/[pcre]/code/trunk/pcre_compile.c
ViewVC logotype

Diff of /code/trunk/pcre_compile.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 264 by ph10, Tue Nov 13 11:07:16 2007 UTC revision 1538 by ph10, Sun Mar 29 11:22:24 2015 UTC
# Line 6  Line 6 
6  and semantics are as close as possible to those of the Perl 5 language.  and semantics are as close as possible to those of the Perl 5 language.
7    
8                         Written by Philip Hazel                         Written by Philip Hazel
9             Copyright (c) 1997-2007 University of Cambridge             Copyright (c) 1997-2014 University of Cambridge
10    
11  -----------------------------------------------------------------------------  -----------------------------------------------------------------------------
12  Redistribution and use in source and binary forms, with or without  Redistribution and use in source and binary forms, with or without
# Line 47  supporting internal functions that are n Line 47  supporting internal functions that are n
47  #endif  #endif
48    
49  #define NLBLOCK cd             /* Block containing newline information */  #define NLBLOCK cd             /* Block containing newline information */
50  #define PSSTART start_pattern  /* Field containing processed string start */  #define PSSTART start_pattern  /* Field containing pattern start */
51  #define PSEND   end_pattern    /* Field containing processed string end */  #define PSEND   end_pattern    /* Field containing pattern end */
52    
53  #include "pcre_internal.h"  #include "pcre_internal.h"
54    
55    
56  /* When DEBUG is defined, we need the pcre_printint() function, which is also  /* When PCRE_DEBUG is defined, we need the pcre(16|32)_printint() function, which
57  used by pcretest. DEBUG is not defined when building a production library. */  is also used by pcretest. PCRE_DEBUG is not defined when building a production
58    library. We do not need to select pcre16_printint.c specially, because the
59  #ifdef DEBUG  COMPILE_PCREx macro will already be appropriately set. */
60  #include "pcre_printint.src"  
61    #ifdef PCRE_DEBUG
62    /* pcre_printint.c should not include any headers */
63    #define PCRE_INCLUDED
64    #include "pcre_printint.c"
65    #undef PCRE_INCLUDED
66  #endif  #endif
67    
68    
69  /* Macro for setting individual bits in class bitmaps. */  /* Macro for setting individual bits in class bitmaps. */
70    
71  #define SETBIT(a,b) a[b/8] |= (1 << (b%8))  #define SETBIT(a,b) a[(b)/8] |= (1 << ((b)&7))
72    
73  /* Maximum length value to check against when making sure that the integer that  /* Maximum length value to check against when making sure that the integer that
74  holds the compiled pattern length does not overflow. We make it a bit less than  holds the compiled pattern length does not overflow. We make it a bit less than
# Line 72  to check them every time. */ Line 77  to check them every time. */
77    
78  #define OFLOW_MAX (INT_MAX - 20)  #define OFLOW_MAX (INT_MAX - 20)
79    
80    /* Definitions to allow mutual recursion */
81    
82    static int
83      add_list_to_class(pcre_uint8 *, pcre_uchar **, int, compile_data *,
84        const pcre_uint32 *, unsigned int);
85    
86    static BOOL
87      compile_regex(int, pcre_uchar **, const pcre_uchar **, int *, BOOL, BOOL, int, int,
88        pcre_uint32 *, pcre_int32 *, pcre_uint32 *, pcre_int32 *, branch_chain *,
89        compile_data *, int *);
90    
91    
92    
93  /*************************************************  /*************************************************
94  *      Code parameters and static tables         *  *      Code parameters and static tables         *
# Line 87  so this number is very generous. Line 104  so this number is very generous.
104  The same workspace is used during the second, actual compile phase for  The same workspace is used during the second, actual compile phase for
105  remembering forward references to groups so that they can be filled in at the  remembering forward references to groups so that they can be filled in at the
106  end. Each entry in this list occupies LINK_SIZE bytes, so even when LINK_SIZE  end. Each entry in this list occupies LINK_SIZE bytes, so even when LINK_SIZE
107  is 4 there is plenty of room. */  is 4 there is plenty of room for most patterns. However, the memory can get
108    filled up by repetitions of forward references, for example patterns like
109    /(?1){0,1999}(b)/, and one user did hit the limit. The code has been changed so
110    that the workspace is expanded using malloc() in this situation. The value
111    below is therefore a minimum, and we put a maximum on it for safety. The
112    minimum is now also defined in terms of LINK_SIZE so that the use of malloc()
113    kicks in at the same number of forward references in all cases. */
114    
115    #define COMPILE_WORK_SIZE (2048*LINK_SIZE)
116    #define COMPILE_WORK_SIZE_MAX (100*COMPILE_WORK_SIZE)
117    
118  #define COMPILE_WORK_SIZE (4096)  /* This value determines the size of the initial vector that is used for
119    remembering named groups during the pre-compile. It is allocated on the stack,
120    but if it is too small, it is expanded using malloc(), in a similar way to the
121    workspace. The value is the number of slots in the list. */
122    
123    #define NAMED_GROUP_LIST_SIZE  20
124    
125    /* The overrun tests check for a slightly smaller size so that they detect the
126    overrun before it actually does run off the end of the data block. */
127    
128    #define WORK_SIZE_SAFETY_MARGIN (100)
129    
130    /* Private flags added to firstchar and reqchar. */
131    
132    #define REQ_CASELESS    (1 << 0)        /* Indicates caselessness */
133    #define REQ_VARY        (1 << 1)        /* Reqchar followed non-literal item */
134    /* Negative values for the firstchar and reqchar flags */
135    #define REQ_UNSET       (-2)
136    #define REQ_NONE        (-1)
137    
138    /* Repeated character flags. */
139    
140    #define UTF_LENGTH     0x10000000l      /* The char contains its length. */
141    
142  /* Table for handling escaped characters in the range '0'-'z'. Positive returns  /* Table for handling escaped characters in the range '0'-'z'. Positive returns
143  are simple data values; negative values are for special things like \d and so  are simple data values; negative values are for special things like \d and so
144  on. Zero means further processing is needed (for things like \x), or the escape  on. Zero means further processing is needed (for things like \x), or the escape
145  is invalid. */  is invalid. */
146    
147  #ifndef EBCDIC  /* This is the "normal" table for ASCII systems */  #ifndef EBCDIC
148    
149    /* This is the "normal" table for ASCII systems or for EBCDIC systems running
150    in UTF-8 mode. */
151    
152  static const short int escapes[] = {  static const short int escapes[] = {
153       0,      0,      0,      0,      0,      0,      0,      0,   /* 0 - 7 */       0,                       0,
154       0,      0,    ':',    ';',    '<',    '=',    '>',    '?',   /* 8 - ? */       0,                       0,
155     '@', -ESC_A, -ESC_B, -ESC_C, -ESC_D, -ESC_E,      0, -ESC_G,   /* @ - G */       0,                       0,
156  -ESC_H,      0,      0, -ESC_K,      0,      0,      0,      0,   /* H - O */       0,                       0,
157  -ESC_P, -ESC_Q, -ESC_R, -ESC_S,      0,      0, -ESC_V, -ESC_W,   /* P - W */       0,                       0,
158  -ESC_X,      0, -ESC_Z,    '[',   '\\',    ']',    '^',    '_',   /* X - _ */       CHAR_COLON,              CHAR_SEMICOLON,
159     '`',      7, -ESC_b,      0, -ESC_d,  ESC_e,  ESC_f,      0,   /* ` - g */       CHAR_LESS_THAN_SIGN,     CHAR_EQUALS_SIGN,
160  -ESC_h,      0,      0, -ESC_k,      0,      0,  ESC_n,      0,   /* h - o */       CHAR_GREATER_THAN_SIGN,  CHAR_QUESTION_MARK,
161  -ESC_p,      0,  ESC_r, -ESC_s,  ESC_tee,    0, -ESC_v, -ESC_w,   /* p - w */       CHAR_COMMERCIAL_AT,      -ESC_A,
162       0,      0, -ESC_z                                            /* x - z */       -ESC_B,                  -ESC_C,
163         -ESC_D,                  -ESC_E,
164         0,                       -ESC_G,
165         -ESC_H,                  0,
166         0,                       -ESC_K,
167         0,                       0,
168         -ESC_N,                  0,
169         -ESC_P,                  -ESC_Q,
170         -ESC_R,                  -ESC_S,
171         0,                       0,
172         -ESC_V,                  -ESC_W,
173         -ESC_X,                  0,
174         -ESC_Z,                  CHAR_LEFT_SQUARE_BRACKET,
175         CHAR_BACKSLASH,          CHAR_RIGHT_SQUARE_BRACKET,
176         CHAR_CIRCUMFLEX_ACCENT,  CHAR_UNDERSCORE,
177         CHAR_GRAVE_ACCENT,       7,
178         -ESC_b,                  0,
179         -ESC_d,                  ESC_e,
180         ESC_f,                   0,
181         -ESC_h,                  0,
182         0,                       -ESC_k,
183         0,                       0,
184         ESC_n,                   0,
185         -ESC_p,                  0,
186         ESC_r,                   -ESC_s,
187         ESC_tee,                 0,
188         -ESC_v,                  -ESC_w,
189         0,                       0,
190         -ESC_z
191  };  };
192    
193  #else           /* This is the "abnormal" table for EBCDIC systems */  #else
194    
195    /* This is the "abnormal" table for EBCDIC systems without UTF-8 support. */
196    
197  static const short int escapes[] = {  static const short int escapes[] = {
198  /*  48 */     0,     0,      0,     '.',    '<',   '(',    '+',    '|',  /*  48 */     0,     0,      0,     '.',    '<',   '(',    '+',    '|',
199  /*  50 */   '&',     0,      0,       0,      0,     0,      0,      0,  /*  50 */   '&',     0,      0,       0,      0,     0,      0,      0,
# Line 130  static const short int escapes[] = { Line 212  static const short int escapes[] = {
212  /*  B8 */     0,     0,      0,       0,      0,   ']',    '=',    '-',  /*  B8 */     0,     0,      0,       0,      0,   ']',    '=',    '-',
213  /*  C0 */   '{',-ESC_A, -ESC_B,  -ESC_C, -ESC_D,-ESC_E,      0, -ESC_G,  /*  C0 */   '{',-ESC_A, -ESC_B,  -ESC_C, -ESC_D,-ESC_E,      0, -ESC_G,
214  /*  C8 */-ESC_H,     0,      0,       0,      0,     0,      0,      0,  /*  C8 */-ESC_H,     0,      0,       0,      0,     0,      0,      0,
215  /*  D0 */   '}',     0, -ESC_K,       0,      0,     0,      0, -ESC_P,  /*  D0 */   '}',     0, -ESC_K,       0,      0,-ESC_N,      0, -ESC_P,
216  /*  D8 */-ESC_Q,-ESC_R,      0,       0,      0,     0,      0,      0,  /*  D8 */-ESC_Q,-ESC_R,      0,       0,      0,     0,      0,      0,
217  /*  E0 */  '\\',     0, -ESC_S,       0,      0,-ESC_V, -ESC_W, -ESC_X,  /*  E0 */  '\\',     0, -ESC_S,       0,      0,-ESC_V, -ESC_W, -ESC_X,
218  /*  E8 */     0,-ESC_Z,      0,       0,      0,     0,      0,      0,  /*  E8 */     0,-ESC_Z,      0,       0,      0,     0,      0,      0,
# Line 142  static const short int escapes[] = { Line 224  static const short int escapes[] = {
224    
225  /* Table of special "verbs" like (*PRUNE). This is a short table, so it is  /* Table of special "verbs" like (*PRUNE). This is a short table, so it is
226  searched linearly. Put all the names into a single string, in order to reduce  searched linearly. Put all the names into a single string, in order to reduce
227  the number of relocations when a shared library is dynamically linked. */  the number of relocations when a shared library is dynamically linked. The
228    string is built from string macros so that it works in UTF-8 mode on EBCDIC
229    platforms. */
230    
231  typedef struct verbitem {  typedef struct verbitem {
232    int   len;    int   len;                 /* Length of verb name */
233    int   op;    int   op;                  /* Op when no arg, or -1 if arg mandatory */
234      int   op_arg;              /* Op when arg present, or -1 if not allowed */
235  } verbitem;  } verbitem;
236    
237  static const char verbnames[] =  static const char verbnames[] =
238    "ACCEPT\0"    "\0"                       /* Empty name is a shorthand for MARK */
239    "COMMIT\0"    STRING_MARK0
240    "F\0"    STRING_ACCEPT0
241    "FAIL\0"    STRING_COMMIT0
242    "PRUNE\0"    STRING_F0
243    "SKIP\0"    STRING_FAIL0
244    "THEN";    STRING_PRUNE0
245      STRING_SKIP0
246  static verbitem verbs[] = {    STRING_THEN;
247    { 6, OP_ACCEPT },  
248    { 6, OP_COMMIT },  static const verbitem verbs[] = {
249    { 1, OP_FAIL },    { 0, -1,        OP_MARK },
250    { 4, OP_FAIL },    { 4, -1,        OP_MARK },
251    { 5, OP_PRUNE },    { 6, OP_ACCEPT, -1 },
252    { 4, OP_SKIP  },    { 6, OP_COMMIT, -1 },
253    { 4, OP_THEN  }    { 1, OP_FAIL,   -1 },
254      { 4, OP_FAIL,   -1 },
255      { 5, OP_PRUNE,  OP_PRUNE_ARG },
256      { 4, OP_SKIP,   OP_SKIP_ARG  },
257      { 4, OP_THEN,   OP_THEN_ARG  }
258  };  };
259    
260  static int verbcount = sizeof(verbs)/sizeof(verbitem);  static const int verbcount = sizeof(verbs)/sizeof(verbitem);
261    
262    
263    /* Substitutes for [[:<:]] and [[:>:]], which mean start and end of word in
264    another regex library. */
265    
266    static const pcre_uchar sub_start_of_word[] = {
267      CHAR_BACKSLASH, CHAR_b, CHAR_LEFT_PARENTHESIS, CHAR_QUESTION_MARK,
268      CHAR_EQUALS_SIGN, CHAR_BACKSLASH, CHAR_w, CHAR_RIGHT_PARENTHESIS, '\0' };
269    
270    static const pcre_uchar sub_end_of_word[] = {
271      CHAR_BACKSLASH, CHAR_b, CHAR_LEFT_PARENTHESIS, CHAR_QUESTION_MARK,
272      CHAR_LESS_THAN_SIGN, CHAR_EQUALS_SIGN, CHAR_BACKSLASH, CHAR_w,
273      CHAR_RIGHT_PARENTHESIS, '\0' };
274    
275    
276  /* Tables of names of POSIX character classes and their lengths. The names are  /* Tables of names of POSIX character classes and their lengths. The names are
277  now all in a single string, to reduce the number of relocations when a shared  now all in a single string, to reduce the number of relocations when a shared
278  library is dynamically loaded. The list of lengths is terminated by a zero  library is dynamically loaded. The list of lengths is terminated by a zero
279  length entry. The first three must be alpha, lower, upper, as this is assumed  length entry. The first three must be alpha, lower, upper, as this is assumed
280  for handling case independence. */  for handling case independence. The indices for graph, print, and punct are
281    needed, so identify them. */
282    
283  static const char posix_names[] =  static const char posix_names[] =
284    "alpha\0"  "lower\0"  "upper\0"  "alnum\0"  "ascii\0"  "blank\0"    STRING_alpha0 STRING_lower0 STRING_upper0 STRING_alnum0
285    "cntrl\0"  "digit\0"  "graph\0"  "print\0"  "punct\0"  "space\0"    STRING_ascii0 STRING_blank0 STRING_cntrl0 STRING_digit0
286    "word\0"   "xdigit";    STRING_graph0 STRING_print0 STRING_punct0 STRING_space0
287      STRING_word0  STRING_xdigit;
288    
289  static const uschar posix_name_lengths[] = {  static const pcre_uint8 posix_name_lengths[] = {
290    5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };    5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };
291    
292    #define PC_GRAPH  8
293    #define PC_PRINT  9
294    #define PC_PUNCT 10
295    
296    
297  /* Table of class bit maps for each POSIX class. Each class is formed from a  /* Table of class bit maps for each POSIX class. Each class is formed from a
298  base map, with an optional addition or removal of another map. Then, for some  base map, with an optional addition or removal of another map. Then, for some
299  classes, there is some additional tweaking: for [:blank:] the vertical space  classes, there is some additional tweaking: for [:blank:] the vertical space
# Line 212  static const int posix_class_maps[] = { Line 321  static const int posix_class_maps[] = {
321    cbit_xdigit,-1,          0              /* xdigit */    cbit_xdigit,-1,          0              /* xdigit */
322  };  };
323    
324    /* Table of substitutes for \d etc when PCRE_UCP is set. They are replaced by
325    Unicode property escapes. */
326    
327    #ifdef SUPPORT_UCP
328    static const pcre_uchar string_PNd[]  = {
329      CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
330      CHAR_N, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
331    static const pcre_uchar string_pNd[]  = {
332      CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
333      CHAR_N, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
334    static const pcre_uchar string_PXsp[] = {
335      CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
336      CHAR_X, CHAR_s, CHAR_p, CHAR_RIGHT_CURLY_BRACKET, '\0' };
337    static const pcre_uchar string_pXsp[] = {
338      CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
339      CHAR_X, CHAR_s, CHAR_p, CHAR_RIGHT_CURLY_BRACKET, '\0' };
340    static const pcre_uchar string_PXwd[] = {
341      CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
342      CHAR_X, CHAR_w, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
343    static const pcre_uchar string_pXwd[] = {
344      CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
345      CHAR_X, CHAR_w, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
346    
347    static const pcre_uchar *substitutes[] = {
348      string_PNd,           /* \D */
349      string_pNd,           /* \d */
350      string_PXsp,          /* \S */   /* Xsp is Perl space, but from 8.34, Perl */
351      string_pXsp,          /* \s */   /* space and POSIX space are the same. */
352      string_PXwd,          /* \W */
353      string_pXwd           /* \w */
354    };
355    
356    /* The POSIX class substitutes must be in the order of the POSIX class names,
357    defined above, and there are both positive and negative cases. NULL means no
358    general substitute of a Unicode property escape (\p or \P). However, for some
359    POSIX classes (e.g. graph, print, punct) a special property code is compiled
360    directly. */
361    
362    static const pcre_uchar string_pL[] =   {
363      CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
364      CHAR_L, CHAR_RIGHT_CURLY_BRACKET, '\0' };
365    static const pcre_uchar string_pLl[] =  {
366      CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
367      CHAR_L, CHAR_l, CHAR_RIGHT_CURLY_BRACKET, '\0' };
368    static const pcre_uchar string_pLu[] =  {
369      CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
370      CHAR_L, CHAR_u, CHAR_RIGHT_CURLY_BRACKET, '\0' };
371    static const pcre_uchar string_pXan[] = {
372      CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
373      CHAR_X, CHAR_a, CHAR_n, CHAR_RIGHT_CURLY_BRACKET, '\0' };
374    static const pcre_uchar string_h[] =    {
375      CHAR_BACKSLASH, CHAR_h, '\0' };
376    static const pcre_uchar string_pXps[] = {
377      CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
378      CHAR_X, CHAR_p, CHAR_s, CHAR_RIGHT_CURLY_BRACKET, '\0' };
379    static const pcre_uchar string_PL[] =   {
380      CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
381      CHAR_L, CHAR_RIGHT_CURLY_BRACKET, '\0' };
382    static const pcre_uchar string_PLl[] =  {
383      CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
384      CHAR_L, CHAR_l, CHAR_RIGHT_CURLY_BRACKET, '\0' };
385    static const pcre_uchar string_PLu[] =  {
386      CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
387      CHAR_L, CHAR_u, CHAR_RIGHT_CURLY_BRACKET, '\0' };
388    static const pcre_uchar string_PXan[] = {
389      CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
390      CHAR_X, CHAR_a, CHAR_n, CHAR_RIGHT_CURLY_BRACKET, '\0' };
391    static const pcre_uchar string_H[] =    {
392      CHAR_BACKSLASH, CHAR_H, '\0' };
393    static const pcre_uchar string_PXps[] = {
394      CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
395      CHAR_X, CHAR_p, CHAR_s, CHAR_RIGHT_CURLY_BRACKET, '\0' };
396    
397    static const pcre_uchar *posix_substitutes[] = {
398      string_pL,            /* alpha */
399      string_pLl,           /* lower */
400      string_pLu,           /* upper */
401      string_pXan,          /* alnum */
402      NULL,                 /* ascii */
403      string_h,             /* blank */
404      NULL,                 /* cntrl */
405      string_pNd,           /* digit */
406      NULL,                 /* graph */
407      NULL,                 /* print */
408      NULL,                 /* punct */
409      string_pXps,          /* space */   /* Xps is POSIX space, but from 8.34 */
410      string_pXwd,          /* word  */   /* Perl and POSIX space are the same */
411      NULL,                 /* xdigit */
412      /* Negated cases */
413      string_PL,            /* ^alpha */
414      string_PLl,           /* ^lower */
415      string_PLu,           /* ^upper */
416      string_PXan,          /* ^alnum */
417      NULL,                 /* ^ascii */
418      string_H,             /* ^blank */
419      NULL,                 /* ^cntrl */
420      string_PNd,           /* ^digit */
421      NULL,                 /* ^graph */
422      NULL,                 /* ^print */
423      NULL,                 /* ^punct */
424      string_PXps,          /* ^space */  /* Xps is POSIX space, but from 8.34 */
425      string_PXwd,          /* ^word */   /* Perl and POSIX space are the same */
426      NULL                  /* ^xdigit */
427    };
428    #define POSIX_SUBSIZE (sizeof(posix_substitutes) / sizeof(pcre_uchar *))
429    #endif
430    
431  #define STRING(a)  # a  #define STRING(a)  # a
432  #define XSTRING(s) STRING(s)  #define XSTRING(s) STRING(s)
# Line 224  the number of relocations needed when a Line 439  the number of relocations needed when a
439  it is now one long string. We cannot use a table of offsets, because the  it is now one long string. We cannot use a table of offsets, because the
440  lengths of inserts such as XSTRING(MAX_NAME_SIZE) are not known. Instead, we  lengths of inserts such as XSTRING(MAX_NAME_SIZE) are not known. Instead, we
441  simply count through to the one we want - this isn't a performance issue  simply count through to the one we want - this isn't a performance issue
442  because these strings are used only when there is a compilation error. */  because these strings are used only when there is a compilation error.
443    
444    Each substring ends with \0 to insert a null character. This includes the final
445    substring, so that the whole string ends with \0\0, which can be detected when
446    counting through. */
447    
448  static const char error_texts[] =  static const char error_texts[] =
449    "no error\0"    "no error\0"
# Line 241  static const char error_texts[] = Line 460  static const char error_texts[] =
460    /* 10 */    /* 10 */
461    "operand of unlimited repeat could match the empty string\0"  /** DEAD **/    "operand of unlimited repeat could match the empty string\0"  /** DEAD **/
462    "internal error: unexpected repeat\0"    "internal error: unexpected repeat\0"
463    "unrecognized character after (?\0"    "unrecognized character after (? or (?-\0"
464    "POSIX named classes are supported only within a class\0"    "POSIX named classes are supported only within a class\0"
465    "missing )\0"    "missing )\0"
466    /* 15 */    /* 15 */
# Line 265  static const char error_texts[] = Line 484  static const char error_texts[] =
484    /* 30 */    /* 30 */
485    "unknown POSIX class name\0"    "unknown POSIX class name\0"
486    "POSIX collating elements are not supported\0"    "POSIX collating elements are not supported\0"
487    "this version of PCRE is not compiled with PCRE_UTF8 support\0"    "this version of PCRE is compiled without UTF support\0"
488    "spare error\0"  /** DEAD **/    "spare error\0"  /** DEAD **/
489    "character value in \\x{...} sequence is too large\0"    "character value in \\x{} or \\o{} is too large\0"
490    /* 35 */    /* 35 */
491    "invalid condition (?(0)\0"    "invalid condition (?(0)\0"
492    "\\C not allowed in lookbehind assertion\0"    "\\C not allowed in lookbehind assertion\0"
493    "PCRE does not support \\L, \\l, \\N, \\U, or \\u\0"    "PCRE does not support \\L, \\l, \\N{name}, \\U, or \\u\0"
494    "number after (?C is > 255\0"    "number after (?C is > 255\0"
495    "closing ) for (?C expected\0"    "closing ) for (?C expected\0"
496    /* 40 */    /* 40 */
# Line 288  static const char error_texts[] = Line 507  static const char error_texts[] =
507    "too many named subpatterns (maximum " XSTRING(MAX_NAME_COUNT) ")\0"    "too many named subpatterns (maximum " XSTRING(MAX_NAME_COUNT) ")\0"
508    /* 50 */    /* 50 */
509    "repeated subpattern is too long\0"    /** DEAD **/    "repeated subpattern is too long\0"    /** DEAD **/
510    "octal value is greater than \\377 (not in UTF-8 mode)\0"    "octal value is greater than \\377 in 8-bit non-UTF-8 mode\0"
511    "internal error: overran compiling workspace\0"    "internal error: overran compiling workspace\0"
512    "internal error: previously-checked referenced subpattern not found\0"    "internal error: previously-checked referenced subpattern not found\0"
513    "DEFINE group contains more than one branch\0"    "DEFINE group contains more than one branch\0"
514    /* 55 */    /* 55 */
515    "repeating a DEFINE group is not allowed\0"    "repeating a DEFINE group is not allowed\0"  /** DEAD **/
516    "inconsistent NEWLINE options\0"    "inconsistent NEWLINE options\0"
517    "\\g is not followed by a braced name or an optionally braced non-zero number\0"    "\\g is not followed by a braced, angle-bracketed, or quoted name/number or by a plain number\0"
518    "(?+ or (?- or (?(+ or (?(- must be followed by a non-zero number\0"    "a numbered reference must not be zero\0"
519    "(*VERB) with an argument is not supported\0"    "an argument is not allowed for (*ACCEPT), (*FAIL), or (*COMMIT)\0"
520    /* 60 */    /* 60 */
521    "(*VERB) not recognized\0"    "(*VERB) not recognized or malformed\0"
522    "number is too big";    "number is too big\0"
523      "subpattern name expected\0"
524      "digit expected after (?+\0"
525      "] is an invalid data character in JavaScript compatibility mode\0"
526      /* 65 */
527      "different names for subpatterns of the same number are not allowed\0"
528      "(*MARK) must have an argument\0"
529      "this version of PCRE is not compiled with Unicode property support\0"
530      "\\c must be followed by an ASCII character\0"
531      "\\k is not followed by a braced, angle-bracketed, or quoted name\0"
532      /* 70 */
533      "internal error: unknown opcode in find_fixedlength()\0"
534      "\\N is not supported in a class\0"
535      "too many forward references\0"
536      "disallowed Unicode code point (>= 0xd800 && <= 0xdfff)\0"
537      "invalid UTF-16 string\0"
538      /* 75 */
539      "name is too long in (*MARK), (*PRUNE), (*SKIP), or (*THEN)\0"
540      "character value in \\u.... sequence is too large\0"
541      "invalid UTF-32 string\0"
542      "setting UTF is disabled by the application\0"
543      "non-hex character in \\x{} (closing brace missing?)\0"
544      /* 80 */
545      "non-octal character in \\o{} (closing brace missing?)\0"
546      "missing opening brace after \\o\0"
547      "parentheses are too deeply nested\0"
548      "invalid range in character class\0"
549      "group name must start with a non-digit\0"
550      /* 85 */
551      "parentheses are too deeply nested (stack check)\0"
552      "digits missing in \\x{} or \\o{}\0"
553      ;
554    
555  /* Table to identify digits and hex digits. This is used when compiling  /* Table to identify digits and hex digits. This is used when compiling
556  patterns. Note that the tables in chartables are dependent on the locale, and  patterns. Note that the tables in chartables are dependent on the locale, and
# Line 319  For convenience, we use the same bit def Line 568  For convenience, we use the same bit def
568    
569  Then we can use ctype_digit and ctype_xdigit in the code. */  Then we can use ctype_digit and ctype_xdigit in the code. */
570    
571  #ifndef EBCDIC  /* This is the "normal" case, for ASCII systems */  /* Using a simple comparison for decimal numbers rather than a memory read
572  static const unsigned char digitab[] =  is much faster, and the resulting code is simpler (the compiler turns it
573    into a subtraction and unsigned comparison). */
574    
575    #define IS_DIGIT(x) ((x) >= CHAR_0 && (x) <= CHAR_9)
576    
577    #ifndef EBCDIC
578    
579    /* This is the "normal" case, for ASCII systems, and EBCDIC systems running in
580    UTF-8 mode. */
581    
582    static const pcre_uint8 digitab[] =
583    {    {
584    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7 */
585    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   8- 15 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   8- 15 */
# Line 355  static const unsigned char digitab[] = Line 614  static const unsigned char digitab[] =
614    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 240-247 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 240-247 */
615    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};/* 248-255 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};/* 248-255 */
616    
617  #else           /* This is the "abnormal" case, for EBCDIC systems */  #else
618  static const unsigned char digitab[] =  
619    /* This is the "abnormal" case, for EBCDIC systems not running in UTF-8 mode. */
620    
621    static const pcre_uint8 digitab[] =
622    {    {
623    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7  0 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7  0 */
624    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   8- 15    */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   8- 15    */
# Line 391  static const unsigned char digitab[] = Line 653  static const unsigned char digitab[] =
653    0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c, /*  0 - 7  F0 */    0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c, /*  0 - 7  F0 */
654    0x0c,0x0c,0x00,0x00,0x00,0x00,0x00,0x00};/*  8 -255    */    0x0c,0x0c,0x00,0x00,0x00,0x00,0x00,0x00};/*  8 -255    */
655    
656  static const unsigned char ebcdic_chartab[] = { /* chartable partial dup */  static const pcre_uint8 ebcdic_chartab[] = { /* chartable partial dup */
657    0x80,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /*   0-  7 */    0x80,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /*   0-  7 */
658    0x00,0x00,0x00,0x00,0x01,0x01,0x00,0x00, /*   8- 15 */    0x00,0x00,0x00,0x00,0x01,0x01,0x00,0x00, /*   8- 15 */
659    0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /*  16- 23 */    0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /*  16- 23 */
# Line 427  static const unsigned char ebcdic_charta Line 689  static const unsigned char ebcdic_charta
689  #endif  #endif
690    
691    
692  /* Definition to allow mutual recursion */  /* This table is used to check whether auto-possessification is possible
