/[pcre]/code/trunk/pcre_compile.c
ViewVC logotype

Diff of /code/trunk/pcre_compile.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 488 by ph10, Mon Jan 11 15:29:42 2010 UTC revision 1538 by ph10, Sun Mar 29 11:22:24 2015 UTC
# Line 6  Line 6 
6  and semantics are as close as possible to those of the Perl 5 language.  and semantics are as close as possible to those of the Perl 5 language.
7    
8                         Written by Philip Hazel                         Written by Philip Hazel
9             Copyright (c) 1997-2010 University of Cambridge             Copyright (c) 1997-2014 University of Cambridge
10    
11  -----------------------------------------------------------------------------  -----------------------------------------------------------------------------
12  Redistribution and use in source and binary forms, with or without  Redistribution and use in source and binary forms, with or without
# Line 47  supporting internal functions that are n Line 47  supporting internal functions that are n
47  #endif  #endif
48    
49  #define NLBLOCK cd             /* Block containing newline information */  #define NLBLOCK cd             /* Block containing newline information */
50  #define PSSTART start_pattern  /* Field containing processed string start */  #define PSSTART start_pattern  /* Field containing pattern start */
51  #define PSEND   end_pattern    /* Field containing processed string end */  #define PSEND   end_pattern    /* Field containing pattern end */
52    
53  #include "pcre_internal.h"  #include "pcre_internal.h"
54    
55    
56  /* When PCRE_DEBUG is defined, we need the pcre_printint() function, which is  /* When PCRE_DEBUG is defined, we need the pcre(16|32)_printint() function, which
57  also used by pcretest. PCRE_DEBUG is not defined when building a production  is also used by pcretest. PCRE_DEBUG is not defined when building a production
58  library. */  library. We do not need to select pcre16_printint.c specially, because the
59    COMPILE_PCREx macro will already be appropriately set. */
60    
61  #ifdef PCRE_DEBUG  #ifdef PCRE_DEBUG
62  #include "pcre_printint.src"  /* pcre_printint.c should not include any headers */
63    #define PCRE_INCLUDED
64    #include "pcre_printint.c"
65    #undef PCRE_INCLUDED
66  #endif  #endif
67    
68    
69  /* Macro for setting individual bits in class bitmaps. */  /* Macro for setting individual bits in class bitmaps. */
70    
71  #define SETBIT(a,b) a[b/8] |= (1 << (b%8))  #define SETBIT(a,b) a[(b)/8] |= (1 << ((b)&7))
72    
73  /* Maximum length value to check against when making sure that the integer that  /* Maximum length value to check against when making sure that the integer that
74  holds the compiled pattern length does not overflow. We make it a bit less than  holds the compiled pattern length does not overflow. We make it a bit less than
# Line 73  to check them every time. */ Line 77  to check them every time. */
77    
78  #define OFLOW_MAX (INT_MAX - 20)  #define OFLOW_MAX (INT_MAX - 20)
79    
80    /* Definitions to allow mutual recursion */
81    
82    static int
83      add_list_to_class(pcre_uint8 *, pcre_uchar **, int, compile_data *,
84        const pcre_uint32 *, unsigned int);
85    
86    static BOOL
87      compile_regex(int, pcre_uchar **, const pcre_uchar **, int *, BOOL, BOOL, int, int,
88        pcre_uint32 *, pcre_int32 *, pcre_uint32 *, pcre_int32 *, branch_chain *,
89        compile_data *, int *);
90    
91    
92    
93  /*************************************************  /*************************************************
94  *      Code parameters and static tables         *  *      Code parameters and static tables         *
# Line 88  so this number is very generous. Line 104  so this number is very generous.
104  The same workspace is used during the second, actual compile phase for  The same workspace is used during the second, actual compile phase for
105  remembering forward references to groups so that they can be filled in at the  remembering forward references to groups so that they can be filled in at the
106  end. Each entry in this list occupies LINK_SIZE bytes, so even when LINK_SIZE  end. Each entry in this list occupies LINK_SIZE bytes, so even when LINK_SIZE
107  is 4 there is plenty of room. */  is 4 there is plenty of room for most patterns. However, the memory can get
108    filled up by repetitions of forward references, for example patterns like
109    /(?1){0,1999}(b)/, and one user did hit the limit. The code has been changed so
110    that the workspace is expanded using malloc() in this situation. The value
111    below is therefore a minimum, and we put a maximum on it for safety. The
112    minimum is now also defined in terms of LINK_SIZE so that the use of malloc()
113    kicks in at the same number of forward references in all cases. */
114    
115    #define COMPILE_WORK_SIZE (2048*LINK_SIZE)
116    #define COMPILE_WORK_SIZE_MAX (100*COMPILE_WORK_SIZE)
117    
118    /* This value determines the size of the initial vector that is used for
119    remembering named groups during the pre-compile. It is allocated on the stack,
120    but if it is too small, it is expanded using malloc(), in a similar way to the
121    workspace. The value is the number of slots in the list. */
122    
123  #define COMPILE_WORK_SIZE (4096)  #define NAMED_GROUP_LIST_SIZE  20
124    
125    /* The overrun tests check for a slightly smaller size so that they detect the
126    overrun before it actually does run off the end of the data block. */
127    
128    #define WORK_SIZE_SAFETY_MARGIN (100)
129    
130    /* Private flags added to firstchar and reqchar. */
131    
132    #define REQ_CASELESS    (1 << 0)        /* Indicates caselessness */
133    #define REQ_VARY        (1 << 1)        /* Reqchar followed non-literal item */
134    /* Negative values for the firstchar and reqchar flags */
135    #define REQ_UNSET       (-2)
136    #define REQ_NONE        (-1)
137    
138    /* Repeated character flags. */
139    
140    #define UTF_LENGTH     0x10000000l      /* The char contains its length. */
141    
142  /* Table for handling escaped characters in the range '0'-'z'. Positive returns  /* Table for handling escaped characters in the range '0'-'z'. Positive returns
143  are simple data values; negative values are for special things like \d and so  are simple data values; negative values are for special things like \d and so
# Line 119  static const short int escapes[] = { Line 165  static const short int escapes[] = {
165       -ESC_H,                  0,       -ESC_H,                  0,
166       0,                       -ESC_K,       0,                       -ESC_K,
167       0,                       0,       0,                       0,
168       0,                       0,       -ESC_N,                  0,
169       -ESC_P,                  -ESC_Q,       -ESC_P,                  -ESC_Q,
170       -ESC_R,                  -ESC_S,       -ESC_R,                  -ESC_S,
171       0,                       0,       0,                       0,
# Line 166  static const short int escapes[] = { Line 212  static const short int escapes[] = {
212  /*  B8 */     0,     0,      0,       0,      0,   ']',    '=',    '-',  /*  B8 */     0,     0,      0,       0,      0,   ']',    '=',    '-',
213  /*  C0 */   '{',-ESC_A, -ESC_B,  -ESC_C, -ESC_D,-ESC_E,      0, -ESC_G,  /*  C0 */   '{',-ESC_A, -ESC_B,  -ESC_C, -ESC_D,-ESC_E,      0, -ESC_G,
214  /*  C8 */-ESC_H,     0,      0,       0,      0,     0,      0,      0,  /*  C8 */-ESC_H,     0,      0,       0,      0,     0,      0,      0,
215  /*  D0 */   '}',     0, -ESC_K,       0,      0,     0,      0, -ESC_P,  /*  D0 */   '}',     0, -ESC_K,       0,      0,-ESC_N,      0, -ESC_P,
216  /*  D8 */-ESC_Q,-ESC_R,      0,       0,      0,     0,      0,      0,  /*  D8 */-ESC_Q,-ESC_R,      0,       0,      0,     0,      0,      0,
217  /*  E0 */  '\\',     0, -ESC_S,       0,      0,-ESC_V, -ESC_W, -ESC_X,  /*  E0 */  '\\',     0, -ESC_S,       0,      0,-ESC_V, -ESC_W, -ESC_X,
218  /*  E8 */     0,-ESC_Z,      0,       0,      0,     0,      0,      0,  /*  E8 */     0,-ESC_Z,      0,       0,      0,     0,      0,      0,
# Line 183  string is built from string macros so th Line 229  string is built from string macros so th
229  platforms. */  platforms. */
230    
231  typedef struct verbitem {  typedef struct verbitem {
232    int   len;    int   len;                 /* Length of verb name */
233    int   op;    int   op;                  /* Op when no arg, or -1 if arg mandatory */
234      int   op_arg;              /* Op when arg present, or -1 if not allowed */
235  } verbitem;  } verbitem;
236    
237  static const char verbnames[] =  static const char verbnames[] =
238      "\0"                       /* Empty name is a shorthand for MARK */
239      STRING_MARK0
240    STRING_ACCEPT0    STRING_ACCEPT0
241    STRING_COMMIT0    STRING_COMMIT0
242    STRING_F0    STRING_F0
# Line 197  static const char verbnames[] = Line 246  static const char verbnames[] =
246    STRING_THEN;    STRING_THEN;
247    
248  static const verbitem verbs[] = {  static const verbitem verbs[] = {
249    { 6, OP_ACCEPT },    { 0, -1,        OP_MARK },
250    { 6, OP_COMMIT },    { 4, -1,        OP_MARK },
251    { 1, OP_FAIL },    { 6, OP_ACCEPT, -1 },
252    { 4, OP_FAIL },    { 6, OP_COMMIT, -1 },
253    { 5, OP_PRUNE },    { 1, OP_FAIL,   -1 },
254    { 4, OP_SKIP  },    { 4, OP_FAIL,   -1 },
255    { 4, OP_THEN  }    { 5, OP_PRUNE,  OP_PRUNE_ARG },
256      { 4, OP_SKIP,   OP_SKIP_ARG  },
257      { 4, OP_THEN,   OP_THEN_ARG  }
258  };  };
259    
260  static const int verbcount = sizeof(verbs)/sizeof(verbitem);  static const int verbcount = sizeof(verbs)/sizeof(verbitem);
261    
262    
263    /* Substitutes for [[:<:]] and [[:>:]], which mean start and end of word in
264    another regex library. */
265    
266    static const pcre_uchar sub_start_of_word[] = {
267      CHAR_BACKSLASH, CHAR_b, CHAR_LEFT_PARENTHESIS, CHAR_QUESTION_MARK,
268      CHAR_EQUALS_SIGN, CHAR_BACKSLASH, CHAR_w, CHAR_RIGHT_PARENTHESIS, '\0' };
269    
270    static const pcre_uchar sub_end_of_word[] = {
271      CHAR_BACKSLASH, CHAR_b, CHAR_LEFT_PARENTHESIS, CHAR_QUESTION_MARK,
272      CHAR_LESS_THAN_SIGN, CHAR_EQUALS_SIGN, CHAR_BACKSLASH, CHAR_w,
273      CHAR_RIGHT_PARENTHESIS, '\0' };
274    
275    
276  /* Tables of names of POSIX character classes and their lengths. The names are  /* Tables of names of POSIX character classes and their lengths. The names are
277  now all in a single string, to reduce the number of relocations when a shared  now all in a single string, to reduce the number of relocations when a shared
278  library is dynamically loaded. The list of lengths is terminated by a zero  library is dynamically loaded. The list of lengths is terminated by a zero
279  length entry. The first three must be alpha, lower, upper, as this is assumed  length entry. The first three must be alpha, lower, upper, as this is assumed
280  for handling case independence. */  for handling case independence. The indices for graph, print, and punct are
281    needed, so identify them. */
282    
283  static const char posix_names[] =  static const char posix_names[] =
284    STRING_alpha0 STRING_lower0 STRING_upper0 STRING_alnum0    STRING_alpha0 STRING_lower0 STRING_upper0 STRING_alnum0
# Line 221  static const char posix_names[] = Line 286  static const char posix_names[] =
286    STRING_graph0 STRING_print0 STRING_punct0 STRING_space0    STRING_graph0 STRING_print0 STRING_punct0 STRING_space0
287    STRING_word0  STRING_xdigit;    STRING_word0  STRING_xdigit;
288    
289  static const uschar posix_name_lengths[] = {  static const pcre_uint8 posix_name_lengths[] = {
290    5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };    5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };
291    
292    #define PC_GRAPH  8
293    #define PC_PRINT  9
294    #define PC_PUNCT 10
295    
296    
297  /* Table of class bit maps for each POSIX class. Each class is formed from a  /* Table of class bit maps for each POSIX class. Each class is formed from a
298  base map, with an optional addition or removal of another map. Then, for some  base map, with an optional addition or removal of another map. Then, for some
299  classes, there is some additional tweaking: for [:blank:] the vertical space  classes, there is some additional tweaking: for [:blank:] the vertical space
# Line 251  static const int posix_class_maps[] = { Line 321  static const int posix_class_maps[] = {
321    cbit_xdigit,-1,          0              /* xdigit */    cbit_xdigit,-1,          0              /* xdigit */
322  };  };
323    
324    /* Table of substitutes for \d etc when PCRE_UCP is set. They are replaced by
325    Unicode property escapes. */
326    
327    #ifdef SUPPORT_UCP
328    static const pcre_uchar string_PNd[]  = {
329      CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
330      CHAR_N, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
331    static const pcre_uchar string_pNd[]  = {
332      CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
333      CHAR_N, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
334    static const pcre_uchar string_PXsp[] = {
335      CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
336      CHAR_X, CHAR_s, CHAR_p, CHAR_RIGHT_CURLY_BRACKET, '\0' };
337    static const pcre_uchar string_pXsp[] = {
338      CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
339      CHAR_X, CHAR_s, CHAR_p, CHAR_RIGHT_CURLY_BRACKET, '\0' };
340    static const pcre_uchar string_PXwd[] = {
341      CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
342      CHAR_X, CHAR_w, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
343    static const pcre_uchar string_pXwd[] = {
344      CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
345      CHAR_X, CHAR_w, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
346    
347    static const pcre_uchar *substitutes[] = {
348      string_PNd,           /* \D */
349      string_pNd,           /* \d */
350      string_PXsp,          /* \S */   /* Xsp is Perl space, but from 8.34, Perl */
351      string_pXsp,          /* \s */   /* space and POSIX space are the same. */
352      string_PXwd,          /* \W */
353      string_pXwd           /* \w */
354    };
355    
356    /* The POSIX class substitutes must be in the order of the POSIX class names,
357    defined above, and there are both positive and negative cases. NULL means no
358    general substitute of a Unicode property escape (\p or \P). However, for some
359    POSIX classes (e.g. graph, print, punct) a special property code is compiled
360    directly. */
361    
362    static const pcre_uchar string_pL[] =   {
363      CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
364      CHAR_L, CHAR_RIGHT_CURLY_BRACKET, '\0' };
365    static const pcre_uchar string_pLl[] =  {
366      CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
367      CHAR_L, CHAR_l, CHAR_RIGHT_CURLY_BRACKET, '\0' };
368    static const pcre_uchar string_pLu[] =  {
369      CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
370      CHAR_L, CHAR_u, CHAR_RIGHT_CURLY_BRACKET, '\0' };
371    static const pcre_uchar string_pXan[] = {
372      CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
373      CHAR_X, CHAR_a, CHAR_n, CHAR_RIGHT_CURLY_BRACKET, '\0' };
374    static const pcre_uchar string_h[] =    {
375      CHAR_BACKSLASH, CHAR_h, '\0' };
376    static const pcre_uchar string_pXps[] = {
377      CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
378      CHAR_X, CHAR_p, CHAR_s, CHAR_RIGHT_CURLY_BRACKET, '\0' };
379    static const pcre_uchar string_PL[] =   {
380      CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
381      CHAR_L, CHAR_RIGHT_CURLY_BRACKET, '\0' };
382    static const pcre_uchar string_PLl[] =  {
383      CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
384      CHAR_L, CHAR_l, CHAR_RIGHT_CURLY_BRACKET, '\0' };
385    static const pcre_uchar string_PLu[] =  {
386      CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
387      CHAR_L, CHAR_u, CHAR_RIGHT_CURLY_BRACKET, '\0' };
388    static const pcre_uchar string_PXan[] = {
389      CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
390      CHAR_X, CHAR_a, CHAR_n, CHAR_RIGHT_CURLY_BRACKET, '\0' };
391    static const pcre_uchar string_H[] =    {
392      CHAR_BACKSLASH, CHAR_H, '\0' };
393    static const pcre_uchar string_PXps[] = {
394      CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
395      CHAR_X, CHAR_p, CHAR_s, CHAR_RIGHT_CURLY_BRACKET, '\0' };
396    
397    static const pcre_uchar *posix_substitutes[] = {
398      string_pL,            /* alpha */
399      string_pLl,           /* lower */
400      string_pLu,           /* upper */
401      string_pXan,          /* alnum */
402      NULL,                 /* ascii */
403      string_h,             /* blank */
404      NULL,                 /* cntrl */
405      string_pNd,           /* digit */
406      NULL,                 /* graph */
407      NULL,                 /* print */
408      NULL,                 /* punct */
409      string_pXps,          /* space */   /* Xps is POSIX space, but from 8.34 */
410      string_pXwd,          /* word  */   /* Perl and POSIX space are the same */
411      NULL,                 /* xdigit */
412      /* Negated cases */
413      string_PL,            /* ^alpha */
414      string_PLl,           /* ^lower */
415      string_PLu,           /* ^upper */
416      string_PXan,          /* ^alnum */
417      NULL,                 /* ^ascii */
418      string_H,             /* ^blank */
419      NULL,                 /* ^cntrl */
420      string_PNd,           /* ^digit */
421      NULL,                 /* ^graph */
422      NULL,                 /* ^print */
423      NULL,                 /* ^punct */
424      string_PXps,          /* ^space */  /* Xps is POSIX space, but from 8.34 */
425      string_PXwd,          /* ^word */   /* Perl and POSIX space are the same */
426      NULL                  /* ^xdigit */
427    };
428    #define POSIX_SUBSIZE (sizeof(posix_substitutes) / sizeof(pcre_uchar *))
429    #endif
430    
431  #define STRING(a)  # a  #define STRING(a)  # a
432  #define XSTRING(s) STRING(s)  #define XSTRING(s) STRING(s)
# Line 263  the number of relocations needed when a Line 439  the number of relocations needed when a
439  it is now one long string. We cannot use a table of offsets, because the  it is now one long string. We cannot use a table of offsets, because the
440  lengths of inserts such as XSTRING(MAX_NAME_SIZE) are not known. Instead, we  lengths of inserts such as XSTRING(MAX_NAME_SIZE) are not known. Instead, we
441  simply count through to the one we want - this isn't a performance issue  simply count through to the one we want - this isn't a performance issue
442  because these strings are used only when there is a compilation error. */  because these strings are used only when there is a compilation error.
443    
444    Each substring ends with \0 to insert a null character. This includes the final
445    substring, so that the whole string ends with \0\0, which can be detected when
446    counting through. */
447    
448  static const char error_texts[] =  static const char error_texts[] =
