/[pcre]/code/trunk/pcre_compile.c
ViewVC logotype

Diff of /code/trunk/pcre_compile.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 116 by ph10, Fri Mar 9 15:23:02 2007 UTC revision 507 by ph10, Wed Mar 10 16:08:01 2010 UTC
# Line 6  Line 6 
6  and semantics are as close as possible to those of the Perl 5 language.  and semantics are as close as possible to those of the Perl 5 language.
7    
8                         Written by Philip Hazel                         Written by Philip Hazel
9             Copyright (c) 1997-2006 University of Cambridge             Copyright (c) 1997-2010 University of Cambridge
10    
11  -----------------------------------------------------------------------------  -----------------------------------------------------------------------------
12  Redistribution and use in source and binary forms, with or without  Redistribution and use in source and binary forms, with or without
# Line 42  POSSIBILITY OF SUCH DAMAGE. Line 42  POSSIBILITY OF SUCH DAMAGE.
42  supporting internal functions that are not used by other modules. */  supporting internal functions that are not used by other modules. */
43    
44    
45    #ifdef HAVE_CONFIG_H
46    #include "config.h"
47    #endif
48    
49  #define NLBLOCK cd             /* Block containing newline information */  #define NLBLOCK cd             /* Block containing newline information */
50  #define PSSTART start_pattern  /* Field containing processed string start */  #define PSSTART start_pattern  /* Field containing processed string start */
51  #define PSEND   end_pattern    /* Field containing processed string end */  #define PSEND   end_pattern    /* Field containing processed string end */
52    
   
53  #include "pcre_internal.h"  #include "pcre_internal.h"
54    
55    
56  /* When DEBUG is defined, we need the pcre_printint() function, which is also  /* When PCRE_DEBUG is defined, we need the pcre_printint() function, which is
57  used by pcretest. DEBUG is not defined when building a production library. */  also used by pcretest. PCRE_DEBUG is not defined when building a production
58    library. */
59    
60  #ifdef DEBUG  #ifdef PCRE_DEBUG
61  #include "pcre_printint.src"  #include "pcre_printint.src"
62  #endif  #endif
63    
64    
65    /* Macro for setting individual bits in class bitmaps. */
66    
67    #define SETBIT(a,b) a[b/8] |= (1 << (b%8))
68    
69    /* Maximum length value to check against when making sure that the integer that
70    holds the compiled pattern length does not overflow. We make it a bit less than
71    INT_MAX to allow for adding in group terminating bytes, so that we don't have
72    to check them every time. */
73    
74    #define OFLOW_MAX (INT_MAX - 20)
75    
76    
77  /*************************************************  /*************************************************
78  *      Code parameters and static tables         *  *      Code parameters and static tables         *
79  *************************************************/  *************************************************/
# Line 76  is 4 there is plenty of room. */ Line 92  is 4 there is plenty of room. */
92    
93  #define COMPILE_WORK_SIZE (4096)  #define COMPILE_WORK_SIZE (4096)
94    
95    /* The overrun tests check for a slightly smaller size so that they detect the
96    overrun before it actually does run off the end of the data block. */
97    
98    #define WORK_SIZE_CHECK (COMPILE_WORK_SIZE - 100)
99    
100    
101  /* Table for handling escaped characters in the range '0'-'z'. Positive returns  /* Table for handling escaped characters in the range '0'-'z'. Positive returns
102  are simple data values; negative values are for special things like \d and so  are simple data values; negative values are for special things like \d and so
103  on. Zero means further processing is needed (for things like \x), or the escape  on. Zero means further processing is needed (for things like \x), or the escape
104  is invalid. */  is invalid. */
105    
106  #ifndef EBCDIC  /* This is the "normal" table for ASCII systems */  #ifndef EBCDIC
107    
108    /* This is the "normal" table for ASCII systems or for EBCDIC systems running
109    in UTF-8 mode. */
110    
111  static const short int escapes[] = {  static const short int escapes[] = {
112       0,      0,      0,      0,      0,      0,      0,      0,   /* 0 - 7 */       0,                       0,
113       0,      0,    ':',    ';',    '<',    '=',    '>',    '?',   /* 8 - ? */       0,                       0,
114     '@', -ESC_A, -ESC_B, -ESC_C, -ESC_D, -ESC_E,      0, -ESC_G,   /* @ - G */       0,                       0,
115       0,      0,      0,      0,      0,      0,      0,      0,   /* H - O */       0,                       0,
116  -ESC_P, -ESC_Q, -ESC_R, -ESC_S,      0,      0,      0, -ESC_W,   /* P - W */       0,                       0,
117  -ESC_X,      0, -ESC_Z,    '[',   '\\',    ']',    '^',    '_',   /* X - _ */       CHAR_COLON,              CHAR_SEMICOLON,
118     '`',      7, -ESC_b,      0, -ESC_d,  ESC_e,  ESC_f,      0,   /* ` - g */       CHAR_LESS_THAN_SIGN,     CHAR_EQUALS_SIGN,
119       0,      0,      0, -ESC_k,      0,      0,  ESC_n,      0,   /* h - o */       CHAR_GREATER_THAN_SIGN,  CHAR_QUESTION_MARK,
120  -ESC_p,      0,  ESC_r, -ESC_s,  ESC_tee,    0,      0, -ESC_w,   /* p - w */       CHAR_COMMERCIAL_AT,      -ESC_A,
121       0,      0, -ESC_z                                            /* x - z */       -ESC_B,                  -ESC_C,
122         -ESC_D,                  -ESC_E,
123         0,                       -ESC_G,
124         -ESC_H,                  0,
125         0,                       -ESC_K,
126         0,                       0,
127         0,                       0,
128         -ESC_P,                  -ESC_Q,
129         -ESC_R,                  -ESC_S,
130         0,                       0,
131         -ESC_V,                  -ESC_W,
132         -ESC_X,                  0,
133         -ESC_Z,                  CHAR_LEFT_SQUARE_BRACKET,
134         CHAR_BACKSLASH,          CHAR_RIGHT_SQUARE_BRACKET,
135         CHAR_CIRCUMFLEX_ACCENT,  CHAR_UNDERSCORE,
136         CHAR_GRAVE_ACCENT,       7,
137         -ESC_b,                  0,
138         -ESC_d,                  ESC_e,
139         ESC_f,                   0,
140         -ESC_h,                  0,
141         0,                       -ESC_k,
142         0,                       0,
143         ESC_n,                   0,
144         -ESC_p,                  0,
145         ESC_r,                   -ESC_s,
146         ESC_tee,                 0,
147         -ESC_v,                  -ESC_w,
148         0,                       0,
149         -ESC_z
150  };  };
151    
152  #else           /* This is the "abnormal" table for EBCDIC systems */  #else
153    
154    /* This is the "abnormal" table for EBCDIC systems without UTF-8 support. */
155    
156  static const short int escapes[] = {  static const short int escapes[] = {
157  /*  48 */     0,     0,      0,     '.',    '<',   '(',    '+',    '|',  /*  48 */     0,     0,      0,     '.',    '<',   '(',    '+',    '|',
158  /*  50 */   '&',     0,      0,       0,      0,     0,      0,      0,  /*  50 */   '&',     0,      0,       0,      0,     0,      0,      0,
# Line 106  static const short int escapes[] = { Line 162  static const short int escapes[] = {
162  /*  70 */     0,     0,      0,       0,      0,     0,      0,      0,  /*  70 */     0,     0,      0,       0,      0,     0,      0,      0,
163  /*  78 */     0,   '`',    ':',     '#',    '@',  '\'',    '=',    '"',  /*  78 */     0,   '`',    ':',     '#',    '@',  '\'',    '=',    '"',
164  /*  80 */     0,     7, -ESC_b,       0, -ESC_d, ESC_e,  ESC_f,      0,  /*  80 */     0,     7, -ESC_b,       0, -ESC_d, ESC_e,  ESC_f,      0,
165  /*  88 */     0,     0,      0,     '{',      0,     0,      0,      0,  /*  88 */-ESC_h,     0,      0,     '{',      0,     0,      0,      0,
166  /*  90 */     0,     0, -ESC_k,     'l',      0, ESC_n,      0, -ESC_p,  /*  90 */     0,     0, -ESC_k,     'l',      0, ESC_n,      0, -ESC_p,
167  /*  98 */     0, ESC_r,      0,     '}',      0,     0,      0,      0,  /*  98 */     0, ESC_r,      0,     '}',      0,     0,      0,      0,
168  /*  A0 */     0,   '~', -ESC_s, ESC_tee,      0,     0, -ESC_w,      0,  /*  A0 */     0,   '~', -ESC_s, ESC_tee,      0,-ESC_v, -ESC_w,      0,
169  /*  A8 */     0,-ESC_z,      0,       0,      0,   '[',      0,      0,  /*  A8 */     0,-ESC_z,      0,       0,      0,   '[',      0,      0,
170  /*  B0 */     0,     0,      0,       0,      0,     0,      0,      0,  /*  B0 */     0,     0,      0,       0,      0,     0,      0,      0,
171  /*  B8 */     0,     0,      0,       0,      0,   ']',    '=',    '-',  /*  B8 */     0,     0,      0,       0,      0,   ']',    '=',    '-',
172  /*  C0 */   '{',-ESC_A, -ESC_B,  -ESC_C, -ESC_D,-ESC_E,      0, -ESC_G,  /*  C0 */   '{',-ESC_A, -ESC_B,  -ESC_C, -ESC_D,-ESC_E,      0, -ESC_G,
173  /*  C8 */     0,     0,      0,       0,      0,     0,      0,      0,  /*  C8 */-ESC_H,     0,      0,       0,      0,     0,      0,      0,
174  /*  D0 */   '}',     0,      0,       0,      0,     0,      0, -ESC_P,  /*  D0 */   '}',     0, -ESC_K,       0,      0,     0,      0, -ESC_P,
175  /*  D8 */-ESC_Q,-ESC_R,      0,       0,      0,     0,      0,      0,  /*  D8 */-ESC_Q,-ESC_R,      0,       0,      0,     0,      0,      0,
176  /*  E0 */  '\\',     0, -ESC_S,       0,      0,     0, -ESC_W, -ESC_X,  /*  E0 */  '\\',     0, -ESC_S,       0,      0,-ESC_V, -ESC_W, -ESC_X,
177  /*  E8 */     0,-ESC_Z,      0,       0,      0,     0,      0,      0,  /*  E8 */     0,-ESC_Z,      0,       0,      0,     0,      0,      0,
178  /*  F0 */     0,     0,      0,       0,      0,     0,      0,      0,  /*  F0 */     0,     0,      0,       0,      0,     0,      0,      0,
179  /*  F8 */     0,     0,      0,       0,      0,     0,      0,      0  /*  F8 */     0,     0,      0,       0,      0,     0,      0,      0
# Line 125  static const short int escapes[] = { Line 181  static const short int escapes[] = {
181  #endif  #endif
182    
183    
184  /* Tables of names of POSIX character classes and their lengths. The list is  /* Table of special "verbs" like (*PRUNE). This is a short table, so it is
185  terminated by a zero length entry. The first three must be alpha, lower, upper,  searched linearly. Put all the names into a single string, in order to reduce
186  as this is assumed for handling case independence. */  the number of relocations when a shared library is dynamically linked. The
187    string is built from string macros so that it works in UTF-8 mode on EBCDIC
188  static const char *const posix_names[] = {  platforms. */
189    "alpha", "lower", "upper",  
190    "alnum", "ascii", "blank", "cntrl", "digit", "graph",  typedef struct verbitem {
191    "print", "punct", "space", "word",  "xdigit" };    int   len;
192      int   op;
193    } verbitem;
194    
195    static const char verbnames[] =
196      STRING_ACCEPT0
197      STRING_COMMIT0
198      STRING_F0
199      STRING_FAIL0
200      STRING_PRUNE0
201      STRING_SKIP0
202      STRING_THEN;
203    
204    static const verbitem verbs[] = {
205      { 6, OP_ACCEPT },
206      { 6, OP_COMMIT },
207      { 1, OP_FAIL },
208      { 4, OP_FAIL },
209      { 5, OP_PRUNE },
210      { 4, OP_SKIP  },
211      { 4, OP_THEN  }
212    };
213    
214    static const int verbcount = sizeof(verbs)/sizeof(verbitem);
215    
216    
217    /* Tables of names of POSIX character classes and their lengths. The names are
218    now all in a single string, to reduce the number of relocations when a shared
219    library is dynamically loaded. The list of lengths is terminated by a zero
220    length entry. The first three must be alpha, lower, upper, as this is assumed
221    for handling case independence. */
222    
223    static const char posix_names[] =
224      STRING_alpha0 STRING_lower0 STRING_upper0 STRING_alnum0
225      STRING_ascii0 STRING_blank0 STRING_cntrl0 STRING_digit0
226      STRING_graph0 STRING_print0 STRING_punct0 STRING_space0
227      STRING_word0  STRING_xdigit;
228    
229  static const uschar posix_name_lengths[] = {  static const uschar posix_name_lengths[] = {
230    5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };    5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };
# Line 171  static const int posix_class_maps[] = { Line 263  static const int posix_class_maps[] = {
263  /* The texts of compile-time error messages. These are "char *" because they  /* The texts of compile-time error messages. These are "char *" because they
264  are passed to the outside world. Do not ever re-use any error number, because  are passed to the outside world. Do not ever re-use any error number, because
265  they are documented. Always add a new error instead. Messages marked DEAD below  they are documented. Always add a new error instead. Messages marked DEAD below
266  are no longer used. */  are no longer used. This used to be a table of strings, but in order to reduce
267    the number of relocations needed when a shared library is loaded dynamically,
268  static const char *error_texts[] = {  it is now one long string. We cannot use a table of offsets, because the
269    "no error",  lengths of inserts such as XSTRING(MAX_NAME_SIZE) are not known. Instead, we
270    "\\ at end of pattern",  simply count through to the one we want - this isn't a performance issue
271    "\\c at end of pattern",  because these strings are used only when there is a compilation error.
272    "unrecognized character follows \\",  
273    "numbers out of order in {} quantifier",  Each substring ends with \0 to insert a null character. This includes the final
274    substring, so that the whole string ends with \0\0, which can be detected when
275    counting through. */
276    
277    static const char error_texts[] =
278      "no error\0"
279      "\\ at end of pattern\0"
280      "\\c at end of pattern\0"
281      "unrecognized character follows \\\0"
282      "numbers out of order in {} quantifier\0"
283    /* 5 */    /* 5 */
284    "number too big in {} quantifier",    "number too big in {} quantifier\0"
285    "missing terminating ] for character class",    "missing terminating ] for character class\0"
286    "invalid escape sequence in character class",    "invalid escape sequence in character class\0"
287    "range out of order in character class",    "range out of order in character class\0"
288    "nothing to repeat",    "nothing to repeat\0"
289    /* 10 */    /* 10 */
290    "operand of unlimited repeat could match the empty string",  /** DEAD **/    "operand of unlimited repeat could match the empty string\0"  /** DEAD **/
291    "internal error: unexpected repeat",    "internal error: unexpected repeat\0"
292    "unrecognized character after (?",    "unrecognized character after (? or (?-\0"
293    "POSIX named classes are supported only within a class",    "POSIX named classes are supported only within a class\0"
294    "missing )",    "missing )\0"
295    /* 15 */    /* 15 */
296    "reference to non-existent subpattern",    "reference to non-existent subpattern\0"
297    "erroffset passed as NULL",    "erroffset passed as NULL\0"
298    "unknown option bit(s) set",    "unknown option bit(s) set\0"
299    "missing ) after comment",    "missing ) after comment\0"
300    "parentheses nested too deeply",  /** DEAD **/    "parentheses nested too deeply\0"  /** DEAD **/
301    /* 20 */    /* 20 */
302    "regular expression too large",    "regular expression is too large\0"
303    "failed to get memory",    "failed to get memory\0"
304    "unmatched parentheses",    "unmatched parentheses\0"
305    "internal error: code overflow",    "internal error: code overflow\0"
306    "unrecognized character after (?<",    "unrecognized character after (?<\0"
307    /* 25 */    /* 25 */
308    "lookbehind assertion is not fixed length",    "lookbehind assertion is not fixed length\0"
309    "malformed number or name after (?(",    "malformed number or name after (?(\0"
310    "conditional group contains more than two branches",    "conditional group contains more than two branches\0"
311    "assertion expected after (?(",    "assertion expected after (?(\0"
312    "(?R or (?digits must be followed by )",    "(?R or (?[+-]digits must be followed by )\0"
313    /* 30 */    /* 30 */
314    "unknown POSIX class name",    "unknown POSIX class name\0"
315    "POSIX collating elements are not supported",    "POSIX collating elements are not supported\0"
316    "this version of PCRE is not compiled with PCRE_UTF8 support",    "this version of PCRE is not compiled with PCRE_UTF8 support\0"
317    "spare error",  /** DEAD **/    "spare error\0"  /** DEAD **/
318    "character value in \\x{...} sequence is too large",    "character value in \\x{...} sequence is too large\0"
319    /* 35 */    /* 35 */
320    "invalid condition (?(0)",    "invalid condition (?(0)\0"
321    "\\C not allowed in lookbehind assertion",    "\\C not allowed in lookbehind assertion\0"
322    "PCRE does not support \\L, \\l, \\N, \\U, or \\u",    "PCRE does not support \\L, \\l, \\N, \\U, or \\u\0"
323    "number after (?C is > 255",    "number after (?C is > 255\0"
324    "closing ) for (?C expected",    "closing ) for (?C expected\0"
325    /* 40 */    /* 40 */
326    "recursive call could loop indefinitely",    "recursive call could loop indefinitely\0"
327    "unrecognized character after (?P",    "unrecognized character after (?P\0"
328    "syntax error in subpattern name (missing terminator)",    "syntax error in subpattern name (missing terminator)\0"
329    "two named subpatterns have the same name",    "two named subpatterns have the same name\0"
330    "invalid UTF-8 string",    "invalid UTF-8 string\0"
331    /* 45 */    /* 45 */
332    "support for \\P, \\p, and \\X has not been compiled",    "support for \\P, \\p, and \\X has not been compiled\0"
333    "malformed \\P or \\p sequence",    "malformed \\P or \\p sequence\0"
334    "unknown property name after \\P or \\p",    "unknown property name after \\P or \\p\0"
335    "subpattern name is too long (maximum " XSTRING(MAX_NAME_SIZE) " characters)",    "subpattern name is too long (maximum " XSTRING(MAX_NAME_SIZE) " characters)\0"
336    "too many named subpatterns (maximum " XSTRING(MAX_NAME_COUNT) ")",    "too many named subpatterns (maximum " XSTRING(MAX_NAME_COUNT) ")\0"
337    /* 50 */    /* 50 */
338    "repeated subpattern is too long",    "repeated subpattern is too long\0"    /** DEAD **/
339    "octal value is greater than \\377 (not in UTF-8 mode)",    "octal value is greater than \\377 (not in UTF-8 mode)\0"
340    "internal error: overran compiling workspace",    "internal error: overran compiling workspace\0"
341    "internal error: previously-checked referenced subpattern not found",    "internal error: previously-checked referenced subpattern not found\0"
342    "DEFINE group contains more than one branch",    "DEFINE group contains more than one branch\0"
343    /* 55 */    /* 55 */
344    "repeating a DEFINE group is not allowed",    "repeating a DEFINE group is not allowed\0"
345    "inconsistent NEWLINE options",    "inconsistent NEWLINE options\0"
346    "\\g is not followed by an (optionally braced) non-zero number"    "\\g is not followed by a braced, angle-bracketed, or quoted name/number or by a plain number\0"
347  };    "a numbered reference must not be zero\0"
348      "(*VERB) with an argument is not supported\0"
349      /* 60 */
350      "(*VERB) not recognized\0"
351      "number is too big\0"
352      "subpattern name expected\0"
353      "digit expected after (?+\0"
354      "] is an invalid data character in JavaScript compatibility mode\0"
355      /* 65 */
356      "different names for subpatterns of the same number are not allowed\0";
357    
358  /* Table to identify digits and hex digits. This is used when compiling  /* Table to identify digits and hex digits. This is used when compiling
359  patterns. Note that the tables in chartables are dependent on the locale, and  patterns. Note that the tables in chartables are dependent on the locale, and
# Line 262  For convenience, we use the same bit def Line 371  For convenience, we use the same bit def
371    
372  Then we can use ctype_digit and ctype_xdigit in the code. */  Then we can use ctype_digit and ctype_xdigit in the code. */
373    
374  #ifndef EBCDIC  /* This is the "normal" case, for ASCII systems */  #ifndef EBCDIC
375    
376    /* This is the "normal" case, for ASCII systems, and EBCDIC systems running in
377    UTF-8 mode. */
378    
379  static const unsigned char digitab[] =  static const unsigned char digitab[] =
380    {    {
381    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7 */
# Line 298  static const unsigned char digitab[] = Line 411  static const unsigned char digitab[] =
411    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 240-247 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 240-247 */
412    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};/* 248-255 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};/* 248-255 */
413    
414  #else           /* This is the "abnormal" case, for EBCDIC systems */  #else
415    
416    /* This is the "abnormal" case, for EBCDIC systems not running in UTF-8 mode. */
417    
418  static const unsigned char digitab[] =  static const unsigned char digitab[] =
419    {    {
420    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7  0 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7  0 */
# Line 373  static const unsigned char ebcdic_charta Line 489  static const unsigned char ebcdic_charta
489  /* Definition to allow mutual recursion */  /* Definition to allow mutual recursion */
490    
491  static BOOL  static BOOL
492    compile_regex(int, int, uschar **, const uschar **, int *, BOOL, int, int *,    compile_regex(int, int, uschar **, const uschar **, int *, BOOL, BOOL, int,
493      int *, branch_chain *, compile_data *, int *);      int *, int *, branch_chain *, compile_data *, int *);
494    
495    
496    
497    /*************************************************
498    *            Find an error text                  *
499    *************************************************/
500    
501    /* The error texts are now all in one long string, to save on relocations. As
502    some of the text is of unknown length, we can't use a table of offsets.
503    Instead, just count through the strings. This is not a performance issue
504    because it happens only when there has been a compilation error.
505    
506    Argument:   the error number
507    Returns:    pointer to the error string
508    */
509    
510    static const char *
511    find_error_text(int n)
512    {
513    const char *s = error_texts;
514    for (; n > 0; n--)
515      {
516      while (*s++ != 0) {};
517      if (*s == 0) return "Error text not found (please report)";
518      }
519    return s;
520    }
521    
522    
523  /*************************************************  /*************************************************
# Line 399  Arguments: Line 541  Arguments:
541    
542  Returns:         zero or positive => a data character  Returns:         zero or positive => a data character
543                   negative => a special escape sequence                   negative => a special escape sequence
544                   on error, errorptr is set                   on error, errorcodeptr is set
545  */  */
546    
547  static int  static int
# Line 417  ptr--;                            /* Set Line 559  ptr--;                            /* Set
559    
560  if (c == 0) *errorcodeptr = ERR1;  if (c == 0) *errorcodeptr = ERR1;
561    
562  /* Non-alphamerics are literals. For digits or letters, do an initial lookup in  /* Non-alphanumerics are literals. For digits or letters, do an initial lookup
563  a table. A non-zero result is something that can be returned immediately.  in a table. A non-zero result is something that can be returned immediately.
