_xdigit) != 0)
689 {
690 int i;
691 c = 0;
692 for (i = 0; i < 4; ++i)
693 {
694 register int cc = *(++ptr);
695 #ifndef EBCDIC /* ASCII/UTF-8 coding */
696 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
697 c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
698 #else /* EBCDIC coding */
699 if (cc >= CHAR_a && cc <= CHAR_z) cc += 64; /* Convert to upper case */
700 c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
701 #endif
702 }
703 }
704 }
705 else
706 *errorcodeptr = ERR37;
707 break;
708
709 case CHAR_U:
710 /* In JavaScript, \U is an uppercase U letter. */
711 if ((options & PCRE_JAVASCRIPT_COMPAT) == 0) *errorcodeptr = ERR37;
712 break;
713
714 /* In a character class, \g is just a literal "g". Outside a character
715 class, \g must be followed by one of a number of specific things:
716
717 (1) A number, either plain or braced. If positive, it is an absolute
718 backreference. If negative, it is a relative backreference. This is a Perl
719 5.10 feature.
720
721 (2) Perl 5.10 also supports \g{name} as a reference to a named group. This
722 is part of Perl's movement towards a unified syntax for back references. As
723 this is synonymous with \k{name}, we fudge it up by pretending it really
724 was \k.
725
726 (3) For Oniguruma compatibility we also support \g followed by a name or a
727 number either in angle brackets or in single quotes. However, these are
728 (possibly recursive) subroutine calls, _not_ backreferences. Just return
729 the -ESC_g code (cf \k). */
730
731 case CHAR_g:
732 if (isclass) break;
733 if (ptr[1] == CHAR_LESS_THAN_SIGN || ptr[1] == CHAR_APOSTROPHE)
734 {
735 c = -ESC_g;
736 break;
737 }
738
739 /* Handle the Perl-compatible cases */
740
741 if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
742 {
743 const uschar *p;
744 for (p = ptr+2; *p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET; p++)
745 if (*p != CHAR_MINUS && (digitab[*p] & ctype_digit) == 0) break;
746 if (*p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET)
747 {
748 c = -ESC_k;
749 break;
750 }
751 braced = TRUE;
752 ptr++;
753 }
754 else braced = FALSE;
755
756 if (ptr[1] == CHAR_MINUS)
757 {
758 negated = TRUE;
759 ptr++;
760 }
761 else negated = FALSE;
762
763 c = 0;
764 while ((digitab[ptr[1]] & ctype_digit) != 0)
765 c = c * 10 + *(++ptr) - CHAR_0;
766
767 if (c < 0) /* Integer overflow */
768 {
769 *errorcodeptr = ERR61;
770 break;
771 }
772
773 if (braced && *(++ptr) != CHAR_RIGHT_CURLY_BRACKET)
774 {
775 *errorcodeptr = ERR57;
776 break;
777 }
778
779 if (c == 0)
780 {
781 *errorcodeptr = ERR58;
782 break;
783 }
784
785 if (negated)
786 {
787 if (c > bracount)
788 {
789 *errorcodeptr = ERR15;
790 break;
791 }
792 c = bracount - (c - 1);
793 }
794
795 c = -(ESC_REF + c);
796 break;
797
798 /* The handling of escape sequences consisting of a string of digits
799 starting with one that is not zero is not straightforward. By experiment,
800 the way Perl works seems to be as follows:
801
802 Outside a character class, the digits are read as a decimal number. If the
803 number is less than 10, or if there are that many previous extracting
804 left brackets, then it is a back reference. Otherwise, up to three octal
805 digits are read to form an escaped byte. Thus \123 is likely to be octal
806 123 (cf \0123, which is octal 012 followed by the literal 3). If the octal
807 value is greater than 377, the least significant 8 bits are taken. Inside a
808 character class, \ followed by a digit is always an octal number. */
809
810 case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4: case CHAR_5:
811 case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
812
813 if (!isclass)
814 {
815 oldptr = ptr;
816 c -= CHAR_0;
817 while ((digitab[ptr[1]] & ctype_digit) != 0)
818 c = c * 10 + *(++ptr) - CHAR_0;
819 if (c < 0) /* Integer overflow */
820 {
821 *errorcodeptr = ERR61;
822 break;
823 }
824 if (c < 10 || c <= bracount)
825 {
826 c = -(ESC_REF + c);
827 break;
828 }
829 ptr = oldptr; /* Put the pointer back and fall through */
830 }
831
832 /* Handle an octal number following \. If the first digit is 8 or 9, Perl
833 generates a binary zero byte and treats the digit as a following literal.
834 Thus we have to pull back the pointer by one. */
835
836 if ((c = *ptr) >= CHAR_8)
837 {
838 ptr--;
839 c = 0;
840 break;
841 }
842
843 /* \0 always starts an octal number, but we may drop through to here with a
844 larger first octal digit. The original code used just to take the least
845 significant 8 bits of octal numbers (I think this is what early Perls used
846 to do). Nowadays we allow for larger numbers in UTF-8 mode, but no more
847 than 3 octal digits. */
848
849 case CHAR_0:
850 c -= CHAR_0;
851 while(i++ < 2 && ptr[1] >= CHAR_0 && ptr[1] <= CHAR_7)
852 c = c * 8 + *(++ptr) - CHAR_0;
853 if (!utf8 && c > 255) *errorcodeptr = ERR51;
854 break;
855
856 /* \x is complicated. \x{ddd} is a character number which can be greater
857 than 0xff in utf8 mode, but only if the ddd are hex digits. If not, { is
858 treated as a data character. */
859
860 case CHAR_x:
861 if ((options & PCRE_JAVASCRIPT_COMPAT) != 0)
862 {
863 /* In JavaScript, \x must be followed by two hexadecimal numbers.
864 Otherwise it is a lowercase x letter. */
865 if ((digitab[ptr[1]] & ctype_xdigit) != 0 && (digitab[ptr[2]] & ctype_xdigit) != 0)
866 {
867 int i;
868 c = 0;
869 for (i = 0; i < 2; ++i)
870 {
871 register int cc = *(++ptr);
872 #ifndef EBCDIC /* ASCII/UTF-8 coding */
873 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
874 c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
875 #else /* EBCDIC coding */
876 if (cc >= CHAR_a && cc <= CHAR_z) cc += 64; /* Convert to upper case */
877 c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
878 #endif
879 }
880 }
881 break;
882 }
883
884 if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
885 {
886 const uschar *pt = ptr + 2;
887 int count = 0;
888
889 c = 0;
890 while ((digitab[*pt] & ctype_xdigit) != 0)
891 {
892 register int cc = *pt++;
893 if (c == 0 && cc == CHAR_0) continue; /* Leading zeroes */
894 count++;
895
896 #ifndef EBCDIC /* ASCII/UTF-8 coding */
897 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
898 c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
899 #else /* EBCDIC coding */
900 if (cc >= CHAR_a && cc <= CHAR_z) cc += 64; /* Convert to upper case */
901 c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
902 #endif
903 }
904
905 if (*pt == CHAR_RIGHT_CURLY_BRACKET)
906 {
907 if (c < 0 || count > (utf8? 8 : 2)) *errorcodeptr = ERR34;
908 ptr = pt;
909 break;
910 }
911
912 /* If the sequence of hex digits does not end with '}', then we don't
913 recognize this construct; fall through to the normal \x handling. */
914 }
915
916 /* Read just a single-byte hex-defined char */
917
918 c = 0;
919 while (i++ < 2 && (digitab[ptr[1]] & ctype_xdigit) != 0)
920 {
921 int cc; /* Some compilers don't like */
922 cc = *(++ptr); /* ++ in initializers */
923 #ifndef EBCDIC /* ASCII/UTF-8 coding */
924 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
925 c = c * 16 + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
926 #else /* EBCDIC coding */
927 if (cc <= CHAR_z) cc += 64; /* Convert to upper case */
928 c = c * 16 + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
929 #endif
930 }
931 break;
932
933 /* For \c, a following letter is upper-cased; then the 0x40 bit is flipped.
934 An error is given if the byte following \c is not an ASCII character. This
935 coding is ASCII-specific, but then the whole concept of \cx is
936 ASCII-specific. (However, an EBCDIC equivalent has now been added.) */
937
938 case CHAR_c:
939 c = *(++ptr);
940 if (c == 0)
941 {
942 *errorcodeptr = ERR2;
943 break;
944 }
945 #ifndef EBCDIC /* ASCII/UTF-8 coding */
946 if (c > 127) /* Excludes all non-ASCII in either mode */
947 {
948 *errorcodeptr = ERR68;
949 break;
950 }
951 if (c >= CHAR_a && c <= CHAR_z) c -= 32;
952 c ^= 0x40;
953 #else /* EBCDIC coding */
954 if (c >= CHAR_a && c <= CHAR_z) c += 64;
955 c ^= 0xC0;
956 #endif
957 break;
958
959 /* PCRE_EXTRA enables extensions to Perl in the matter of escapes. Any
960 other alphanumeric following \ is an error if PCRE_EXTRA was set;
961 otherwise, for Perl compatibility, it is a literal. This code looks a bit
962 odd, but there used to be some cases other than the default, and there may
963 be again in future, so I haven't "optimized" it. */
964
965 default:
966 if ((options & PCRE_EXTRA) != 0) switch(c)
967 {
968 default:
969 *errorcodeptr = ERR3;
970 break;
971 }
972 break;
973 }
974 }
975
976 /* Perl supports \N{name} for character names, as well as plain \N for "not
977 newline". PCRE does not support \N{name}. However, it does support
978 quantification such as \N{2,3}. */
979
980 if (c == -ESC_N && ptr[1] == CHAR_LEFT_CURLY_BRACKET &&
981 !is_counted_repeat(ptr+2))
982 *errorcodeptr = ERR37;
983
984 /* If PCRE_UCP is set, we change the values for \d etc. */
985
986 if ((options & PCRE_UCP) != 0 && c <= -ESC_D && c >= -ESC_w)
987 c -= (ESC_DU - ESC_D);
988
989 /* Set the pointer to the final character before returning. */
990
991 *ptrptr = ptr;
992 return c;
993 }
994
995
996
997 #ifdef SUPPORT_UCP
998 /*************************************************
999 * Handle \P and \p *
1000 *************************************************/
1001
1002 /* This function is called after \P or \p has been encountered, provided that
1003 PCRE is compiled with support for Unicode properties. On entry, ptrptr is
1004 pointing at the P or p. On exit, it is pointing at the final character of the
1005 escape sequence.
1006
1007 Argument:
1008 ptrptr points to the pattern position pointer
1009 negptr points to a boolean that is set TRUE for negation else FALSE
1010 dptr points to an int that is set to the detailed property value
1011 errorcodeptr points to the error code variable
1012
1013 Returns: type value from ucp_type_table, or -1 for an invalid type
1014 */
1015
1016 static int
1017 get_ucp(const uschar **ptrptr, BOOL *negptr, int *dptr, int *errorcodeptr)
1018 {
1019 int c, i, bot, top;
1020 const uschar *ptr = *ptrptr;
1021 char name[32];
1022
1023 c = *(++ptr);
1024 if (c == 0) goto ERROR_RETURN;
1025
1026 *negptr = FALSE;
1027
1028 /* \P or \p can be followed by a name in {}, optionally preceded by ^ for
1029 negation. */
1030
1031 if (c == CHAR_LEFT_CURLY_BRACKET)
1032 {
1033 if (ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
1034 {
1035 *negptr = TRUE;
1036 ptr++;
1037 }
1038 for (i = 0; i < (int)sizeof(name) - 1; i++)
1039 {
1040 c = *(++ptr);
1041 if (c == 0) goto ERROR_RETURN;
1042 if (c == CHAR_RIGHT_CURLY_BRACKET) break;
1043 name[i] = c;
1044 }
1045 if (c != CHAR_RIGHT_CURLY_BRACKET) goto ERROR_RETURN;
1046 name[i] = 0;
1047 }
1048
1049 /* Otherwise there is just one following character */
1050
1051 else
1052 {
1053 name[0] = c;
1054 name[1] = 0;
1055 }
1056
1057 *ptrptr = ptr;
1058
1059 /* Search for a recognized property name using binary chop */
1060
1061 bot = 0;
1062 top = _pcre_utt_size;
1063
1064 while (bot < top)
1065 {
1066 i = (bot + top) >> 1;
1067 c = strcmp(name, _pcre_utt_names + _pcre_utt[i].name_offset);
1068 if (c == 0)
1069 {
1070 *dptr = _pcre_utt[i].value;
1071 return _pcre_utt[i].type;
1072 }
1073 if (c > 0) bot = i + 1; else top = i;
1074 }
1075
1076 *errorcodeptr = ERR47;
1077 *ptrptr = ptr;
1078 return -1;
1079
1080 ERROR_RETURN:
1081 *errorcodeptr = ERR46;
1082 *ptrptr = ptr;
1083 return -1;
1084 }
1085 #endif
1086
1087
1088
1089
1090 /*************************************************
1091 * Read repeat counts *
1092 *************************************************/
1093
1094 /* Read an item of the form {n,m} and return the values. This is called only
1095 after is_counted_repeat() has confirmed that a repeat-count quantifier exists,
1096 so the syntax is guaranteed to be correct, but we need to check the values.
1097
1098 Arguments:
1099 p pointer to first char after '{'
1100 minp pointer to int for min
1101 maxp pointer to int for max
1102 returned as -1 if no max
1103 errorcodeptr points to error code variable
1104
1105 Returns: pointer to '}' on success;
1106 current ptr on error, with errorcodeptr set non-zero
1107 */
1108
1109 static const uschar *
1110 read_repeat_counts(const uschar *p, int *minp, int *maxp, int *errorcodeptr)
1111 {
1112 int min = 0;
1113 int max = -1;
1114
1115 /* Read the minimum value and do a paranoid check: a negative value indicates
1116 an integer overflow. */
1117
1118 while ((digitab[*p] & ctype_digit) != 0) min = min * 10 + *p++ - CHAR_0;
1119 if (min < 0 || min > 65535)
1120 {
1121 *errorcodeptr = ERR5;
1122 return p;
1123 }
1124
1125 /* Read the maximum value if there is one, and again do a paranoid on its size.
1126 Also, max must not be less than min. */
1127
1128 if (*p == CHAR_RIGHT_CURLY_BRACKET) max = min; else
1129 {
1130 if (*(++p) != CHAR_RIGHT_CURLY_BRACKET)
1131 {
1132 max = 0;
1133 while((digitab[*p] & ctype_digit) != 0) max = max * 10 + *p++ - CHAR_0;
1134 if (max < 0 || max > 65535)
1135 {
1136 *errorcodeptr = ERR5;
1137 return p;
1138 }
1139 if (max < min)
1140 {
1141 *errorcodeptr = ERR4;
1142 return p;
1143 }
1144 }
1145 }
1146
1147 /* Fill in the required variables, and pass back the pointer to the terminating
1148 '}'. */
1149
1150 *minp = min;
1151 *maxp = max;
1152 return p;
1153 }
1154
1155
1156
1157 /*************************************************
1158 * Subroutine for finding forward reference *
1159 *************************************************/
1160
1161 /* This recursive function is called only from find_parens() below. The
1162 top-level call starts at the beginning of the pattern. All other calls must
1163 start at a parenthesis. It scans along a pattern's text looking for capturing
1164 subpatterns, and counting them. If it finds a named pattern that matches the
1165 name it is given, it returns its number. Alternatively, if the name is NULL, it
1166 returns when it reaches a given numbered subpattern. Recursion is used to keep
1167 track of subpatterns that reset the capturing group numbers - the (?| feature.
1168
1169 This function was originally called only from the second pass, in which we know
1170 that if (?< or (?' or (?P< is encountered, the name will be correctly
1171 terminated because that is checked in the first pass. There is now one call to
1172 this function in the first pass, to check for a recursive back reference by
1173 name (so that we can make the whole group atomic). In this case, we need check
1174 only up to the current position in the pattern, and that is still OK because
1175 and previous occurrences will have been checked. To make this work, the test
1176 for "end of pattern" is a check against cd->end_pattern in the main loop,
1177 instead of looking for a binary zero. This means that the special first-pass
1178 call can adjust cd->end_pattern temporarily. (Checks for binary zero while
1179 processing items within the loop are OK, because afterwards the main loop will
1180 terminate.)
1181
1182 Arguments:
1183 ptrptr address of the current character pointer (updated)
1184 cd compile background data
1185 name name to seek, or NULL if seeking a numbered subpattern
1186 lorn name length, or subpattern number if name is NULL
1187 xmode TRUE if we are in /x mode
1188 utf8 TRUE if we are in UTF-8 mode
1189 count pointer to the current capturing subpattern number (updated)
1190
1191 Returns: the number of the named subpattern, or -1 if not found
1192 */
1193
1194 static int
1195 find_parens_sub(uschar **ptrptr, compile_data *cd, const uschar *name, int lorn,
1196 BOOL xmode, BOOL utf8, int *count)
1197 {
1198 uschar *ptr = *ptrptr;
1199 int start_count = *count;
1200 int hwm_count = start_count;
1201 BOOL dup_parens = FALSE;
1202
1203 /* If the first character is a parenthesis, check on the type of group we are
1204 dealing with. The very first call may not start with a parenthesis. */
1205
1206 if (ptr[0] == CHAR_LEFT_PARENTHESIS)
1207 {
1208 /* Handle specials such as (*SKIP) or (*UTF8) etc. */
1209
1210 if (ptr[1] == CHAR_ASTERISK) ptr += 2;
1211
1212 /* Handle a normal, unnamed capturing parenthesis. */
1213
1214 else if (ptr[1] != CHAR_QUESTION_MARK)
1215 {
1216 *count += 1;
1217 if (name == NULL && *count == lorn) return *count;
1218 ptr++;
1219 }
1220
1221 /* All cases now have (? at the start. Remember when we are in a group
1222 where the parenthesis numbers are duplicated. */
1223
1224 else if (ptr[2] == CHAR_VERTICAL_LINE)
1225 {
1226 ptr += 3;
1227 dup_parens = TRUE;
1228 }
1229
1230 /* Handle comments; all characters are allowed until a ket is reached. */
1231
1232 else if (ptr[2] == CHAR_NUMBER_SIGN)
1233 {
1234 for (ptr += 3; *ptr != 0; ptr++) if (*ptr == CHAR_RIGHT_PARENTHESIS) break;
1235 goto FAIL_EXIT;
1236 }
1237
1238 /* Handle a condition. If it is an assertion, just carry on so that it
1239 is processed as normal. If not, skip to the closing parenthesis of the
1240 condition (there can't be any nested parens). */
1241
1242 else if (ptr[2] == CHAR_LEFT_PARENTHESIS)
1243 {
1244 ptr += 2;
1245 if (ptr[1] != CHAR_QUESTION_MARK)
1246 {
1247 while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
1248 if (*ptr != 0) ptr++;
1249 }
1250 }
1251
1252 /* Start with (? but not a condition. */
1253
1254 else
1255 {
1256 ptr += 2;
1257 if (*ptr == CHAR_P) ptr++; /* Allow optional P */
1258
1259 /* We have to disambiguate (?<! and (?<= from (?<name> for named groups */
1260
1261 if ((*ptr == CHAR_LESS_THAN_SIGN && ptr[1] != CHAR_EXCLAMATION_MARK &&
1262 ptr[1] != CHAR_EQUALS_SIGN) || *ptr == CHAR_APOSTROPHE)
1263 {
1264 int term;
1265 const uschar *thisname;
1266 *count += 1;
1267 if (name == NULL && *count == lorn) return *count;
1268 term = *ptr++;
1269 if (term == CHAR_LESS_THAN_SIGN) term = CHAR_GREATER_THAN_SIGN;
1270 thisname = ptr;
1271 while (*ptr != term) ptr++;
1272 if (name != NULL && lorn == ptr - thisname &&
1273 strncmp((const char *)name, (const char *)thisname, lorn) == 0)
1274 return *count;
1275 term++;
1276 }
1277 }
1278 }
1279
1280 /* Past any initial parenthesis handling, scan for parentheses or vertical
1281 bars. Stop if we get to cd->end_pattern. Note that this is important for the
1282 first-pass call when this value is temporarily adjusted to stop at the current
1283 position. So DO NOT change this to a test for binary zero. */
1284
1285 for (; ptr < cd->end_pattern; ptr++)
1286 {
1287 /* Skip over backslashed characters and also entire \Q...\E */
1288
1289 if (*ptr == CHAR_BACKSLASH)
1290 {
1291 if (*(++ptr) == 0) goto FAIL_EXIT;
1292 if (*ptr == CHAR_Q) for (;;)
1293 {
1294 while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};
1295 if (*ptr == 0) goto FAIL_EXIT;
1296 if (*(++ptr) == CHAR_E) break;
1297 }
1298 continue;
1299 }
1300
1301 /* Skip over character classes; this logic must be similar to the way they
1302 are handled for real. If the first character is '^', skip it. Also, if the
1303 first few characters (either before or after ^) are \Q\E or \E we skip them
1304 too. This makes for compatibility with Perl. Note the use of STR macros to
1305 encode "Q\\E" so that it works in UTF-8 on EBCDIC platforms. */
1306
1307 if (*ptr == CHAR_LEFT_SQUARE_BRACKET)
1308 {
1309 BOOL negate_class = FALSE;
1310 for (;;)
1311 {
1312 if (ptr[1] == CHAR_BACKSLASH)
1313 {
1314 if (ptr[2] == CHAR_E)
1315 ptr+= 2;
1316 else if (strncmp((const char *)ptr+2,
1317 STR_Q STR_BACKSLASH STR_E, 3) == 0)
1318 ptr += 4;
1319 else
1320 break;
1321 }
1322 else if (!negate_class && ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
1323 {
1324 negate_class = TRUE;
1325 ptr++;
1326 }
1327 else break;
1328 }
1329
1330 /* If the next character is ']', it is a data character that must be
1331 skipped, except in JavaScript compatibility mode. */
1332
1333 if (ptr[1] == CHAR_RIGHT_SQUARE_BRACKET &&
1334 (cd->external_options & PCRE_JAVASCRIPT_COMPAT) == 0)
1335 ptr++;
1336
1337 while (*(++ptr) != CHAR_RIGHT_SQUARE_BRACKET)
1338 {
1339 if (*ptr == 0) return -1;
1340 if (*ptr == CHAR_BACKSLASH)
1341 {
1342 if (*(++ptr) == 0) goto FAIL_EXIT;
1343 if (*ptr == CHAR_Q) for (;;)
1344 {
1345 while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};
1346 if (*ptr == 0) goto FAIL_EXIT;
1347 if (*(++ptr) == CHAR_E) break;
1348 }
1349 continue;
1350 }
1351 }
1352 continue;
1353 }
1354
1355 /* Skip comments in /x mode */
1356
1357 if (xmode && *ptr == CHAR_NUMBER_SIGN)
1358 {
1359 ptr++;
1360 while (*ptr != 0)
1361 {
1362 if (IS_NEWLINE(ptr)) { ptr += cd->nllen - 1; break; }
1363 ptr++;
1364 #ifdef SUPPORT_UTF8
1365 if (utf8) while ((*ptr & 0xc0) == 0x80) ptr++;
1366 #endif
1367 }
1368 if (*ptr == 0) goto FAIL_EXIT;
1369 continue;
1370 }
1371
1372 /* Check for the special metacharacters */
1373
1374 if (*ptr == CHAR_LEFT_PARENTHESIS)
1375 {
1376 int rc = find_parens_sub(&ptr, cd, name, lorn, xmode, utf8, count);
1377 if (rc > 0) return rc;
1378 if (*ptr == 0) goto FAIL_EXIT;
1379 }
1380
1381 else if (*ptr == CHAR_RIGHT_PARENTHESIS)
1382 {
1383 if (dup_parens && *count < hwm_count) *count = hwm_count;
1384 goto FAIL_EXIT;
1385 }
1386
1387 else if (*ptr == CHAR_VERTICAL_LINE && dup_parens)
1388 {
1389 if (*count > hwm_count) hwm_count = *count;
1390 *count = start_count;
1391 }
1392 }
1393
1394 FAIL_EXIT:
1395 *ptrptr = ptr;
1396 return -1;
1397 }
1398
1399
1400
1401
1402 /*************************************************
1403 * Find forward referenced subpattern *
1404 *************************************************/
1405
1406 /* This function scans along a pattern's text looking for capturing
1407 subpatterns, and counting them. If it finds a named pattern that matches the
1408 name it is given, it returns its number. Alternatively, if the name is NULL, it
1409 returns when it reaches a given numbered subpattern. This is used for forward
1410 references to subpatterns. We used to be able to start this scan from the
1411 current compiling point, using the current count value from cd->bracount, and
1412 do it all in a single loop, but the addition of the possibility of duplicate
1413 subpattern numbers means that we have to scan from the very start, in order to
1414 take account of such duplicates, and to use a recursive function to keep track
1415 of the different types of group.
1416
1417 Arguments:
1418 cd compile background data
1419 name name to seek, or NULL if seeking a numbered subpattern
1420 lorn name length, or subpattern number if name is NULL
1421 xmode TRUE if we are in /x mode
1422 utf8 TRUE if we are in UTF-8 mode
1423
1424 Returns: the number of the found subpattern, or -1 if not found
1425 */
1426
1427 static int
1428 find_parens(compile_data *cd, const uschar *name, int lorn, BOOL xmode,
1429 BOOL utf8)
1430 {
1431 uschar *ptr = (uschar *)cd->start_pattern;
1432 int count = 0;
1433 int rc;
1434
1435 /* If the pattern does not start with an opening parenthesis, the first call
1436 to find_parens_sub() will scan right to the end (if necessary). However, if it
1437 does start with a parenthesis, find_parens_sub() will return when it hits the
1438 matching closing parens. That is why we have to have a loop. */
1439
1440 for (;;)
1441 {
1442 rc = find_parens_sub(&ptr, cd, name, lorn, xmode, utf8, &count);
1443 if (rc > 0 || *ptr++ == 0) break;
1444 }
1445
1446 return rc;
1447 }
1448
1449
1450
1451
1452 /*************************************************
1453 * Find first significant op code *
1454 *************************************************/
1455
1456 /* This is called by several functions that scan a compiled expression looking
1457 for a fixed first character, or an anchoring op code etc. It skips over things
1458 that do not influence this. For some calls, it makes sense to skip negative
1459 forward and all backward assertions, and also the \b assertion; for others it
1460 does not.