449    "no error\0"    "no error\0"
# Line 304  static const char error_texts[] = Line 484  static const char error_texts[] =
484    /* 30 */    /* 30 */
485    "unknown POSIX class name\0"    "unknown POSIX class name\0"
486    "POSIX collating elements are not supported\0"    "POSIX collating elements are not supported\0"
487    "this version of PCRE is not compiled with PCRE_UTF8 support\0"    "this version of PCRE is compiled without UTF support\0"
488    "spare error\0"  /** DEAD **/    "spare error\0"  /** DEAD **/
489    "character value in \\x{...} sequence is too large\0"    "character value in \\x{} or \\o{} is too large\0"
490    /* 35 */    /* 35 */
491    "invalid condition (?(0)\0"    "invalid condition (?(0)\0"
492    "\\C not allowed in lookbehind assertion\0"    "\\C not allowed in lookbehind assertion\0"
493    "PCRE does not support \\L, \\l, \\N, \\U, or \\u\0"    "PCRE does not support \\L, \\l, \\N{name}, \\U, or \\u\0"
494    "number after (?C is > 255\0"    "number after (?C is > 255\0"
495    "closing ) for (?C expected\0"    "closing ) for (?C expected\0"
496    /* 40 */    /* 40 */
# Line 327  static const char error_texts[] = Line 507  static const char error_texts[] =
507    "too many named subpatterns (maximum " XSTRING(MAX_NAME_COUNT) ")\0"    "too many named subpatterns (maximum " XSTRING(MAX_NAME_COUNT) ")\0"
508    /* 50 */    /* 50 */
509    "repeated subpattern is too long\0"    /** DEAD **/    "repeated subpattern is too long\0"    /** DEAD **/
510    "octal value is greater than \\377 (not in UTF-8 mode)\0"    "octal value is greater than \\377 in 8-bit non-UTF-8 mode\0"
511    "internal error: overran compiling workspace\0"    "internal error: overran compiling workspace\0"
512    "internal error: previously-checked referenced subpattern not found\0"    "internal error: previously-checked referenced subpattern not found\0"
513    "DEFINE group contains more than one branch\0"    "DEFINE group contains more than one branch\0"
514    /* 55 */    /* 55 */
515    "repeating a DEFINE group is not allowed\0"    "repeating a DEFINE group is not allowed\0"  /** DEAD **/
516    "inconsistent NEWLINE options\0"    "inconsistent NEWLINE options\0"
517    "\\g is not followed by a braced, angle-bracketed, or quoted name/number or by a plain number\0"    "\\g is not followed by a braced, angle-bracketed, or quoted name/number or by a plain number\0"
518    "a numbered reference must not be zero\0"    "a numbered reference must not be zero\0"
519    "(*VERB) with an argument is not supported\0"    "an argument is not allowed for (*ACCEPT), (*FAIL), or (*COMMIT)\0"
520    /* 60 */    /* 60 */
521    "(*VERB) not recognized\0"    "(*VERB) not recognized or malformed\0"
522    "number is too big\0"    "number is too big\0"
523    "subpattern name expected\0"    "subpattern name expected\0"
524    "digit expected after (?+\0"    "digit expected after (?+\0"
525    "] is an invalid data character in JavaScript compatibility mode\0"    "] is an invalid data character in JavaScript compatibility mode\0"
526    /* 65 */    /* 65 */
527    "different names for subpatterns of the same number are not allowed";    "different names for subpatterns of the same number are not allowed\0"
528      "(*MARK) must have an argument\0"
529      "this version of PCRE is not compiled with Unicode property support\0"
530      "\\c must be followed by an ASCII character\0"
531      "\\k is not followed by a braced, angle-bracketed, or quoted name\0"
532      /* 70 */
533      "internal error: unknown opcode in find_fixedlength()\0"
534      "\\N is not supported in a class\0"
535      "too many forward references\0"
536      "disallowed Unicode code point (>= 0xd800 && <= 0xdfff)\0"
537      "invalid UTF-16 string\0"
538      /* 75 */
539      "name is too long in (*MARK), (*PRUNE), (*SKIP), or (*THEN)\0"
540      "character value in \\u.... sequence is too large\0"
541      "invalid UTF-32 string\0"
542      "setting UTF is disabled by the application\0"
543      "non-hex character in \\x{} (closing brace missing?)\0"
544      /* 80 */
545      "non-octal character in \\o{} (closing brace missing?)\0"
546      "missing opening brace after \\o\0"
547      "parentheses are too deeply nested\0"
548      "invalid range in character class\0"
549      "group name must start with a non-digit\0"
550      /* 85 */
551      "parentheses are too deeply nested (stack check)\0"
552      "digits missing in \\x{} or \\o{}\0"
553      ;
554    
555  /* Table to identify digits and hex digits. This is used when compiling  /* Table to identify digits and hex digits. This is used when compiling
556  patterns. Note that the tables in chartables are dependent on the locale, and  patterns. Note that the tables in chartables are dependent on the locale, and
# Line 363  For convenience, we use the same bit def Line 568  For convenience, we use the same bit def
568    
569  Then we can use ctype_digit and ctype_xdigit in the code. */  Then we can use ctype_digit and ctype_xdigit in the code. */
570    
571    /* Using a simple comparison for decimal numbers rather than a memory read
572    is much faster, and the resulting code is simpler (the compiler turns it
573    into a subtraction and unsigned comparison). */
574    
575    #define IS_DIGIT(x) ((x) >= CHAR_0 && (x) <= CHAR_9)
576    
577  #ifndef EBCDIC  #ifndef EBCDIC
578    
579  /* This is the "normal" case, for ASCII systems, and EBCDIC systems running in  /* This is the "normal" case, for ASCII systems, and EBCDIC systems running in
580  UTF-8 mode. */  UTF-8 mode. */
581    
582  static const unsigned char digitab[] =  static const pcre_uint8 digitab[] =
583    {    {
584    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7 */
585    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   8- 15 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   8- 15 */
# Line 407  static const unsigned char digitab[] = Line 618  static const unsigned char digitab[] =
618    
619  /* This is the "abnormal" case, for EBCDIC systems not running in UTF-8 mode. */  /* This is the "abnormal" case, for EBCDIC systems not running in UTF-8 mode. */
620    
621  static const unsigned char digitab[] =  static const pcre_uint8 digitab[] =
622    {    {
623    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7  0 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7  0 */
624    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   8- 15    */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   8- 15    */
# Line 442  static const unsigned char digitab[] = Line 653  static const unsigned char digitab[] =
653    0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c, /*  0 - 7  F0 */    0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c, /*  0 - 7  F0 */
654    0x0c,0x0c,0x00,0x00,0x00,0x00,0x00,0x00};/*  8 -255    */    0x0c,0x0c,0x00,0x00,0x00,0x00,0x00,0x00};/*  8 -255    */
655    
656  static const unsigned char ebcdic_chartab[] = { /* chartable partial dup */  static const pcre_uint8 ebcdic_chartab[] = { /* chartable partial dup */
657    0x80,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /*   0-  7 */    0x80,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /*   0-  7 */
658    0x00,0x00,0x00,0x00,0x01,0x01,0x00,0x00, /*   8- 15 */    0x00,0x00,0x00,0x00,0x01,0x01,0x00,0x00, /*   8- 15 */
659    0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /*  16- 23 */    0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /*  16- 23 */
# Line 478  static const unsigned char ebcdic_charta Line 689  static const unsigned char ebcdic_charta
689  #endif  #endif
690    
691    
692  /* Definition to allow mutual recursion */  /* This table is used to check whether auto-possessification is possible
693    between adjacent character-type opcodes. The left-hand (repeated) opcode is
694    used to select the row, and the right-hand opcode is use to select the column.
695    A value of 1 means that auto-possessification is OK. For example, the second
696    value in the first row means that \D+\d can be turned into \D++\d.
697    
698    The Unicode property types (\P and \p) have to be present to fill out the table
699    because of what their opcode values are, but the table values should always be
700    zero because property types are handled separately in the code. The last four
701    columns apply to items that cannot be repeated, so there is no need to have
702    rows for them. Note that OP_DIGIT etc. are generated only when PCRE_UCP is
703    *not* set. When it is set, \d etc. are converted into OP_(NOT_)PROP codes. */
704    
705    #define APTROWS (LAST_AUTOTAB_LEFT_OP - FIRST_AUTOTAB_OP + 1)
706    #define APTCOLS (LAST_AUTOTAB_RIGHT_OP - FIRST_AUTOTAB_OP + 1)
707    
708    static const pcre_uint8 autoposstab[APTROWS][APTCOLS] = {
709    /* \D \d \S \s \W \w  . .+ \C \P \p \R \H \h \V \v \X \Z \z  $ $M */
710      { 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0 },  /* \D */
711      { 1, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1 },  /* \d */
712      { 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1 },  /* \S */
713      { 0, 1, 1, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0 },  /* \s */
714      { 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0 },  /* \W */
715      { 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1 },  /* \w */
716      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 1, 0, 0 },  /* .  */
717      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0 },  /* .+ */
718      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0 },  /* \C */
719      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 },  /* \P */
720      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 },  /* \p */
721      { 0, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0 },  /* \R */
722      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0 },  /* \H */
723      { 0, 1, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 0, 0, 1, 0, 0 },  /* \h */
724      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 1, 0, 0 },  /* \V */
725      { 0, 1, 1, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 0, 1, 0, 0 },  /* \v */
726      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0 }   /* \X */
727    };
728    
729    
730  static BOOL  /* This table is used to check whether auto-possessification is possible
731    compile_regex(int, int, uschar **, const uschar **, int *, BOOL, BOOL, int,  between adjacent Unicode property opcodes (OP_PROP and OP_NOTPROP). The
732      int *, int *, branch_chain *, compile_data *, int *);  left-hand (repeated) opcode is used to select the row, and the right-hand
733    opcode is used to select the column. The values are as follows:
734    
735      0   Always return FALSE (never auto-possessify)
736      1   Character groups are distinct (possessify if both are OP_PROP)
737      2   Check character categories in the same group (general or particular)
738      3   TRUE if the two opcodes are not the same (PROP vs NOTPROP)
739    
740      4   Check left general category vs right particular category
741      5   Check right general category vs left particular category
742    
743      6   Left alphanum vs right general category
744      7   Left space vs right general category
745      8   Left word vs right general category
746    
747      9   Right alphanum vs left general category
748     10   Right space vs left general category
749     11   Right word vs left general category
750    
751     12   Left alphanum vs right particular category
752     13   Left space vs right particular category
753     14   Left word vs right particular category
754    
755     15   Right alphanum vs left particular category
756     16   Right space vs left particular category
757     17   Right word vs left particular category
758    */
759    
760    static const pcre_uint8 propposstab[PT_TABSIZE][PT_TABSIZE] = {
761    /* ANY LAMP GC  PC  SC ALNUM SPACE PXSPACE WORD CLIST UCNC */
762      { 0,  0,  0,  0,  0,    0,    0,      0,   0,    0,   0 },  /* PT_ANY */
763      { 0,  3,  0,  0,  0,    3,    1,      1,   0,    0,   0 },  /* PT_LAMP */
764      { 0,  0,  2,  4,  0,    9,   10,     10,  11,    0,   0 },  /* PT_GC */
765      { 0,  0,  5,  2,  0,   15,   16,     16,  17,    0,   0 },  /* PT_PC */
766      { 0,  0,  0,  0,  2,    0,    0,      0,   0,    0,   0 },  /* PT_SC */
767      { 0,  3,  6, 12,  0,    3,    1,      1,   0,    0,   0 },  /* PT_ALNUM */
768      { 0,  1,  7, 13,  0,    1,    3,      3,   1,    0,   0 },  /* PT_SPACE */
769      { 0,  1,  7, 13,  0,    1,    3,      3,   1,    0,   0 },  /* PT_PXSPACE */
770      { 0,  0,  8, 14,  0,    0,    1,      1,   3,    0,   0 },  /* PT_WORD */
771      { 0,  0,  0,  0,  0,    0,    0,      0,   0,    0,   0 },  /* PT_CLIST */
772      { 0,  0,  0,  0,  0,    0,    0,      0,   0,    0,   3 }   /* PT_UCNC */
773    };
774    
775    /* This table is used to check whether auto-possessification is possible
776    between adjacent Unicode property opcodes (OP_PROP and OP_NOTPROP) when one
777    specifies a general category and the other specifies a particular category. The
778    row is selected by the general category and the column by the particular
779    category. The value is 1 if the particular category is not part of the general
780    category. */
781    
782    static const pcre_uint8 catposstab[7][30] = {
783    /* Cc Cf Cn Co Cs Ll Lm Lo Lt Lu Mc Me Mn Nd Nl No Pc Pd Pe Pf Pi Po Ps Sc Sk Sm So Zl Zp Zs */
784      { 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 },  /* C */
785      { 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 },  /* L */
786      { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 },  /* M */
787      { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 },  /* N */
788      { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1 },  /* P */
789      { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1, 1, 1 },  /* S */
790      { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0 }   /* Z */
791    };
792    
793    /* This table is used when checking ALNUM, (PX)SPACE, SPACE, and WORD against
794    a general or particular category. The properties in each row are those
795    that apply to the character set in question. Duplication means that a little
796    unnecessary work is done when checking, but this keeps things much simpler
797    because they can all use the same code. For more details see the comment where
798    this table is used.
799    
800    Note: SPACE and PXSPACE used to be different because Perl excluded VT from
801    "space", but from Perl 5.18 it's included, so both categories are treated the
802    same here. */
803    
804    static const pcre_uint8 posspropstab[3][4] = {
805      { ucp_L, ucp_N, ucp_N, ucp_Nl },  /* ALNUM, 3rd and 4th values redundant */
806      { ucp_Z, ucp_Z, ucp_C, ucp_Cc },  /* SPACE and PXSPACE, 2nd value redundant */
807      { ucp_L, ucp_N, ucp_P, ucp_Po }   /* WORD */
808    };
809    
810    /* This table is used when converting repeating opcodes into possessified
811    versions as a result of an explicit possessive quantifier such as ++. A zero
812    value means there is no possessified version - in those cases the item in
813    question must be wrapped in ONCE brackets. The table is truncated at OP_CALLOUT
814    because all relevant opcodes are less than that. */
815    
816    static const pcre_uint8 opcode_possessify[] = {
817      0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,   /* 0 - 15  */
818      0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,   /* 16 - 31 */
819    
820      0,                       /* NOTI */
821      OP_POSSTAR, 0,           /* STAR, MINSTAR */
822      OP_POSPLUS, 0,           /* PLUS, MINPLUS */
823      OP_POSQUERY, 0,          /* QUERY, MINQUERY */
824      OP_POSUPTO, 0,           /* UPTO, MINUPTO */
825      0,                       /* EXACT */
826      0, 0, 0, 0,              /* POS{STAR,PLUS,QUERY,UPTO} */
827    
828      OP_POSSTARI, 0,          /* STARI, MINSTARI */
829      OP_POSPLUSI, 0,          /* PLUSI, MINPLUSI */
830      OP_POSQUERYI, 0,         /* QUERYI, MINQUERYI */
831      OP_POSUPTOI, 0,          /* UPTOI, MINUPTOI */
832      0,                       /* EXACTI */
833      0, 0, 0, 0,              /* POS{STARI,PLUSI,QUERYI,UPTOI} */
834    
835      OP_NOTPOSSTAR, 0,        /* NOTSTAR, NOTMINSTAR */
836      OP_NOTPOSPLUS, 0,        /* NOTPLUS, NOTMINPLUS */
837      OP_NOTPOSQUERY, 0,       /* NOTQUERY, NOTMINQUERY */
838      OP_NOTPOSUPTO, 0,        /* NOTUPTO, NOTMINUPTO */
839      0,                       /* NOTEXACT */
840      0, 0, 0, 0,              /* NOTPOS{STAR,PLUS,QUERY,UPTO} */
841    
842      OP_NOTPOSSTARI, 0,       /* NOTSTARI, NOTMINSTARI */
843      OP_NOTPOSPLUSI, 0,       /* NOTPLUSI, NOTMINPLUSI */
844      OP_NOTPOSQUERYI, 0,      /* NOTQUERYI, NOTMINQUERYI */
845      OP_NOTPOSUPTOI, 0,       /* NOTUPTOI, NOTMINUPTOI */
846      0,                       /* NOTEXACTI */
847      0, 0, 0, 0,              /* NOTPOS{STARI,PLUSI,QUERYI,UPTOI} */
848    
849      OP_TYPEPOSSTAR, 0,       /* TYPESTAR, TYPEMINSTAR */
850      OP_TYPEPOSPLUS, 0,       /* TYPEPLUS, TYPEMINPLUS */
851      OP_TYPEPOSQUERY, 0,      /* TYPEQUERY, TYPEMINQUERY */
852      OP_TYPEPOSUPTO, 0,       /* TYPEUPTO, TYPEMINUPTO */
853      0,                       /* TYPEEXACT */
854      0, 0, 0, 0,              /* TYPEPOS{STAR,PLUS,QUERY,UPTO} */
855    
856      OP_CRPOSSTAR, 0,         /* CRSTAR, CRMINSTAR */
857      OP_CRPOSPLUS, 0,         /* CRPLUS, CRMINPLUS */
858      OP_CRPOSQUERY, 0,        /* CRQUERY, CRMINQUERY */
859      OP_CRPOSRANGE, 0,        /* CRRANGE, CRMINRANGE */
860      0, 0, 0, 0,              /* CRPOS{STAR,PLUS,QUERY,RANGE} */
861    
862      0, 0, 0,                 /* CLASS, NCLASS, XCLASS */
863      0, 0,                    /* REF, REFI */
864      0, 0,                    /* DNREF, DNREFI */
865      0, 0                     /* RECURSE, CALLOUT */
866    };
867    
868    
869    
# Line 503  static const char * Line 884  static const char *
884  find_error_text(int n)  find_error_text(int n)
885  {  {
886  const char *s = error_texts;  const char *s = error_texts;
887  for (; n > 0; n--) while (*s++ != 0) {};  for (; n > 0; n--)
888      {
889      while (*s++ != CHAR_NULL) {};
890      if (*s == CHAR_NULL) return "Error text not found (please report)";
891      }
892  return s;  return s;
893  }  }
894    
895    
896    
897    /*************************************************
898    *           Expand the workspace                 *
899    *************************************************/
900    
901    /* This function is called during the second compiling phase, if the number of
902    forward references fills the existing workspace, which is originally a block on
903    the stack. A larger block is obtained from malloc() unless the ultimate limit
904    has been reached or the increase will be rather small.
905    
906    Argument: pointer to the compile data block
907    Returns:  0 if all went well, else an error number
908    */
909    
910    static int
911    expand_workspace(compile_data *cd)
912    {
913    pcre_uchar *newspace;
914    int newsize = cd->workspace_size * 2;
915    