693    between adjacent character-type opcodes. The left-hand (repeated) opcode is
694    used to select the row, and the right-hand opcode is use to select the column.
695    A value of 1 means that auto-possessification is OK. For example, the second
696    value in the first row means that \D+\d can be turned into \D++\d.
697    
698    The Unicode property types (\P and \p) have to be present to fill out the table
699    because of what their opcode values are, but the table values should always be
700    zero because property types are handled separately in the code. The last four
701    columns apply to items that cannot be repeated, so there is no need to have
702    rows for them. Note that OP_DIGIT etc. are generated only when PCRE_UCP is
703    *not* set. When it is set, \d etc. are converted into OP_(NOT_)PROP codes. */
704    
705    #define APTROWS (LAST_AUTOTAB_LEFT_OP - FIRST_AUTOTAB_OP + 1)
706    #define APTCOLS (LAST_AUTOTAB_RIGHT_OP - FIRST_AUTOTAB_OP + 1)
707    
708    static const pcre_uint8 autoposstab[APTROWS][APTCOLS] = {
709    /* \D \d \S \s \W \w  . .+ \C \P \p \R \H \h \V \v \X \Z \z  $ $M */
710      { 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0 },  /* \D */
711      { 1, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1 },  /* \d */
712      { 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1 },  /* \S */
713      { 0, 1, 1, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0 },  /* \s */
714      { 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0 },  /* \W */
715      { 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1 },  /* \w */
716      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 1, 0, 0 },  /* .  */
717      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0 },  /* .+ */
718      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0 },  /* \C */
719      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 },  /* \P */
720      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 },  /* \p */
721      { 0, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0 },  /* \R */
722      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0 },  /* \H */
723      { 0, 1, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 0, 0, 1, 0, 0 },  /* \h */
724      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 1, 0, 0 },  /* \V */
725      { 0, 1, 1, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 0, 1, 0, 0 },  /* \v */
726      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0 }   /* \X */
727    };
728    
729  static BOOL  
730    compile_regex(int, int, uschar **, const uschar **, int *, BOOL, BOOL, int,  /* This table is used to check whether auto-possessification is possible
731      int *, int *, branch_chain *, compile_data *, int *);  between adjacent Unicode property opcodes (OP_PROP and OP_NOTPROP). The
732    left-hand (repeated) opcode is used to select the row, and the right-hand
733    opcode is used to select the column. The values are as follows:
734    
735      0   Always return FALSE (never auto-possessify)
736      1   Character groups are distinct (possessify if both are OP_PROP)
737      2   Check character categories in the same group (general or particular)
738      3   TRUE if the two opcodes are not the same (PROP vs NOTPROP)
739    
740      4   Check left general category vs right particular category
741      5   Check right general category vs left particular category
742    
743      6   Left alphanum vs right general category
744      7   Left space vs right general category
745      8   Left word vs right general category
746    
747      9   Right alphanum vs left general category
748     10   Right space vs left general category
749     11   Right word vs left general category
750    
751     12   Left alphanum vs right particular category
752     13   Left space vs right particular category
753     14   Left word vs right particular category
754    
755     15   Right alphanum vs left particular category
756     16   Right space vs left particular category
757     17   Right word vs left particular category
758    */
759    
760    static const pcre_uint8 propposstab[PT_TABSIZE][PT_TABSIZE] = {
761    /* ANY LAMP GC  PC  SC ALNUM SPACE PXSPACE WORD CLIST UCNC */
762      { 0,  0,  0,  0,  0,    0,    0,      0,   0,    0,   0 },  /* PT_ANY */
763      { 0,  3,  0,  0,  0,    3,    1,      1,   0,    0,   0 },  /* PT_LAMP */
764      { 0,  0,  2,  4,  0,    9,   10,     10,  11,    0,   0 },  /* PT_GC */
765      { 0,  0,  5,  2,  0,   15,   16,     16,  17,    0,   0 },  /* PT_PC */
766      { 0,  0,  0,  0,  2,    0,    0,      0,   0,    0,   0 },  /* PT_SC */
767      { 0,  3,  6, 12,  0,    3,    1,      1,   0,    0,   0 },  /* PT_ALNUM */
768      { 0,  1,  7, 13,  0,    1,    3,      3,   1,    0,   0 },  /* PT_SPACE */
769      { 0,  1,  7, 13,  0,    1,    3,      3,   1,    0,   0 },  /* PT_PXSPACE */
770      { 0,  0,  8, 14,  0,    0,    1,      1,   3,    0,   0 },  /* PT_WORD */
771      { 0,  0,  0,  0,  0,    0,    0,      0,   0,    0,   0 },  /* PT_CLIST */
772      { 0,  0,  0,  0,  0,    0,    0,      0,   0,    0,   3 }   /* PT_UCNC */
773    };
774    
775    /* This table is used to check whether auto-possessification is possible
776    between adjacent Unicode property opcodes (OP_PROP and OP_NOTPROP) when one
777    specifies a general category and the other specifies a particular category. The
778    row is selected by the general category and the column by the particular
779    category. The value is 1 if the particular category is not part of the general
780    category. */
781    
782    static const pcre_uint8 catposstab[7][30] = {
783    /* Cc Cf Cn Co Cs Ll Lm Lo Lt Lu Mc Me Mn Nd Nl No Pc Pd Pe Pf Pi Po Ps Sc Sk Sm So Zl Zp Zs */
784      { 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 },  /* C */
785      { 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 },  /* L */
786      { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 },  /* M */
787      { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 },  /* N */
788      { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1 },  /* P */
789      { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1, 1, 1 },  /* S */
790      { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0 }   /* Z */
791    };
792    
793    /* This table is used when checking ALNUM, (PX)SPACE, SPACE, and WORD against
794    a general or particular category. The properties in each row are those
795    that apply to the character set in question. Duplication means that a little
796    unnecessary work is done when checking, but this keeps things much simpler
797    because they can all use the same code. For more details see the comment where
798    this table is used.
799    
800    Note: SPACE and PXSPACE used to be different because Perl excluded VT from
801    "space", but from Perl 5.18 it's included, so both categories are treated the
802    same here. */
803    
804    static const pcre_uint8 posspropstab[3][4] = {
805      { ucp_L, ucp_N, ucp_N, ucp_Nl },  /* ALNUM, 3rd and 4th values redundant */
806      { ucp_Z, ucp_Z, ucp_C, ucp_Cc },  /* SPACE and PXSPACE, 2nd value redundant */
807      { ucp_L, ucp_N, ucp_P, ucp_Po }   /* WORD */
808    };
809    
810    /* This table is used when converting repeating opcodes into possessified
811    versions as a result of an explicit possessive quantifier such as ++. A zero
812    value means there is no possessified version - in those cases the item in
813    question must be wrapped in ONCE brackets. The table is truncated at OP_CALLOUT
814    because all relevant opcodes are less than that. */
815    
816    static const pcre_uint8 opcode_possessify[] = {
817      0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,   /* 0 - 15  */
818      0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,   /* 16 - 31 */
819    
820      0,                       /* NOTI */
821      OP_POSSTAR, 0,           /* STAR, MINSTAR */
822      OP_POSPLUS, 0,           /* PLUS, MINPLUS */
823      OP_POSQUERY, 0,          /* QUERY, MINQUERY */
824      OP_POSUPTO, 0,           /* UPTO, MINUPTO */
825      0,                       /* EXACT */
826      0, 0, 0, 0,              /* POS{STAR,PLUS,QUERY,UPTO} */
827    
828      OP_POSSTARI, 0,          /* STARI, MINSTARI */
829      OP_POSPLUSI, 0,          /* PLUSI, MINPLUSI */
830      OP_POSQUERYI, 0,         /* QUERYI, MINQUERYI */
831      OP_POSUPTOI, 0,          /* UPTOI, MINUPTOI */
832      0,                       /* EXACTI */
833      0, 0, 0, 0,              /* POS{STARI,PLUSI,QUERYI,UPTOI} */
834    
835      OP_NOTPOSSTAR, 0,        /* NOTSTAR, NOTMINSTAR */
836      OP_NOTPOSPLUS, 0,        /* NOTPLUS, NOTMINPLUS */
837      OP_NOTPOSQUERY, 0,       /* NOTQUERY, NOTMINQUERY */
838      OP_NOTPOSUPTO, 0,        /* NOTUPTO, NOTMINUPTO */
839      0,                       /* NOTEXACT */
840      0, 0, 0, 0,              /* NOTPOS{STAR,PLUS,QUERY,UPTO} */
841    
842      OP_NOTPOSSTARI, 0,       /* NOTSTARI, NOTMINSTARI */
843      OP_NOTPOSPLUSI, 0,       /* NOTPLUSI, NOTMINPLUSI */
844      OP_NOTPOSQUERYI, 0,      /* NOTQUERYI, NOTMINQUERYI */
845      OP_NOTPOSUPTOI, 0,       /* NOTUPTOI, NOTMINUPTOI */
846      0,                       /* NOTEXACTI */
847      0, 0, 0, 0,              /* NOTPOS{STARI,PLUSI,QUERYI,UPTOI} */
848    
849      OP_TYPEPOSSTAR, 0,       /* TYPESTAR, TYPEMINSTAR */
850      OP_TYPEPOSPLUS, 0,       /* TYPEPLUS, TYPEMINPLUS */
851      OP_TYPEPOSQUERY, 0,      /* TYPEQUERY, TYPEMINQUERY */
852      OP_TYPEPOSUPTO, 0,       /* TYPEUPTO, TYPEMINUPTO */
853      0,                       /* TYPEEXACT */
854      0, 0, 0, 0,              /* TYPEPOS{STAR,PLUS,QUERY,UPTO} */
855    
856      OP_CRPOSSTAR, 0,         /* CRSTAR, CRMINSTAR */
857      OP_CRPOSPLUS, 0,         /* CRPLUS, CRMINPLUS */
858      OP_CRPOSQUERY, 0,        /* CRQUERY, CRMINQUERY */
859      OP_CRPOSRANGE, 0,        /* CRRANGE, CRMINRANGE */
860      0, 0, 0, 0,              /* CRPOS{STAR,PLUS,QUERY,RANGE} */
861    
862      0, 0, 0,                 /* CLASS, NCLASS, XCLASS */
863      0, 0,                    /* REF, REFI */
864      0, 0,                    /* DNREF, DNREFI */
865      0, 0                     /* RECURSE, CALLOUT */
866    };
867    
868    
869    
# Line 452  static const char * Line 884  static const char *
884  find_error_text(int n)  find_error_text(int n)
885  {  {
886  const char *s = error_texts;  const char *s = error_texts;
887  for (; n > 0; n--) while (*s++ != 0);  for (; n > 0; n--)
888      {
889      while (*s++ != CHAR_NULL) {};
890      if (*s == CHAR_NULL) return "Error text not found (please report)";
891      }
892  return s;  return s;
893  }  }
894    
895    
896    
897    /*************************************************
898    *           Expand the workspace                 *
899    *************************************************/
900    
901    /* This function is called during the second compiling phase, if the number of
902    forward references fills the existing workspace, which is originally a block on
903    the stack. A larger block is obtained from malloc() unless the ultimate limit
904    has been reached or the increase will be rather small.
905    
906    Argument: pointer to the compile data block
907    Returns:  0 if all went well, else an error number
908    */
909    
910    static int
911    expand_workspace(compile_data *cd)
912    {
913    pcre_uchar *newspace;
914    int newsize = cd->workspace_size * 2;
915    
916    if (newsize > COMPILE_WORK_SIZE_MAX) newsize = COMPILE_WORK_SIZE_MAX;
917    if (cd->workspace_size >= COMPILE_WORK_SIZE_MAX ||
918        newsize - cd->workspace_size < WORK_SIZE_SAFETY_MARGIN)
919     return ERR72;
920    
921    newspace = (PUBL(malloc))(IN_UCHARS(newsize));
922    if (newspace == NULL) return ERR21;
923    memcpy(newspace, cd->start_workspace, cd->workspace_size * sizeof(pcre_uchar));
924    cd->hwm = (pcre_uchar *)newspace + (cd->hwm - cd->start_workspace);
925    if (cd->workspace_size > COMPILE_WORK_SIZE)
926      (PUBL(free))((void *)cd->start_workspace);
927    cd->start_workspace = newspace;
928    cd->workspace_size = newsize;
929    return 0;
930    }
931    
932    
933    
934    /*************************************************
935    *            Check for counted repeat            *
936    *************************************************/
937    
938    /* This function is called when a '{' is encountered in a place where it might
939    start a quantifier. It looks ahead to see if it really is a quantifier or not.
940    It is only a quantifier if it is one of the forms {ddd} {ddd,} or {ddd,ddd}
941    where the ddds are digits.
942    
943    Arguments:
944      p         pointer to the first char after '{'
945    
946    Returns:    TRUE or FALSE
947    */
948    
949    static BOOL
950    is_counted_repeat(const pcre_uchar *p)
951    {
952    if (!IS_DIGIT(*p)) return FALSE;
953    p++;
954    while (IS_DIGIT(*p)) p++;
955    if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
956    
957    if (*p++ != CHAR_COMMA) return FALSE;
958    if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
959    
960    if (!IS_DIGIT(*p)) return FALSE;
961    p++;
962    while (IS_DIGIT(*p)) p++;
963    
964    return (*p == CHAR_RIGHT_CURLY_BRACKET);
965    }
966    
967    
968    
969  /*************************************************  /*************************************************
970  *            Handle escapes                      *  *            Handle escapes                      *
971  *************************************************/  *************************************************/
972    
973  /* This function is called when a \ has been encountered. It either returns a  /* This function is called when a \ has been encountered. It either returns a
974  positive value for a simple escape such as \n, or a negative value which  positive value for a simple escape such as \n, or 0 for a data character which
975  encodes one of the more complicated things such as \d. A backreference to group  will be placed in chptr. A backreference to group n is returned as negative n.
976  n is returned as -(ESC_REF + n); ESC_REF is the highest ESC_xxx macro. When  When UTF-8 is enabled, a positive value greater than 255 may be returned in
977  UTF-8 is enabled, a positive value greater than 255 may be returned. On entry,  chptr. On entry, ptr is pointing at the \. On exit, it is on the final
978  ptr is pointing at the \. On exit, it is on the final character of the escape  character of the escape sequence.
 sequence.  
979    
980  Arguments:  Arguments:
981    ptrptr         points to the pattern position pointer    ptrptr         points to the pattern position pointer
982      chptr          points to a returned data character
983    errorcodeptr   points to the errorcode variable    errorcodeptr   points to the errorcode variable
984    bracount       number of previous extracting brackets    bracount       number of previous extracting brackets
985    options        the options bits    options        the options bits
986    isclass        TRUE if inside a character class    isclass        TRUE if inside a character class
987    
988  Returns:         zero or positive => a data character  Returns:         zero => a data character
989                   negative => a special escape sequence                   positive => a special escape sequence
990                     negative => a back reference
991                   on error, errorcodeptr is set                   on error, errorcodeptr is set
992  */  */
993    
994  static int  static int
995  check_escape(const uschar **ptrptr, int *errorcodeptr, int bracount,  check_escape(const pcre_uchar **ptrptr, pcre_uint32 *chptr, int *errorcodeptr,
996    int options, BOOL isclass)    int bracount, int options, BOOL isclass)
997  {  {
998  BOOL utf8 = (options & PCRE_UTF8) != 0;  /* PCRE_UTF16 has the same value as PCRE_UTF8. */
999  const uschar *ptr = *ptrptr + 1;  BOOL utf = (options & PCRE_UTF8) != 0;
1000  int c, i;  const pcre_uchar *ptr = *ptrptr + 1;
1001    pcre_uint32 c;
1002    int escape = 0;
1003    int i;
1004    
1005  GETCHARINCTEST(c, ptr);           /* Get character value, increment pointer */  GETCHARINCTEST(c, ptr);           /* Get character value, increment pointer */
1006  ptr--;                            /* Set pointer back to the last byte */  ptr--;                            /* Set pointer back to the last byte */
1007    
1008  /* If backslash is at the end of the pattern, it's an error. */  /* If backslash is at the end of the pattern, it's an error. */
1009    
1010  if (c == 0) *errorcodeptr = ERR1;  if (c == CHAR_NULL) *errorcodeptr = ERR1;
1011    
1012  /* Non-alphamerics are literals. For digits or letters, do an initial lookup in  /* Non-alphanumerics are literals. For digits or letters, do an initial lookup
1013  a table. A non-zero result is something that can be returned immediately.  in a table. A non-zero result is something that can be returned immediately.
1014  Otherwise further processing may be required. */  Otherwise further processing may be required. */
1015    
1016  #ifndef EBCDIC  /* ASCII coding */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
1017  else if (c < '0' || c > 'z') {}                           /* Not alphameric */  /* Not alphanumeric */
1018  else if ((i = escapes[c - '0']) != 0) c = i;  else if (c < CHAR_0 || c > CHAR_z) {}
1019    else if ((i = escapes[c - CHAR_0]) != 0)
1020      { if (i > 0) c = (pcre_uint32)i; else escape = -i; }
1021    
1022  #else           /* EBCDIC coding */  #else           /* EBCDIC coding */
1023  else if (c < 'a' || (ebcdic_chartab[c] & 0x0E) == 0) {}   /* Not alphameric */  /* Not alphanumeric */
1024  else if ((i = escapes[c - 0x48]) != 0)  c = i;  else if (c < CHAR_a || (!MAX_255(c) || (ebcdic_chartab[c] & 0x0E) == 0)) {}
1025    else if ((i = escapes[c - 0x48]) != 0)  { if (i > 0) c = (pcre_uint32)i; else escape = -i; }
1026  #endif  #endif
1027    
1028  /* Escapes that need further processing, or are illegal. */  /* Escapes that need further processing, or are illegal. */
1029    
1030  else  else
1031    {    {
1032    const uschar *oldptr;    const pcre_uchar *oldptr;
1033    BOOL braced, negated;    BOOL braced, negated, overflow;
1034      int s;
1035    
1036    switch (c)    switch (c)
1037      {      {
1038      /* A number of Perl escapes are not handled by PCRE. We give an explicit      /* A number of Perl escapes are not handled by PCRE. We give an explicit
1039      error. */      error. */
1040    
1041      case 'l':      case CHAR_l:
1042      case 'L':      case CHAR_L:
     case 'N':  
     case 'u':  
     case 'U':  
1043      *errorcodeptr = ERR37;      *errorcodeptr = ERR37;
1044      break;      break;
1045    
1046      /* \g must be followed by a number, either plain or braced. If positive, it      case CHAR_u:
1047      is an absolute backreference. If negative, it is a relative backreference.      if ((options & PCRE_JAVASCRIPT_COMPAT) != 0)
1048      This is a Perl 5.10 feature. Perl 5.10 also supports \g{name} as a        {
1049      reference to a named group. This is part of Perl's movement towards a        /* In JavaScript, \u must be followed by four hexadecimal numbers.
1050      unified syntax for back references. As this is synonymous with \k{name}, we        Otherwise it is a lowercase u letter. */
1051      fudge it up by pretending it really was \k. */        if (MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0
1052            && MAX_255(ptr[2]) && (digitab[ptr[2]] & ctype_xdigit) != 0
1053      case 'g':          && MAX_255(ptr[3]) && (digitab[ptr[3]] & ctype_xdigit) != 0
1054      if (ptr[1] == '{')          && MAX_255(ptr[4]) && (digitab[ptr[4]] & ctype_xdigit) != 0)
1055        {          {
1056        const uschar *p;          c = 0;
1057        for (p = ptr+2; *p != 0 && *p != '}'; p++)          for (i = 0; i < 4; ++i)
1058          if (*p != '-' && (digitab[*p] & ctype_digit) == 0) break;            {
1059        if (*p != 0 && *p != '}')            register pcre_uint32 cc = *(++ptr);
1060    #ifndef EBCDIC  /* ASCII/UTF-8 coding */
1061              if (cc >= CHAR_a) cc -= 32;               /* Convert to upper case */
1062              c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1063    #else           /* EBCDIC coding */
1064              if (cc >= CHAR_a && cc <= CHAR_z) cc += 64;  /* Convert to upper case */
1065              c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1066    #endif
1067              }
1068    
1069    #if defined COMPILE_PCRE8
1070            if (c > (utf ? 0x10ffffU : 0xffU))
1071    #elif defined COMPILE_PCRE16
1072            if (c > (utf ? 0x10ffffU : 0xffffU))
1073    #elif defined COMPILE_PCRE32
1074            if (utf && c > 0x10ffffU)
1075    #endif
1076              {
1077              *errorcodeptr = ERR76;
1078              }
1079            else if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;
1080            }
1081          }
1082        else
1083          *errorcodeptr = ERR37;
1084        break;
1085    
1086        case CHAR_U:
1087        /* In JavaScript, \U is an uppercase U letter. */
1088        if ((options & PCRE_JAVASCRIPT_COMPAT) == 0) *errorcodeptr = ERR37;
1089        break;
1090    
1091        /* In a character class, \g is just a literal "g". Outside a character
1092        class, \g must be followed by one of a number of specific things:
1093    
1094        (1) A number, either plain or braced. If positive, it is an absolute
1095        backreference. If negative, it is a relative backreference. This is a Perl
1096        5.10 feature.
1097    
1098        (2) Perl 5.10 also supports \g{name} as a reference to a named group. This
1099        is part of Perl's movement towards a unified syntax for back references. As
1100        this is synonymous with \k{name}, we fudge it up by pretending it really
1101        was \k.
1102    
1103        (3) For Oniguruma compatibility we also support \g followed by a name or a
1104        number either in angle brackets or in single quotes. However, these are
1105        (possibly recursive) subroutine calls, _not_ backreferences. Just return
1106        the ESC_g code (cf \k). */
1107    
1108        case CHAR_g:
1109        if (isclass) break;
1110        if (ptr[1] == CHAR_LESS_THAN_SIGN || ptr[1] == CHAR_APOSTROPHE)
1111          {
1112          escape = ESC_g;
1113          break;
1114          }
1115    
1116        /* Handle the Perl-compatible cases */
1117    
1118        if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
1119          {
1120          const pcre_uchar *p;
1121          for (p = ptr+2; *p != CHAR_NULL && *p != CHAR_RIGHT_CURLY_BRACKET; p++)
1122            if (*p != CHAR_MINUS && !IS_DIGIT(*p)) break;
1123          if (*p != CHAR_NULL && *p != CHAR_RIGHT_CURLY_BRACKET)
1124          {          {
1125          c = -ESC_k;          escape = ESC_k;
1126          break;          break;
1127          }          }
1128        braced = TRUE;        braced = TRUE;
# Line 552  else Line 1130  else
1130        }        }
1131      else braced = FALSE;      else braced = FALSE;
1132    
1133      if (ptr[1] == '-')      if (ptr[1] == CHAR_MINUS)
1134        {        {
1135        negated = TRUE;        negated = TRUE;
1136        ptr++;        ptr++;
1137        }        }
1138      else negated = FALSE;      else negated = FALSE;
1139    
1140      c = 0;      /* The integer range is limited by the machine's int representation. */
1141      while ((digitab[ptr[1]] & ctype_digit) != 0)      s = 0;
1142        c = c * 10 + *(++ptr) - '0';      overflow = FALSE;
1143        while (IS_DIGIT(ptr[1]))
1144      if (c < 0)        {
1145          if (s > INT_MAX / 10 - 1) /* Integer overflow */
1146            {
1147            overflow = TRUE;
1148            break;
1149            }
1150          s = s * 10 + (int)(*(++ptr) - CHAR_0);
1151          }
1152        if (overflow) /* Integer overflow */
1153        {        {
1154          while (IS_DIGIT(ptr[1]))
1155            ptr++;
1156        *errorcodeptr = ERR61;        *errorcodeptr = ERR61;
1157        break;        break;
1158        }        }
1159    
1160      if (c == 0 || (braced && *(++ptr) != '}'))      if (braced && *(++ptr) != CHAR_RIGHT_CURLY_BRACKET)
1161        {        {
1162        *errorcodeptr = ERR57;        *errorcodeptr = ERR57;
1163        break;        break;
1164        }        }
1165    
1166        if (s == 0)
1167          {
1168          *errorcodeptr = ERR58;
1169          break;
1170          }
1171    
1172      if (negated)      if (negated)
1173        {        {
1174        if (c > bracount)        if (s > bracount)
1175          {          {
1176          *errorcodeptr = ERR15;          *errorcodeptr = ERR15;
1177          break;          break;
1178          }          }
1179        c = bracount - (c - 1);        s = bracount - (s - 1);
1180        }        }
1181    
1182      c = -(ESC_REF + c);      escape = -s;
1183      break;      break;
1184    
1185      /* The handling of escape sequences consisting of a string of digits      /* The handling of escape sequences consisting of a string of digits
1186      starting with one that is not zero is not straightforward. By experiment,      starting with one that is not zero is not straightforward. Perl has changed
1187      the way Perl works seems to be as follows:      over the years. Nowadays \g{} for backreferences and \o{} for octal are
1188        recommended to avoid the ambiguities in the old syntax.
1189    
1190      Outside a character class, the digits are read as a decimal number. If the      Outside a character class, the digits are read as a decimal number. If the
1191      number is less than 10, or if there are that many previous extracting      number is less than 8 (used to be 10), or if there are that many previous
1192      left brackets, then it is a back reference. Otherwise, up to three octal      extracting left brackets, then it is a back reference. Otherwise, up to
1193      digits are read to form an escaped byte. Thus \123 is likely to be octal      three octal digits are read to form an escaped byte. Thus \123 is likely to
1194      123 (cf \0123, which is octal 012 followed by the literal 3). If the octal      be octal 123 (cf \0123, which is octal 012 followed by the literal 3). If
1195      value is greater than 377, the least significant 8 bits are taken. Inside a      the octal value is greater than 377, the least significant 8 bits are
1196      character class, \ followed by a digit is always an octal number. */      taken. \8 and \9 are treated as the literal characters 8 and 9.
1197    
1198        Inside a character class, \ followed by a digit is always either a literal
1199        8 or 9 or an octal number. */
1200    
1201      case '1': case '2': case '3': case '4': case '5':      case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4: case CHAR_5:
1202      case '6': case '7': case '8': case '9':      case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
1203    
1204      if (!isclass)      if (!isclass)
1205        {        {
1206        oldptr = ptr;        oldptr = ptr;
1207        c -= '0';        /* The integer range is limited by the machine's int representation. */
1208        while ((digitab[ptr[1]] & ctype_digit) != 0)        s = (int)(c -CHAR_0);
1209          c = c * 10 + *(++ptr) - '0';        overflow = FALSE;
1210        if (c < 0)        while (IS_DIGIT(ptr[1]))
1211            {
1212            if (s > INT_MAX / 10 - 1) /* Integer overflow */
1213              {
1214              overflow = TRUE;
1215              break;
1216              }
1217            s = s * 10 + (int)(*(++ptr) - CHAR_0);
1218            }
1219          if (overflow) /* Integer overflow */
1220          {          {
1221            while (IS_DIGIT(ptr[1]))
1222              ptr++;
1223          *errorcodeptr = ERR61;          *errorcodeptr = ERR61;
1224          break;          break;
1225          }          }
1226        if (c < 10 || c <= bracount)        if (s < 8 || s <= bracount)  /* Check for back reference */
1227          {          {
1228          c = -(ESC_REF + c);          escape = -s;
1229          break;          break;
1230          }          }
1231        ptr = oldptr;      /* Put the pointer back and fall through */        ptr = oldptr;      /* Put the pointer back and fall through */
1232        }        }
1233    
1234      /* Handle an octal number following \. If the first digit is 8 or 9, Perl      /* Handle a digit following \ when the number is not a back reference. If
1235      generates a binary zero byte and treats the digit as a following literal.      the first digit is 8 or 9, Perl used to generate a binary zero byte and
1236      Thus we have to pull back the pointer by one. */      then treat the digit as a following literal. At least by Perl 5.18 this
1237        changed so as not to insert the binary zero. */
1238    
1239      if ((c = *ptr) >= '8')      if ((c = *ptr) >= CHAR_8) break;
1240        {  
1241        ptr--;      /* Fall through with a digit less than 8 */
       c = 0;  
       break;  
       }  
1242    
1243      /* \0 always starts an octal number, but we may drop through to here with a      /* \0 always starts an octal number, but we may drop through to here with a
1244      larger first octal digit. The original code used just to take the least      larger first octal digit. The original code used just to take the least
1245      significant 8 bits of octal numbers (I think this is what early Perls used      significant 8 bits of octal numbers (I think this is what early Perls used
1246      to do). Nowadays we allow for larger numbers in UTF-8 mode, but no more      to do). Nowadays we allow for larger numbers in UTF-8 mode and 16-bit mode,
1247      than 3 octal digits. */      but no more than 3 octal digits. */
1248    
1249      case '0':      case CHAR_0:
1250      c -= '0';      c -= CHAR_0;
1251      while(i++ < 2 && ptr[1] >= '0' && ptr[1] <= '7')      while(i++ < 2 && ptr[1] >= CHAR_0 && ptr[1] <= CHAR_7)
1252          c = c * 8 + *(++ptr) - '0';          c = c * 8 + *(++ptr) - CHAR_0;
1253      if (!utf8 && c > 255) *errorcodeptr = ERR51;  #ifdef COMPILE_PCRE8
1254        if (!utf && c > 0xff) *errorcodeptr = ERR51;
1255    #endif
1256      break;      break;
1257    
1258      /* \x is complicated. \x{ddd} is a character number which can be greater      /* \o is a relatively new Perl feature, supporting a more general way of
1259      than 0xff in utf8 mode, but only if the ddd are hex digits. If not, { is      specifying character codes in octal. The only supported form is \o{ddd}. */
     treated as a data character. */  
1260    
1261      case 'x':      case CHAR_o:
1262      if (ptr[1] == '{')      if (ptr[1] != CHAR_LEFT_CURLY_BRACKET) *errorcodeptr = ERR81; else
1263        if (ptr[2] == CHAR_RIGHT_CURLY_BRACKET) *errorcodeptr = ERR86; else
1264        {        {
1265        const uschar *pt = ptr + 2;        ptr += 2;
       int count = 0;  
   