1461
1462 Arguments:
1463 code pointer to the start of the group
1464 skipassert TRUE if certain assertions are to be skipped
1465
1466 Returns: pointer to the first significant opcode
1467 */
1468
1469 static const uschar*
1470 first_significant_code(const uschar *code, BOOL skipassert)
1471 {
1472 for (;;)
1473 {
1474 switch ((int)*code)
1475 {
1476 case OP_ASSERT_NOT:
1477 case OP_ASSERTBACK:
1478 case OP_ASSERTBACK_NOT:
1479 if (!skipassert) return code;
1480 do code += GET(code, 1); while (*code == OP_ALT);
1481 code += _pcre_OP_lengths[*code];
1482 break;
1483
1484 case OP_WORD_BOUNDARY:
1485 case OP_NOT_WORD_BOUNDARY:
1486 if (!skipassert) return code;
1487 /* Fall through */
1488
1489 case OP_CALLOUT:
1490 case OP_CREF:
1491 case OP_NCREF:
1492 case OP_RREF:
1493 case OP_NRREF:
1494 case OP_DEF:
1495 code += _pcre_OP_lengths[*code];
1496 break;
1497
1498 default:
1499 return code;
1500 }
1501 }
1502 /* Control never reaches here */
1503 }
1504
1505
1506
1507
1508 /*************************************************
1509 * Find the fixed length of a branch *
1510 *************************************************/
1511
1512 /* Scan a branch and compute the fixed length of subject that will match it,
1513 if the length is fixed. This is needed for dealing with backward assertions.
1514 In UTF8 mode, the result is in characters rather than bytes. The branch is
1515 temporarily terminated with OP_END when this function is called.
1516
1517 This function is called when a backward assertion is encountered, so that if it
1518 fails, the error message can point to the correct place in the pattern.
1519 However, we cannot do this when the assertion contains subroutine calls,
1520 because they can be forward references. We solve this by remembering this case
1521 and doing the check at the end; a flag specifies which mode we are running in.
1522
1523 Arguments:
1524 code points to the start of the pattern (the bracket)
1525 utf8 TRUE in UTF-8 mode
1526 atend TRUE if called when the pattern is complete
1527 cd the "compile data" structure
1528
1529 Returns: the fixed length,
1530 or -1 if there is no fixed length,
1531 or -2 if \C was encountered
1532 or -3 if an OP_RECURSE item was encountered and atend is FALSE
1533 */
1534
1535 static int
1536 find_fixedlength(uschar *code, BOOL utf8, BOOL atend, compile_data *cd)
1537 {
1538 int length = -1;
1539
1540 register int branchlength = 0;
1541 register uschar *cc = code + 1 + LINK_SIZE;
1542
1543 /* Scan along the opcodes for this branch. If we get to the end of the
1544 branch, check the length against that of the other branches. */
1545
1546 for (;;)
1547 {
1548 int d;
1549 uschar *ce, *cs;
1550 register int op = *cc;
1551 switch (op)
1552 {
1553 /* We only need to continue for OP_CBRA (normal capturing bracket) and
1554 OP_BRA (normal non-capturing bracket) because the other variants of these
1555 opcodes are all concerned with unlimited repeated groups, which of course
1556 are not of fixed length. They will cause a -1 response from the default
1557 case of this switch. */
1558
1559 case OP_CBRA:
1560 case OP_BRA:
1561 case OP_ONCE:
1562 case OP_ONCE_NC:
1563 case OP_COND:
1564 d = find_fixedlength(cc + ((op == OP_CBRA)? 2:0), utf8, atend, cd);
1565 if (d < 0) return d;
1566 branchlength += d;
1567 do cc += GET(cc, 1); while (*cc == OP_ALT);
1568 cc += 1 + LINK_SIZE;
1569 break;
1570
1571 /* Reached end of a branch; if it's a ket it is the end of a nested
1572 call. If it's ALT it is an alternation in a nested call. If it is
1573 END it's the end of the outer call. All can be handled by the same code.
1574 Note that we must not include the OP_KETRxxx opcodes here, because they
1575 all imply an unlimited repeat. */
1576
1577 case OP_ALT:
1578 case OP_KET:
1579 case OP_END:
1580 if (length < 0) length = branchlength;
1581 else if (length != branchlength) return -1;
1582 if (*cc != OP_ALT) return length;
1583 cc += 1 + LINK_SIZE;
1584 branchlength = 0;
1585 break;
1586
1587 /* A true recursion implies not fixed length, but a subroutine call may
1588 be OK. If the subroutine is a forward reference, we can't deal with
1589 it until the end of the pattern, so return -3. */
1590
1591 case OP_RECURSE:
1592 if (!atend) return -3;
1593 cs = ce = (uschar *)cd->start_code + GET(cc, 1); /* Start subpattern */
1594 do ce += GET(ce, 1); while (*ce == OP_ALT); /* End subpattern */
1595 if (cc > cs && cc < ce) return -1; /* Recursion */
1596 d = find_fixedlength(cs + 2, utf8, atend, cd);
1597 if (d < 0) return d;
1598 branchlength += d;
1599 cc += 1 + LINK_SIZE;
1600 break;
1601
1602 /* Skip over assertive subpatterns */
1603
1604 case OP_ASSERT:
1605 case OP_ASSERT_NOT:
1606 case OP_ASSERTBACK:
1607 case OP_ASSERTBACK_NOT:
1608 do cc += GET(cc, 1); while (*cc == OP_ALT);
1609 /* Fall through */
1610
1611 /* Skip over things that don't match chars */
1612
1613 case OP_REVERSE:
1614 case OP_CREF:
1615 case OP_NCREF:
1616 case OP_RREF:
1617 case OP_NRREF:
1618 case OP_DEF:
1619 case OP_CALLOUT:
1620 case OP_SOD:
1621 case OP_SOM:
1622 case OP_SET_SOM:
1623 case OP_EOD:
1624 case OP_EODN:
1625 case OP_CIRC:
1626 case OP_CIRCM:
1627 case OP_DOLL:
1628 case OP_DOLLM:
1629 case OP_NOT_WORD_BOUNDARY:
1630 case OP_WORD_BOUNDARY:
1631 cc += _pcre_OP_lengths[*cc];
1632 break;
1633
1634 /* Handle literal characters */
1635
1636 case OP_CHAR:
1637 case OP_CHARI:
1638 case OP_NOT:
1639 case OP_NOTI:
1640 branchlength++;
1641 cc += 2;
1642 #ifdef SUPPORT_UTF8
1643 if (utf8 && cc[-1] >= 0xc0) cc += _pcre_utf8_table4[cc[-1] & 0x3f];
1644 #endif
1645 break;
1646
1647 /* Handle exact repetitions. The count is already in characters, but we
1648 need to skip over a multibyte character in UTF8 mode. */
1649
1650 case OP_EXACT:
1651 branchlength += GET2(cc,1);
1652 cc += 4;
1653 #ifdef SUPPORT_UTF8
1654 if (utf8 && cc[-1] >= 0xc0) cc += _pcre_utf8_table4[cc[-1] & 0x3f];
1655 #endif
1656 break;
1657
1658 case OP_TYPEEXACT:
1659 branchlength += GET2(cc,1);
1660 if (cc[3] == OP_PROP || cc[3] == OP_NOTPROP) cc += 2;
1661 cc += 4;
1662 break;
1663
1664 /* Handle single-char matchers */
1665
1666 case OP_PROP:
1667 case OP_NOTPROP:
1668 cc += 2;
1669 /* Fall through */
1670
1671 case OP_NOT_DIGIT:
1672 case OP_DIGIT:
1673 case OP_NOT_WHITESPACE:
1674 case OP_WHITESPACE:
1675 case OP_NOT_WORDCHAR:
1676 case OP_WORDCHAR:
1677 case OP_ANY:
1678 case OP_ALLANY:
1679 branchlength++;
1680 cc++;
1681 break;
1682
1683 /* The single-byte matcher isn't allowed */
1684
1685 case OP_ANYBYTE:
1686 return -2;
1687
1688 /* Check a class for variable quantification */
1689
1690 #ifdef SUPPORT_UTF8
1691 case OP_XCLASS:
1692 cc += GET(cc, 1) - 33;
1693 /* Fall through */
1694 #endif
1695
1696 case OP_CLASS:
1697 case OP_NCLASS:
1698 cc += 33;
1699
1700 switch (*cc)
1701 {
1702 case OP_CRSTAR:
1703 case OP_CRMINSTAR:
1704 case OP_CRQUERY:
1705 case OP_CRMINQUERY:
1706 return -1;
1707
1708 case OP_CRRANGE:
1709 case OP_CRMINRANGE:
1710 if (GET2(cc,1) != GET2(cc,3)) return -1;
1711 branchlength += GET2(cc,1);
1712 cc += 5;
1713 break;
1714
1715 default:
1716 branchlength++;
1717 }
1718 break;
1719
1720 /* Anything else is variable length */
1721
1722 default:
1723 return -1;
1724 }
1725 }
1726 /* Control never gets here */
1727 }
1728
1729
1730
1731
1732 /*************************************************
1733 * Scan compiled regex for specific bracket *
1734 *************************************************/
1735
1736 /* This little function scans through a compiled pattern until it finds a
1737 capturing bracket with the given number, or, if the number is negative, an
1738 instance of OP_REVERSE for a lookbehind. The function is global in the C sense
1739 so that it can be called from pcre_study() when finding the minimum matching
1740 length.
1741
1742 Arguments:
1743 code points to start of expression
1744 utf8 TRUE in UTF-8 mode
1745 number the required bracket number or negative to find a lookbehind
1746
1747 Returns: pointer to the opcode for the bracket, or NULL if not found
1748 */
1749
1750 const uschar *
1751 _pcre_find_bracket(const uschar *code, BOOL utf8, int number)
1752 {
1753 for (;;)
1754 {
1755 register int c = *code;
1756
1757 if (c == OP_END) return NULL;
1758
1759 /* XCLASS is used for classes that cannot be represented just by a bit
1760 map. This includes negated single high-valued characters. The length in
1761 the table is zero; the actual length is stored in the compiled code. */
1762
1763 if (c == OP_XCLASS) code += GET(code, 1);
1764
1765 /* Handle recursion */
1766
1767 else if (c == OP_REVERSE)
1768 {
1769 if (number < 0) return (uschar *)code;
1770 code += _pcre_OP_lengths[c];
1771 }
1772
1773 /* Handle capturing bracket */
1774
1775 else if (c == OP_CBRA || c == OP_SCBRA ||
1776 c == OP_CBRAPOS || c == OP_SCBRAPOS)
1777 {
1778 int n = GET2(code, 1+LINK_SIZE);
1779 if (n == number) return (uschar *)code;
1780 code += _pcre_OP_lengths[c];
1781 }
1782
1783 /* Otherwise, we can get the item's length from the table, except that for
1784 repeated character types, we have to test for \p and \P, which have an extra
1785 two bytes of parameters, and for MARK/PRUNE/SKIP/THEN with an argument, we
1786 must add in its length. */
1787
1788 else
1789 {
1790 switch(c)
1791 {
1792 case OP_TYPESTAR:
1793 case OP_TYPEMINSTAR:
1794 case OP_TYPEPLUS:
1795 case OP_TYPEMINPLUS:
1796 case OP_TYPEQUERY:
1797 case OP_TYPEMINQUERY:
1798 case OP_TYPEPOSSTAR:
1799 case OP_TYPEPOSPLUS:
1800 case OP_TYPEPOSQUERY:
1801 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
1802 break;
1803
1804 case OP_TYPEUPTO:
1805 case OP_TYPEMINUPTO:
1806 case OP_TYPEEXACT:
1807 case OP_TYPEPOSUPTO:
1808 if (code[3] == OP_PROP || code[3] == OP_NOTPROP) code += 2;
1809 break;
1810
1811 case OP_MARK:
1812 case OP_PRUNE_ARG:
1813 case OP_SKIP_ARG:
1814 code += code[1];
1815 break;
1816
1817 case OP_THEN_ARG:
1818 code += code[1];
1819 break;
1820 }
1821
1822 /* Add in the fixed length from the table */
1823
1824 code += _pcre_OP_lengths[c];
1825
1826 /* In UTF-8 mode, opcodes that are followed by a character may be followed by
1827 a multi-byte character. The length in the table is a minimum, so we have to
1828 arrange to skip the extra bytes. */
1829
1830 #ifdef SUPPORT_UTF8
1831 if (utf8) switch(c)
1832 {
1833 case OP_CHAR:
1834 case OP_CHARI:
1835 case OP_EXACT:
1836 case OP_EXACTI:
1837 case OP_UPTO:
1838 case OP_UPTOI:
1839 case OP_MINUPTO:
1840 case OP_MINUPTOI:
1841 case OP_POSUPTO:
1842 case OP_POSUPTOI:
1843 case OP_STAR:
1844 case OP_STARI:
1845 case OP_MINSTAR:
1846 case OP_MINSTARI:
1847 case OP_POSSTAR:
1848 case OP_POSSTARI:
1849 case OP_PLUS:
1850 case OP_PLUSI:
1851 case OP_MINPLUS:
1852 case OP_MINPLUSI:
1853 case OP_POSPLUS:
1854 case OP_POSPLUSI:
1855 case OP_QUERY:
1856 case OP_QUERYI:
1857 case OP_MINQUERY:
1858 case OP_MINQUERYI:
1859 case OP_POSQUERY:
1860 case OP_POSQUERYI:
1861 if (code[-1] >= 0xc0) code += _pcre_utf8_table4[code[-1] & 0x3f];
1862 break;
1863 }
1864 #else
1865 (void)(utf8); /* Keep compiler happy by referencing function argument */
1866 #endif
1867 }
1868 }
1869 }
1870
1871
1872
1873 /*************************************************
1874 * Scan compiled regex for recursion reference *
1875 *************************************************/
1876
1877 /* This little function scans through a compiled pattern until it finds an
1878 instance of OP_RECURSE.
1879
1880 Arguments:
1881 code points to start of expression
1882 utf8 TRUE in UTF-8 mode
1883
1884 Returns: pointer to the opcode for OP_RECURSE, or NULL if not found
1885 */
1886
1887 static const uschar *
1888 find_recurse(const uschar *code, BOOL utf8)
1889 {
1890 for (;;)
1891 {
1892 register int c = *code;
1893 if (c == OP_END) return NULL;
1894 if (c == OP_RECURSE) return code;
1895
1896 /* XCLASS is used for classes that cannot be represented just by a bit
1897 map. This includes negated single high-valued characters. The length in
1898 the table is zero; the actual length is stored in the compiled code. */
1899
1900 if (c == OP_XCLASS) code += GET(code, 1);
1901
1902 /* Otherwise, we can get the item's length from the table, except that for
1903 repeated character types, we have to test for \p and \P, which have an extra
1904 two bytes of parameters, and for MARK/PRUNE/SKIP/THEN with an argument, we
1905 must add in its length. */
1906
1907 else
1908 {
1909 switch(c)
1910 {
1911 case OP_TYPESTAR:
1912 case OP_TYPEMINSTAR:
1913 case OP_TYPEPLUS:
1914 case OP_TYPEMINPLUS:
1915 case OP_TYPEQUERY:
1916 case OP_TYPEMINQUERY:
1917 case OP_TYPEPOSSTAR:
1918 case OP_TYPEPOSPLUS:
1919 case OP_TYPEPOSQUERY:
1920 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
1921 break;
1922
1923 case OP_TYPEPOSUPTO:
1924 case OP_TYPEUPTO:
1925 case OP_TYPEMINUPTO:
1926 case OP_TYPEEXACT:
1927 if (code[3] == OP_PROP || code[3] == OP_NOTPROP) code += 2;
1928 break;
1929
1930 case OP_MARK:
1931 case OP_PRUNE_ARG:
1932 case OP_SKIP_ARG:
1933 code += code[1];
1934 break;
1935
1936 case OP_THEN_ARG:
1937 code += code[1];
1938 break;
1939 }
1940
1941 /* Add in the fixed length from the table */
1942
1943 code += _pcre_OP_lengths[c];
1944
1945 /* In UTF-8 mode, opcodes that are followed by a character may be followed
1946 by a multi-byte character. The length in the table is a minimum, so we have
1947 to arrange to skip the extra bytes. */
1948
1949 #ifdef SUPPORT_UTF8
1950 if (utf8) switch(c)
1951 {
1952 case OP_CHAR:
1953 case OP_CHARI:
1954 case OP_EXACT:
1955 case OP_EXACTI:
1956 case OP_UPTO:
1957 case OP_UPTOI:
1958 case OP_MINUPTO:
1959 case OP_MINUPTOI:
1960 case OP_POSUPTO:
1961 case OP_POSUPTOI:
1962 case OP_STAR:
1963 case OP_STARI:
1964 case OP_MINSTAR:
1965 case OP_MINSTARI:
1966 case OP_POSSTAR:
1967 case OP_POSSTARI:
1968 case OP_PLUS:
1969 case OP_PLUSI:
1970 case OP_MINPLUS:
1971 case OP_MINPLUSI:
1972 case OP_POSPLUS:
1973 case OP_POSPLUSI:
1974 case OP_QUERY:
1975 case OP_QUERYI:
1976 case OP_MINQUERY:
1977 case OP_MINQUERYI:
1978 case OP_POSQUERY:
1979 case OP_POSQUERYI:
1980 if (code[-1] >= 0xc0) code += _pcre_utf8_table4[code[-1] & 0x3f];
1981 break;
1982 }
1983 #else
1984 (void)(utf8); /* Keep compiler happy by referencing function argument */
1985 #endif
1986 }
1987 }
1988 }
1989
1990
1991
1992 /*************************************************
1993 * Scan compiled branch for non-emptiness *
1994 *************************************************/
1995
1996 /* This function scans through a branch of a compiled pattern to see whether it
1997 can match the empty string or not. It is called from could_be_empty()
1998 below and from compile_branch() when checking for an unlimited repeat of a
1999 group that can match nothing. Note that first_significant_code() skips over
2000 backward and negative forward assertions when its final argument is TRUE. If we
2001 hit an unclosed bracket, we return "empty" - this means we've struck an inner
2002 bracket whose current branch will already have been scanned.
2003
2004 Arguments:
2005 code points to start of search
2006 endcode points to where to stop
2007 utf8 TRUE if in UTF8 mode
2008 cd contains pointers to tables etc.
2009
2010 Returns: TRUE if what is matched could be empty
2011 */
2012
2013 static BOOL
2014 could_be_empty_branch(const uschar *code, const uschar *endcode, BOOL utf8,
2015 compile_data *cd)
2016 {
2017 register int c;
2018 for (code = first_significant_code(code + _pcre_OP_lengths[*code], TRUE);
2019 code < endcode;
2020 code = first_significant_code(code + _pcre_OP_lengths[c], TRUE))
2021 {
2022 const uschar *ccode;
2023
2024 c = *code;
2025
2026 /* Skip over forward assertions; the other assertions are skipped by
2027 first_significant_code() with a TRUE final argument. */
2028
2029 if (c == OP_ASSERT)
2030 {
2031 do code += GET(code, 1); while (*code == OP_ALT);
2032 c = *code;
2033 continue;
2034 }
2035
2036 /* For a recursion/subroutine call, if its end has been reached, which
2037 implies a backward reference subroutine call, we can scan it. If it's a
2038 forward reference subroutine call, we can't. To detect forward reference
2039 we have to scan up the list that is kept in the workspace. This function is
2040 called only when doing the real compile, not during the pre-compile that
2041 measures the size of the compiled pattern. */
2042
2043 if (c == OP_RECURSE)
2044 {
2045 const uschar *scode;
2046 BOOL empty_branch;
2047
2048 /* Test for forward reference */
2049
2050 for (scode = cd->start_workspace; scode < cd->hwm; scode += LINK_SIZE)
2051 if (GET(scode, 0) == code + 1 - cd->start_code) return TRUE;
2052
2053 /* Not a forward reference, test for completed backward reference */
2054
2055 empty_branch = FALSE;
2056 scode = cd->start_code + GET(code, 1);
2057 if (GET(scode, 1) == 0) return TRUE; /* Unclosed */
2058
2059 /* Completed backwards reference */
2060
2061 do
2062 {
2063 if (could_be_empty_branch(scode, endcode, utf8, cd))
2064 {
2065 empty_branch = TRUE;
2066 break;
2067 }
2068 scode += GET(scode, 1);
2069 }
2070 while (*scode == OP_ALT);
2071
2072 if (!empty_branch) return FALSE; /* All branches are non-empty */
2073 continue;
2074 }
2075
2076 /* Groups with zero repeats can of course be empty; skip them. */
2077
2078 if (c == OP_BRAZERO || c == OP_BRAMINZERO || c == OP_SKIPZERO ||
2079 c == OP_BRAPOSZERO)
2080 {
2081 code += _pcre_OP_lengths[c];
2082 do code += GET(code, 1); while (*code == OP_ALT);
2083 c = *code;
2084 continue;
2085 }
2086
2087 /* A nested group that is already marked as "could be empty" can just be
2088 skipped. */
2089
2090 if (c == OP_SBRA || c == OP_SBRAPOS ||
2091 c == OP_SCBRA || c == OP_SCBRAPOS)
2092 {
2093 do code += GET(code, 1); while (*code == OP_ALT);
2094 c = *code;
2095 continue;
2096 }
2097
2098 /* For other groups, scan the branches. */
2099
2100 if (c == OP_BRA || c == OP_BRAPOS ||
2101 c == OP_CBRA || c == OP_CBRAPOS ||
2102 c == OP_ONCE || c == OP_ONCE_NC ||
2103 c == OP_COND)
2104 {
2105 BOOL empty_branch;
2106 if (GET(code, 1) == 0) return TRUE; /* Hit unclosed bracket */
2107
2108 /* If a conditional group has only one branch, there is a second, implied,
2109 empty branch, so just skip over the conditional, because it could be empty.
2110 Otherwise, scan the individual branches of the group. */
2111
2112 if (c == OP_COND && code[GET(code, 1)] != OP_ALT)
2113 code += GET(code, 1);
2114 else
2115 {
2116 empty_branch = FALSE;
2117 do
2118 {
2119 if (!empty_branch && could_be_empty_branch(code, endcode, utf8, cd))
2120 empty_branch = TRUE;
2121 code += GET(code, 1);
2122 }
2123 while (*code == OP_ALT);
2124 if (!empty_branch) return FALSE; /* All branches are non-empty */
2125 }
2126
2127 c = *code;
2128 continue;
2129 }
2130
2131 /* Handle the other opcodes */
2132
2133 switch (c)
2134 {
2135 /* Check for quantifiers after a class. XCLASS is used for classes that
2136 cannot be represented just by a bit map. This includes negated single
2137 high-valued characters. The length in _pcre_OP_lengths[] is zero; the
2138 actual length is stored in the compiled code, so we must update "code"
2139 here. */
2140
2141 #ifdef SUPPORT_UTF8
2142 case OP_XCLASS:
2143 ccode = code += GET(code, 1);
2144 goto CHECK_CLASS_REPEAT;
2145 #endif
2146
2147 case OP_CLASS:
2148 case OP_NCLASS:
2149 ccode = code + 33;
2150
2151 #ifdef SUPPORT_UTF8
2152 CHECK_CLASS_REPEAT:
2153 #endif
2154
2155 switch (*ccode)
2156 {
2157 case OP_CRSTAR: /* These could be empty; continue */
2158 case OP_CRMINSTAR:
2159 case OP_CRQUERY:
2160 case OP_CRMINQUERY:
2161 break;
2162
2163 default: /* Non-repeat => class must match */
2164 case OP_CRPLUS: /* These repeats aren't empty */
2165 case OP_CRMINPLUS:
2166 return FALSE;
2167
2168 case OP_CRRANGE:
2169 case OP_CRMINRANGE:
2170 if (GET2(ccode, 1) > 0) return FALSE; /* Minimum > 0 */
2171 break;
2172 }
2173 break;
2174
2175 /* Opcodes that must match a character */
2176
2177 case OP_PROP:
2178 case OP_NOTPROP:
2179 case OP_EXTUNI:
2180 case OP_NOT_DIGIT:
2181 case OP_DIGIT:
2182 case OP_NOT_WHITESPACE:
2183 case OP_WHITESPACE:
2184 case OP_NOT_WORDCHAR:
2185 case OP_WORDCHAR:
2186 case OP_ANY:
2187 case OP_ALLANY:
2188 case OP_ANYBYTE:
2189 case OP_CHAR:
2190 case OP_CHARI:
2191 case OP_NOT:
2192 case OP_NOTI:
2193 case OP_PLUS:
2194 case OP_MINPLUS:
2195 case OP_POSPLUS:
2196 case OP_EXACT:
2197 case OP_NOTPLUS:
2198 case OP_NOTMINPLUS:
2199 case OP_NOTPOSPLUS:
2200 case OP_NOTEXACT:
2201 case OP_TYPEPLUS:
2202 case OP_TYPEMINPLUS:
2203 case OP_TYPEPOSPLUS:
2204 case OP_TYPEEXACT:
2205 return FALSE;
2206
2207 /* These are going to continue, as they may be empty, but we have to
2208 fudge the length for the \p and \P cases. */
2209
2210 case OP_TYPESTAR:
2211 case OP_TYPEMINSTAR:
2212 case OP_TYPEPOSSTAR:
2213 case OP_TYPEQUERY:
2214 case OP_TYPEMINQUERY:
2215 case OP_TYPEPOSQUERY:
2216 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2217 break;
2218
2219 /* Same for these */
2220
2221 case OP_TYPEUPTO:
2222 case OP_TYPEMINUPTO:
2223 case OP_TYPEPOSUPTO:
2224 if (code[3] == OP_PROP || code[3] == OP_NOTPROP) code += 2;
2225 break;
2226
2227 /* End of branch */
2228
2229 case OP_KET:
2230 case OP_KETRMAX:
2231 case OP_KETRMIN:
2232 case OP_KETRPOS:
2233 case OP_ALT:
2234 return TRUE;
2235
2236 /* In UTF-8 mode, STAR, MINSTAR, POSSTAR, QUERY, MINQUERY, POSQUERY, UPTO,
2237 MINUPTO, and POSUPTO may be followed by a multibyte character */
2238
2239 #ifdef SUPPORT_UTF8
2240 case OP_STAR:
2241 case OP_STARI:
2242 case OP_MINSTAR:
2243 case OP_MINSTARI:
2244 case OP_POSSTAR:
2245 case OP_POSSTARI:
2246 case OP_QUERY:
2247 case OP_QUERYI:
2248 case OP_MINQUERY:
2249 case OP_MINQUERYI:
2250 case OP_POSQUERY:
2251 case OP_POSQUERYI:
2252 if (utf8 && code[1] >= 0xc0) code += _pcre_utf8_table4[code[1] & 0x3f];
2253 break;
2254
2255 case OP_UPTO:
2256 case OP_UPTOI:
2257 case OP_MINUPTO:
2258 case OP_MINUPTOI:
2259 case OP_POSUPTO:
2260 case OP_POSUPTOI:
2261 if (utf8 && code[3] >= 0xc0) code += _pcre_utf8_table4[code[3] & 0x3f];
2262 break;
2263 #endif
2264
2265 /* MARK, and PRUNE/SKIP/THEN with an argument must skip over the argument
2266 string. */
2267
2268 case OP_MARK:
2269 case OP_PRUNE_ARG:
2270 case OP_SKIP_ARG:
2271 code += code[1];
2272 break;
2273
2274 case OP_THEN_ARG:
2275 code += code[1];
2276 break;
2277
2278 /* None of the remaining opcodes are required to match a character. */
2279
2280 default:
2281 break;
2282 }
2283 }
2284
2285 return TRUE;
2286 }
2287
2288
2289
2290 /*************************************************
2291 * Scan compiled regex for non-emptiness *
2292 *************************************************/
2293
2294 /* This function is called to check for left recursive calls. We want to check
2295 the current branch of the current pattern to see if it could match the empty
2296 string. If it could, we must look outwards for branches at other levels,
2297 stopping when we pass beyond the bracket which is the subject of the recursion.