916    if (newsize > COMPILE_WORK_SIZE_MAX) newsize = COMPILE_WORK_SIZE_MAX;
917    if (cd->workspace_size >= COMPILE_WORK_SIZE_MAX ||
918        newsize - cd->workspace_size < WORK_SIZE_SAFETY_MARGIN)
919     return ERR72;
920    
921    newspace = (PUBL(malloc))(IN_UCHARS(newsize));
922    if (newspace == NULL) return ERR21;
923    memcpy(newspace, cd->start_workspace, cd->workspace_size * sizeof(pcre_uchar));
924    cd->hwm = (pcre_uchar *)newspace + (cd->hwm - cd->start_workspace);
925    if (cd->workspace_size > COMPILE_WORK_SIZE)
926      (PUBL(free))((void *)cd->start_workspace);
927    cd->start_workspace = newspace;
928    cd->workspace_size = newsize;
929    return 0;
930    }
931    
932    
933    
934    /*************************************************
935    *            Check for counted repeat            *
936    *************************************************/
937    
938    /* This function is called when a '{' is encountered in a place where it might
939    start a quantifier. It looks ahead to see if it really is a quantifier or not.
940    It is only a quantifier if it is one of the forms {ddd} {ddd,} or {ddd,ddd}
941    where the ddds are digits.
942    
943    Arguments:
944      p         pointer to the first char after '{'
945    
946    Returns:    TRUE or FALSE
947    */
948    
949    static BOOL
950    is_counted_repeat(const pcre_uchar *p)
951    {
952    if (!IS_DIGIT(*p)) return FALSE;
953    p++;
954    while (IS_DIGIT(*p)) p++;
955    if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
956    
957    if (*p++ != CHAR_COMMA) return FALSE;
958    if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
959    
960    if (!IS_DIGIT(*p)) return FALSE;
961    p++;
962    while (IS_DIGIT(*p)) p++;
963    
964    return (*p == CHAR_RIGHT_CURLY_BRACKET);
965    }
966    
967    
968    
969  /*************************************************  /*************************************************
970  *            Handle escapes                      *  *            Handle escapes                      *
971  *************************************************/  *************************************************/
972    
973  /* This function is called when a \ has been encountered. It either returns a  /* This function is called when a \ has been encountered. It either returns a
974  positive value for a simple escape such as \n, or a negative value which  positive value for a simple escape such as \n, or 0 for a data character which
975  encodes one of the more complicated things such as \d. A backreference to group  will be placed in chptr. A backreference to group n is returned as negative n.
976  n is returned as -(ESC_REF + n); ESC_REF is the highest ESC_xxx macro. When  When UTF-8 is enabled, a positive value greater than 255 may be returned in
977  UTF-8 is enabled, a positive value greater than 255 may be returned. On entry,  chptr. On entry, ptr is pointing at the \. On exit, it is on the final
978  ptr is pointing at the \. On exit, it is on the final character of the escape  character of the escape sequence.
 sequence.  
979    
980  Arguments:  Arguments:
981    ptrptr         points to the pattern position pointer    ptrptr         points to the pattern position pointer
982      chptr          points to a returned data character
983    errorcodeptr   points to the errorcode variable    errorcodeptr   points to the errorcode variable
984    bracount       number of previous extracting brackets    bracount       number of previous extracting brackets
985    options        the options bits    options        the options bits
986    isclass        TRUE if inside a character class    isclass        TRUE if inside a character class
987    
988  Returns:         zero or positive => a data character  Returns:         zero => a data character
989                   negative => a special escape sequence                   positive => a special escape sequence
990                     negative => a back reference
991                   on error, errorcodeptr is set                   on error, errorcodeptr is set
992  */  */
993    
994  static int  static int
995  check_escape(const uschar **ptrptr, int *errorcodeptr, int bracount,  check_escape(const pcre_uchar **ptrptr, pcre_uint32 *chptr, int *errorcodeptr,
996    int options, BOOL isclass)    int bracount, int options, BOOL isclass)
997  {  {
998  BOOL utf8 = (options & PCRE_UTF8) != 0;  /* PCRE_UTF16 has the same value as PCRE_UTF8. */
999  const uschar *ptr = *ptrptr + 1;  BOOL utf = (options & PCRE_UTF8) != 0;
1000  int c, i;  const pcre_uchar *ptr = *ptrptr + 1;
1001    pcre_uint32 c;
1002    int escape = 0;
1003    int i;
1004    
1005  GETCHARINCTEST(c, ptr);           /* Get character value, increment pointer */  GETCHARINCTEST(c, ptr);           /* Get character value, increment pointer */
1006  ptr--;                            /* Set pointer back to the last byte */  ptr--;                            /* Set pointer back to the last byte */
1007    
1008  /* If backslash is at the end of the pattern, it's an error. */  /* If backslash is at the end of the pattern, it's an error. */
1009    
1010  if (c == 0) *errorcodeptr = ERR1;  if (c == CHAR_NULL) *errorcodeptr = ERR1;
1011    
1012  /* Non-alphanumerics are literals. For digits or letters, do an initial lookup  /* Non-alphanumerics are literals. For digits or letters, do an initial lookup
1013  in a table. A non-zero result is something that can be returned immediately.  in a table. A non-zero result is something that can be returned immediately.
1014  Otherwise further processing may be required. */  Otherwise further processing may be required. */
1015    
1016  #ifndef EBCDIC  /* ASCII/UTF-8 coding */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
1017  else if (c < CHAR_0 || c > CHAR_z) {}                     /* Not alphanumeric */  /* Not alphanumeric */
1018  else if ((i = escapes[c - CHAR_0]) != 0) c = i;  else if (c < CHAR_0 || c > CHAR_z) {}
1019    else if ((i = escapes[c - CHAR_0]) != 0)
1020      { if (i > 0) c = (pcre_uint32)i; else escape = -i; }
1021    
1022  #else           /* EBCDIC coding */  #else           /* EBCDIC coding */
1023  else if (c < 'a' || (ebcdic_chartab[c] & 0x0E) == 0) {}   /* Not alphanumeric */  /* Not alphanumeric */
1024  else if ((i = escapes[c - 0x48]) != 0)  c = i;  else if (c < CHAR_a || (!MAX_255(c) || (ebcdic_chartab[c] & 0x0E) == 0)) {}
1025    else if ((i = escapes[c - 0x48]) != 0)  { if (i > 0) c = (pcre_uint32)i; else escape = -i; }
1026  #endif  #endif
1027    
1028  /* Escapes that need further processing, or are illegal. */  /* Escapes that need further processing, or are illegal. */
1029    
1030  else  else
1031    {    {
1032    const uschar *oldptr;    const pcre_uchar *oldptr;
1033    BOOL braced, negated;    BOOL braced, negated, overflow;
1034      int s;
1035    
1036    switch (c)    switch (c)
1037      {      {
# Line 574  else Line 1040  else
1040    
1041      case CHAR_l:      case CHAR_l:
1042      case CHAR_L:      case CHAR_L:
1043      case CHAR_N:      *errorcodeptr = ERR37;
1044        break;
1045    
1046      case CHAR_u:      case CHAR_u:
1047        if ((options & PCRE_JAVASCRIPT_COMPAT) != 0)
1048          {
1049          /* In JavaScript, \u must be followed by four hexadecimal numbers.
1050          Otherwise it is a lowercase u letter. */
1051          if (MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0
1052            && MAX_255(ptr[2]) && (digitab[ptr[2]] & ctype_xdigit) != 0
1053            && MAX_255(ptr[3]) && (digitab[ptr[3]] & ctype_xdigit) != 0
1054            && MAX_255(ptr[4]) && (digitab[ptr[4]] & ctype_xdigit) != 0)
1055            {
1056            c = 0;
1057            for (i = 0; i < 4; ++i)
1058              {
1059              register pcre_uint32 cc = *(++ptr);
1060    #ifndef EBCDIC  /* ASCII/UTF-8 coding */
1061              if (cc >= CHAR_a) cc -= 32;               /* Convert to upper case */
1062              c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1063    #else           /* EBCDIC coding */
1064              if (cc >= CHAR_a && cc <= CHAR_z) cc += 64;  /* Convert to upper case */
1065              c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1066    #endif
1067              }
1068    
1069    #if defined COMPILE_PCRE8
1070            if (c > (utf ? 0x10ffffU : 0xffU))
1071    #elif defined COMPILE_PCRE16
1072            if (c > (utf ? 0x10ffffU : 0xffffU))
1073    #elif defined COMPILE_PCRE32
1074            if (utf && c > 0x10ffffU)
1075    #endif
1076              {
1077              *errorcodeptr = ERR76;
1078              }
1079            else if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;
1080            }
1081          }
1082        else
1083          *errorcodeptr = ERR37;
1084        break;
1085    
1086      case CHAR_U:      case CHAR_U:
1087      *errorcodeptr = ERR37;      /* In JavaScript, \U is an uppercase U letter. */
1088        if ((options & PCRE_JAVASCRIPT_COMPAT) == 0) *errorcodeptr = ERR37;
1089      break;      break;
1090    
1091      /* \g must be followed by one of a number of specific things:      /* In a character class, \g is just a literal "g". Outside a character
1092        class, \g must be followed by one of a number of specific things:
1093    
1094      (1) A number, either plain or braced. If positive, it is an absolute      (1) A number, either plain or braced. If positive, it is an absolute
1095      backreference. If negative, it is a relative backreference. This is a Perl      backreference. If negative, it is a relative backreference. This is a Perl
# Line 594  else Line 1103  else
1103      (3) For Oniguruma compatibility we also support \g followed by a name or a      (3) For Oniguruma compatibility we also support \g followed by a name or a
1104      number either in angle brackets or in single quotes. However, these are      number either in angle brackets or in single quotes. However, these are
1105      (possibly recursive) subroutine calls, _not_ backreferences. Just return      (possibly recursive) subroutine calls, _not_ backreferences. Just return
1106      the -ESC_g code (cf \k). */      the ESC_g code (cf \k). */
1107    
1108      case CHAR_g:      case CHAR_g:
1109        if (isclass) break;
1110      if (ptr[1] == CHAR_LESS_THAN_SIGN || ptr[1] == CHAR_APOSTROPHE)      if (ptr[1] == CHAR_LESS_THAN_SIGN || ptr[1] == CHAR_APOSTROPHE)
1111        {        {
1112        c = -ESC_g;        escape = ESC_g;
1113        break;        break;
1114        }        }
1115    
# Line 607  else Line 1117  else
1117    
1118      if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)      if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
1119        {        {
1120        const uschar *p;        const pcre_uchar *p;
1121        for (p = ptr+2; *p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET; p++)        for (p = ptr+2; *p != CHAR_NULL && *p != CHAR_RIGHT_CURLY_BRACKET; p++)
1122          if (*p != CHAR_MINUS && (digitab[*p] & ctype_digit) == 0) break;          if (*p != CHAR_MINUS && !IS_DIGIT(*p)) break;
1123        if (*p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET)        if (*p != CHAR_NULL && *p != CHAR_RIGHT_CURLY_BRACKET)
1124          {          {
1125          c = -ESC_k;          escape = ESC_k;
1126          break;          break;
1127          }          }
1128        braced = TRUE;        braced = TRUE;
# Line 627  else Line 1137  else
1137        }        }
1138      else negated = FALSE;      else negated = FALSE;
1139    
1140      c = 0;      /* The integer range is limited by the machine's int representation. */
1141      while ((digitab[ptr[1]] & ctype_digit) != 0)      s = 0;
1142        c = c * 10 + *(++ptr) - CHAR_0;      overflow = FALSE;
1143        while (IS_DIGIT(ptr[1]))
1144      if (c < 0)   /* Integer overflow */        {
1145          if (s > INT_MAX / 10 - 1) /* Integer overflow */
1146            {
1147            overflow = TRUE;
1148            break;
1149            }
1150          s = s * 10 + (int)(*(++ptr) - CHAR_0);
1151          }
1152        if (overflow) /* Integer overflow */
1153        {        {
1154          while (IS_DIGIT(ptr[1]))
1155            ptr++;
1156        *errorcodeptr = ERR61;        *errorcodeptr = ERR61;
1157        break;        break;
1158        }        }
# Line 643  else Line 1163  else
1163        break;        break;
1164        }        }
1165    
1166      if (c == 0)      if (s == 0)
1167        {        {
1168        *errorcodeptr = ERR58;        *errorcodeptr = ERR58;
1169        break;        break;
# Line 651  else Line 1171  else
1171    
1172      if (negated)      if (negated)
1173        {        {
1174        if (c > bracount)        if (s > bracount)
1175          {          {
1176          *errorcodeptr = ERR15;          *errorcodeptr = ERR15;
1177          break;          break;
1178          }          }
1179        c = bracount - (c - 1);        s = bracount - (s - 1);
1180        }        }
1181    
1182      c = -(ESC_REF + c);      escape = -s;
1183      break;      break;
1184    
1185      /* The handling of escape sequences consisting of a string of digits      /* The handling of escape sequences consisting of a string of digits
1186      starting with one that is not zero is not straightforward. By experiment,      starting with one that is not zero is not straightforward. Perl has changed
1187      the way Perl works seems to be as follows:      over the years. Nowadays \g{} for backreferences and \o{} for octal are
1188        recommended to avoid the ambiguities in the old syntax.
1189    
1190      Outside a character class, the digits are read as a decimal number. If the      Outside a character class, the digits are read as a decimal number. If the
1191      number is less than 10, or if there are that many previous extracting      number is less than 8 (used to be 10), or if there are that many previous
1192      left brackets, then it is a back reference. Otherwise, up to three octal      extracting left brackets, then it is a back reference. Otherwise, up to
1193      digits are read to form an escaped byte. Thus \123 is likely to be octal      three octal digits are read to form an escaped byte. Thus \123 is likely to
1194      123 (cf \0123, which is octal 012 followed by the literal 3). If the octal      be octal 123 (cf \0123, which is octal 012 followed by the literal 3). If
1195      value is greater than 377, the least significant 8 bits are taken. Inside a      the octal value is greater than 377, the least significant 8 bits are
1196      character class, \ followed by a digit is always an octal number. */      taken. \8 and \9 are treated as the literal characters 8 and 9.
1197    
1198        Inside a character class, \ followed by a digit is always either a literal
1199        8 or 9 or an octal number. */
1200    
1201      case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4: case CHAR_5:      case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4: case CHAR_5:
1202      case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:      case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
# Line 680  else Line 1204  else
1204      if (!isclass)      if (!isclass)
1205        {        {
1206        oldptr = ptr;        oldptr = ptr;
1207        c -= CHAR_0;        /* The integer range is limited by the machine's int representation. */
1208        while ((digitab[ptr[1]] & ctype_digit) != 0)        s = (int)(c -CHAR_0);
1209          c = c * 10 + *(++ptr) - CHAR_0;        overflow = FALSE;
1210        if (c < 0)    /* Integer overflow */        while (IS_DIGIT(ptr[1]))
1211            {
1212            if (s > INT_MAX / 10 - 1) /* Integer overflow */
1213              {
1214              overflow = TRUE;
1215              break;
1216              }
1217            s = s * 10 + (int)(*(++ptr) - CHAR_0);
1218            }
1219          if (overflow) /* Integer overflow */
1220          {          {
1221            while (IS_DIGIT(ptr[1]))
1222              ptr++;
1223          *errorcodeptr = ERR61;          *errorcodeptr = ERR61;
1224          break;          break;
1225          }          }
1226        if (c < 10 || c <= bracount)        if (s < 8 || s <= bracount)  /* Check for back reference */
1227          {          {
1228          c = -(ESC_REF + c);          escape = -s;
1229          break;          break;
1230          }          }
1231        ptr = oldptr;      /* Put the pointer back and fall through */        ptr = oldptr;      /* Put the pointer back and fall through */
1232        }        }
1233    
1234      /* Handle an octal number following \. If the first digit is 8 or 9, Perl      /* Handle a digit following \ when the number is not a back reference. If
1235      generates a binary zero byte and treats the digit as a following literal.      the first digit is 8 or 9, Perl used to generate a binary zero byte and
1236      Thus we have to pull back the pointer by one. */      then treat the digit as a following literal. At least by Perl 5.18 this
1237        changed so as not to insert the binary zero. */
1238    
1239      if ((c = *ptr) >= CHAR_8)      if ((c = *ptr) >= CHAR_8) break;
1240        {  
1241        ptr--;      /* Fall through with a digit less than 8 */
       c = 0;  
       break;  
       }  
1242    
1243      /* \0 always starts an octal number, but we may drop through to here with a      /* \0 always starts an octal number, but we may drop through to here with a
1244      larger first octal digit. The original code used just to take the least      larger first octal digit. The original code used just to take the least
1245      significant 8 bits of octal numbers (I think this is what early Perls used      significant 8 bits of octal numbers (I think this is what early Perls used
1246      to do). Nowadays we allow for larger numbers in UTF-8 mode, but no more      to do). Nowadays we allow for larger numbers in UTF-8 mode and 16-bit mode,
1247      than 3 octal digits. */      but no more than 3 octal digits. */
1248    
1249      case CHAR_0:      case CHAR_0:
1250      c -= CHAR_0;      c -= CHAR_0;
1251      while(i++ < 2 && ptr[1] >= CHAR_0 && ptr[1] <= CHAR_7)      while(i++ < 2 && ptr[1] >= CHAR_0 && ptr[1] <= CHAR_7)
1252          c = c * 8 + *(++ptr) - CHAR_0;          c = c * 8 + *(++ptr) - CHAR_0;
1253      if (!utf8 && c > 255) *errorcodeptr = ERR51;  #ifdef COMPILE_PCRE8
1254        if (!utf && c > 0xff) *errorcodeptr = ERR51;
1255    #endif
1256      break;      break;
1257    
1258      /* \x is complicated. \x{ddd} is a character number which can be greater      /* \o is a relatively new Perl feature, supporting a more general way of
1259      than 0xff in utf8 mode, but only if the ddd are hex digits. If not, { is      specifying character codes in octal. The only supported form is \o{ddd}. */
     treated as a data character. */  
1260    
1261      case CHAR_x:      case CHAR_o:
1262      if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)      if (ptr[1] != CHAR_LEFT_CURLY_BRACKET) *errorcodeptr = ERR81; else
1263        if (ptr[2] == CHAR_RIGHT_CURLY_BRACKET) *errorcodeptr = ERR86; else
1264        {        {
1265        const uschar *pt = ptr + 2;        ptr += 2;
       int count = 0;  
   