564  Otherwise further processing may be required. */  Otherwise further processing may be required. */
565    
566  #ifndef EBCDIC  /* ASCII coding */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
567  else if (c < '0' || c > 'z') {}                           /* Not alphameric */  else if (c < CHAR_0 || c > CHAR_z) {}                     /* Not alphanumeric */
568  else if ((i = escapes[c - '0']) != 0) c = i;  else if ((i = escapes[c - CHAR_0]) != 0) c = i;
569    
570  #else           /* EBCDIC coding */  #else           /* EBCDIC coding */
571  else if (c < 'a' || (ebcdic_chartab[c] & 0x0E) == 0) {}   /* Not alphameric */  else if (c < 'a' || (ebcdic_chartab[c] & 0x0E) == 0) {}   /* Not alphanumeric */
572  else if ((i = escapes[c - 0x48]) != 0)  c = i;  else if ((i = escapes[c - 0x48]) != 0)  c = i;
573  #endif  #endif
574    
# Line 442  else Line 584  else
584      /* A number of Perl escapes are not handled by PCRE. We give an explicit      /* A number of Perl escapes are not handled by PCRE. We give an explicit
585      error. */      error. */
586    
587      case 'l':      case CHAR_l:
588      case 'L':      case CHAR_L:
589      case 'N':      case CHAR_N:
590      case 'u':      case CHAR_u:
591      case 'U':      case CHAR_U:
592      *errorcodeptr = ERR37;      *errorcodeptr = ERR37;
593      break;      break;
594    
595      /* \g must be followed by a number, either plain or braced. If positive, it      /* \g must be followed by one of a number of specific things:
596      is an absolute backreference. If negative, it is a relative backreference.  
597      This is a Perl 5.10 feature. */      (1) A number, either plain or braced. If positive, it is an absolute
598        backreference. If negative, it is a relative backreference. This is a Perl
599        5.10 feature.
600    
601        (2) Perl 5.10 also supports \g{name} as a reference to a named group. This
602        is part of Perl's movement towards a unified syntax for back references. As
603        this is synonymous with \k{name}, we fudge it up by pretending it really
604        was \k.
605    
606        (3) For Oniguruma compatibility we also support \g followed by a name or a
607        number either in angle brackets or in single quotes. However, these are
608        (possibly recursive) subroutine calls, _not_ backreferences. Just return
609        the -ESC_g code (cf \k). */
610    
611        case CHAR_g:
612        if (ptr[1] == CHAR_LESS_THAN_SIGN || ptr[1] == CHAR_APOSTROPHE)
613          {
614          c = -ESC_g;
615          break;
616          }
617    
618        /* Handle the Perl-compatible cases */
619    
620      case 'g':      if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
     if (ptr[1] == '{')  
621        {        {
622          const uschar *p;
623          for (p = ptr+2; *p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET; p++)
624            if (*p != CHAR_MINUS && (digitab[*p] & ctype_digit) == 0) break;
625          if (*p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET)
626            {
627            c = -ESC_k;
628            break;
629            }
630        braced = TRUE;        braced = TRUE;
631        ptr++;        ptr++;
632        }        }
633      else braced = FALSE;      else braced = FALSE;
634    
635      if (ptr[1] == '-')      if (ptr[1] == CHAR_MINUS)
636        {        {
637        negated = TRUE;        negated = TRUE;
638        ptr++;        ptr++;
# Line 471  else Line 641  else
641    
642      c = 0;      c = 0;
643      while ((digitab[ptr[1]] & ctype_digit) != 0)      while ((digitab[ptr[1]] & ctype_digit) != 0)
644        c = c * 10 + *(++ptr) - '0';        c = c * 10 + *(++ptr) - CHAR_0;
645    
646      if (c == 0 || (braced && *(++ptr) != '}'))      if (c < 0)   /* Integer overflow */
647          {
648          *errorcodeptr = ERR61;
649          break;
650          }
651    
652        if (braced && *(++ptr) != CHAR_RIGHT_CURLY_BRACKET)
653        {        {
654        *errorcodeptr = ERR57;        *errorcodeptr = ERR57;
655        return 0;        break;
656          }
657    
658        if (c == 0)
659          {
660          *errorcodeptr = ERR58;
661          break;
662        }        }
663    
664      if (negated)      if (negated)
# Line 484  else Line 666  else
666        if (c > bracount)        if (c > bracount)
667          {          {
668          *errorcodeptr = ERR15;          *errorcodeptr = ERR15;
669          return 0;          break;
670          }          }
671        c = bracount - (c - 1);        c = bracount - (c - 1);
672        }        }
# Line 504  else Line 686  else
686      value is greater than 377, the least significant 8 bits are taken. Inside a      value is greater than 377, the least significant 8 bits are taken. Inside a
687      character class, \ followed by a digit is always an octal number. */      character class, \ followed by a digit is always an octal number. */
688    
689      case '1': case '2': case '3': case '4': case '5':      case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4: case CHAR_5:
690      case '6': case '7': case '8': case '9':      case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
691    
692      if (!isclass)      if (!isclass)
693        {        {
694        oldptr = ptr;        oldptr = ptr;
695        c -= '0';        c -= CHAR_0;
696        while ((digitab[ptr[1]] & ctype_digit) != 0)        while ((digitab[ptr[1]] & ctype_digit) != 0)
697          c = c * 10 + *(++ptr) - '0';          c = c * 10 + *(++ptr) - CHAR_0;
698          if (c < 0)    /* Integer overflow */
699            {
700            *errorcodeptr = ERR61;
701            break;
702            }
703        if (c < 10 || c <= bracount)        if (c < 10 || c <= bracount)
704          {          {
705          c = -(ESC_REF + c);          c = -(ESC_REF + c);
# Line 525  else Line 712  else
712      generates a binary zero byte and treats the digit as a following literal.      generates a binary zero byte and treats the digit as a following literal.
713      Thus we have to pull back the pointer by one. */      Thus we have to pull back the pointer by one. */
714    
715      if ((c = *ptr) >= '8')      if ((c = *ptr) >= CHAR_8)
716        {        {
717        ptr--;        ptr--;
718        c = 0;        c = 0;
# Line 538  else Line 725  else
725      to do). Nowadays we allow for larger numbers in UTF-8 mode, but no more      to do). Nowadays we allow for larger numbers in UTF-8 mode, but no more
726      than 3 octal digits. */      than 3 octal digits. */
727    
728      case '0':      case CHAR_0:
729      c -= '0';      c -= CHAR_0;
730      while(i++ < 2 && ptr[1] >= '0' && ptr[1] <= '7')      while(i++ < 2 && ptr[1] >= CHAR_0 && ptr[1] <= CHAR_7)
731          c = c * 8 + *(++ptr) - '0';          c = c * 8 + *(++ptr) - CHAR_0;
732      if (!utf8 && c > 255) *errorcodeptr = ERR51;      if (!utf8 && c > 255) *errorcodeptr = ERR51;
733      break;      break;
734    
# Line 549  else Line 736  else
736      than 0xff in utf8 mode, but only if the ddd are hex digits. If not, { is      than 0xff in utf8 mode, but only if the ddd are hex digits. If not, { is
737      treated as a data character. */      treated as a data character. */
738    
739      case 'x':      case CHAR_x:
740      if (ptr[1] == '{')      if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
741        {        {
742        const uschar *pt = ptr + 2;        const uschar *pt = ptr + 2;
743        int count = 0;        int count = 0;
# Line 559  else Line 746  else
746        while ((digitab[*pt] & ctype_xdigit) != 0)        while ((digitab[*pt] & ctype_xdigit) != 0)
747          {          {
748          register int cc = *pt++;          register int cc = *pt++;
749          if (c == 0 && cc == '0') continue;     /* Leading zeroes */          if (c == 0 && cc == CHAR_0) continue;     /* Leading zeroes */
750          count++;          count++;
751    
752  #ifndef EBCDIC  /* ASCII coding */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
753          if (cc >= 'a') cc -= 32;               /* Convert to upper case */          if (cc >= CHAR_a) cc -= 32;               /* Convert to upper case */
754          c = (c << 4) + cc - ((cc < 'A')? '0' : ('A' - 10));          c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
755  #else           /* EBCDIC coding */  #else           /* EBCDIC coding */
756          if (cc >= 'a' && cc <= 'z') cc += 64;  /* Convert to upper case */          if (cc >= CHAR_a && cc <= CHAR_z) cc += 64;  /* Convert to upper case */
757          c = (c << 4) + cc - ((cc >= '0')? '0' : ('A' - 10));          c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
758  #endif  #endif
759          }          }
760    
761        if (*pt == '}')        if (*pt == CHAR_RIGHT_CURLY_BRACKET)
762          {          {
763          if (c < 0 || count > (utf8? 8 : 2)) *errorcodeptr = ERR34;          if (c < 0 || count > (utf8? 8 : 2)) *errorcodeptr = ERR34;
764          ptr = pt;          ptr = pt;
# Line 587  else Line 774  else
774      c = 0;      c = 0;
775      while (i++ < 2 && (digitab[ptr[1]] & ctype_xdigit) != 0)      while (i++ < 2 && (digitab[ptr[1]] & ctype_xdigit) != 0)
776        {        {
777        int cc;                               /* Some compilers don't like ++ */        int cc;                                  /* Some compilers don't like */
778        cc = *(++ptr);                        /* in initializers */        cc = *(++ptr);                           /* ++ in initializers */
779  #ifndef EBCDIC  /* ASCII coding */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
780        if (cc >= 'a') cc -= 32;              /* Convert to upper case */        if (cc >= CHAR_a) cc -= 32;              /* Convert to upper case */
781        c = c * 16 + cc - ((cc < 'A')? '0' : ('A' - 10));        c = c * 16 + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
782  #else           /* EBCDIC coding */  #else           /* EBCDIC coding */
783        if (cc <= 'z') cc += 64;              /* Convert to upper case */        if (cc <= CHAR_z) cc += 64;              /* Convert to upper case */
784        c = c * 16 + cc - ((cc >= '0')? '0' : ('A' - 10));        c = c * 16 + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
785  #endif  #endif
786        }        }
787      break;      break;
# Line 603  else Line 790  else
790      This coding is ASCII-specific, but then the whole concept of \cx is      This coding is ASCII-specific, but then the whole concept of \cx is
791      ASCII-specific. (However, an EBCDIC equivalent has now been added.) */      ASCII-specific. (However, an EBCDIC equivalent has now been added.) */
792    
793      case 'c':      case CHAR_c:
794      c = *(++ptr);      c = *(++ptr);
795      if (c == 0)      if (c == 0)
796        {        {
797        *errorcodeptr = ERR2;        *errorcodeptr = ERR2;
798        return 0;        break;
799        }        }
800    
801  #ifndef EBCDIC  /* ASCII coding */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
802      if (c >= 'a' && c <= 'z') c -= 32;      if (c >= CHAR_a && c <= CHAR_z) c -= 32;
803      c ^= 0x40;      c ^= 0x40;
804  #else           /* EBCDIC coding */  #else           /* EBCDIC coding */
805      if (c >= 'a' && c <= 'z') c += 64;      if (c >= CHAR_a && c <= CHAR_z) c += 64;
806      c ^= 0xC0;      c ^= 0xC0;
807  #endif  #endif
808      break;      break;
809    
810      /* PCRE_EXTRA enables extensions to Perl in the matter of escapes. Any      /* PCRE_EXTRA enables extensions to Perl in the matter of escapes. Any
811      other alphameric following \ is an error if PCRE_EXTRA was set; otherwise,      other alphanumeric following \ is an error if PCRE_EXTRA was set;
812      for Perl compatibility, it is a literal. This code looks a bit odd, but      otherwise, for Perl compatibility, it is a literal. This code looks a bit
813      there used to be some cases other than the default, and there may be again      odd, but there used to be some cases other than the default, and there may
814      in future, so I haven't "optimized" it. */      be again in future, so I haven't "optimized" it. */
815    
816      default:      default:
817      if ((options & PCRE_EXTRA) != 0) switch(c)      if ((options & PCRE_EXTRA) != 0) switch(c)
# Line 677  if (c == 0) goto ERROR_RETURN; Line 864  if (c == 0) goto ERROR_RETURN;
864  /* \P or \p can be followed by a name in {}, optionally preceded by ^ for  /* \P or \p can be followed by a name in {}, optionally preceded by ^ for
865  negation. */  negation. */
866    
867  if (c == '{')  if (c == CHAR_LEFT_CURLY_BRACKET)
868    {    {
869    if (ptr[1] == '^')    if (ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
870      {      {
871      *negptr = TRUE;      *negptr = TRUE;
872      ptr++;      ptr++;
873      }      }
874    for (i = 0; i < sizeof(name) - 1; i++)    for (i = 0; i < (int)sizeof(name) - 1; i++)
875      {      {
876      c = *(++ptr);      c = *(++ptr);
877      if (c == 0) goto ERROR_RETURN;      if (c == 0) goto ERROR_RETURN;
878      if (c == '}') break;      if (c == CHAR_RIGHT_CURLY_BRACKET) break;
879      name[i] = c;      name[i] = c;
880      }      }
881    if (c !='}') goto ERROR_RETURN;    if (c != CHAR_RIGHT_CURLY_BRACKET) goto ERROR_RETURN;
882    name[i] = 0;    name[i] = 0;
883    }    }
884    
# Line 713  top = _pcre_utt_size; Line 900  top = _pcre_utt_size;
900  while (bot < top)  while (bot < top)
901    {    {
902    i = (bot + top) >> 1;    i = (bot + top) >> 1;
903    c = strcmp(name, _pcre_utt[i].name);    c = strcmp(name, _pcre_utt_names + _pcre_utt[i].name_offset);
904    if (c == 0)    if (c == 0)
905      {      {
906      *dptr = _pcre_utt[i].value;      *dptr = _pcre_utt[i].value;
# Line 756  is_counted_repeat(const uschar *p) Line 943  is_counted_repeat(const uschar *p)
943  {  {
944  if ((digitab[*p++] & ctype_digit) == 0) return FALSE;  if ((digitab[*p++] & ctype_digit) == 0) return FALSE;
945  while ((digitab[*p] & ctype_digit) != 0) p++;  while ((digitab[*p] & ctype_digit) != 0) p++;
946  if (*p == '}') return TRUE;  if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
947    
948  if (*p++ != ',') return FALSE;  if (*p++ != CHAR_COMMA) return FALSE;
949  if (*p == '}') return TRUE;  if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
950    
951  if ((digitab[*p++] & ctype_digit) == 0) return FALSE;  if ((digitab[*p++] & ctype_digit) == 0) return FALSE;
952  while ((digitab[*p] & ctype_digit) != 0) p++;  while ((digitab[*p] & ctype_digit) != 0) p++;
953    
954  return (*p == '}');  return (*p == CHAR_RIGHT_CURLY_BRACKET);
955  }  }
956    
957    
# Line 797  int max = -1; Line 984  int max = -1;
984  /* Read the minimum value and do a paranoid check: a negative value indicates  /* Read the minimum value and do a paranoid check: a negative value indicates
985  an integer overflow. */  an integer overflow. */
986    
987  while ((digitab[*p] & ctype_digit) != 0) min = min * 10 + *p++ - '0';  while ((digitab[*p] & ctype_digit) != 0) min = min * 10 + *p++ - CHAR_0;
988  if (min < 0 || min > 65535)  if (min < 0 || min > 65535)
989    {    {
990    *errorcodeptr = ERR5;    *errorcodeptr = ERR5;
# Line 807  if (min < 0 || min > 65535) Line 994  if (min < 0 || min > 65535)
994  /* Read the maximum value if there is one, and again do a paranoid on its size.  /* Read the maximum value if there is one, and again do a paranoid on its size.
995  Also, max must not be less than min. */  Also, max must not be less than min. */
996    
997  if (*p == '}') max = min; else  if (*p == CHAR_RIGHT_CURLY_BRACKET) max = min; else
998    {    {
999    if (*(++p) != '}')    if (*(++p) != CHAR_RIGHT_CURLY_BRACKET)
1000      {      {
1001      max = 0;      max = 0;
1002      while((digitab[*p] & ctype_digit) != 0) max = max * 10 + *p++ - '0';      while((digitab[*p] & ctype_digit) != 0) max = max * 10 + *p++ - CHAR_0;
1003      if (max < 0 || max > 65535)      if (max < 0 || max > 65535)
1004        {        {
1005        *errorcodeptr = ERR5;        *errorcodeptr = ERR5;
# Line 837  return p; Line 1024  return p;
1024    
1025    
1026  /*************************************************  /*************************************************
1027  *       Find forward referenced subpattern       *  *  Subroutine for finding forward reference      *
1028  *************************************************/  *************************************************/
1029    
1030  /* This function scans along a pattern's text looking for capturing  /* This recursive function is called only from find_parens() below. The
1031    top-level call starts at the beginning of the pattern. All other calls must
1032    start at a parenthesis. It scans along a pattern's text looking for capturing
1033  subpatterns, and counting them. If it finds a named pattern that matches the  subpatterns, and counting them. If it finds a named pattern that matches the
1034  name it is given, it returns its number. Alternatively, if the name is NULL, it  name it is given, it returns its number. Alternatively, if the name is NULL, it
1035  returns when it reaches a given numbered subpattern. This is used for forward  returns when it reaches a given numbered subpattern. We know that if (?P< is
1036  references to subpatterns. We know that if (?P< is encountered, the name will  encountered, the name will be terminated by '>' because that is checked in the
1037  be terminated by '>' because that is checked in the first pass.  first pass. Recursion is used to keep track of subpatterns that reset the
1038    capturing group numbers - the (?| feature.
1039    
1040  Arguments:  Arguments:
1041    ptr          current position in the pattern    ptrptr       address of the current character pointer (updated)
1042    count        current count of capturing parens so far encountered    cd           compile background data
1043    name         name to seek, or NULL if seeking a numbered subpattern    name         name to seek, or NULL if seeking a numbered subpattern
1044    lorn         name length, or subpattern number if name is NULL    lorn         name length, or subpattern number if name is NULL
1045    xmode        TRUE if we are in /x mode    xmode        TRUE if we are in /x mode
1046      count        pointer to the current capturing subpattern number (updated)
1047    
1048  Returns:       the number of the named subpattern, or -1 if not found  Returns:       the number of the named subpattern, or -1 if not found
1049  */  */
1050    
1051  static int  static int
1052  find_parens(const uschar *ptr, int count, const uschar *name, int lorn,  find_parens_sub(uschar **ptrptr, compile_data *cd, const uschar *name, int lorn,
1053    BOOL xmode)    BOOL xmode, int *count)
1054  {  {
1055  const uschar *thisname;  uschar *ptr = *ptrptr;
1056    int start_count = *count;
1057    int hwm_count = start_count;
1058    BOOL dup_parens = FALSE;
1059    
1060  for (; *ptr != 0; ptr++)  /* If the first character is a parenthesis, check on the type of group we are
1061    dealing with. The very first call may not start with a parenthesis. */
1062    
1063    if (ptr[0] == CHAR_LEFT_PARENTHESIS)
1064    {    {
1065    int term;    if (ptr[1] == CHAR_QUESTION_MARK &&
1066          ptr[2] == CHAR_VERTICAL_LINE)
1067        {
1068        ptr += 3;
1069        dup_parens = TRUE;
1070        }
1071    
1072      /* Handle a normal, unnamed capturing parenthesis */
1073    
1074      else if (ptr[1] != CHAR_QUESTION_MARK && ptr[1] != CHAR_ASTERISK)
1075        {
1076        *count += 1;
1077        if (name == NULL && *count == lorn) return *count;
1078        ptr++;
1079        }
1080    
1081      /* Handle a condition. If it is an assertion, just carry on so that it
1082      is processed as normal. If not, skip to the closing parenthesis of the
1083      condition (there can't be any nested parens. */
1084    
1085      else if (ptr[2] == CHAR_LEFT_PARENTHESIS)
1086        {
1087        ptr += 2;
1088        if (ptr[1] != CHAR_QUESTION_MARK)
1089          {
1090          while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
1091          if (*ptr != 0) ptr++;
1092          }
1093        }
1094    
1095      /* We have either (? or (* and not a condition */
1096    
1097      else
1098        {
1099        ptr += 2;
1100        if (*ptr == CHAR_P) ptr++;                      /* Allow optional P */
1101    
1102        /* We have to disambiguate (?<! and (?<= from (?<name> for named groups */
1103    
1104        if ((*ptr == CHAR_LESS_THAN_SIGN && ptr[1] != CHAR_EXCLAMATION_MARK &&
1105            ptr[1] != CHAR_EQUALS_SIGN) || *ptr == CHAR_APOSTROPHE)
1106          {
1107          int term;
1108          const uschar *thisname;
1109          *count += 1;
1110          if (name == NULL && *count == lorn) return *count;
1111          term = *ptr++;
1112          if (term == CHAR_LESS_THAN_SIGN) term = CHAR_GREATER_THAN_SIGN;
1113          thisname = ptr;
1114          while (*ptr != term) ptr++;
1115          if (name != NULL && lorn == ptr - thisname &&
1116              strncmp((const char *)name, (const char *)thisname, lorn) == 0)
1117            return *count;
1118          term++;
1119          }
1120        }
1121      }
1122    
1123    /* Past any initial parenthesis handling, scan for parentheses or vertical
1124    bars. */
1125    
1126    for (; *ptr != 0; ptr++)
1127      {
1128    /* Skip over backslashed characters and also entire \Q...\E */    /* Skip over backslashed characters and also entire \Q...\E */
1129    
1130    if (*ptr == '\\')    if (*ptr == CHAR_BACKSLASH)
1131      {      {
1132      if (*(++ptr) == 0) return -1;      if (*(++ptr) == 0) goto FAIL_EXIT;
1133      if (*ptr == 'Q') for (;;)      if (*ptr == CHAR_Q) for (;;)
1134        {        {
1135        while (*(++ptr) != 0 && *ptr != '\\');        while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};
1136        if (*ptr == 0) return -1;        if (*ptr == 0) goto FAIL_EXIT;
1137        if (*(++ptr) == 'E') break;        if (*(++ptr) == CHAR_E) break;
1138        }        }
1139      continue;      continue;
1140      }      }
1141    
1142    /* Skip over character classes */    /* Skip over character classes; this logic must be similar to the way they
1143      are handled for real. If the first character is '^', skip it. Also, if the
1144      first few characters (either before or after ^) are \Q\E or \E we skip them
1145      too. This makes for compatibility with Perl. Note the use of STR macros to
1146      encode "Q\\E" so that it works in UTF-8 on EBCDIC platforms. */
1147    
1148    if (*ptr == '[')    if (*ptr == CHAR_LEFT_SQUARE_BRACKET)
1149      {      {
1150      while (*(++ptr) != ']')      BOOL negate_class = FALSE;
1151        for (;;)
1152        {        {
1153        if (*ptr == '\\')        if (ptr[1] == CHAR_BACKSLASH)
1154          {          {
1155          if (*(++ptr) == 0) return -1;          if (ptr[2] == CHAR_E)
1156          if (*ptr == 'Q') for (;;)            ptr+= 2;
1157            else if (strncmp((const char *)ptr+2,
1158                     STR_Q STR_BACKSLASH STR_E, 3) == 0)
1159              ptr += 4;
1160            else
1161              break;
1162            }
1163          else if (!negate_class && ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
1164            {
1165            negate_class = TRUE;
1166            ptr++;
1167            }
1168          else break;
1169          }
1170    
1171        /* If the next character is ']', it is a data character that must be
1172        skipped, except in JavaScript compatibility mode. */
1173    
1174        if (ptr[1] == CHAR_RIGHT_SQUARE_BRACKET &&
1175            (cd->external_options & PCRE_JAVASCRIPT_COMPAT) == 0)
1176          ptr++;
1177    
1178        while (*(++ptr) != CHAR_RIGHT_SQUARE_BRACKET)
1179          {
1180          if (*ptr == 0) return -1;
1181          if (*ptr == CHAR_BACKSLASH)
1182            {
1183            if (*(++ptr) == 0) goto FAIL_EXIT;
1184            if (*ptr == CHAR_Q) for (;;)
1185            {            {
1186            while (*(++ptr) != 0 && *ptr != '\\');            while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};
1187            if (*ptr == 0) return -1;            if (*ptr == 0) goto FAIL_EXIT;
1188            if (*(++ptr) == 'E') break;            if (*(++ptr) == CHAR_E) break;
1189            }            }
1190          continue;          continue;
1191          }          }
# Line 904  for (; *ptr != 0; ptr++) Line 1195  for (; *ptr != 0; ptr++)
1195    
1196    /* Skip comments in /x mode */    /* Skip comments in /x mode */
1197    
1198    if (xmode && *ptr == '#')    if (xmode && *ptr == CHAR_NUMBER_SIGN)
1199      {      {
1200      while (*(++ptr) != 0 && *ptr != '\n');      while (*(++ptr) != 0 && *ptr != CHAR_NL) {};
1201      if (*ptr == 0) return -1;      if (*ptr == 0) goto FAIL_EXIT;
1202      continue;      continue;
1203      }      }
1204    
1205    /* An opening parens must now be a real metacharacter */    /* Check for the special metacharacters */
1206    
1207    if (*ptr != '(') continue;    if (*ptr == CHAR_LEFT_PARENTHESIS)
   if (ptr[1] != '?')  