2298 This function is called only during the real compile, not during the
2299 pre-compile.
2300
2301 Arguments:
2302 code points to start of the recursion
2303 endcode points to where to stop (current RECURSE item)
2304 bcptr points to the chain of current (unclosed) branch starts
2305 utf8 TRUE if in UTF-8 mode
2306 cd pointers to tables etc
2307
2308 Returns: TRUE if what is matched could be empty
2309 */
2310
2311 static BOOL
2312 could_be_empty(const uschar *code, const uschar *endcode, branch_chain *bcptr,
2313 BOOL utf8, compile_data *cd)
2314 {
2315 while (bcptr != NULL && bcptr->current_branch >= code)
2316 {
2317 if (!could_be_empty_branch(bcptr->current_branch, endcode, utf8, cd))
2318 return FALSE;
2319 bcptr = bcptr->outer;
2320 }
2321 return TRUE;
2322 }
2323
2324
2325
2326 /*************************************************
2327 * Check for POSIX class syntax *
2328 *************************************************/
2329
2330 /* This function is called when the sequence "[:" or "[." or "[=" is
2331 encountered in a character class. It checks whether this is followed by a
2332 sequence of characters terminated by a matching ":]" or ".]" or "=]". If we
2333 reach an unescaped ']' without the special preceding character, return FALSE.
2334
2335 Originally, this function only recognized a sequence of letters between the
2336 terminators, but it seems that Perl recognizes any sequence of characters,
2337 though of course unknown POSIX names are subsequently rejected. Perl gives an
2338 "Unknown POSIX class" error for [:f\oo:] for example, where previously PCRE
2339 didn't consider this to be a POSIX class. Likewise for [:1234:].
2340
2341 The problem in trying to be exactly like Perl is in the handling of escapes. We
2342 have to be sure that [abc[:x\]pqr] is *not* treated as containing a POSIX
2343 class, but [abc[:x\]pqr:]] is (so that an error can be generated). The code
2344 below handles the special case of \], but does not try to do any other escape
2345 processing. This makes it different from Perl for cases such as [:l\ower:]
2346 where Perl recognizes it as the POSIX class "lower" but PCRE does not recognize
2347 "l\ower". This is a lesser evil that not diagnosing bad classes when Perl does,
2348 I think.
2349
2350 A user pointed out that PCRE was rejecting [:a[:digit:]] whereas Perl was not.
2351 It seems that the appearance of a nested POSIX class supersedes an apparent
2352 external class. For example, [:a[:digit:]b:] matches "a", "b", ":", or
2353 a digit.
2354
2355 In Perl, unescaped square brackets may also appear as part of class names. For
2356 example, [:a[:abc]b:] gives unknown POSIX class "[:abc]b:]". However, for
2357 [:a[:abc]b][b:] it gives unknown POSIX class "[:abc]b][b:]", which does not
2358 seem right at all. PCRE does not allow closing square brackets in POSIX class
2359 names.
2360
2361 Arguments:
2362 ptr pointer to the initial [
2363 endptr where to return the end pointer
2364
2365 Returns: TRUE or FALSE
2366 */
2367
2368 static BOOL
2369 check_posix_syntax(const uschar *ptr, const uschar **endptr)
2370 {
2371 int terminator; /* Don't combine these lines; the Solaris cc */
2372 terminator = *(++ptr); /* compiler warns about "non-constant" initializer. */
2373 for (++ptr; *ptr != 0; ptr++)
2374 {
2375 if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
2376 ptr++;
2377 else if (*ptr == CHAR_RIGHT_SQUARE_BRACKET) return FALSE;
2378 else
2379 {
2380 if (*ptr == terminator && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
2381 {
2382 *endptr = ptr;
2383 return TRUE;
2384 }
2385 if (*ptr == CHAR_LEFT_SQUARE_BRACKET &&
2386 (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
2387 ptr[1] == CHAR_EQUALS_SIGN) &&
2388 check_posix_syntax(ptr, endptr))
2389 return FALSE;
2390 }
2391 }
2392 return FALSE;
2393 }
2394
2395
2396
2397
2398 /*************************************************
2399 * Check POSIX class name *
2400 *************************************************/
2401
2402 /* This function is called to check the name given in a POSIX-style class entry
2403 such as [:alnum:].
2404
2405 Arguments:
2406 ptr points to the first letter
2407 len the length of the name
2408
2409 Returns: a value representing the name, or -1 if unknown
2410 */
2411
2412 static int
2413 check_posix_name(const uschar *ptr, int len)
2414 {
2415 const char *pn = posix_names;
2416 register int yield = 0;
2417 while (posix_name_lengths[yield] != 0)
2418 {
2419 if (len == posix_name_lengths[yield] &&
2420 strncmp((const char *)ptr, pn, len) == 0) return yield;
2421 pn += posix_name_lengths[yield] + 1;
2422 yield++;
2423 }
2424 return -1;
2425 }
2426
2427
2428 /*************************************************
2429 * Adjust OP_RECURSE items in repeated group *
2430 *************************************************/
2431
2432 /* OP_RECURSE items contain an offset from the start of the regex to the group
2433 that is referenced. This means that groups can be replicated for fixed
2434 repetition simply by copying (because the recursion is allowed to refer to
2435 earlier groups that are outside the current group). However, when a group is
2436 optional (i.e. the minimum quantifier is zero), OP_BRAZERO or OP_SKIPZERO is
2437 inserted before it, after it has been compiled. This means that any OP_RECURSE
2438 items within it that refer to the group itself or any contained groups have to
2439 have their offsets adjusted. That one of the jobs of this function. Before it
2440 is called, the partially compiled regex must be temporarily terminated with
2441 OP_END.
2442
2443 This function has been extended with the possibility of forward references for
2444 recursions and subroutine calls. It must also check the list of such references
2445 for the group we are dealing with. If it finds that one of the recursions in
2446 the current group is on this list, it adjusts the offset in the list, not the
2447 value in the reference (which is a group number).
2448
2449 Arguments:
2450 group points to the start of the group
2451 adjust the amount by which the group is to be moved
2452 utf8 TRUE in UTF-8 mode
2453 cd contains pointers to tables etc.
2454 save_hwm the hwm forward reference pointer at the start of the group
2455
2456 Returns: nothing
2457 */
2458
2459 static void
2460 adjust_recurse(uschar *group, int adjust, BOOL utf8, compile_data *cd,
2461 uschar *save_hwm)
2462 {
2463 uschar *ptr = group;
2464
2465 while ((ptr = (uschar *)find_recurse(ptr, utf8)) != NULL)
2466 {
2467 int offset;
2468 uschar *hc;
2469
2470 /* See if this recursion is on the forward reference list. If so, adjust the
2471 reference. */
2472
2473 for (hc = save_hwm; hc < cd->hwm; hc += LINK_SIZE)
2474 {
2475 offset = GET(hc, 0);
2476 if (cd->start_code + offset == ptr + 1)
2477 {
2478 PUT(hc, 0, offset + adjust);
2479 break;
2480 }
2481 }
2482
2483 /* Otherwise, adjust the recursion offset if it's after the start of this
2484 group. */
2485
2486 if (hc >= cd->hwm)
2487 {
2488 offset = GET(ptr, 1);
2489 if (cd->start_code + offset >= group) PUT(ptr, 1, offset + adjust);
2490 }
2491
2492 ptr += 1 + LINK_SIZE;
2493 }
2494 }
2495
2496
2497
2498 /*************************************************
2499 * Insert an automatic callout point *
2500 *************************************************/
2501
2502 /* This function is called when the PCRE_AUTO_CALLOUT option is set, to insert
2503 callout points before each pattern item.
2504
2505 Arguments:
2506 code current code pointer
2507 ptr current pattern pointer
2508 cd pointers to tables etc
2509
2510 Returns: new code pointer
2511 */
2512
2513 static uschar *
2514 auto_callout(uschar *code, const uschar *ptr, compile_data *cd)
2515 {
2516 *code++ = OP_CALLOUT;
2517 *code++ = 255;
2518 PUT(code, 0, (int)(ptr - cd->start_pattern)); /* Pattern offset */
2519 PUT(code, LINK_SIZE, 0); /* Default length */
2520 return code + 2*LINK_SIZE;
2521 }
2522
2523
2524
2525 /*************************************************
2526 * Complete a callout item *
2527 *************************************************/
2528
2529 /* A callout item contains the length of the next item in the pattern, which
2530 we can't fill in till after we have reached the relevant point. This is used
2531 for both automatic and manual callouts.
2532
2533 Arguments:
2534 previous_callout points to previous callout item
2535 ptr current pattern pointer
2536 cd pointers to tables etc
2537
2538 Returns: nothing
2539 */
2540
2541 static void
2542 complete_callout(uschar *previous_callout, const uschar *ptr, compile_data *cd)
2543 {
2544 int length = (int)(ptr - cd->start_pattern - GET(previous_callout, 2));
2545 PUT(previous_callout, 2 + LINK_SIZE, length);
2546 }
2547
2548
2549
2550 #ifdef SUPPORT_UCP
2551 /*************************************************
2552 * Get othercase range *
2553 *************************************************/
2554
2555 /* This function is passed the start and end of a class range, in UTF-8 mode
2556 with UCP support. It searches up the characters, looking for internal ranges of
2557 characters in the "other" case. Each call returns the next one, updating the
2558 start address.
2559
2560 Arguments:
2561 cptr points to starting character value; updated
2562 d end value
2563 ocptr where to put start of othercase range
2564 odptr where to put end of othercase range
2565
2566 Yield: TRUE when range returned; FALSE when no more
2567 */
2568
2569 static BOOL
2570 get_othercase_range(unsigned int *cptr, unsigned int d, unsigned int *ocptr,
2571 unsigned int *odptr)
2572 {
2573 unsigned int c, othercase, next;
2574
2575 for (c = *cptr; c <= d; c++)
2576 { if ((othercase = UCD_OTHERCASE(c)) != c) break; }
2577
2578 if (c > d) return FALSE;
2579
2580 *ocptr = othercase;
2581 next = othercase + 1;
2582
2583 for (++c; c <= d; c++)
2584 {
2585 if (UCD_OTHERCASE(c) != next) break;
2586 next++;
2587 }
2588
2589 *odptr = next - 1;
2590 *cptr = c;
2591
2592 return TRUE;
2593 }
2594
2595
2596
2597 /*************************************************
2598 * Check a character and a property *
2599 *************************************************/
2600
2601 /* This function is called by check_auto_possessive() when a property item
2602 is adjacent to a fixed character.
2603
2604 Arguments:
2605 c the character
2606 ptype the property type
2607 pdata the data for the type
2608 negated TRUE if it's a negated property (\P or \p{^)
2609
2610 Returns: TRUE if auto-possessifying is OK
2611 */
2612
2613 static BOOL
2614 check_char_prop(int c, int ptype, int pdata, BOOL negated)
2615 {
2616 const ucd_record *prop = GET_UCD(c);
2617 switch(ptype)
2618 {
2619 case PT_LAMP:
2620 return (prop->chartype == ucp_Lu ||
2621 prop->chartype == ucp_Ll ||
2622 prop->chartype == ucp_Lt) == negated;
2623
2624 case PT_GC:
2625 return (pdata == _pcre_ucp_gentype[prop->chartype]) == negated;
2626
2627 case PT_PC:
2628 return (pdata == prop->chartype) == negated;
2629
2630 case PT_SC:
2631 return (pdata == prop->script) == negated;
2632
2633 /* These are specials */
2634
2635 case PT_ALNUM:
2636 return (_pcre_ucp_gentype[prop->chartype] == ucp_L ||
2637 _pcre_ucp_gentype[prop->chartype] == ucp_N) == negated;
2638
2639 case PT_SPACE: /* Perl space */
2640 return (_pcre_ucp_gentype[prop->chartype] == ucp_Z ||
2641 c == CHAR_HT || c == CHAR_NL || c == CHAR_FF || c == CHAR_CR)
2642 == negated;
2643
2644 case PT_PXSPACE: /* POSIX space */
2645 return (_pcre_ucp_gentype[prop->chartype] == ucp_Z ||
2646 c == CHAR_HT || c == CHAR_NL || c == CHAR_VT ||
2647 c == CHAR_FF || c == CHAR_CR)
2648 == negated;
2649
2650 case PT_WORD:
2651 return (_pcre_ucp_gentype[prop->chartype] == ucp_L ||
2652 _pcre_ucp_gentype[prop->chartype] == ucp_N ||
2653 c == CHAR_UNDERSCORE) == negated;
2654 }
2655 return FALSE;
2656 }
2657 #endif /* SUPPORT_UCP */
2658
2659
2660
2661 /*************************************************
2662 * Check if auto-possessifying is possible *
2663 *************************************************/
2664
2665 /* This function is called for unlimited repeats of certain items, to see
2666 whether the next thing could possibly match the repeated item. If not, it makes
2667 sense to automatically possessify the repeated item.
2668
2669 Arguments:
2670 previous pointer to the repeated opcode
2671 utf8 TRUE in UTF-8 mode
2672 ptr next character in pattern
2673 options options bits
2674 cd contains pointers to tables etc.
2675
2676 Returns: TRUE if possessifying is wanted
2677 */
2678
2679 static BOOL
2680 check_auto_possessive(const uschar *previous, BOOL utf8, const uschar *ptr,
2681 int options, compile_data *cd)
2682 {
2683 int c, next;
2684 int op_code = *previous++;
2685
2686 /* Skip whitespace and comments in extended mode */
2687
2688 if ((options & PCRE_EXTENDED) != 0)
2689 {
2690 for (;;)
2691 {
2692 while ((cd->ctypes[*ptr] & ctype_space) != 0) ptr++;
2693 if (*ptr == CHAR_NUMBER_SIGN)
2694 {
2695 ptr++;
2696 while (*ptr != 0)
2697 {
2698 if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }
2699 ptr++;
2700 #ifdef SUPPORT_UTF8
2701 if (utf8) while ((*ptr & 0xc0) == 0x80) ptr++;
2702 #endif
2703 }
2704 }
2705 else break;
2706 }
2707 }
2708
2709 /* If the next item is one that we can handle, get its value. A non-negative
2710 value is a character, a negative value is an escape value. */
2711
2712 if (*ptr == CHAR_BACKSLASH)
2713 {
2714 int temperrorcode = 0;
2715 next = check_escape(&ptr, &temperrorcode, cd->bracount, options, FALSE);
2716 if (temperrorcode != 0) return FALSE;
2717 ptr++; /* Point after the escape sequence */
2718 }
2719
2720 else if ((cd->ctypes[*ptr] & ctype_meta) == 0)
2721 {
2722 #ifdef SUPPORT_UTF8
2723 if (utf8) { GETCHARINC(next, ptr); } else
2724 #endif
2725 next = *ptr++;
2726 }
2727
2728 else return FALSE;
2729
2730 /* Skip whitespace and comments in extended mode */
2731
2732 if ((options & PCRE_EXTENDED) != 0)
2733 {
2734 for (;;)
2735 {
2736 while ((cd->ctypes[*ptr] & ctype_space) != 0) ptr++;
2737 if (*ptr == CHAR_NUMBER_SIGN)
2738 {
2739 ptr++;
2740 while (*ptr != 0)
2741 {
2742 if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }
2743 ptr++;
2744 #ifdef SUPPORT_UTF8
2745 if (utf8) while ((*ptr & 0xc0) == 0x80) ptr++;
2746 #endif
2747 }
2748 }
2749 else break;
2750 }
2751 }
2752
2753 /* If the next thing is itself optional, we have to give up. */
2754
2755 if (*ptr == CHAR_ASTERISK || *ptr == CHAR_QUESTION_MARK ||
2756 strncmp((char *)ptr, STR_LEFT_CURLY_BRACKET STR_0 STR_COMMA, 3) == 0)
2757 return FALSE;
2758
2759 /* Now compare the next item with the previous opcode. First, handle cases when
2760 the next item is a character. */
2761
2762 if (next >= 0) switch(op_code)
2763 {
2764 case OP_CHAR:
2765 #ifdef SUPPORT_UTF8
2766 GETCHARTEST(c, previous);
2767 #else
2768 c = *previous;
2769 #endif
2770 return c != next;
2771
2772 /* For CHARI (caseless character) we must check the other case. If we have
2773 Unicode property support, we can use it to test the other case of
2774 high-valued characters. */
2775
2776 case OP_CHARI:
2777 #ifdef SUPPORT_UTF8
2778 GETCHARTEST(c, previous);
2779 #else
2780 c = *previous;
2781 #endif
2782 if (c == next) return FALSE;
2783 #ifdef SUPPORT_UTF8
2784 if (utf8)
2785 {
2786 unsigned int othercase;
2787 if (next < 128) othercase = cd->fcc[next]; else
2788 #ifdef SUPPORT_UCP
2789 othercase = UCD_OTHERCASE((unsigned int)next);
2790 #else
2791 othercase = NOTACHAR;
2792 #endif
2793 return (unsigned int)c != othercase;
2794 }
2795 else
2796 #endif /* SUPPORT_UTF8 */
2797 return (c != cd->fcc[next]); /* Non-UTF-8 mode */
2798
2799 /* For OP_NOT and OP_NOTI, the data is always a single-byte character. These
2800 opcodes are not used for multi-byte characters, because they are coded using
2801 an XCLASS instead. */
2802
2803 case OP_NOT:
2804 return (c = *previous) == next;
2805
2806 case OP_NOTI:
2807 if ((c = *previous) == next) return TRUE;
2808 #ifdef SUPPORT_UTF8
2809 if (utf8)
2810 {
2811 unsigned int othercase;
2812 if (next < 128) othercase = cd->fcc[next]; else
2813 #ifdef SUPPORT_UCP
2814 othercase = UCD_OTHERCASE(next);
2815 #else
2816 othercase = NOTACHAR;
2817 #endif
2818 return (unsigned int)c == othercase;
2819 }
2820 else
2821 #endif /* SUPPORT_UTF8 */
2822 return (c == cd->fcc[next]); /* Non-UTF-8 mode */
2823
2824 /* Note that OP_DIGIT etc. are generated only when PCRE_UCP is *not* set.
2825 When it is set, \d etc. are converted into OP_(NOT_)PROP codes. */
2826
2827 case OP_DIGIT:
2828 return next > 127 || (cd->ctypes[next] & ctype_digit) == 0;
2829
2830 case OP_NOT_DIGIT:
2831 return next <= 127 && (cd->ctypes[next] & ctype_digit) != 0;
2832
2833 case OP_WHITESPACE:
2834 return next > 127 || (cd->ctypes[next] & ctype_space) == 0;
2835
2836 case OP_NOT_WHITESPACE:
2837 return next <= 127 && (cd->ctypes[next] & ctype_space) != 0;
2838
2839 case OP_WORDCHAR:
2840 return next > 127 || (cd->ctypes[next] & ctype_word) == 0;
2841
2842 case OP_NOT_WORDCHAR:
2843 return next <= 127 && (cd->ctypes[next] & ctype_word) != 0;
2844
2845 case OP_HSPACE:
2846 case OP_NOT_HSPACE:
2847 switch(next)
2848 {
2849 case 0x09:
2850 case 0x20:
2851 case 0xa0:
2852 case 0x1680:
2853 case 0x180e:
2854 case 0x2000:
2855 case 0x2001:
2856 case 0x2002:
2857 case 0x2003:
2858 case 0x2004:
2859 case 0x2005:
2860 case 0x2006:
2861 case 0x2007:
2862 case 0x2008:
2863 case 0x2009:
2864 case 0x200A:
2865 case 0x202f:
2866 case 0x205f:
2867 case 0x3000:
2868 return op_code == OP_NOT_HSPACE;
2869 default:
2870 return op_code != OP_NOT_HSPACE;
2871 }
2872
2873 case OP_ANYNL:
2874 case OP_VSPACE:
2875 case OP_NOT_VSPACE:
2876 switch(next)
2877 {
2878 case 0x0a:
2879 case 0x0b:
2880 case 0x0c:
2881 case 0x0d:
2882 case 0x85:
2883 case 0x2028:
2884 case 0x2029:
2885 return op_code == OP_NOT_VSPACE;
2886 default:
2887 return op_code != OP_NOT_VSPACE;
2888 }
2889
2890 #ifdef SUPPORT_UCP
2891 case OP_PROP:
2892 return check_char_prop(next, previous[0], previous[1], FALSE);
2893
2894 case OP_NOTPROP:
2895 return check_char_prop(next, previous[0], previous[1], TRUE);
2896 #endif
2897
2898 default:
2899 return FALSE;
2900 }
2901
2902
2903 /* Handle the case when the next item is \d, \s, etc. Note that when PCRE_UCP
2904 is set, \d turns into ESC_du rather than ESC_d, etc., so ESC_d etc. are
2905 generated only when PCRE_UCP is *not* set, that is, when only ASCII
2906 characteristics are recognized. Similarly, the opcodes OP_DIGIT etc. are
2907 replaced by OP_PROP codes when PCRE_UCP is set. */
2908
2909 switch(op_code)
2910 {
2911 case OP_CHAR:
2912 case OP_CHARI:
2913 #ifdef SUPPORT_UTF8
2914 GETCHARTEST(c, previous);
2915 #else
2916 c = *previous;
2917 #endif
2918 switch(-next)
2919 {
2920 case ESC_d:
2921 return c > 127 || (cd->ctypes[c] & ctype_digit) == 0;
2922
2923 case ESC_D:
2924 return c <= 127 && (cd->ctypes[c] & ctype_digit) != 0;
2925
2926 case ESC_s:
2927 return c > 127 || (cd->ctypes[c] & ctype_space) == 0;
2928
2929 case ESC_S:
2930 return c <= 127 && (cd->ctypes[c] & ctype_space) != 0;
2931
2932 case ESC_w:
2933 return c > 127 || (cd->ctypes[c] & ctype_word) == 0;
2934
2935 case ESC_W:
2936 return c <= 127 && (cd->ctypes[c] & ctype_word) != 0;
2937
2938 case ESC_h:
2939 case ESC_H:
2940 switch(c)
2941 {
2942 case 0x09:
2943 case 0x20:
2944 case 0xa0:
2945 case 0x1680:
2946 case 0x180e:
2947 case 0x2000:
2948 case 0x2001:
2949 case 0x2002:
2950 case 0x2003:
2951 case 0x2004:
2952 case 0x2005:
2953 case 0x2006:
2954 case 0x2007:
2955 case 0x2008:
2956 case 0x2009:
2957 case 0x200A:
2958 case 0x202f:
2959 case 0x205f:
2960 case 0x3000:
2961 return -next != ESC_h;
2962 default:
2963 return -next == ESC_h;
2964 }
2965
2966 case ESC_v:
2967 case ESC_V:
2968 switch(c)
2969 {
2970 case 0x0a:
2971 case 0x0b:
2972 case 0x0c:
2973 case 0x0d:
2974 case 0x85:
2975 case 0x2028:
2976 case 0x2029:
2977 return -next != ESC_v;
2978 default:
2979 return -next == ESC_v;
2980 }
2981
2982 /* When PCRE_UCP is set, these values get generated for \d etc. Find
2983 their substitutions and process them. The result will always be either
2984 -ESC_p or -ESC_P. Then fall through to process those values. */
2985
2986 #ifdef SUPPORT_UCP
2987 case ESC_du:
2988 case ESC_DU:
2989 case ESC_wu:
2990 case ESC_WU:
2991 case ESC_su:
2992 case ESC_SU:
2993 {
2994 int temperrorcode = 0;
2995 ptr = substitutes[-next - ESC_DU];
2996 next = check_escape(&ptr, &temperrorcode, 0, options, FALSE);
2997 if (temperrorcode != 0) return FALSE;
2998 ptr++; /* For compatibility */
2999 }
3000 /* Fall through */
3001
3002 case ESC_p:
3003 case ESC_P:
3004 {
3005 int ptype, pdata, errorcodeptr;
3006 BOOL negated;
3007
3008 ptr--; /* Make ptr point at the p or P */
3009 ptype = get_ucp(&ptr, &negated, &pdata, &errorcodeptr);
3010 if (ptype < 0) return FALSE;
3011 ptr++; /* Point past the final curly ket */
3012
3013 /* If the property item is optional, we have to give up. (When generated
3014 from \d etc by PCRE_UCP, this test will have been applied much earlier,
3015 to the original \d etc. At this point, ptr will point to a zero byte. */
3016
3017 if (*ptr == CHAR_ASTERISK || *ptr == CHAR_QUESTION_MARK ||
3018 strncmp((char *)ptr, STR_LEFT_CURLY_BRACKET STR_0 STR_COMMA, 3) == 0)
3019 return FALSE;
3020
3021 /* Do the property check. */
3022
3023 return check_char_prop(c, ptype, pdata, (next == -ESC_P) != negated);
3024 }
3025 #endif
3026
3027 default:
3028 return FALSE;
3029 }
3030
3031 /* In principle, support for Unicode properties should be integrated here as
3032 well. It means re-organizing the above code so as to get hold of the property
3033 values before switching on the op-code. However, I wonder how many patterns
3034 combine ASCII \d etc with Unicode properties? (Note that if PCRE_UCP is set,
3035 these op-codes are never generated.) */
3036
3037 case OP_DIGIT:
3038 return next == -ESC_D || next == -ESC_s || next == -ESC_W ||
3039 next == -ESC_h || next == -ESC_v || next == -ESC_R;
3040
3041 case OP_NOT_DIGIT:
3042 return next == -ESC_d;
3043
3044 case OP_WHITESPACE:
3045 return next == -ESC_S || next == -ESC_d || next == -ESC_w || next == -ESC_R;
3046
3047 case OP_NOT_WHITESPACE:
3048 return next == -ESC_s || next == -ESC_h || next == -ESC_v;
3049
3050 case OP_HSPACE:
3051 return next == -ESC_S || next == -ESC_H || next == -ESC_d ||
3052 next == -ESC_w || next == -ESC_v || next == -ESC_R;
3053
3054 case OP_NOT_HSPACE:
3055 return next == -ESC_h;
3056
3057 /* Can't have \S in here because VT matches \S (Perl anomaly) */
3058 case OP_ANYNL:
3059 case OP_VSPACE:
3060 return next == -ESC_V || next == -ESC_d || next == -ESC_w;
3061
3062 case OP_NOT_VSPACE:
3063 return next == -ESC_v || next == -ESC_R;
3064
3065 case OP_WORDCHAR:
3066 return next == -ESC_W || next == -ESC_s || next == -ESC_h ||
3067 next == -ESC_v || next == -ESC_R;
3068
3069 case OP_NOT_WORDCHAR:
3070 return next == -ESC_w || next == -ESC_d;
3071
3072 default:
3073 return FALSE;
3074 }
3075
3076 /* Control does not reach here */
3077 }
3078
3079
3080
3081 /*************************************************
3082 * Compile one branch *
3083 *************************************************/
3084
3085 /* Scan the pattern, compiling it into the a vector. If the options are
3086 changed during the branch, the pointer is used to change the external options
3087 bits. This function is used during the pre-compile phase when we are trying
3088 to find out the amount of memory needed, as well as during the real compile
3089 phase. The value of lengthptr distinguishes the two phases.