1266        c = 0;        c = 0;
1267        while ((digitab[*pt] & ctype_xdigit) != 0)        overflow = FALSE;
1268          while (*ptr >= CHAR_0 && *ptr <= CHAR_7)
1269          {          {
1270          register int cc = *pt++;          register pcre_uint32 cc = *ptr++;
1271          if (c == 0 && cc == CHAR_0) continue;     /* Leading zeroes */          if (c == 0 && cc == CHAR_0) continue;     /* Leading zeroes */
1272          count++;  #ifdef COMPILE_PCRE32
1273            if (c >= 0x20000000l) { overflow = TRUE; break; }
1274    #endif
1275            c = (c << 3) + cc - CHAR_0 ;
1276    #if defined COMPILE_PCRE8
1277            if (c > (utf ? 0x10ffffU : 0xffU)) { overflow = TRUE; break; }
1278    #elif defined COMPILE_PCRE16
1279            if (c > (utf ? 0x10ffffU : 0xffffU)) { overflow = TRUE; break; }
1280    #elif defined COMPILE_PCRE32
1281            if (utf && c > 0x10ffffU) { overflow = TRUE; break; }
1282    #endif
1283            }
1284          if (overflow)
1285            {
1286            while (*ptr >= CHAR_0 && *ptr <= CHAR_7) ptr++;
1287            *errorcodeptr = ERR34;
1288            }
1289          else if (*ptr == CHAR_RIGHT_CURLY_BRACKET)
1290            {
1291            if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;
1292            }
1293          else *errorcodeptr = ERR80;
1294          }
1295        break;
1296    
1297        /* \x is complicated. In JavaScript, \x must be followed by two hexadecimal
1298        numbers. Otherwise it is a lowercase x letter. */
1299    
1300        case CHAR_x:
1301        if ((options & PCRE_JAVASCRIPT_COMPAT) != 0)
1302          {
1303          if (MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0
1304            && MAX_255(ptr[2]) && (digitab[ptr[2]] & ctype_xdigit) != 0)
1305            {
1306            c = 0;
1307            for (i = 0; i < 2; ++i)
1308              {
1309              register pcre_uint32 cc = *(++ptr);
1310  #ifndef EBCDIC  /* ASCII/UTF-8 coding */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
1311          if (cc >= CHAR_a) cc -= 32;               /* Convert to upper case */            if (cc >= CHAR_a) cc -= 32;               /* Convert to upper case */
1312          c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));            c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1313  #else           /* EBCDIC coding */  #else           /* EBCDIC coding */
1314          if (cc >= CHAR_a && cc <= CHAR_z) cc += 64;  /* Convert to upper case */            if (cc >= CHAR_a && cc <= CHAR_z) cc += 64;  /* Convert to upper case */
1315          c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));            c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1316  #endif  #endif
1317              }
1318          }          }
1319          }    /* End JavaScript handling */
1320    
1321        /* Handle \x in Perl's style. \x{ddd} is a character number which can be
1322        greater than 0xff in utf or non-8bit mode, but only if the ddd are hex
1323        digits. If not, { used to be treated as a data character. However, Perl
1324        seems to read hex digits up to the first non-such, and ignore the rest, so
1325        that, for example \x{zz} matches a binary zero. This seems crazy, so PCRE
1326        now gives an error. */
1327    
1328        if (*pt == CHAR_RIGHT_CURLY_BRACKET)      else
1329          {
1330          if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
1331          {          {
1332          if (c < 0 || count > (utf8? 8 : 2)) *errorcodeptr = ERR34;          ptr += 2;
1333          ptr = pt;          if (*ptr == CHAR_RIGHT_CURLY_BRACKET)
1334          break;            {
1335          }            *errorcodeptr = ERR86;
1336              break;
1337              }
1338            c = 0;
1339            overflow = FALSE;
1340            while (MAX_255(*ptr) && (digitab[*ptr] & ctype_xdigit) != 0)
1341              {
1342              register pcre_uint32 cc = *ptr++;
1343              if (c == 0 && cc == CHAR_0) continue;     /* Leading zeroes */
1344    
1345        /* If the sequence of hex digits does not end with '}', then we don't  #ifdef COMPILE_PCRE32
1346        recognize this construct; fall through to the normal \x handling. */            if (c >= 0x10000000l) { overflow = TRUE; break; }
1347        }  #endif
1348    
1349      /* Read just a single-byte hex-defined char */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
1350              if (cc >= CHAR_a) cc -= 32;               /* Convert to upper case */
1351              c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1352    #else           /* EBCDIC coding */
1353              if (cc >= CHAR_a && cc <= CHAR_z) cc += 64;  /* Convert to upper case */
1354              c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1355    #endif
1356    
1357      c = 0;  #if defined COMPILE_PCRE8
1358      while (i++ < 2 && (digitab[ptr[1]] & ctype_xdigit) != 0)            if (c > (utf ? 0x10ffffU : 0xffU)) { overflow = TRUE; break; }
1359        {  #elif defined COMPILE_PCRE16
1360        int cc;                                  /* Some compilers don't like */            if (c > (utf ? 0x10ffffU : 0xffffU)) { overflow = TRUE; break; }
1361        cc = *(++ptr);                           /* ++ in initializers */  #elif defined COMPILE_PCRE32
1362              if (utf && c > 0x10ffffU) { overflow = TRUE; break; }
1363    #endif
1364              }
1365    
1366            if (overflow)
1367              {
1368              while (MAX_255(*ptr) && (digitab[*ptr] & ctype_xdigit) != 0) ptr++;
1369              *errorcodeptr = ERR34;
1370              }
1371    
1372            else if (*ptr == CHAR_RIGHT_CURLY_BRACKET)
1373              {
1374              if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;
1375              }
1376    
1377            /* If the sequence of hex digits does not end with '}', give an error.
1378            We used just to recognize this construct and fall through to the normal
1379            \x handling, but nowadays Perl gives an error, which seems much more
1380            sensible, so we do too. */
1381    
1382            else *errorcodeptr = ERR79;
1383            }   /* End of \x{} processing */
1384    
1385          /* Read a single-byte hex-defined char (up to two hex digits after \x) */
1386    
1387          else
1388            {
1389            c = 0;
1390            while (i++ < 2 && MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0)
1391              {
1392              pcre_uint32 cc;                          /* Some compilers don't like */
1393              cc = *(++ptr);                           /* ++ in initializers */
1394  #ifndef EBCDIC  /* ASCII/UTF-8 coding */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
1395        if (cc >= CHAR_a) cc -= 32;              /* Convert to upper case */            if (cc >= CHAR_a) cc -= 32;              /* Convert to upper case */
1396        c = c * 16 + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));            c = c * 16 + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1397  #else           /* EBCDIC coding */  #else           /* EBCDIC coding */
1398        if (cc <= CHAR_z) cc += 64;              /* Convert to upper case */            if (cc <= CHAR_z) cc += 64;              /* Convert to upper case */
1399        c = c * 16 + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));            c = c * 16 + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1400  #endif  #endif
1401        }            }
1402            }     /* End of \xdd handling */
1403          }       /* End of Perl-style \x handling */
1404      break;      break;
1405    
1406      /* For \c, a following letter is upper-cased; then the 0x40 bit is flipped.      /* For \c, a following letter is upper-cased; then the 0x40 bit is flipped.
1407      This coding is ASCII-specific, but then the whole concept of \cx is      An error is given if the byte following \c is not an ASCII character. This
1408        coding is ASCII-specific, but then the whole concept of \cx is
1409      ASCII-specific. (However, an EBCDIC equivalent has now been added.) */      ASCII-specific. (However, an EBCDIC equivalent has now been added.) */
1410    
1411      case CHAR_c:      case CHAR_c:
1412      c = *(++ptr);      c = *(++ptr);
1413      if (c == 0)      if (c == CHAR_NULL)
1414        {        {
1415        *errorcodeptr = ERR2;        *errorcodeptr = ERR2;
1416        break;        break;
1417        }        }
1418    #ifndef EBCDIC    /* ASCII/UTF-8 coding */
1419  #ifndef EBCDIC  /* ASCII/UTF-8 coding */      if (c > 127)  /* Excludes all non-ASCII in either mode */
1420          {
1421          *errorcodeptr = ERR68;
1422          break;
1423          }
1424      if (c >= CHAR_a && c <= CHAR_z) c -= 32;      if (c >= CHAR_a && c <= CHAR_z) c -= 32;
1425      c ^= 0x40;      c ^= 0x40;
1426  #else           /* EBCDIC coding */  #else             /* EBCDIC coding */
1427      if (c >= CHAR_a && c <= CHAR_z) c += 64;      if (c >= CHAR_a && c <= CHAR_z) c += 64;
1428      c ^= 0xC0;      c ^= 0xC0;
1429  #endif  #endif
# Line 812  else Line 1446  else
1446      }      }
1447    }    }
1448    
1449    /* Perl supports \N{name} for character names, as well as plain \N for "not
1450    newline". PCRE does not support \N{name}. However, it does support
1451    quantification such as \N{2,3}. */
1452    
1453    if (escape == ESC_N && ptr[1] == CHAR_LEFT_CURLY_BRACKET &&
1454         !is_counted_repeat(ptr+2))
1455      *errorcodeptr = ERR37;
1456    
1457    /* If PCRE_UCP is set, we change the values for \d etc. */
1458    
1459    if ((options & PCRE_UCP) != 0 && escape >= ESC_D && escape <= ESC_w)
1460      escape += (ESC_DU - ESC_D);
1461    
1462    /* Set the pointer to the final character before returning. */
1463    
1464  *ptrptr = ptr;  *ptrptr = ptr;
1465  return c;  *chptr = c;
1466    return escape;
1467  }  }
1468    
1469    
# Line 831  escape sequence. Line 1481  escape sequence.
1481  Argument:  Argument:
1482    ptrptr         points to the pattern position pointer    ptrptr         points to the pattern position pointer
1483    negptr         points to a boolean that is set TRUE for negation else FALSE    negptr         points to a boolean that is set TRUE for negation else FALSE
1484    dptr           points to an int that is set to the detailed property value    ptypeptr       points to an unsigned int that is set to the type value
1485      pdataptr       points to an unsigned int that is set to the detailed property value
1486    errorcodeptr   points to the error code variable    errorcodeptr   points to the error code variable
1487    
1488  Returns:         type value from ucp_type_table, or -1 for an invalid type  Returns:         TRUE if the type value was found, or FALSE for an invalid type
1489  */  */
1490    
1491  static int  static BOOL
1492  get_ucp(const uschar **ptrptr, BOOL *negptr, int *dptr, int *errorcodeptr)  get_ucp(const pcre_uchar **ptrptr, BOOL *negptr, unsigned int *ptypeptr,
1493      unsigned int *pdataptr, int *errorcodeptr)
1494  {  {
1495  int c, i, bot, top;  pcre_uchar c;
1496  const uschar *ptr = *ptrptr;  int i, bot, top;
1497  char name[32];  const pcre_uchar *ptr = *ptrptr;
1498    pcre_uchar name[32];
1499    
1500  c = *(++ptr);  c = *(++ptr);
1501  if (c == 0) goto ERROR_RETURN;  if (c == CHAR_NULL) goto ERROR_RETURN;
1502    
1503  *negptr = FALSE;  *negptr = FALSE;
1504    
# Line 859  if (c == CHAR_LEFT_CURLY_BRACKET) Line 1512  if (c == CHAR_LEFT_CURLY_BRACKET)
1512      *negptr = TRUE;      *negptr = TRUE;
1513      ptr++;      ptr++;
1514      }      }
1515    for (i = 0; i < (int)sizeof(name) - 1; i++)    for (i = 0; i < (int)(sizeof(name) / sizeof(pcre_uchar)) - 1; i++)
1516      {      {
1517      c = *(++ptr);      c = *(++ptr);
1518      if (c == 0) goto ERROR_RETURN;      if (c == CHAR_NULL) goto ERROR_RETURN;
1519      if (c == CHAR_RIGHT_CURLY_BRACKET) break;      if (c == CHAR_RIGHT_CURLY_BRACKET) break;
1520      name[i] = c;      name[i] = c;
1521      }      }
# Line 883  else Line 1536  else
1536  /* Search for a recognized property name using binary chop */  /* Search for a recognized property name using binary chop */
1537    
1538  bot = 0;  bot = 0;
1539  top = _pcre_utt_size;  top = PRIV(utt_size);
1540    
1541  while (bot < top)  while (bot < top)
1542    {    {
1543      int r;
1544    i = (bot + top) >> 1;    i = (bot + top) >> 1;
1545    c = strcmp(name, _pcre_utt_names + _pcre_utt[i].name_offset);    r = STRCMP_UC_C8(name, PRIV(utt_names) + PRIV(utt)[i].name_offset);
1546    if (c == 0)    if (r == 0)
1547      {      {
1548      *dptr = _pcre_utt[i].value;      *ptypeptr = PRIV(utt)[i].type;
1549      return _pcre_utt[i].type;      *pdataptr = PRIV(utt)[i].value;
1550        return TRUE;
1551      }      }
1552    if (c > 0) bot = i + 1; else top = i;    if (r > 0) bot = i + 1; else top = i;
1553    }    }
1554    
1555  *errorcodeptr = ERR47;  *errorcodeptr = ERR47;
1556  *ptrptr = ptr;  *ptrptr = ptr;
1557  return -1;  return FALSE;
1558    
1559  ERROR_RETURN:  ERROR_RETURN:
1560  *errorcodeptr = ERR46;  *errorcodeptr = ERR46;
1561  *ptrptr = ptr;  *ptrptr = ptr;
1562  return -1;  return FALSE;
1563  }  }
1564  #endif  #endif
1565    
1566    
1567    
   