1266        c = 0;        c = 0;
1267        while ((digitab[*pt] & ctype_xdigit) != 0)        overflow = FALSE;
1268          while (*ptr >= CHAR_0 && *ptr <= CHAR_7)
1269          {          {
1270          register int cc = *pt++;          register pcre_uint32 cc = *ptr++;
1271          if (c == 0 && cc == '0') continue;     /* Leading zeroes */          if (c == 0 && cc == CHAR_0) continue;     /* Leading zeroes */
1272          count++;  #ifdef COMPILE_PCRE32
1273            if (c >= 0x20000000l) { overflow = TRUE; break; }
1274  #ifndef EBCDIC  /* ASCII coding */  #endif
1275          if (cc >= 'a') cc -= 32;               /* Convert to upper case */          c = (c << 3) + cc - CHAR_0 ;
1276          c = (c << 4) + cc - ((cc < 'A')? '0' : ('A' - 10));  #if defined COMPILE_PCRE8
1277  #else           /* EBCDIC coding */          if (c > (utf ? 0x10ffffU : 0xffU)) { overflow = TRUE; break; }
1278          if (cc >= 'a' && cc <= 'z') cc += 64;  /* Convert to upper case */  #elif defined COMPILE_PCRE16
1279          c = (c << 4) + cc - ((cc >= '0')? '0' : ('A' - 10));          if (c > (utf ? 0x10ffffU : 0xffffU)) { overflow = TRUE; break; }
1280    #elif defined COMPILE_PCRE32
1281            if (utf && c > 0x10ffffU) { overflow = TRUE; break; }
1282  #endif  #endif
1283          }          }
1284          if (overflow)
       if (*pt == '}')  
1285          {          {
1286          if (c < 0 || count > (utf8? 8 : 2)) *errorcodeptr = ERR34;          while (*ptr >= CHAR_0 && *ptr <= CHAR_7) ptr++;
1287          ptr = pt;          *errorcodeptr = ERR34;
         break;  
1288          }          }
1289          else if (*ptr == CHAR_RIGHT_CURLY_BRACKET)
1290        /* If the sequence of hex digits does not end with '}', then we don't          {
1291        recognize this construct; fall through to the normal \x handling. */          if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;
1292            }
1293          else *errorcodeptr = ERR80;
1294        }        }
1295        break;
1296    
1297      /* Read just a single-byte hex-defined char */      /* \x is complicated. In JavaScript, \x must be followed by two hexadecimal
1298        numbers. Otherwise it is a lowercase x letter. */
1299    
1300      c = 0;      case CHAR_x:
1301      while (i++ < 2 && (digitab[ptr[1]] & ctype_xdigit) != 0)      if ((options & PCRE_JAVASCRIPT_COMPAT) != 0)
1302        {        {
1303        int cc;                               /* Some compilers don't like ++ */        if (MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0
1304        cc = *(++ptr);                        /* in initializers */          && MAX_255(ptr[2]) && (digitab[ptr[2]] & ctype_xdigit) != 0)
1305  #ifndef EBCDIC  /* ASCII coding */          {
1306        if (cc >= 'a') cc -= 32;              /* Convert to upper case */          c = 0;
1307        c = c * 16 + cc - ((cc < 'A')? '0' : ('A' - 10));          for (i = 0; i < 2; ++i)
1308              {
1309              register pcre_uint32 cc = *(++ptr);
1310    #ifndef EBCDIC  /* ASCII/UTF-8 coding */
1311              if (cc >= CHAR_a) cc -= 32;               /* Convert to upper case */
1312              c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1313  #else           /* EBCDIC coding */  #else           /* EBCDIC coding */
1314        if (cc <= 'z') cc += 64;              /* Convert to upper case */            if (cc >= CHAR_a && cc <= CHAR_z) cc += 64;  /* Convert to upper case */
1315        c = c * 16 + cc - ((cc >= '0')? '0' : ('A' - 10));            c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1316  #endif  #endif
1317        }            }
1318            }
1319          }    /* End JavaScript handling */
1320    
1321        /* Handle \x in Perl's style. \x{ddd} is a character number which can be
1322        greater than 0xff in utf or non-8bit mode, but only if the ddd are hex
1323        digits. If not, { used to be treated as a data character. However, Perl
1324        seems to read hex digits up to the first non-such, and ignore the rest, so
1325        that, for example \x{zz} matches a binary zero. This seems crazy, so PCRE
1326        now gives an error. */
1327    
1328        else
1329          {
1330          if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
1331            {
1332            ptr += 2;
1333            if (*ptr == CHAR_RIGHT_CURLY_BRACKET)
1334              {
1335              *errorcodeptr = ERR86;
1336              break;
1337              }
1338            c = 0;
1339            overflow = FALSE;
1340            while (MAX_255(*ptr) && (digitab[*ptr] & ctype_xdigit) != 0)
1341              {
1342              register pcre_uint32 cc = *ptr++;
1343              if (c == 0 && cc == CHAR_0) continue;     /* Leading zeroes */
1344    
1345    #ifdef COMPILE_PCRE32
1346              if (c >= 0x10000000l) { overflow = TRUE; break; }
1347    #endif
1348    
1349    #ifndef EBCDIC  /* ASCII/UTF-8 coding */
1350              if (cc >= CHAR_a) cc -= 32;               /* Convert to upper case */
1351              c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1352    #else           /* EBCDIC coding */
1353              if (cc >= CHAR_a && cc <= CHAR_z) cc += 64;  /* Convert to upper case */
1354              c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1355    #endif
1356    
1357    #if defined COMPILE_PCRE8
1358              if (c > (utf ? 0x10ffffU : 0xffU)) { overflow = TRUE; break; }
1359    #elif defined COMPILE_PCRE16
1360              if (c > (utf ? 0x10ffffU : 0xffffU)) { overflow = TRUE; break; }
1361    #elif defined COMPILE_PCRE32
1362              if (utf && c > 0x10ffffU) { overflow = TRUE; break; }
1363    #endif
1364              }
1365    
1366            if (overflow)
1367              {
1368              while (MAX_255(*ptr) && (digitab[*ptr] & ctype_xdigit) != 0) ptr++;
1369              *errorcodeptr = ERR34;
1370              }
1371    
1372            else if (*ptr == CHAR_RIGHT_CURLY_BRACKET)
1373              {
1374              if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;
1375              }
1376    
1377            /* If the sequence of hex digits does not end with '}', give an error.
1378            We used just to recognize this construct and fall through to the normal
1379            \x handling, but nowadays Perl gives an error, which seems much more
1380            sensible, so we do too. */
1381    
1382            else *errorcodeptr = ERR79;
1383            }   /* End of \x{} processing */
1384    
1385          /* Read a single-byte hex-defined char (up to two hex digits after \x) */
1386    
1387          else
1388            {
1389            c = 0;
1390            while (i++ < 2 && MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0)
1391              {
1392              pcre_uint32 cc;                          /* Some compilers don't like */
1393              cc = *(++ptr);                           /* ++ in initializers */
1394    #ifndef EBCDIC  /* ASCII/UTF-8 coding */
1395              if (cc >= CHAR_a) cc -= 32;              /* Convert to upper case */
1396              c = c * 16 + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1397    #else           /* EBCDIC coding */
1398              if (cc <= CHAR_z) cc += 64;              /* Convert to upper case */
1399              c = c * 16 + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1400    #endif
1401              }
1402            }     /* End of \xdd handling */
1403          }       /* End of Perl-style \x handling */
1404      break;      break;
1405    
1406      /* For \c, a following letter is upper-cased; then the 0x40 bit is flipped.      /* For \c, a following letter is upper-cased; then the 0x40 bit is flipped.
1407      This coding is ASCII-specific, but then the whole concept of \cx is      An error is given if the byte following \c is not an ASCII character. This
1408        coding is ASCII-specific, but then the whole concept of \cx is
1409      ASCII-specific. (However, an EBCDIC equivalent has now been added.) */      ASCII-specific. (However, an EBCDIC equivalent has now been added.) */
1410    
1411      case 'c':      case CHAR_c:
1412      c = *(++ptr);      c = *(++ptr);
1413      if (c == 0)      if (c == CHAR_NULL)
1414        {        {
1415        *errorcodeptr = ERR2;        *errorcodeptr = ERR2;
1416        break;        break;
1417        }        }
1418    #ifndef EBCDIC    /* ASCII/UTF-8 coding */
1419  #ifndef EBCDIC  /* ASCII coding */      if (c > 127)  /* Excludes all non-ASCII in either mode */
1420      if (c >= 'a' && c <= 'z') c -= 32;        {
1421          *errorcodeptr = ERR68;
1422          break;
1423          }
1424        if (c >= CHAR_a && c <= CHAR_z) c -= 32;
1425      c ^= 0x40;      c ^= 0x40;
1426  #else           /* EBCDIC coding */  #else             /* EBCDIC coding */
1427      if (c >= 'a' && c <= 'z') c += 64;      if (c >= CHAR_a && c <= CHAR_z) c += 64;
1428      c ^= 0xC0;      c ^= 0xC0;
1429  #endif  #endif
1430      break;      break;
1431    
1432      /* PCRE_EXTRA enables extensions to Perl in the matter of escapes. Any      /* PCRE_EXTRA enables extensions to Perl in the matter of escapes. Any
1433      other alphameric following \ is an error if PCRE_EXTRA was set; otherwise,      other alphanumeric following \ is an error if PCRE_EXTRA was set;
1434      for Perl compatibility, it is a literal. This code looks a bit odd, but      otherwise, for Perl compatibility, it is a literal. This code looks a bit
1435      there used to be some cases other than the default, and there may be again      odd, but there used to be some cases other than the default, and there may
1436      in future, so I haven't "optimized" it. */      be again in future, so I haven't "optimized" it. */
1437    
1438      default:      default:
1439      if ((options & PCRE_EXTRA) != 0) switch(c)      if ((options & PCRE_EXTRA) != 0) switch(c)
# Line 738  else Line 1446  else
1446      }      }
1447    }    }
1448    
1449    /* Perl supports \N{name} for character names, as well as plain \N for "not
1450    newline". PCRE does not support \N{name}. However, it does support
1451    quantification such as \N{2,3}. */
1452    
1453    if (escape == ESC_N && ptr[1] == CHAR_LEFT_CURLY_BRACKET &&
1454         !is_counted_repeat(ptr+2))
1455      *errorcodeptr = ERR37;
1456    
1457    /* If PCRE_UCP is set, we change the values for \d etc. */
1458    
1459    if ((options & PCRE_UCP) != 0 && escape >= ESC_D && escape <= ESC_w)
1460      escape += (ESC_DU - ESC_D);
1461    
1462    /* Set the pointer to the final character before returning. */
1463    
1464  *ptrptr = ptr;  *ptrptr = ptr;
1465  return c;  *chptr = c;
1466    return escape;
1467  }  }
1468    
1469    
# Line 757  escape sequence. Line 1481  escape sequence.
1481  Argument:  Argument:
1482    ptrptr         points to the pattern position pointer    ptrptr         points to the pattern position pointer
1483    negptr         points to a boolean that is set TRUE for negation else FALSE    negptr         points to a boolean that is set TRUE for negation else FALSE
1484    dptr           points to an int that is set to the detailed property value    ptypeptr       points to an unsigned int that is set to the type value
1485      pdataptr       points to an unsigned int that is set to the detailed property value
1486    errorcodeptr   points to the error code variable    errorcodeptr   points to the error code variable
1487    
1488  Returns:         type value from ucp_type_table, or -1 for an invalid type  Returns:         TRUE if the type value was found, or FALSE for an invalid type
1489  */  */
1490    
1491  static int  static BOOL
1492  get_ucp(const uschar **ptrptr, BOOL *negptr, int *dptr, int *errorcodeptr)  get_ucp(const pcre_uchar **ptrptr, BOOL *negptr, unsigned int *ptypeptr,
1493      unsigned int *pdataptr, int *errorcodeptr)
1494  {  {
1495  int c, i, bot, top;  pcre_uchar c;
1496  const uschar *ptr = *ptrptr;  int i, bot, top;
1497  char name[32];  const pcre_uchar *ptr = *ptrptr;
1498    pcre_uchar name[32];
1499    
1500  c = *(++ptr);  c = *(++ptr);
1501  if (c == 0) goto ERROR_RETURN;  if (c == CHAR_NULL) goto ERROR_RETURN;
1502    
1503  *negptr = FALSE;  *negptr = FALSE;
1504    
1505  /* \P or \p can be followed by a name in {}, optionally preceded by ^ for  /* \P or \p can be followed by a name in {}, optionally preceded by ^ for
1506  negation. */  negation. */
1507    
1508  if (c == '{')  if (c == CHAR_LEFT_CURLY_BRACKET)
1509    {    {
1510    if (ptr[1] == '^')    if (ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
1511      {      {
1512      *negptr = TRUE;      *negptr = TRUE;
1513      ptr++;      ptr++;
1514      }      }
1515    for (i = 0; i < (int)sizeof(name) - 1; i++)    for (i = 0; i < (int)(sizeof(name) / sizeof(pcre_uchar)) - 1; i++)
1516      {      {
1517      c = *(++ptr);      c = *(++ptr);
1518      if (c == 0) goto ERROR_RETURN;      if (c == CHAR_NULL) goto ERROR_RETURN;
1519      if (c == '}') break;      if (c == CHAR_RIGHT_CURLY_BRACKET) break;
1520      name[i] = c;      name[i] = c;
1521      }      }
1522    if (c !='}') goto ERROR_RETURN;    if (c != CHAR_RIGHT_CURLY_BRACKET) goto ERROR_RETURN;
1523    name[i] = 0;    name[i] = 0;
1524    }    }
1525    
# Line 809  else Line 1536  else
1536  /* Search for a recognized property name using binary chop */  /* Search for a recognized property name using binary chop */
1537    
1538  bot = 0;  bot = 0;
1539  top = _pcre_utt_size;  top = PRIV(utt_size);
1540    
1541  while (bot < top)  while (bot < top)
1542    {    {
1543      int r;
1544    i = (bot + top) >> 1;    i = (bot + top) >> 1;
1545    c = strcmp(name, _pcre_utt_names + _pcre_utt[i].name_offset);    r = STRCMP_UC_C8(name, PRIV(utt_names) + PRIV(utt)[i].name_offset);
1546    if (c == 0)    if (r == 0)
1547      {      {
1548      *dptr = _pcre_utt[i].value;      *ptypeptr = PRIV(utt)[i].type;
1549      return _pcre_utt[i].type;      *pdataptr = PRIV(utt)[i].value;
1550        return TRUE;
1551      }      }
1552    if (c > 0) bot = i + 1; else top = i;    if (r > 0) bot = i + 1; else top = i;
1553    }    }
1554    
1555  *errorcodeptr = ERR47;  *errorcodeptr = ERR47;
1556  *ptrptr = ptr;  *ptrptr = ptr;
1557  return -1;  return FALSE;
1558    
1559  ERROR_RETURN:  ERROR_RETURN:
1560  *errorcodeptr = ERR46;  *errorcodeptr = ERR46;
1561  *ptrptr = ptr;  *ptrptr = ptr;
1562  return -1;  return FALSE;
1563  }  }
1564  #endif  #endif
1565    
1566    
1567    
   