1208      {      {
1209      count++;      int rc = find_parens_sub(&ptr, cd, name, lorn, xmode, count);
1210      if (name == NULL && count == lorn) return count;      if (rc > 0) return rc;
1211      continue;      if (*ptr == 0) goto FAIL_EXIT;
1212      }      }
1213    
1214    ptr += 2;    else if (*ptr == CHAR_RIGHT_PARENTHESIS)
1215    if (*ptr == 'P') ptr++;                      /* Allow optional P */      {
1216        if (dup_parens && *count < hwm_count) *count = hwm_count;
1217        *ptrptr = ptr;
1218        return -1;
1219        }
1220    
1221    /* We have to disambiguate (?<! and (?<= from (?<name> */    else if (*ptr == CHAR_VERTICAL_LINE && dup_parens)
1222        {
1223        if (*count > hwm_count) hwm_count = *count;
1224        *count = start_count;
1225        }
1226      }
1227    
1228    if ((*ptr != '<' || ptr[1] == '!' || ptr[1] == '=') &&  FAIL_EXIT:
1229         *ptr != '\'')  *ptrptr = ptr;
1230      continue;  return -1;
1231    }
1232    
1233    
1234    
1235    
1236    /*************************************************
1237    *       Find forward referenced subpattern       *
1238    *************************************************/
1239    
1240    /* This function scans along a pattern's text looking for capturing
1241    subpatterns, and counting them. If it finds a named pattern that matches the
1242    name it is given, it returns its number. Alternatively, if the name is NULL, it
1243    returns when it reaches a given numbered subpattern. This is used for forward
1244    references to subpatterns. We used to be able to start this scan from the
1245    current compiling point, using the current count value from cd->bracount, and
1246    do it all in a single loop, but the addition of the possibility of duplicate
1247    subpattern numbers means that we have to scan from the very start, in order to
1248    take account of such duplicates, and to use a recursive function to keep track
1249    of the different types of group.
1250    
1251    Arguments:
1252      cd           compile background data
1253      name         name to seek, or NULL if seeking a numbered subpattern
1254      lorn         name length, or subpattern number if name is NULL
1255      xmode        TRUE if we are in /x mode
1256    
1257    Returns:       the number of the found subpattern, or -1 if not found
1258    */
1259    
1260    count++;  static int
1261    find_parens(compile_data *cd, const uschar *name, int lorn, BOOL xmode)
1262    {
1263    uschar *ptr = (uschar *)cd->start_pattern;
1264    int count = 0;
1265    int rc;
1266    
1267    /* If the pattern does not start with an opening parenthesis, the first call
1268    to find_parens_sub() will scan right to the end (if necessary). However, if it
1269    does start with a parenthesis, find_parens_sub() will return when it hits the
1270    matching closing parens. That is why we have to have a loop. */
1271    
1272    if (name == NULL && count == lorn) return count;  for (;;)
1273    term = *ptr++;    {
1274    if (term == '<') term = '>';    rc = find_parens_sub(&ptr, cd, name, lorn, xmode, &count);
1275    thisname = ptr;    if (rc > 0 || *ptr++ == 0) break;
   while (*ptr != term) ptr++;  
   if (name != NULL && lorn == ptr - thisname &&  
       strncmp((const char *)name, (const char *)thisname, lorn) == 0)  
     return count;  
1276    }    }
1277    
1278  return -1;  return rc;
1279  }  }
1280    
1281    
1282    
1283    
1284  /*************************************************  /*************************************************
1285  *      Find first significant op code            *  *      Find first significant op code            *
1286  *************************************************/  *************************************************/
# Line 996  for (;;) Line 1330  for (;;)
1330    
1331      case OP_CALLOUT:      case OP_CALLOUT:
1332      case OP_CREF:      case OP_CREF:
1333        case OP_NCREF:
1334      case OP_RREF:      case OP_RREF:
1335        case OP_NRREF:
1336      case OP_DEF:      case OP_DEF:
1337      code += _pcre_OP_lengths[*code];      code += _pcre_OP_lengths[*code];
1338      break;      break;
# Line 1012  for (;;) Line 1348  for (;;)
1348    
1349    
1350  /*************************************************  /*************************************************
1351  *        Find the fixed length of a pattern      *  *        Find the fixed length of a branch       *
1352  *************************************************/  *************************************************/
1353    
1354  /* Scan a pattern and compute the fixed length of subject that will match it,  /* Scan a branch and compute the fixed length of subject that will match it,
1355  if the length is fixed. This is needed for dealing with backward assertions.  if the length is fixed. This is needed for dealing with backward assertions.
1356  In UTF8 mode, the result is in characters rather than bytes.  In UTF8 mode, the result is in characters rather than bytes. The branch is
1357    temporarily terminated with OP_END when this function is called.
1358    
1359    This function is called when a backward assertion is encountered, so that if it
1360    fails, the error message can point to the correct place in the pattern.
1361    However, we cannot do this when the assertion contains subroutine calls,
1362    because they can be forward references. We solve this by remembering this case
1363    and doing the check at the end; a flag specifies which mode we are running in.
1364    
1365  Arguments:  Arguments:
1366    code     points to the start of the pattern (the bracket)    code     points to the start of the pattern (the bracket)
1367    options  the compiling options    options  the compiling options
1368      atend    TRUE if called when the pattern is complete
1369      cd       the "compile data" structure
1370    
1371  Returns:   the fixed length, or -1 if there is no fixed length,  Returns:   the fixed length,
1372                 or -1 if there is no fixed length,
1373               or -2 if \C was encountered               or -2 if \C was encountered
1374                 or -3 if an OP_RECURSE item was encountered and atend is FALSE
1375  */  */
1376    
1377  static int  static int
1378  find_fixedlength(uschar *code, int options)  find_fixedlength(uschar *code, int options, BOOL atend, compile_data *cd)
1379  {  {
1380  int length = -1;  int length = -1;
1381    
# Line 1041  branch, check the length against that of Line 1388  branch, check the length against that of
1388  for (;;)  for (;;)
1389    {    {
1390    int d;    int d;
1391      uschar *ce, *cs;
1392    register int op = *cc;    register int op = *cc;
   
1393    switch (op)    switch (op)
1394      {      {
1395      case OP_CBRA:      case OP_CBRA:
1396      case OP_BRA:      case OP_BRA:
1397      case OP_ONCE:      case OP_ONCE:
1398      case OP_COND:      case OP_COND:
1399      d = find_fixedlength(cc + ((op == OP_CBRA)? 2:0), options);      d = find_fixedlength(cc + ((op == OP_CBRA)? 2:0), options, atend, cd);
1400      if (d < 0) return d;      if (d < 0) return d;
1401      branchlength += d;      branchlength += d;
1402      do cc += GET(cc, 1); while (*cc == OP_ALT);      do cc += GET(cc, 1); while (*cc == OP_ALT);
# Line 1072  for (;;) Line 1419  for (;;)
1419      branchlength = 0;      branchlength = 0;
1420      break;      break;
1421    
1422        /* A true recursion implies not fixed length, but a subroutine call may
1423        be OK. If the subroutine is a forward reference, we can't deal with
1424        it until the end of the pattern, so return -3. */
1425    
1426        case OP_RECURSE:
1427        if (!atend) return -3;
1428        cs = ce = (uschar *)cd->start_code + GET(cc, 1);  /* Start subpattern */
1429        do ce += GET(ce, 1); while (*ce == OP_ALT);       /* End subpattern */
1430        if (cc > cs && cc < ce) return -1;                /* Recursion */
1431        d = find_fixedlength(cs + 2, options, atend, cd);
1432        if (d < 0) return d;
1433        branchlength += d;
1434        cc += 1 + LINK_SIZE;
1435        break;
1436    
1437      /* Skip over assertive subpatterns */      /* Skip over assertive subpatterns */
1438    
1439      case OP_ASSERT:      case OP_ASSERT:
# Line 1085  for (;;) Line 1447  for (;;)
1447    
1448      case OP_REVERSE:      case OP_REVERSE:
1449      case OP_CREF:      case OP_CREF:
1450        case OP_NCREF:
1451      case OP_RREF:      case OP_RREF:
1452        case OP_NRREF:
1453      case OP_DEF:      case OP_DEF:
1454      case OP_OPT:      case OP_OPT:
1455      case OP_CALLOUT:      case OP_CALLOUT:
1456      case OP_SOD:      case OP_SOD:
1457      case OP_SOM:      case OP_SOM:
1458        case OP_SET_SOM:
1459      case OP_EOD:      case OP_EOD:
1460      case OP_EODN:      case OP_EODN:
1461      case OP_CIRC:      case OP_CIRC:
# Line 1108  for (;;) Line 1473  for (;;)
1473      branchlength++;      branchlength++;
1474      cc += 2;      cc += 2;
1475  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
1476      if ((options & PCRE_UTF8) != 0)      if ((options & PCRE_UTF8) != 0 && cc[-1] >= 0xc0)
1477        {        cc += _pcre_utf8_table4[cc[-1] & 0x3f];
       while ((*cc & 0xc0) == 0x80) cc++;  
       }  
1478  #endif  #endif
1479      break;      break;
1480    
# Line 1122  for (;;) Line 1485  for (;;)
1485      branchlength += GET2(cc,1);      branchlength += GET2(cc,1);
1486      cc += 4;      cc += 4;
1487  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
1488      if ((options & PCRE_UTF8) != 0)      if ((options & PCRE_UTF8) != 0 && cc[-1] >= 0xc0)
1489        {        cc += _pcre_utf8_table4[cc[-1] & 0x3f];
       while((*cc & 0x80) == 0x80) cc++;  
       }  
1490  #endif  #endif
1491      break;      break;
1492    
1493      case OP_TYPEEXACT:      case OP_TYPEEXACT:
1494      branchlength += GET2(cc,1);      branchlength += GET2(cc,1);
1495        if (cc[3] == OP_PROP || cc[3] == OP_NOTPROP) cc += 2;
1496      cc += 4;      cc += 4;
1497      break;      break;
1498    
# Line 1148  for (;;) Line 1510  for (;;)
1510      case OP_NOT_WORDCHAR:      case OP_NOT_WORDCHAR:
1511      case OP_WORDCHAR:      case OP_WORDCHAR:
1512      case OP_ANY:      case OP_ANY:
1513        case OP_ALLANY:
1514      branchlength++;      branchlength++;
1515      cc++;      cc++;
1516      break;      break;
# Line 1202  for (;;) Line 1565  for (;;)
1565    
1566    
1567  /*************************************************  /*************************************************
1568  *    Scan compiled regex for numbered bracket    *  *    Scan compiled regex for specific bracket    *
1569  *************************************************/  *************************************************/
1570    
1571  /* This little function scans through a compiled pattern until it finds a  /* This little function scans through a compiled pattern until it finds a
1572  capturing bracket with the given number.  capturing bracket with the given number, or, if the number is negative, an
1573    instance of OP_REVERSE for a lookbehind. The function is global in the C sense
1574    so that it can be called from pcre_study() when finding the minimum matching
1575    length.
1576    
1577  Arguments:  Arguments:
1578    code        points to start of expression    code        points to start of expression
1579    utf8        TRUE in UTF-8 mode    utf8        TRUE in UTF-8 mode
1580    number      the required bracket number    number      the required bracket number or negative to find a lookbehind
1581    
1582  Returns:      pointer to the opcode for the bracket, or NULL if not found  Returns:      pointer to the opcode for the bracket, or NULL if not found
1583  */  */
1584    
1585  static const uschar *  const uschar *
1586  find_bracket(const uschar *code, BOOL utf8, int number)  _pcre_find_bracket(const uschar *code, BOOL utf8, int number)
1587  {  {
1588  for (;;)  for (;;)
1589    {    {
# Line 1230  for (;;) Line 1596  for (;;)
1596    
1597    if (c == OP_XCLASS) code += GET(code, 1);    if (c == OP_XCLASS) code += GET(code, 1);
1598    
1599      /* Handle recursion */
1600    
1601      else if (c == OP_REVERSE)
1602        {
1603        if (number < 0) return (uschar *)code;
1604        code += _pcre_OP_lengths[c];
1605        }
1606    
1607    /* Handle capturing bracket */    /* Handle capturing bracket */
1608    
1609    else if (c == OP_CBRA)    else if (c == OP_CBRA)
# Line 1239  for (;;) Line 1613  for (;;)
1613      code += _pcre_OP_lengths[c];      code += _pcre_OP_lengths[c];
1614      }      }
1615    
1616    /* In UTF-8 mode, opcodes that are followed by a character may be followed by    /* Otherwise, we can get the item's length from the table, except that for
1617    a multi-byte character. The length in the table is a minimum, so we have to    repeated character types, we have to test for \p and \P, which have an extra
1618    arrange to skip the extra bytes. */    two bytes of parameters. */
1619    
1620    else    else
1621      {      {
1622        switch(c)
1623          {
1624          case OP_TYPESTAR:
1625          case OP_TYPEMINSTAR:
1626          case OP_TYPEPLUS:
1627          case OP_TYPEMINPLUS:
1628          case OP_TYPEQUERY:
1629          case OP_TYPEMINQUERY:
1630          case OP_TYPEPOSSTAR:
1631          case OP_TYPEPOSPLUS:
1632          case OP_TYPEPOSQUERY:
1633          if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
1634          break;
1635    
1636          case OP_TYPEUPTO:
1637          case OP_TYPEMINUPTO:
1638          case OP_TYPEEXACT:
1639          case OP_TYPEPOSUPTO:
1640          if (code[3] == OP_PROP || code[3] == OP_NOTPROP) code += 2;
1641          break;
1642          }
1643    
1644        /* Add in the fixed length from the table */
1645    
1646      code += _pcre_OP_lengths[c];      code += _pcre_OP_lengths[c];
1647    
1648      /* In UTF-8 mode, opcodes that are followed by a character may be followed by
1649      a multi-byte character. The length in the table is a minimum, so we have to
1650      arrange to skip the extra bytes. */
1651    
1652  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
1653      if (utf8) switch(c)      if (utf8) switch(c)
1654        {        {
# Line 1267  for (;;) Line 1670  for (;;)
1670        if (code[-1] >= 0xc0) code += _pcre_utf8_table4[code[-1] & 0x3f];        if (code[-1] >= 0xc0) code += _pcre_utf8_table4[code[-1] & 0x3f];
1671        break;        break;
1672        }        }
1673    #else
1674        (void)(utf8);  /* Keep compiler happy by referencing function argument */
1675  #endif  #endif
1676      }      }
1677    }    }
# Line 1303  for (;;) Line 1708  for (;;)
1708    
1709    if (c == OP_XCLASS) code += GET(code, 1);    if (c == OP_XCLASS) code += GET(code, 1);
1710    
1711    /* Otherwise, we get the item's length from the table. In UTF-8 mode, opcodes    /* Otherwise, we can get the item's length from the table, except that for
1712    that are followed by a character may be followed by a multi-byte character.    repeated character types, we have to test for \p and \P, which have an extra
1713    The length in the table is a minimum, so we have to arrange to skip the extra    two bytes of parameters. */
   bytes. */  
1714    
1715    else    else
1716      {      {
1717        switch(c)
1718          {
1719          case OP_TYPESTAR:
1720          case OP_TYPEMINSTAR:
1721          case OP_TYPEPLUS:
1722          case OP_TYPEMINPLUS:
1723          case OP_TYPEQUERY:
1724          case OP_TYPEMINQUERY:
1725          case OP_TYPEPOSSTAR:
1726          case OP_TYPEPOSPLUS:
1727          case OP_TYPEPOSQUERY:
1728          if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
1729          break;
1730    
1731          case OP_TYPEPOSUPTO:
1732          case OP_TYPEUPTO:
1733          case OP_TYPEMINUPTO:
1734          case OP_TYPEEXACT:
1735          if (code[3] == OP_PROP || code[3] == OP_NOTPROP) code += 2;
1736          break;
1737          }
1738    
1739        /* Add in the fixed length from the table */
1740    
1741      code += _pcre_OP_lengths[c];      code += _pcre_OP_lengths[c];
1742    
1743        /* In UTF-8 mode, opcodes that are followed by a character may be followed
1744        by a multi-byte character. The length in the table is a minimum, so we have
1745        to arrange to skip the extra bytes. */
1746    
1747  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
1748      if (utf8) switch(c)      if (utf8) switch(c)
1749        {        {
# Line 1332  for (;;) Line 1765  for (;;)
1765        if (code[-1] >= 0xc0) code += _pcre_utf8_table4[code[-1] & 0x3f];        if (code[-1] >= 0xc0) code += _pcre_utf8_table4[code[-1] & 0x3f];
1766        break;        break;
1767        }        }
1768    #else
1769        (void)(utf8);  /* Keep compiler happy by referencing function argument */
1770  #endif  #endif
1771      }      }
1772    }    }
# Line 1347  for (;;) Line 1782  for (;;)
1782  can match the empty string or not. It is called from could_be_empty()  can match the empty string or not. It is called from could_be_empty()
1783  below and from compile_branch() when checking for an unlimited repeat of a  below and from compile_branch() when checking for an unlimited repeat of a
1784  group that can match nothing. Note that first_significant_code() skips over  group that can match nothing. Note that first_significant_code() skips over
1785  assertions. If we hit an unclosed bracket, we return "empty" - this means we've  backward and negative forward assertions when its final argument is TRUE. If we
1786  struck an inner bracket whose current branch will already have been scanned.  hit an unclosed bracket, we return "empty" - this means we've struck an inner
1787    bracket whose current branch will already have been scanned.
1788    
1789  Arguments:  Arguments:
1790    code        points to start of search    code        points to start of search
1791    endcode     points to where to stop    endcode     points to where to stop
1792    utf8        TRUE if in UTF8 mode    utf8        TRUE if in UTF8 mode
1793      cd          contains pointers to tables etc.
1794    
1795  Returns:      TRUE if what is matched could be empty  Returns:      TRUE if what is matched could be empty
1796  */  */
1797    
1798  static BOOL  static BOOL
1799  could_be_empty_branch(const uschar *code, const uschar *endcode, BOOL utf8)  could_be_empty_branch(const uschar *code, const uschar *endcode, BOOL utf8,
1800      compile_data *cd)
1801  {  {
1802  register int c;  register int c;
1803  for (code = first_significant_code(code + _pcre_OP_lengths[*code], NULL, 0, TRUE);  for (code = first_significant_code(code + _pcre_OP_lengths[*code], NULL, 0, TRUE);
# Line 1370  for (code = first_significant_code(code Line 1808  for (code = first_significant_code(code
1808    
1809    c = *code;    c = *code;
1810    
1811    if (c == OP_BRA || c == OP_CBRA || c == OP_ONCE)    /* Skip over forward assertions; the other assertions are skipped by
1812      first_significant_code() with a TRUE final argument. */
1813    
1814      if (c == OP_ASSERT)
1815      {      {
1816      BOOL empty_branch;      do code += GET(code, 1); while (*code == OP_ALT);
1817      if (GET(code, 1) == 0) return TRUE;    /* Hit unclosed bracket */      c = *code;
1818        continue;
1819        }
1820    
1821      /* Groups with zero repeats can of course be empty; skip them. */
1822    
1823      if (c == OP_BRAZERO || c == OP_BRAMINZERO || c == OP_SKIPZERO)
1824        {
1825        code += _pcre_OP_lengths[c];
1826        do code += GET(code, 1); while (*code == OP_ALT);
1827        c = *code;
1828        continue;
1829        }
1830    
1831      /* Scan a closed bracket */    /* For a recursion/subroutine call, if its end has been reached, which
1832      implies a subroutine call, we can scan it. */
1833    
1834      empty_branch = FALSE;    if (c == OP_RECURSE)
1835        {
1836        BOOL empty_branch = FALSE;
1837        const uschar *scode = cd->start_code + GET(code, 1);
1838        if (GET(scode, 1) == 0) return TRUE;    /* Unclosed */
1839      do      do
1840        {        {
1841        if (!empty_branch && could_be_empty_branch(code, endcode, utf8))        if (could_be_empty_branch(scode, endcode, utf8, cd))
1842            {
1843          empty_branch = TRUE;          empty_branch = TRUE;
1844        code += GET(code, 1);          break;
1845            }
1846          scode += GET(scode, 1);
1847        }        }
1848      while (*code == OP_ALT);      while (*scode == OP_ALT);
1849      if (!empty_branch) return FALSE;   /* All branches are non-empty */      if (!empty_branch) return FALSE;  /* All branches are non-empty */
1850        continue;
1851        }
1852    
1853      /* For other groups, scan the branches. */
1854    
1855      if (c == OP_BRA || c == OP_CBRA || c == OP_ONCE || c == OP_COND)
1856        {
1857        BOOL empty_branch;
1858        if (GET(code, 1) == 0) return TRUE;    /* Hit unclosed bracket */
1859    
1860      /* Move past the KET and fudge things so that the increment in the "for"      /* If a conditional group has only one branch, there is a second, implied,
1861      above has no effect. */      empty branch, so just skip over the conditional, because it could be empty.