 /*************************************************  
 *            Check for counted repeat            *  
 *************************************************/  
   
 /* This function is called when a '{' is encountered in a place where it might  
 start a quantifier. It looks ahead to see if it really is a quantifier or not.  
 It is only a quantifier if it is one of the forms {ddd} {ddd,} or {ddd,ddd}  
 where the ddds are digits.  
   
 Arguments:  
   p         pointer to the first char after '{'  
   
 Returns:    TRUE or FALSE  
 */  
   
 static BOOL  
 is_counted_repeat(const uschar *p)  
 {  
 if ((digitab[*p++] & ctype_digit) == 0) return FALSE;  
 while ((digitab[*p] & ctype_digit) != 0) p++;  
 if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;  
   
 if (*p++ != CHAR_COMMA) return FALSE;  
 if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;  
   
 if ((digitab[*p++] & ctype_digit) == 0) return FALSE;  
 while ((digitab[*p] & ctype_digit) != 0) p++;  
   
 return (*p == CHAR_RIGHT_CURLY_BRACKET);  
 }  
   
   
   
1568  /*************************************************  /*************************************************
1569  *         Read repeat counts                     *  *         Read repeat counts                     *
1570  *************************************************/  *************************************************/
# Line 963  Returns:         pointer to '}' on succe Line 1584  Returns:         pointer to '}' on succe
1584                   current ptr on error, with errorcodeptr set non-zero                   current ptr on error, with errorcodeptr set non-zero
1585  */  */
1586    
1587  static const uschar *  static const pcre_uchar *
1588  read_repeat_counts(const uschar *p, int *minp, int *maxp, int *errorcodeptr)  read_repeat_counts(const pcre_uchar *p, int *minp, int *maxp, int *errorcodeptr)
1589  {  {
1590  int min = 0;  int min = 0;
1591  int max = -1;  int max = -1;
1592    
1593  /* Read the minimum value and do a paranoid check: a negative value indicates  while (IS_DIGIT(*p))
 an integer overflow. */  
   
 while ((digitab[*p] & ctype_digit) != 0) min = min * 10 + *p++ - CHAR_0;  
 if (min < 0 || min > 65535)  
1594    {    {
1595    *errorcodeptr = ERR5;    min = min * 10 + (int)(*p++ - CHAR_0);
1596    return p;    if (min > 65535)
1597        {
1598        *errorcodeptr = ERR5;
1599        return p;
1600        }
1601    }    }
1602    
 /* Read the maximum value if there is one, and again do a paranoid on its size.  
 Also, max must not be less than min. */  
   
1603  if (*p == CHAR_RIGHT_CURLY_BRACKET) max = min; else  if (*p == CHAR_RIGHT_CURLY_BRACKET) max = min; else
1604    {    {
1605    if (*(++p) != CHAR_RIGHT_CURLY_BRACKET)    if (*(++p) != CHAR_RIGHT_CURLY_BRACKET)
1606      {      {
1607      max = 0;      max = 0;
1608      while((digitab[*p] & ctype_digit) != 0) max = max * 10 + *p++ - CHAR_0;      while(IS_DIGIT(*p))
     if (max < 0 || max > 65535)  
1609        {        {
1610        *errorcodeptr = ERR5;        max = max * 10 + (int)(*p++ - CHAR_0);
1611        return p;        if (max > 65535)
1612            {
1613            *errorcodeptr = ERR5;
1614            return p;
1615            }
1616        }        }
1617      if (max < min)      if (max < min)
1618        {        {
# Line 1001  if (*p == CHAR_RIGHT_CURLY_BRACKET) max Line 1622  if (*p == CHAR_RIGHT_CURLY_BRACKET) max
1622      }      }
1623    }    }
1624    
 /* Fill in the required variables, and pass back the pointer to the terminating  
 '}'. */  
   
1625  *minp = min;  *minp = min;
1626  *maxp = max;  *maxp = max;
1627  return p;  return p;
# Line 1012  return p; Line 1630  return p;
1630    
1631    
1632  /*************************************************  /*************************************************
1633  *  Subroutine for finding forward reference      *  *      Find first significant op code            *
1634  *************************************************/  *************************************************/
1635    
1636  /* This recursive function is called only from find_parens() below. The  /* This is called by several functions that scan a compiled expression looking
1637  top-level call starts at the beginning of the pattern. All other calls must  for a fixed first character, or an anchoring op code etc. It skips over things
1638  start at a parenthesis. It scans along a pattern's text looking for capturing  that do not influence this. For some calls, it makes sense to skip negative
1639  subpatterns, and counting them. If it finds a named pattern that matches the  forward and all backward assertions, and also the \b assertion; for others it
1640  name it is given, it returns its number. Alternatively, if the name is NULL, it  does not.
 returns when it reaches a given numbered subpattern. We know that if (?P< is  
 encountered, the name will be terminated by '>' because that is checked in the  
 first pass. Recursion is used to keep track of subpatterns that reset the  
 capturing group numbers - the (?| feature.  
1641    
1642  Arguments:  Arguments:
1643    ptrptr       address of the current character pointer (updated)    code         pointer to the start of the group
1644    cd           compile background data    skipassert   TRUE if certain assertions are to be skipped
   name         name to seek, or NULL if seeking a numbered subpattern  
   lorn         name length, or subpattern number if name is NULL  
   xmode        TRUE if we are in /x mode  
   count        pointer to the current capturing subpattern number (updated)  
1645    
1646  Returns:       the number of the named subpattern, or -1 if not found  Returns:       pointer to the first significant opcode
1647  */  */
1648    
1649  static int  static const pcre_uchar*
1650  find_parens_sub(uschar **ptrptr, compile_data *cd, const uschar *name, int lorn,  first_significant_code(const pcre_uchar *code, BOOL skipassert)
   BOOL xmode, int *count)  
1651  {  {
1652  uschar *ptr = *ptrptr;  for (;;)
 int start_count = *count;  
 int hwm_count = start_count;  
 BOOL dup_parens = FALSE;  
   
 /* If the first character is a parenthesis, check on the type of group we are  
 dealing with. The very first call may not start with a parenthesis. */  
   
 if (ptr[0] == CHAR_LEFT_PARENTHESIS)  
1653    {    {
1654    if (ptr[1] == CHAR_QUESTION_MARK &&    switch ((int)*code)
       ptr[2] == CHAR_VERTICAL_LINE)  
1655      {      {
1656      ptr += 3;      case OP_ASSERT_NOT:
1657      dup_parens = TRUE;      case OP_ASSERTBACK:
1658      }      case OP_ASSERTBACK_NOT:
1659        if (!skipassert) return code;
1660        do code += GET(code, 1); while (*code == OP_ALT);
1661        code += PRIV(OP_lengths)[*code];
1662        break;
1663    
1664    /* Handle a normal, unnamed capturing parenthesis */      case OP_WORD_BOUNDARY:
1665        case OP_NOT_WORD_BOUNDARY:
1666    else if (ptr[1] != CHAR_QUESTION_MARK && ptr[1] != CHAR_ASTERISK)      if (!skipassert) return code;
1667      {      /* Fall through */
     *count += 1;  
     if (name == NULL && *count == lorn) return *count;  
     ptr++;  
     }  
   
   /* Handle a condition. If it is an assertion, just carry on so that it  
   is processed as normal. If not, skip to the closing parenthesis of the  
   condition (there can't be any nested parens. */  
   
   else if (ptr[2] == CHAR_LEFT_PARENTHESIS)  
     {  
     ptr += 2;  
     if (ptr[1] != CHAR_QUESTION_MARK)  
       {  
       while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;  
       if (*ptr != 0) ptr++;  
       }  
     }  
   
   /* We have either (? or (* and not a condition */  
   
   else  
     {  
     ptr += 2;  
     if (*ptr == CHAR_P) ptr++;                      /* Allow optional P */  
   
     /* We have to disambiguate (?<! and (?<= from (?<name> for named groups */  
   
     if ((*ptr == CHAR_LESS_THAN_SIGN && ptr[1] != CHAR_EXCLAMATION_MARK &&  
         ptr[1] != CHAR_EQUALS_SIGN) || *ptr == CHAR_APOSTROPHE)  
       {  
       int term;  
       const uschar *thisname;  
       *count += 1;  
       if (name == NULL && *count == lorn) return *count;  
       term = *ptr++;  
       if (term == CHAR_LESS_THAN_SIGN) term = CHAR_GREATER_THAN_SIGN;  
       thisname = ptr;  
       while (*ptr != term) ptr++;  
       if (name != NULL && lorn == ptr - thisname &&  
           strncmp((const char *)name, (const char *)thisname, lorn) == 0)  
         return *count;  
       term++;  
       }  
     }  
   }  
   
 /* Past any initial parenthesis handling, scan for parentheses or vertical  
 bars. */  
   
 for (; *ptr != 0; ptr++)  
   {  
   /* Skip over backslashed characters and also entire \Q...\E */  
   
   if (*ptr == CHAR_BACKSLASH)  
     {  
     if (*(++ptr) == 0) goto FAIL_EXIT;  
     if (*ptr == CHAR_Q) for (;;)  
       {  
       while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};  
       if (*ptr == 0) goto FAIL_EXIT;  
       if (*(++ptr) == CHAR_E) break;  
       }  
     continue;  
     }  
   
   /* Skip over character classes; this logic must be similar to the way they  
   are handled for real. If the first character is '^', skip it. Also, if the  
   first few characters (either before or after ^) are \Q\E or \E we skip them  
   too. This makes for compatibility with Perl. Note the use of STR macros to  
   encode "Q\\E" so that it works in UTF-8 on EBCDIC platforms. */  
   
   if (*ptr == CHAR_LEFT_SQUARE_BRACKET)  
     {  
     BOOL negate_class = FALSE;  
     for (;;)  
       {  
       if (ptr[1] == CHAR_BACKSLASH)  
         {  
         if (ptr[2] == CHAR_E)  
           ptr+= 2;  
         else if (strncmp((const char *)ptr+2,  
                  STR_Q STR_BACKSLASH STR_E, 3) == 0)  
           ptr += 4;  
         else  
           break;  
         }  
       else if (!negate_class && ptr[1] == CHAR_CIRCUMFLEX_ACCENT)  
         {  
         negate_class = TRUE;  
         ptr++;  
         }  
       else break;  
       }  
   
     /* If the next character is ']', it is a data character that must be  
     skipped, except in JavaScript compatibility mode. */  
   
     if (ptr[1] == CHAR_RIGHT_SQUARE_BRACKET &&  
         (cd->external_options & PCRE_JAVASCRIPT_COMPAT) == 0)  
       ptr++;  
   
     while (*(++ptr) != CHAR_RIGHT_SQUARE_BRACKET)  
       {  
       if (*ptr == 0) return -1;  
       if (*ptr == CHAR_BACKSLASH)  
         {  
         if (*(++ptr) == 0) goto FAIL_EXIT;  
         if (*ptr == CHAR_Q) for (;;)  
           {  
           while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};  
           if (*ptr == 0) goto FAIL_EXIT;  
           if (*(++ptr) == CHAR_E) break;  
           }  
         continue;  
         }  
       }  
     continue;  
     }  
   
   /* Skip comments in /x mode */  
   
   if (xmode && *ptr == CHAR_NUMBER_SIGN)  
     {  
     while (*(++ptr) != 0 && *ptr != CHAR_NL) {};  
     if (*ptr == 0) goto FAIL_EXIT;  
     continue;  
     }  
   
   /* Check for the special metacharacters */  
   
   if (*ptr == CHAR_LEFT_PARENTHESIS)  
     {  
     int rc = find_parens_sub(&ptr, cd, name, lorn, xmode, count);  
     if (rc > 0) return rc;  
     if (*ptr == 0) goto FAIL_EXIT;  
     }  
   
   else if (*ptr == CHAR_RIGHT_PARENTHESIS)  
     {  
     if (dup_parens && *count < hwm_count) *count = hwm_count;  
     *ptrptr = ptr;  
     return -1;  
     }  
   
   else if (*ptr == CHAR_VERTICAL_LINE && dup_parens)  
     {  
     if (*count > hwm_count) hwm_count = *count;  
     *count = start_count;  
     }  
   }  
   
 FAIL_EXIT:  
 *ptrptr = ptr;  
 return -1;  
 }  
   
   
   
   
 /*************************************************  
 *       Find forward referenced subpattern       *  
 *************************************************/  
   
 /* This function scans along a pattern's text looking for capturing  
 subpatterns, and counting them. If it finds a named pattern that matches the  
 name it is given, it returns its number. Alternatively, if the name is NULL, it  
 returns when it reaches a given numbered subpattern. This is used for forward  
 references to subpatterns. We used to be able to start this scan from the  
 current compiling point, using the current count value from cd->bracount, and  
 do it all in a single loop, but the addition of the possibility of duplicate  
 subpattern numbers means that we have to scan from the very start, in order to  
 take account of such duplicates, and to use a recursive function to keep track  
 of the different types of group.  
   