 /*************************************************  
 *            Check for counted repeat            *  
 *************************************************/  
   
 /* This function is called when a '{' is encountered in a place where it might  
 start a quantifier. It looks ahead to see if it really is a quantifier or not.  
 It is only a quantifier if it is one of the forms {ddd} {ddd,} or {ddd,ddd}  
 where the ddds are digits.  
   
 Arguments:  
   p         pointer to the first char after '{'  
   
 Returns:    TRUE or FALSE  
 */  
   
 static BOOL  
 is_counted_repeat(const uschar *p)  
 {  
 if ((digitab[*p++] & ctype_digit) == 0) return FALSE;  
 while ((digitab[*p] & ctype_digit) != 0) p++;  
 if (*p == '}') return TRUE;  
   
 if (*p++ != ',') return FALSE;  
 if (*p == '}') return TRUE;  
   
 if ((digitab[*p++] & ctype_digit) == 0) return FALSE;  
 while ((digitab[*p] & ctype_digit) != 0) p++;  
   
 return (*p == '}');  
 }  
   
   
   
1568  /*************************************************  /*************************************************
1569  *         Read repeat counts                     *  *         Read repeat counts                     *
1570  *************************************************/  *************************************************/
# Line 889  Returns:         pointer to '}' on succe Line 1584  Returns:         pointer to '}' on succe
1584                   current ptr on error, with errorcodeptr set non-zero                   current ptr on error, with errorcodeptr set non-zero
1585  */  */
1586    
1587  static const uschar *  static const pcre_uchar *
1588  read_repeat_counts(const uschar *p, int *minp, int *maxp, int *errorcodeptr)  read_repeat_counts(const pcre_uchar *p, int *minp, int *maxp, int *errorcodeptr)
1589  {  {
1590  int min = 0;  int min = 0;
1591  int max = -1;  int max = -1;
1592    
1593  /* Read the minimum value and do a paranoid check: a negative value indicates  while (IS_DIGIT(*p))
 an integer overflow. */  
   
 while ((digitab[*p] & ctype_digit) != 0) min = min * 10 + *p++ - '0';  
 if (min < 0 || min > 65535)  
1594    {    {
1595    *errorcodeptr = ERR5;    min = min * 10 + (int)(*p++ - CHAR_0);
1596    return p;    if (min > 65535)
1597        {
1598        *errorcodeptr = ERR5;
1599        return p;
1600        }
1601    }    }
1602    
1603  /* Read the maximum value if there is one, and again do a paranoid on its size.  if (*p == CHAR_RIGHT_CURLY_BRACKET) max = min; else
 Also, max must not be less than min. */  
   
 if (*p == '}') max = min; else  
1604    {    {
1605    if (*(++p) != '}')    if (*(++p) != CHAR_RIGHT_CURLY_BRACKET)
1606      {      {
1607      max = 0;      max = 0;
1608      while((digitab[*p] & ctype_digit) != 0) max = max * 10 + *p++ - '0';      while(IS_DIGIT(*p))
     if (max < 0 || max > 65535)  
1609        {        {
1610        *errorcodeptr = ERR5;        max = max * 10 + (int)(*p++ - CHAR_0);
1611        return p;        if (max > 65535)
1612            {
1613            *errorcodeptr = ERR5;
1614            return p;
1615            }
1616        }        }
1617      if (max < min)      if (max < min)
1618        {        {
# Line 927  if (*p == '}') max = min; else Line 1622  if (*p == '}') max = min; else
1622      }      }
1623    }    }
1624    
 /* Fill in the required variables, and pass back the pointer to the terminating  
 '}'. */  
   