1862        Otherwise, scan the individual branches of the group. */
1863    
1864      c = OP_END;      if (c == OP_COND && code[GET(code, 1)] != OP_ALT)
1865      code += 1 + LINK_SIZE - _pcre_OP_lengths[c];        code += GET(code, 1);
1866        else
1867          {
1868          empty_branch = FALSE;
1869          do
1870            {
1871            if (!empty_branch && could_be_empty_branch(code, endcode, utf8, cd))
1872              empty_branch = TRUE;
1873            code += GET(code, 1);
1874            }
1875          while (*code == OP_ALT);
1876          if (!empty_branch) return FALSE;   /* All branches are non-empty */
1877          }
1878    
1879        c = *code;
1880      continue;      continue;
1881      }      }
1882    
# Line 1399  for (code = first_significant_code(code Line 1884  for (code = first_significant_code(code
1884    
1885    switch (c)    switch (c)
1886      {      {
1887      /* Check for quantifiers after a class */      /* Check for quantifiers after a class. XCLASS is used for classes that
1888        cannot be represented just by a bit map. This includes negated single
1889        high-valued characters. The length in _pcre_OP_lengths[] is zero; the
1890        actual length is stored in the compiled code, so we must update "code"
1891        here. */
1892    
1893  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
1894      case OP_XCLASS:      case OP_XCLASS:
1895      ccode = code + GET(code, 1);      ccode = code += GET(code, 1);
1896      goto CHECK_CLASS_REPEAT;      goto CHECK_CLASS_REPEAT;
1897  #endif  #endif
1898    
# Line 1447  for (code = first_significant_code(code Line 1936  for (code = first_significant_code(code
1936      case OP_NOT_WORDCHAR:      case OP_NOT_WORDCHAR:
1937      case OP_WORDCHAR:      case OP_WORDCHAR:
1938      case OP_ANY:      case OP_ANY:
1939        case OP_ALLANY:
1940      case OP_ANYBYTE:      case OP_ANYBYTE:
1941      case OP_CHAR:      case OP_CHAR:
1942      case OP_CHARNC:      case OP_CHARNC:
# Line 1465  for (code = first_significant_code(code Line 1955  for (code = first_significant_code(code
1955      case OP_TYPEEXACT:      case OP_TYPEEXACT:
1956      return FALSE;      return FALSE;
1957    
1958        /* These are going to continue, as they may be empty, but we have to
1959        fudge the length for the \p and \P cases. */
1960    
1961        case OP_TYPESTAR:
1962        case OP_TYPEMINSTAR:
1963        case OP_TYPEPOSSTAR:
1964        case OP_TYPEQUERY:
1965        case OP_TYPEMINQUERY:
1966        case OP_TYPEPOSQUERY:
1967        if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
1968        break;
1969    
1970        /* Same for these */
1971    
1972        case OP_TYPEUPTO:
1973        case OP_TYPEMINUPTO:
1974        case OP_TYPEPOSUPTO:
1975        if (code[3] == OP_PROP || code[3] == OP_NOTPROP) code += 2;
1976        break;
1977    
1978      /* End of branch */      /* End of branch */
1979    
1980      case OP_KET:      case OP_KET:
# Line 1483  for (code = first_significant_code(code Line 1993  for (code = first_significant_code(code
1993      case OP_QUERY:      case OP_QUERY:
1994      case OP_MINQUERY:      case OP_MINQUERY:
1995      case OP_POSQUERY:      case OP_POSQUERY:
1996        if (utf8 && code[1] >= 0xc0) code += _pcre_utf8_table4[code[1] & 0x3f];
1997        break;
1998    
1999      case OP_UPTO:      case OP_UPTO:
2000      case OP_MINUPTO:      case OP_MINUPTO:
2001      case OP_POSUPTO:      case OP_POSUPTO:
2002      if (utf8) while ((code[2] & 0xc0) == 0x80) code++;      if (utf8 && code[3] >= 0xc0) code += _pcre_utf8_table4[code[3] & 0x3f];
2003      break;      break;
2004  #endif  #endif
2005    
2006        /* None of the remaining opcodes are required to match a character. */
2007    
2008        default:
2009        break;
2010      }      }
2011    }    }
2012    
# Line 1511  Arguments: Line 2029  Arguments:
2029    endcode     points to where to stop (current RECURSE item)    endcode     points to where to stop (current RECURSE item)
2030    bcptr       points to the chain of current (unclosed) branch starts    bcptr       points to the chain of current (unclosed) branch starts
2031    utf8        TRUE if in UTF-8 mode    utf8        TRUE if in UTF-8 mode
2032      cd          pointers to tables etc
2033    
2034  Returns:      TRUE if what is matched could be empty  Returns:      TRUE if what is matched could be empty
2035  */  */
2036    
2037  static BOOL  static BOOL
2038  could_be_empty(const uschar *code, const uschar *endcode, branch_chain *bcptr,  could_be_empty(const uschar *code, const uschar *endcode, branch_chain *bcptr,
2039    BOOL utf8)    BOOL utf8, compile_data *cd)
2040  {  {
2041  while (bcptr != NULL && bcptr->current >= code)  while (bcptr != NULL && bcptr->current_branch >= code)
2042    {    {
2043    if (!could_be_empty_branch(bcptr->current, endcode, utf8)) return FALSE;    if (!could_be_empty_branch(bcptr->current_branch, endcode, utf8, cd))
2044        return FALSE;
2045    bcptr = bcptr->outer;    bcptr = bcptr->outer;
2046    }    }
2047  return TRUE;  return TRUE;
# Line 1534  return TRUE; Line 2054  return TRUE;
2054  *************************************************/  *************************************************/
2055    
2056  /* This function is called when the sequence "[:" or "[." or "[=" is  /* This function is called when the sequence "[:" or "[." or "[=" is
2057  encountered in a character class. It checks whether this is followed by an  encountered in a character class. It checks whether this is followed by a
2058  optional ^ and then a sequence of letters, terminated by a matching ":]" or  sequence of characters terminated by a matching ":]" or ".]" or "=]". If we
2059  ".]" or "=]".  reach an unescaped ']' without the special preceding character, return FALSE.
2060    
2061    Originally, this function only recognized a sequence of letters between the
2062    terminators, but it seems that Perl recognizes any sequence of characters,
2063    though of course unknown POSIX names are subsequently rejected. Perl gives an
2064    "Unknown POSIX class" error for [:f\oo:] for example, where previously PCRE
2065    didn't consider this to be a POSIX class. Likewise for [:1234:].
2066    
2067    The problem in trying to be exactly like Perl is in the handling of escapes. We
2068    have to be sure that [abc[:x\]pqr] is *not* treated as containing a POSIX
2069    class, but [abc[:x\]pqr:]] is (so that an error can be generated). The code
2070    below handles the special case of \], but does not try to do any other escape
2071    processing. This makes it different from Perl for cases such as [:l\ower:]
2072    where Perl recognizes it as the POSIX class "lower" but PCRE does not recognize
2073    "l\ower". This is a lesser evil that not diagnosing bad classes when Perl does,
2074    I think.
2075    
2076  Argument:  Arguments:
2077    ptr      pointer to the initial [    ptr      pointer to the initial [
2078    endptr   where to return the end pointer    endptr   where to return the end pointer
   cd       pointer to compile data  
2079    
2080  Returns:   TRUE or FALSE  Returns:   TRUE or FALSE
2081  */  */
2082    
2083  static BOOL  static BOOL
2084  check_posix_syntax(const uschar *ptr, const uschar **endptr, compile_data *cd)  check_posix_syntax(const uschar *ptr, const uschar **endptr)
2085  {  {
2086  int terminator;          /* Don't combine these lines; the Solaris cc */  int terminator;          /* Don't combine these lines; the Solaris cc */
2087  terminator = *(++ptr);   /* compiler warns about "non-constant" initializer. */  terminator = *(++ptr);   /* compiler warns about "non-constant" initializer. */
2088  if (*(++ptr) == '^') ptr++;  for (++ptr; *ptr != 0; ptr++)
 while ((cd->ctypes[*ptr] & ctype_letter) != 0) ptr++;  
 if (*ptr == terminator && ptr[1] == ']')  
2089    {    {
2090    *endptr = ptr;    if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET) ptr++; else
2091    return TRUE;      {
2092        if (*ptr == CHAR_RIGHT_SQUARE_BRACKET) return FALSE;
2093        if (*ptr == terminator && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
2094          {
2095          *endptr = ptr;
2096          return TRUE;
2097          }
2098        }
2099    }    }
2100  return FALSE;  return FALSE;
2101  }  }
# Line 1581  Returns:     a value representing the na Line 2120  Returns:     a value representing the na
2120  static int  static int
2121  check_posix_name(const uschar *ptr, int len)  check_posix_name(const uschar *ptr, int len)
2122  {  {
2123    const char *pn = posix_names;
2124  register int yield = 0;  register int yield = 0;
2125  while (posix_name_lengths[yield] != 0)  while (posix_name_lengths[yield] != 0)
2126    {    {
2127    if (len == posix_name_lengths[yield] &&    if (len == posix_name_lengths[yield] &&
2128      strncmp((const char *)ptr, posix_names[yield], len) == 0) return yield;      strncmp((const char *)ptr, pn, len) == 0) return yield;
2129      pn += posix_name_lengths[yield] + 1;
2130    yield++;    yield++;
2131    }    }
2132  return -1;  return -1;
# Line 1600  return -1; Line 2141  return -1;
2141  that is referenced. This means that groups can be replicated for fixed  that is referenced. This means that groups can be replicated for fixed
2142  repetition simply by copying (because the recursion is allowed to refer to  repetition simply by copying (because the recursion is allowed to refer to
2143  earlier groups that are outside the current group). However, when a group is  earlier groups that are outside the current group). However, when a group is
2144  optional (i.e. the minimum quantifier is zero), OP_BRAZERO is inserted before  optional (i.e. the minimum quantifier is zero), OP_BRAZERO or OP_SKIPZERO is
2145  it, after it has been compiled. This means that any OP_RECURSE items within it  inserted before it, after it has been compiled. This means that any OP_RECURSE
2146  that refer to the group itself or any contained groups have to have their  items within it that refer to the group itself or any contained groups have to
2147  offsets adjusted. That one of the jobs of this function. Before it is called,  have their offsets adjusted. That one of the jobs of this function. Before it
2148  the partially compiled regex must be temporarily terminated with OP_END.  is called, the partially compiled regex must be temporarily terminated with
2149    OP_END.
2150    
2151  This function has been extended with the possibility of forward references for  This function has been extended with the possibility of forward references for
2152  recursions and subroutine calls. It must also check the list of such references  recursions and subroutine calls. It must also check the list of such references
# Line 1627  adjust_recurse(uschar *group, int adjust Line 2169  adjust_recurse(uschar *group, int adjust
2169    uschar *save_hwm)    uschar *save_hwm)
2170  {  {
2171  uschar *ptr = group;  uschar *ptr = group;
2172    
2173  while ((ptr = (uschar *)find_recurse(ptr, utf8)) != NULL)  while ((ptr = (uschar *)find_recurse(ptr, utf8)) != NULL)
2174    {    {
2175    int offset;    int offset;
# Line 1738  get_othercase_range(unsigned int *cptr, Line 2281  get_othercase_range(unsigned int *cptr,
2281  unsigned int c, othercase, next;  unsigned int c, othercase, next;
2282    
2283  for (c = *cptr; c <= d; c++)  for (c = *cptr; c <= d; c++)
2284    { if ((othercase = _pcre_ucp_othercase(c)) != NOTACHAR) break; }    { if ((othercase = UCD_OTHERCASE(c)) != c) break; }
2285    
2286  if (c > d) return FALSE;  if (c > d) return FALSE;
2287    
# Line 1747  next = othercase + 1; Line 2290  next = othercase + 1;
2290    
2291  for (++c; c <= d; c++)  for (++c; c <= d; c++)
2292    {    {
2293    if (_pcre_ucp_othercase(c) != next) break;    if (UCD_OTHERCASE(c) != next) break;
2294    next++;    next++;
2295    }    }
2296    
# Line 1793  if ((options & PCRE_EXTENDED) != 0) Line 2336  if ((options & PCRE_EXTENDED) != 0)
2336    for (;;)    for (;;)
2337      {      {
2338      while ((cd->ctypes[*ptr] & ctype_space) != 0) ptr++;      while ((cd->ctypes[*ptr] & ctype_space) != 0) ptr++;
2339      if (*ptr == '#')      if (*ptr == CHAR_NUMBER_SIGN)
2340        {        {
2341        while (*(++ptr) != 0)        while (*(++ptr) != 0)
2342          if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }          if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }
# Line 1805  if ((options & PCRE_EXTENDED) != 0) Line 2348  if ((options & PCRE_EXTENDED) != 0)
2348  /* If the next item is one that we can handle, get its value. A non-negative  /* If the next item is one that we can handle, get its value. A non-negative
2349  value is a character, a negative value is an escape value. */  value is a character, a negative value is an escape value. */
2350    
2351  if (*ptr == '\\')  if (*ptr == CHAR_BACKSLASH)
2352    {    {
2353    int temperrorcode = 0;    int temperrorcode = 0;
2354    next = check_escape(&ptr, &temperrorcode, cd->bracount, options, FALSE);    next = check_escape(&ptr, &temperrorcode, cd->bracount, options, FALSE);
# Line 1830  if ((options & PCRE_EXTENDED) != 0) Line 2373  if ((options & PCRE_EXTENDED) != 0)
2373    for (;;)    for (;;)
2374      {      {
2375      while ((cd->ctypes[*ptr] & ctype_space) != 0) ptr++;      while ((cd->ctypes[*ptr] & ctype_space) != 0) ptr++;
2376      if (*ptr == '#')      if (*ptr == CHAR_NUMBER_SIGN)
2377        {        {
2378        while (*(++ptr) != 0)        while (*(++ptr) != 0)
2379          if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }          if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }
# Line 1841  if ((options & PCRE_EXTENDED) != 0) Line 2384  if ((options & PCRE_EXTENDED) != 0)
2384    
2385  /* If the next thing is itself optional, we have to give up. */  /* If the next thing is itself optional, we have to give up. */
2386    
2387  if (*ptr == '*' || *ptr == '?' || strncmp((char *)ptr, "{0,", 3) == 0)  if (*ptr == CHAR_ASTERISK || *ptr == CHAR_QUESTION_MARK ||
2388    return FALSE;    strncmp((char *)ptr, STR_LEFT_CURLY_BRACKET STR_0 STR_COMMA, 3) == 0)
2389        return FALSE;
2390    
2391  /* Now compare the next item with the previous opcode. If the previous is a  /* Now compare the next item with the previous opcode. If the previous is a
2392  positive single character match, "item" either contains the character or, if  positive single character match, "item" either contains the character or, if
# Line 1857  if (next >= 0) switch(op_code) Line 2401  if (next >= 0) switch(op_code)
2401    case OP_CHAR:    case OP_CHAR:
2402  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
2403    if (utf8 && item > 127) { GETCHAR(item, utf8_char); }    if (utf8 && item > 127) { GETCHAR(item, utf8_char); }
2404    #else
2405      (void)(utf8_char);  /* Keep compiler happy by referencing function argument */
2406  #endif  #endif
2407    return item != next;    return item != next;
2408    
# Line 1875  if (next >= 0) switch(op_code) Line 2421  if (next >= 0) switch(op_code)
2421      unsigned int othercase;      unsigned int othercase;
2422      if (next < 128) othercase = cd->fcc[next]; else      if (next < 128) othercase = cd->fcc[next]; else
2423  #ifdef SUPPORT_UCP  #ifdef SUPPORT_UCP
2424      othercase = _pcre_ucp_othercase((unsigned int)next);      othercase = UCD_OTHERCASE((unsigned int)next);
2425  #else  #else
2426      othercase = NOTACHAR;      othercase = NOTACHAR;
2427  #endif  #endif
# Line 1888  if (next >= 0) switch(op_code) Line 2434  if (next >= 0) switch(op_code)
2434    /* For OP_NOT, "item" must be a single-byte character. */    /* For OP_NOT, "item" must be a single-byte character. */
2435    
2436    case OP_NOT:    case OP_NOT:
   if (next < 0) return FALSE;  /* Not a character */  
2437    if (item == next) return TRUE;    if (item == next) return TRUE;
2438    if ((options & PCRE_CASELESS) == 0) return FALSE;    if ((options & PCRE_CASELESS) == 0) return FALSE;
2439  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
# Line 1897  if (next >= 0) switch(op_code) Line 2442  if (next >= 0) switch(op_code)
2442      unsigned int othercase;      unsigned int othercase;
2443      if (next < 128) othercase = cd->fcc[next]; else      if (next < 128) othercase = cd->fcc[next]; else
2444  #ifdef SUPPORT_UCP  #ifdef SUPPORT_UCP
2445      othercase = _pcre_ucp_othercase(next);      othercase = UCD_OTHERCASE(next);
2446  #else  #else
2447      othercase = NOTACHAR;      othercase = NOTACHAR;
2448  #endif  #endif
# Line 1925  if (next >= 0) switch(op_code) Line 2470  if (next >= 0) switch(op_code)
2470    case OP_NOT_WORDCHAR:    case OP_NOT_WORDCHAR:
2471    return next <= 127 && (cd->ctypes[next] & ctype_word) != 0;    return next <= 127 && (cd->ctypes[next] & ctype_word) != 0;
2472    
2473      case OP_HSPACE:
2474      case OP_NOT_HSPACE:
2475      switch(next)
2476        {
2477        case 0x09:
2478        case 0x20:
2479        case 0xa0:
2480        case 0x1680:
2481        case 0x180e:
2482        case 0x2000:
2483        case 0x2001:
2484        case 0x2002:
2485        case 0x2003:
2486        case 0x2004:
2487        case 0x2005:
2488        case 0x2006:
2489        case 0x2007:
2490        case 0x2008:
2491        case 0x2009:
2492        case 0x200A:
2493        case 0x202f:
2494        case 0x205f:
2495        case 0x3000:
2496        return op_code != OP_HSPACE;
2497        default:
2498        return op_code == OP_HSPACE;
2499        }
2500    
2501      case OP_VSPACE:
2502      case OP_NOT_VSPACE:
2503      switch(next)
2504        {
2505        case 0x0a:
2506        case 0x0b:
2507        case 0x0c:
2508        case 0x0d:
2509        case 0x85:
2510        case 0x2028:
2511        case 0x2029:
2512        return op_code != OP_VSPACE;
2513        default:
2514        return op_code == OP_VSPACE;
2515        }
2516    
2517    default:    default:
2518    return FALSE;    return FALSE;
2519    }    }
# Line 1959  switch(op_code) Line 2548  switch(op_code)
2548      case ESC_W:      case ESC_W:
2549      return item <= 127 && (cd->ctypes[item] & ctype_word) != 0;      return item <= 127 && (cd->ctypes[item] & ctype_word) != 0;
2550    
2551        case ESC_h:
2552        case ESC_H:
2553        switch(item)
2554          {
2555          case 0x09:
2556          case 0x20:
2557          case 0xa0:
2558          case 0x1680:
2559          case 0x180e:
2560          case 0x2000:
2561          case 0x2001:
2562          case 0x2002:
2563          case 0x2003:
2564          case 0x2004:
2565          case 0x2005:
2566          case 0x2006:
2567          case 0x2007:
2568          case 0x2008:
2569          case 0x2009:
2570          case 0x200A:
2571          case 0x202f:
2572          case 0x205f:
2573          case 0x3000:
2574          return -next != ESC_h;
2575          default:
2576          return -next == ESC_h;
2577          }
2578    
2579        case ESC_v:
2580        case ESC_V:
2581        switch(item)
2582          {
2583          case 0x0a:
2584          case 0x0b:
2585          case 0x0c:
2586          case 0x0d:
2587          case 0x85:
2588          case 0x2028:
2589          case 0x2029:
2590          return -next != ESC_v;
2591          default:
2592          return -next == ESC_v;
2593          }
2594    
2595      default:      default:
2596      return FALSE;      return FALSE;
2597      }      }
2598    
2599    case OP_DIGIT:    case OP_DIGIT:
2600    return next == -ESC_D || next == -ESC_s || next == -ESC_W;    return next == -ESC_D || next == -ESC_s || next == -ESC_W ||
2601             next == -ESC_h || next == -ESC_v;
2602    
2603    case OP_NOT_DIGIT:    case OP_NOT_DIGIT:
2604    return next == -ESC_d;    return next == -ESC_d;
# Line 1973  switch(op_code) Line 2607  switch(op_code)
2607    return next == -ESC_S || next == -ESC_d || next == -ESC_w;    return next == -ESC_S || next == -ESC_d || next == -ESC_w;
2608    
2609    case OP_NOT_WHITESPACE:    case OP_NOT_WHITESPACE:
2610    return next == -ESC_s;    return next == -ESC_s || next == -ESC_h || next == -ESC_v;
2611    
2612      case OP_HSPACE:
2613      return next == -ESC_S || next == -ESC_H || next == -ESC_d || next == -ESC_w;
2614    
2615      case OP_NOT_HSPACE:
2616      return next == -ESC_h;
2617    
2618      /* Can't have \S in here because VT matches \S (Perl anomaly) */
2619      case OP_VSPACE:
2620      return next == -ESC_V || next == -ESC_d || next == -ESC_w;
2621    
2622      case OP_NOT_VSPACE:
2623      return next == -ESC_v;
2624    
2625    case OP_WORDCHAR:    case OP_WORDCHAR:
2626    return next == -ESC_W || next == -ESC_s;    return next == -ESC_W || next == -ESC_s || next == -ESC_h || next == -ESC_v;
2627    
2628    case OP_NOT_WORDCHAR:    case OP_NOT_WORDCHAR:
2629    return next == -ESC_w || next == -ESC_d;    return next == -ESC_w || next == -ESC_d;
# Line 2049  uschar classbits[32]; Line 2696  uschar classbits[32];
2696  BOOL class_utf8;  BOOL class_utf8;
2697  BOOL utf8 = (options & PCRE_UTF8) != 0;  BOOL utf8 = (options & PCRE_UTF8) != 0;
2698  uschar *class_utf8data;  uschar *class_utf8data;
2699    uschar *class_utf8data_base;
2700  uschar utf8_char[6];  uschar utf8_char[6];
2701  #else  #else
2702  BOOL utf8 = FALSE;  BOOL utf8 = FALSE;
2703  uschar *utf8_char = NULL;  uschar *utf8_char = NULL;
2704  #endif  #endif
2705    
2706  #ifdef DEBUG  #ifdef PCRE_DEBUG
2707  if (lengthptr != NULL) DPRINTF((">> start branch\n"));  if (lengthptr != NULL) DPRINTF((">> start branch\n"));
2708  #endif  #endif
2709    
# Line 2088  req_caseopt = ((options & PCRE_CASELESS) Line 2736  req_caseopt = ((options & PCRE_CASELESS)
2736  for (;; ptr++)  for (;; ptr++)
2737    {    {
2738    BOOL negate_class;    BOOL negate_class;
2739      BOOL should_flip_negation;
2740    BOOL possessive_quantifier;    BOOL possessive_quantifier;
2741    BOOL is_quantifier;    BOOL is_quantifier;
2742    BOOL is_recurse;    BOOL is_recurse;
2743      BOOL reset_bracount;
2744    int class_charcount;    int class_charcount;
2745    int class_lastchar;    int class_lastchar;
2746    int newoptions;    int newoptions;
2747    int recno;    int recno;
2748      int refsign;
2749    int skipbytes;    int skipbytes;
2750    int subreqbyte;    int subreqbyte;
2751    int subfirstbyte;    int subfirstbyte;
# Line 2111  for (;; ptr++) Line 2762  for (;; ptr++)
2762    