3090
3091 Arguments:
3092 optionsptr pointer to the option bits
3093 codeptr points to the pointer to the current code point
3094 ptrptr points to the current pattern pointer
3095 errorcodeptr points to error code variable
3096 firstbyteptr set to initial literal character, or < 0 (REQ_UNSET, REQ_NONE)
3097 reqbyteptr set to the last literal character required, else < 0
3098 bcptr points to current branch chain
3099 cond_depth conditional nesting depth
3100 cd contains pointers to tables etc.
3101 lengthptr NULL during the real compile phase
3102 points to length accumulator during pre-compile phase
3103
3104 Returns: TRUE on success
3105 FALSE, with *errorcodeptr set non-zero on error
3106 */
3107
3108 static BOOL
3109 compile_branch(int *optionsptr, uschar **codeptr, const uschar **ptrptr,
3110 int *errorcodeptr, int *firstbyteptr, int *reqbyteptr, branch_chain *bcptr,
3111 int cond_depth, compile_data *cd, int *lengthptr)
3112 {
3113 int repeat_type, op_type;
3114 int repeat_min = 0, repeat_max = 0; /* To please picky compilers */
3115 int bravalue = 0;
3116 int greedy_default, greedy_non_default;
3117 int firstbyte, reqbyte;
3118 int zeroreqbyte, zerofirstbyte;
3119 int req_caseopt, reqvary, tempreqvary;
3120 int options = *optionsptr; /* May change dynamically */
3121 int after_manual_callout = 0;
3122 int length_prevgroup = 0;
3123 register int c;
3124 register uschar *code = *codeptr;
3125 uschar *last_code = code;
3126 uschar *orig_code = code;
3127 uschar *tempcode;
3128 BOOL inescq = FALSE;
3129 BOOL groupsetfirstbyte = FALSE;
3130 const uschar *ptr = *ptrptr;
3131 const uschar *tempptr;
3132 const uschar *nestptr = NULL;
3133 uschar *previous = NULL;
3134 uschar *previous_callout = NULL;
3135 uschar *save_hwm = NULL;
3136 uschar classbits[32];
3137
3138 /* We can fish out the UTF-8 setting once and for all into a BOOL, but we
3139 must not do this for other options (e.g. PCRE_EXTENDED) because they may change
3140 dynamically as we process the pattern. */
3141
3142 #ifdef SUPPORT_UTF8
3143 BOOL class_utf8;
3144 BOOL utf8 = (options & PCRE_UTF8) != 0;
3145 uschar *class_utf8data;
3146 uschar *class_utf8data_base;
3147 uschar utf8_char[6];
3148 #else
3149 BOOL utf8 = FALSE;
3150 #endif
3151
3152 #ifdef PCRE_DEBUG
3153 if (lengthptr != NULL) DPRINTF((">> start branch\n"));
3154 #endif
3155
3156 /* Set up the default and non-default settings for greediness */
3157
3158 greedy_default = ((options & PCRE_UNGREEDY) != 0);
3159 greedy_non_default = greedy_default ^ 1;
3160
3161 /* Initialize no first byte, no required byte. REQ_UNSET means "no char
3162 matching encountered yet". It gets changed to REQ_NONE if we hit something that
3163 matches a non-fixed char first char; reqbyte just remains unset if we never
3164 find one.
3165
3166 When we hit a repeat whose minimum is zero, we may have to adjust these values
3167 to take the zero repeat into account. This is implemented by setting them to
3168 zerofirstbyte and zeroreqbyte when such a repeat is encountered. The individual
3169 item types that can be repeated set these backoff variables appropriately. */
3170
3171 firstbyte = reqbyte = zerofirstbyte = zeroreqbyte = REQ_UNSET;
3172
3173 /* The variable req_caseopt contains either the REQ_CASELESS value or zero,
3174 according to the current setting of the caseless flag. REQ_CASELESS is a bit
3175 value > 255. It is added into the firstbyte or reqbyte variables to record the
3176 case status of the value. This is used only for ASCII characters. */
3177
3178 req_caseopt = ((options & PCRE_CASELESS) != 0)? REQ_CASELESS : 0;
3179
3180 /* Switch on next character until the end of the branch */
3181
3182 for (;; ptr++)
3183 {
3184 BOOL negate_class;
3185 BOOL should_flip_negation;
3186 BOOL possessive_quantifier;
3187 BOOL is_quantifier;
3188 BOOL is_recurse;
3189 BOOL reset_bracount;
3190 int class_charcount;
3191 int class_lastchar;
3192 int newoptions;
3193 int recno;
3194 int refsign;
3195 int skipbytes;
3196 int subreqbyte;
3197 int subfirstbyte;
3198 int terminator;
3199 int mclength;
3200 int tempbracount;
3201 uschar mcbuffer[8];
3202
3203 /* Get next byte in the pattern */
3204
3205 c = *ptr;
3206
3207 /* If we are at the end of a nested substitution, revert to the outer level
3208 string. Nesting only happens one level deep. */
3209
3210 if (c == 0 && nestptr != NULL)
3211 {
3212 ptr = nestptr;
3213 nestptr = NULL;
3214 c = *ptr;
3215 }
3216
3217 /* If we are in the pre-compile phase, accumulate the length used for the
3218 previous cycle of this loop. */
3219
3220 if (lengthptr != NULL)
3221 {
3222 #ifdef PCRE_DEBUG
3223 if (code > cd->hwm) cd->hwm = code; /* High water info */
3224 #endif
3225 if (code > cd->start_workspace + WORK_SIZE_CHECK) /* Check for overrun */
3226 {
3227 *errorcodeptr = ERR52;
3228 goto FAILED;
3229 }
3230
3231 /* There is at least one situation where code goes backwards: this is the
3232 case of a zero quantifier after a class (e.g. [ab]{0}). At compile time,
3233 the class is simply eliminated. However, it is created first, so we have to
3234 allow memory for it. Therefore, don't ever reduce the length at this point.
3235 */
3236
3237 if (code < last_code) code = last_code;
3238
3239 /* Paranoid check for integer overflow */
3240
3241 if (OFLOW_MAX - *lengthptr < code - last_code)
3242 {
3243 *errorcodeptr = ERR20;
3244 goto FAILED;
3245 }
3246
3247 *lengthptr += (int)(code - last_code);
3248 DPRINTF(("length=%d added %d c=%c\n", *lengthptr, code - last_code, c));
3249
3250 /* If "previous" is set and it is not at the start of the work space, move
3251 it back to there, in order to avoid filling up the work space. Otherwise,
3252 if "previous" is NULL, reset the current code pointer to the start. */
3253
3254 if (previous != NULL)
3255 {
3256 if (previous > orig_code)
3257 {
3258 memmove(orig_code, previous, code - previous);
3259 code -= previous - orig_code;
3260 previous = orig_code;
3261 }
3262 }
3263 else code = orig_code;
3264
3265 /* Remember where this code item starts so we can pick up the length
3266 next time round. */
3267
3268 last_code = code;
3269 }
3270
3271 /* In the real compile phase, just check the workspace used by the forward
3272 reference list. */
3273
3274 else if (cd->hwm > cd->start_workspace + WORK_SIZE_CHECK)
3275 {
3276 *errorcodeptr = ERR52;
3277 goto FAILED;
3278 }
3279
3280 /* If in \Q...\E, check for the end; if not, we have a literal */
3281
3282 if (inescq && c != 0)
3283 {
3284 if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E)
3285 {
3286 inescq = FALSE;
3287 ptr++;
3288 continue;
3289 }
3290 else
3291 {
3292 if (previous_callout != NULL)
3293 {
3294 if (lengthptr == NULL) /* Don't attempt in pre-compile phase */
3295 complete_callout(previous_callout, ptr, cd);
3296 previous_callout = NULL;
3297 }
3298 if ((options & PCRE_AUTO_CALLOUT) != 0)
3299 {
3300 previous_callout = code;
3301 code = auto_callout(code, ptr, cd);
3302 }
3303 goto NORMAL_CHAR;
3304 }
3305 }
3306
3307 /* Fill in length of a previous callout, except when the next thing is
3308 a quantifier. */
3309
3310 is_quantifier =
3311 c == CHAR_ASTERISK || c == CHAR_PLUS || c == CHAR_QUESTION_MARK ||
3312 (c == CHAR_LEFT_CURLY_BRACKET && is_counted_repeat(ptr+1));
3313
3314 if (!is_quantifier && previous_callout != NULL &&
3315 after_manual_callout-- <= 0)
3316 {
3317 if (lengthptr == NULL) /* Don't attempt in pre-compile phase */
3318 complete_callout(previous_callout, ptr, cd);
3319 previous_callout = NULL;
3320 }
3321
3322 /* In extended mode, skip white space and comments. */
3323
3324 if ((options & PCRE_EXTENDED) != 0)
3325 {
3326 if ((cd->ctypes[c] & ctype_space) != 0) continue;
3327 if (c == CHAR_NUMBER_SIGN)
3328 {
3329 ptr++;
3330 while (*ptr != 0)
3331 {
3332 if (IS_NEWLINE(ptr)) { ptr += cd->nllen - 1; break; }
3333 ptr++;
3334 #ifdef SUPPORT_UTF8
3335 if (utf8) while ((*ptr & 0xc0) == 0x80) ptr++;
3336 #endif
3337 }
3338 if (*ptr != 0) continue;
3339
3340 /* Else fall through to handle end of string */
3341 c = 0;
3342 }
3343 }
3344
3345 /* No auto callout for quantifiers. */
3346
3347 if ((options & PCRE_AUTO_CALLOUT) != 0 && !is_quantifier)
3348 {
3349 previous_callout = code;
3350 code = auto_callout(code, ptr, cd);
3351 }
3352
3353 switch(c)
3354 {
3355 /* ===================================================================*/
3356 case 0: /* The branch terminates at string end */
3357 case CHAR_VERTICAL_LINE: /* or | or ) */
3358 case CHAR_RIGHT_PARENTHESIS:
3359 *firstbyteptr = firstbyte;
3360 *reqbyteptr = reqbyte;
3361 *codeptr = code;
3362 *ptrptr = ptr;
3363 if (lengthptr != NULL)
3364 {
3365 if (OFLOW_MAX - *lengthptr < code - last_code)
3366 {
3367 *errorcodeptr = ERR20;
3368 goto FAILED;
3369 }
3370 *lengthptr += (int)(code - last_code); /* To include callout length */
3371 DPRINTF((">> end branch\n"));
3372 }
3373 return TRUE;
3374
3375
3376 /* ===================================================================*/
3377 /* Handle single-character metacharacters. In multiline mode, ^ disables
3378 the setting of any following char as a first character. */
3379
3380 case CHAR_CIRCUMFLEX_ACCENT:
3381 previous = NULL;
3382 if ((options & PCRE_MULTILINE) != 0)
3383 {
3384 if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;
3385 *code++ = OP_CIRCM;
3386 }
3387 else *code++ = OP_CIRC;
3388 break;
3389
3390 case CHAR_DOLLAR_SIGN:
3391 previous = NULL;
3392 *code++ = ((options & PCRE_MULTILINE) != 0)? OP_DOLLM : OP_DOLL;
3393 break;
3394
3395 /* There can never be a first char if '.' is first, whatever happens about
3396 repeats. The value of reqbyte doesn't change either. */
3397
3398 case CHAR_DOT:
3399 if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;
3400 zerofirstbyte = firstbyte;
3401 zeroreqbyte = reqbyte;
3402 previous = code;
3403 *code++ = ((options & PCRE_DOTALL) != 0)? OP_ALLANY: OP_ANY;
3404 break;
3405
3406
3407 /* ===================================================================*/
3408 /* Character classes. If the included characters are all < 256, we build a
3409 32-byte bitmap of the permitted characters, except in the special case
3410 where there is only one such character. For negated classes, we build the
3411 map as usual, then invert it at the end. However, we use a different opcode
3412 so that data characters > 255 can be handled correctly.
3413
3414 If the class contains characters outside the 0-255 range, a different
3415 opcode is compiled. It may optionally have a bit map for characters < 256,
3416 but those above are are explicitly listed afterwards. A flag byte tells
3417 whether the bitmap is present, and whether this is a negated class or not.
3418
3419 In JavaScript compatibility mode, an isolated ']' causes an error. In
3420 default (Perl) mode, it is treated as a data character. */
3421
3422 case CHAR_RIGHT_SQUARE_BRACKET:
3423 if ((cd->external_options & PCRE_JAVASCRIPT_COMPAT) != 0)
3424 {
3425 *errorcodeptr = ERR64;
3426 goto FAILED;
3427 }
3428 goto NORMAL_CHAR;
3429
3430 case CHAR_LEFT_SQUARE_BRACKET:
3431 previous = code;
3432
3433 /* PCRE supports POSIX class stuff inside a class. Perl gives an error if
3434 they are encountered at the top level, so we'll do that too. */
3435
3436 if ((ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
3437 ptr[1] == CHAR_EQUALS_SIGN) &&
3438 check_posix_syntax(ptr, &tempptr))
3439 {
3440 *errorcodeptr = (ptr[1] == CHAR_COLON)? ERR13 : ERR31;
3441 goto FAILED;
3442 }
3443
3444 /* If the first character is '^', set the negation flag and skip it. Also,
3445 if the first few characters (either before or after ^) are \Q\E or \E we
3446 skip them too. This makes for compatibility with Perl. */
3447
3448 negate_class = FALSE;
3449 for (;;)
3450 {
3451 c = *(++ptr);
3452 if (c == CHAR_BACKSLASH)
3453 {
3454 if (ptr[1] == CHAR_E)
3455 ptr++;
3456 else if (strncmp((const char *)ptr+1,
3457 STR_Q STR_BACKSLASH STR_E, 3) == 0)
3458 ptr += 3;
3459 else
3460 break;
3461 }
3462 else if (!negate_class && c == CHAR_CIRCUMFLEX_ACCENT)
3463 negate_class = TRUE;
3464 else break;
3465 }
3466
3467 /* Empty classes are allowed in JavaScript compatibility mode. Otherwise,
3468 an initial ']' is taken as a data character -- the code below handles
3469 that. In JS mode, [] must always fail, so generate OP_FAIL, whereas
3470 [^] must match any character, so generate OP_ALLANY. */
3471
3472 if (c == CHAR_RIGHT_SQUARE_BRACKET &&
3473 (cd->external_options & PCRE_JAVASCRIPT_COMPAT) != 0)
3474 {
3475 *code++ = negate_class? OP_ALLANY : OP_FAIL;
3476 if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;
3477 zerofirstbyte = firstbyte;
3478 break;
3479 }
3480
3481 /* If a class contains a negative special such as \S, we need to flip the
3482 negation flag at the end, so that support for characters > 255 works
3483 correctly (they are all included in the class). */
3484
3485 should_flip_negation = FALSE;
3486
3487 /* Keep a count of chars with values < 256 so that we can optimize the case
3488 of just a single character (as long as it's < 256). However, For higher
3489 valued UTF-8 characters, we don't yet do any optimization. */
3490
3491 class_charcount = 0;
3492 class_lastchar = -1;
3493
3494 /* Initialize the 32-char bit map to all zeros. We build the map in a
3495 temporary bit of memory, in case the class contains only 1 character (less
3496 than 256), because in that case the compiled code doesn't use the bit map.
3497 */
3498
3499 memset(classbits, 0, 32 * sizeof(uschar));
3500
3501 #ifdef SUPPORT_UTF8
3502 class_utf8 = FALSE; /* No chars >= 256 */
3503 class_utf8data = code + LINK_SIZE + 2; /* For UTF-8 items */
3504 class_utf8data_base = class_utf8data; /* For resetting in pass 1 */
3505 #endif
3506
3507 /* Process characters until ] is reached. By writing this as a "do" it
3508 means that an initial ] is taken as a data character. At the start of the
3509 loop, c contains the first byte of the character. */
3510
3511 if (c != 0) do
3512 {
3513 const uschar *oldptr;
3514
3515 #ifdef SUPPORT_UTF8
3516 if (utf8 && c > 127)
3517 { /* Braces are required because the */
3518 GETCHARLEN(c, ptr, ptr); /* macro generates multiple statements */
3519 }
3520
3521 /* In the pre-compile phase, accumulate the length of any UTF-8 extra
3522 data and reset the pointer. This is so that very large classes that
3523 contain a zillion UTF-8 characters no longer overwrite the work space
3524 (which is on the stack). */
3525
3526 if (lengthptr != NULL)
3527 {
3528 *lengthptr += class_utf8data - class_utf8data_base;
3529 class_utf8data = class_utf8data_base;
3530 }
3531
3532 #endif
3533
3534 /* Inside \Q...\E everything is literal except \E */
3535
3536 if (inescq)
3537 {
3538 if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E) /* If we are at \E */
3539 {
3540 inescq = FALSE; /* Reset literal state */
3541 ptr++; /* Skip the 'E' */
3542 continue; /* Carry on with next */
3543 }
3544 goto CHECK_RANGE; /* Could be range if \E follows */
3545 }
3546
3547 /* Handle POSIX class names. Perl allows a negation extension of the
3548 form [:^name:]. A square bracket that doesn't match the syntax is
3549 treated as a literal. We also recognize the POSIX constructions
3550 [.ch.] and [=ch=] ("collating elements") and fault them, as Perl
3551 5.6 and 5.8 do. */
3552
3553 if (c == CHAR_LEFT_SQUARE_BRACKET &&
3554 (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
3555 ptr[1] == CHAR_EQUALS_SIGN) && check_posix_syntax(ptr, &tempptr))
3556 {
3557 BOOL local_negate = FALSE;
3558 int posix_class, taboffset, tabopt;
3559 register const uschar *cbits = cd->cbits;
3560 uschar pbits[32];
3561
3562 if (ptr[1] != CHAR_COLON)
3563 {
3564 *errorcodeptr = ERR31;
3565 goto FAILED;
3566 }
3567
3568 ptr += 2;
3569 if (*ptr == CHAR_CIRCUMFLEX_ACCENT)
3570 {
3571 local_negate = TRUE;
3572 should_flip_negation = TRUE; /* Note negative special */
3573 ptr++;
3574 }
3575
3576 posix_class = check_posix_name(ptr, (int)(tempptr - ptr));
3577 if (posix_class < 0)
3578 {
3579 *errorcodeptr = ERR30;
3580 goto FAILED;
3581 }
3582
3583 /* If matching is caseless, upper and lower are converted to
3584 alpha. This relies on the fact that the class table starts with
3585 alpha, lower, upper as the first 3 entries. */
3586
3587 if ((options & PCRE_CASELESS) != 0 && posix_class <= 2)
3588 posix_class = 0;
3589
3590 /* When PCRE_UCP is set, some of the POSIX classes are converted to
3591 different escape sequences that use Unicode properties. */
3592
3593 #ifdef SUPPORT_UCP
3594 if ((options & PCRE_UCP) != 0)
3595 {
3596 int pc = posix_class + ((local_negate)? POSIX_SUBSIZE/2 : 0);
3597 if (posix_substitutes[pc] != NULL)
3598 {
3599 nestptr = tempptr + 1;
3600 ptr = posix_substitutes[pc] - 1;
3601 continue;
3602 }
3603 }
3604 #endif
3605 /* In the non-UCP case, we build the bit map for the POSIX class in a
3606 chunk of local store because we may be adding and subtracting from it,
3607 and we don't want to subtract bits that may be in the main map already.
3608 At the end we or the result into the bit map that is being built. */
3609
3610 posix_class *= 3;
3611
3612 /* Copy in the first table (always present) */
3613
3614 memcpy(pbits, cbits + posix_class_maps[posix_class],
3615 32 * sizeof(uschar));
3616
3617 /* If there is a second table, add or remove it as required. */
3618
3619 taboffset = posix_class_maps[posix_class + 1];
3620 tabopt = posix_class_maps[posix_class + 2];
3621
3622 if (taboffset >= 0)
3623 {
3624 if (tabopt >= 0)
3625 for (c = 0; c < 32; c++) pbits[c] |= cbits[c + taboffset];
3626 else
3627 for (c = 0; c < 32; c++) pbits[c] &= ~cbits[c + taboffset];
3628 }
3629
3630 /* Not see if we need to remove any special characters. An option
3631 value of 1 removes vertical space and 2 removes underscore. */
3632
3633 if (tabopt < 0) tabopt = -tabopt;
3634 if (tabopt == 1) pbits[1] &= ~0x3c;
3635 else if (tabopt == 2) pbits[11] &= 0x7f;
3636
3637 /* Add the POSIX table or its complement into the main table that is
3638 being built and we are done. */
3639
3640 if (local_negate)
3641 for (c = 0; c < 32; c++) classbits[c] |= ~pbits[c];
3642 else
3643 for (c = 0; c < 32; c++) classbits[c] |= pbits[c];
3644
3645 ptr = tempptr + 1;
3646 class_charcount = 10; /* Set > 1; assumes more than 1 per class */
3647 continue; /* End of POSIX syntax handling */
3648 }
3649
3650 /* Backslash may introduce a single character, or it may introduce one
3651 of the specials, which just set a flag. The sequence \b is a special
3652 case. Inside a class (and only there) it is treated as backspace. We
3653 assume that other escapes have more than one character in them, so set
3654 class_charcount bigger than one. Unrecognized escapes fall through and
3655 are either treated as literal characters (by default), or are faulted if
3656 PCRE_EXTRA is set. */
3657
3658 if (c == CHAR_BACKSLASH)
3659 {
3660 c = check_escape(&ptr, errorcodeptr, cd->bracount, options, TRUE);
3661 if (*errorcodeptr != 0) goto FAILED;
3662
3663 if (-c == ESC_b) c = CHAR_BS; /* \b is backspace in a class */
3664 else if (-c == ESC_Q) /* Handle start of quoted string */
3665 {
3666 if (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
3667 {
3668 ptr += 2; /* avoid empty string */
3669 }
3670 else inescq = TRUE;
3671 continue;
3672 }
3673 else if (-c == ESC_E) continue; /* Ignore orphan \E */
3674
3675 if (c < 0)
3676 {
3677 register const uschar *cbits = cd->cbits;
3678 class_charcount += 2; /* Greater than 1 is what matters */
3679
3680 switch (-c)
3681 {
3682 #ifdef SUPPORT_UCP
3683 case ESC_du: /* These are the values given for \d etc */
3684 case ESC_DU: /* when PCRE_UCP is set. We replace the */
3685 case ESC_wu: /* escape sequence with an appropriate \p */
3686 case ESC_WU: /* or \P to test Unicode properties instead */
3687 case ESC_su: /* of the default ASCII testing. */
3688 case ESC_SU:
3689 nestptr = ptr;
3690 ptr = substitutes[-c - ESC_DU] - 1; /* Just before substitute */
3691 class_charcount -= 2; /* Undo! */
3692 continue;
3693 #endif
3694 case ESC_d:
3695 for (c = 0; c < 32; c++) classbits[c] |= cbits[c+cbit_digit];
3696 continue;
3697
3698 case ESC_D:
3699 should_flip_negation = TRUE;
3700 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_digit];
3701 continue;
3702
3703 case ESC_w:
3704 for (c = 0; c < 32; c++) classbits[c] |= cbits[c+cbit_word];
3705 continue;
3706
3707 case ESC_W:
3708 should_flip_negation = TRUE;
3709 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_word];
3710 continue;
3711
3712 /* Perl 5.004 onwards omits VT from \s, but we must preserve it
3713 if it was previously set by something earlier in the character
3714 class. */
3715
3716 case ESC_s:
3717 classbits[0] |= cbits[cbit_space];
3718 classbits[1] |= cbits[cbit_space+1] & ~0x08;
3719 for (c = 2; c < 32; c++) classbits[c] |= cbits[c+cbit_space];
3720 continue;
3721
3722 case ESC_S:
3723 should_flip_negation = TRUE;
3724 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_space];
3725 classbits[1] |= 0x08; /* Perl 5.004 onwards omits VT from \s */
3726 continue;
3727
3728 case ESC_h:
3729 SETBIT(classbits, 0x09); /* VT */
3730 SETBIT(classbits, 0x20); /* SPACE */
3731 SETBIT(classbits, 0xa0); /* NSBP */
3732 #ifdef SUPPORT_UTF8
3733 if (utf8)
3734 {
3735 class_utf8 = TRUE;
3736 *class_utf8data++ = XCL_SINGLE;
3737 class_utf8data += _pcre_ord2utf8(0x1680, class_utf8data);
3738 *class_utf8data++ = XCL_SINGLE;
3739 class_utf8data += _pcre_ord2utf8(0x180e, class_utf8data);
3740 *class_utf8data++ = XCL_RANGE;
3741 class_utf8data += _pcre_ord2utf8(0x2000, class_utf8data);
3742 class_utf8data += _pcre_ord2utf8(0x200A, class_utf8data);
3743 *class_utf8data++ = XCL_SINGLE;
3744 class_utf8data += _pcre_ord2utf8(0x202f, class_utf8data);
3745 *class_utf8data++ = XCL_SINGLE;
3746 class_utf8data += _pcre_ord2utf8(0x205f, class_utf8data);
3747 *class_utf8data++ = XCL_SINGLE;
3748 class_utf8data += _pcre_ord2utf8(0x3000, class_utf8data);
3749 }
3750 #endif
3751 continue;
3752
3753 case ESC_H:
3754 for (c = 0; c < 32; c++)
3755 {
3756 int x = 0xff;
3757 switch (c)
3758 {
3759 case 0x09/8: x ^= 1 << (0x09%8); break;
3760 case 0x20/8: x ^= 1 << (0x20%8); break;
3761 case 0xa0/8: x ^= 1 << (0xa0%8); break;
3762 default: break;
3763 }
3764 classbits[c] |= x;
3765 }
3766
3767 #ifdef SUPPORT_UTF8
3768 if (utf8)
3769 {
3770 class_utf8 = TRUE;
3771 *class_utf8data++ = XCL_RANGE;
3772 class_utf8data += _pcre_ord2utf8(0x0100, class_utf8data);
3773 class_utf8data += _pcre_ord2utf8(0x167f, class_utf8data);
3774 *class_utf8data++ = XCL_RANGE;
3775 class_utf8data += _pcre_ord2utf8(0x1681, class_utf8data);
3776 class_utf8data += _pcre_ord2utf8(0x180d, class_utf8data);
3777 *class_utf8data++ = XCL_RANGE;
3778 class_utf8data += _pcre_ord2utf8(0x180f, class_utf8data);
3779 class_utf8data += _pcre_ord2utf8(0x1fff, class_utf8data);
3780 *class_utf8data++ = XCL_RANGE;
3781 class_utf8data += _pcre_ord2utf8(0x200B, class_utf8data);
3782 class_utf8data += _pcre_ord2utf8(0x202e, class_utf8data);
3783 *class_utf8data++ = XCL_RANGE;
3784 class_utf8data += _pcre_ord2utf8(0x2030, class_utf8data);
3785 class_utf8data += _pcre_ord2utf8(0x205e, class_utf8data);
3786 *class_utf8data++ = XCL_RANGE;
3787 class_utf8data += _pcre_ord2utf8(0x2060, class_utf8data);
3788 class_utf8data += _pcre_ord2utf8(0x2fff, class_utf8data);
3789 *class_utf8data++ = XCL_RANGE;
3790 class_utf8data += _pcre_ord2utf8(0x3001, class_utf8data);
3791 class_utf8data += _pcre_ord2utf8(0x7fffffff, class_utf8data);
3792 }
3793 #endif
3794 continue;
3795
3796 case ESC_v:
3797 SETBIT(classbits, 0x0a); /* LF */
3798 SETBIT(classbits, 0x0b); /* VT */
3799 SETBIT(classbits, 0x0c); /* FF */
3800 SETBIT(classbits, 0x0d); /* CR */
3801 SETBIT(classbits, 0x85); /* NEL */
3802 #ifdef SUPPORT_UTF8
3803 if (utf8)
3804 {
3805 class_utf8 = TRUE;
3806 *class_utf8data++ = XCL_RANGE;
3807 class_utf8data += _pcre_ord2utf8(0x2028, class_utf8data);
3808 class_utf8data += _pcre_ord2utf8(0x2029, class_utf8data);
3809 }
3810 #endif
3811 continue;
3812
3813 case ESC_V:
3814 for (c = 0; c < 32; c++)
3815 {
3816 int x = 0xff;
3817 switch (c)
3818 {
3819 case 0x0a/8: x ^= 1 << (0x0a%8);
3820 x ^= 1 << (0x0b%8);
3821 x ^= 1 << (0x0c%8);
3822 x ^= 1 << (0x0d%8);
3823 break;
3824 case 0x85/8: x ^= 1 << (0x85%8); break;
3825 default: break;
3826 }
3827 classbits[c] |= x;
3828 }
3829
3830 #ifdef SUPPORT_UTF8
3831 if (utf8)
3832 {
3833 class_utf8 = TRUE;
3834 *class_utf8data++ = XCL_RANGE;
3835 class_utf8data += _pcre_ord2utf8(0x0100, class_utf8data);
3836 class_utf8data += _pcre_ord2utf8(0x2027, class_utf8data);
3837 *class_utf8data++ = XCL_RANGE;
3838 class_utf8data += _pcre_ord2utf8(0x2029, class_utf8data);
3839 class_utf8data += _pcre_ord2utf8(0x7fffffff, class_utf8data);
3840 }
3841 #endif
3842 continue;
3843
3844 #ifdef SUPPORT_UCP
3845 case ESC_p:
3846 case ESC_P:
3847 {
3848 BOOL negated;
3849 int pdata;
3850 int ptype = get_ucp(&ptr, &negated, &pdata, errorcodeptr);
3851 if (ptype < 0) goto FAILED;
3852 class_utf8 = TRUE;
3853 *class_utf8data++ = ((-c == ESC_p) != negated)?