1625  *minp = min;  *minp = min;
1626  *maxp = max;  *maxp = max;
1627  return p;  return p;
# Line 938  return p; Line 1630  return p;
1630    
1631    
1632  /*************************************************  /*************************************************
1633  *       Find forward referenced subpattern       *  *      Find first significant op code            *
1634  *************************************************/  *************************************************/
1635    
1636  /* This function scans along a pattern's text looking for capturing  /* This is called by several functions that scan a compiled expression looking
1637  subpatterns, and counting them. If it finds a named pattern that matches the  for a fixed first character, or an anchoring op code etc. It skips over things
1638  name it is given, it returns its number. Alternatively, if the name is NULL, it  that do not influence this. For some calls, it makes sense to skip negative
1639  returns when it reaches a given numbered subpattern. This is used for forward  forward and all backward assertions, and also the \b assertion; for others it
1640  references to subpatterns. We know that if (?P< is encountered, the name will  does not.
 be terminated by '>' because that is checked in the first pass.  
1641    
1642  Arguments:  Arguments:
1643    ptr          current position in the pattern    code         pointer to the start of the group
1644    count        current count of capturing parens so far encountered    skipassert   TRUE if certain assertions are to be skipped
   name         name to seek, or NULL if seeking a numbered subpattern  
   lorn         name length, or subpattern number if name is NULL  
   xmode        TRUE if we are in /x mode  
1645    
1646  Returns:       the number of the named subpattern, or -1 if not found  Returns:       pointer to the first significant opcode
1647  */  */
1648    
1649  static int  static const pcre_uchar*
1650  find_parens(const uschar *ptr, int count, const uschar *name, int lorn,  first_significant_code(const pcre_uchar *code, BOOL skipassert)
   BOOL xmode)  
1651  {  {
1652  const uschar *thisname;  for (;;)
   
 for (; *ptr != 0; ptr++)  
1653    {    {
1654    int term;    switch ((int)*code)
   
   /* Skip over backslashed characters and also entire \Q...\E */  
   
   if (*ptr == '\\')  
1655      {      {
1656      if (*(++ptr) == 0) return -1;      case OP_ASSERT_NOT:
1657      if (*ptr == 'Q') for (;;)      case OP_ASSERTBACK:
1658        {      case OP_ASSERTBACK_NOT:
1659        while (*(++ptr) != 0 && *ptr != '\\');      if (!skipassert) return code;
1660        if (*ptr == 0) return -1;      do code += GET(code, 1); while (*code == OP_ALT);
1661        if (*(++ptr) == 'E') break;      code += PRIV(OP_lengths)[*code];
1662        }      break;
     continue;  
     }  
   
   /* Skip over character classes */  
   
   if (*ptr == '[')  
     {  
     while (*(++ptr) != ']')  
       {  
       if (*ptr == 0) return -1;  
       if (*ptr == '\\')  
         {  
         if (*(++ptr) == 0) return -1;  
         if (*ptr == 'Q') for (;;)  
           {  
           while (*(++ptr) != 0 && *ptr != '\\');  
           if (*ptr == 0) return -1;  
           if (*(++ptr) == 'E') break;  
           }  
         continue;  
         }  
       }  
     continue;  
     }  
   
   /* Skip comments in /x mode */  
   
   if (xmode && *ptr == '#')  
     {  
     while (*(++ptr) != 0 && *ptr != '\n');  
     if (*ptr == 0) return -1;  
     continue;  
     }  
   
   /* An opening parens must now be a real metacharacter */  
   
   if (*ptr != '(') continue;  
   if (ptr[1] != '?' && ptr[1] != '*')  
     {  
     count++;  
     if (name == NULL && count == lorn) return count;  
     continue;  
     }  
   
   ptr += 2;  
   if (*ptr == 'P') ptr++;                      /* Allow optional P */  
   
   /* We have to disambiguate (?<! and (?<= from (?<name> */  
   
   if ((*ptr != '<' || ptr[1] == '!' || ptr[1] == '=') &&  
        *ptr != '\'')  
     continue;  
   
   count++;  
   
   if (name == NULL && count == lorn) return count;  
   term = *ptr++;  
   if (term == '<') term = '>';  
   thisname = ptr;  
   while (*ptr != term) ptr++;  
   if (name != NULL && lorn == ptr - thisname &&  
       strncmp((const char *)name, (const char *)thisname, lorn) == 0)  
     return count;  
   }  
   
 return -1;  
 }  
   
   
   
 /*************************************************  
 *      Find first significant op code            *  
 *************************************************/  
   
 /* This is called by several functions that scan a compiled expression looking  
 for a fixed first character, or an anchoring op code etc. It skips over things  
 that do not influence this. For some calls, a change of option is important.  
 For some calls, it makes sense to skip negative forward and all backward  
 assertions, and also the \b assertion; for others it does not.  
   
 Arguments:  
   code         pointer to the start of the group  
   options      pointer to external options  
   optbit       the option bit whose changing is significant, or  
                  zero if none are  
   skipassert   TRUE if certain assertions are to be skipped  
   
 Returns:       pointer to the first significant opcode  
 */  
   
 static const uschar*  
 first_significant_code(const uschar *code, int *options, int optbit,  
   BOOL skipassert)  
 {  
 for (;;)  
   {  
   switch ((int)*code)  
     {  
     case OP_OPT:  
     if (optbit > 0 && ((int)code[1] & optbit) != (*options & optbit))  
       *options = (int)code[1];  
     code += 2;  
     break;  
   
     case OP_ASSERT_NOT:  
     case OP_ASSERTBACK:  
     case OP_ASSERTBACK_NOT:  
     if (!skipassert) return code;  
     do code += GET(code, 1); while (*code == OP_ALT);  
     code += _pcre_OP_lengths[*code];  
     break;  
1663    
1664      case OP_WORD_BOUNDARY:      case OP_WORD_BOUNDARY:
1665      case OP_NOT_WORD_BOUNDARY:      case OP_NOT_WORD_BOUNDARY:
# Line 1098  for (;;) Line 1668  for (;;)
1668    
1669      case OP_CALLOUT:      case OP_CALLOUT:
1670      case OP_CREF:      case OP_CREF:
1671        case OP_DNCREF:
1672      case OP_RREF:      case OP_RREF:
1673        case OP_DNRREF:
1674      case OP_DEF:      case OP_DEF:
1675      code += _pcre_OP_lengths[*code];      code += PRIV(OP_lengths)[*code];
1676      break;      break;
1677    
1678      default:      default:
# Line 1112  for (;;) Line 1684  for (;;)
1684    
1685    
1686    
   
1687  /*************************************************  /*************************************************
1688  *        Find the fixed length of a pattern      *  *        Find the fixed length of a branch       *
1689  *************************************************/  *************************************************/
1690    
1691  /* Scan a pattern and compute the fixed length of subject that will match it,  /* Scan a branch and compute the fixed length of subject that will match it,
1692  if the length is fixed. This is needed for dealing with backward assertions.  if the length is fixed. This is needed for dealing with backward assertions.
1693  In UTF8 mode, the result is in characters rather than bytes.  In UTF8 mode, the result is in characters rather than bytes. The branch is
1694    temporarily terminated with OP_END when this function is called.
1695    
1696    This function is called when a backward assertion is encountered, so that if it
1697    fails, the error message can point to the correct place in the pattern.
1698    However, we cannot do this when the assertion contains subroutine calls,
1699    because they can be forward references. We solve this by remembering this case
1700    and doing the check at the end; a flag specifies which mode we are running in.
1701    
1702  Arguments:  Arguments:
1703    code     points to the start of the pattern (the bracket)    code     points to the start of the pattern (the bracket)
1704    options  the compiling options    utf      TRUE in UTF-8 / UTF-16 / UTF-32 mode
1705      atend    TRUE if called when the pattern is complete
1706  Returns:   the fixed length, or -1 if there is no fixed length,    cd       the "compile data" structure
1707               or -2 if \C was encountered  
1708    Returns:   the fixed length,
1709                 or -1 if there is no fixed length,
1710                 or -2 if \C was encountered (in UTF-8 mode only)
1711                 or -3 if an OP_RECURSE item was encountered and atend is FALSE
1712                 or -4 if an unknown opcode was encountered (internal error)
1713  */  */
1714    
1715  static int  static int
1716  find_fixedlength(uschar *code, int options)  find_fixedlength(pcre_uchar *code, BOOL utf, BOOL atend, compile_data *cd)
1717  {  {
1718  int length = -1;  int length = -1;
1719    
1720  register int branchlength = 0;  register int branchlength = 0;
1721  register uschar *cc = code + 1 + LINK_SIZE;  register pcre_uchar *cc = code + 1 + LINK_SIZE;
1722    
1723  /* Scan along the opcodes for this branch. If we get to the end of the  /* Scan along the opcodes for this branch. If we get to the end of the
1724  branch, check the length against that of the other branches. */  branch, check the length against that of the other branches. */
# Line 1143  branch, check the length against that of Line 1726  branch, check the length against that of
1726  for (;;)  for (;;)
1727    {    {
1728    int d;    int d;
1729    register int op = *cc;    pcre_uchar *ce, *cs;
1730      register pcre_uchar op = *cc;
1731    
1732    switch (op)    switch (op)
1733      {      {
1734        /* We only need to continue for OP_CBRA (normal capturing bracket) and
1735        OP_BRA (normal non-capturing bracket) because the other variants of these
1736        opcodes are all concerned with unlimited repeated groups, which of course
1737        are not of fixed length. */
1738    
1739      case OP_CBRA:      case OP_CBRA:
1740      case OP_BRA:      case OP_BRA:
1741      case OP_ONCE:      case OP_ONCE:
1742        case OP_ONCE_NC:
1743      case OP_COND:      case OP_COND:
1744      d = find_fixedlength(cc + ((op == OP_CBRA)? 2:0), options);      d = find_fixedlength(cc + ((op == OP_CBRA)? IMM2_SIZE : 0), utf, atend, cd);
1745      if (d < 0) return d;      if (d < 0) return d;
1746      branchlength += d;      branchlength += d;
1747      do cc += GET(cc, 1); while (*cc == OP_ALT);      do cc += GET(cc, 1); while (*cc == OP_ALT);
1748      cc += 1 + LINK_SIZE;      cc += 1 + LINK_SIZE;
1749      break;      break;
1750    
1751      /* Reached end of a branch; if it's a ket it is the end of a nested      /* Reached end of a branch; if it's a ket it is the end of a nested call.
1752      call. If it's ALT it is an alternation in a nested call. If it is      If it's ALT it is an alternation in a nested call. An ACCEPT is effectively
1753      END it's the end of the outer call. All can be handled by the same code. */      an ALT. If it is END it's the end of the outer call. All can be handled by
1754        the same code. Note that we must not include the OP_KETRxxx opcodes here,
1755        because they all imply an unlimited repeat. */
1756    
1757      case OP_ALT:      case OP_ALT:
1758      case OP_KET:      case OP_KET:
     case OP_KETRMAX:  
     case OP_KETRMIN:  
1759      case OP_END:      case OP_END:
1760        case OP_ACCEPT:
1761        case OP_ASSERT_ACCEPT:
1762      if (length < 0) length = branchlength;      if (length < 0) length = branchlength;
1763        else if (length != branchlength) return -1;        else if (length != branchlength) return -1;
1764      if (*cc != OP_ALT) return length;      if (*cc != OP_ALT) return length;
# Line 1173  for (;;) Line 1766  for (;;)
1766      branchlength = 0;      branchlength = 0;
1767      break;      break;
1768    
1769        /* A true recursion implies not fixed length, but a subroutine call may
1770        be OK. If the subroutine is a forward reference, we can't deal with
1771        it until the end of the pattern, so return -3. */
1772    
1773        case OP_RECURSE:
1774        if (!atend) return -3;
1775        cs = ce = (pcre_uchar *)cd->start_code + GET(cc, 1);  /* Start subpattern */
1776        do ce += GET(ce, 1); while (*ce == OP_ALT);           /* End subpattern */
1777        if (cc > cs && cc < ce) return -1;                    /* Recursion */
1778        d = find_fixedlength(cs + IMM2_SIZE, utf, atend, cd);
1779        if (d < 0) return d;
1780        branchlength += d;
1781        cc += 1 + LINK_SIZE;
1782        break;
1783    
1784      /* Skip over assertive subpatterns */      /* Skip over assertive subpatterns */
1785    
1786      case OP_ASSERT:      case OP_ASSERT:
# Line 1180  for (;;) Line 1788  for (;;)
1788      case OP_ASSERTBACK:      case OP_ASSERTBACK:
1789      case OP_ASSERTBACK_NOT:      case OP_ASSERTBACK_NOT:
1790      do cc += GET(cc, 1); while (*cc == OP_ALT);      do cc += GET(cc, 1); while (*cc == OP_ALT);
1791      /* Fall through */      cc += PRIV(OP_lengths)[*cc];
1792        break;
1793    
1794      /* Skip over things that don't match chars */      /* Skip over things that don't match chars */
1795    
1796      case OP_REVERSE:      case OP_MARK:
1797        case OP_PRUNE_ARG:
1798        case OP_SKIP_ARG:
1799        case OP_THEN_ARG:
1800        cc += cc[1] + PRIV(OP_lengths)[*cc];
1801        break;
1802    
1803        case OP_CALLOUT:
1804        case OP_CIRC:
1805        case OP_CIRCM:
1806        case OP_CLOSE:
1807        case OP_COMMIT:
1808      case OP_CREF:      case OP_CREF:
     case OP_RREF:  
1809      case OP_DEF:      case OP_DEF:
1810      case OP_OPT:      case OP_DNCREF:
1811      case OP_CALLOUT:      case OP_DNRREF:
1812      case OP_SOD:      case OP_DOLL:
1813      case OP_SOM:      case OP_DOLLM:
1814      case OP_EOD:      case OP_EOD:
1815      case OP_EODN:      case OP_EODN:
1816      case OP_CIRC:      case OP_FAIL:
     case OP_DOLL:  
1817      case OP_NOT_WORD_BOUNDARY:      case OP_NOT_WORD_BOUNDARY:
1818        case OP_PRUNE:
1819        case OP_REVERSE:
1820        case OP_RREF:
1821        case OP_SET_SOM:
1822        case OP_SKIP:
1823        case OP_SOD:
1824        case OP_SOM:
1825        case OP_THEN:
1826      case OP_WORD_BOUNDARY:      case OP_WORD_BOUNDARY:
1827      cc += _pcre_OP_lengths[*cc];      cc += PRIV(OP_lengths)[*cc];
1828      break;      break;
1829    
1830      /* Handle literal characters */      /* Handle literal characters */
1831    
1832      case OP_CHAR:      case OP_CHAR:
1833      case OP_CHARNC:      case OP_CHARI:
1834      case OP_NOT:      case OP_NOT:
1835        case OP_NOTI:
1836      branchlength++;      branchlength++;
1837      cc += 2;      cc += 2;
1838  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF
1839      if ((options & PCRE_UTF8) != 0)      if (utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]);
       {  
       while ((*cc & 0xc0) == 0x80) cc++;  
       }  
1840  #endif  #endif
1841      break;      break;
1842    
# Line 1220  for (;;) Line 1844  for (;;)
1844      need to skip over a multibyte character in UTF8 mode.  */      need to skip over a multibyte character in UTF8 mode.  */
1845    
1846      case OP_EXACT:      case OP_EXACT:
1847      branchlength += GET2(cc,1);      case OP_EXACTI:
1848      cc += 4;      case OP_NOTEXACT:
1849  #ifdef SUPPORT_UTF8      case OP_NOTEXACTI:
1850      if ((options & PCRE_UTF8) != 0)      branchlength += (int)GET2(cc,1);
1851        {      cc += 2 + IMM2_SIZE;
1852        while((*cc & 0x80) == 0x80) cc++;  #ifdef SUPPORT_UTF
1853        }      if (utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]);
1854  #endif  #endif
1855      break;      break;
1856    
1857      case OP_TYPEEXACT:      case OP_TYPEEXACT:
1858      branchlength += GET2(cc,1);      branchlength += GET2(cc,1);
1859      if (cc[3] == OP_PROP || cc[3] == OP_NOTPROP) cc += 2;      if (cc[1 + IMM2_SIZE] == OP_PROP || cc[1 + IMM2_SIZE] == OP_NOTPROP)
1860      cc += 4;        cc += 2;
1861        cc += 1 + IMM2_SIZE + 1;
1862      break;      break;
1863    
1864      /* Handle single-char matchers */      /* Handle single-char matchers */
# Line 1243  for (;;) Line 1868  for (;;)
1868      cc += 2;      cc += 2;
1869      /* Fall through */      /* Fall through */
1870    
1871        case OP_HSPACE:
1872        case OP_VSPACE:
1873        case OP_NOT_HSPACE:
1874        case OP_NOT_VSPACE:
1875      case OP_NOT_DIGIT:      case OP_NOT_DIGIT:
1876      case OP_DIGIT:      case OP_DIGIT:
1877      case OP_NOT_WHITESPACE:      case OP_NOT_WHITESPACE:
# Line 1250  for (;;) Line 1879  for (;;)
1879      case OP_NOT_WORDCHAR:      case OP_NOT_WORDCHAR:
1880      case OP_WORDCHAR:      case OP_WORDCHAR:
1881      case OP_ANY:      case OP_ANY:
1882        case OP_ALLANY:
1883      branchlength++;      branchlength++;
1884      cc++;      cc++;
1885      break;      break;
1886    
1887      /* The single-byte matcher isn't allowed */      /* The single-byte matcher isn't allowed. This only happens in UTF-8 mode;
1888        otherwise \C is coded as OP_ALLANY. */
1889    
1890      case OP_ANYBYTE:      case OP_ANYBYTE:
1891      return -2;      return -2;
1892    
1893      /* Check a class for variable quantification */      /* Check a class for variable quantification */
1894    
 #ifdef SUPPORT_UTF8  
     case OP_XCLASS:  
     cc += GET(cc, 1) - 33;  
     /* Fall through */  
 #endif  
   