2763    if (lengthptr != NULL)    if (lengthptr != NULL)
2764      {      {
2765  #ifdef DEBUG  #ifdef PCRE_DEBUG
2766      if (code > cd->hwm) cd->hwm = code;                 /* High water info */      if (code > cd->hwm) cd->hwm = code;                 /* High water info */
2767  #endif  #endif
2768      if (code > cd->start_workspace + COMPILE_WORK_SIZE) /* Check for overrun */      if (code > cd->start_workspace + WORK_SIZE_CHECK)   /* Check for overrun */
2769        {        {
2770        *errorcodeptr = ERR52;        *errorcodeptr = ERR52;
2771        goto FAILED;        goto FAILED;
# Line 2127  for (;; ptr++) Line 2778  for (;; ptr++)
2778      */      */
2779    
2780      if (code < last_code) code = last_code;      if (code < last_code) code = last_code;
2781    
2782        /* Paranoid check for integer overflow */
2783    
2784        if (OFLOW_MAX - *lengthptr < code - last_code)
2785          {
2786          *errorcodeptr = ERR20;
2787          goto FAILED;
2788          }
2789    
2790      *lengthptr += code - last_code;      *lengthptr += code - last_code;
2791      DPRINTF(("length=%d added %d c=%c\n", *lengthptr, code - last_code, c));      DPRINTF(("length=%d added %d c=%c\n", *lengthptr, code - last_code, c));
2792    
# Line 2154  for (;; ptr++) Line 2814  for (;; ptr++)
2814    /* In the real compile phase, just check the workspace used by the forward    /* In the real compile phase, just check the workspace used by the forward
2815    reference list. */    reference list. */
2816    
2817    else if (cd->hwm > cd->start_workspace + COMPILE_WORK_SIZE)    else if (cd->hwm > cd->start_workspace + WORK_SIZE_CHECK)
2818      {      {
2819      *errorcodeptr = ERR52;      *errorcodeptr = ERR52;
2820      goto FAILED;      goto FAILED;
# Line 2164  for (;; ptr++) Line 2824  for (;; ptr++)
2824    
2825    if (inescq && c != 0)    if (inescq && c != 0)
2826      {      {
2827      if (c == '\\' && ptr[1] == 'E')      if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E)
2828        {        {
2829        inescq = FALSE;        inescq = FALSE;
2830        ptr++;        ptr++;
# Line 2190  for (;; ptr++) Line 2850  for (;; ptr++)
2850    /* Fill in length of a previous callout, except when the next thing is    /* Fill in length of a previous callout, except when the next thing is
2851    a quantifier. */    a quantifier. */
2852    
2853    is_quantifier = c == '*' || c == '+' || c == '?' ||    is_quantifier =
2854      (c == '{' && is_counted_repeat(ptr+1));      c == CHAR_ASTERISK || c == CHAR_PLUS || c == CHAR_QUESTION_MARK ||
2855        (c == CHAR_LEFT_CURLY_BRACKET && is_counted_repeat(ptr+1));
2856    
2857    if (!is_quantifier && previous_callout != NULL &&    if (!is_quantifier && previous_callout != NULL &&
2858         after_manual_callout-- <= 0)         after_manual_callout-- <= 0)
# Line 2206  for (;; ptr++) Line 2867  for (;; ptr++)
2867    if ((options & PCRE_EXTENDED) != 0)    if ((options & PCRE_EXTENDED) != 0)
2868      {      {
2869      if ((cd->ctypes[c] & ctype_space) != 0) continue;      if ((cd->ctypes[c] & ctype_space) != 0) continue;
2870      if (c == '#')      if (c == CHAR_NUMBER_SIGN)
2871        {        {
2872        while (*(++ptr) != 0)        while (*(++ptr) != 0)
2873          {          {
# Line 2231  for (;; ptr++) Line 2892  for (;; ptr++)
2892      {      {
2893      /* ===================================================================*/      /* ===================================================================*/
2894      case 0:                        /* The branch terminates at string end */      case 0:                        /* The branch terminates at string end */
2895      case '|':                      /* or | or ) */      case CHAR_VERTICAL_LINE:       /* or | or ) */
2896      case ')':      case CHAR_RIGHT_PARENTHESIS:
2897      *firstbyteptr = firstbyte;      *firstbyteptr = firstbyte;
2898      *reqbyteptr = reqbyte;      *reqbyteptr = reqbyte;
2899      *codeptr = code;      *codeptr = code;
2900      *ptrptr = ptr;      *ptrptr = ptr;
2901      if (lengthptr != NULL)      if (lengthptr != NULL)
2902        {        {
2903          if (OFLOW_MAX - *lengthptr < code - last_code)
2904            {
2905            *errorcodeptr = ERR20;
2906            goto FAILED;
2907            }
2908        *lengthptr += code - last_code;   /* To include callout length */        *lengthptr += code - last_code;   /* To include callout length */
2909        DPRINTF((">> end branch\n"));        DPRINTF((">> end branch\n"));
2910        }        }
# Line 2249  for (;; ptr++) Line 2915  for (;; ptr++)
2915      /* Handle single-character metacharacters. In multiline mode, ^ disables      /* Handle single-character metacharacters. In multiline mode, ^ disables
2916      the setting of any following char as a first character. */      the setting of any following char as a first character. */
2917    
2918      case '^':      case CHAR_CIRCUMFLEX_ACCENT:
2919      if ((options & PCRE_MULTILINE) != 0)      if ((options & PCRE_MULTILINE) != 0)
2920        {        {
2921        if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;        if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;
# Line 2258  for (;; ptr++) Line 2924  for (;; ptr++)
2924      *code++ = OP_CIRC;      *code++ = OP_CIRC;
2925      break;      break;
2926    
2927      case '$':      case CHAR_DOLLAR_SIGN:
2928      previous = NULL;      previous = NULL;
2929      *code++ = OP_DOLL;      *code++ = OP_DOLL;
2930      break;      break;
# Line 2266  for (;; ptr++) Line 2932  for (;; ptr++)
2932      /* There can never be a first char if '.' is first, whatever happens about      /* There can never be a first char if '.' is first, whatever happens about
2933      repeats. The value of reqbyte doesn't change either. */      repeats. The value of reqbyte doesn't change either. */
2934    
2935      case '.':      case CHAR_DOT:
2936      if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;      if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;
2937      zerofirstbyte = firstbyte;      zerofirstbyte = firstbyte;
2938      zeroreqbyte = reqbyte;      zeroreqbyte = reqbyte;
2939      previous = code;      previous = code;
2940      *code++ = OP_ANY;      *code++ = ((options & PCRE_DOTALL) != 0)? OP_ALLANY: OP_ANY;
2941      break;      break;
2942    
2943    
# Line 2286  for (;; ptr++) Line 2952  for (;; ptr++)
2952      opcode is compiled. It may optionally have a bit map for characters < 256,      opcode is compiled. It may optionally have a bit map for characters < 256,
2953      but those above are are explicitly listed afterwards. A flag byte tells      but those above are are explicitly listed afterwards. A flag byte tells
2954      whether the bitmap is present, and whether this is a negated class or not.      whether the bitmap is present, and whether this is a negated class or not.
     */  
2955    
2956      case '[':      In JavaScript compatibility mode, an isolated ']' causes an error. In
2957        default (Perl) mode, it is treated as a data character. */
2958    
2959        case CHAR_RIGHT_SQUARE_BRACKET:
2960        if ((cd->external_options & PCRE_JAVASCRIPT_COMPAT) != 0)
2961          {
2962          *errorcodeptr = ERR64;
2963          goto FAILED;
2964          }
2965        goto NORMAL_CHAR;
2966    
2967        case CHAR_LEFT_SQUARE_BRACKET:
2968      previous = code;      previous = code;
2969    
2970      /* PCRE supports POSIX class stuff inside a class. Perl gives an error if      /* PCRE supports POSIX class stuff inside a class. Perl gives an error if
2971      they are encountered at the top level, so we'll do that too. */      they are encountered at the top level, so we'll do that too. */
2972    
2973      if ((ptr[1] == ':' || ptr[1] == '.' || ptr[1] == '=') &&      if ((ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
2974          check_posix_syntax(ptr, &tempptr, cd))           ptr[1] == CHAR_EQUALS_SIGN) &&
2975            check_posix_syntax(ptr, &tempptr))
2976        {        {
2977        *errorcodeptr = (ptr[1] == ':')? ERR13 : ERR31;        *errorcodeptr = (ptr[1] == CHAR_COLON)? ERR13 : ERR31;
2978        goto FAILED;        goto FAILED;
2979        }        }
2980    
2981      /* If the first character is '^', set the negation flag and skip it. */      /* If the first character is '^', set the negation flag and skip it. Also,
2982        if the first few characters (either before or after ^) are \Q\E or \E we
2983        skip them too. This makes for compatibility with Perl. */
2984    
2985      if ((c = *(++ptr)) == '^')      negate_class = FALSE;
2986        for (;;)
2987        {        {
       negate_class = TRUE;  
2988        c = *(++ptr);        c = *(++ptr);
2989          if (c == CHAR_BACKSLASH)
2990            {
2991            if (ptr[1] == CHAR_E)
2992              ptr++;
2993            else if (strncmp((const char *)ptr+1,
2994                              STR_Q STR_BACKSLASH STR_E, 3) == 0)
2995              ptr += 3;
2996            else
2997              break;
2998            }
2999          else if (!negate_class && c == CHAR_CIRCUMFLEX_ACCENT)
3000            negate_class = TRUE;
3001          else break;
3002        }        }
3003      else  
3004        /* Empty classes are allowed in JavaScript compatibility mode. Otherwise,
3005        an initial ']' is taken as a data character -- the code below handles
3006        that. In JS mode, [] must always fail, so generate OP_FAIL, whereas
3007        [^] must match any character, so generate OP_ALLANY. */
3008    
3009        if (c == CHAR_RIGHT_SQUARE_BRACKET &&
3010            (cd->external_options & PCRE_JAVASCRIPT_COMPAT) != 0)
3011        {        {
3012        negate_class = FALSE;        *code++ = negate_class? OP_ALLANY : OP_FAIL;
3013          if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;
3014          zerofirstbyte = firstbyte;
3015          break;
3016        }        }
3017    
3018        /* If a class contains a negative special such as \S, we need to flip the
3019        negation flag at the end, so that support for characters > 255 works
3020        correctly (they are all included in the class). */
3021    
3022        should_flip_negation = FALSE;
3023    
3024      /* Keep a count of chars with values < 256 so that we can optimize the case      /* Keep a count of chars with values < 256 so that we can optimize the case
3025      of just a single character (as long as it's < 256). However, For higher      of just a single character (as long as it's < 256). However, For higher
3026      valued UTF-8 characters, we don't yet do any optimization. */      valued UTF-8 characters, we don't yet do any optimization. */
# Line 2330  for (;; ptr++) Line 3038  for (;; ptr++)
3038  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
3039      class_utf8 = FALSE;                       /* No chars >= 256 */      class_utf8 = FALSE;                       /* No chars >= 256 */
3040      class_utf8data = code + LINK_SIZE + 2;    /* For UTF-8 items */      class_utf8data = code + LINK_SIZE + 2;    /* For UTF-8 items */
3041        class_utf8data_base = class_utf8data;     /* For resetting in pass 1 */
3042  #endif  #endif
3043    
3044      /* Process characters until ] is reached. By writing this as a "do" it      /* Process characters until ] is reached. By writing this as a "do" it
# Line 2345  for (;; ptr++) Line 3054  for (;; ptr++)
3054          {                           /* Braces are required because the */          {                           /* Braces are required because the */
3055          GETCHARLEN(c, ptr, ptr);    /* macro generates multiple statements */          GETCHARLEN(c, ptr, ptr);    /* macro generates multiple statements */
3056          }          }
3057    
3058          /* In the pre-compile phase, accumulate the length of any UTF-8 extra
3059          data and reset the pointer. This is so that very large classes that
3060          contain a zillion UTF-8 characters no longer overwrite the work space
3061          (which is on the stack). */
3062    
3063          if (lengthptr != NULL)
3064            {
3065            *lengthptr += class_utf8data - class_utf8data_base;
3066            class_utf8data = class_utf8data_base;
3067            }
3068    
3069  #endif  #endif
3070    
3071        /* Inside \Q...\E everything is literal except \E */        /* Inside \Q...\E everything is literal except \E */
3072    
3073        if (inescq)        if (inescq)
3074          {          {
3075          if (c == '\\' && ptr[1] == 'E')     /* If we are at \E */          if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E)  /* If we are at \E */
3076            {            {
3077            inescq = FALSE;                   /* Reset literal state */            inescq = FALSE;                   /* Reset literal state */
3078            ptr++;                            /* Skip the 'E' */            ptr++;                            /* Skip the 'E' */
# Line 2366  for (;; ptr++) Line 3087  for (;; ptr++)
3087        [.ch.] and [=ch=] ("collating elements") and fault them, as Perl        [.ch.] and [=ch=] ("collating elements") and fault them, as Perl
3088        5.6 and 5.8 do. */        5.6 and 5.8 do. */
3089    
3090        if (c == '[' &&        if (c == CHAR_LEFT_SQUARE_BRACKET &&
3091            (ptr[1] == ':' || ptr[1] == '.' || ptr[1] == '=') &&            (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
3092            check_posix_syntax(ptr, &tempptr, cd))             ptr[1] == CHAR_EQUALS_SIGN) && check_posix_syntax(ptr, &tempptr))
3093          {          {
3094          BOOL local_negate = FALSE;          BOOL local_negate = FALSE;
3095          int posix_class, taboffset, tabopt;          int posix_class, taboffset, tabopt;
3096          register const uschar *cbits = cd->cbits;          register const uschar *cbits = cd->cbits;
3097          uschar pbits[32];          uschar pbits[32];
3098    
3099          if (ptr[1] != ':')          if (ptr[1] != CHAR_COLON)
3100            {            {
3101            *errorcodeptr = ERR31;            *errorcodeptr = ERR31;
3102            goto FAILED;            goto FAILED;
3103            }            }
3104    
3105          ptr += 2;          ptr += 2;
3106          if (*ptr == '^')          if (*ptr == CHAR_CIRCUMFLEX_ACCENT)
3107            {            {
3108            local_negate = TRUE;            local_negate = TRUE;
3109              should_flip_negation = TRUE;  /* Note negative special */
3110            ptr++;            ptr++;
3111            }            }
3112    
# Line 2451  for (;; ptr++) Line 3173  for (;; ptr++)
3173        of the specials, which just set a flag. The sequence \b is a special        of the specials, which just set a flag. The sequence \b is a special
3174        case. Inside a class (and only there) it is treated as backspace.        case. Inside a class (and only there) it is treated as backspace.
3175        Elsewhere it marks a word boundary. Other escapes have preset maps ready        Elsewhere it marks a word boundary. Other escapes have preset maps ready
3176        to or into the one we are building. We assume they have more than one        to 'or' into the one we are building. We assume they have more than one
3177        character in them, so set class_charcount bigger than one. */        character in them, so set class_charcount bigger than one. */
3178    
3179        if (c == '\\')        if (c == CHAR_BACKSLASH)
3180          {          {
3181          c = check_escape(&ptr, errorcodeptr, cd->bracount, options, TRUE);          c = check_escape(&ptr, errorcodeptr, cd->bracount, options, TRUE);
3182          if (*errorcodeptr != 0) goto FAILED;          if (*errorcodeptr != 0) goto FAILED;
3183    
3184          if (-c == ESC_b) c = '\b';       /* \b is backslash in a class */          if (-c == ESC_b) c = CHAR_BS;       /* \b is backspace in a class */
3185          else if (-c == ESC_X) c = 'X';   /* \X is literal X in a class */          else if (-c == ESC_X) c = CHAR_X;   /* \X is literal X in a class */
3186          else if (-c == ESC_R) c = 'R';   /* \R is literal R in a class */          else if (-c == ESC_R) c = CHAR_R;   /* \R is literal R in a class */
3187          else if (-c == ESC_Q)            /* Handle start of quoted string */          else if (-c == ESC_Q)            /* Handle start of quoted string */
3188            {            {
3189            if (ptr[1] == '\\' && ptr[2] == 'E')            if (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
3190              {              {
3191              ptr += 2; /* avoid empty string */              ptr += 2; /* avoid empty string */
3192              }              }
3193            else inescq = TRUE;            else inescq = TRUE;
3194            continue;            continue;
3195            }            }
3196            else if (-c == ESC_E) continue;  /* Ignore orphan \E */
3197    
3198          if (c < 0)          if (c < 0)
3199            {            {
# Line 2486  for (;; ptr++) Line 3209  for (;; ptr++)
3209              continue;              continue;
3210    
3211              case ESC_D:              case ESC_D:
3212                should_flip_negation = TRUE;
3213              for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_digit];              for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_digit];
3214              continue;              continue;
3215    
# Line 2494  for (;; ptr++) Line 3218  for (;; ptr++)
3218              continue;              continue;
3219    
3220              case ESC_W:              case ESC_W:
3221                should_flip_negation = TRUE;
3222              for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_word];              for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_word];
3223              continue;              continue;
3224    
# Line 2503  for (;; ptr++) Line 3228  for (;; ptr++)
3228              continue;              continue;
3229    
3230              case ESC_S:              case ESC_S:
3231                should_flip_negation = TRUE;
3232              for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_space];              for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_space];
3233              classbits[1] |= 0x08;    /* Perl 5.004 onwards omits VT from \s */              classbits[1] |= 0x08;    /* Perl 5.004 onwards omits VT from \s */
3234              continue;              continue;
3235    
             case ESC_E: /* Perl ignores an orphan \E */  
             continue;  
   
3236              default:    /* Not recognized; fall through */              default:    /* Not recognized; fall through */
3237              break;      /* Need "default" setting to stop compiler warning. */              break;      /* Need "default" setting to stop compiler warning. */
3238              }              }
# Line 2519  for (;; ptr++) Line 3242  for (;; ptr++)
3242            else if (c == -ESC_d || c == -ESC_D || c == -ESC_w ||            else if (c == -ESC_d || c == -ESC_D || c == -ESC_w ||
3243                     c == -ESC_W || c == -ESC_s || c == -ESC_S) continue;                     c == -ESC_W || c == -ESC_s || c == -ESC_S) continue;
3244    
3245              /* We need to deal with \H, \h, \V, and \v in both phases because
3246              they use extra memory. */
3247    
3248              if (-c == ESC_h)
3249                {
3250                SETBIT(classbits, 0x09); /* VT */
3251                SETBIT(classbits, 0x20); /* SPACE */
3252                SETBIT(classbits, 0xa0); /* NSBP */
3253    #ifdef SUPPORT_UTF8
3254                if (utf8)
3255                  {
3256                  class_utf8 = TRUE;
3257                  *class_utf8data++ = XCL_SINGLE;
3258                  class_utf8data += _pcre_ord2utf8(0x1680, class_utf8data);
3259                  *class_utf8data++ = XCL_SINGLE;
3260                  class_utf8data += _pcre_ord2utf8(0x180e, class_utf8data);
3261                  *class_utf8data++ = XCL_RANGE;
3262                  class_utf8data += _pcre_ord2utf8(0x2000, class_utf8data);
3263                  class_utf8data += _pcre_ord2utf8(0x200A, class_utf8data);
3264                  *class_utf8data++ = XCL_SINGLE;
3265                  class_utf8data += _pcre_ord2utf8(0x202f, class_utf8data);
3266                  *class_utf8data++ = XCL_SINGLE;
3267                  class_utf8data += _pcre_ord2utf8(0x205f, class_utf8data);
3268                  *class_utf8data++ = XCL_SINGLE;
3269                  class_utf8data += _pcre_ord2utf8(0x3000, class_utf8data);
3270                  }
3271    #endif
3272                continue;
3273                }
3274    
3275              if (-c == ESC_H)
3276                {
3277                for (c = 0; c < 32; c++)
3278                  {
3279                  int x = 0xff;
3280                  switch (c)
3281                    {
3282                    case 0x09/8: x ^= 1 << (0x09%8); break;
3283                    case 0x20/8: x ^= 1 << (0x20%8); break;
3284                    case 0xa0/8: x ^= 1 << (0xa0%8); break;
3285                    default: break;
3286                    }
3287                  classbits[c] |= x;
3288                  }
3289    
3290    #ifdef SUPPORT_UTF8
3291                if (utf8)
3292                  {
3293                  class_utf8 = TRUE;
3294                  *class_utf8data++ = XCL_RANGE;
3295                  class_utf8data += _pcre_ord2utf8(0x0100, class_utf8data);
3296                  class_utf8data += _pcre_ord2utf8(0x167f, class_utf8data);
3297                  *class_utf8data++ = XCL_RANGE;
3298                  class_utf8data += _pcre_ord2utf8(0x1681, class_utf8data);
3299                  class_utf8data += _pcre_ord2utf8(0x180d, class_utf8data);
3300                  *class_utf8data++ = XCL_RANGE;
3301                  class_utf8data += _pcre_ord2utf8(0x180f, class_utf8data);
3302                  class_utf8data += _pcre_ord2utf8(0x1fff, class_utf8data);
3303                  *class_utf8data++ = XCL_RANGE;
3304                  class_utf8data += _pcre_ord2utf8(0x200B, class_utf8data);
3305                  class_utf8data += _pcre_ord2utf8(0x202e, class_utf8data);
3306                  *class_utf8data++ = XCL_RANGE;
3307                  class_utf8data += _pcre_ord2utf8(0x2030, class_utf8data);