 Arguments:  
   cd           compile background data  
   name         name to seek, or NULL if seeking a numbered subpattern  
   lorn         name length, or subpattern number if name is NULL  
   xmode        TRUE if we are in /x mode  
   
 Returns:       the number of the found subpattern, or -1 if not found  
 */  
   
 static int  
 find_parens(compile_data *cd, const uschar *name, int lorn, BOOL xmode)  
 {  
 uschar *ptr = (uschar *)cd->start_pattern;  
 int count = 0;  
 int rc;  
   
 /* If the pattern does not start with an opening parenthesis, the first call  
 to find_parens_sub() will scan right to the end (if necessary). However, if it  
 does start with a parenthesis, find_parens_sub() will return when it hits the  
 matching closing parens. That is why we have to have a loop. */  
   
 for (;;)  
   {  
   rc = find_parens_sub(&ptr, cd, name, lorn, xmode, &count);  
   if (rc > 0 || *ptr++ == 0) break;  
   }  
   
 return rc;  
 }  
   
   
   
   
 /*************************************************  
 *      Find first significant op code            *  
 *************************************************/  
   
 /* This is called by several functions that scan a compiled expression looking  
 for a fixed first character, or an anchoring op code etc. It skips over things  
 that do not influence this. For some calls, a change of option is important.  
 For some calls, it makes sense to skip negative forward and all backward  
 assertions, and also the \b assertion; for others it does not.  
   
 Arguments:  
   code         pointer to the start of the group  
   options      pointer to external options  
   optbit       the option bit whose changing is significant, or  
                  zero if none are  
   skipassert   TRUE if certain assertions are to be skipped  
   
 Returns:       pointer to the first significant opcode  
 */  
   
 static const uschar*  
 first_significant_code(const uschar *code, int *options, int optbit,  
   BOOL skipassert)  
 {  
 for (;;)  
   {  
   switch ((int)*code)  
     {  
     case OP_OPT:  
     if (optbit > 0 && ((int)code[1] & optbit) != (*options & optbit))  
       *options = (int)code[1];  
     code += 2;  
     break;  
   
     case OP_ASSERT_NOT:  
     case OP_ASSERTBACK:  
     case OP_ASSERTBACK_NOT:  
     if (!skipassert) return code;  
     do code += GET(code, 1); while (*code == OP_ALT);  
     code += _pcre_OP_lengths[*code];  
     break;  
   
     case OP_WORD_BOUNDARY:  
     case OP_NOT_WORD_BOUNDARY:  
     if (!skipassert) return code;  
     /* Fall through */  
1668    
1669      case OP_CALLOUT:      case OP_CALLOUT:
1670      case OP_CREF:      case OP_CREF:
1671      case OP_NCREF:      case OP_DNCREF:
1672      case OP_RREF:      case OP_RREF:
1673      case OP_NRREF:      case OP_DNRREF:
1674      case OP_DEF:      case OP_DEF:
1675      code += _pcre_OP_lengths[*code];      code += PRIV(OP_lengths)[*code];
1676      break;      break;
1677    
1678      default:      default:
# Line 1334  for (;;) Line 1684  for (;;)
1684    
1685    
1686    
   
1687  /*************************************************  /*************************************************
1688  *        Find the fixed length of a branch       *  *        Find the fixed length of a branch       *
1689  *************************************************/  *************************************************/
# Line 1352  and doing the check at the end; a flag s Line 1701  and doing the check at the end; a flag s
1701    
1702  Arguments:  Arguments:
1703    code     points to the start of the pattern (the bracket)    code     points to the start of the pattern (the bracket)
1704    options  the compiling options    utf      TRUE in UTF-8 / UTF-16 / UTF-32 mode
1705    atend    TRUE if called when the pattern is complete    atend    TRUE if called when the pattern is complete
1706    cd       the "compile data" structure    cd       the "compile data" structure
1707    
1708  Returns:   the fixed length,  Returns:   the fixed length,
1709               or -1 if there is no fixed length,               or -1 if there is no fixed length,
1710               or -2 if \C was encountered               or -2 if \C was encountered (in UTF-8 mode only)
1711               or -3 if an OP_RECURSE item was encountered and atend is FALSE               or -3 if an OP_RECURSE item was encountered and atend is FALSE
1712                 or -4 if an unknown opcode was encountered (internal error)
1713  */  */
1714    
1715  static int  static int
1716  find_fixedlength(uschar *code, int options, BOOL atend, compile_data *cd)  find_fixedlength(pcre_uchar *code, BOOL utf, BOOL atend, compile_data *cd)
1717  {  {
1718  int length = -1;  int length = -1;
1719    
1720  register int branchlength = 0;  register int branchlength = 0;
1721  register uschar *cc = code + 1 + LINK_SIZE;  register pcre_uchar *cc = code + 1 + LINK_SIZE;
1722    
1723  /* Scan along the opcodes for this branch. If we get to the end of the  /* Scan along the opcodes for this branch. If we get to the end of the
1724  branch, check the length against that of the other branches. */  branch, check the length against that of the other branches. */
# Line 1376  branch, check the length against that of Line 1726  branch, check the length against that of
1726  for (;;)  for (;;)
1727    {    {
1728    int d;    int d;
1729    uschar *ce, *cs;    pcre_uchar *ce, *cs;
1730    register int op = *cc;    register pcre_uchar op = *cc;
1731    
1732    switch (op)    switch (op)
1733      {      {
1734        /* We only need to continue for OP_CBRA (normal capturing bracket) and
1735        OP_BRA (normal non-capturing bracket) because the other variants of these
1736        opcodes are all concerned with unlimited repeated groups, which of course
1737        are not of fixed length. */
1738    
1739      case OP_CBRA:      case OP_CBRA:
1740      case OP_BRA:      case OP_BRA:
1741      case OP_ONCE:      case OP_ONCE:
1742        case OP_ONCE_NC:
1743      case OP_COND:      case OP_COND:
1744      d = find_fixedlength(cc + ((op == OP_CBRA)? 2:0), options, atend, cd);      d = find_fixedlength(cc + ((op == OP_CBRA)? IMM2_SIZE : 0), utf, atend, cd);
1745      if (d < 0) return d;      if (d < 0) return d;
1746      branchlength += d;      branchlength += d;
1747      do cc += GET(cc, 1); while (*cc == OP_ALT);      do cc += GET(cc, 1); while (*cc == OP_ALT);
1748      cc += 1 + LINK_SIZE;      cc += 1 + LINK_SIZE;
1749      break;      break;
1750    
1751      /* Reached end of a branch; if it's a ket it is the end of a nested      /* Reached end of a branch; if it's a ket it is the end of a nested call.
1752      call. If it's ALT it is an alternation in a nested call. If it is      If it's ALT it is an alternation in a nested call. An ACCEPT is effectively
1753      END it's the end of the outer call. All can be handled by the same code. */      an ALT. If it is END it's the end of the outer call. All can be handled by
1754        the same code. Note that we must not include the OP_KETRxxx opcodes here,
1755        because they all imply an unlimited repeat. */
1756    
1757      case OP_ALT:      case OP_ALT:
1758      case OP_KET:      case OP_KET:
     case OP_KETRMAX:  
     case OP_KETRMIN:  
1759      case OP_END:      case OP_END:
1760        case OP_ACCEPT:
1761        case OP_ASSERT_ACCEPT:
1762      if (length < 0) length = branchlength;      if (length < 0) length = branchlength;
1763        else if (length != branchlength) return -1;        else if (length != branchlength) return -1;
1764      if (*cc != OP_ALT) return length;      if (*cc != OP_ALT) return length;
# Line 1413  for (;;) Line 1772  for (;;)
1772    
1773      case OP_RECURSE:      case OP_RECURSE:
1774      if (!atend) return -3;      if (!atend) return -3;
1775      cs = ce = (uschar *)cd->start_code + GET(cc, 1);  /* Start subpattern */      cs = ce = (pcre_uchar *)cd->start_code + GET(cc, 1);  /* Start subpattern */
1776      do ce += GET(ce, 1); while (*ce == OP_ALT);       /* End subpattern */      do ce += GET(ce, 1); while (*ce == OP_ALT);           /* End subpattern */
1777      if (cc > cs && cc < ce) return -1;                /* Recursion */      if (cc > cs && cc < ce) return -1;                    /* Recursion */
1778      d = find_fixedlength(cs + 2, options, atend, cd);      d = find_fixedlength(cs + IMM2_SIZE, utf, atend, cd);
1779      if (d < 0) return d;      if (d < 0) return d;
1780      branchlength += d;      branchlength += d;
1781      cc += 1 + LINK_SIZE;      cc += 1 + LINK_SIZE;
# Line 1429  for (;;) Line 1788  for (;;)
1788      case OP_ASSERTBACK:      case OP_ASSERTBACK:
1789      case OP_ASSERTBACK_NOT:      case OP_ASSERTBACK_NOT:
1790      do cc += GET(cc, 1); while (*cc == OP_ALT);      do cc += GET(cc, 1); while (*cc == OP_ALT);
1791      /* Fall through */      cc += PRIV(OP_lengths)[*cc];
1792        break;
1793    
1794      /* Skip over things that don't match chars */      /* Skip over things that don't match chars */
1795    
1796      case OP_REVERSE:      case OP_MARK:
1797        case OP_PRUNE_ARG:
1798        case OP_SKIP_ARG:
1799        case OP_THEN_ARG:
1800        cc += cc[1] + PRIV(OP_lengths)[*cc];
1801        break;
1802    
1803        case OP_CALLOUT:
1804        case OP_CIRC:
1805        case OP_CIRCM:
1806        case OP_CLOSE:
1807        case OP_COMMIT:
1808      case OP_CREF:      case OP_CREF:
     case OP_NCREF:  
     case OP_RREF:  
     case OP_NRREF:  
1809      case OP_DEF:      case OP_DEF:
1810      case OP_OPT:      case OP_DNCREF:
1811      case OP_CALLOUT:      case OP_DNRREF:
1812      case OP_SOD:      case OP_DOLL:
1813      case OP_SOM:      case OP_DOLLM:
1814      case OP_EOD:      case OP_EOD:
1815      case OP_EODN:      case OP_EODN:
1816      case OP_CIRC:      case OP_FAIL:
     case OP_DOLL:  
1817      case OP_NOT_WORD_BOUNDARY:      case OP_NOT_WORD_BOUNDARY:
1818        case OP_PRUNE:
1819        case OP_REVERSE:
1820        case OP_RREF:
1821        case OP_SET_SOM:
1822        case OP_SKIP:
1823        case OP_SOD:
1824        case OP_SOM:
1825        case OP_THEN:
1826      case OP_WORD_BOUNDARY:      case OP_WORD_BOUNDARY:
1827      cc += _pcre_OP_lengths[*cc];      cc += PRIV(OP_lengths)[*cc];
1828      break;      break;
1829    
1830      /* Handle literal characters */      /* Handle literal characters */
1831    
1832      case OP_CHAR:      case OP_CHAR:
1833      case OP_CHARNC:      case OP_CHARI:
1834      case OP_NOT:      case OP_NOT:
1835        case OP_NOTI:
1836      branchlength++;      branchlength++;
1837      cc += 2;      cc += 2;
1838  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF
1839      if ((options & PCRE_UTF8) != 0 && cc[-1] >= 0xc0)      if (utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]);
       cc += _pcre_utf8_table4[cc[-1] & 0x3f];  
1840  #endif  #endif
1841      break;      break;
1842    
# Line 1469  for (;;) Line 1844  for (;;)
1844      need to skip over a multibyte character in UTF8 mode.  */      need to skip over a multibyte character in UTF8 mode.  */
1845    
1846      case OP_EXACT:      case OP_EXACT:
1847      branchlength += GET2(cc,1);      case OP_EXACTI:
1848      cc += 4;      case OP_NOTEXACT:
1849  #ifdef SUPPORT_UTF8      case OP_NOTEXACTI:
1850      if ((options & PCRE_UTF8) != 0 && cc[-1] >= 0xc0)      branchlength += (int)GET2(cc,1);
1851        cc += _pcre_utf8_table4[cc[-1] & 0x3f];      cc += 2 + IMM2_SIZE;
1852    #ifdef SUPPORT_UTF
1853        if (utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]);
1854  #endif  #endif
1855      break;      break;
1856    
1857      case OP_TYPEEXACT:      case OP_TYPEEXACT:
1858      branchlength += GET2(cc,1);      branchlength += GET2(cc,1);
1859      if (cc[3] == OP_PROP || cc[3] == OP_NOTPROP) cc += 2;      if (cc[1 + IMM2_SIZE] == OP_PROP || cc[1 + IMM2_SIZE] == OP_NOTPROP)
1860      cc += 4;        cc += 2;
1861        cc += 1 + IMM2_SIZE + 1;
1862      break;      break;
1863    
1864      /* Handle single-char matchers */      /* Handle single-char matchers */
# Line 1490  for (;;) Line 1868  for (;;)
1868      cc += 2;      cc += 2;
1869      /* Fall through */      /* Fall through */
1870    
1871        case OP_HSPACE:
1872        case OP_VSPACE:
1873        case OP_NOT_HSPACE:
1874        case OP_NOT_VSPACE:
1875      case OP_NOT_DIGIT:      case OP_NOT_DIGIT:
1876      case OP_DIGIT:      case OP_DIGIT:
1877      case OP_NOT_WHITESPACE:      case OP_NOT_WHITESPACE:
# Line 1502  for (;;) Line 1884  for (;;)
1884      cc++;      cc++;
1885      break;      break;
1886    
1887      /* The single-byte matcher isn't allowed */      /* The single-byte matcher isn't allowed. This only happens in UTF-8 mode;
1888        otherwise \C is coded as OP_ALLANY. */
1889    
1890      case OP_ANYBYTE:      case OP_ANYBYTE:
1891      return -2;      return -2;
1892    
1893      /* Check a class for variable quantification */      /* Check a class for variable quantification */
1894    
 #ifdef SUPPORT_UTF8  
     case OP_XCLASS:  
     cc += GET(cc, 1) - 33;  
     /* Fall through */  
 #endif  
   