1895      case OP_CLASS:      case OP_CLASS:
1896      case OP_NCLASS:      case OP_NCLASS:
1897      cc += 33;  #if defined SUPPORT_UTF || defined COMPILE_PCRE16 || defined COMPILE_PCRE32
1898        case OP_XCLASS:
1899        /* The original code caused an unsigned overflow in 64 bit systems,
1900        so now we use a conditional statement. */
1901        if (op == OP_XCLASS)
1902          cc += GET(cc, 1);
1903        else
1904          cc += PRIV(OP_lengths)[OP_CLASS];
1905    #else
1906        cc += PRIV(OP_lengths)[OP_CLASS];
1907    #endif
1908    
1909      switch (*cc)      switch (*cc)
1910        {        {
1911        case OP_CRSTAR:        case OP_CRSTAR:
1912        case OP_CRMINSTAR:        case OP_CRMINSTAR:
1913          case OP_CRPLUS:
1914          case OP_CRMINPLUS:
1915        case OP_CRQUERY:        case OP_CRQUERY:
1916        case OP_CRMINQUERY:        case OP_CRMINQUERY:
1917          case OP_CRPOSSTAR:
1918          case OP_CRPOSPLUS:
1919          case OP_CRPOSQUERY:
1920        return -1;        return -1;
1921    
1922        case OP_CRRANGE:        case OP_CRRANGE:
1923        case OP_CRMINRANGE:        case OP_CRMINRANGE:
1924        if (GET2(cc,1) != GET2(cc,3)) return -1;        case OP_CRPOSRANGE:
1925        branchlength += GET2(cc,1);        if (GET2(cc,1) != GET2(cc,1+IMM2_SIZE)) return -1;
1926        cc += 5;        branchlength += (int)GET2(cc,1);
1927          cc += 1 + 2 * IMM2_SIZE;
1928        break;        break;
1929    
1930        default:        default:
# Line 1293  for (;;) Line 1934  for (;;)
1934    
1935      /* Anything else is variable length */      /* Anything else is variable length */
1936    
1937      default:      case OP_ANYNL:
1938        case OP_BRAMINZERO:
1939        case OP_BRAPOS:
1940        case OP_BRAPOSZERO:
1941        case OP_BRAZERO:
1942        case OP_CBRAPOS:
1943        case OP_EXTUNI:
1944        case OP_KETRMAX:
1945        case OP_KETRMIN:
1946        case OP_KETRPOS:
1947        case OP_MINPLUS:
1948        case OP_MINPLUSI:
1949        case OP_MINQUERY:
1950        case OP_MINQUERYI:
1951        case OP_MINSTAR:
1952        case OP_MINSTARI:
1953        case OP_MINUPTO:
1954        case OP_MINUPTOI:
1955        case OP_NOTMINPLUS:
1956        case OP_NOTMINPLUSI:
1957        case OP_NOTMINQUERY:
1958        case OP_NOTMINQUERYI:
1959        case OP_NOTMINSTAR:
1960        case OP_NOTMINSTARI:
1961        case OP_NOTMINUPTO:
1962        case OP_NOTMINUPTOI:
1963        case OP_NOTPLUS:
1964        case OP_NOTPLUSI:
1965        case OP_NOTPOSPLUS:
1966        case OP_NOTPOSPLUSI:
1967        case OP_NOTPOSQUERY:
1968        case OP_NOTPOSQUERYI:
1969        case OP_NOTPOSSTAR:
1970        case OP_NOTPOSSTARI:
1971        case OP_NOTPOSUPTO:
1972        case OP_NOTPOSUPTOI:
1973        case OP_NOTQUERY:
1974        case OP_NOTQUERYI:
1975        case OP_NOTSTAR:
1976        case OP_NOTSTARI:
1977        case OP_NOTUPTO:
1978        case OP_NOTUPTOI:
1979        case OP_PLUS:
1980        case OP_PLUSI:
1981        case OP_POSPLUS:
1982        case OP_POSPLUSI:
1983        case OP_POSQUERY:
1984        case OP_POSQUERYI:
1985        case OP_POSSTAR:
1986        case OP_POSSTARI:
1987        case OP_POSUPTO:
1988        case OP_POSUPTOI:
1989        case OP_QUERY:
1990        case OP_QUERYI:
1991        case OP_REF:
1992        case OP_REFI:
1993        case OP_DNREF:
1994        case OP_DNREFI:
1995        case OP_SBRA:
1996        case OP_SBRAPOS:
1997        case OP_SCBRA:
1998        case OP_SCBRAPOS:
1999        case OP_SCOND:
2000        case OP_SKIPZERO:
2001        case OP_STAR:
2002        case OP_STARI:
2003        case OP_TYPEMINPLUS:
2004        case OP_TYPEMINQUERY:
2005        case OP_TYPEMINSTAR:
2006        case OP_TYPEMINUPTO:
2007        case OP_TYPEPLUS:
2008        case OP_TYPEPOSPLUS:
2009        case OP_TYPEPOSQUERY:
2010        case OP_TYPEPOSSTAR:
2011        case OP_TYPEPOSUPTO:
2012        case OP_TYPEQUERY:
2013        case OP_TYPESTAR:
2014        case OP_TYPEUPTO:
2015        case OP_UPTO:
2016        case OP_UPTOI:
2017      return -1;      return -1;
2018    
2019        /* Catch unrecognized opcodes so that when new ones are added they
2020        are not forgotten, as has happened in the past. */
2021    
2022        default:
2023        return -4;
2024      }      }
2025    }    }
2026  /* Control never gets here */  /* Control never gets here */
# Line 1302  for (;;) Line 2028  for (;;)
2028    
2029    
2030    
   