3308                  class_utf8data += _pcre_ord2utf8(0x205e, class_utf8data);
3309                  *class_utf8data++ = XCL_RANGE;
3310                  class_utf8data += _pcre_ord2utf8(0x2060, class_utf8data);
3311                  class_utf8data += _pcre_ord2utf8(0x2fff, class_utf8data);
3312                  *class_utf8data++ = XCL_RANGE;
3313                  class_utf8data += _pcre_ord2utf8(0x3001, class_utf8data);
3314                  class_utf8data += _pcre_ord2utf8(0x7fffffff, class_utf8data);
3315                  }
3316    #endif
3317                continue;
3318                }
3319    
3320              if (-c == ESC_v)
3321                {
3322                SETBIT(classbits, 0x0a); /* LF */
3323                SETBIT(classbits, 0x0b); /* VT */
3324                SETBIT(classbits, 0x0c); /* FF */
3325                SETBIT(classbits, 0x0d); /* CR */
3326                SETBIT(classbits, 0x85); /* NEL */
3327    #ifdef SUPPORT_UTF8
3328                if (utf8)
3329                  {
3330                  class_utf8 = TRUE;
3331                  *class_utf8data++ = XCL_RANGE;
3332                  class_utf8data += _pcre_ord2utf8(0x2028, class_utf8data);
3333                  class_utf8data += _pcre_ord2utf8(0x2029, class_utf8data);
3334                  }
3335    #endif
3336                continue;
3337                }
3338    
3339              if (-c == ESC_V)
3340                {
3341                for (c = 0; c < 32; c++)
3342                  {
3343                  int x = 0xff;
3344                  switch (c)
3345                    {
3346                    case 0x0a/8: x ^= 1 << (0x0a%8);
3347                                 x ^= 1 << (0x0b%8);
3348                                 x ^= 1 << (0x0c%8);
3349                                 x ^= 1 << (0x0d%8);
3350                                 break;
3351                    case 0x85/8: x ^= 1 << (0x85%8); break;
3352                    default: break;
3353                    }
3354                  classbits[c] |= x;
3355                  }
3356    
3357    #ifdef SUPPORT_UTF8
3358                if (utf8)
3359                  {
3360                  class_utf8 = TRUE;
3361                  *class_utf8data++ = XCL_RANGE;
3362                  class_utf8data += _pcre_ord2utf8(0x0100, class_utf8data);
3363                  class_utf8data += _pcre_ord2utf8(0x2027, class_utf8data);
3364                  *class_utf8data++ = XCL_RANGE;
3365                  class_utf8data += _pcre_ord2utf8(0x2029, class_utf8data);
3366                  class_utf8data += _pcre_ord2utf8(0x7fffffff, class_utf8data);
3367                  }
3368    #endif
3369                continue;
3370                }
3371    
3372            /* We need to deal with \P and \p in both phases. */            /* We need to deal with \P and \p in both phases. */
3373    
3374  #ifdef SUPPORT_UCP  #ifdef SUPPORT_UCP
# Line 2562  for (;; ptr++) Line 3412  for (;; ptr++)
3412        entirely. The code for handling \Q and \E is messy. */        entirely. The code for handling \Q and \E is messy. */
3413    
3414        CHECK_RANGE:        CHECK_RANGE:
3415        while (ptr[1] == '\\' && ptr[2] == 'E')        while (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
3416          {          {
3417          inescq = FALSE;          inescq = FALSE;
3418          ptr += 2;          ptr += 2;
# Line 2570  for (;; ptr++) Line 3420  for (;; ptr++)
3420    
3421        oldptr = ptr;        oldptr = ptr;
3422    
3423        if (!inescq && ptr[1] == '-')        /* Remember \r or \n */
3424    
3425          if (c == CHAR_CR || c == CHAR_NL) cd->external_flags |= PCRE_HASCRORLF;
3426    
3427          /* Check for range */
3428    
3429          if (!inescq && ptr[1] == CHAR_MINUS)
3430          {          {
3431          int d;          int d;
3432          ptr += 2;          ptr += 2;
3433          while (*ptr == '\\' && ptr[1] == 'E') ptr += 2;          while (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_E) ptr += 2;
3434    
3435          /* If we hit \Q (not followed by \E) at this point, go into escaped          /* If we hit \Q (not followed by \E) at this point, go into escaped
3436          mode. */          mode. */
3437    
3438          while (*ptr == '\\' && ptr[1] == 'Q')          while (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_Q)
3439            {            {
3440            ptr += 2;            ptr += 2;
3441            if (*ptr == '\\' && ptr[1] == 'E') { ptr += 2; continue; }            if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_E)
3442                { ptr += 2; continue; }
3443            inescq = TRUE;            inescq = TRUE;
3444            break;            break;
3445            }            }
3446    
3447          if (*ptr == 0 || (!inescq && *ptr == ']'))          if (*ptr == 0 || (!inescq && *ptr == CHAR_RIGHT_SQUARE_BRACKET))
3448            {            {
3449            ptr = oldptr;            ptr = oldptr;
3450            goto LONE_SINGLE_CHARACTER;            goto LONE_SINGLE_CHARACTER;
# Line 2606  for (;; ptr++) Line 3463  for (;; ptr++)
3463          not any of the other escapes. Perl 5.6 treats a hyphen as a literal          not any of the other escapes. Perl 5.6 treats a hyphen as a literal
3464          in such circumstances. */          in such circumstances. */
3465    
3466          if (!inescq && d == '\\')          if (!inescq && d == CHAR_BACKSLASH)
3467            {            {
3468            d = check_escape(&ptr, errorcodeptr, cd->bracount, options, TRUE);            d = check_escape(&ptr, errorcodeptr, cd->bracount, options, TRUE);
3469            if (*errorcodeptr != 0) goto FAILED;            if (*errorcodeptr != 0) goto FAILED;
3470    
3471            /* \b is backslash; \X is literal X; \R is literal R; any other            /* \b is backspace; \X is literal X; \R is literal R; any other
3472            special means the '-' was literal */            special means the '-' was literal */
3473    
3474            if (d < 0)            if (d < 0)
3475              {              {
3476              if (d == -ESC_b) d = '\b';              if (d == -ESC_b) d = CHAR_BS;
3477              else if (d == -ESC_X) d = 'X';              else if (d == -ESC_X) d = CHAR_X;
3478              else if (d == -ESC_R) d = 'R'; else              else if (d == -ESC_R) d = CHAR_R; else
3479                {                {
3480                ptr = oldptr;                ptr = oldptr;
3481                goto LONE_SINGLE_CHARACTER;  /* A few lines below */                goto LONE_SINGLE_CHARACTER;  /* A few lines below */
# Line 2637  for (;; ptr++) Line 3494  for (;; ptr++)
3494    
3495          if (d == c) goto LONE_SINGLE_CHARACTER;  /* A few lines below */          if (d == c) goto LONE_SINGLE_CHARACTER;  /* A few lines below */
3496    
3497            /* Remember \r or \n */
3498    
3499            if (d == CHAR_CR || d == CHAR_NL) cd->external_flags |= PCRE_HASCRORLF;
3500    
3501          /* In UTF-8 mode, if the upper limit is > 255, or > 127 for caseless          /* In UTF-8 mode, if the upper limit is > 255, or > 127 for caseless
3502          matching, we have to use an XCLASS with extra data items. Caseless          matching, we have to use an XCLASS with extra data items. Caseless
3503          matching for characters > 127 is available only if UCP support is          matching for characters > 127 is available only if UCP support is
# Line 2659  for (;; ptr++) Line 3520  for (;; ptr++)
3520              unsigned int origd = d;              unsigned int origd = d;
3521              while (get_othercase_range(&cc, origd, &occ, &ocd))              while (get_othercase_range(&cc, origd, &occ, &ocd))
3522                {                {
3523                if (occ >= c && ocd <= d) continue;  /* Skip embedded ranges */                if (occ >= (unsigned int)c &&
3524                      ocd <= (unsigned int)d)
3525                    continue;                          /* Skip embedded ranges */
3526    
3527                if (occ < c  && ocd >= c - 1)        /* Extend the basic range */                if (occ < (unsigned int)c  &&
3528                      ocd >= (unsigned int)c - 1)      /* Extend the basic range */
3529                  {                                  /* if there is overlap,   */                  {                                  /* if there is overlap,   */
3530                  c = occ;                           /* noting that if occ < c */                  c = occ;                           /* noting that if occ < c */
3531                  continue;                          /* we can't have ocd > d  */                  continue;                          /* we can't have ocd > d  */
3532                  }                                  /* because a subrange is  */                  }                                  /* because a subrange is  */
3533                if (ocd > d && occ <= d + 1)         /* always shorter than    */                if (ocd > (unsigned int)d &&
3534                      occ <= (unsigned int)d + 1)      /* always shorter than    */
3535                  {                                  /* the basic range.       */                  {                                  /* the basic range.       */
3536                  d = ocd;                  d = ocd;
3537                  continue;                  continue;
# Line 2751  for (;; ptr++) Line 3616  for (;; ptr++)
3616          if ((options & PCRE_CASELESS) != 0)          if ((options & PCRE_CASELESS) != 0)
3617            {            {
3618            unsigned int othercase;            unsigned int othercase;
3619            if ((othercase = _pcre_ucp_othercase(c)) != NOTACHAR)            if ((othercase = UCD_OTHERCASE(c)) != c)
3620              {              {
3621              *class_utf8data++ = XCL_SINGLE;              *class_utf8data++ = XCL_SINGLE;
3622              class_utf8data += _pcre_ord2utf8(othercase, class_utf8data);              class_utf8data += _pcre_ord2utf8(othercase, class_utf8data);
# Line 2778  for (;; ptr++) Line 3643  for (;; ptr++)
3643    
3644      /* Loop until ']' reached. This "while" is the end of the "do" above. */      /* Loop until ']' reached. This "while" is the end of the "do" above. */
3645    
3646      while ((c = *(++ptr)) != 0 && (c != ']' || inescq));      while ((c = *(++ptr)) != 0 && (c != CHAR_RIGHT_SQUARE_BRACKET || inescq));
3647    
3648      if (c == 0)                          /* Missing terminating ']' */      if (c == 0)                          /* Missing terminating ']' */
3649        {        {
# Line 2786  for (;; ptr++) Line 3651  for (;; ptr++)
3651        goto FAILED;        goto FAILED;
3652        }        }
3653    
3654    
3655    /* This code has been disabled because it would mean that \s counts as
3656    an explicit \r or \n reference, and that's not really what is wanted. Now
3657    we set the flag only if there is a literal "\r" or "\n" in the class. */
3658    
3659    #if 0
3660        /* Remember whether \r or \n are in this class */
3661    
3662        if (negate_class)
3663          {
3664          if ((classbits[1] & 0x24) != 0x24) cd->external_flags |= PCRE_HASCRORLF;
3665          }
3666        else
3667          {
3668          if ((classbits[1] & 0x24) != 0) cd->external_flags |= PCRE_HASCRORLF;
3669          }
3670    #endif
3671    
3672    
3673      /* If class_charcount is 1, we saw precisely one character whose value is      /* If class_charcount is 1, we saw precisely one character whose value is
3674      less than 256. In non-UTF-8 mode we can always optimize. In UTF-8 mode, we      less than 256. As long as there were no characters >= 128 and there was no
3675      can optimize the negative case only if there were no characters >= 128      use of \p or \P, in other words, no use of any XCLASS features, we can
3676      because OP_NOT and the related opcodes like OP_NOTSTAR operate on      optimize.
3677      single-bytes only. This is an historical hangover. Maybe one day we can  
3678      tidy these opcodes to handle multi-byte characters.      In UTF-8 mode, we can optimize the negative case only if there were no
3679        characters >= 128 because OP_NOT and the related opcodes like OP_NOTSTAR
3680        operate on single-bytes only. This is an historical hangover. Maybe one day
3681        we can tidy these opcodes to handle multi-byte characters.
3682    
3683      The optimization throws away the bit map. We turn the item into a      The optimization throws away the bit map. We turn the item into a
3684      1-character OP_CHAR[NC] if it's positive, or OP_NOT if it's negative. Note      1-character OP_CHAR[NC] if it's positive, or OP_NOT if it's negative. Note
# Line 2801  for (;; ptr++) Line 3688  for (;; ptr++)
3688      reqbyte, save the previous value for reinstating. */      reqbyte, save the previous value for reinstating. */
3689    
3690  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
3691      if (class_charcount == 1 &&      if (class_charcount == 1 && !class_utf8 &&
3692            (!utf8 ||        (!utf8 || !negate_class || class_lastchar < 128))
           (!class_utf8 && (!negate_class || class_lastchar < 128))))  
   
3693  #else  #else
3694      if (class_charcount == 1)      if (class_charcount == 1)
3695  #endif  #endif
# Line 2847  for (;; ptr++) Line 3732  for (;; ptr++)
3732      zeroreqbyte = reqbyte;      zeroreqbyte = reqbyte;
3733    
3734      /* If there are characters with values > 255, we have to compile an      /* If there are characters with values > 255, we have to compile an
3735      extended class, with its own opcode. If there are no characters < 256,      extended class, with its own opcode, unless there was a negated special
3736      we can omit the bitmap in the actual compiled code. */      such as \S in the class, because in that case all characters > 255 are in
3737        the class, so any that were explicitly given as well can be ignored. If
3738        (when there are explicit characters > 255 that must be listed) there are no
3739        characters < 256, we can omit the bitmap in the actual compiled code. */
3740    
3741  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
3742      if (class_utf8)      if (class_utf8 && !should_flip_negation)
3743        {        {
3744        *class_utf8data++ = XCL_END;    /* Marks the end of extra data */        *class_utf8data++ = XCL_END;    /* Marks the end of extra data */
3745        *code++ = OP_XCLASS;        *code++ = OP_XCLASS;
# Line 2877  for (;; ptr++) Line 3765  for (;; ptr++)
3765        }        }
3766  #endif  #endif
3767    
3768      /* If there are no characters > 255, negate the 32-byte map if necessary,      /* If there are no characters > 255, set the opcode to OP_CLASS or
3769      and copy it into the code vector. If this is the first thing in the branch,      OP_NCLASS, depending on whether the whole class was negated and whether
3770      there can be no first char setting, whatever the repeat count. Any reqbyte      there were negative specials such as \S in the class. Then copy the 32-byte
3771      setting must remain unchanged after any kind of repeat. */      map into the code vector, negating it if necessary. */
3772    
3773        *code++ = (negate_class == should_flip_negation) ? OP_CLASS : OP_NCLASS;
3774      if (negate_class)      if (negate_class)
3775        {        {
       *code++ = OP_NCLASS;  
3776        if (lengthptr == NULL)    /* Save time in the pre-compile phase */        if (lengthptr == NULL)    /* Save time in the pre-compile phase */
3777          for (c = 0; c < 32; c++) code[c] = ~classbits[c];          for (c = 0; c < 32; c++) code[c] = ~classbits[c];
3778        }        }
3779      else      else
3780        {        {
       *code++ = OP_CLASS;  
3781        memcpy(code, classbits, 32);        memcpy(code, classbits, 32);
3782        }        }
3783      code += 32;      code += 32;
# Line 2901  for (;; ptr++) Line 3788  for (;; ptr++)
3788      /* Various kinds of repeat; '{' is not necessarily a quantifier, but this      /* Various kinds of repeat; '{' is not necessarily a quantifier, but this
3789      has been tested above. */      has been tested above. */
3790    
3791      case '{':      case CHAR_LEFT_CURLY_BRACKET:
3792      if (!is_quantifier) goto NORMAL_CHAR;      if (!is_quantifier) goto NORMAL_CHAR;
3793      ptr = read_repeat_counts(ptr+1, &repeat_min, &repeat_max, errorcodeptr);      ptr = read_repeat_counts(ptr+1, &repeat_min, &repeat_max, errorcodeptr);
3794      if (*errorcodeptr != 0) goto FAILED;      if (*errorcodeptr != 0) goto FAILED;
3795      goto REPEAT;      goto REPEAT;
3796    
3797      case '*':      case CHAR_ASTERISK:
3798      repeat_min = 0;      repeat_min = 0;
3799      repeat_max = -1;      repeat_max = -1;
3800      goto REPEAT;      goto REPEAT;
3801    
3802      case '+':      case CHAR_PLUS:
3803      repeat_min = 1;      repeat_min = 1;
3804      repeat_max = -1;      repeat_max = -1;
3805      goto REPEAT;      goto REPEAT;
3806    
3807      case '?':      case CHAR_QUESTION_MARK:
3808      repeat_min = 0;      repeat_min = 0;
3809      repeat_max = 1;      repeat_max = 1;
3810    
# Line 2952  for (;; ptr++) Line 3839  for (;; ptr++)
3839      but if PCRE_UNGREEDY is set, it works the other way round. We change the      but if PCRE_UNGREEDY is set, it works the other way round. We change the
3840      repeat type to the non-default. */      repeat type to the non-default. */
3841    
3842      if (ptr[1] == '+')      if (ptr[1] == CHAR_PLUS)
3843        {        {
3844        repeat_type = 0;                  /* Force greedy */        repeat_type = 0;                  /* Force greedy */
3845        possessive_quantifier = TRUE;        possessive_quantifier = TRUE;
3846        ptr++;        ptr++;
3847        }        }
3848      else if (ptr[1] == '?')      else if (ptr[1] == CHAR_QUESTION_MARK)
3849        {        {
3850        repeat_type = greedy_non_default;        repeat_type = greedy_non_default;
3851        ptr++;        ptr++;
# Line 3073  for (;; ptr++) Line 3960  for (;; ptr++)
3960    
3961        if (repeat_max == 0) goto END_REPEAT;        if (repeat_max == 0) goto END_REPEAT;
3962    
3963          /*--------------------------------------------------------------------*/
3964          /* This code is obsolete from release 8.00; the restriction was finally
3965          removed: */
3966    
3967        /* All real repeats make it impossible to handle partial matching (maybe        /* All real repeats make it impossible to handle partial matching (maybe
3968        one day we will be able to remove this restriction). */        one day we will be able to remove this restriction). */
3969    
3970        if (repeat_max != 1) cd->nopartial = TRUE;        /* if (repeat_max != 1) cd->external_flags |= PCRE_NOPARTIAL; */
3971          /*--------------------------------------------------------------------*/
3972    
3973        /* Combine the op_type with the repeat_type */        /* Combine the op_type with the repeat_type */
3974    
# Line 3223  for (;; ptr++) Line 4115  for (;; ptr++)
4115          goto END_REPEAT;          goto END_REPEAT;
4116          }          }
4117    
4118          /*--------------------------------------------------------------------*/
4119          /* This code is obsolete from release 8.00; the restriction was finally
4120          removed: */
4121    
4122        /* All real repeats make it impossible to handle partial matching (maybe        /* All real repeats make it impossible to handle partial matching (maybe
4123        one day we will be able to remove this restriction). */        one day we will be able to remove this restriction). */
4124    
4125        if (repeat_max != 1) cd->nopartial = TRUE;        /* if (repeat_max != 1) cd->external_flags |= PCRE_NOPARTIAL; */
4126          /*--------------------------------------------------------------------*/
4127    
4128        if (repeat_min == 0 && repeat_max == -1)        if (repeat_min == 0 && repeat_max == -1)
4129          *code++ = OP_CRSTAR + repeat_type;          *code++ = OP_CRSTAR + repeat_type;
# Line 3262  for (;; ptr++) Line 4159  for (;; ptr++)
4159          goto FAILED;          goto FAILED;
4160          }          }
4161    
       /* This is a paranoid check to stop integer overflow later on */  
   
       if (len > MAX_DUPLENGTH)  
         {  
         *errorcodeptr = ERR50;  
         goto FAILED;  
         }  
   
4162        /* If the maximum repeat count is unlimited, find the end of the bracket        /* If the maximum repeat count is unlimited, find the end of the bracket
4163        by scanning through from the start, and compute the offset back to it        by scanning through from the start, and compute the offset back to it
4164        from the current code pointer. There may be an OP_OPT setting following        from the current code pointer. There may be an OP_OPT setting following
# Line 3292  for (;; ptr++) Line 4181  for (;; ptr++)
4181    
4182        if (repeat_min == 0)        if (repeat_min == 0)
4183          {          {
4184          /* If the maximum is also zero, we just omit the group from the output          /* If the maximum is also zero, we used to just omit the group from the
4185          altogether. */          output altogether, like this:
   
         if (repeat_max == 0)  
           {  
           code = previous;  
           goto END_REPEAT;  
           }  
4186    
4187          /* If the maximum is 1 or unlimited, we just have to stick in the          ** if (repeat_max == 0)
4188          BRAZERO and do no more at this point. However, we do need to adjust          **   {
4189          any OP_RECURSE calls inside the group that refer to the group itself or          **   code = previous;
4190          any internal or forward referenced group, because the offset is from          **   goto END_REPEAT;
4191          the start of the whole regex. Temporarily terminate the pattern while          **   }
4192          doing this. */  
4193            However, that fails when a group is referenced as a subroutine from
4194            elsewhere in the pattern, so now we stick in OP_SKIPZERO in front of it
4195            so that it is skipped on execution. As we don't have a list of which
4196            groups are referenced, we cannot do this selectively.