3854 XCL_PROP : XCL_NOTPROP;
3855 *class_utf8data++ = ptype;
3856 *class_utf8data++ = pdata;
3857 class_charcount -= 2; /* Not a < 256 character */
3858 continue;
3859 }
3860 #endif
3861 /* Unrecognized escapes are faulted if PCRE is running in its
3862 strict mode. By default, for compatibility with Perl, they are
3863 treated as literals. */
3864
3865 default:
3866 if ((options & PCRE_EXTRA) != 0)
3867 {
3868 *errorcodeptr = ERR7;
3869 goto FAILED;
3870 }
3871 class_charcount -= 2; /* Undo the default count from above */
3872 c = *ptr; /* Get the final character and fall through */
3873 break;
3874 }
3875 }
3876
3877 /* Fall through if we have a single character (c >= 0). This may be
3878 greater than 256 in UTF-8 mode. */
3879
3880 } /* End of backslash handling */
3881
3882 /* A single character may be followed by '-' to form a range. However,
3883 Perl does not permit ']' to be the end of the range. A '-' character
3884 at the end is treated as a literal. Perl ignores orphaned \E sequences
3885 entirely. The code for handling \Q and \E is messy. */
3886
3887 CHECK_RANGE:
3888 while (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
3889 {
3890 inescq = FALSE;
3891 ptr += 2;
3892 }
3893
3894 oldptr = ptr;
3895
3896 /* Remember \r or \n */
3897
3898 if (c == CHAR_CR || c == CHAR_NL) cd->external_flags |= PCRE_HASCRORLF;
3899
3900 /* Check for range */
3901
3902 if (!inescq && ptr[1] == CHAR_MINUS)
3903 {
3904 int d;
3905 ptr += 2;
3906 while (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_E) ptr += 2;
3907
3908 /* If we hit \Q (not followed by \E) at this point, go into escaped
3909 mode. */
3910
3911 while (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_Q)
3912 {
3913 ptr += 2;
3914 if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_E)
3915 { ptr += 2; continue; }
3916 inescq = TRUE;
3917 break;
3918 }
3919
3920 if (*ptr == 0 || (!inescq && *ptr == CHAR_RIGHT_SQUARE_BRACKET))
3921 {
3922 ptr = oldptr;
3923 goto LONE_SINGLE_CHARACTER;
3924 }
3925
3926 #ifdef SUPPORT_UTF8
3927 if (utf8)
3928 { /* Braces are required because the */
3929 GETCHARLEN(d, ptr, ptr); /* macro generates multiple statements */
3930 }
3931 else
3932 #endif
3933 d = *ptr; /* Not UTF-8 mode */
3934
3935 /* The second part of a range can be a single-character escape, but
3936 not any of the other escapes. Perl 5.6 treats a hyphen as a literal
3937 in such circumstances. */
3938
3939 if (!inescq && d == CHAR_BACKSLASH)
3940 {
3941 d = check_escape(&ptr, errorcodeptr, cd->bracount, options, TRUE);
3942 if (*errorcodeptr != 0) goto FAILED;
3943
3944 /* \b is backspace; any other special means the '-' was literal */
3945
3946 if (d < 0)
3947 {
3948 if (d == -ESC_b) d = CHAR_BS; else
3949 {
3950 ptr = oldptr;
3951 goto LONE_SINGLE_CHARACTER; /* A few lines below */
3952 }
3953 }
3954 }
3955
3956 /* Check that the two values are in the correct order. Optimize
3957 one-character ranges */
3958
3959 if (d < c)
3960 {
3961 *errorcodeptr = ERR8;
3962 goto FAILED;
3963 }
3964
3965 if (d == c) goto LONE_SINGLE_CHARACTER; /* A few lines below */
3966
3967 /* Remember \r or \n */
3968
3969 if (d == CHAR_CR || d == CHAR_NL) cd->external_flags |= PCRE_HASCRORLF;
3970
3971 /* In UTF-8 mode, if the upper limit is > 255, or > 127 for caseless
3972 matching, we have to use an XCLASS with extra data items. Caseless
3973 matching for characters > 127 is available only if UCP support is
3974 available. */
3975
3976 #ifdef SUPPORT_UTF8
3977 if (utf8 && (d > 255 || ((options & PCRE_CASELESS) != 0 && d > 127)))
3978 {
3979 class_utf8 = TRUE;
3980
3981 /* With UCP support, we can find the other case equivalents of
3982 the relevant characters. There may be several ranges. Optimize how
3983 they fit with the basic range. */
3984
3985 #ifdef SUPPORT_UCP
3986 if ((options & PCRE_CASELESS) != 0)
3987 {
3988 unsigned int occ, ocd;
3989 unsigned int cc = c;
3990 unsigned int origd = d;
3991 while (get_othercase_range(&cc, origd, &occ, &ocd))
3992 {
3993 if (occ >= (unsigned int)c &&
3994 ocd <= (unsigned int)d)
3995 continue; /* Skip embedded ranges */
3996
3997 if (occ < (unsigned int)c &&
3998 ocd >= (unsigned int)c - 1) /* Extend the basic range */
3999 { /* if there is overlap, */
4000 c = occ; /* noting that if occ < c */
4001 continue; /* we can't have ocd > d */
4002 } /* because a subrange is */
4003 if (ocd > (unsigned int)d &&
4004 occ <= (unsigned int)d + 1) /* always shorter than */
4005 { /* the basic range. */
4006 d = ocd;
4007 continue;
4008 }
4009
4010 if (occ == ocd)
4011 {
4012 *class_utf8data++ = XCL_SINGLE;
4013 }
4014 else
4015 {
4016 *class_utf8data++ = XCL_RANGE;
4017 class_utf8data += _pcre_ord2utf8(occ, class_utf8data);
4018 }
4019 class_utf8data += _pcre_ord2utf8(ocd, class_utf8data);
4020 }
4021 }
4022 #endif /* SUPPORT_UCP */
4023
4024 /* Now record the original range, possibly modified for UCP caseless
4025 overlapping ranges. */
4026
4027 *class_utf8data++ = XCL_RANGE;
4028 class_utf8data += _pcre_ord2utf8(c, class_utf8data);
4029 class_utf8data += _pcre_ord2utf8(d, class_utf8data);
4030
4031 /* With UCP support, we are done. Without UCP support, there is no
4032 caseless matching for UTF-8 characters > 127; we can use the bit map
4033 for the smaller ones. */
4034
4035 #ifdef SUPPORT_UCP
4036 continue; /* With next character in the class */
4037 #else
4038 if ((options & PCRE_CASELESS) == 0 || c > 127) continue;
4039
4040 /* Adjust upper limit and fall through to set up the map */
4041
4042 d = 127;
4043
4044 #endif /* SUPPORT_UCP */
4045 }
4046 #endif /* SUPPORT_UTF8 */
4047
4048 /* We use the bit map for all cases when not in UTF-8 mode; else
4049 ranges that lie entirely within 0-127 when there is UCP support; else
4050 for partial ranges without UCP support. */
4051
4052 class_charcount += d - c + 1;
4053 class_lastchar = d;
4054
4055 /* We can save a bit of time by skipping this in the pre-compile. */
4056
4057 if (lengthptr == NULL) for (; c <= d; c++)
4058 {
4059 classbits[c/8] |= (1 << (c&7));
4060 if ((options & PCRE_CASELESS) != 0)
4061 {
4062 int uc = cd->fcc[c]; /* flip case */
4063 classbits[uc/8] |= (1 << (uc&7));
4064 }
4065 }
4066
4067 continue; /* Go get the next char in the class */
4068 }
4069
4070 /* Handle a lone single character - we can get here for a normal
4071 non-escape char, or after \ that introduces a single character or for an
4072 apparent range that isn't. */
4073
4074 LONE_SINGLE_CHARACTER:
4075
4076 /* Handle a character that cannot go in the bit map */
4077
4078 #ifdef SUPPORT_UTF8
4079 if (utf8 && (c > 255 || ((options & PCRE_CASELESS) != 0 && c > 127)))
4080 {
4081 class_utf8 = TRUE;
4082 *class_utf8data++ = XCL_SINGLE;
4083 class_utf8data += _pcre_ord2utf8(c, class_utf8data);
4084
4085 #ifdef SUPPORT_UCP
4086 if ((options & PCRE_CASELESS) != 0)
4087 {
4088 unsigned int othercase;
4089 if ((othercase = UCD_OTHERCASE(c)) != c)
4090 {
4091 *class_utf8data++ = XCL_SINGLE;
4092 class_utf8data += _pcre_ord2utf8(othercase, class_utf8data);
4093 }
4094 }
4095 #endif /* SUPPORT_UCP */
4096
4097 }
4098 else
4099 #endif /* SUPPORT_UTF8 */
4100
4101 /* Handle a single-byte character */
4102 {
4103 classbits[c/8] |= (1 << (c&7));
4104 if ((options & PCRE_CASELESS) != 0)
4105 {
4106 c = cd->fcc[c]; /* flip case */
4107 classbits[c/8] |= (1 << (c&7));
4108 }
4109 class_charcount++;
4110 class_lastchar = c;
4111 }
4112 }
4113
4114 /* Loop until ']' reached. This "while" is the end of the "do" far above.
4115 If we are at the end of an internal nested string, revert to the outer
4116 string. */
4117
4118 while (((c = *(++ptr)) != 0 ||
4119 (nestptr != NULL &&
4120 (ptr = nestptr, nestptr = NULL, c = *(++ptr)) != 0)) &&
4121 (c != CHAR_RIGHT_SQUARE_BRACKET || inescq));
4122
4123 /* Check for missing terminating ']' */
4124
4125 if (c == 0)
4126 {
4127 *errorcodeptr = ERR6;
4128 goto FAILED;
4129 }
4130
4131 /* If class_charcount is 1, we saw precisely one character whose value is
4132 less than 256. As long as there were no characters >= 128 and there was no
4133 use of \p or \P, in other words, no use of any XCLASS features, we can
4134 optimize.
4135
4136 In UTF-8 mode, we can optimize the negative case only if there were no
4137 characters >= 128 because OP_NOT and the related opcodes like OP_NOTSTAR
4138 operate on single-bytes characters only. This is an historical hangover.
4139 Maybe one day we can tidy these opcodes to handle multi-byte characters.
4140
4141 The optimization throws away the bit map. We turn the item into a
4142 1-character OP_CHAR[I] if it's positive, or OP_NOT[I] if it's negative.
4143 Note that OP_NOT[I] does not support multibyte characters. In the positive
4144 case, it can cause firstbyte to be set. Otherwise, there can be no first
4145 char if this item is first, whatever repeat count may follow. In the case
4146 of reqbyte, save the previous value for reinstating. */
4147
4148 #ifdef SUPPORT_UTF8
4149 if (class_charcount == 1 && !class_utf8 &&
4150 (!utf8 || !negate_class || class_lastchar < 128))
4151 #else
4152 if (class_charcount == 1)
4153 #endif
4154 {
4155 zeroreqbyte = reqbyte;
4156
4157 /* The OP_NOT[I] opcodes work on one-byte characters only. */
4158
4159 if (negate_class)
4160 {
4161 if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;
4162 zerofirstbyte = firstbyte;
4163 *code++ = ((options & PCRE_CASELESS) != 0)? OP_NOTI: OP_NOT;
4164 *code++ = class_lastchar;
4165 break;
4166 }
4167
4168 /* For a single, positive character, get the value into mcbuffer, and
4169 then we can handle this with the normal one-character code. */
4170
4171 #ifdef SUPPORT_UTF8
4172 if (utf8 && class_lastchar > 127)
4173 mclength = _pcre_ord2utf8(class_lastchar, mcbuffer);
4174 else
4175 #endif
4176 {
4177 mcbuffer[0] = class_lastchar;
4178 mclength = 1;
4179 }
4180 goto ONE_CHAR;
4181 } /* End of 1-char optimization */
4182
4183 /* The general case - not the one-char optimization. If this is the first
4184 thing in the branch, there can be no first char setting, whatever the
4185 repeat count. Any reqbyte setting must remain unchanged after any kind of
4186 repeat. */
4187
4188 if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;
4189 zerofirstbyte = firstbyte;
4190 zeroreqbyte = reqbyte;
4191
4192 /* If there are characters with values > 255, we have to compile an
4193 extended class, with its own opcode, unless there was a negated special
4194 such as \S in the class, and PCRE_UCP is not set, because in that case all
4195 characters > 255 are in the class, so any that were explicitly given as
4196 well can be ignored. If (when there are explicit characters > 255 that must
4197 be listed) there are no characters < 256, we can omit the bitmap in the
4198 actual compiled code. */
4199
4200 #ifdef SUPPORT_UTF8
4201 if (class_utf8 && (!should_flip_negation || (options & PCRE_UCP) != 0))
4202 {
4203 *class_utf8data++ = XCL_END; /* Marks the end of extra data */
4204 *code++ = OP_XCLASS;
4205 code += LINK_SIZE;
4206 *code = negate_class? XCL_NOT : 0;
4207
4208 /* If the map is required, move up the extra data to make room for it;
4209 otherwise just move the code pointer to the end of the extra data. */
4210
4211 if (class_charcount > 0)
4212 {
4213 *code++ |= XCL_MAP;
4214 memmove(code + 32, code, class_utf8data - code);
4215 memcpy(code, classbits, 32);
4216 code = class_utf8data + 32;
4217 }
4218 else code = class_utf8data;
4219
4220 /* Now fill in the complete length of the item */
4221
4222 PUT(previous, 1, code - previous);
4223 break; /* End of class handling */
4224 }
4225 #endif
4226
4227 /* If there are no characters > 255, or they are all to be included or
4228 excluded, set the opcode to OP_CLASS or OP_NCLASS, depending on whether the
4229 whole class was negated and whether there were negative specials such as \S
4230 (non-UCP) in the class. Then copy the 32-byte map into the code vector,
4231 negating it if necessary. */
4232
4233 *code++ = (negate_class == should_flip_negation) ? OP_CLASS : OP_NCLASS;
4234 if (negate_class)
4235 {
4236 if (lengthptr == NULL) /* Save time in the pre-compile phase */
4237 for (c = 0; c < 32; c++) code[c] = ~classbits[c];
4238 }
4239 else
4240 {
4241 memcpy(code, classbits, 32);
4242 }
4243 code += 32;
4244 break;
4245
4246
4247 /* ===================================================================*/
4248 /* Various kinds of repeat; '{' is not necessarily a quantifier, but this
4249 has been tested above. */
4250
4251 case CHAR_LEFT_CURLY_BRACKET:
4252 if (!is_quantifier) goto NORMAL_CHAR;
4253 ptr = read_repeat_counts(ptr+1, &repeat_min, &repeat_max, errorcodeptr);
4254 if (*errorcodeptr != 0) goto FAILED;
4255 goto REPEAT;
4256
4257 case CHAR_ASTERISK:
4258 repeat_min = 0;
4259 repeat_max = -1;
4260 goto REPEAT;
4261
4262 case CHAR_PLUS:
4263 repeat_min = 1;
4264 repeat_max = -1;
4265 goto REPEAT;
4266
4267 case CHAR_QUESTION_MARK:
4268 repeat_min = 0;
4269 repeat_max = 1;
4270
4271 REPEAT:
4272 if (previous == NULL)
4273 {
4274 *errorcodeptr = ERR9;
4275 goto FAILED;
4276 }
4277
4278 if (repeat_min == 0)
4279 {
4280 firstbyte = zerofirstbyte; /* Adjust for zero repeat */
4281 reqbyte = zeroreqbyte; /* Ditto */
4282 }
4283
4284 /* Remember whether this is a variable length repeat */
4285
4286 reqvary = (repeat_min == repeat_max)? 0 : REQ_VARY;
4287
4288 op_type = 0; /* Default single-char op codes */
4289 possessive_quantifier = FALSE; /* Default not possessive quantifier */
4290
4291 /* Save start of previous item, in case we have to move it up in order to
4292 insert something before it. */
4293
4294 tempcode = previous;
4295
4296 /* If the next character is '+', we have a possessive quantifier. This
4297 implies greediness, whatever the setting of the PCRE_UNGREEDY option.
4298 If the next character is '?' this is a minimizing repeat, by default,
4299 but if PCRE_UNGREEDY is set, it works the other way round. We change the
4300 repeat type to the non-default. */
4301
4302 if (ptr[1] == CHAR_PLUS)
4303 {
4304 repeat_type = 0; /* Force greedy */
4305 possessive_quantifier = TRUE;
4306 ptr++;
4307 }
4308 else if (ptr[1] == CHAR_QUESTION_MARK)
4309 {
4310 repeat_type = greedy_non_default;
4311 ptr++;
4312 }
4313 else repeat_type = greedy_default;
4314
4315 /* If previous was a recursion call, wrap it in atomic brackets so that
4316 previous becomes the atomic group. All recursions were so wrapped in the
4317 past, but it no longer happens for non-repeated recursions. In fact, the
4318 repeated ones could be re-implemented independently so as not to need this,
4319 but for the moment we rely on the code for repeating groups. */
4320
4321 if (*previous == OP_RECURSE)
4322 {
4323 memmove(previous + 1 + LINK_SIZE, previous, 1 + LINK_SIZE);
4324 *previous = OP_ONCE;
4325 PUT(previous, 1, 2 + 2*LINK_SIZE);
4326 previous[2 + 2*LINK_SIZE] = OP_KET;
4327 PUT(previous, 3 + 2*LINK_SIZE, 2 + 2*LINK_SIZE);
4328 code += 2 + 2 * LINK_SIZE;
4329 length_prevgroup = 3 + 3*LINK_SIZE;
4330
4331 /* When actually compiling, we need to check whether this was a forward
4332 reference, and if so, adjust the offset. */
4333
4334 if (lengthptr == NULL && cd->hwm >= cd->start_workspace + LINK_SIZE)
4335 {
4336 int offset = GET(cd->hwm, -LINK_SIZE);
4337 if (offset == previous + 1 - cd->start_code)
4338 PUT(cd->hwm, -LINK_SIZE, offset + 1 + LINK_SIZE);
4339 }
4340 }
4341
4342 /* Now handle repetition for the different types of item. */
4343
4344 /* If previous was a character match, abolish the item and generate a
4345 repeat item instead. If a char item has a minumum of more than one, ensure
4346 that it is set in reqbyte - it might not be if a sequence such as x{3} is
4347 the first thing in a branch because the x will have gone into firstbyte
4348 instead. */
4349
4350 if (*previous == OP_CHAR || *previous == OP_CHARI)
4351 {
4352 op_type = (*previous == OP_CHAR)? 0 : OP_STARI - OP_STAR;
4353
4354 /* Deal with UTF-8 characters that take up more than one byte. It's
4355 easier to write this out separately than try to macrify it. Use c to
4356 hold the length of the character in bytes, plus 0x80 to flag that it's a
4357 length rather than a small character. */
4358
4359 #ifdef SUPPORT_UTF8
4360 if (utf8 && (code[-1] & 0x80) != 0)
4361 {
4362 uschar *lastchar = code - 1;
4363 while((*lastchar & 0xc0) == 0x80) lastchar--;
4364 c = code - lastchar; /* Length of UTF-8 character */
4365 memcpy(utf8_char, lastchar, c); /* Save the char */
4366 c |= 0x80; /* Flag c as a length */
4367 }
4368 else
4369 #endif
4370
4371 /* Handle the case of a single byte - either with no UTF8 support, or
4372 with UTF-8 disabled, or for a UTF-8 character < 128. */
4373
4374 {
4375 c = code[-1];
4376 if (repeat_min > 1) reqbyte = c | req_caseopt | cd->req_varyopt;
4377 }
4378
4379 /* If the repetition is unlimited, it pays to see if the next thing on
4380 the line is something that cannot possibly match this character. If so,
4381 automatically possessifying this item gains some performance in the case
4382 where the match fails. */
4383
4384 if (!possessive_quantifier &&
4385 repeat_max < 0 &&
4386 check_auto_possessive(previous, utf8, ptr + 1, options, cd))
4387 {
4388 repeat_type = 0; /* Force greedy */
4389 possessive_quantifier = TRUE;
4390 }
4391
4392 goto OUTPUT_SINGLE_REPEAT; /* Code shared with single character types */
4393 }
4394
4395 /* If previous was a single negated character ([^a] or similar), we use
4396 one of the special opcodes, replacing it. The code is shared with single-
4397 character repeats by setting opt_type to add a suitable offset into
4398 repeat_type. We can also test for auto-possessification. OP_NOT and OP_NOTI
4399 are currently used only for single-byte chars. */
4400
4401 else if (*previous == OP_NOT || *previous == OP_NOTI)
4402 {
4403 op_type = ((*previous == OP_NOT)? OP_NOTSTAR : OP_NOTSTARI) - OP_STAR;
4404 c = previous[1];
4405 if (!possessive_quantifier &&
4406 repeat_max < 0 &&
4407 check_auto_possessive(previous, utf8, ptr + 1, options, cd))
4408 {
4409 repeat_type = 0; /* Force greedy */
4410 possessive_quantifier = TRUE;
4411 }
4412 goto OUTPUT_SINGLE_REPEAT;
4413 }
4414
4415 /* If previous was a character type match (\d or similar), abolish it and
4416 create a suitable repeat item. The code is shared with single-character
4417 repeats by setting op_type to add a suitable offset into repeat_type. Note
4418 the the Unicode property types will be present only when SUPPORT_UCP is
4419 defined, but we don't wrap the little bits of code here because it just
4420 makes it horribly messy. */
4421
4422 else if (*previous < OP_EODN)
4423 {
4424 uschar *oldcode;
4425 int prop_type, prop_value;
4426 op_type = OP_TYPESTAR - OP_STAR; /* Use type opcodes */
4427 c = *previous;
4428
4429 if (!possessive_quantifier &&
4430 repeat_max < 0 &&
4431 check_auto_possessive(previous, utf8, ptr + 1, options, cd))
4432 {
4433 repeat_type = 0; /* Force greedy */
4434 possessive_quantifier = TRUE;
4435 }
4436
4437 OUTPUT_SINGLE_REPEAT:
4438 if (*previous == OP_PROP || *previous == OP_NOTPROP)
4439 {
4440 prop_type = previous[1];
4441 prop_value = previous[2];
4442 }
4443 else prop_type = prop_value = -1;
4444
4445 oldcode = code;
4446 code = previous; /* Usually overwrite previous item */
4447
4448 /* If the maximum is zero then the minimum must also be zero; Perl allows
4449 this case, so we do too - by simply omitting the item altogether. */
4450
4451 if (repeat_max == 0) goto END_REPEAT;
4452
4453 /*--------------------------------------------------------------------*/
4454 /* This code is obsolete from release 8.00; the restriction was finally
4455 removed: */
4456
4457 /* All real repeats make it impossible to handle partial matching (maybe
4458 one day we will be able to remove this restriction). */
4459
4460 /* if (repeat_max != 1) cd->external_flags |= PCRE_NOPARTIAL; */
4461 /*--------------------------------------------------------------------*/
4462
4463 /* Combine the op_type with the repeat_type */
4464
4465 repeat_type += op_type;
4466
4467 /* A minimum of zero is handled either as the special case * or ?, or as
4468 an UPTO, with the maximum given. */
4469
4470 if (repeat_min == 0)
4471 {
4472 if (repeat_max == -1) *code++ = OP_STAR + repeat_type;
4473 else if (repeat_max == 1) *code++ = OP_QUERY + repeat_type;
4474 else
4475 {
4476 *code++ = OP_UPTO + repeat_type;
4477 PUT2INC(code, 0, repeat_max);
4478 }
4479 }
4480
4481 /* A repeat minimum of 1 is optimized into some special cases. If the
4482 maximum is unlimited, we use OP_PLUS. Otherwise, the original item is
4483 left in place and, if the maximum is greater than 1, we use OP_UPTO with
4484 one less than the maximum. */
4485
4486 else if (repeat_min == 1)
4487 {
4488 if (repeat_max == -1)
4489 *code++ = OP_PLUS + repeat_type;
4490 else
4491 {
4492 code = oldcode; /* leave previous item in place */
4493 if (repeat_max == 1) goto END_REPEAT;
4494 *code++ = OP_UPTO + repeat_type;
4495 PUT2INC(code, 0, repeat_max - 1);
4496 }
4497 }
4498
4499 /* The case {n,n} is just an EXACT, while the general case {n,m} is
4500 handled as an EXACT followed by an UPTO. */
4501
4502 else
4503 {
4504 *code++ = OP_EXACT + op_type; /* NB EXACT doesn't have repeat_type */
4505 PUT2INC(code, 0, repeat_min);
4506
4507 /* If the maximum is unlimited, insert an OP_STAR. Before doing so,
4508 we have to insert the character for the previous code. For a repeated
4509 Unicode property match, there are two extra bytes that define the
4510 required property. In UTF-8 mode, long characters have their length in
4511 c, with the 0x80 bit as a flag. */
4512
4513 if (repeat_max < 0)
4514 {
4515 #ifdef SUPPORT_UTF8
4516 if (utf8 && c >= 128)
4517 {
4518 memcpy(code, utf8_char, c & 7);
4519 code += c & 7;
4520 }
4521 else
4522 #endif
4523 {
4524 *code++ = c;
4525 if (prop_type >= 0)
4526 {
4527 *code++ = prop_type;
4528 *code++ = prop_value;
4529 }
4530 }
4531 *code++ = OP_STAR + repeat_type;
4532 }
4533
4534 /* Else insert an UPTO if the max is greater than the min, again
4535 preceded by the character, for the previously inserted code. If the
4536 UPTO is just for 1 instance, we can use QUERY instead. */
4537
4538 else if (repeat_max != repeat_min)
4539 {
4540 #ifdef SUPPORT_UTF8
4541 if (utf8 && c >= 128)
4542 {
4543 memcpy(code, utf8_char, c & 7);
4544 code += c & 7;
4545 }
4546 else
4547 #endif
4548 *code++ = c;
4549 if (prop_type >= 0)
4550 {
4551 *code++ = prop_type;
4552 *code++ = prop_value;
4553 }
4554 repeat_max -= repeat_min;
4555
4556 if (repeat_max == 1)
4557 {
4558 *code++ = OP_QUERY + repeat_type;
4559 }
4560 else
4561 {
4562 *code++ = OP_UPTO + repeat_type;
4563 PUT2INC(code, 0, repeat_max);
4564 }
4565 }
4566 }
4567
4568 /* The character or character type itself comes last in all cases. */
4569
4570 #ifdef SUPPORT_UTF8
4571 if (utf8 && c >= 128)
4572 {
4573 memcpy(code, utf8_char, c & 7);
4574 code += c & 7;
4575 }
4576 else
4577 #endif
4578 *code++ = c;
4579
4580 /* For a repeated Unicode property match, there are two extra bytes that
4581 define the required property. */
4582
4583 #ifdef SUPPORT_UCP
4584 if (prop_type >= 0)
4585 {
4586 *code++ = prop_type;
4587 *code++ = prop_value;
4588 }
4589 #endif
4590 }
4591
4592 /* If previous was a character class or a back reference, we put the repeat
4593 stuff after it, but just skip the item if the repeat was {0,0}. */
4594
4595 else if (*previous == OP_CLASS ||
4596 *previous == OP_NCLASS ||
4597 #ifdef SUPPORT_UTF8
4598 *previous == OP_XCLASS ||
4599 #endif
4600 *previous == OP_REF ||
4601 *previous == OP_REFI)
4602 {
4603 if (repeat_max == 0)
4604 {
4605 code = previous;
4606 goto END_REPEAT;
4607 }
4608
4609 /*--------------------------------------------------------------------*/
4610 /* This code is obsolete from release 8.00; the restriction was finally
4611 removed: */
4612
4613 /* All real repeats make it impossible to handle partial matching (maybe
4614 one day we will be able to remove this restriction). */
4615
4616 /* if (repeat_max != 1) cd->external_flags |= PCRE_NOPARTIAL; */
4617 /*--------------------------------------------------------------------*/
4618
4619 if (repeat_min == 0 && repeat_max == -1)
4620 *code++ = OP_CRSTAR + repeat_type;
4621 else if (repeat_min == 1 && repeat_max == -1)
4622 *code++ = OP_CRPLUS + repeat_type;
4623 else if (repeat_min == 0 && repeat_max == 1)
4624 *code++ = OP_CRQUERY + repeat_type;
4625 else
4626 {
4627 *code++ = OP_CRRANGE + repeat_type;
4628 PUT2INC(code, 0, repeat_min);
4629 if (repeat_max == -1) repeat_max = 0; /* 2-byte encoding for max */
4630 PUT2INC(code, 0, repeat_max);
4631 }
4632 }
4633
4634 /* If previous was a bracket group, we may have to replicate it in certain
4635 cases. Note that at this point we can encounter only the "basic" bracket
4636 opcodes such as BRA and CBRA, as this is the place where they get converted
4637 into the more special varieties such as BRAPOS and SBRA. A test for >=
4638 OP_ASSERT and <= OP_COND includes ASSERT, ASSERT_NOT, ASSERTBACK,
4639 ASSERTBACK_NOT, ONCE, BRA, CBRA, and COND. Originally, PCRE did not allow
4640 repetition of assertions, but now it does, for Perl compatibility. */
4641
4642 else if (*previous >= OP_ASSERT && *previous <= OP_COND)
4643 {
4644 register int i;
4645 int len = (int)(code - previous);
4646 uschar *bralink = NULL;
4647 uschar *brazeroptr = NULL;
4648
4649 /* Repeating a DEFINE group is pointless, but Perl allows the syntax, so
4650 we just ignore the repeat. */
4651
4652 if (*previous == OP_COND && previous[LINK_SIZE+1] == OP_DEF)
4653 goto END_REPEAT;
4654
4655 /* There is no sense in actually repeating assertions. The only potential
4656 use of repetition is in cases when the assertion is optional. Therefore,
4657 if the minimum is greater than zero, just ignore the repeat. If the
4658 maximum is not not zero or one, set it to 1. */
4659
4660 if (*previous < OP_ONCE) /* Assertion */
4661 {
4662 if (repeat_min > 0) goto END_REPEAT;
4663 if (repeat_max < 0 || repeat_max > 1) repeat_max = 1;
4664 }
4665
4666 /* The case of a zero minimum is special because of the need to stick
4667 OP_BRAZERO in front of it, and because the group appears once in the
4668 data, whereas in other cases it appears the minimum number of times. For
4669 this reason, it is simplest to treat this case separately, as otherwise
4670 the code gets far too messy. There are several special subcases when the
4671 minimum is zero. */
4672
4673 if (repeat_min == 0)
4674 {
4675 /* If the maximum is also zero, we used to just omit the group from the
4676 output altogether, like this:
4677
4678 ** if (repeat_max == 0)
4679 ** {
4680 ** code = previous;
4681 ** goto END_REPEAT;
4682 ** }
4683
4684 However, that fails when a group or a subgroup within it is referenced
4685 as a subroutine from elsewhere in the pattern, so now we stick in
4686 OP_SKIPZERO in front of it so that it is skipped on execution. As we
4687 don't have a list of which groups are referenced, we cannot do this
4688 selectively.