1895      case OP_CLASS:      case OP_CLASS:
1896      case OP_NCLASS:      case OP_NCLASS:
1897      cc += 33;  #if defined SUPPORT_UTF || defined COMPILE_PCRE16 || defined COMPILE_PCRE32
1898        case OP_XCLASS:
1899        /* The original code caused an unsigned overflow in 64 bit systems,
1900        so now we use a conditional statement. */
1901        if (op == OP_XCLASS)
1902          cc += GET(cc, 1);
1903        else
1904          cc += PRIV(OP_lengths)[OP_CLASS];
1905    #else
1906        cc += PRIV(OP_lengths)[OP_CLASS];
1907    #endif
1908    
1909      switch (*cc)      switch (*cc)
1910        {        {
1911        case OP_CRSTAR:        case OP_CRSTAR:
1912        case OP_CRMINSTAR:        case OP_CRMINSTAR:
1913          case OP_CRPLUS:
1914          case OP_CRMINPLUS:
1915        case OP_CRQUERY:        case OP_CRQUERY:
1916        case OP_CRMINQUERY:        case OP_CRMINQUERY:
1917          case OP_CRPOSSTAR:
1918          case OP_CRPOSPLUS:
1919          case OP_CRPOSQUERY:
1920        return -1;        return -1;
1921    
1922        case OP_CRRANGE:        case OP_CRRANGE:
1923        case OP_CRMINRANGE:        case OP_CRMINRANGE:
1924        if (GET2(cc,1) != GET2(cc,3)) return -1;        case OP_CRPOSRANGE:
1925        branchlength += GET2(cc,1);        if (GET2(cc,1) != GET2(cc,1+IMM2_SIZE)) return -1;
1926        cc += 5;        branchlength += (int)GET2(cc,1);
1927          cc += 1 + 2 * IMM2_SIZE;
1928        break;        break;
1929    
1930        default:        default:
# Line 1541  for (;;) Line 1934  for (;;)
1934    
1935      /* Anything else is variable length */      /* Anything else is variable length */
1936    
1937      default:      case OP_ANYNL:
1938        case OP_BRAMINZERO:
1939        case OP_BRAPOS:
1940        case OP_BRAPOSZERO:
1941        case OP_BRAZERO:
1942        case OP_CBRAPOS:
1943        case OP_EXTUNI:
1944        case OP_KETRMAX:
1945        case OP_KETRMIN:
1946        case OP_KETRPOS:
1947        case OP_MINPLUS:
1948        case OP_MINPLUSI:
1949        case OP_MINQUERY:
1950        case OP_MINQUERYI:
1951        case OP_MINSTAR:
1952        case OP_MINSTARI:
1953        case OP_MINUPTO:
1954        case OP_MINUPTOI:
1955        case OP_NOTMINPLUS:
1956        case OP_NOTMINPLUSI:
1957        case OP_NOTMINQUERY:
1958        case OP_NOTMINQUERYI:
1959        case OP_NOTMINSTAR:
1960        case OP_NOTMINSTARI:
1961        case OP_NOTMINUPTO:
1962        case OP_NOTMINUPTOI:
1963        case OP_NOTPLUS:
1964        case OP_NOTPLUSI:
1965        case OP_NOTPOSPLUS:
1966        case OP_NOTPOSPLUSI:
1967        case OP_NOTPOSQUERY:
1968        case OP_NOTPOSQUERYI:
1969        case OP_NOTPOSSTAR:
1970        case OP_NOTPOSSTARI:
1971        case OP_NOTPOSUPTO:
1972        case OP_NOTPOSUPTOI:
1973        case OP_NOTQUERY:
1974        case OP_NOTQUERYI:
1975        case OP_NOTSTAR:
1976        case OP_NOTSTARI:
1977        case OP_NOTUPTO:
1978        case OP_NOTUPTOI:
1979        case OP_PLUS:
1980        case OP_PLUSI:
1981        case OP_POSPLUS:
1982        case OP_POSPLUSI:
1983        case OP_POSQUERY:
1984        case OP_POSQUERYI:
1985        case OP_POSSTAR:
1986        case OP_POSSTARI:
1987        case OP_POSUPTO:
1988        case OP_POSUPTOI:
1989        case OP_QUERY:
1990        case OP_QUERYI:
1991        case OP_REF:
1992        case OP_REFI:
1993        case OP_DNREF:
1994        case OP_DNREFI:
1995        case OP_SBRA:
1996        case OP_SBRAPOS:
1997        case OP_SCBRA:
1998        case OP_SCBRAPOS:
1999        case OP_SCOND:
2000        case OP_SKIPZERO:
2001        case OP_STAR:
2002        case OP_STARI:
2003        case OP_TYPEMINPLUS:
2004        case OP_TYPEMINQUERY:
2005        case OP_TYPEMINSTAR:
2006        case OP_TYPEMINUPTO:
2007        case OP_TYPEPLUS:
2008        case OP_TYPEPOSPLUS:
2009        case OP_TYPEPOSQUERY:
2010        case OP_TYPEPOSSTAR:
2011        case OP_TYPEPOSUPTO:
2012        case OP_TYPEQUERY:
2013        case OP_TYPESTAR:
2014        case OP_TYPEUPTO:
2015        case OP_UPTO:
2016        case OP_UPTOI:
2017      return -1;      return -1;
2018    
2019        /* Catch unrecognized opcodes so that when new ones are added they
2020        are not forgotten, as has happened in the past. */
2021    
2022        default:
2023        return -4;
2024      }      }
2025    }    }
2026  /* Control never gets here */  /* Control never gets here */
# Line 1550  for (;;) Line 2028  for (;;)
2028    
2029    
2030    
   