4197    
4198            If the maximum is 1 or unlimited, we just have to stick in the BRAZERO
4199            and do no more at this point. However, we do need to adjust any
4200            OP_RECURSE calls inside the group that refer to the group itself or any
4201            internal or forward referenced group, because the offset is from the
4202            start of the whole regex. Temporarily terminate the pattern while doing
4203            this. */
4204    
4205          if (repeat_max <= 1)          if (repeat_max <= 1)    /* Covers 0, 1, and unlimited */
4206            {            {
4207            *code = OP_END;            *code = OP_END;
4208            adjust_recurse(previous, 1, utf8, cd, save_hwm);            adjust_recurse(previous, 1, utf8, cd, save_hwm);
4209            memmove(previous+1, previous, len);            memmove(previous+1, previous, len);
4210            code++;            code++;
4211              if (repeat_max == 0)
4212                {
4213                *previous++ = OP_SKIPZERO;
4214                goto END_REPEAT;
4215                }
4216            *previous++ = OP_BRAZERO + repeat_type;            *previous++ = OP_BRAZERO + repeat_type;
4217            }            }
4218    
# Line 3358  for (;; ptr++) Line 4257  for (;; ptr++)
4257          if (repeat_min > 1)          if (repeat_min > 1)
4258            {            {
4259            /* In the pre-compile phase, we don't actually do the replication. We            /* In the pre-compile phase, we don't actually do the replication. We
4260            just adjust the length as if we had. */            just adjust the length as if we had. Do some paranoid checks for
4261              potential integer overflow. The INT64_OR_DOUBLE type is a 64-bit
4262              integer type when available, otherwise double. */
4263    
4264            if (lengthptr != NULL)            if (lengthptr != NULL)
4265              *lengthptr += (repeat_min - 1)*length_prevgroup;              {
4266                int delta = (repeat_min - 1)*length_prevgroup;
4267                if ((INT64_OR_DOUBLE)(repeat_min - 1)*
4268                      (INT64_OR_DOUBLE)length_prevgroup >
4269                        (INT64_OR_DOUBLE)INT_MAX ||
4270                    OFLOW_MAX - *lengthptr < delta)
4271                  {
4272                  *errorcodeptr = ERR20;
4273                  goto FAILED;
4274                  }
4275                *lengthptr += delta;
4276                }
4277    
4278            /* This is compiling for real */            /* This is compiling for real */
4279    
# Line 3399  for (;; ptr++) Line 4311  for (;; ptr++)
4311          /* In the pre-compile phase, we don't actually do the replication. We          /* In the pre-compile phase, we don't actually do the replication. We
4312          just adjust the length as if we had. For each repetition we must add 1          just adjust the length as if we had. For each repetition we must add 1
4313          to the length for BRAZERO and for all but the last repetition we must          to the length for BRAZERO and for all but the last repetition we must
4314          add 2 + 2*LINKSIZE to allow for the nesting that occurs. */          add 2 + 2*LINKSIZE to allow for the nesting that occurs. Do some
4315            paranoid checks to avoid integer overflow. The INT64_OR_DOUBLE type is
4316            a 64-bit integer type when available, otherwise double. */
4317    
4318          if (lengthptr != NULL && repeat_max > 0)          if (lengthptr != NULL && repeat_max > 0)
4319            *lengthptr += repeat_max * (length_prevgroup + 1 + 2 + 2*LINK_SIZE) -            {
4320              2 - 2*LINK_SIZE;  /* Last one doesn't nest */            int delta = repeat_max * (length_prevgroup + 1 + 2 + 2*LINK_SIZE) -
4321                          2 - 2*LINK_SIZE;   /* Last one doesn't nest */
4322              if ((INT64_OR_DOUBLE)repeat_max *
4323                    (INT64_OR_DOUBLE)(length_prevgroup + 1 + 2 + 2*LINK_SIZE)
4324                      > (INT64_OR_DOUBLE)INT_MAX ||
4325                  OFLOW_MAX - *lengthptr < delta)
4326                {
4327                *errorcodeptr = ERR20;
4328                goto FAILED;
4329                }
4330              *lengthptr += delta;
4331              }
4332    
4333          /* This is compiling for real */          /* This is compiling for real */
4334    
# Line 3473  for (;; ptr++) Line 4398  for (;; ptr++)
4398            uschar *scode = bracode;            uschar *scode = bracode;
4399            do            do
4400              {              {
4401              if (could_be_empty_branch(scode, ketcode, utf8))              if (could_be_empty_branch(scode, ketcode, utf8, cd))
4402                {                {
4403                *bracode += OP_SBRA - OP_BRA;                *bracode += OP_SBRA - OP_BRA;
4404                break;                break;
# Line 3485  for (;; ptr++) Line 4410  for (;; ptr++)
4410          }          }
4411        }        }
4412    
4413        /* If previous is OP_FAIL, it was generated by an empty class [] in
4414        JavaScript mode. The other ways in which OP_FAIL can be generated, that is
4415        by (*FAIL) or (?!) set previous to NULL, which gives a "nothing to repeat"
4416        error above. We can just ignore the repeat in JS case. */
4417    
4418        else if (*previous == OP_FAIL) goto END_REPEAT;
4419    
4420      /* Else there's some kind of shambles */      /* Else there's some kind of shambles */
4421    
4422      else      else
# Line 3509  for (;; ptr++) Line 4441  for (;; ptr++)
4441      if (possessive_quantifier)      if (possessive_quantifier)
4442        {        {
4443        int len;        int len;
4444        if (*tempcode == OP_EXACT || *tempcode == OP_TYPEEXACT ||  
4445            *tempcode == OP_NOTEXACT)        if (*tempcode == OP_TYPEEXACT)
4446            tempcode += _pcre_OP_lengths[*tempcode] +
4447              ((tempcode[3] == OP_PROP || tempcode[3] == OP_NOTPROP)? 2 : 0);
4448    
4449          else if (*tempcode == OP_EXACT || *tempcode == OP_NOTEXACT)
4450            {
4451          tempcode += _pcre_OP_lengths[*tempcode];          tempcode += _pcre_OP_lengths[*tempcode];
4452    #ifdef SUPPORT_UTF8
4453            if (utf8 && tempcode[-1] >= 0xc0)
4454              tempcode += _pcre_utf8_table4[tempcode[-1] & 0x3f];
4455    #endif
4456            }
4457    
4458        len = code - tempcode;        len = code - tempcode;
4459        if (len > 0) switch (*tempcode)        if (len > 0) switch (*tempcode)
4460          {          {
# Line 3530  for (;; ptr++) Line 4473  for (;; ptr++)
4473          case OP_NOTQUERY: *tempcode = OP_NOTPOSQUERY; break;          case OP_NOTQUERY: *tempcode = OP_NOTPOSQUERY; break;
4474          case OP_NOTUPTO:  *tempcode = OP_NOTPOSUPTO; break;          case OP_NOTUPTO:  *tempcode = OP_NOTPOSUPTO; break;
4475    
4476            /* Because we are moving code along, we must ensure that any
4477            pending recursive references are updated. */
4478    
4479          default:          default:
4480            *code = OP_END;
4481            adjust_recurse(tempcode, 1 + LINK_SIZE, utf8, cd, save_hwm);
4482          memmove(tempcode + 1+LINK_SIZE, tempcode, len);          memmove(tempcode + 1+LINK_SIZE, tempcode, len);
4483          code += 1 + LINK_SIZE;          code += 1 + LINK_SIZE;
4484          len += 1 + LINK_SIZE;          len += 1 + LINK_SIZE;
# Line 3555  for (;; ptr++) Line 4503  for (;; ptr++)
4503      /* ===================================================================*/      /* ===================================================================*/
4504      /* Start of nested parenthesized sub-expression, or comment or lookahead or      /* Start of nested parenthesized sub-expression, or comment or lookahead or
4505      lookbehind or option setting or condition or all the other extended      lookbehind or option setting or condition or all the other extended
4506      parenthesis forms. First deal with the specials; all are introduced by ?,      parenthesis forms.  */
     and the appearance of any of them means that this is not a capturing  
     group. */  
4507    
4508      case '(':      case CHAR_LEFT_PARENTHESIS:
4509      newoptions = options;      newoptions = options;
4510      skipbytes = 0;      skipbytes = 0;
4511      bravalue = OP_CBRA;      bravalue = OP_CBRA;
4512      save_hwm = cd->hwm;      save_hwm = cd->hwm;
4513        reset_bracount = FALSE;
4514    
4515        /* First deal with various "verbs" that can be introduced by '*'. */
4516    
4517        if (*(++ptr) == CHAR_ASTERISK && (cd->ctypes[ptr[1]] & ctype_letter) != 0)
4518          {
4519          int i, namelen;
4520          const char *vn = verbnames;
4521          const uschar *name = ++ptr;
4522          previous = NULL;
4523          while ((cd->ctypes[*++ptr] & ctype_letter) != 0) {};
4524          if (*ptr == CHAR_COLON)
4525            {
4526            *errorcodeptr = ERR59;   /* Not supported */
4527            goto FAILED;
4528            }
4529          if (*ptr != CHAR_RIGHT_PARENTHESIS)
4530            {
4531            *errorcodeptr = ERR60;
4532            goto FAILED;
4533            }
4534          namelen = ptr - name;
4535          for (i = 0; i < verbcount; i++)
4536            {
4537            if (namelen == verbs[i].len &&
4538                strncmp((char *)name, vn, namelen) == 0)
4539              {
4540              /* Check for open captures before ACCEPT */
4541    
4542              if (verbs[i].op == OP_ACCEPT)
4543                {
4544                open_capitem *oc;
4545                cd->had_accept = TRUE;
4546                for (oc = cd->open_caps; oc != NULL; oc = oc->next)
4547                  {
4548                  *code++ = OP_CLOSE;
4549                  PUT2INC(code, 0, oc->number);
4550                  }
4551                }
4552              *code++ = verbs[i].op;
4553              break;
4554              }
4555            vn += verbs[i].len + 1;
4556            }
4557          if (i < verbcount) continue;
4558          *errorcodeptr = ERR60;
4559          goto FAILED;
4560          }
4561    
4562        /* Deal with the extended parentheses; all are introduced by '?', and the
4563        appearance of any of them means that this is not a capturing group. */
4564    
4565      if (*(++ptr) == '?')      else if (*ptr == CHAR_QUESTION_MARK)
4566        {        {
4567        int i, set, unset, namelen;        int i, set, unset, namelen;
4568        int *optset;        int *optset;
# Line 3574  for (;; ptr++) Line 4571  for (;; ptr++)
4571    
4572        switch (*(++ptr))        switch (*(++ptr))
4573          {          {
4574          case '#':                 /* Comment; skip to ket */          case CHAR_NUMBER_SIGN:                 /* Comment; skip to ket */
4575          ptr++;          ptr++;
4576          while (*ptr != 0 && *ptr != ')') ptr++;          while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
4577          if (*ptr == 0)          if (*ptr == 0)
4578            {            {
4579            *errorcodeptr = ERR18;            *errorcodeptr = ERR18;
# Line 3586  for (;; ptr++) Line 4583  for (;; ptr++)
4583    
4584    
4585          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
4586          case ':':                 /* Non-capturing bracket */          case CHAR_VERTICAL_LINE:  /* Reset capture count for each branch */
4587            reset_bracount = TRUE;
4588            /* Fall through */
4589    
4590            /* ------------------------------------------------------------ */
4591            case CHAR_COLON:          /* Non-capturing bracket */
4592          bravalue = OP_BRA;          bravalue = OP_BRA;
4593          ptr++;          ptr++;
4594          break;          break;
4595    
4596    
4597          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
4598          case '(':          case CHAR_LEFT_PARENTHESIS:
4599          bravalue = OP_COND;       /* Conditional group */          bravalue = OP_COND;       /* Conditional group */
4600    
4601          /* A condition can be an assertion, a number (referring to a numbered          /* A condition can be an assertion, a number (referring to a numbered
# Line 3613  for (;; ptr++) Line 4615  for (;; ptr++)
4615          the switch. This will take control down to where bracketed groups,          the switch. This will take control down to where bracketed groups,
4616          including assertions, are processed. */          including assertions, are processed. */
4617    
4618          if (ptr[1] == '?' && (ptr[2] == '=' || ptr[2] == '!' || ptr[2] == '<'))          if (ptr[1] == CHAR_QUESTION_MARK && (ptr[2] == CHAR_EQUALS_SIGN ||
4619                ptr[2] == CHAR_EXCLAMATION_MARK || ptr[2] == CHAR_LESS_THAN_SIGN))
4620            break;            break;
4621    
4622          /* Most other conditions use OP_CREF (a couple change to OP_RREF          /* Most other conditions use OP_CREF (a couple change to OP_RREF
# Line 3621  for (;; ptr++) Line 4624  for (;; ptr++)
4624    
4625          code[1+LINK_SIZE] = OP_CREF;          code[1+LINK_SIZE] = OP_CREF;
4626          skipbytes = 3;          skipbytes = 3;
4627            refsign = -1;
4628    
4629          /* Check for a test for recursion in a named group. */          /* Check for a test for recursion in a named group. */
4630    
4631          if (ptr[1] == 'R' && ptr[2] == '&')          if (ptr[1] == CHAR_R && ptr[2] == CHAR_AMPERSAND)
4632            {            {
4633            terminator = -1;            terminator = -1;
4634            ptr += 2;            ptr += 2;
# Line 3634  for (;; ptr++) Line 4638  for (;; ptr++)
4638          /* Check for a test for a named group's having been set, using the Perl          /* Check for a test for a named group's having been set, using the Perl
4639          syntax (?(<name>) or (?('name') */          syntax (?(<name>) or (?('name') */
4640    
4641          else if (ptr[1] == '<')          else if (ptr[1] == CHAR_LESS_THAN_SIGN)
4642            {            {
4643            terminator = '>';            terminator = CHAR_GREATER_THAN_SIGN;
4644            ptr++;            ptr++;
4645            }            }
4646          else if (ptr[1] == '\'')          else if (ptr[1] == CHAR_APOSTROPHE)
4647            {            {
4648            terminator = '\'';            terminator = CHAR_APOSTROPHE;
4649            ptr++;            ptr++;
4650            }            }
4651          else terminator = 0;          else
4652              {
4653              terminator = 0;
4654              if (ptr[1] == CHAR_MINUS || ptr[1] == CHAR_PLUS) refsign = *(++ptr);
4655              }
4656    
4657          /* We now expect to read a name; any thing else is an error */          /* We now expect to read a name; any thing else is an error */
4658    
# Line 3663  for (;; ptr++) Line 4671  for (;; ptr++)
4671            {            {
4672            if (recno >= 0)            if (recno >= 0)
4673              recno = ((digitab[*ptr] & ctype_digit) != 0)?              recno = ((digitab[*ptr] & ctype_digit) != 0)?
4674                recno * 10 + *ptr - '0' : -1;                recno * 10 + *ptr - CHAR_0 : -1;
4675            ptr++;            ptr++;
4676            }            }
4677          namelen = ptr - name;          namelen = ptr - name;
4678    
4679          if ((terminator > 0 && *ptr++ != terminator) || *ptr++ != ')')          if ((terminator > 0 && *ptr++ != terminator) ||
4680                *ptr++ != CHAR_RIGHT_PARENTHESIS)
4681            {            {
4682            ptr--;      /* Error offset */            ptr--;      /* Error offset */
4683            *errorcodeptr = ERR26;            *errorcodeptr = ERR26;
# Line 3680  for (;; ptr++) Line 4689  for (;; ptr++)
4689          if (lengthptr != NULL) break;          if (lengthptr != NULL) break;
4690    
4691          /* In the real compile we do the work of looking for the actual          /* In the real compile we do the work of looking for the actual
4692          reference. */          reference. If the string started with "+" or "-" we require the rest to
4693            be digits, in which case recno will be set. */
4694    
4695            if (refsign > 0)
4696              {
4697              if (recno <= 0)
4698                {
4699                *errorcodeptr = ERR58;
4700                goto FAILED;
4701                }
4702              recno = (refsign == CHAR_MINUS)?
4703                cd->bracount - recno + 1 : recno +cd->bracount;
4704              if (recno <= 0 || recno > cd->final_bracount)
4705                {
4706                *errorcodeptr = ERR15;
4707                goto FAILED;
4708                }
4709              PUT2(code, 2+LINK_SIZE, recno);
4710              break;
4711              }
4712    
4713            /* Otherwise (did not start with "+" or "-"), start by looking for the
4714            name. If we find a name, add one to the opcode to change OP_CREF or
4715            OP_RREF into OP_NCREF or OP_NRREF. These behave exactly the same,
4716            except they record that the reference was originally to a name. The
4717            information is used to check duplicate names. */
4718    
4719          slot = cd->name_table;          slot = cd->name_table;
4720          for (i = 0; i < cd->names_found; i++)          for (i = 0; i < cd->names_found; i++)
# Line 3695  for (;; ptr++) Line 4729  for (;; ptr++)
4729            {            {
4730            recno = GET2(slot, 0);            recno = GET2(slot, 0);
4731            PUT2(code, 2+LINK_SIZE, recno);            PUT2(code, 2+LINK_SIZE, recno);
4732              code[1+LINK_SIZE]++;
4733            }            }
4734    
4735          /* Search the pattern for a forward reference */          /* Search the pattern for a forward reference */
4736    
4737          else if ((i = find_parens(ptr, cd->bracount, name, namelen,          else if ((i = find_parens(cd, name, namelen,
4738                          (options & PCRE_EXTENDED) != 0)) > 0)                          (options & PCRE_EXTENDED) != 0)) > 0)
4739            {            {
4740            PUT2(code, 2+LINK_SIZE, i);            PUT2(code, 2+LINK_SIZE, i);
4741              code[1+LINK_SIZE]++;
4742            }            }
4743    
4744          /* If terminator == 0 it means that the name followed directly after          /* If terminator == 0 it means that the name followed directly after
# Line 3720  for (;; ptr++) Line 4756  for (;; ptr++)
4756          /* Check for (?(R) for recursion. Allow digits after R to specify a          /* Check for (?(R) for recursion. Allow digits after R to specify a
4757          specific group number. */          specific group number. */
4758    
4759          else if (*name == 'R')          else if (*name == CHAR_R)
4760            {            {
4761            recno = 0;            recno = 0;
4762            for (i = 1; i < namelen; i++)            for (i = 1; i < namelen; i++)
# Line 3730  for (;; ptr++) Line 4766  for (;; ptr++)
4766                *errorcodeptr = ERR15;                *errorcodeptr = ERR15;
4767                goto FAILED;                goto FAILED;
4768                }                }
4769              recno = recno * 10 + name[i] - '0';              recno = recno * 10 + name[i] - CHAR_0;
4770              }              }
4771            if (recno == 0) recno = RREF_ANY;            if (recno == 0) recno = RREF_ANY;
4772            code[1+LINK_SIZE] = OP_RREF;      /* Change test type */            code[1+LINK_SIZE] = OP_RREF;      /* Change test type */
# Line 3740  for (;; ptr++) Line 4776  for (;; ptr++)
4776          /* Similarly, check for the (?(DEFINE) "condition", which is always          /* Similarly, check for the (?(DEFINE) "condition", which is always
4777          false. */          false. */
4778    
4779          else if (namelen == 6 && strncmp((char *)name, "DEFINE", 6) == 0)          else if (namelen == 6 && strncmp((char *)name, STRING_DEFINE, 6) == 0)
4780            {            {
4781            code[1+LINK_SIZE] = OP_DEF;            code[1+LINK_SIZE] = OP_DEF;
4782            skipbytes = 1;            skipbytes = 1;
4783            }            }
4784    
4785          /* Check for the "name" actually being a subpattern number. */          /* Check for the "name" actually being a subpattern number. We are
4786            in the second pass here, so final_bracount is set. */
4787    
4788          else if (recno > 0)          else if (recno > 0 && recno <= cd->final_bracount)
4789            {            {
4790            PUT2(code, 2+LINK_SIZE, recno);            PUT2(code, 2+LINK_SIZE, recno);
4791            }            }
# Line 3764  for (;; ptr++) Line 4801  for (;; ptr++)
4801    
4802    
4803          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
4804          case '=':                 /* Positive lookahead */          case CHAR_EQUALS_SIGN:                 /* Positive lookahead */
4805          bravalue = OP_ASSERT;          bravalue = OP_ASSERT;
4806          ptr++;          ptr++;
4807          break;          break;
4808    
4809    
4810          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
4811          case '!':                 /* Negative lookahead */          case CHAR_EXCLAMATION_MARK:            /* Negative lookahead */
         bravalue = OP_ASSERT_NOT;  
4812          ptr++;          ptr++;
4813            if (*ptr == CHAR_RIGHT_PARENTHESIS)    /* Optimize (?!) */
4814              {
4815              *code++ = OP_FAIL;
4816              previous = NULL;
4817              continue;
4818              }
4819            bravalue = OP_ASSERT_NOT;
4820          break;          break;
4821    
4822    
4823          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
4824          case '<':                 /* Lookbehind or named define */          case CHAR_LESS_THAN_SIGN:              /* Lookbehind or named define */
4825          switch (ptr[1])          switch (ptr[1])
4826            {            {
4827            case '=':               /* Positive lookbehind */            case CHAR_EQUALS_SIGN:               /* Positive lookbehind */
4828            bravalue = OP_ASSERTBACK;            bravalue = OP_ASSERTBACK;
4829            ptr += 2;            ptr += 2;
4830            break;            break;
4831    
4832            case '!':               /* Negative lookbehind */            case CHAR_EXCLAMATION_MARK:          /* Negative lookbehind */
4833            bravalue = OP_ASSERTBACK_NOT;            bravalue = OP_ASSERTBACK_NOT;
4834            ptr += 2;            ptr += 2;
4835            break;            break;
# Line 3801  for (;; ptr++) Line 4844  for (;; ptr++)
4844    
4845    
4846          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
4847          case '>':                 /* One-time brackets */          case CHAR_GREATER_THAN_SIGN:           /* One-time brackets */
4848          bravalue = OP_ONCE;          bravalue = OP_ONCE;
4849          ptr++;          ptr++;
4850          break;          break;
4851    
4852    
4853          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
4854          case 'C':                 /* Callout - may be followed by digits; */          case CHAR_C:                 /* Callout - may be followed by digits; */
4855          previous_callout = code;  /* Save for later completion */          previous_callout = code;  /* Save for later completion */
4856          after_manual_callout = 1; /* Skip one item before completing */          after_manual_callout = 1; /* Skip one item before completing */
4857          *code++ = OP_CALLOUT;          *code++ = OP_CALLOUT;
4858            {            {
4859            int n = 0;            int n = 0;
4860            while ((digitab[*(++ptr)] & ctype_digit) != 0)            while ((digitab[*(++ptr)] & ctype_digit) != 0)
4861              n = n * 10 + *ptr - '0';              n = n * 10 + *ptr - CHAR_0;
4862            if (*ptr != ')')            if (*ptr != CHAR_RIGHT_PARENTHESIS)
4863              {              {
4864              *errorcodeptr = ERR39;              *errorcodeptr = ERR39;
4865              goto FAILED;              goto FAILED;
# Line 3836  for (;; ptr++) Line 4879  for (;; ptr++)
4879    
4880    
4881          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
4882          case 'P':                 /* Python-style named subpattern handling */          case CHAR_P:              /* Python-style named subpattern handling */
4883          if (*(++ptr) == '=' || *ptr == '>')  /* Reference or recursion */          if (*(++ptr) == CHAR_EQUALS_SIGN ||
4884                *ptr == CHAR_GREATER_THAN_SIGN)  /* Reference or recursion */
4885            {            {
4886            is_recurse = *ptr == '>';            is_recurse = *ptr == CHAR_GREATER_THAN_SIGN;
4887            terminator = ')';            terminator = CHAR_RIGHT_PARENTHESIS;
4888            goto NAMED_REF_OR_RECURSE;            goto NAMED_REF_OR_RECURSE;
4889            }            }
4890          else if (*ptr != '<')    /* Test for Python-style definition */          else if (*ptr != CHAR_LESS_THAN_SIGN)  /* Test for Python-style defn */
4891            {            {
4892            *errorcodeptr = ERR41;            *errorcodeptr = ERR41;
4893            goto FAILED;            goto FAILED;
# Line 3853  for (;; ptr++) Line 4897  for (;; ptr++)
4897    
4898          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
4899          DEFINE_NAME:    /* Come here from (?< handling */          DEFINE_NAME:    /* Come here from (?< handling */
4900          case '\'':          case CHAR_APOSTROPHE:
4901            {            {
4902            terminator = (*ptr == '<')? '>' : '\'';            terminator = (*ptr == CHAR_LESS_THAN_SIGN)?