4689
4690 If the maximum is 1 or unlimited, we just have to stick in the BRAZERO
4691 and do no more at this point. However, we do need to adjust any
4692 OP_RECURSE calls inside the group that refer to the group itself or any
4693 internal or forward referenced group, because the offset is from the
4694 start of the whole regex. Temporarily terminate the pattern while doing
4695 this. */
4696
4697 if (repeat_max <= 1) /* Covers 0, 1, and unlimited */
4698 {
4699 *code = OP_END;
4700 adjust_recurse(previous, 1, utf8, cd, save_hwm);
4701 memmove(previous+1, previous, len);
4702 code++;
4703 if (repeat_max == 0)
4704 {
4705 *previous++ = OP_SKIPZERO;
4706 goto END_REPEAT;
4707 }
4708 brazeroptr = previous; /* Save for possessive optimizing */
4709 *previous++ = OP_BRAZERO + repeat_type;
4710 }
4711
4712 /* If the maximum is greater than 1 and limited, we have to replicate
4713 in a nested fashion, sticking OP_BRAZERO before each set of brackets.
4714 The first one has to be handled carefully because it's the original
4715 copy, which has to be moved up. The remainder can be handled by code
4716 that is common with the non-zero minimum case below. We have to
4717 adjust the value or repeat_max, since one less copy is required. Once
4718 again, we may have to adjust any OP_RECURSE calls inside the group. */
4719
4720 else
4721 {
4722 int offset;
4723 *code = OP_END;
4724 adjust_recurse(previous, 2 + LINK_SIZE, utf8, cd, save_hwm);
4725 memmove(previous + 2 + LINK_SIZE, previous, len);
4726 code += 2 + LINK_SIZE;
4727 *previous++ = OP_BRAZERO + repeat_type;
4728 *previous++ = OP_BRA;
4729
4730 /* We chain together the bracket offset fields that have to be
4731 filled in later when the ends of the brackets are reached. */
4732
4733 offset = (bralink == NULL)? 0 : (int)(previous - bralink);
4734 bralink = previous;
4735 PUTINC(previous, 0, offset);
4736 }
4737
4738 repeat_max--;
4739 }
4740
4741 /* If the minimum is greater than zero, replicate the group as many
4742 times as necessary, and adjust the maximum to the number of subsequent
4743 copies that we need. If we set a first char from the group, and didn't
4744 set a required char, copy the latter from the former. If there are any
4745 forward reference subroutine calls in the group, there will be entries on
4746 the workspace list; replicate these with an appropriate increment. */
4747
4748 else
4749 {
4750 if (repeat_min > 1)
4751 {
4752 /* In the pre-compile phase, we don't actually do the replication. We
4753 just adjust the length as if we had. Do some paranoid checks for
4754 potential integer overflow. The INT64_OR_DOUBLE type is a 64-bit
4755 integer type when available, otherwise double. */
4756
4757 if (lengthptr != NULL)
4758 {
4759 int delta = (repeat_min - 1)*length_prevgroup;
4760 if ((INT64_OR_DOUBLE)(repeat_min - 1)*
4761 (INT64_OR_DOUBLE)length_prevgroup >
4762 (INT64_OR_DOUBLE)INT_MAX ||
4763 OFLOW_MAX - *lengthptr < delta)
4764 {
4765 *errorcodeptr = ERR20;
4766 goto FAILED;
4767 }
4768 *lengthptr += delta;
4769 }
4770
4771 /* This is compiling for real */
4772
4773 else
4774 {
4775 if (groupsetfirstbyte && reqbyte < 0) reqbyte = firstbyte;
4776 for (i = 1; i < repeat_min; i++)
4777 {
4778 uschar *hc;
4779 uschar *this_hwm = cd->hwm;
4780 memcpy(code, previous, len);
4781 for (hc = save_hwm; hc < this_hwm; hc += LINK_SIZE)
4782 {
4783 PUT(cd->hwm, 0, GET(hc, 0) + len);
4784 cd->hwm += LINK_SIZE;
4785 }
4786 save_hwm = this_hwm;
4787 code += len;
4788 }
4789 }
4790 }
4791
4792 if (repeat_max > 0) repeat_max -= repeat_min;
4793 }
4794
4795 /* This code is common to both the zero and non-zero minimum cases. If
4796 the maximum is limited, it replicates the group in a nested fashion,
4797 remembering the bracket starts on a stack. In the case of a zero minimum,
4798 the first one was set up above. In all cases the repeat_max now specifies
4799 the number of additional copies needed. Again, we must remember to
4800 replicate entries on the forward reference list. */
4801
4802 if (repeat_max >= 0)
4803 {
4804 /* In the pre-compile phase, we don't actually do the replication. We
4805 just adjust the length as if we had. For each repetition we must add 1
4806 to the length for BRAZERO and for all but the last repetition we must
4807 add 2 + 2*LINKSIZE to allow for the nesting that occurs. Do some
4808 paranoid checks to avoid integer overflow. The INT64_OR_DOUBLE type is
4809 a 64-bit integer type when available, otherwise double. */
4810
4811 if (lengthptr != NULL && repeat_max > 0)
4812 {
4813 int delta = repeat_max * (length_prevgroup + 1 + 2 + 2*LINK_SIZE) -
4814 2 - 2*LINK_SIZE; /* Last one doesn't nest */
4815 if ((INT64_OR_DOUBLE)repeat_max *
4816 (INT64_OR_DOUBLE)(length_prevgroup + 1 + 2 + 2*LINK_SIZE)
4817 > (INT64_OR_DOUBLE)INT_MAX ||
4818 OFLOW_MAX - *lengthptr < delta)
4819 {
4820 *errorcodeptr = ERR20;
4821 goto FAILED;
4822 }
4823 *lengthptr += delta;
4824 }
4825
4826 /* This is compiling for real */
4827
4828 else for (i = repeat_max - 1; i >= 0; i--)
4829 {
4830 uschar *hc;
4831 uschar *this_hwm = cd->hwm;
4832
4833 *code++ = OP_BRAZERO + repeat_type;
4834
4835 /* All but the final copy start a new nesting, maintaining the
4836 chain of brackets outstanding. */
4837
4838 if (i != 0)
4839 {
4840 int offset;
4841 *code++ = OP_BRA;
4842 offset = (bralink == NULL)? 0 : (int)(code - bralink);
4843 bralink = code;
4844 PUTINC(code, 0, offset);
4845 }
4846
4847 memcpy(code, previous, len);
4848 for (hc = save_hwm; hc < this_hwm; hc += LINK_SIZE)
4849 {
4850 PUT(cd->hwm, 0, GET(hc, 0) + len + ((i != 0)? 2+LINK_SIZE : 1));
4851 cd->hwm += LINK_SIZE;
4852 }
4853 save_hwm = this_hwm;
4854 code += len;
4855 }
4856
4857 /* Now chain through the pending brackets, and fill in their length
4858 fields (which are holding the chain links pro tem). */
4859
4860 while (bralink != NULL)
4861 {
4862 int oldlinkoffset;
4863 int offset = (int)(code - bralink + 1);
4864 uschar *bra = code - offset;
4865 oldlinkoffset = GET(bra, 1);
4866 bralink = (oldlinkoffset == 0)? NULL : bralink - oldlinkoffset;
4867 *code++ = OP_KET;
4868 PUTINC(code, 0, offset);
4869 PUT(bra, 1, offset);
4870 }
4871 }
4872
4873 /* If the maximum is unlimited, set a repeater in the final copy. For
4874 ONCE brackets, that's all we need to do. However, possessively repeated
4875 ONCE brackets can be converted into non-capturing brackets, as the
4876 behaviour of (?:xx)++ is the same as (?>xx)++ and this saves having to
4877 deal with possessive ONCEs specially.
4878
4879 Otherwise, if the quantifier was possessive, we convert the BRA code to
4880 the POS form, and the KET code to KETRPOS. (It turns out to be convenient
4881 at runtime to detect this kind of subpattern at both the start and at the
4882 end.) The use of special opcodes makes it possible to reduce greatly the
4883 stack usage in pcre_exec(). If the group is preceded by OP_BRAZERO,
4884 convert this to OP_BRAPOSZERO. Then cancel the possessive flag so that
4885 the default action below, of wrapping everything inside atomic brackets,
4886 does not happen.
4887
4888 Then, when we are doing the actual compile phase, check to see whether
4889 this group is one that could match an empty string. If so, convert the
4890 initial operator to the S form (e.g. OP_BRA -> OP_SBRA) so that runtime
4891 checking can be done. [This check is also applied to ONCE groups at
4892 runtime, but in a different way.] */
4893
4894 else
4895 {
4896 uschar *ketcode = code - 1 - LINK_SIZE;
4897 uschar *bracode = ketcode - GET(ketcode, 1);
4898
4899 if ((*bracode == OP_ONCE || *bracode == OP_ONCE_NC) &&
4900 possessive_quantifier) *bracode = OP_BRA;
4901
4902 if (*bracode == OP_ONCE || *bracode == OP_ONCE_NC)
4903 *ketcode = OP_KETRMAX + repeat_type;
4904 else
4905 {
4906 if (possessive_quantifier)
4907 {
4908 *bracode += 1; /* Switch to xxxPOS opcodes */
4909 *ketcode = OP_KETRPOS;
4910 if (brazeroptr != NULL) *brazeroptr = OP_BRAPOSZERO;
4911 possessive_quantifier = FALSE;
4912 }
4913 else *ketcode = OP_KETRMAX + repeat_type;
4914
4915 if (lengthptr == NULL)
4916 {
4917 uschar *scode = bracode;
4918 do
4919 {
4920 if (could_be_empty_branch(scode, ketcode, utf8, cd))
4921 {
4922 *bracode += OP_SBRA - OP_BRA;
4923 break;
4924 }
4925 scode += GET(scode, 1);
4926 }
4927 while (*scode == OP_ALT);
4928 }
4929 }
4930 }
4931 }
4932
4933 /* If previous is OP_FAIL, it was generated by an empty class [] in
4934 JavaScript mode. The other ways in which OP_FAIL can be generated, that is
4935 by (*FAIL) or (?!) set previous to NULL, which gives a "nothing to repeat"
4936 error above. We can just ignore the repeat in JS case. */
4937
4938 else if (*previous == OP_FAIL) goto END_REPEAT;
4939
4940 /* Else there's some kind of shambles */
4941
4942 else
4943 {
4944 *errorcodeptr = ERR11;
4945 goto FAILED;
4946 }
4947
4948 /* If the character following a repeat is '+', or if certain optimization
4949 tests above succeeded, possessive_quantifier is TRUE. For some opcodes,
4950 there are special alternative opcodes for this case. For anything else, we
4951 wrap the entire repeated item inside OP_ONCE brackets. Logically, the '+'
4952 notation is just syntactic sugar, taken from Sun's Java package, but the
4953 special opcodes can optimize it.
4954
4955 Possessively repeated subpatterns have already been handled in the code
4956 just above, so possessive_quantifier is always FALSE for them at this
4957 stage.
4958
4959 Note that the repeated item starts at tempcode, not at previous, which
4960 might be the first part of a string whose (former) last char we repeated.
4961
4962 Possessifying an 'exact' quantifier has no effect, so we can ignore it. But
4963 an 'upto' may follow. We skip over an 'exact' item, and then test the
4964 length of what remains before proceeding. */
4965
4966 if (possessive_quantifier)
4967 {
4968 int len;
4969
4970 if (*tempcode == OP_TYPEEXACT)
4971 tempcode += _pcre_OP_lengths[*tempcode] +
4972 ((tempcode[3] == OP_PROP || tempcode[3] == OP_NOTPROP)? 2 : 0);
4973
4974 else if (*tempcode == OP_EXACT || *tempcode == OP_NOTEXACT)
4975 {
4976 tempcode += _pcre_OP_lengths[*tempcode];
4977 #ifdef SUPPORT_UTF8
4978 if (utf8 && tempcode[-1] >= 0xc0)
4979 tempcode += _pcre_utf8_table4[tempcode[-1] & 0x3f];
4980 #endif
4981 }
4982
4983 len = (int)(code - tempcode);
4984 if (len > 0) switch (*tempcode)
4985 {
4986 case OP_STAR: *tempcode = OP_POSSTAR; break;
4987 case OP_PLUS: *tempcode = OP_POSPLUS; break;
4988 case OP_QUERY: *tempcode = OP_POSQUERY; break;
4989 case OP_UPTO: *tempcode = OP_POSUPTO; break;
4990
4991 case OP_STARI: *tempcode = OP_POSSTARI; break;
4992 case OP_PLUSI: *tempcode = OP_POSPLUSI; break;
4993 case OP_QUERYI: *tempcode = OP_POSQUERYI; break;
4994 case OP_UPTOI: *tempcode = OP_POSUPTOI; break;
4995
4996 case OP_NOTSTAR: *tempcode = OP_NOTPOSSTAR; break;
4997 case OP_NOTPLUS: *tempcode = OP_NOTPOSPLUS; break;
4998 case OP_NOTQUERY: *tempcode = OP_NOTPOSQUERY; break;
4999 case OP_NOTUPTO: *tempcode = OP_NOTPOSUPTO; break;
5000
5001 case OP_NOTSTARI: *tempcode = OP_NOTPOSSTARI; break;
5002 case OP_NOTPLUSI: *tempcode = OP_NOTPOSPLUSI; break;
5003 case OP_NOTQUERYI: *tempcode = OP_NOTPOSQUERYI; break;
5004 case OP_NOTUPTOI: *tempcode = OP_NOTPOSUPTOI; break;
5005
5006 case OP_TYPESTAR: *tempcode = OP_TYPEPOSSTAR; break;
5007 case OP_TYPEPLUS: *tempcode = OP_TYPEPOSPLUS; break;
5008 case OP_TYPEQUERY: *tempcode = OP_TYPEPOSQUERY; break;
5009 case OP_TYPEUPTO: *tempcode = OP_TYPEPOSUPTO; break;
5010
5011 /* Because we are moving code along, we must ensure that any
5012 pending recursive references are updated. */
5013
5014 default:
5015 *code = OP_END;
5016 adjust_recurse(tempcode, 1 + LINK_SIZE, utf8, cd, save_hwm);
5017 memmove(tempcode + 1+LINK_SIZE, tempcode, len);
5018 code += 1 + LINK_SIZE;
5019 len += 1 + LINK_SIZE;
5020 tempcode[0] = OP_ONCE;
5021 *code++ = OP_KET;
5022 PUTINC(code, 0, len);
5023 PUT(tempcode, 1, len);
5024 break;
5025 }
5026 }
5027
5028 /* In all case we no longer have a previous item. We also set the
5029 "follows varying string" flag for subsequently encountered reqbytes if
5030 it isn't already set and we have just passed a varying length item. */
5031
5032 END_REPEAT:
5033 previous = NULL;
5034 cd->req_varyopt |= reqvary;
5035 break;
5036
5037
5038 /* ===================================================================*/
5039 /* Start of nested parenthesized sub-expression, or comment or lookahead or
5040 lookbehind or option setting or condition or all the other extended
5041 parenthesis forms. */
5042
5043 case CHAR_LEFT_PARENTHESIS:
5044 newoptions = options;
5045 skipbytes = 0;
5046 bravalue = OP_CBRA;
5047 save_hwm = cd->hwm;
5048 reset_bracount = FALSE;
5049
5050 /* First deal with various "verbs" that can be introduced by '*'. */
5051
5052 if (*(++ptr) == CHAR_ASTERISK &&
5053 ((cd->ctypes[ptr[1]] & ctype_letter) != 0 || ptr[1] == ':'))
5054 {
5055 int i, namelen;
5056 int arglen = 0;
5057 const char *vn = verbnames;
5058 const uschar *name = ptr + 1;
5059 const uschar *arg = NULL;
5060 previous = NULL;
5061 while ((cd->ctypes[*++ptr] & ctype_letter) != 0) {};
5062 namelen = (int)(ptr - name);
5063
5064 /* It appears that Perl allows any characters whatsoever, other than
5065 a closing parenthesis, to appear in arguments, so we no longer insist on
5066 letters, digits, and underscores. */
5067
5068 if (*ptr == CHAR_COLON)
5069 {
5070 arg = ++ptr;
5071 while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
5072 arglen = (int)(ptr - arg);
5073 }
5074
5075 if (*ptr != CHAR_RIGHT_PARENTHESIS)
5076 {
5077 *errorcodeptr = ERR60;
5078 goto FAILED;
5079 }
5080
5081 /* Scan the table of verb names */
5082
5083 for (i = 0; i < verbcount; i++)
5084 {
5085 if (namelen == verbs[i].len &&
5086 strncmp((char *)name, vn, namelen) == 0)
5087 {
5088 /* Check for open captures before ACCEPT and convert it to
5089 ASSERT_ACCEPT if in an assertion. */
5090
5091 if (verbs[i].op == OP_ACCEPT)
5092 {
5093 open_capitem *oc;
5094 if (arglen != 0)
5095 {
5096 *errorcodeptr = ERR59;
5097 goto FAILED;
5098 }
5099 cd->had_accept = TRUE;
5100 for (oc = cd->open_caps; oc != NULL; oc = oc->next)
5101 {
5102 *code++ = OP_CLOSE;
5103 PUT2INC(code, 0, oc->number);
5104 }
5105 *code++ = (cd->assert_depth > 0)? OP_ASSERT_ACCEPT : OP_ACCEPT;
5106
5107 /* Do not set firstbyte after *ACCEPT */
5108 if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;
5109 }
5110
5111 /* Handle other cases with/without an argument */
5112
5113 else if (arglen == 0)
5114 {
5115 if (verbs[i].op < 0) /* Argument is mandatory */
5116 {
5117 *errorcodeptr = ERR66;
5118 goto FAILED;
5119 }
5120 *code = verbs[i].op;
5121 if (*code++ == OP_THEN) cd->external_flags |= PCRE_HASTHEN;
5122 }
5123
5124 else
5125 {
5126 if (verbs[i].op_arg < 0) /* Argument is forbidden */
5127 {
5128 *errorcodeptr = ERR59;
5129 goto FAILED;
5130 }
5131 *code = verbs[i].op_arg;
5132 if (*code++ == OP_THEN_ARG) cd->external_flags |= PCRE_HASTHEN;
5133 *code++ = arglen;
5134 memcpy(code, arg, arglen);
5135 code += arglen;
5136 *code++ = 0;
5137 }
5138
5139 break; /* Found verb, exit loop */
5140 }
5141
5142 vn += verbs[i].len + 1;
5143 }
5144
5145 if (i < verbcount) continue; /* Successfully handled a verb */
5146 *errorcodeptr = ERR60; /* Verb not recognized */
5147 goto FAILED;
5148 }
5149
5150 /* Deal with the extended parentheses; all are introduced by '?', and the
5151 appearance of any of them means that this is not a capturing group. */
5152
5153 else if (*ptr == CHAR_QUESTION_MARK)
5154 {
5155 int i, set, unset, namelen;
5156 int *optset;
5157 const uschar *name;
5158 uschar *slot;
5159
5160 switch (*(++ptr))
5161 {
5162 case CHAR_NUMBER_SIGN: /* Comment; skip to ket */
5163 ptr++;
5164 while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
5165 if (*ptr == 0)
5166 {
5167 *errorcodeptr = ERR18;
5168 goto FAILED;
5169 }
5170 continue;
5171
5172
5173 /* ------------------------------------------------------------ */
5174 case CHAR_VERTICAL_LINE: /* Reset capture count for each branch */
5175 reset_bracount = TRUE;
5176 /* Fall through */
5177
5178 /* ------------------------------------------------------------ */
5179 case CHAR_COLON: /* Non-capturing bracket */
5180 bravalue = OP_BRA;
5181 ptr++;
5182 break;
5183
5184
5185 /* ------------------------------------------------------------ */
5186 case CHAR_LEFT_PARENTHESIS:
5187 bravalue = OP_COND; /* Conditional group */
5188
5189 /* A condition can be an assertion, a number (referring to a numbered
5190 group), a name (referring to a named group), or 'R', referring to
5191 recursion. R<digits> and R&name are also permitted for recursion tests.
5192
5193 There are several syntaxes for testing a named group: (?(name)) is used
5194 by Python; Perl 5.10 onwards uses (?(<name>) or (?('name')).