2031  /*************************************************  /*************************************************
2032  *    Scan compiled regex for numbered bracket    *  *    Scan compiled regex for specific bracket    *
2033  *************************************************/  *************************************************/
2034    
2035  /* This little function scans through a compiled pattern until it finds a  /* This little function scans through a compiled pattern until it finds a
2036  capturing bracket with the given number.  capturing bracket with the given number, or, if the number is negative, an
2037    instance of OP_REVERSE for a lookbehind. The function is global in the C sense
2038    so that it can be called from pcre_study() when finding the minimum matching
2039    length.
2040    
2041  Arguments:  Arguments:
2042    code        points to start of expression    code        points to start of expression
2043    utf8        TRUE in UTF-8 mode    utf         TRUE in UTF-8 / UTF-16 / UTF-32 mode
2044    number      the required bracket number    number      the required bracket number or negative to find a lookbehind
2045    
2046  Returns:      pointer to the opcode for the bracket, or NULL if not found  Returns:      pointer to the opcode for the bracket, or NULL if not found
2047  */  */
2048    
2049  static const uschar *  const pcre_uchar *
2050  find_bracket(const uschar *code, BOOL utf8, int number)  PRIV(find_bracket)(const pcre_uchar *code, BOOL utf, int number)
2051  {  {
2052  for (;;)  for (;;)
2053    {    {
2054    register int c = *code;    register pcre_uchar c = *code;
2055    
2056    if (c == OP_END) return NULL;    if (c == OP_END) return NULL;
2057    
2058    /* XCLASS is used for classes that cannot be represented just by a bit    /* XCLASS is used for classes that cannot be represented just by a bit
# Line 1332  for (;;) Line 2061  for (;;)
2061    
2062    if (c == OP_XCLASS) code += GET(code, 1);    if (c == OP_XCLASS) code += GET(code, 1);
2063    
2064      /* Handle recursion */
2065    
2066      else if (c == OP_REVERSE)
2067        {
2068        if (number < 0) return (pcre_uchar *)code;
2069        code += PRIV(OP_lengths)[c];
2070        }
2071    
2072    /* Handle capturing bracket */    /* Handle capturing bracket */
2073    
2074    else if (c == OP_CBRA)    else if (c == OP_CBRA || c == OP_SCBRA ||
2075               c == OP_CBRAPOS || c == OP_SCBRAPOS)
2076      {      {
2077      int n = GET2(code, 1+LINK_SIZE);      int n = (int)GET2(code, 1+LINK_SIZE);
2078      if (n == number) return (uschar *)code;      if (n == number) return (pcre_uchar *)code;
2079      code += _pcre_OP_lengths[c];      code += PRIV(OP_lengths)[c];
2080      }      }
2081    
2082    /* Otherwise, we can get the item's length from the table, except that for    /* Otherwise, we can get the item's length from the table, except that for
2083    repeated character types, we have to test for \p and \P, which have an extra    repeated character types, we have to test for \p and \P, which have an extra
2084    two bytes of parameters. */    two bytes of parameters, and for MARK/PRUNE/SKIP/THEN with an argument, we
2085      must add in its length. */
2086    
2087    else    else
2088      {      {
# Line 1365  for (;;) Line 2104  for (;;)
2104        case OP_TYPEMINUPTO:        case OP_TYPEMINUPTO:
2105        case OP_TYPEEXACT:        case OP_TYPEEXACT:
2106        case OP_TYPEPOSUPTO:        case OP_TYPEPOSUPTO:
2107        if (code[3] == OP_PROP || code[3] == OP_NOTPROP) code += 2;        if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2108            code += 2;
2109          break;
2110    
2111          case OP_MARK:
2112          case OP_PRUNE_ARG:
2113          case OP_SKIP_ARG:
2114          case OP_THEN_ARG:
2115          code += code[1];
2116        break;        break;
2117        }        }
2118    
2119      /* Add in the fixed length from the table */      /* Add in the fixed length from the table */
2120    
2121      code += _pcre_OP_lengths[c];      code += PRIV(OP_lengths)[c];
2122    
2123    /* In UTF-8 mode, opcodes that are followed by a character may be followed by    /* In UTF-8 mode, opcodes that are followed by a character may be followed by
2124    a multi-byte character. The length in the table is a minimum, so we have to    a multi-byte character. The length in the table is a minimum, so we have to
2125    arrange to skip the extra bytes. */    arrange to skip the extra bytes. */
2126    
2127  #ifdef SUPPORT_UTF8  #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2128      if (utf8) switch(c)      if (utf) switch(c)
2129        {        {
2130        case OP_CHAR:        case OP_CHAR:
2131        case OP_CHARNC:        case OP_CHARI:
2132          case OP_NOT:
2133          case OP_NOTI:
2134        case OP_EXACT:        case OP_EXACT:
2135          case OP_EXACTI:
2136          case OP_NOTEXACT:
2137          case OP_NOTEXACTI:
2138        case OP_UPTO:        case OP_UPTO:
2139          case OP_UPTOI:
2140          case OP_NOTUPTO:
2141          case OP_NOTUPTOI:
2142        case OP_MINUPTO:        case OP_MINUPTO:
2143          case OP_MINUPTOI:
2144          case OP_NOTMINUPTO:
2145          case OP_NOTMINUPTOI:
2146        case OP_POSUPTO:        case OP_POSUPTO:
2147          case OP_POSUPTOI:
2148          case OP_NOTPOSUPTO:
2149          case OP_NOTPOSUPTOI:
2150        case OP_STAR:        case OP_STAR:
2151          case OP_STARI:
2152          case OP_NOTSTAR:
2153          case OP_NOTSTARI:
2154        case OP_MINSTAR:        case OP_MINSTAR:
2155          case OP_MINSTARI:
2156          case OP_NOTMINSTAR:
2157          case OP_NOTMINSTARI:
2158        case OP_POSSTAR:        case OP_POSSTAR:
2159          case OP_POSSTARI:
2160          case OP_NOTPOSSTAR:
2161          case OP_NOTPOSSTARI:
2162        case OP_PLUS:        case OP_PLUS:
2163          case OP_PLUSI:
2164          case OP_NOTPLUS:
2165          case OP_NOTPLUSI:
2166        case OP_MINPLUS:        case OP_MINPLUS:
2167          case OP_MINPLUSI:
2168          case OP_NOTMINPLUS:
2169          case OP_NOTMINPLUSI:
2170        case OP_POSPLUS:        case OP_POSPLUS:
2171          case OP_POSPLUSI:
2172          case OP_NOTPOSPLUS:
2173          case OP_NOTPOSPLUSI:
2174        case OP_QUERY:        case OP_QUERY:
2175          case OP_QUERYI:
2176          case OP_NOTQUERY:
2177          case OP_NOTQUERYI:
2178        case OP_MINQUERY:        case OP_MINQUERY:
2179          case OP_MINQUERYI:
2180          case OP_NOTMINQUERY:
2181          case OP_NOTMINQUERYI:
2182        case OP_POSQUERY:        case OP_POSQUERY:
2183        if (code[-1] >= 0xc0) code += _pcre_utf8_table4[code[-1] & 0x3f];        case OP_POSQUERYI:
2184          case OP_NOTPOSQUERY:
2185          case OP_NOTPOSQUERYI:
2186          if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);
2187        break;        break;
2188        }        }
2189    #else
2190        (void)(utf);  /* Keep compiler happy by referencing function argument */
2191  #endif  #endif
2192      }      }
2193    }    }
# Line 1414  instance of OP_RECURSE. Line 2204  instance of OP_RECURSE.
2204    
2205  Arguments:  Arguments:
2206    code        points to start of expression    code        points to start of expression
2207    utf8        TRUE in UTF-8 mode    utf         TRUE in UTF-8 / UTF-16 / UTF-32 mode
2208    
2209  Returns:      pointer to the opcode for OP_RECURSE, or NULL if not found  Returns:      pointer to the opcode for OP_RECURSE, or NULL if not found
2210  */  */
2211    
2212  static const uschar *  static const pcre_uchar *
2213  find_recurse(const uschar *code, BOOL utf8)  find_recurse(const pcre_uchar *code, BOOL utf)
2214  {  {
2215  for (;;)  for (;;)
2216    {    {
2217    register int c = *code;    register pcre_uchar c = *code;
2218    if (c == OP_END) return NULL;    if (c == OP_END) return NULL;
2219    if (c == OP_RECURSE) return code;    if (c == OP_RECURSE) return code;
2220    
# Line 1436  for (;;) Line 2226  for (;;)
2226    
2227    /* Otherwise, we can get the item's length from the table, except that for    /* Otherwise, we can get the item's length from the table, except that for
2228    repeated character types, we have to test for \p and \P, which have an extra    repeated character types, we have to test for \p and \P, which have an extra
2229    two bytes of parameters. */    two bytes of parameters, and for MARK/PRUNE/SKIP/THEN with an argument, we
2230      must add in its length. */
2231    
2232    else    else
2233      {      {
# Line 1458  for (;;) Line 2249  for (;;)
2249        case OP_TYPEUPTO:        case OP_TYPEUPTO:
2250        case OP_TYPEMINUPTO:        case OP_TYPEMINUPTO:
2251        case OP_TYPEEXACT:        case OP_TYPEEXACT:
2252        if (code[3] == OP_PROP || code[3] == OP_NOTPROP) code += 2;        if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2253            code += 2;
2254          break;
2255    
2256          case OP_MARK:
2257          case OP_PRUNE_ARG:
2258          case OP_SKIP_ARG:
2259          case OP_THEN_ARG:
2260          code += code[1];
2261        break;        break;
2262        }        }
2263    
2264      /* Add in the fixed length from the table */      /* Add in the fixed length from the table */
2265    
2266      code += _pcre_OP_lengths[c];      code += PRIV(OP_lengths)[c];
2267    
2268      /* In UTF-8 mode, opcodes that are followed by a character may be followed      /* In UTF-8 mode, opcodes that are followed by a character may be followed
2269      by a multi-byte character. The length in the table is a minimum, so we have      by a multi-byte character. The length in the table is a minimum, so we have
2270      to arrange to skip the extra bytes. */      to arrange to skip the extra bytes. */
2271    
2272  #ifdef SUPPORT_UTF8  #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2273      if (utf8) switch(c)      if (utf) switch(c)
2274        {        {
2275        case OP_CHAR:        case OP_CHAR:
2276        case OP_CHARNC:        case OP_CHARI:
2277          case OP_NOT:
2278          case OP_NOTI:
2279        case OP_EXACT:        case OP_EXACT:
2280          case OP_EXACTI:
2281          case OP_NOTEXACT:
2282          case OP_NOTEXACTI:
2283        case OP_UPTO:        case OP_UPTO:
2284          case OP_UPTOI:
2285          case OP_NOTUPTO:
2286          case OP_NOTUPTOI:
2287        case OP_MINUPTO:        case OP_MINUPTO:
2288          case OP_MINUPTOI:
2289          case OP_NOTMINUPTO:
2290          case OP_NOTMINUPTOI:
2291        case OP_POSUPTO:        case OP_POSUPTO:
2292          case OP_POSUPTOI:
2293          case OP_NOTPOSUPTO:
2294          case OP_NOTPOSUPTOI:
2295        case OP_STAR:        case OP_STAR:
2296          case OP_STARI:
2297          case OP_NOTSTAR:
2298          case OP_NOTSTARI:
2299        case OP_MINSTAR:        case OP_MINSTAR:
2300          case OP_MINSTARI:
2301          case OP_NOTMINSTAR:
2302          case OP_NOTMINSTARI:
2303        case OP_POSSTAR:        case OP_POSSTAR:
2304          case OP_POSSTARI:
2305          case OP_NOTPOSSTAR:
2306          case OP_NOTPOSSTARI:
2307        case OP_PLUS:        case OP_PLUS:
2308          case OP_PLUSI:
2309          case OP_NOTPLUS:
2310          case OP_NOTPLUSI:
2311        case OP_MINPLUS:        case OP_MINPLUS:
2312          case OP_MINPLUSI:
2313          case OP_NOTMINPLUS:
2314          case OP_NOTMINPLUSI:
2315        case OP_POSPLUS:        case OP_POSPLUS:
2316          case OP_POSPLUSI:
2317          case OP_NOTPOSPLUS:
2318          case OP_NOTPOSPLUSI:
2319        case OP_QUERY:        case OP_QUERY:
2320          case OP_QUERYI:
2321          case OP_NOTQUERY:
2322          case OP_NOTQUERYI:
2323        case OP_MINQUERY:        case OP_MINQUERY:
2324          case OP_MINQUERYI:
2325          case OP_NOTMINQUERY:
2326          case OP_NOTMINQUERYI:
2327        case OP_POSQUERY:        case OP_POSQUERY:
2328        if (code[-1] >= 0xc0) code += _pcre_utf8_table4[code[-1] & 0x3f];        case OP_POSQUERYI:
2329          case OP_NOTPOSQUERY:
2330          case OP_NOTPOSQUERYI:
2331          if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);
2332        break;        break;
2333        }        }
2334    #else
2335        (void)(utf);  /* Keep compiler happy by referencing function argument */
2336  #endif  #endif
2337      }      }
2338    }    }
# Line 1506  for (;;) Line 2348  for (;;)
2348  can match the empty string or not. It is called from could_be_empty()  can match the empty string or not. It is called from could_be_empty()
2349  below and from compile_branch() when checking for an unlimited repeat of a  below and from compile_branch() when checking for an unlimited repeat of a
2350  group that can match nothing. Note that first_significant_code() skips over  group that can match nothing. Note that first_significant_code() skips over
2351  assertions. If we hit an unclosed bracket, we return "empty" - this means we've  backward and negative forward assertions when its final argument is TRUE. If we
2352  struck an inner bracket whose current branch will already have been scanned.  hit an unclosed bracket, we return "empty" - this means we've struck an inner
2353    bracket whose current branch will already have been scanned.
2354    
2355  Arguments:  Arguments:
2356    code        points to start of search    code        points to start of search
2357    endcode     points to where to stop    endcode     points to where to stop
2358    utf8        TRUE if in UTF8 mode    utf         TRUE if in UTF-8 / UTF-16 / UTF-32 mode
2359      cd          contains pointers to tables etc.
2360      recurses    chain of recurse_check to catch mutual recursion
2361    
2362  Returns:      TRUE if what is matched could be empty  Returns:      TRUE if what is matched could be empty
2363  */  */
2364    
2365    typedef struct recurse_check {
2366      struct recurse_check *prev;
2367      const pcre_uchar *group;
2368    } recurse_check;
2369    
2370  static BOOL  static BOOL
2371  could_be_empty_branch(const uschar *code, const uschar *endcode, BOOL utf8)  could_be_empty_branch(const pcre_uchar *code, const pcre_uchar *endcode,
2372      BOOL utf, compile_data *cd, recurse_check *recurses)
2373  {  {
2374  register int c;  register pcre_uchar c;
2375  for (code = first_significant_code(code + _pcre_OP_lengths[*code], NULL, 0, TRUE);  recurse_check this_recurse;
2376    
2377    for (code = first_significant_code(code + PRIV(OP_lengths)[*code], TRUE);
2378       code < endcode;       code < endcode;
2379       code = first_significant_code(code + _pcre_OP_lengths[c], NULL, 0, TRUE))       code = first_significant_code(code + PRIV(OP_lengths)[c], TRUE))
2380    {    {
2381    const uschar *ccode;    const pcre_uchar *ccode;
2382    
2383    c = *code;    c = *code;
2384    
2385    /* Groups with zero repeats can of course be empty; skip them. */    /* Skip over forward assertions; the other assertions are skipped by
2386      first_significant_code() with a TRUE final argument. */
2387    
2388    if (c == OP_BRAZERO || c == OP_BRAMINZERO)    if (c == OP_ASSERT)
2389      {      {
     code += _pcre_OP_lengths[c];  
2390      do code += GET(code, 1); while (*code == OP_ALT);      do code += GET(code, 1); while (*code == OP_ALT);
2391      c = *code;      c = *code;
2392      continue;      continue;
2393      }      }
2394    
2395    /* For other groups, scan the branches. */    /* For a recursion/subroutine call, if its end has been reached, which
2396      implies a backward reference subroutine call, we can scan it. If it's a
2397      forward reference subroutine call, we can't. To detect forward reference
2398      we have to scan up the list that is kept in the workspace. This function is
2399      called only when doing the real compile, not during the pre-compile that
2400      measures the size of the compiled pattern. */
2401    
2402    if (c == OP_BRA || c == OP_CBRA || c == OP_ONCE || c == OP_COND)    if (c == OP_RECURSE)
2403      {      {
2404        const pcre_uchar *scode = cd->start_code + GET(code, 1);
2405        const pcre_uchar *endgroup = scode;
2406      BOOL empty_branch;      BOOL empty_branch;
     if (GET(code, 1) == 0) return TRUE;    /* Hit unclosed bracket */  
2407    
2408      /* Scan a closed bracket */      /* Test for forward reference or uncompleted reference. This is disabled
2409        when called to scan a completed pattern by setting cd->start_workspace to
2410        NULL. */
2411    
2412        if (cd->start_workspace != NULL)
2413          {
2414          const pcre_uchar *tcode;
2415          for (tcode = cd->start_workspace; tcode < cd->hwm; tcode += LINK_SIZE)
2416            if ((int)GET(tcode, 0) == (int)(code + 1 - cd->start_code)) return TRUE;
2417          if (GET(scode, 1) == 0) return TRUE;    /* Unclosed */
2418          }
2419    
2420        /* If the reference is to a completed group, we need to detect whether this
2421        is a recursive call, as otherwise there will be an infinite loop. If it is
2422        a recursion, just skip over it. Simple recursions are easily detected. For
2423        mutual recursions we keep a chain on the stack. */
2424    
2425        do endgroup += GET(endgroup, 1); while (*endgroup == OP_ALT);
2426        if (code >= scode && code <= endgroup) continue;  /* Simple recursion */
2427        else
2428          {
2429          recurse_check *r = recurses;
2430          for (r = recurses; r != NULL; r = r->prev)
2431            if (r->group == scode) break;
2432          if (r != NULL) continue;   /* Mutual recursion */
2433          }
2434    
2435        /* Completed reference; scan the referenced group, remembering it on the
2436        stack chain to detect mutual recursions. */
2437    
2438      empty_branch = FALSE;      empty_branch = FALSE;
2439        this_recurse.prev = recurses;
2440        this_recurse.group = scode;
2441    
2442      do      do
2443        {        {
2444        if (!empty_branch && could_be_empty_branch(code, endcode, utf8))        if (could_be_empty_branch(scode, endcode, utf, cd, &this_recurse))
2445            {
2446          empty_branch = TRUE;          empty_branch = TRUE;
2447            break;
2448            }
2449          scode += GET(scode, 1);
2450          }
2451        while (*scode == OP_ALT);
2452    
2453        if (!empty_branch) return FALSE;  /* All branches are non-empty */
2454        continue;
2455        }
2456    
2457      /* Groups with zero repeats can of course be empty; skip them. */
2458    
2459      if (c == OP_BRAZERO || c == OP_BRAMINZERO || c == OP_SKIPZERO ||
2460          c == OP_BRAPOSZERO)
2461        {
2462        code += PRIV(OP_lengths)[c];
2463        do code += GET(code, 1); while (*code == OP_ALT);
2464        c = *code;
2465        continue;
2466        }
2467    
2468      /* A nested group that is already marked as "could be empty" can just be
2469      skipped. */
2470    
2471      if (c == OP_SBRA  || c == OP_SBRAPOS ||
2472          c == OP_SCBRA || c == OP_SCBRAPOS)
2473        {
2474        do code += GET(code, 1); while (*code == OP_ALT);
2475        c = *code;
2476        continue;
2477        }
2478    
2479      /* For other groups, scan the branches. */
2480    
2481      if (c == OP_BRA  || c == OP_BRAPOS ||
2482          c == OP_CBRA || c == OP_CBRAPOS ||
2483          c == OP_ONCE || c == OP_ONCE_NC ||
2484          c == OP_COND)
2485        {
2486        BOOL empty_branch;
2487        if (GET(code, 1) == 0) return TRUE;    /* Hit unclosed bracket */
2488    
2489        /* If a conditional group has only one branch, there is a second, implied,
2490        empty branch, so just skip over the conditional, because it could be empty.
2491        Otherwise, scan the individual branches of the group. */
2492    
2493        if (c == OP_COND && code[GET(code, 1)] != OP_ALT)
2494        code += GET(code, 1);        code += GET(code, 1);
2495        else
2496          {
2497          empty_branch = FALSE;
2498          do
2499            {
2500            if (!empty_branch && could_be_empty_branch(code, endcode, utf, cd,
2501              recurses)) empty_branch = TRUE;
2502            code += GET(code, 1);
2503            }
2504          while (*code == OP_ALT);
2505          if (!empty_branch) return FALSE;   /* All branches are non-empty */
2506        }        }
2507      while (*code == OP_ALT);  
     if (!empty_branch) return FALSE;   /* All branches are non-empty */  
2508      c = *code;      c = *code;
2509      continue;      continue;
2510      }      }
# Line 1567  for (code = first_significant_code(code Line 2515  for (code = first_significant_code(code
2515      {      {
2516      /* Check for quantifiers after a class. XCLASS is used for classes that      /* Check for quantifiers after a class. XCLASS is used for classes that
2517      cannot be represented just by a bit map. This includes negated single      cannot be represented just by a bit map. This includes negated single
2518      high-valued characters. The length in _pcre_OP_lengths[] is zero; the      high-valued characters. The length in PRIV(OP_lengths)[] is zero; the
2519      actual length is stored in the compiled code, so we must update "code"      actual length is stored in the compiled code, so we must update "code"
2520      here. */      here. */
2521    
2522  #ifdef SUPPORT_UTF8  #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
2523      case OP_XCLASS:      case OP_XCLASS:
2524      ccode = code += GET(code, 1);      ccode = code += GET(code, 1);
2525      goto CHECK_CLASS_REPEAT;      goto CHECK_CLASS_REPEAT;
# Line 1579  for (code = first_significant_code(code Line 2527  for (code = first_significant_code(code
2527    
2528      case OP_CLASS:      case OP_CLASS:
2529      case OP_NCLASS:      case OP_NCLASS:
2530      ccode = code + 33;      ccode = code + PRIV(OP_lengths)[OP_CLASS];
2531    
2532  #ifdef SUPPORT_UTF8  #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
2533      CHECK_CLASS_REPEAT:      CHECK_CLASS_REPEAT:
2534  #endif  #endif
2535    
# Line 1591  for (code = first_significant_code(code Line 2539  for (code = first_significant_code(code
2539        case OP_CRMINSTAR:        case OP_CRMINSTAR:
2540        case OP_CRQUERY:        case OP_CRQUERY:
2541        case OP_CRMINQUERY:        case OP_CRMINQUERY:
2542          case OP_CRPOSSTAR:
2543          case OP_CRPOSQUERY:
2544        break;        break;
2545    
2546        default:                   /* Non-repeat => class must match */        default:                   /* Non-repeat => class must match */
2547        case OP_CRPLUS:            /* These repeats aren't empty */        case OP_CRPLUS:            /* These repeats aren't empty */
2548        case OP_CRMINPLUS:        case OP_CRMINPLUS:
2549          case OP_CRPOSPLUS:
2550        return FALSE;        return FALSE;
2551    
2552        case OP_CRRANGE:        case OP_CRRANGE:
2553        case OP_CRMINRANGE:        case OP_CRMINRANGE:
2554          case OP_CRPOSRANGE:
2555        if (GET2(ccode, 1) > 0) return FALSE;  /* Minimum > 0 */        if (GET2(ccode, 1) > 0) return FALSE;  /* Minimum > 0 */
2556        break;        break;
2557        }        }
# Line 1607  for (code = first_significant_code(code Line 2559  for (code = first_significant_code(code
2559    
2560      /* Opcodes that must match a character */      /* Opcodes that must match a character */
2561    
2562        case OP_ANY:
2563        case OP_ALLANY:
2564        case OP_ANYBYTE:
2565    
2566      case OP_PROP:      case OP_PROP:
2567      case OP_NOTPROP:      case OP_NOTPROP:
2568        case OP_ANYNL:
2569    
2570        case OP_NOT_HSPACE:
2571        case OP_HSPACE:
2572        case OP_NOT_VSPACE:
2573        case OP_VSPACE:
2574      case OP_EXTUNI:      case OP_EXTUNI:
2575    
2576      case OP_NOT_DIGIT:      case OP_NOT_DIGIT:
2577      case OP_DIGIT:      case OP_DIGIT:
2578      case OP_NOT_WHITESPACE:      case OP_NOT_WHITESPACE:
2579      case OP_WHITESPACE:      case OP_WHITESPACE:
2580      case OP_NOT_WORDCHAR:      case OP_NOT_WORDCHAR:
2581      case OP_WORDCHAR:      case OP_WORDCHAR:
2582      case OP_ANY:  
     case OP_ANYBYTE:  
2583      case OP_CHAR:      case OP_CHAR:
2584      case OP_CHARNC:      case OP_CHARI:
2585      case OP_NOT:      case OP_NOT:
2586        case OP_NOTI:
2587    
2588      case OP_PLUS:      case OP_PLUS:
2589        case OP_PLUSI:
2590      case OP_MINPLUS:      case OP_MINPLUS:
2591      case OP_POSPLUS:      case OP_MINPLUSI:
2592      case OP_EXACT:  
2593      case OP_NOTPLUS:      case OP_NOTPLUS:
2594        case OP_NOTPLUSI:
2595      case OP_NOTMINPLUS:      case OP_NOTMINPLUS:
2596        case OP_NOTMINPLUSI:
2597    
2598        case OP_POSPLUS:
2599        case OP_POSPLUSI:
2600      case OP_NOTPOSPLUS:      case OP_NOTPOSPLUS:
2601        case OP_NOTPOSPLUSI:
2602    
2603        case OP_EXACT:
2604        case OP_EXACTI:
2605      case OP_NOTEXACT:      case OP_NOTEXACT:
2606        case OP_NOTEXACTI:
2607    
2608      case OP_TYPEPLUS:      case OP_TYPEPLUS:
2609      case OP_TYPEMINPLUS:      case OP_TYPEMINPLUS:
2610      case OP_TYPEPOSPLUS:      case OP_TYPEPOSPLUS:
2611      case OP_TYPEEXACT:      case OP_TYPEEXACT:
2612    
2613      return FALSE;      return FALSE;
2614    
2615      /* These are going to continue, as they may be empty, but we have to      /* These are going to continue, as they may be empty, but we have to
# Line 1652  for (code = first_significant_code(code Line 2629  for (code = first_significant_code(code
2629      case OP_TYPEUPTO:      case OP_TYPEUPTO:
2630      case OP_TYPEMINUPTO:      case OP_TYPEMINUPTO:
2631      case OP_TYPEPOSUPTO:      case OP_TYPEPOSUPTO:
2632      if (code[3] == OP_PROP || code[3] == OP_NOTPROP) code += 2;      if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2633          code += 2;
2634      break;      break;
2635    
2636      /* End of branch */      /* End of branch */
# Line 1660  for (code = first_significant_code(code Line 2638  for (code = first_significant_code(code
2638      case OP_KET:      case OP_KET:
2639      case OP_KETRMAX:      case OP_KETRMAX:
2640      case OP_KETRMIN:      case OP_KETRMIN:
2641        case OP_KETRPOS:
2642      case OP_ALT:      case OP_ALT:
2643      return TRUE;      return TRUE;
2644    
2645      /* In UTF-8 mode, STAR, MINSTAR, POSSTAR, QUERY, MINQUERY, POSQUERY, UPTO,      /* In UTF-8 mode, STAR, MINSTAR, POSSTAR, QUERY, MINQUERY, POSQUERY, UPTO,
2646      MINUPTO, and POSUPTO may be followed by a multibyte character */      MINUPTO, and POSUPTO and their caseless and negative versions may be
2647        followed by a multibyte character. */
2648    
2649  #ifdef SUPPORT_UTF8  #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2650      case OP_STAR:      case OP_STAR:
2651        case OP_STARI:
2652        case OP_NOTSTAR:
2653        case OP_NOTSTARI:
2654    
2655      case OP_MINSTAR:      case OP_MINSTAR:
2656        case OP_MINSTARI:
2657        case OP_NOTMINSTAR:
2658        case OP_NOTMINSTARI:
2659    
2660      case OP_POSSTAR:      case OP_POSSTAR:
2661        case OP_POSSTARI:
2662        case OP_NOTPOSSTAR:
2663        case OP_NOTPOSSTARI:
2664    
2665      case OP_QUERY:      case OP_QUERY:
2666        case OP_QUERYI:
2667        case OP_NOTQUERY:
2668        case OP_NOTQUERYI:
2669    
2670      case OP_MINQUERY:      case OP_MINQUERY:
2671        case OP_MINQUERYI:
2672        case OP_NOTMINQUERY:
2673        case OP_NOTMINQUERYI:
2674    
2675      case OP_POSQUERY:      case OP_POSQUERY:
2676        case OP_POSQUERYI:
2677        case OP_NOTPOSQUERY:
2678        case OP_NOTPOSQUERYI:
2679    
2680        if (utf && HAS_EXTRALEN(code[1])) code += GET_EXTRALEN(code[1]);
2681        break;
2682    
2683      case OP_UPTO:      case OP_UPTO:
2684        case OP_UPTOI:
2685        case OP_NOTUPTO:
2686        case OP_NOTUPTOI:
2687    
2688      case OP_MINUPTO:      case OP_MINUPTO:
2689        case OP_MINUPTOI:
2690        case OP_NOTMINUPTO:
2691        case OP_NOTMINUPTOI:
2692    
2693      case OP_POSUPTO:      case OP_POSUPTO:
2694      if (utf8) while ((code[2] & 0xc0) == 0x80) code++;      case OP_POSUPTOI:
2695        case OP_NOTPOSUPTO:
2696        case OP_NOTPOSUPTOI:
2697    
2698        if (utf && HAS_EXTRALEN(code[1 + IMM2_SIZE])) code += GET_EXTRALEN(code[1 + IMM2_SIZE]);
2699      break;      break;
2700  #endif  #endif
2701    
2702        /* MARK, and PRUNE/SKIP/THEN with an argument must skip over the argument
2703        string. */
2704    
2705        case OP_MARK:
2706        case OP_PRUNE_ARG:
2707        case OP_SKIP_ARG:
2708        case OP_THEN_ARG:
2709        code += code[1];
2710        break;
2711    
2712        /* None of the remaining opcodes are required to match a character. */
2713    
2714        default:
2715        break;
2716      }      }
2717    }    }
2718    
# Line 1695  return TRUE; Line 2729  return TRUE;
2729  the current branch of the current pattern to see if it could match the empty  the current branch of the current pattern to see if it could match the empty
2730  string. If it could, we must look outwards for branches at other levels,  string. If it could, we must look outwards for branches at other levels,
2731  stopping when we pass beyond the bracket which is the subject of the recursion.  stopping when we pass beyond the bracket which is the subject of the recursion.
2732    This function is called only during the real compile, not during the
2733    pre-compile.
2734    
2735  Arguments:  Arguments:
2736    code        points to start of the recursion    code        points to start of the recursion
2737    endcode     points to where to stop (current RECURSE item)    endcode     points to where to stop (current RECURSE item)
2738    bcptr       points to the chain of current (unclosed) branch starts    bcptr       points to the chain of current (unclosed) branch starts
2739    utf8        TRUE if in UTF-8 mode    utf         TRUE if in UTF-8 / UTF-16 / UTF-32 mode
2740      cd          pointers to tables etc
2741    
2742  Returns:      TRUE if what is matched could be empty  Returns:      TRUE if what is matched could be empty
2743  */  */
2744    
2745  static BOOL  static BOOL
2746  could_be_empty(const uschar *code, const uschar *endcode, branch_chain *bcptr,  could_be_empty(const pcre_uchar *code, const pcre_uchar *endcode,
2747    BOOL utf8)    branch_chain *bcptr, BOOL utf, compile_data *cd)
2748  {  {
2749  while (bcptr != NULL && bcptr->current >= code)  while (bcptr != NULL && bcptr->current_branch >= code)
2750    {    {
2751    if (!could_be_empty_branch(bcptr->current, endcode, utf8)) return FALSE;    if (!could_be_empty_branch(bcptr->current_branch, endcode, utf, cd, NULL))
2752        return FALSE;
2753    bcptr = bcptr->outer;    bcptr = bcptr->outer;
2754    }    }
2755  return TRUE;  return TRUE;
# Line 1720  return TRUE; Line 2758  return TRUE;
2758    
2759    
2760  /*************************************************  /*************************************************
2761  *           Check for POSIX class syntax         *  *        Base opcode of repeated opcodes         *
2762  *************************************************/  *************************************************/
2763    
2764  /* This function is called when the sequence "[:" or "[." or "[=" is  /* Returns the base opcode for repeated single character type opcodes. If the
2765  encountered in a character class. It checks whether this is followed by an  opcode is not a repeated character type, it returns with the original value.
 optional ^ and then a sequence of letters, terminated by a matching ":]" or  
 ".]" or "=]".  
   