4903                CHAR_GREATER_THAN_SIGN : CHAR_APOSTROPHE;
4904            name = ++ptr;            name = ++ptr;
4905    
4906            while ((cd->ctypes[*ptr] & ctype_word) != 0) ptr++;            while ((cd->ctypes[*ptr] & ctype_word) != 0) ptr++;
# Line 3886  for (;; ptr++) Line 4931  for (;; ptr++)
4931                }                }
4932              }              }
4933    
4934            /* In the real compile, create the entry in the table */            /* In the real compile, create the entry in the table, maintaining
4935              alphabetical order. Duplicate names for different numbers are
4936              permitted only if PCRE_DUPNAMES is set. Duplicate names for the same
4937              number are always OK. (An existing number can be re-used if (?|
4938              appears in the pattern.) In either event, a duplicate name results in
4939              a duplicate entry in the table, even if the number is the same. This
4940              is because the number of names, and hence the table size, is computed
4941              in the pre-compile, and it affects various numbers and pointers which
4942              would all have to be modified, and the compiled code moved down, if
4943              duplicates with the same number were omitted from the table. This
4944              doesn't seem worth the hassle. However, *different* names for the
4945              same number are not permitted. */
4946    
4947            else            else
4948              {              {
4949                BOOL dupname = FALSE;
4950              slot = cd->name_table;              slot = cd->name_table;
4951    
4952              for (i = 0; i < cd->names_found; i++)              for (i = 0; i < cd->names_found; i++)
4953                {                {
4954                int crc = memcmp(name, slot+2, namelen);                int crc = memcmp(name, slot+2, namelen);
# Line 3898  for (;; ptr++) Line 4956  for (;; ptr++)
4956                  {                  {
4957                  if (slot[2+namelen] == 0)                  if (slot[2+namelen] == 0)
4958                    {                    {
4959                    if ((options & PCRE_DUPNAMES) == 0)                    if (GET2(slot, 0) != cd->bracount + 1 &&
4960                          (options & PCRE_DUPNAMES) == 0)
4961                      {                      {
4962                      *errorcodeptr = ERR43;                      *errorcodeptr = ERR43;
4963                      goto FAILED;                      goto FAILED;
4964                      }                      }
4965                      else dupname = TRUE;
4966                    }                    }
4967                  else crc = -1;      /* Current name is substring */                  else crc = -1;      /* Current name is a substring */
4968                  }                  }
4969    
4970                  /* Make space in the table and break the loop for an earlier
4971                  name. For a duplicate or later name, carry on. We do this for
4972                  duplicates so that in the simple case (when ?(| is not used) they
4973                  are in order of their numbers. */
4974    
4975                if (crc < 0)                if (crc < 0)
4976                  {                  {
4977                  memmove(slot + cd->name_entry_size, slot,                  memmove(slot + cd->name_entry_size, slot,
4978                    (cd->names_found - i) * cd->name_entry_size);                    (cd->names_found - i) * cd->name_entry_size);
4979                  break;                  break;
4980                  }                  }
4981    
4982                  /* Continue the loop for a later or duplicate name */
4983    
4984                slot += cd->name_entry_size;                slot += cd->name_entry_size;
4985                }                }
4986    
4987                /* For non-duplicate names, check for a duplicate number before
4988                adding the new name. */
4989    
4990                if (!dupname)
4991                  {
4992                  uschar *cslot = cd->name_table;
4993                  for (i = 0; i < cd->names_found; i++)
4994                    {
4995                    if (cslot != slot)
4996                      {
4997                      if (GET2(cslot, 0) == cd->bracount + 1)
4998                        {
4999                        *errorcodeptr = ERR65;
5000                        goto FAILED;
5001                        }
5002                      }
5003                    else i--;
5004                    cslot += cd->name_entry_size;
5005                    }
5006                  }
5007    
5008              PUT2(slot, 0, cd->bracount + 1);              PUT2(slot, 0, cd->bracount + 1);
5009              memcpy(slot + 2, name, namelen);              memcpy(slot + 2, name, namelen);
5010              slot[2+namelen] = 0;              slot[2+namelen] = 0;
5011              }              }
5012            }            }
5013    
5014          /* In both cases, count the number of names we've encountered. */          /* In both pre-compile and compile, count the number of names we've
5015            encountered. */
5016    
         ptr++;                    /* Move past > or ' */  
5017          cd->names_found++;          cd->names_found++;
5018            ptr++;                    /* Move past > or ' */
5019          goto NUMBERED_GROUP;          goto NUMBERED_GROUP;
5020    
5021    
5022          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
5023          case '&':                 /* Perl recursion/subroutine syntax */          case CHAR_AMPERSAND:            /* Perl recursion/subroutine syntax */
5024          terminator = ')';          terminator = CHAR_RIGHT_PARENTHESIS;
5025          is_recurse = TRUE;          is_recurse = TRUE;
5026          /* Fall through */          /* Fall through */
5027    
5028          /* We come here from the Python syntax above that handles both          /* We come here from the Python syntax above that handles both
5029          references (?P=name) and recursion (?P>name), as well as falling          references (?P=name) and recursion (?P>name), as well as falling
5030          through from the Perl recursion syntax (?&name). */          through from the Perl recursion syntax (?&name). We also come here from
5031            the Perl \k<name> or \k'name' back reference syntax and the \k{name}
5032            .NET syntax, and the Oniguruma \g<...> and \g'...' subroutine syntax. */
5033    
5034          NAMED_REF_OR_RECURSE:          NAMED_REF_OR_RECURSE:
5035          name = ++ptr;          name = ++ptr;
# Line 3948  for (;; ptr++) Line 5041  for (;; ptr++)
5041    
5042          if (lengthptr != NULL)          if (lengthptr != NULL)
5043            {            {
5044              if (namelen == 0)
5045                {
5046                *errorcodeptr = ERR62;
5047                goto FAILED;
5048                }
5049            if (*ptr != terminator)            if (*ptr != terminator)
5050              {              {
5051              *errorcodeptr = ERR42;              *errorcodeptr = ERR42;
# Line 3961  for (;; ptr++) Line 5059  for (;; ptr++)
5059            recno = 0;            recno = 0;
5060            }            }
5061    
5062          /* In the real compile, seek the name in the table */          /* In the real compile, seek the name in the table. We check the name
5063            first, and then check that we have reached the end of the name in the
5064            table. That way, if the name that is longer than any in the table,
5065            the comparison will fail without reading beyond the table entry. */
5066    
5067          else          else
5068            {            {
5069            slot = cd->name_table;            slot = cd->name_table;
5070            for (i = 0; i < cd->names_found; i++)            for (i = 0; i < cd->names_found; i++)
5071              {              {
5072              if (strncmp((char *)name, (char *)slot+2, namelen) == 0) break;              if (strncmp((char *)name, (char *)slot+2, namelen) == 0 &&
5073                    slot[2+namelen] == 0)
5074                  break;
5075              slot += cd->name_entry_size;              slot += cd->name_entry_size;
5076              }              }
5077    
# Line 3977  for (;; ptr++) Line 5080  for (;; ptr++)
5080              recno = GET2(slot, 0);              recno = GET2(slot, 0);
5081              }              }
5082            else if ((recno =                /* Forward back reference */            else if ((recno =                /* Forward back reference */
5083                      find_parens(ptr, cd->bracount, name, namelen,                      find_parens(cd, name, namelen,
5084                        (options & PCRE_EXTENDED) != 0)) <= 0)                        (options & PCRE_EXTENDED) != 0)) <= 0)
5085              {              {
5086              *errorcodeptr = ERR15;              *errorcodeptr = ERR15;
# Line 3993  for (;; ptr++) Line 5096  for (;; ptr++)
5096    
5097    
5098          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
5099          case 'R':                 /* Recursion */          case CHAR_R:              /* Recursion */
5100          ptr++;                    /* Same as (?0)      */          ptr++;                    /* Same as (?0)      */
5101          /* Fall through */          /* Fall through */
5102    
5103    
5104          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
5105          case '0': case '1': case '2': case '3': case '4':   /* Recursion or */          case CHAR_MINUS: case CHAR_PLUS:  /* Recursion or subroutine */
5106          case '5': case '6': case '7': case '8': case '9':   /* subroutine */          case CHAR_0: case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4:
5107            case CHAR_5: case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
5108            {            {
5109            const uschar *called;            const uschar *called;
5110              terminator = CHAR_RIGHT_PARENTHESIS;
5111    
5112              /* Come here from the \g<...> and \g'...' code (Oniguruma
5113              compatibility). However, the syntax has been checked to ensure that
5114              the ... are a (signed) number, so that neither ERR63 nor ERR29 will
5115              be called on this path, nor with the jump to OTHER_CHAR_AFTER_QUERY
5116              ever be taken. */
5117    
5118              HANDLE_NUMERICAL_RECURSION:
5119    
5120              if ((refsign = *ptr) == CHAR_PLUS)
5121                {
5122                ptr++;
5123                if ((digitab[*ptr] & ctype_digit) == 0)
5124                  {
5125                  *errorcodeptr = ERR63;
5126                  goto FAILED;
5127                  }
5128                }
5129              else if (refsign == CHAR_MINUS)
5130                {
5131                if ((digitab[ptr[1]] & ctype_digit) == 0)
5132                  goto OTHER_CHAR_AFTER_QUERY;
5133                ptr++;
5134                }
5135    
5136            recno = 0;            recno = 0;
5137            while((digitab[*ptr] & ctype_digit) != 0)            while((digitab[*ptr] & ctype_digit) != 0)
5138              recno = recno * 10 + *ptr++ - '0';              recno = recno * 10 + *ptr++ - CHAR_0;
5139            if (*ptr != ')')  
5140              if (*ptr != terminator)
5141              {              {
5142              *errorcodeptr = ERR29;              *errorcodeptr = ERR29;
5143              goto FAILED;              goto FAILED;
5144              }              }
5145    
5146              if (refsign == CHAR_MINUS)
5147                {
5148                if (recno == 0)
5149                  {
5150                  *errorcodeptr = ERR58;
5151                  goto FAILED;
5152                  }
5153                recno = cd->bracount - recno + 1;
5154                if (recno <= 0)
5155                  {
5156                  *errorcodeptr = ERR15;
5157                  goto FAILED;
5158                  }
5159                }
5160              else if (refsign == CHAR_PLUS)
5161                {
5162                if (recno == 0)
5163                  {
5164                  *errorcodeptr = ERR58;
5165                  goto FAILED;
5166                  }
5167                recno += cd->bracount;
5168                }
5169    
5170            /* Come here from code above that handles a named recursion */            /* Come here from code above that handles a named recursion */
5171    
5172            HANDLE_RECURSION:            HANDLE_RECURSION:
# Line 4029  for (;; ptr++) Line 5184  for (;; ptr++)
5184            if (lengthptr == NULL)            if (lengthptr == NULL)
5185              {              {
5186              *code = OP_END;              *code = OP_END;
5187              if (recno != 0) called = find_bracket(cd->start_code, utf8, recno);              if (recno != 0)
5188                  called = _pcre_find_bracket(cd->start_code, utf8, recno);
5189    
5190              /* Forward reference */              /* Forward reference */
5191    
5192              if (called == NULL)              if (called == NULL)
5193                {                {
5194                if (find_parens(ptr, cd->bracount, NULL, recno,                if (find_parens(cd, NULL, recno,
5195                     (options & PCRE_EXTENDED) != 0) < 0)                      (options & PCRE_EXTENDED) != 0) < 0)
5196                  {                  {
5197                  *errorcodeptr = ERR15;                  *errorcodeptr = ERR15;
5198                  goto FAILED;                  goto FAILED;
5199                  }                  }
5200    
5201                  /* Fudge the value of "called" so that when it is inserted as an
5202                  offset below, what it actually inserted is the reference number
5203                  of the group. */
5204    
5205                called = cd->start_code + recno;                called = cd->start_code + recno;
5206                PUTINC(cd->hwm, 0, code + 2 + LINK_SIZE - cd->start_code);                PUTINC(cd->hwm, 0, code + 2 + LINK_SIZE - cd->start_code);
5207                }                }
# Line 4050  for (;; ptr++) Line 5211  for (;; ptr++)
5211              recursion that could loop for ever, and diagnose that case. */              recursion that could loop for ever, and diagnose that case. */
5212    
5213              else if (GET(called, 1) == 0 &&              else if (GET(called, 1) == 0 &&
5214                       could_be_empty(called, code, bcptr, utf8))                       could_be_empty(called, code, bcptr, utf8, cd))
5215                {                {
5216                *errorcodeptr = ERR40;                *errorcodeptr = ERR40;
5217                goto FAILED;                goto FAILED;
# Line 4084  for (;; ptr++) Line 5245  for (;; ptr++)
5245    
5246          /* ------------------------------------------------------------ */          /* ------------------------------------------------------------ */
5247          default:              /* Other characters: check option setting */          default:              /* Other characters: check option setting */
5248            OTHER_CHAR_AFTER_QUERY:
5249          set = unset = 0;          set = unset = 0;
5250          optset = &set;          optset = &set;
5251    
5252          while (*ptr != ')' && *ptr != ':')          while (*ptr != CHAR_RIGHT_PARENTHESIS && *ptr != CHAR_COLON)
5253            {            {
5254            switch (*ptr++)            switch (*ptr++)
5255              {              {
5256              case '-': optset = &unset; break;              case CHAR_MINUS: optset = &unset; break;
5257    
5258              case 'J':    /* Record that it changed in the external options */              case CHAR_J:    /* Record that it changed in the external options */
5259              *optset |= PCRE_DUPNAMES;              *optset |= PCRE_DUPNAMES;
5260              cd->external_options |= PCRE_JCHANGED;              cd->external_flags |= PCRE_JCHANGED;
5261              break;              break;
5262    
5263              case 'i': *optset |= PCRE_CASELESS; break;              case CHAR_i: *optset |= PCRE_CASELESS; break;
5264              case 'm': *optset |= PCRE_MULTILINE; break;              case CHAR_m: *optset |= PCRE_MULTILINE; break;
5265              case 's': *optset |= PCRE_DOTALL; break;              case CHAR_s: *optset |= PCRE_DOTALL; break;
5266              case 'x': *optset |= PCRE_EXTENDED; break;              case CHAR_x: *optset |= PCRE_EXTENDED; break;
5267              case 'U': *optset |= PCRE_UNGREEDY; break;              case CHAR_U: *optset |= PCRE_UNGREEDY; break;
5268              case 'X': *optset |= PCRE_EXTRA; break;              case CHAR_X: *optset |= PCRE_EXTRA; break;
5269    
5270              default:  *errorcodeptr = ERR12;              default:  *errorcodeptr = ERR12;
5271                        ptr--;    /* Correct the offset */                        ptr--;    /* Correct the offset */
# Line 4134  for (;; ptr++) Line 5296  for (;; ptr++)
5296          both phases.          both phases.
5297    
5298          If we are not at the pattern start, compile code to change the ims          If we are not at the pattern start, compile code to change the ims
5299          options if this setting actually changes any of them. We also pass the          options if this setting actually changes any of them, and reset the
5300          new setting back so that it can be put at the start of any following          greedy defaults and the case value for firstbyte and reqbyte. */
         branches, and when this group ends (if we are in a group), a resetting  
         item can be compiled. */  
5301    
5302          if (*ptr == ')')          if (*ptr == CHAR_RIGHT_PARENTHESIS)
5303            {            {
5304            if (code == cd->start_code + 1 + LINK_SIZE &&            if (code == cd->start_code + 1 + LINK_SIZE &&
5305                 (lengthptr == NULL || *lengthptr == 2 + 2*LINK_SIZE))                 (lengthptr == NULL || *lengthptr == 2 + 2*LINK_SIZE))
5306              {              {
5307              cd->external_options = newoptions;              cd->external_options = newoptions;
             options = newoptions;  
5308              }              }
5309           else            else
5310              {              {
5311              if ((options & PCRE_IMS) != (newoptions & PCRE_IMS))              if ((options & PCRE_IMS) != (newoptions & PCRE_IMS))
5312                {                {
5313                *code++ = OP_OPT;                *code++ = OP_OPT;
5314                *code++ = newoptions & PCRE_IMS;                *code++ = newoptions & PCRE_IMS;
5315                }                }
   
             /* Change options at this level, and pass them back for use  
             in subsequent branches. Reset the greedy defaults and the case  
             value for firstbyte and reqbyte. */  
   
             *optionsptr = options = newoptions;  
5316              greedy_default = ((newoptions & PCRE_UNGREEDY) != 0);              greedy_default = ((newoptions & PCRE_UNGREEDY) != 0);
5317              greedy_non_default = greedy_default ^ 1;              greedy_non_default = greedy_default ^ 1;
5318              req_caseopt = ((options & PCRE_CASELESS) != 0)? REQ_CASELESS : 0;              req_caseopt = ((newoptions & PCRE_CASELESS) != 0)? REQ_CASELESS : 0;
5319              }              }
5320    
5321              /* Change options at this level, and pass them back for use
5322              in subsequent branches. When not at the start of the pattern, this
5323              information is also necessary so that a resetting item can be
5324              compiled at the end of a group (if we are in a group). */
5325    
5326              *optionsptr = options = newoptions;
5327            previous = NULL;       /* This item can't be repeated */            previous = NULL;       /* This item can't be repeated */
5328            continue;              /* It is complete */            continue;              /* It is complete */
5329            }            }
# Line 4218  for (;; ptr++) Line 5377  for (;; ptr++)
5377           errorcodeptr,                 /* Where to put an error message */           errorcodeptr,                 /* Where to put an error message */
5378           (bravalue == OP_ASSERTBACK ||           (bravalue == OP_ASSERTBACK ||
5379            bravalue == OP_ASSERTBACK_NOT), /* TRUE if back assert */            bravalue == OP_ASSERTBACK_NOT), /* TRUE if back assert */
5380             reset_bracount,               /* True if (?| group */
5381           skipbytes,                    /* Skip over bracket number */           skipbytes,                    /* Skip over bracket number */
5382           &subfirstbyte,                /* For possible first char */           &subfirstbyte,                /* For possible first char */
5383           &subreqbyte,                  /* For possible last char */           &subreqbyte,                  /* For possible last char */
# Line 4234  for (;; ptr++) Line 5394  for (;; ptr++)
5394      is on the bracket. */      is on the bracket. */
5395    
5396      /* If this is a conditional bracket, check that there are no more than      /* If this is a conditional bracket, check that there are no more than
5397      two branches in the group, or just one if it's a DEFINE group. */      two branches in the group, or just one if it's a DEFINE group. We do this
5398        in the real compile phase, not in the pre-pass, where the whole group may
5399        not be available. */
5400    
5401      if (bravalue == OP_COND)      if (bravalue == OP_COND && lengthptr == NULL)
5402        {        {
5403        uschar *tc = code;        uschar *tc = code;
5404        int condcount = 0;        int condcount = 0;
# Line 4277  for (;; ptr++) Line 5439  for (;; ptr++)
5439    
5440      /* Error if hit end of pattern */      /* Error if hit end of pattern */
5441    
5442      if (*ptr != ')')      if (*ptr != CHAR_RIGHT_PARENTHESIS)
5443        {        {
5444        *errorcodeptr = ERR14;        *errorcodeptr = ERR14;
5445        goto FAILED;        goto FAILED;
5446        }        }
5447    
5448      /* In the pre-compile phase, update the length by the length of the nested      /* In the pre-compile phase, update the length by the length of the group,
5449      group, less the brackets at either end. Then reduce the compiled code to      less the brackets at either end. Then reduce the compiled code to just a
5450      just the brackets so that it doesn't use much memory if it is duplicated by      set of non-capturing brackets so that it doesn't use much memory if it is
5451      a quantifier. */      duplicated by a quantifier.*/
5452    
5453      if (lengthptr != NULL)      if (lengthptr != NULL)
5454        {        {
5455          if (OFLOW_MAX - *lengthptr < length_prevgroup - 2 - 2*LINK_SIZE)
5456            {
5457            *errorcodeptr = ERR20;
5458            goto FAILED;
5459            }
5460        *lengthptr += length_prevgroup - 2 - 2*LINK_SIZE;        *lengthptr += length_prevgroup - 2 - 2*LINK_SIZE;
5461        code++;        *code++ = OP_BRA;
5462        PUTINC(code, 0, 1 + LINK_SIZE);        PUTINC(code, 0, 1 + LINK_SIZE);
5463        *code++ = OP_KET;        *code++ = OP_KET;
5464        PUTINC(code, 0, 1 + LINK_SIZE);        PUTINC(code, 0, 1 + LINK_SIZE);
5465          break;    /* No need to waste time with special character handling */
5466        }        }
5467    
5468      /* Otherwise update the main code pointer to the end of the group. */      /* Otherwise update the main code pointer to the end of the group. */
5469    
5470      else code = tempcode;      code = tempcode;
5471    
5472      /* For a DEFINE group, required and first character settings are not      /* For a DEFINE group, required and first character settings are not
5473      relevant. */      relevant. */
# Line 4369  for (;; ptr++) Line 5537  for (;; ptr++)
5537      We can test for values between ESC_b and ESC_Z for the latter; this may      We can test for values between ESC_b and ESC_Z for the latter; this may
5538      have to change if any new ones are ever created. */      have to change if any new ones are ever created. */
5539    
5540      case '\\':      case CHAR_BACKSLASH:
5541      tempptr = ptr;      tempptr = ptr;
5542      c = check_escape(&ptr, errorcodeptr, cd->bracount, options, FALSE);      c = check_escape(&ptr, errorcodeptr, cd->bracount, options, FALSE);
5543      if (*errorcodeptr != 0) goto FAILED;      if (*errorcodeptr != 0) goto FAILED;
# Line 4378  for (;; ptr++) Line 5546  for (;; ptr++)
5546        {        {
5547        if (-c == ESC_Q)            /* Handle start of quoted string */        if (-c == ESC_Q)            /* Handle start of quoted string */
5548          {          {
5549          if (ptr[1] == '\\' && ptr[2] == 'E') ptr += 2; /* avoid empty string */          if (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
5550            else inescq = TRUE;            ptr += 2;               /* avoid empty string */
5551                else inescq = TRUE;
5552          continue;          continue;
5553          }          }
5554    
# Line 4396  for (;; ptr++) Line 5565  for (;; ptr++)
5565        zerofirstbyte = firstbyte;        zerofirstbyte = firstbyte;
5566        zeroreqbyte = reqbyte;        zeroreqbyte = reqbyte;
5567    
5568        /* \k<name> or \k'name' is a back reference by name (Perl syntax) */        /* \g<name> or \g'name' is a subroutine call by name and \g<n> or \g'n'
5569          is a subroutine call by number (Oniguruma syntax). In fact, the value
5570          -ESC_g is returned only for these cases. So we don't need to check for <
5571          or ' if the value is -ESC_g. For the Perl syntax \g{n} the value is
5572          -ESC_REF+n, and for the Perl syntax \g{name} the result is -ESC_k (as
5573          that is a synonym for a named back reference). */
5574    
5575          if (-c == ESC_g)
5576            {
5577            const uschar *p;
5578            save_hwm = cd->hwm;   /* Normally this is set when '(' is read */
5579            terminator = (*(++ptr) == CHAR_LESS_THAN_SIGN)?
5580              CHAR_GREATER_THAN_SIGN : CHAR_APOSTROPHE;
5581    
5582            /* These two statements stop the compiler for warning about possibly
5583            unset variables caused by the jump to HANDLE_NUMERICAL_RECURSION. In
5584            fact, because we actually check for a number below, the paths that
5585            would actually be in error are never taken. */
5586    
5587            skipbytes = 0;
5588            reset_bracount = FALSE;
5589    
5590            /* Test for a name */
5591    
5592            if (ptr[1] != CHAR_PLUS && ptr[1] != CHAR_MINUS)
5593              {
5594              BOOL isnumber = TRUE;
5595              for (p = ptr + 1; *p != 0 && *p != terminator; p++)
5596                {
5597                if ((cd->ctypes[*p] & ctype_digit) == 0) isnumber = FALSE;
5598                if ((cd->ctypes[*p] & ctype_word) == 0) break;
5599                }
5600              if (*p != terminator)
5601                {
5602                *errorcodeptr = ERR57;
5603                break;
5604                }
5605              if (isnumber)
5606                {
5607                ptr++;
5608                goto HANDLE_NUMERICAL_RECURSION;
5609                }
5610              is_recurse = TRUE;
5611              goto NAMED_REF_OR_RECURSE;
5612              }
5613    
5614            /* Test a signed number in angle brackets or quotes. */
5615    
5616            p = ptr + 2;
5617            while ((digitab[*p] & ctype_digit) != 0) p++;
5618            if (*p != terminator)
5619              {
5620              *errorcodeptr = ERR57;
5621              break;
5622              }
5623            ptr++;
5624            goto HANDLE_NUMERICAL_RECURSION;
5625            }
5626    
5627          /* \k<name> or \k'name' is a back reference by name (Perl syntax).
5628          We also support \k{name} (.NET syntax) */