5195
5196 There are two unfortunate ambiguities, caused by history. (a) 'R' can
5197 be the recursive thing or the name 'R' (and similarly for 'R' followed
5198 by digits), and (b) a number could be a name that consists of digits.
5199 In both cases, we look for a name first; if not found, we try the other
5200 cases. */
5201
5202 /* For conditions that are assertions, check the syntax, and then exit
5203 the switch. This will take control down to where bracketed groups,
5204 including assertions, are processed. */
5205
5206 if (ptr[1] == CHAR_QUESTION_MARK && (ptr[2] == CHAR_EQUALS_SIGN ||
5207 ptr[2] == CHAR_EXCLAMATION_MARK || ptr[2] == CHAR_LESS_THAN_SIGN))
5208 break;
5209
5210 /* Most other conditions use OP_CREF (a couple change to OP_RREF
5211 below), and all need to skip 3 bytes at the start of the group. */
5212
5213 code[1+LINK_SIZE] = OP_CREF;
5214 skipbytes = 3;
5215 refsign = -1;
5216
5217 /* Check for a test for recursion in a named group. */
5218
5219 if (ptr[1] == CHAR_R && ptr[2] == CHAR_AMPERSAND)
5220 {
5221 terminator = -1;
5222 ptr += 2;
5223 code[1+LINK_SIZE] = OP_RREF; /* Change the type of test */
5224 }
5225
5226 /* Check for a test for a named group's having been set, using the Perl
5227 syntax (?(<name>) or (?('name') */
5228
5229 else if (ptr[1] == CHAR_LESS_THAN_SIGN)
5230 {
5231 terminator = CHAR_GREATER_THAN_SIGN;
5232 ptr++;
5233 }
5234 else if (ptr[1] == CHAR_APOSTROPHE)
5235 {
5236 terminator = CHAR_APOSTROPHE;
5237 ptr++;
5238 }
5239 else
5240 {
5241 terminator = 0;
5242 if (ptr[1] == CHAR_MINUS || ptr[1] == CHAR_PLUS) refsign = *(++ptr);
5243 }
5244
5245 /* We now expect to read a name; any thing else is an error */
5246
5247 if ((cd->ctypes[ptr[1]] & ctype_word) == 0)
5248 {
5249 ptr += 1; /* To get the right offset */
5250 *errorcodeptr = ERR28;
5251 goto FAILED;
5252 }
5253
5254 /* Read the name, but also get it as a number if it's all digits */
5255
5256 recno = 0;
5257 name = ++ptr;
5258 while ((cd->ctypes[*ptr] & ctype_word) != 0)
5259 {
5260 if (recno >= 0)
5261 recno = ((digitab[*ptr] & ctype_digit) != 0)?
5262 recno * 10 + *ptr - CHAR_0 : -1;
5263 ptr++;
5264 }
5265 namelen = (int)(ptr - name);
5266
5267 if ((terminator > 0 && *ptr++ != terminator) ||
5268 *ptr++ != CHAR_RIGHT_PARENTHESIS)
5269 {
5270 ptr--; /* Error offset */
5271 *errorcodeptr = ERR26;
5272 goto FAILED;
5273 }
5274
5275 /* Do no further checking in the pre-compile phase. */
5276
5277 if (lengthptr != NULL) break;
5278
5279 /* In the real compile we do the work of looking for the actual
5280 reference. If the string started with "+" or "-" we require the rest to
5281 be digits, in which case recno will be set. */
5282
5283 if (refsign > 0)
5284 {
5285 if (recno <= 0)
5286 {
5287 *errorcodeptr = ERR58;
5288 goto FAILED;
5289 }
5290 recno = (refsign == CHAR_MINUS)?
5291 cd->bracount - recno + 1 : recno +cd->bracount;
5292 if (recno <= 0 || recno > cd->final_bracount)
5293 {
5294 *errorcodeptr = ERR15;
5295 goto FAILED;
5296 }
5297 PUT2(code, 2+LINK_SIZE, recno);
5298 break;
5299 }
5300
5301 /* Otherwise (did not start with "+" or "-"), start by looking for the
5302 name. If we find a name, add one to the opcode to change OP_CREF or
5303 OP_RREF into OP_NCREF or OP_NRREF. These behave exactly the same,
5304 except they record that the reference was originally to a name. The
5305 information is used to check duplicate names. */
5306
5307 slot = cd->name_table;
5308 for (i = 0; i < cd->names_found; i++)
5309 {
5310 if (strncmp((char *)name, (char *)slot+2, namelen) == 0) break;
5311 slot += cd->name_entry_size;
5312 }
5313
5314 /* Found a previous named subpattern */
5315
5316 if (i < cd->names_found)
5317 {
5318 recno = GET2(slot, 0);
5319 PUT2(code, 2+LINK_SIZE, recno);
5320 code[1+LINK_SIZE]++;
5321 }
5322
5323 /* Search the pattern for a forward reference */
5324
5325 else if ((i = find_parens(cd, name, namelen,
5326 (options & PCRE_EXTENDED) != 0, utf8)) > 0)
5327 {
5328 PUT2(code, 2+LINK_SIZE, i);
5329 code[1+LINK_SIZE]++;
5330 }
5331
5332 /* If terminator == 0 it means that the name followed directly after
5333 the opening parenthesis [e.g. (?(abc)...] and in this case there are
5334 some further alternatives to try. For the cases where terminator != 0
5335 [things like (?(<name>... or (?('name')... or (?(R&name)... ] we have
5336 now checked all the possibilities, so give an error. */
5337
5338 else if (terminator != 0)
5339 {
5340 *errorcodeptr = ERR15;
5341 goto FAILED;
5342 }
5343
5344 /* Check for (?(R) for recursion. Allow digits after R to specify a
5345 specific group number. */
5346
5347 else if (*name == CHAR_R)
5348 {
5349 recno = 0;
5350 for (i = 1; i < namelen; i++)
5351 {
5352 if ((digitab[name[i]] & ctype_digit) == 0)
5353 {
5354 *errorcodeptr = ERR15;
5355 goto FAILED;
5356 }
5357 recno = recno * 10 + name[i] - CHAR_0;
5358 }
5359 if (recno == 0) recno = RREF_ANY;
5360 code[1+LINK_SIZE] = OP_RREF; /* Change test type */
5361 PUT2(code, 2+LINK_SIZE, recno);
5362 }
5363
5364 /* Similarly, check for the (?(DEFINE) "condition", which is always
5365 false. */
5366
5367 else if (namelen == 6 && strncmp((char *)name, STRING_DEFINE, 6) == 0)
5368 {
5369 code[1+LINK_SIZE] = OP_DEF;
5370 skipbytes = 1;
5371 }
5372
5373 /* Check for the "name" actually being a subpattern number. We are
5374 in the second pass here, so final_bracount is set. */
5375
5376 else if (recno > 0 && recno <= cd->final_bracount)
5377 {
5378 PUT2(code, 2+LINK_SIZE, recno);
5379 }
5380
5381 /* Either an unidentified subpattern, or a reference to (?(0) */
5382
5383 else
5384 {
5385 *errorcodeptr = (recno == 0)? ERR35: ERR15;
5386 goto FAILED;
5387 }
5388 break;
5389
5390
5391 /* ------------------------------------------------------------ */
5392 case CHAR_EQUALS_SIGN: /* Positive lookahead */
5393 bravalue = OP_ASSERT;
5394 cd->assert_depth += 1;
5395 ptr++;
5396 break;
5397
5398
5399 /* ------------------------------------------------------------ */
5400 case CHAR_EXCLAMATION_MARK: /* Negative lookahead */
5401 ptr++;
5402 if (*ptr == CHAR_RIGHT_PARENTHESIS) /* Optimize (?!) */
5403 {
5404 *code++ = OP_FAIL;
5405 previous = NULL;
5406 continue;
5407 }
5408 bravalue = OP_ASSERT_NOT;
5409 cd->assert_depth += 1;
5410 break;
5411
5412
5413 /* ------------------------------------------------------------ */
5414 case CHAR_LESS_THAN_SIGN: /* Lookbehind or named define */
5415 switch (ptr[1])
5416 {
5417 case CHAR_EQUALS_SIGN: /* Positive lookbehind */
5418 bravalue = OP_ASSERTBACK;
5419 cd->assert_depth += 1;
5420 ptr += 2;
5421 break;
5422
5423 case CHAR_EXCLAMATION_MARK: /* Negative lookbehind */
5424 bravalue = OP_ASSERTBACK_NOT;
5425 cd->assert_depth += 1;
5426 ptr += 2;
5427 break;
5428
5429 default: /* Could be name define, else bad */
5430 if ((cd->ctypes[ptr[1]] & ctype_word) != 0) goto DEFINE_NAME;
5431 ptr++; /* Correct offset for error */
5432 *errorcodeptr = ERR24;
5433 goto FAILED;
5434 }
5435 break;
5436
5437
5438 /* ------------------------------------------------------------ */
5439 case CHAR_GREATER_THAN_SIGN: /* One-time brackets */
5440 bravalue = OP_ONCE;
5441 ptr++;
5442 break;
5443
5444
5445 /* ------------------------------------------------------------ */
5446 case CHAR_C: /* Callout - may be followed by digits; */
5447 previous_callout = code; /* Save for later completion */
5448 after_manual_callout = 1; /* Skip one item before completing */
5449 *code++ = OP_CALLOUT;
5450 {
5451 int n = 0;
5452 while ((digitab[*(++ptr)] & ctype_digit) != 0)
5453 n = n * 10 + *ptr - CHAR_0;
5454 if (*ptr != CHAR_RIGHT_PARENTHESIS)
5455 {
5456 *errorcodeptr = ERR39;
5457 goto FAILED;
5458 }
5459 if (n > 255)
5460 {
5461 *errorcodeptr = ERR38;
5462 goto FAILED;
5463 }
5464 *code++ = n;
5465 PUT(code, 0, (int)(ptr - cd->start_pattern + 1)); /* Pattern offset */
5466 PUT(code, LINK_SIZE, 0); /* Default length */
5467 code += 2 * LINK_SIZE;
5468 }
5469 previous = NULL;
5470 continue;
5471
5472
5473 /* ------------------------------------------------------------ */
5474 case CHAR_P: /* Python-style named subpattern handling */
5475 if (*(++ptr) == CHAR_EQUALS_SIGN ||
5476 *ptr == CHAR_GREATER_THAN_SIGN) /* Reference or recursion */
5477 {
5478 is_recurse = *ptr == CHAR_GREATER_THAN_SIGN;
5479 terminator = CHAR_RIGHT_PARENTHESIS;
5480 goto NAMED_REF_OR_RECURSE;
5481 }
5482 else if (*ptr != CHAR_LESS_THAN_SIGN) /* Test for Python-style defn */
5483 {
5484 *errorcodeptr = ERR41;
5485 goto FAILED;
5486 }
5487 /* Fall through to handle (?P< as (?< is handled */
5488
5489
5490 /* ------------------------------------------------------------ */
5491 DEFINE_NAME: /* Come here from (?< handling */
5492 case CHAR_APOSTROPHE:
5493 {
5494 terminator = (*ptr == CHAR_LESS_THAN_SIGN)?
5495 CHAR_GREATER_THAN_SIGN : CHAR_APOSTROPHE;
5496 name = ++ptr;
5497
5498 while ((cd->ctypes[*ptr] & ctype_word) != 0) ptr++;
5499 namelen = (int)(ptr - name);
5500
5501 /* In the pre-compile phase, just do a syntax check. */
5502
5503 if (lengthptr != NULL)
5504 {
5505 if (*ptr != terminator)
5506 {
5507 *errorcodeptr = ERR42;
5508 goto FAILED;
5509 }
5510 if (cd->names_found >= MAX_NAME_COUNT)
5511 {
5512 *errorcodeptr = ERR49;
5513 goto FAILED;
5514 }
5515 if (namelen + 3 > cd->name_entry_size)
5516 {
5517 cd->name_entry_size = namelen + 3;
5518 if (namelen > MAX_NAME_SIZE)
5519 {
5520 *errorcodeptr = ERR48;
5521 goto FAILED;
5522 }
5523 }
5524 }
5525
5526 /* In the real compile, create the entry in the table, maintaining
5527 alphabetical order. Duplicate names for different numbers are
5528 permitted only if PCRE_DUPNAMES is set. Duplicate names for the same
5529 number are always OK. (An existing number can be re-used if (?|
5530 appears in the pattern.) In either event, a duplicate name results in
5531 a duplicate entry in the table, even if the number is the same. This
5532 is because the number of names, and hence the table size, is computed
5533 in the pre-compile, and it affects various numbers and pointers which
5534 would all have to be modified, and the compiled code moved down, if
5535 duplicates with the same number were omitted from the table. This
5536 doesn't seem worth the hassle. However, *different* names for the
5537 same number are not permitted. */
5538
5539 else
5540 {
5541 BOOL dupname = FALSE;
5542 slot = cd->name_table;
5543
5544 for (i = 0; i < cd->names_found; i++)
5545 {
5546 int crc = memcmp(name, slot+2, namelen);
5547 if (crc == 0)
5548 {
5549 if (slot[2+namelen] == 0)
5550 {
5551 if (GET2(slot, 0) != cd->bracount + 1 &&
5552 (options & PCRE_DUPNAMES) == 0)
5553 {
5554 *errorcodeptr = ERR43;
5555 goto FAILED;
5556 }
5557 else dupname = TRUE;
5558 }
5559 else crc = -1; /* Current name is a substring */
5560 }
5561
5562 /* Make space in the table and break the loop for an earlier
5563 name. For a duplicate or later name, carry on. We do this for
5564 duplicates so that in the simple case (when ?(| is not used) they
5565 are in order of their numbers. */
5566
5567 if (crc < 0)
5568 {
5569 memmove(slot + cd->name_entry_size, slot,
5570 (cd->names_found - i) * cd->name_entry_size);
5571 break;
5572 }
5573
5574 /* Continue the loop for a later or duplicate name */
5575
5576 slot += cd->name_entry_size;
5577 }
5578
5579 /* For non-duplicate names, check for a duplicate number before
5580 adding the new name. */
5581
5582 if (!dupname)
5583 {
5584 uschar *cslot = cd->name_table;
5585 for (i = 0; i < cd->names_found; i++)
5586 {
5587 if (cslot != slot)
5588 {
5589 if (GET2(cslot, 0) == cd->bracount + 1)
5590 {
5591 *errorcodeptr = ERR65;
5592 goto FAILED;
5593 }
5594 }
5595 else i--;
5596 cslot += cd->name_entry_size;
5597 }
5598 }
5599
5600 PUT2(slot, 0, cd->bracount + 1);
5601 memcpy(slot + 2, name, namelen);
5602 slot[2+namelen] = 0;
5603 }
5604 }
5605
5606 /* In both pre-compile and compile, count the number of names we've
5607 encountered. */
5608
5609 cd->names_found++;
5610 ptr++; /* Move past > or ' */
5611 goto NUMBERED_GROUP;
5612
5613
5614 /* ------------------------------------------------------------ */
5615 case CHAR_AMPERSAND: /* Perl recursion/subroutine syntax */
5616 terminator = CHAR_RIGHT_PARENTHESIS;
5617 is_recurse = TRUE;
5618 /* Fall through */
5619
5620 /* We come here from the Python syntax above that handles both
5621 references (?P=name) and recursion (?P>name), as well as falling
5622 through from the Perl recursion syntax (?&name). We also come here from
5623 the Perl \k<name> or \k'name' back reference syntax and the \k{name}
5624 .NET syntax, and the Oniguruma \g<...> and \g'...' subroutine syntax. */
5625
5626 NAMED_REF_OR_RECURSE:
5627 name = ++ptr;
5628 while ((cd->ctypes[*ptr] & ctype_word) != 0) ptr++;
5629 namelen = (int)(ptr - name);
5630
5631 /* In the pre-compile phase, do a syntax check. We used to just set
5632 a dummy reference number, because it was not used in the first pass.
5633 However, with the change of recursive back references to be atomic,
5634 we have to look for the number so that this state can be identified, as
5635 otherwise the incorrect length is computed. If it's not a backwards
5636 reference, the dummy number will do. */
5637
5638 if (lengthptr != NULL)
5639 {
5640 const uschar *temp;
5641
5642 if (namelen == 0)
5643 {
5644 *errorcodeptr = ERR62;
5645 goto FAILED;
5646 }
5647 if (*ptr != terminator)
5648 {
5649 *errorcodeptr = ERR42;
5650 goto FAILED;
5651 }
5652 if (namelen > MAX_NAME_SIZE)
5653 {
5654 *errorcodeptr = ERR48;
5655 goto FAILED;
5656 }
5657
5658 /* The name table does not exist in the first pass, so we cannot
5659 do a simple search as in the code below. Instead, we have to scan the
5660 pattern to find the number. It is important that we scan it only as
5661 far as we have got because the syntax of named subpatterns has not
5662 been checked for the rest of the pattern, and find_parens() assumes
5663 correct syntax. In any case, it's a waste of resources to scan
5664 further. We stop the scan at the current point by temporarily
5665 adjusting the value of cd->endpattern. */
5666
5667 temp = cd->end_pattern;
5668 cd->end_pattern = ptr;
5669 recno = find_parens(cd, name, namelen,
5670 (options & PCRE_EXTENDED) != 0, utf8);
5671 cd->end_pattern = temp;
5672 if (recno < 0) recno = 0; /* Forward ref; set dummy number */
5673 }
5674
5675 /* In the real compile, seek the name in the table. We check the name
5676 first, and then check that we have reached the end of the name in the
5677 table. That way, if the name that is longer than any in the table,
5678 the comparison will fail without reading beyond the table entry. */
5679
5680 else
5681 {
5682 slot = cd->name_table;
5683 for (i = 0; i < cd->names_found; i++)
5684 {
5685 if (strncmp((char *)name, (char *)slot+2, namelen) == 0 &&
5686 slot[2+namelen] == 0)
5687 break;
5688 slot += cd->name_entry_size;
5689 }
5690
5691 if (i < cd->names_found) /* Back reference */
5692 {
5693 recno = GET2(slot, 0);
5694 }
5695 else if ((recno = /* Forward back reference */
5696 find_parens(cd, name, namelen,
5697 (options & PCRE_EXTENDED) != 0, utf8)) <= 0)
5698 {
5699 *errorcodeptr = ERR15;
5700 goto FAILED;
5701 }
5702 }
5703
5704 /* In both phases, we can now go to the code than handles numerical
5705 recursion or backreferences. */
5706
5707 if (is_recurse) goto HANDLE_RECURSION;
5708 else goto HANDLE_REFERENCE;
5709
5710
5711 /* ------------------------------------------------------------ */
5712 case CHAR_R: /* Recursion */
5713 ptr++; /* Same as (?0) */
5714 /* Fall through */
5715
5716
5717 /* ------------------------------------------------------------ */
5718 case CHAR_MINUS: case CHAR_PLUS: /* Recursion or subroutine */
5719 case CHAR_0: case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4:
5720 case CHAR_5: case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
5721 {
5722 const uschar *called;
5723 terminator = CHAR_RIGHT_PARENTHESIS;
5724
5725 /* Come here from the \g<...> and \g'...' code (Oniguruma
5726 compatibility). However, the syntax has been checked to ensure that
5727 the ... are a (signed) number, so that neither ERR63 nor ERR29 will
5728 be called on this path, nor with the jump to OTHER_CHAR_AFTER_QUERY
5729 ever be taken. */
5730
5731 HANDLE_NUMERICAL_RECURSION:
5732
5733 if ((refsign = *ptr) == CHAR_PLUS)
5734 {
5735 ptr++;
5736 if ((digitab[*ptr] & ctype_digit) == 0)
5737 {
5738 *errorcodeptr = ERR63;
5739 goto FAILED;
5740 }
5741 }
5742 else if (refsign == CHAR_MINUS)
5743 {
5744 if ((digitab[ptr[1]] & ctype_digit) == 0)
5745 goto OTHER_CHAR_AFTER_QUERY;
5746 ptr++;
5747 }
5748
5749 recno = 0;
5750 while((digitab[*ptr] & ctype_digit) != 0)
5751 recno = recno * 10 + *ptr++ - CHAR_0;
5752
5753 if (*ptr != terminator)
5754 {
5755 *errorcodeptr = ERR29;
5756 goto FAILED;
5757 }
5758
5759 if (refsign == CHAR_MINUS)
5760 {
5761 if (recno == 0)
5762 {
5763 *errorcodeptr = ERR58;
5764 goto FAILED;
5765 }
5766 recno = cd->bracount - recno + 1;
5767 if (recno <= 0)
5768 {
5769 *errorcodeptr = ERR15;
5770 goto FAILED;
5771 }
5772 }
5773 else if (refsign == CHAR_PLUS)
5774 {
5775 if (recno == 0)
5776 {
5777 *errorcodeptr = ERR58;
5778 goto FAILED;
5779 }
5780 recno += cd->bracount;
5781 }
5782
5783 /* Come here from code above that handles a named recursion */
5784
5785 HANDLE_RECURSION:
5786
5787 previous = code;
5788 called = cd->start_code;
5789
5790 /* When we are actually compiling, find the bracket that is being
5791 referenced. Temporarily end the regex in case it doesn't exist before
5792 this point. If we end up with a forward reference, first check that
5793 the bracket does occur later so we can give the error (and position)
5794 now. Then remember this forward reference in the workspace so it can
5795 be filled in at the end. */
5796
5797 if (lengthptr == NULL)
5798 {
5799 *code = OP_END;
5800 if (recno != 0)
5801 called = _pcre_find_bracket(cd->start_code, utf8, recno);
5802
5803 /* Forward reference */
5804
5805 if (called == NULL)
5806 {
5807 if (find_parens(cd, NULL, recno,
5808 (options & PCRE_EXTENDED) != 0, utf8) < 0)
5809 {
5810 *errorcodeptr = ERR15;
5811 goto FAILED;
5812 }
5813
5814 /* Fudge the value of "called" so that when it is inserted as an
5815 offset below, what it actually inserted is the reference number
5816 of the group. Then remember the forward reference. */
5817
5818 called = cd->start_code + recno;
5819 PUTINC(cd->hwm, 0, (int)(code + 1 - cd->start_code));
5820 }
5821
5822 /* If not a forward reference, and the subpattern is still open,
5823 this is a recursive call. We check to see if this is a left
5824 recursion that could loop for ever, and diagnose that case. We
5825 must not, however, do this check if we are in a conditional
5826 subpattern because the condition might be testing for recursion in
5827 a pattern such as /(?(R)a+|(?R)b)/, which is perfectly valid.
5828 Forever loops are also detected at runtime, so those that occur in
5829 conditional subpatterns will be picked up then. */
5830
5831 else if (GET(called, 1) == 0 && cond_depth <= 0 &&
5832 could_be_empty(called, code, bcptr, utf8, cd))
5833 {
5834 *errorcodeptr = ERR40;
5835 goto FAILED;
5836 }
5837 }
5838
5839 /* Insert the recursion/subroutine item. */
5840
5841 *code = OP_RECURSE;
5842 PUT(code, 1, (int)(called - cd->start_code));
5843 code += 1 + LINK_SIZE;
5844 }
5845
5846 /* Can't determine a first byte now */
5847
5848 if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;
5849 continue;
5850
5851
5852 /* ------------------------------------------------------------ */
5853 default: /* Other characters: check option setting */
5854 OTHER_CHAR_AFTER_QUERY:
5855 set = unset = 0;
5856 optset = &set;
5857
5858 while (*ptr != CHAR_RIGHT_PARENTHESIS && *ptr != CHAR_COLON)
5859 {
5860 switch (*ptr++)
5861 {
5862 case CHAR_MINUS: optset = &unset; break;
5863
5864 case CHAR_J: /* Record that it changed in the external options */
5865 *optset |= PCRE_DUPNAMES;
5866 cd->external_flags |= PCRE_JCHANGED;
5867 break;
5868
5869 case CHAR_i: *optset |= PCRE_CASELESS; break;
5870 case CHAR_m: *optset |= PCRE_MULTILINE; break;
5871 case CHAR_s: *optset |= PCRE_DOTALL; break;
5872 case CHAR_x: *optset |= PCRE_EXTENDED; break;
5873 case CHAR_U: *optset |= PCRE_UNGREEDY; break;
5874 case CHAR_X: *optset |= PCRE_EXTRA; break;
5875
5876 default: *errorcodeptr = ERR12;
5877 ptr--; /* Correct the offset */
5878 goto FAILED;
5879 }
5880 }
5881
5882 /* Set up the changed option bits, but don't change anything yet. */
5883
5884 newoptions = (options | set) & (~unset);
5885
5886 /* If the options ended with ')' this is not the start of a nested
5887 group with option changes, so the options change at this level. If this
5888 item is right at the start of the pattern, the options can be
5889 abstracted and made external in the pre-compile phase, and ignored in
5890 the compile phase. This can be helpful when matching -- for instance in
5891 caseless checking of required bytes.
5892
5893 If the code pointer is not (cd->start_code + 1 + LINK_SIZE), we are
5894 definitely *not* at the start of the pattern because something has been
5895 compiled. In the pre-compile phase, however, the code pointer can have
5896 that value after the start, because it gets reset as code is discarded
5897 during the pre-compile. However, this can happen only at top level - if
5898 we are within parentheses, the starting BRA will still be present. At
5899 any parenthesis level, the length value can be used to test if anything
5900 has been compiled at that level. Thus, a test for both these conditions
5901 is necessary to ensure we correctly detect the start of the pattern in
5902 both phases.
5903
5904 If we are not at the pattern start, reset the greedy defaults and the
5905 case value for firstbyte and reqbyte. */
5906
5907 if (*ptr == CHAR_RIGHT_PARENTHESIS)
5908 {
5909 if (code == cd->start_code + 1 + LINK_SIZE &&
5910 (lengthptr == NULL || *lengthptr == 2 + 2*LINK_SIZE))
5911 {
5912 cd->external_options = newoptions;
5913 }
5914 else
5915 {
5916 greedy_default = ((newoptions & PCRE_UNGREEDY) != 0);
5917 greedy_non_default = greedy_default ^ 1;
5918 req_caseopt = ((newoptions & PCRE_CASELESS) != 0)? REQ_CASELESS : 0;
5919 }
5920
5921 /* Change options at this level, and pass them back for use
5922 in subsequent branches. */
5923
5924 *optionsptr = options = newoptions;
5925 previous = NULL; /* This item can't be repeated */
5926 continue; /* It is complete */
5927 }
5928
5929 /* If the options ended with ':' we are heading into a nested group
5930 with possible change of options. Such groups are non-capturing and are
5931 not assertions of any kind. All we need to do is skip over the ':';
5932 the newoptions value is handled below. */
5933
5934 bravalue = OP_BRA;
5935 ptr++;
5936 } /* End of switch for character following (? */
5937 } /* End of (? handling */
5938
5939 /* Opening parenthesis not followed by '*' or '?'. If PCRE_NO_AUTO_CAPTURE
5940 is set, all unadorned brackets become non-capturing and behave like (?:...)