 Argument:  
   ptr      pointer to the initial [  
   endptr   where to return the end pointer  
   cd       pointer to compile data  
2766    
2767  Returns:   TRUE or FALSE  Arguments:  c opcode
2768    Returns:    base opcode for the type
2769  */  */
2770    
2771  static BOOL  static pcre_uchar
2772  check_posix_syntax(const uschar *ptr, const uschar **endptr, compile_data *cd)  get_repeat_base(pcre_uchar c)
2773  {  {
2774  int terminator;          /* Don't combine these lines; the Solaris cc */  return (c > OP_TYPEPOSUPTO)? c :
2775  terminator = *(++ptr);   /* compiler warns about "non-constant" initializer. */         (c >= OP_TYPESTAR)?   OP_TYPESTAR :
2776  if (*(++ptr) == '^') ptr++;         (c >= OP_NOTSTARI)?   OP_NOTSTARI :
2777  while ((cd->ctypes[*ptr] & ctype_letter) != 0) ptr++;         (c >= OP_NOTSTAR)?    OP_NOTSTAR :
2778  if (*ptr == terminator && ptr[1] == ']')         (c >= OP_STARI)?      OP_STARI :
2779    {                               OP_STAR;
   *endptr = ptr;  
   return TRUE;  
   }  
 return FALSE;  
2780  }  }
2781    
2782    
2783    
2784    #ifdef SUPPORT_UCP
2785  /*************************************************  /*************************************************
2786  *          Check POSIX class name                *  *        Check a character and a property        *
2787    *************************************************/
2788    
2789    /* This function is called by check_auto_possessive() when a property item
2790    is adjacent to a fixed character.
2791    
2792    Arguments:
2793      c            the character
2794      ptype        the property type
2795      pdata        the data for the type
2796      negated      TRUE if it's a negated property (\P or \p{^)
2797    
2798    Returns:       TRUE if auto-possessifying is OK
2799    */
2800    
2801    static BOOL
2802    check_char_prop(pcre_uint32 c, unsigned int ptype, unsigned int pdata,
2803      BOOL negated)
2804    {
2805    const pcre_uint32 *p;
2806    const ucd_record *prop = GET_UCD(c);
2807    
2808    switch(ptype)
2809      {
2810      case PT_LAMP:
2811      return (prop->chartype == ucp_Lu ||
2812              prop->chartype == ucp_Ll ||
2813              prop->chartype == ucp_Lt) == negated;
2814    
2815      case PT_GC:
2816      return (pdata == PRIV(ucp_gentype)[prop->chartype]) == negated;
2817    
2818      case PT_PC:
2819      return (pdata == prop->chartype) == negated;
2820    
2821      case PT_SC:
2822      return (pdata == prop->script) == negated;
2823    
2824      /* These are specials */
2825    
2826      case PT_ALNUM:
2827      return (PRIV(ucp_gentype)[prop->chartype] == ucp_L ||
2828              PRIV(ucp_gentype)[prop->chartype] == ucp_N) == negated;
2829    
2830      /* Perl space used to exclude VT, but from Perl 5.18 it is included, which
2831      means that Perl space and POSIX space are now identical. PCRE was changed
2832      at release 8.34. */
2833    
2834      case PT_SPACE:    /* Perl space */
2835      case PT_PXSPACE:  /* POSIX space */
2836      switch(c)
2837        {
2838        HSPACE_CASES:
2839        VSPACE_CASES:
2840        return negated;
2841    
2842        default:
2843        return (PRIV(ucp_gentype)[prop->chartype] == ucp_Z) == negated;
2844        }
2845      break;  /* Control never reaches here */
2846    
2847      case PT_WORD:
2848      return (PRIV(ucp_gentype)[prop->chartype] == ucp_L ||
2849              PRIV(ucp_gentype)[prop->chartype] == ucp_N ||
2850              c == CHAR_UNDERSCORE) == negated;
2851    
2852      case PT_CLIST:
2853      p = PRIV(ucd_caseless_sets) + prop->caseset;
2854      for (;;)
2855        {
2856        if (c < *p) return !negated;
2857        if (c == *p++) return negated;
2858        }
2859      break;  /* Control never reaches here */
2860      }
2861    
2862    return FALSE;
2863    }
2864    #endif  /* SUPPORT_UCP */
2865    
2866    
2867    
2868    /*************************************************
2869    *        Fill the character property list        *
2870    *************************************************/
2871    
2872    /* Checks whether the code points to an opcode that can take part in auto-
2873    possessification, and if so, fills a list with its properties.
2874    
2875    Arguments:
2876      code        points to start of expression
2877      utf         TRUE if in UTF-8 / UTF-16 / UTF-32 mode
2878      fcc         points to case-flipping table
2879      list        points to output list
2880                  list[0] will be filled with the opcode
2881                  list[1] will be non-zero if this opcode
2882                    can match an empty character string
2883                  list[2..7] depends on the opcode
2884    
2885    Returns:      points to the start of the next opcode if *code is accepted
2886                  NULL if *code is not accepted
2887    */
2888    
2889    static const pcre_uchar *
2890    get_chr_property_list(const pcre_uchar *code, BOOL utf,
2891      const pcre_uint8 *fcc, pcre_uint32 *list)
2892    {
2893    pcre_uchar c = *code;
2894    pcre_uchar base;
2895    const pcre_uchar *end;
2896    pcre_uint32 chr;
2897    
2898    #ifdef SUPPORT_UCP
2899    pcre_uint32 *clist_dest;
2900    const pcre_uint32 *clist_src;
2901    #else
2902    utf = utf;  /* Suppress "unused parameter" compiler warning */
2903    #endif
2904    
2905    list[0] = c;
2906    list[1] = FALSE;
2907    code++;
2908    
2909    if (c >= OP_STAR && c <= OP_TYPEPOSUPTO)
2910      {
2911      base = get_repeat_base(c);
2912      c -= (base - OP_STAR);
2913    
2914      if (c == OP_UPTO || c == OP_MINUPTO || c == OP_EXACT || c == OP_POSUPTO)
2915        code += IMM2_SIZE;
2916    
2917      list[1] = (c != OP_PLUS && c != OP_MINPLUS && c != OP_EXACT && c != OP_POSPLUS);
2918    
2919      switch(base)
2920        {
2921        case OP_STAR:
2922        list[0] = OP_CHAR;
2923        break;
2924    
2925        case OP_STARI:
2926        list[0] = OP_CHARI;
2927        break;
2928    
2929        case OP_NOTSTAR:
2930        list[0] = OP_NOT;
2931        break;
2932    
2933        case OP_NOTSTARI:
2934        list[0] = OP_NOTI;
2935        break;
2936    
2937        case OP_TYPESTAR:
2938        list[0] = *code;
2939        code++;
2940        break;
2941        }
2942      c = list[0];
2943      }
2944    
2945    switch(c)
2946      {
2947      case OP_NOT_DIGIT:
2948      case OP_DIGIT:
2949      case OP_NOT_WHITESPACE:
2950      case OP_WHITESPACE:
2951      case OP_NOT_WORDCHAR:
2952      case OP_WORDCHAR:
2953      case OP_ANY:
2954      case OP_ALLANY:
2955      case OP_ANYNL:
2956      case OP_NOT_HSPACE:
2957      case OP_HSPACE:
2958      case OP_NOT_VSPACE:
2959      case OP_VSPACE:
2960      case OP_EXTUNI:
2961      case OP_EODN:
2962      case OP_EOD:
2963      case OP_DOLL:
2964      case OP_DOLLM:
2965      return code;
2966    
2967      case OP_CHAR:
2968      case OP_NOT:
2969      GETCHARINCTEST(chr, code);
2970      list[2] = chr;
2971      list[3] = NOTACHAR;
2972      return code;
2973    
2974      case OP_CHARI:
2975      case OP_NOTI:
2976      list[0] = (c == OP_CHARI) ? OP_CHAR : OP_NOT;
2977      GETCHARINCTEST(chr, code);
2978      list[2] = chr;
2979    
2980    #ifdef SUPPORT_UCP
2981      if (chr < 128 || (chr < 256 && !utf))
2982        list[3] = fcc[chr];
2983      else
2984        list[3] = UCD_OTHERCASE(chr);
2985    #elif defined SUPPORT_UTF || !defined COMPILE_PCRE8
2986      list[3] = (chr < 256) ? fcc[chr] : chr;
2987    #else
2988      list[3] = fcc[chr];
2989    #endif
2990    
2991      /* The othercase might be the same value. */
2992    
2993      if (chr == list[3])
2994        list[3] = NOTACHAR;
2995      else
2996        list[4] = NOTACHAR;
2997      return code;
2998    
2999    #ifdef SUPPORT_UCP
3000      case OP_PROP:
3001      case OP_NOTPROP:
3002      if (code[0] != PT_CLIST)
3003        {
3004        list[2] = code[0];
3005        list[3] = code[1];
3006        return code + 2;
3007        }
3008    
3009      /* Convert only if we have enough space. */
3010    
3011      clist_src = PRIV(ucd_caseless_sets) + code[1];
3012      clist_dest = list + 2;
3013      code += 2;
3014    
3015      do {
3016         if (clist_dest >= list + 8)
3017           {
3018           /* Early return if there is not enough space. This should never
3019           happen, since all clists are shorter than 5 character now. */
3020           list[2] = code[0];
3021           list[3] = code[1];
3022           return code;
3023           }
3024         *clist_dest++ = *clist_src;
3025         }
3026      while(*clist_src++ != NOTACHAR);
3027    
3028      /* All characters are stored. The terminating NOTACHAR
3029      is copied form the clist itself. */
3030    
3031      list[0] = (c == OP_PROP) ? OP_CHAR : OP_NOT;
3032      return code;
3033    #endif
3034    
3035      case OP_NCLASS:
3036      case OP_CLASS:
3037    #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3038      case OP_XCLASS:
3039      if (c == OP_XCLASS)
3040        end = code + GET(code, 0) - 1;
3041      else
3042    #endif
3043        end = code + 32 / sizeof(pcre_uchar);
3044    
3045      switch(*end)
3046        {
3047        case OP_CRSTAR:
3048        case OP_CRMINSTAR:
3049        case OP_CRQUERY:
3050        case OP_CRMINQUERY:
3051        case OP_CRPOSSTAR:
3052        case OP_CRPOSQUERY:
3053        list[1] = TRUE;
3054        end++;
3055        break;
3056    
3057        case OP_CRPLUS:
3058        case OP_CRMINPLUS:
3059        case OP_CRPOSPLUS:
3060        end++;
3061        break;
3062    
3063        case OP_CRRANGE:
3064        case OP_CRMINRANGE:
3065        case OP_CRPOSRANGE:
3066        list[1] = (GET2(end, 1) == 0);
3067        end += 1 + 2 * IMM2_SIZE;
3068        break;
3069        }
3070      list[2] = (pcre_uint32)(end - code);
3071      return end;
3072      }
3073    return NULL;    /* Opcode not accepted */
3074    }
3075    
3076    
3077    
3078    /*************************************************
3079    *    Scan further character sets for match       *
3080    *************************************************/
3081    
3082    /* Checks whether the base and the current opcode have a common character, in
3083    which case the base cannot be possessified.
3084    
3085    Arguments:
3086      code        points to the byte code
3087      utf         TRUE in UTF-8 / UTF-16 / UTF-32 mode
3088      cd          static compile data
3089      base_list   the data list of the base opcode
3090    
3091    Returns:      TRUE if the auto-possessification is possible
3092    */
3093    
3094    static BOOL
3095    compare_opcodes(const pcre_uchar *code, BOOL utf, const compile_data *cd,
3096      const pcre_uint32 *base_list, const pcre_uchar *base_end, int *rec_limit)
3097    {
3098    pcre_uchar c;
3099    pcre_uint32 list[8];
3100    const pcre_uint32 *chr_ptr;
3101    const pcre_uint32 *ochr_ptr;
3102    const pcre_uint32 *list_ptr;
3103    const pcre_uchar *next_code;
3104    #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3105    const pcre_uchar *xclass_flags;
3106    #endif
3107    const pcre_uint8 *class_bitset;
3108    const pcre_uint8 *set1, *set2, *set_end;
3109    pcre_uint32 chr;
3110    BOOL accepted, invert_bits;
3111    BOOL entered_a_group = FALSE;
3112    
3113    if (*rec_limit == 0) return FALSE;
3114    --(*rec_limit);
3115    
3116    /* Note: the base_list[1] contains whether the current opcode has greedy
3117    (represented by a non-zero value) quantifier. This is a different from
3118    other character type lists, which stores here that the character iterator
3119    matches to an empty string (also represented by a non-zero value). */
3120    
3121    for(;;)
3122      {
3123      /* All operations move the code pointer forward.
3124      Therefore infinite recursions are not possible. */
3125    
3126      c = *code;
3127    
3128      /* Skip over callouts */
3129    
3130      if (c == OP_CALLOUT)
3131        {
3132        code += PRIV(OP_lengths)[c];
3133        continue;
3134        }
3135    
3136      if (c == OP_ALT)
3137        {
3138        do code += GET(code, 1); while (*code == OP_ALT);
3139        c = *code;
3140        }
3141    
3142      switch(c)
3143        {
3144        case OP_END:
3145        case OP_KETRPOS:
3146        /* TRUE only in greedy case. The non-greedy case could be replaced by
3147        an OP_EXACT, but it is probably not worth it. (And note that OP_EXACT
3148        uses more memory, which we cannot get at this stage.) */
3149    
3150        return base_list[1] != 0;
3151    
3152        case OP_KET:
3153        /* If the bracket is capturing, and referenced by an OP_RECURSE, or
3154        it is an atomic sub-pattern (assert, once, etc.) the non-greedy case
3155        cannot be converted to a possessive form. */
3156    
3157        if (base_list[1] == 0) return FALSE;
3158    
3159        switch(*(code - GET(code, 1)))
3160          {
3161          case OP_ASSERT:
3162          case OP_ASSERT_NOT:
3163          case OP_ASSERTBACK:
3164          case OP_ASSERTBACK_NOT:
3165          case OP_ONCE:
3166          case OP_ONCE_NC:
3167          /* Atomic sub-patterns and assertions can always auto-possessify their
3168          last iterator. However, if the group was entered as a result of checking
3169          a previous iterator, this is not possible. */
3170    
3171          return !entered_a_group;
3172          }
3173    
3174        code += PRIV(OP_lengths)[c];
3175        continue;
3176    
3177        case OP_ONCE:
3178        case OP_ONCE_NC:
3179        case OP_BRA:
3180        case OP_CBRA:
3181        next_code = code + GET(code, 1);
3182        code += PRIV(OP_lengths)[c];
3183    
3184        while (*next_code == OP_ALT)
3185          {
3186          if (!compare_opcodes(code, utf, cd, base_list, base_end, rec_limit))
3187            return FALSE;
3188          code = next_code + 1 + LINK_SIZE;
3189          next_code += GET(next_code, 1);
3190          }
3191    
3192        entered_a_group = TRUE;
3193        continue;
3194    
3195        case OP_BRAZERO:
3196        case OP_BRAMINZERO:
3197    
3198        next_code = code + 1;
3199        if (*next_code != OP_BRA && *next_code != OP_CBRA
3200            && *next_code != OP_ONCE && *next_code != OP_ONCE_NC) return FALSE;
3201    
3202        do next_code += GET(next_code, 1); while (*next_code == OP_ALT);
3203    
3204        /* The bracket content will be checked by the
3205        OP_BRA/OP_CBRA case above. */
3206        next_code += 1 + LINK_SIZE;
3207        if (!compare_opcodes(next_code, utf, cd, base_list, base_end, rec_limit))
3208          return FALSE;
3209    
3210        code += PRIV(OP_lengths)[c];
3211        continue;
3212    
3213        default:
3214        break;
3215        }
3216    
3217      /* Check for a supported opcode, and load its properties. */
3218    
3219      code = get_chr_property_list(code, utf, cd->fcc, list);
3220      if (code == NULL) return FALSE;    /* Unsupported */
3221    
3222      /* If either opcode is a small character list, set pointers for comparing
3223      characters from that list with another list, or with a property. */
3224    
3225      if (base_list[0] == OP_CHAR)
3226        {
3227        chr_ptr = base_list + 2;
3228        list_ptr = list;
3229        }
3230      else if (list[0] == OP_CHAR)
3231        {
3232        chr_ptr = list + 2;
3233        list_ptr = base_list;
3234        }
3235    
3236      /* Character bitsets can also be compared to certain opcodes. */
3237    
3238      else if (base_list[0] == OP_CLASS || list[0] == OP_CLASS
3239    #ifdef COMPILE_PCRE8
3240          /* In 8 bit, non-UTF mode, OP_CLASS and OP_NCLASS are the same. */
3241          || (!utf && (base_list[0] == OP_NCLASS || list[0] == OP_NCLASS))
3242    #endif
3243          )
3244        {
3245    #ifdef COMPILE_PCRE8
3246        if (base_list[0] == OP_CLASS || (!utf && base_list[0] == OP_NCLASS))
3247    #else
3248        if (base_list[0] == OP_CLASS)
3249    #endif
3250          {
3251          set1 = (pcre_uint8 *)(base_end - base_list[2]);
3252          list_ptr = list;
3253          }
3254        else
3255          {
3256          set1 = (pcre_uint8 *)(code - list[2]);
3257          list_ptr = base_list;
3258          }
3259    
3260        invert_bits = FALSE;
3261        switch(list_ptr[0])
3262          {
3263          case OP_CLASS:
3264          case OP_NCLASS:
3265          set2 = (pcre_uint8 *)
3266            ((list_ptr == list ? code : base_end) - list_ptr[2]);
3267          break;
3268    
3269    #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3270          case OP_XCLASS:
3271          xclass_flags = (list_ptr == list ? code : base_end) - list_ptr[2] + LINK_SIZE;
3272          if ((*xclass_flags & XCL_HASPROP) != 0) return FALSE;
3273          if ((*xclass_flags & XCL_MAP) == 0)
3274            {
3275            /* No bits are set for characters < 256. */
3276            if (list[1] == 0) return TRUE;
3277            /* Might be an empty repeat. */
3278            continue;
3279            }
3280          set2 = (pcre_uint8 *)(xclass_flags + 1);
3281          break;
3282    #endif
3283    
3284          case OP_NOT_DIGIT:
3285          invert_bits = TRUE;
3286          /* Fall through */
3287          case OP_DIGIT:
3288          set2 = (pcre_uint8 *)(cd->cbits + cbit_digit);
3289          break;
3290    
3291          case OP_NOT_WHITESPACE:
3292          invert_bits = TRUE;
3293          /* Fall through */
3294          case OP_WHITESPACE:
3295          set2 = (pcre_uint8 *)(cd->cbits + cbit_space);
3296          break;
3297    
3298          case OP_NOT_WORDCHAR:
3299          invert_bits = TRUE;
3300          /* Fall through */
3301          case OP_WORDCHAR:
3302          set2 = (pcre_uint8 *)(cd->cbits + cbit_word);
3303          break;
3304    
3305          default:
3306          return FALSE;
3307          }
3308    
3309        /* Because the sets are unaligned, we need
3310        to perform byte comparison here. */
3311        set_end = set1 + 32;
3312        if (invert_bits)
3313          {
3314          do
3315            {
3316            if ((*set1++ & ~(*set2++)) != 0) return FALSE;
3317            }
3318          while (set1 < set_end);
3319          }
3320        else
3321          {
3322          do
3323            {
3324            if ((*set1++ & *set2++) != 0) return FALSE;
3325            }
3326          while (set1 < set_end);
3327          }
3328    
3329        if (list[1] == 0) return TRUE;
3330        /* Might be an empty repeat. */
3331        continue;
3332        }
3333    
3334      /* Some property combinations also acceptable. Unicode property opcodes are
3335      processed specially; the rest can be handled with a lookup table. */
3336    
3337      else
3338        {
3339        pcre_uint32 leftop, rightop;
3340    
3341        leftop = base_list[0];
3342        rightop = list[0];
3343    
3344    #ifdef SUPPORT_UCP
3345        accepted = FALSE; /* Always set in non-unicode case. */
3346        if (leftop == OP_PROP || leftop == OP_NOTPROP)
3347          {
3348          if (rightop == OP_EOD)
3349            accepted = TRUE;
3350          else if (rightop == OP_PROP || rightop == OP_NOTPROP)
3351            {
3352            int n;
3353            const pcre_uint8 *p;
3354            BOOL same = leftop == rightop;
3355            BOOL lisprop = leftop == OP_PROP;
3356            BOOL risprop = rightop == OP_PROP;
3357            BOOL bothprop = lisprop && risprop;
3358    
3359            /* There's a table that specifies how each combination is to be
3360            processed:
3361              0   Always return FALSE (never auto-possessify)
3362              1   Character groups are distinct (possessify if both are OP_PROP)
3363              2   Check character categories in the same group (general or particular)
3364              3   Return TRUE if the two opcodes are not the same
3365              ... see comments below
3366            */
3367    
3368            n = propposstab[base_list[2]][list[2]];
3369            switch(n)
3370              {
3371              case 0: break;
3372              case 1: accepted = bothprop; break;
3373              case 2: accepted = (base_list[3] == list[3]) != same; break;
3374              case 3: accepted = !same; break;
3375    
3376              case 4:  /* Left general category, right particular category */
3377              accepted = risprop && catposstab[base_list[3]][list[3]] == same;
3378              break;
3379    
3380              case 5:  /* Right general category, left particular category */
3381              accepted = lisprop && catposstab[list[3]][base_list[3]] == same;
3382              break;
3383    
3384              /* This code is logically tricky. Think hard before fiddling with it.
3385              The posspropstab table has four entries per row. Each row relates to
3386              one of PCRE's special properties such as ALNUM or SPACE or WORD.
3387              Only WORD actually needs all four entries, but using repeats for the
3388              others means they can all use the same code below.
3389    
3390              The first two entries in each row are Unicode general categories, and
3391              apply always, because all the characters they include are part of the
3392              PCRE character set. The third and fourth entries are a general and a
3393              particular category, respectively, that include one or more relevant
3394              characters. One or the other is used, depending on whether the check
3395              is for a general or a particular category. However, in both cases the
3396              category contains more characters than the specials that are defined
3397              for the property being tested against. Therefore, it cannot be used
3398              in a NOTPROP case.
3399    
3400              Example: the row for WORD contains ucp_L, ucp_N, ucp_P, ucp_Po.
3401              Underscore is covered by ucp_P or ucp_Po. */
3402    
3403              case 6:  /* Left alphanum vs right general category */
3404              case 7:  /* Left space vs right general category */
3405              case 8:  /* Left word vs right general category */
3406              p = posspropstab[n-6];
3407              accepted = risprop && lisprop ==
3408                (list[3] != p[0] &&
3409                 list[3] != p[1] &&
3410                (list[3] != p[2] || !lisprop));
3411              break;
3412    
3413              case 9:   /* Right alphanum vs left general category */
3414              case 10:  /* Right space vs left general category */
3415              case 11:  /* Right word vs left general category */
3416              p = posspropstab[n-9];
3417              accepted = lisprop && risprop ==