5941 brackets. */
5942
5943 else if ((options & PCRE_NO_AUTO_CAPTURE) != 0)
5944 {
5945 bravalue = OP_BRA;
5946 }
5947
5948 /* Else we have a capturing group. */
5949
5950 else
5951 {
5952 NUMBERED_GROUP:
5953 cd->bracount += 1;
5954 PUT2(code, 1+LINK_SIZE, cd->bracount);
5955 skipbytes = 2;
5956 }
5957
5958 /* Process nested bracketed regex. Assertions used not to be repeatable,
5959 but this was changed for Perl compatibility, so all kinds can now be
5960 repeated. We copy code into a non-register variable (tempcode) in order to
5961 be able to pass its address because some compilers complain otherwise. */
5962
5963 previous = code; /* For handling repetition */
5964 *code = bravalue;
5965 tempcode = code;
5966 tempreqvary = cd->req_varyopt; /* Save value before bracket */
5967 tempbracount = cd->bracount; /* Save value before bracket */
5968 length_prevgroup = 0; /* Initialize for pre-compile phase */
5969
5970 if (!compile_regex(
5971 newoptions, /* The complete new option state */
5972 &tempcode, /* Where to put code (updated) */
5973 &ptr, /* Input pointer (updated) */
5974 errorcodeptr, /* Where to put an error message */
5975 (bravalue == OP_ASSERTBACK ||
5976 bravalue == OP_ASSERTBACK_NOT), /* TRUE if back assert */
5977 reset_bracount, /* True if (?| group */
5978 skipbytes, /* Skip over bracket number */
5979 cond_depth +
5980 ((bravalue == OP_COND)?1:0), /* Depth of condition subpatterns */
5981 &subfirstbyte, /* For possible first char */
5982 &subreqbyte, /* For possible last char */
5983 bcptr, /* Current branch chain */
5984 cd, /* Tables block */
5985 (lengthptr == NULL)? NULL : /* Actual compile phase */
5986 &length_prevgroup /* Pre-compile phase */
5987 ))
5988 goto FAILED;
5989
5990 /* If this was an atomic group and there are no capturing groups within it,
5991 generate OP_ONCE_NC instead of OP_ONCE. */
5992
5993 if (bravalue == OP_ONCE && cd->bracount <= tempbracount)
5994 *code = OP_ONCE_NC;
5995
5996 if (bravalue >= OP_ASSERT && bravalue <= OP_ASSERTBACK_NOT)
5997 cd->assert_depth -= 1;
5998
5999 /* At the end of compiling, code is still pointing to the start of the
6000 group, while tempcode has been updated to point past the end of the group.
6001 The pattern pointer (ptr) is on the bracket.
6002
6003 If this is a conditional bracket, check that there are no more than
6004 two branches in the group, or just one if it's a DEFINE group. We do this
6005 in the real compile phase, not in the pre-pass, where the whole group may
6006 not be available. */
6007
6008 if (bravalue == OP_COND && lengthptr == NULL)
6009 {
6010 uschar *tc = code;
6011 int condcount = 0;
6012
6013 do {
6014 condcount++;
6015 tc += GET(tc,1);
6016 }
6017 while (*tc != OP_KET);
6018
6019 /* A DEFINE group is never obeyed inline (the "condition" is always
6020 false). It must have only one branch. */
6021
6022 if (code[LINK_SIZE+1] == OP_DEF)
6023 {
6024 if (condcount > 1)
6025 {
6026 *errorcodeptr = ERR54;
6027 goto FAILED;
6028 }
6029 bravalue = OP_DEF; /* Just a flag to suppress char handling below */
6030 }
6031
6032 /* A "normal" conditional group. If there is just one branch, we must not
6033 make use of its firstbyte or reqbyte, because this is equivalent to an
6034 empty second branch. */
6035
6036 else
6037 {
6038 if (condcount > 2)
6039 {
6040 *errorcodeptr = ERR27;
6041 goto FAILED;
6042 }
6043 if (condcount == 1) subfirstbyte = subreqbyte = REQ_NONE;
6044 }
6045 }
6046
6047 /* Error if hit end of pattern */
6048
6049 if (*ptr != CHAR_RIGHT_PARENTHESIS)
6050 {
6051 *errorcodeptr = ERR14;
6052 goto FAILED;
6053 }
6054
6055 /* In the pre-compile phase, update the length by the length of the group,
6056 less the brackets at either end. Then reduce the compiled code to just a
6057 set of non-capturing brackets so that it doesn't use much memory if it is
6058 duplicated by a quantifier.*/
6059
6060 if (lengthptr != NULL)
6061 {
6062 if (OFLOW_MAX - *lengthptr < length_prevgroup - 2 - 2*LINK_SIZE)
6063 {
6064 *errorcodeptr = ERR20;
6065 goto FAILED;
6066 }
6067 *lengthptr += length_prevgroup - 2 - 2*LINK_SIZE;
6068 code++; /* This already contains bravalue */
6069 PUTINC(code, 0, 1 + LINK_SIZE);
6070 *code++ = OP_KET;
6071 PUTINC(code, 0, 1 + LINK_SIZE);
6072 break; /* No need to waste time with special character handling */
6073 }
6074
6075 /* Otherwise update the main code pointer to the end of the group. */
6076
6077 code = tempcode;
6078
6079 /* For a DEFINE group, required and first character settings are not
6080 relevant. */
6081
6082 if (bravalue == OP_DEF) break;
6083
6084 /* Handle updating of the required and first characters for other types of
6085 group. Update for normal brackets of all kinds, and conditions with two
6086 branches (see code above). If the bracket is followed by a quantifier with
6087 zero repeat, we have to back off. Hence the definition of zeroreqbyte and
6088 zerofirstbyte outside the main loop so that they can be accessed for the
6089 back off. */
6090
6091 zeroreqbyte = reqbyte;
6092 zerofirstbyte = firstbyte;
6093 groupsetfirstbyte = FALSE;
6094
6095 if (bravalue >= OP_ONCE)
6096 {
6097 /* If we have not yet set a firstbyte in this branch, take it from the
6098 subpattern, remembering that it was set here so that a repeat of more
6099 than one can replicate it as reqbyte if necessary. If the subpattern has
6100 no firstbyte, set "none" for the whole branch. In both cases, a zero
6101 repeat forces firstbyte to "none". */
6102
6103 if (firstbyte == REQ_UNSET)
6104 {
6105 if (subfirstbyte >= 0)
6106 {
6107 firstbyte = subfirstbyte;
6108 groupsetfirstbyte = TRUE;
6109 }
6110 else firstbyte = REQ_NONE;
6111 zerofirstbyte = REQ_NONE;
6112 }
6113
6114 /* If firstbyte was previously set, convert the subpattern's firstbyte
6115 into reqbyte if there wasn't one, using the vary flag that was in
6116 existence beforehand. */
6117
6118 else if (subfirstbyte >= 0 && subreqbyte < 0)
6119 subreqbyte = subfirstbyte | tempreqvary;
6120
6121 /* If the subpattern set a required byte (or set a first byte that isn't
6122 really the first byte - see above), set it. */
6123
6124 if (subreqbyte >= 0) reqbyte = subreqbyte;
6125 }
6126
6127 /* For a forward assertion, we take the reqbyte, if set. This can be
6128 helpful if the pattern that follows the assertion doesn't set a different
6129 char. For example, it's useful for /(?=abcde).+/. We can't set firstbyte
6130 for an assertion, however because it leads to incorrect effect for patterns
6131 such as /(?=a)a.+/ when the "real" "a" would then become a reqbyte instead
6132 of a firstbyte. This is overcome by a scan at the end if there's no
6133 firstbyte, looking for an asserted first char. */
6134
6135 else if (bravalue == OP_ASSERT && subreqbyte >= 0) reqbyte = subreqbyte;
6136 break; /* End of processing '(' */
6137
6138
6139 /* ===================================================================*/
6140 /* Handle metasequences introduced by \. For ones like \d, the ESC_ values
6141 are arranged to be the negation of the corresponding OP_values in the
6142 default case when PCRE_UCP is not set. For the back references, the values
6143 are ESC_REF plus the reference number. Only back references and those types
6144 that consume a character may be repeated. We can test for values between
6145 ESC_b and ESC_Z for the latter; this may have to change if any new ones are
6146 ever created. */
6147
6148 case CHAR_BACKSLASH:
6149 tempptr = ptr;
6150 c = check_escape(&ptr, errorcodeptr, cd->bracount, options, FALSE);
6151 if (*errorcodeptr != 0) goto FAILED;
6152
6153 if (c < 0)
6154 {
6155 if (-c == ESC_Q) /* Handle start of quoted string */
6156 {
6157 if (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
6158 ptr += 2; /* avoid empty string */
6159 else inescq = TRUE;
6160 continue;
6161 }
6162
6163 if (-c == ESC_E) continue; /* Perl ignores an orphan \E */
6164
6165 /* For metasequences that actually match a character, we disable the
6166 setting of a first character if it hasn't already been set. */
6167
6168 if (firstbyte == REQ_UNSET && -c > ESC_b && -c < ESC_Z)
6169 firstbyte = REQ_NONE;
6170
6171 /* Set values to reset to if this is followed by a zero repeat. */
6172
6173 zerofirstbyte = firstbyte;
6174 zeroreqbyte = reqbyte;
6175
6176 /* \g<name> or \g'name' is a subroutine call by name and \g<n> or \g'n'
6177 is a subroutine call by number (Oniguruma syntax). In fact, the value
6178 -ESC_g is returned only for these cases. So we don't need to check for <
6179 or ' if the value is -ESC_g. For the Perl syntax \g{n} the value is
6180 -ESC_REF+n, and for the Perl syntax \g{name} the result is -ESC_k (as
6181 that is a synonym for a named back reference). */
6182
6183 if (-c == ESC_g)
6184 {
6185 const uschar *p;
6186 save_hwm = cd->hwm; /* Normally this is set when '(' is read */
6187 terminator = (*(++ptr) == CHAR_LESS_THAN_SIGN)?
6188 CHAR_GREATER_THAN_SIGN : CHAR_APOSTROPHE;
6189
6190 /* These two statements stop the compiler for warning about possibly
6191 unset variables caused by the jump to HANDLE_NUMERICAL_RECURSION. In
6192 fact, because we actually check for a number below, the paths that
6193 would actually be in error are never taken. */
6194
6195 skipbytes = 0;
6196 reset_bracount = FALSE;
6197
6198 /* Test for a name */
6199
6200 if (ptr[1] != CHAR_PLUS && ptr[1] != CHAR_MINUS)
6201 {
6202 BOOL isnumber = TRUE;
6203 for (p = ptr + 1; *p != 0 && *p != terminator; p++)
6204 {
6205 if ((cd->ctypes[*p] & ctype_digit) == 0) isnumber = FALSE;
6206 if ((cd->ctypes[*p] & ctype_word) == 0) break;
6207 }
6208 if (*p != terminator)
6209 {
6210 *errorcodeptr = ERR57;
6211 break;
6212 }
6213 if (isnumber)
6214 {
6215 ptr++;
6216 goto HANDLE_NUMERICAL_RECURSION;
6217 }
6218 is_recurse = TRUE;
6219 goto NAMED_REF_OR_RECURSE;
6220 }
6221
6222 /* Test a signed number in angle brackets or quotes. */
6223
6224 p = ptr + 2;
6225 while ((digitab[*p] & ctype_digit) != 0) p++;
6226 if (*p != terminator)
6227 {
6228 *errorcodeptr = ERR57;
6229 break;
6230 }
6231 ptr++;
6232 goto HANDLE_NUMERICAL_RECURSION;
6233 }
6234
6235 /* \k<name> or \k'name' is a back reference by name (Perl syntax).
6236 We also support \k{name} (.NET syntax). */
6237
6238 if (-c == ESC_k)
6239 {
6240 if ((ptr[1] != CHAR_LESS_THAN_SIGN &&
6241 ptr[1] != CHAR_APOSTROPHE && ptr[1] != CHAR_LEFT_CURLY_BRACKET))
6242 {
6243 *errorcodeptr = ERR69;
6244 break;
6245 }
6246 is_recurse = FALSE;
6247 terminator = (*(++ptr) == CHAR_LESS_THAN_SIGN)?
6248 CHAR_GREATER_THAN_SIGN : (*ptr == CHAR_APOSTROPHE)?
6249 CHAR_APOSTROPHE : CHAR_RIGHT_CURLY_BRACKET;
6250 goto NAMED_REF_OR_RECURSE;
6251 }
6252
6253 /* Back references are handled specially; must disable firstbyte if
6254 not set to cope with cases like (?=(\w+))\1: which would otherwise set
6255 ':' later. */
6256
6257 if (-c >= ESC_REF)
6258 {
6259 open_capitem *oc;
6260 recno = -c - ESC_REF;
6261
6262 HANDLE_REFERENCE: /* Come here from named backref handling */
6263 if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;
6264 previous = code;
6265 *code++ = ((options & PCRE_CASELESS) != 0)? OP_REFI : OP_REF;
6266 PUT2INC(code, 0, recno);
6267 cd->backref_map |= (recno < 32)? (1 << recno) : 1;
6268 if (recno > cd->top_backref) cd->top_backref = recno;
6269
6270 /* Check to see if this back reference is recursive, that it, it
6271 is inside the group that it references. A flag is set so that the
6272 group can be made atomic. */
6273
6274 for (oc = cd->open_caps; oc != NULL; oc = oc->next)
6275 {
6276 if (oc->number == recno)
6277 {
6278 oc->flag = TRUE;
6279 break;
6280 }
6281 }
6282 }
6283
6284 /* So are Unicode property matches, if supported. */
6285
6286 #ifdef SUPPORT_UCP
6287 else if (-c == ESC_P || -c == ESC_p)
6288 {
6289 BOOL negated;
6290 int pdata;
6291 int ptype = get_ucp(&ptr, &negated, &pdata, errorcodeptr);
6292 if (ptype < 0) goto FAILED;
6293 previous = code;
6294 *code++ = ((-c == ESC_p) != negated)? OP_PROP : OP_NOTPROP;
6295 *code++ = ptype;
6296 *code++ = pdata;
6297 }
6298 #else
6299
6300 /* If Unicode properties are not supported, \X, \P, and \p are not
6301 allowed. */
6302
6303 else if (-c == ESC_X || -c == ESC_P || -c == ESC_p)
6304 {
6305 *errorcodeptr = ERR45;
6306 goto FAILED;
6307 }
6308 #endif
6309
6310 /* For the rest (including \X when Unicode properties are supported), we
6311 can obtain the OP value by negating the escape value in the default
6312 situation when PCRE_UCP is not set. When it *is* set, we substitute
6313 Unicode property tests. */
6314
6315 else
6316 {
6317 #ifdef SUPPORT_UCP
6318 if (-c >= ESC_DU && -c <= ESC_wu)
6319 {
6320 nestptr = ptr + 1; /* Where to resume */
6321 ptr = substitutes[-c - ESC_DU] - 1; /* Just before substitute */
6322 }
6323 else
6324 #endif
6325 {
6326 previous = (-c > ESC_b && -c < ESC_Z)? code : NULL;
6327 *code++ = -c;
6328 }
6329 }
6330 continue;
6331 }
6332
6333 /* We have a data character whose value is in c. In UTF-8 mode it may have
6334 a value > 127. We set its representation in the length/buffer, and then
6335 handle it as a data character. */
6336
6337 #ifdef SUPPORT_UTF8
6338 if (utf8 && c > 127)
6339 mclength = _pcre_ord2utf8(c, mcbuffer);
6340 else
6341 #endif
6342
6343 {
6344 mcbuffer[0] = c;
6345 mclength = 1;
6346 }
6347 goto ONE_CHAR;
6348
6349
6350 /* ===================================================================*/
6351 /* Handle a literal character. It is guaranteed not to be whitespace or #
6352 when the extended flag is set. If we are in UTF-8 mode, it may be a
6353 multi-byte literal character. */
6354
6355 default:
6356 NORMAL_CHAR:
6357 mclength = 1;
6358 mcbuffer[0] = c;
6359
6360 #ifdef SUPPORT_UTF8
6361 if (utf8 && c >= 0xc0)
6362 {
6363 while ((ptr[1] & 0xc0) == 0x80)
6364 mcbuffer[mclength++] = *(++ptr);
6365 }
6366 #endif
6367
6368 /* At this point we have the character's bytes in mcbuffer, and the length
6369 in mclength. When not in UTF-8 mode, the length is always 1. */
6370
6371 ONE_CHAR:
6372 previous = code;
6373 *code++ = ((options & PCRE_CASELESS) != 0)? OP_CHARI : OP_CHAR;
6374 for (c = 0; c < mclength; c++) *code++ = mcbuffer[c];
6375
6376 /* Remember if \r or \n were seen */
6377
6378 if (mcbuffer[0] == CHAR_CR || mcbuffer[0] == CHAR_NL)
6379 cd->external_flags |= PCRE_HASCRORLF;
6380
6381 /* Set the first and required bytes appropriately. If no previous first
6382 byte, set it from this character, but revert to none on a zero repeat.
6383 Otherwise, leave the firstbyte value alone, and don't change it on a zero
6384 repeat. */
6385
6386 if (firstbyte == REQ_UNSET)
6387 {
6388 zerofirstbyte = REQ_NONE;
6389 zeroreqbyte = reqbyte;
6390
6391 /* If the character is more than one byte long, we can set firstbyte
6392 only if it is not to be matched caselessly. */
6393
6394 if (mclength == 1 || req_caseopt == 0)
6395 {
6396 firstbyte = mcbuffer[0] | req_caseopt;
6397 if (mclength != 1) reqbyte = code[-1] | cd->req_varyopt;
6398 }
6399 else firstbyte = reqbyte = REQ_NONE;
6400 }
6401
6402 /* firstbyte was previously set; we can set reqbyte only if the length is
6403 1 or the matching is caseful. */
6404
6405 else
6406 {
6407 zerofirstbyte = firstbyte;
6408 zeroreqbyte = reqbyte;
6409 if (mclength == 1 || req_caseopt == 0)
6410 reqbyte = code[-1] | req_caseopt | cd->req_varyopt;
6411 }
6412
6413 break; /* End of literal character handling */
6414 }
6415 } /* end of big loop */
6416
6417
6418 /* Control never reaches here by falling through, only by a goto for all the
6419 error states. Pass back the position in the pattern so that it can be displayed
6420 to the user for diagnosing the error. */
6421
6422 FAILED:
6423 *ptrptr = ptr;
6424 return FALSE;
6425 }
6426
6427
6428
6429
6430 /*************************************************
6431 * Compile sequence of alternatives *
6432 *************************************************/
6433
6434 /* On entry, ptr is pointing past the bracket character, but on return it
6435 points to the closing bracket, or vertical bar, or end of string. The code
6436 variable is pointing at the byte into which the BRA operator has been stored.
6437 This function is used during the pre-compile phase when we are trying to find
6438 out the amount of memory needed, as well as during the real compile phase. The
6439 value of lengthptr distinguishes the two phases.
6440
6441 Arguments:
6442 options option bits, including any changes for this subpattern
6443 codeptr -> the address of the current code pointer
6444 ptrptr -> the address of the current pattern pointer
6445 errorcodeptr -> pointer to error code variable
6446 lookbehind TRUE if this is a lookbehind assertion
6447 reset_bracount TRUE to reset the count for each branch
6448 skipbytes skip this many bytes at start (for brackets and OP_COND)
6449 cond_depth depth of nesting for conditional subpatterns
6450 firstbyteptr place to put the first required character, or a negative number
6451 reqbyteptr place to put the last required character, or a negative number
6452 bcptr pointer to the chain of currently open branches
6453 cd points to the data block with tables pointers etc.
6454 lengthptr NULL during the real compile phase
6455 points to length accumulator during pre-compile phase
6456
6457 Returns: TRUE on success
6458 */
6459
6460 static BOOL
6461 compile_regex(int options, uschar **codeptr, const uschar **ptrptr,
6462 int *errorcodeptr, BOOL lookbehind, BOOL reset_bracount, int skipbytes,
6463 int cond_depth, int *firstbyteptr, int *reqbyteptr, branch_chain *bcptr,
6464 compile_data *cd, int *lengthptr)
6465 {
6466 const uschar *ptr = *ptrptr;
6467 uschar *code = *codeptr;
6468 uschar *last_branch = code;
6469 uschar *start_bracket = code;
6470 uschar *reverse_count = NULL;
6471 open_capitem capitem;
6472 int capnumber = 0;
6473 int firstbyte, reqbyte;
6474 int branchfirstbyte, branchreqbyte;
6475 int length;
6476 int orig_bracount;
6477 int max_bracount;
6478 branch_chain bc;
6479
6480 bc.outer = bcptr;
6481 bc.current_branch = code;
6482
6483 firstbyte = reqbyte = REQ_UNSET;
6484
6485 /* Accumulate the length for use in the pre-compile phase. Start with the
6486 length of the BRA and KET and any extra bytes that are required at the
6487 beginning. We accumulate in a local variable to save frequent testing of
6488 lenthptr for NULL. We cannot do this by looking at the value of code at the
6489 start and end of each alternative, because compiled items are discarded during
6490 the pre-compile phase so that the work space is not exceeded. */
6491
6492 length = 2 + 2*LINK_SIZE + skipbytes;
6493
6494 /* WARNING: If the above line is changed for any reason, you must also change
6495 the code that abstracts option settings at the start of the pattern and makes
6496 them global. It tests the value of length for (2 + 2*LINK_SIZE) in the
6497 pre-compile phase to find out whether anything has yet been compiled or not. */
6498
6499 /* If this is a capturing subpattern, add to the chain of open capturing items
6500 so that we can detect them if (*ACCEPT) is encountered. This is also used to
6501 detect groups that contain recursive back references to themselves. Note that
6502 only OP_CBRA need be tested here; changing this opcode to one of its variants,
6503 e.g. OP_SCBRAPOS, happens later, after the group has been compiled. */
6504
6505 if (*code == OP_CBRA)
6506 {
6507 capnumber = GET2(code, 1 + LINK_SIZE);
6508 capitem.number = capnumber;
6509 capitem.next = cd->open_caps;
6510 capitem.flag = FALSE;
6511 cd->open_caps = &capitem;
6512 }
6513
6514 /* Offset is set zero to mark that this bracket is still open */
6515
6516 PUT(code, 1, 0);
6517 code += 1 + LINK_SIZE + skipbytes;
6518
6519 /* Loop for each alternative branch */
6520
6521 orig_bracount = max_bracount = cd->bracount;
6522 for (;;)
6523 {
6524 /* For a (?| group, reset the capturing bracket count so that each branch
6525 uses the same numbers. */
6526
6527 if (reset_bracount) cd->bracount = orig_bracount;
6528
6529 /* Set up dummy OP_REVERSE if lookbehind assertion */
6530
6531 if (lookbehind)
6532 {
6533 *code++ = OP_REVERSE;
6534 reverse_count = code;
6535 PUTINC(code, 0, 0);
6536 length += 1 + LINK_SIZE;
6537 }
6538
6539 /* Now compile the branch; in the pre-compile phase its length gets added
6540 into the length. */
6541
6542 if (!compile_branch(&options, &code, &ptr, errorcodeptr, &branchfirstbyte,
6543 &branchreqbyte, &bc, cond_depth, cd,
6544 (lengthptr == NULL)? NULL : &length))
6545 {
6546 *ptrptr = ptr;
6547 return FALSE;
6548 }
6549
6550 /* Keep the highest bracket count in case (?| was used and some branch
6551 has fewer than the rest. */
6552
6553 if (cd->bracount > max_bracount) max_bracount = cd->bracount;
6554
6555 /* In the real compile phase, there is some post-processing to be done. */
6556
6557 if (lengthptr == NULL)
6558 {
6559 /* If this is the first branch, the firstbyte and reqbyte values for the
6560 branch become the values for the regex. */
6561
6562 if (*last_branch != OP_ALT)
6563 {
6564 firstbyte = branchfirstbyte;
6565 reqbyte = branchreqbyte;
6566 }
6567
6568 /* If this is not the first branch, the first char and reqbyte have to
6569 match the values from all the previous branches, except that if the
6570 previous value for reqbyte didn't have REQ_VARY set, it can still match,
6571 and we set REQ_VARY for the regex. */
6572
6573 else
6574 {
6575 /* If we previously had a firstbyte, but it doesn't match the new branch,
6576 we have to abandon the firstbyte for the regex, but if there was
6577 previously no reqbyte, it takes on the value of the old firstbyte. */
6578
6579 if (firstbyte >= 0 && firstbyte != branchfirstbyte)
6580 {
6581 if (reqbyte < 0) reqbyte = firstbyte;
6582 firstbyte = REQ_NONE;
6583 }
6584
6585 /* If we (now or from before) have no firstbyte, a firstbyte from the
6586 branch becomes a reqbyte if there isn't a branch reqbyte. */
6587
6588 if (firstbyte < 0 && branchfirstbyte >= 0 && branchreqbyte < 0)
6589 branchreqbyte = branchfirstbyte;
6590
6591 /* Now ensure that the reqbytes match */
6592
6593 if ((reqbyte & ~REQ_VARY) != (branchreqbyte & ~REQ_VARY))
6594 reqbyte = REQ_NONE;
6595 else reqbyte |= branchreqbyte; /* To "or" REQ_VARY */
6596 }
6597
6598 /* If lookbehind, check that this branch matches a fixed-length string, and
6599 put the length into the OP_REVERSE item. Temporarily mark the end of the
6600 branch with OP_END. If the branch contains OP_RECURSE, the result is -3
6601 because there may be forward references that we can't check here. Set a
6602 flag to cause another lookbehind check at the end. Why not do it all at the
6603 end? Because common, erroneous checks are picked up here and the offset of
6604 the problem can be shown. */
6605
6606 if (lookbehind)
6607 {
6608 int fixed_length;
6609 *code = OP_END;
6610 fixed_length = find_fixedlength(last_branch, (options & PCRE_UTF8) != 0,
6611 FALSE, cd);
6612 DPRINTF(("fixed length = %d\n", fixed_length));
6613 if (fixed_length == -3)
6614 {
6615 cd->check_lookbehind = TRUE;
6616 }
6617 else if (fixed_length < 0)
6618 {
6619 *errorcodeptr = (fixed_length == -2)? ERR36 : ERR25;
6620 *ptrptr = ptr;
6621 return FALSE;
6622 }
6623 else { PUT(reverse_count, 0, fixed_length); }
6624 }
6625 }
6626
6627 /* Reached end of expression, either ')' or end of pattern. In the real
6628 compile phase, go back through the alternative branches and reverse the chain
6629 of offsets, with the field in the BRA item now becoming an offset to the
6630 first alternative. If there are no alternatives, it points to the end of the
6631 group. The length in the terminating ket is always the length of the whole
6632 bracketed item. Return leaving the pointer at the terminating char. */
6633
6634 if (*ptr != CHAR_VERTICAL_LINE)
6635 {
6636 if (lengthptr == NULL)
6637 {
6638 int branch_length = (int)(code - last_branch);
6639 do
6640 {
6641 int prev_length = GET(last_branch, 1);
6642 PUT(last_branch, 1, branch_length);
6643 branch_length = prev_length;
6644 last_branc