2031  /*************************************************  /*************************************************
2032  *    Scan compiled regex for specific bracket    *  *    Scan compiled regex for specific bracket    *
2033  *************************************************/  *************************************************/
# Line 1563  length. Line 2040  length.
2040    
2041  Arguments:  Arguments:
2042    code        points to start of expression    code        points to start of expression
2043    utf8        TRUE in UTF-8 mode    utf         TRUE in UTF-8 / UTF-16 / UTF-32 mode
2044    number      the required bracket number or negative to find a lookbehind    number      the required bracket number or negative to find a lookbehind
2045    
2046  Returns:      pointer to the opcode for the bracket, or NULL if not found  Returns:      pointer to the opcode for the bracket, or NULL if not found
2047  */  */
2048    
2049  const uschar *  const pcre_uchar *
2050  _pcre_find_bracket(const uschar *code, BOOL utf8, int number)  PRIV(find_bracket)(const pcre_uchar *code, BOOL utf, int number)
2051  {  {
2052  for (;;)  for (;;)
2053    {    {
2054    register int c = *code;    register pcre_uchar c = *code;
2055    
2056    if (c == OP_END) return NULL;    if (c == OP_END) return NULL;
2057    
2058    /* XCLASS is used for classes that cannot be represented just by a bit    /* XCLASS is used for classes that cannot be represented just by a bit
# Line 1587  for (;;) Line 2065  for (;;)
2065    
2066    else if (c == OP_REVERSE)    else if (c == OP_REVERSE)
2067      {      {
2068      if (number < 0) return (uschar *)code;      if (number < 0) return (pcre_uchar *)code;
2069      code += _pcre_OP_lengths[c];      code += PRIV(OP_lengths)[c];
2070      }      }
2071    
2072    /* Handle capturing bracket */    /* Handle capturing bracket */
2073    
2074    else if (c == OP_CBRA)    else if (c == OP_CBRA || c == OP_SCBRA ||
2075               c == OP_CBRAPOS || c == OP_SCBRAPOS)
2076      {      {
2077      int n = GET2(code, 1+LINK_SIZE);      int n = (int)GET2(code, 1+LINK_SIZE);
2078      if (n == number) return (uschar *)code;      if (n == number) return (pcre_uchar *)code;
2079      code += _pcre_OP_lengths[c];      code += PRIV(OP_lengths)[c];
2080      }      }
2081    
2082    /* Otherwise, we can get the item's length from the table, except that for    /* Otherwise, we can get the item's length from the table, except that for
2083    repeated character types, we have to test for \p and \P, which have an extra    repeated character types, we have to test for \p and \P, which have an extra
2084    two bytes of parameters. */    two bytes of parameters, and for MARK/PRUNE/SKIP/THEN with an argument, we
2085      must add in its length. */
2086    
2087    else    else
2088      {      {
# Line 1624  for (;;) Line 2104  for (;;)
2104        case OP_TYPEMINUPTO:        case OP_TYPEMINUPTO:
2105        case OP_TYPEEXACT:        case OP_TYPEEXACT:
2106        case OP_TYPEPOSUPTO:        case OP_TYPEPOSUPTO:
2107        if (code[3] == OP_PROP || code[3] == OP_NOTPROP) code += 2;        if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2108            code += 2;
2109          break;
2110    
2111          case OP_MARK:
2112          case OP_PRUNE_ARG:
2113          case OP_SKIP_ARG:
2114          case OP_THEN_ARG:
2115          code += code[1];
2116        break;        break;
2117        }        }
2118    
2119      /* Add in the fixed length from the table */      /* Add in the fixed length from the table */
2120    
2121      code += _pcre_OP_lengths[c];      code += PRIV(OP_lengths)[c];
2122    
2123    /* In UTF-8 mode, opcodes that are followed by a character may be followed by    /* In UTF-8 mode, opcodes that are followed by a character may be followed by
2124    a multi-byte character. The length in the table is a minimum, so we have to    a multi-byte character. The length in the table is a minimum, so we have to
2125    arrange to skip the extra bytes. */    arrange to skip the extra bytes. */
2126    
2127  #ifdef SUPPORT_UTF8  #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2128      if (utf8) switch(c)      if (utf) switch(c)
2129        {        {
2130        case OP_CHAR:        case OP_CHAR:
2131        case OP_CHARNC:        case OP_CHARI:
2132          case OP_NOT:
2133          case OP_NOTI:
2134        case OP_EXACT:        case OP_EXACT:
2135          case OP_EXACTI:
2136          case OP_NOTEXACT:
2137          case OP_NOTEXACTI:
2138        case OP_UPTO:        case OP_UPTO:
2139          case OP_UPTOI:
2140          case OP_NOTUPTO:
2141          case OP_NOTUPTOI:
2142        case OP_MINUPTO:        case OP_MINUPTO:
2143          case OP_MINUPTOI:
2144          case OP_NOTMINUPTO:
2145          case OP_NOTMINUPTOI:
2146        case OP_POSUPTO:        case OP_POSUPTO:
2147          case OP_POSUPTOI:
2148          case OP_NOTPOSUPTO:
2149          case OP_NOTPOSUPTOI:
2150        case OP_STAR:        case OP_STAR:
2151          case OP_STARI:
2152          case OP_NOTSTAR:
2153          case OP_NOTSTARI:
2154        case OP_MINSTAR:        case OP_MINSTAR:
2155          case OP_MINSTARI:
2156          case OP_NOTMINSTAR:
2157          case OP_NOTMINSTARI:
2158        case OP_POSSTAR:        case OP_POSSTAR:
2159          case OP_POSSTARI:
2160          case OP_NOTPOSSTAR:
2161          case OP_NOTPOSSTARI:
2162        case OP_PLUS:        case OP_PLUS:
2163          case OP_PLUSI:
2164          case OP_NOTPLUS:
2165          case OP_NOTPLUSI:
2166        case OP_MINPLUS:        case OP_MINPLUS:
2167          case OP_MINPLUSI:
2168          case OP_NOTMINPLUS:
2169          case OP_NOTMINPLUSI:
2170        case OP_POSPLUS:        case OP_POSPLUS:
2171          case OP_POSPLUSI:
2172          case OP_NOTPOSPLUS:
2173          case OP_NOTPOSPLUSI:
2174        case OP_QUERY:        case OP_QUERY:
2175          case OP_QUERYI:
2176          case OP_NOTQUERY:
2177          case OP_NOTQUERYI:
2178        case OP_MINQUERY:        case OP_MINQUERY:
2179          case OP_MINQUERYI:
2180          case OP_NOTMINQUERY:
2181          case OP_NOTMINQUERYI:
2182        case OP_POSQUERY:        case OP_POSQUERY:
2183        if (code[-1] >= 0xc0) code += _pcre_utf8_table4[code[-1] & 0x3f];        case OP_POSQUERYI:
2184          case OP_NOTPOSQUERY:
2185          case OP_NOTPOSQUERYI:
2186          if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);
2187        break;        break;
2188        }        }
2189  #else  #else
2190      (void)(utf8);  /* Keep compiler happy by referencing function argument */      (void)(utf);  /* Keep compiler happy by referencing function argument */
2191  #endif  #endif
2192      }      }
2193    }    }
# Line 1675  instance of OP_RECURSE. Line 2204  instance of OP_RECURSE.
2204    
2205  Arguments:  Arguments:
2206    code        points to start of expression    code        points to start of expression
2207    utf8        TRUE in UTF-8 mode    utf         TRUE in UTF-8 / UTF-16 / UTF-32 mode
2208    
2209  Returns:      pointer to the opcode for OP_RECURSE, or NULL if not found  Returns:      pointer to the opcode for OP_RECURSE, or NULL if not found
2210  */  */
2211    
2212  static const uschar *  static const pcre_uchar *
2213  find_recurse(const uschar *code, BOOL utf8)  find_recurse(const pcre_uchar *code, BOOL utf)
2214  {  {
2215  for (;;)  for (;;)
2216    {    {
2217    register int c = *code;    register pcre_uchar c = *code;
2218    if (c == OP_END) return NULL;    if (c == OP_END) return NULL;
2219    if (c == OP_RECURSE) return code;    if (c == OP_RECURSE) return code;
2220    
# Line 1697  for (;;) Line 2226  for (;;)
2226    
2227    /* Otherwise, we can get the item's length from the table, except that for    /* Otherwise, we can get the item's length from the table, except that for
2228    repeated character types, we have to test for \p and \P, which have an extra    repeated character types, we have to test for \p and \P, which have an extra
2229    two bytes of parameters. */    two bytes of parameters, and for MARK/PRUNE/SKIP/THEN with an argument, we
2230      must add in its length. */
2231    
2232    else    else
2233      {      {
# Line 1719  for (;;) Line 2249  for (;;)
2249        case OP_TYPEUPTO:        case OP_TYPEUPTO:
2250        case OP_TYPEMINUPTO:        case OP_TYPEMINUPTO:
2251        case OP_TYPEEXACT:        case OP_TYPEEXACT:
2252        if (code[3] == OP_PROP || code[3] == OP_NOTPROP) code += 2;        if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2253            code += 2;
2254          break;
2255    
2256          case OP_MARK:
2257          case OP_PRUNE_ARG:
2258          case OP_SKIP_ARG:
2259          case OP_THEN_ARG:
2260          code += code[1];
2261        break;        break;
2262        }        }
2263    
2264      /* Add in the fixed length from the table */      /* Add in the fixed length from the table */
2265    
2266      code += _pcre_OP_lengths[c];      code += PRIV(OP_lengths)[c];
2267    
2268      /* In UTF-8 mode, opcodes that are followed by a character may be followed      /* In UTF-8 mode, opcodes that are followed by a character may be followed
2269      by a multi-byte character. The length in the table is a minimum, so we have      by a multi-byte character. The length in the table is a minimum, so we have
2270      to arrange to skip the extra bytes. */      to arrange to skip the extra bytes. */
2271    
2272  #ifdef SUPPORT_UTF8  #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2273      if (utf8) switch(c)      if (utf) switch(c)
2274        {        {
2275        case OP_CHAR:        case OP_CHAR:
2276        case OP_CHARNC:        case OP_CHARI:
2277          case OP_NOT:
2278          case OP_NOTI:
2279        case OP_EXACT:        case OP_EXACT:
2280          case OP_EXACTI:
2281          case OP_NOTEXACT:
2282          case OP_NOTEXACTI:
2283        case OP_UPTO:        case OP_UPTO:
2284          case OP_UPTOI:
2285          case OP_NOTUPTO:
2286          case OP_NOTUPTOI:
2287        case OP_MINUPTO:        case OP_MINUPTO:
2288          case OP_MINUPTOI:
2289          case OP_NOTMINUPTO:
2290          case OP_NOTMINUPTOI:
2291        case OP_POSUPTO:        case OP_POSUPTO:
2292          case OP_POSUPTOI:
2293          case OP_NOTPOSUPTO:
2294          case OP_NOTPOSUPTOI:
2295        case OP_STAR:        case OP_STAR:
2296          case OP_STARI:
2297          case OP_NOTSTAR:
2298          case OP_NOTSTARI:
2299        case OP_MINSTAR:        case OP_MINSTAR:
2300          case OP_MINSTARI:
2301          case OP_NOTMINSTAR:
2302          case OP_NOTMINSTARI:
2303        case OP_POSSTAR:        case OP_POSSTAR:
2304          case OP_POSSTARI:
2305          case OP_NOTPOSSTAR:
2306          case OP_NOTPOSSTARI:
2307        case OP_PLUS:        case OP_PLUS:
2308          case OP_PLUSI:
2309          case OP_NOTPLUS:
2310          case OP_NOTPLUSI:
2311        case OP_MINPLUS:        case OP_MINPLUS:
2312          case OP_MINPLUSI:
2313          case OP_NOTMINPLUS:
2314          case OP_NOTMINPLUSI:
2315        case OP_POSPLUS:        case OP_POSPLUS:
2316          case OP_POSPLUSI:
2317          case OP_NOTPOSPLUS:
2318          case OP_NOTPOSPLUSI:
2319        case OP_QUERY:        case OP_QUERY:
2320          case OP_QUERYI:
2321          case OP_NOTQUERY:
2322          case OP_NOTQUERYI:
2323        case OP_MINQUERY:        case OP_MINQUERY:
2324          case OP_MINQUERYI:
2325          case OP_NOTMINQUERY:
2326          case OP_NOTMINQUERYI:
2327        case OP_POSQUERY:        case OP_POSQUERY:
2328        if (code[-1] >= 0xc0) code += _pcre_utf8_table4[code[-1] & 0x3f];        case OP_POSQUERYI:
2329          case OP_NOTPOSQUERY:
2330          case OP_NOTPOSQUERYI:
2331          if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);
2332        break;        break;
2333        }        }
2334  #else  #else
2335      (void)(utf8);  /* Keep compiler happy by referencing function argument */      (void)(utf);  /* Keep compiler happy by referencing function argument */
2336  #endif  #endif
2337      }      }
2338    }    }
# Line 1776  bracket whose current branch will alread Line 2355  bracket whose current branch will alread
2355  Arguments:  Arguments:
2356    code        points to start of search    code        points to start of search
2357    endcode     points to where to stop    endcode     points to where to stop
2358    utf8        TRUE if in UTF8 mode    utf         TRUE if in UTF-8 / UTF-16 / UTF-32 mode
2359      cd          contains pointers to tables etc.
2360      recurses    chain of recurse_check to catch mutual recursion
2361    
2362  Returns:      TRUE if what is matched could be empty  Returns:      TRUE if what is matched could be empty
2363  */  */
2364    
2365    typedef struct recurse_check {
2366      struct recurse_check *prev;
2367      const pcre_uchar *group;
2368    } recurse_check;
2369    
2370  static BOOL  static BOOL
2371  could_be_empty_branch(const uschar *code, const uschar *endcode, BOOL utf8)  could_be_empty_branch(const pcre_uchar *code, const pcre_uchar *endcode,
2372      BOOL utf, compile_data *cd, recurse_check *recurses)
2373  {  {
2374  register int c;  register pcre_uchar c;
2375  for (code = first_significant_code(code + _pcre_OP_lengths[*code], NULL, 0, TRUE);  recurse_check this_recurse;
2376    
2377    for (code = first_significant_code(code + PRIV(OP_lengths)[*code], TRUE);
2378       code < endcode;       code < endcode;
2379       code = first_significant_code(code + _pcre_OP_lengths[c], NULL, 0, TRUE))       code = first_significant_code(code + PRIV(OP_lengths)[c], TRUE))
2380    {    {
2381    const uschar *ccode;    const pcre_uchar *ccode;
2382    
2383    c = *code;    c = *code;
2384    
# Line 1803  for (code = first_significant_code(code Line 2392  for (code = first_significant_code(code
2392      continue;      continue;
2393      }      }
2394    
2395      /* For a recursion/subroutine call, if its end has been reached, which
2396      implies a backward reference subroutine call, we can scan it. If it's a
2397      forward reference subroutine call, we can't. To detect forward reference
2398      we have to scan up the list that is kept in the workspace. This function is
2399      called only when doing the real compile, not during the pre-compile that
2400      measures the size of the compiled pattern. */
2401    
2402      if (c == OP_RECURSE)
2403        {
2404        const pcre_uchar *scode = cd->start_code + GET(code, 1);
2405        const pcre_uchar *endgroup = scode;
2406        BOOL empty_branch;
2407    
2408        /* Test for forward reference or uncompleted reference. This is disabled
2409        when called to scan a completed pattern by setting cd->start_workspace to
2410        NULL. */
2411    
2412        if (cd->start_workspace != NULL)
2413          {
2414          const pcre_uchar *tcode;
2415          for (tcode = cd->start_workspace; tcode < cd->hwm; tcode += LINK_SIZE)
2416            if ((int)GET(tcode, 0) == (int)(code + 1 - cd->start_code)) return TRUE;
2417          if (GET(scode, 1) == 0) return TRUE;    /* Unclosed */
2418          }
2419    
2420        /* If the reference is to a completed group, we need to detect whether this
2421        is a recursive call, as otherwise there will be an infinite loop. If it is
2422        a recursion, just skip over it. Simple recursions are easily detected. For
2423        mutual recursions we keep a chain on the stack. */
2424    
2425        do endgroup += GET(endgroup, 1); while (*endgroup == OP_ALT);
2426        if (code >= scode && code <= endgroup) continue;  /* Simple recursion */
2427        else
2428          {
2429          recurse_check *r = recurses;
2430          for (r = recurses; r != NULL; r = r->prev)
2431            if (r->group == scode) break;
2432          if (r != NULL) continue;   /* Mutual recursion */
2433          }
2434    
2435        /* Completed reference; scan the referenced group, remembering it on the
2436        stack chain to detect mutual recursions. */
2437    
2438        empty_branch = FALSE;
2439        this_recurse.prev = recurses;
2440        this_recurse.group = scode;
2441    
2442        do
2443          {
2444          if (could_be_empty_branch(scode, endcode, utf, cd, &this_recurse))
2445            {
2446            empty_branch = TRUE;
2447            break;
2448            }
2449          scode += GET(scode, 1);
2450          }
2451        while (*scode == OP_ALT);
2452    
2453        if (!empty_branch) return FALSE;  /* All branches are non-empty */
2454        continue;
2455        }
2456    
2457    /* Groups with zero repeats can of course be empty; skip them. */    /* Groups with zero repeats can of course be empty; skip them. */
2458    
2459    if (c == OP_BRAZERO || c == OP_BRAMINZERO || c == OP_SKIPZERO)    if (c == OP_BRAZERO || c == OP_BRAMINZERO || c == OP_SKIPZERO ||
2460          c == OP_BRAPOSZERO)
2461        {
2462        code += PRIV(OP_lengths)[c];
2463        do code += GET(code, 1); while (*code == OP_ALT);
2464        c = *code;
2465        continue;
2466        }
2467    
2468      /* A nested group that is already marked as "could be empty" can just be
2469      skipped. */
2470    
2471      if (c == OP_SBRA  || c == OP_SBRAPOS ||
2472          c == OP_SCBRA || c == OP_SCBRAPOS)
2473      {      {
     code += _pcre_OP_lengths[c];  
2474      do code += GET(code, 1); while (*code == OP_ALT);      do code += GET(code, 1); while (*code == OP_ALT);
2475      c = *code;      c = *code;
2476      continue;      continue;
# Line 1815  for (code = first_significant_code(code Line 2478  for (code = first_significant_code(code
2478    
2479    /* For other groups, scan the branches. */    /* For other groups, scan the branches. */
2480    
2481    if (c == OP_BRA || c == OP_CBRA || c == OP_ONCE || c == OP_COND)    if (c == OP_BRA  || c == OP_BRAPOS ||
2482          c == OP_CBRA || c == OP_CBRAPOS ||
2483          c == OP_ONCE || c == OP_ONCE_NC ||
2484          c == OP_COND)
2485      {      {
2486      BOOL empty_branch;      BOOL empty_branch;
2487      if (GET(code, 1) == 0) return TRUE;    /* Hit unclosed bracket */      if (GET(code, 1) == 0) return TRUE;    /* Hit unclosed bracket */
# Line 1831  for (code = first_significant_code(code Line 2497  for (code = first_significant_code(code
2497        empty_branch = FALSE;        empty_branch = FALSE;
2498        do        do
2499          {          {
2500          if (!empty_branch && could_be_empty_branch(code, endcode, utf8))          if (!empty_branch && could_be_empty_branch(code, endcode, utf, cd,
2501            empty_branch = TRUE;            recurses)) empty_branch = TRUE;
2502          code += GET(code, 1);          code += GET(code, 1);
2503          }          }
2504        while (*code == OP_ALT);        while (*code == OP_ALT);
# Line 1849  for (code = first_significant_code(code Line 2515  for (code = first_significant_code(code
2515      {      {
2516      /* Check for quantifiers after a class. XCLASS is used for classes that      /* Check for quantifiers after a class. XCLASS is used for classes that
2517      cannot be represented just by a bit map. This includes negated single      cannot be represented just by a bit map. This includes negated single
2518      high-valued characters. The length in _pcre_OP_lengths[] is zero; the      high-valued characters. The length in PRIV(OP_lengths)[] is zero; the
2519      actual length is stored in the compiled code, so we must update "code"      actual length is stored in the compiled code, so we must update "code"
2520      here. */      here. */
2521    
2522  #ifdef SUPPORT_UTF8  #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
2523      case OP_XCLASS:      case OP_XCLASS:
2524      ccode = code += GET(code, 1);      ccode = code += GET(code, 1);
2525      goto CHECK_CLASS_REPEAT;      goto CHECK_CLASS_REPEAT;
# Line 1861  for (code = first_significant_code(code Line 2527  for (code = first_significant_code(code
2527    
2528      case OP_CLASS:      case OP_CLASS:
2529      case OP_NCLASS:      case OP_NCLASS:
2530      ccode = code + 33;      ccode = code + PRIV(OP_lengths)[OP_CLASS];
2531    
2532  #ifdef SUPPORT_UTF8  #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
2533      CHECK_CLASS_REPEAT:      CHECK_CLASS_REPEAT:
2534  #endif  #endif
2535    
# Line 1873  for (code = first_significant_code(code Line 2539  for (code = first_significant_code(code
2539        case OP_CRMINSTAR:        case OP_CRMINSTAR:
2540        case OP_CRQUERY:        case OP_CRQUERY:
2541        case OP_CRMINQUERY:        case OP_CRMINQUERY:
2542          case OP_CRPOSSTAR:
2543          case OP_CRPOSQUERY:
2544        break;        break;
2545    
2546        default:                   /* Non-repeat => class must match */        default:                   /* Non-repeat => class must match */
2547        case OP_CRPLUS:            /* These repeats aren't empty */        case OP_CRPLUS:            /* These repeats aren't empty */
2548        case OP_CRMINPLUS:        case OP_CRMINPLUS:
2549          case OP_CRPOSPLUS:
2550        return FALSE;        return FALSE;
2551    
2552        case OP_CRRANGE:        case OP_CRRANGE:
2553        case OP_CRMINRANGE:        case OP_CRMINRANGE:
2554          case OP_CRPOSRANGE:
2555        if (GET2(ccode, 1) > 0) return FALSE;  /* Minimum > 0 */        if (GET2(ccode, 1) > 0) return FALSE;  /* Minimum > 0 */
2556        break;        break;
2557        }        }
# Line 1889  for (code = first_significant_code(code Line 2559  for (code = first_significant_code(code
2559    
2560      /* Opcodes that must match a character */      /* Opcodes that must match a character */
2561    
2562        case OP_ANY:
2563        case OP_ALLANY:
2564        case OP_ANYBYTE:
2565    
2566      case OP_PROP:      case OP_PROP:
2567      case OP_NOTPROP:      case OP_NOTPROP:
2568        case OP_ANYNL:
2569    
2570        case OP_NOT_HSPACE:
2571        case OP_HSPACE:
2572        case OP_NOT_VSPACE:
2573        case OP_VSPACE:
2574      case OP_EXTUNI:      case OP_EXTUNI:
2575    
2576      case OP_NOT_DIGIT:      case OP_NOT_DIGIT:
2577      case OP_DIGIT:      case OP_DIGIT:
2578      case OP_NOT_WHITESPACE:      case OP_NOT_WHITESPACE:
2579      case OP_WHITESPACE:      case OP_WHITESPACE:
2580      case OP_NOT_WORDCHAR:      case OP_NOT_WORDCHAR:
2581      case OP_WORDCHAR:      case OP_WORDCHAR:
2582      case OP_ANY:  
     case OP_ALLANY:  
     case OP_ANYBYTE:  
2583      case OP_CHAR:      case OP_CHAR:
2584      case OP_CHARNC:      case OP_CHARI:
2585      case OP_NOT:      case OP_NOT:
2586        case OP_NOTI:
2587    
2588      case OP_PLUS:      case OP_PLUS:
2589        case OP_PLUSI:
2590      case OP_MINPLUS:      case OP_MINPLUS:
2591      case OP_POSPLUS:      case OP_MINPLUSI:
2592      case OP_EXACT:  
2593      case OP_NOTPLUS:      case OP_NOTPLUS:
2594        case OP_NOTPLUSI:
2595      case OP_NOTMINPLUS:      case OP_NOTMINPLUS:
2596        case OP_NOTMINPLUSI:
2597    
2598        case OP_POSPLUS:
2599        case OP_POSPLUSI:
2600      case OP_NOTPOSPLUS:      case OP_NOTPOSPLUS:
2601        case OP_NOTPOSPLUSI:
2602    
2603        case OP_EXACT:
2604        case OP_EXACTI:
2605      case OP_NOTEXACT:      case OP_NOTEXACT:
2606        case OP_NOTEXACTI:
2607    
2608      case OP_TYPEPLUS:      case OP_TYPEPLUS:
2609      case OP_TYPEMINPLUS:      case OP_TYPEMINPLUS:
2610      case OP_TYPEPOSPLUS:      case OP_TYPEPOSPLUS:
2611      case OP_TYPEEXACT:      case OP_TYPEEXACT:
2612    
2613      return FALSE;      return FALSE;
2614    
2615      /* These are going to continue, as they may be empty, but we have to      /* These are going to continue, as they may be empty, but we have to
2616      fudge the length for the \p and \P cases. */      fudge the length for the \p and \P cases. */
2617    
2618        case OP_TYPESTAR:
2619        case OP_TYPEMINSTAR:
2620        case OP_TYPEPOSSTAR:
2621        case OP_TYPEQUERY:
2622        case OP_TYPEMINQUERY:
2623        case OP_TYPEPOSQUERY:
2624        if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2625        break;
2626    
2627        /* Same for these */
2628    
2629        case OP_TYPEUPTO:
2630        case OP_TYPEMINUPTO:
2631        case OP_TYPEPOSUPTO:
2632        if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2633          code += 2;
2634        break;
2635    
2636        /* End of branch */
2637    
2638        case OP_KET:
2639        case OP_KETRMAX:
2640        case OP_KETRMIN:
2641        case OP_KETRPOS:
2642        case OP_ALT:
2643        return TRUE;
2644    
2645        /* In UTF-8 mode, STAR, MINSTAR, POSSTAR, QUERY, MINQUERY, POSQUERY, UPTO,
2646        MINUPTO, and POSUPTO and their caseless and negative versions may be
2647        followed by a multibyte character. */
2648    
2649    #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2650        case OP_STAR:
2651        case OP_STARI:
2652        case OP_NOTSTAR:
2653        case OP_NOTSTARI:
2654    
2655        case OP_MINSTAR:
2656        case OP_MINSTARI:
2657        case OP_NOTMINSTAR:
2658        case OP_NOTMINSTARI:
2659    
2660        case OP_POSSTAR:
2661        case OP_POSSTARI:
2662        case OP_NOTPOSSTAR:
2663        case OP_NOTPOSSTARI:
2664    
2665        case OP_QUERY:
2666        case OP_QUERYI:
2667        case OP_NOTQUERY:
2668        case OP_NOTQUERYI:
2669    
2670        case OP_MINQUERY:
2671        case OP_MINQUERYI:
2672        case OP_NOTMINQUERY:
2673        case OP_NOTMINQUERYI:
2674    
2675        case OP_POSQUERY:
2676        case OP_POSQUERYI:
2677        case OP_NOTPOSQUERY:
2678        case OP_NOTPOSQUERYI:
2679    
2680        if (utf && HAS_EXTRALEN(code[1])) code += GET_EXTRALEN(code[1]);
2681        break;
2682    
2683        case OP_UPTO:
2684        case OP_UPTOI:
2685        case OP_NOTUPTO:
2686        case OP_NOTUPTOI:
2687    
2688        case OP_MINUPTO:
2689        case OP_MINUPTOI:
2690        case OP_NOTMINUPTO:
2691        case OP_NOTMINUPTOI:
2692    
2693        case OP_POSUPTO:
2694        case OP_POSUPTOI:
2695        case OP_NOTPOSUPTO:
2696        case OP_NOTPOSUPTOI:
2697    
2698        if (utf && HAS_EXTRALEN(code[1 + IMM2_SIZE])) code += GET_EXTRALEN(code[1 + IMM2_SIZE]);
2699        break;
2700    #endif
2701    
2702        /* MARK, and PRUNE/SKIP/THEN with an argument must skip over the argument
2703        string. */
2704    
2705        case OP_MARK:
2706        case OP_PRUNE_ARG:
2707        case OP_SKIP_ARG:
2708        case OP_THEN_ARG:
2709        code += code[1];
2710        break;
2711    
2712        /* None of the remaining opcodes are required to match a character. */
2713    
2714        default:
2715        break;
2716        }
2717      }
2718    
2719    return TRUE;
2720    }
2721    
2722    
2723    
2724    /*************************************************
2725    *    Scan compiled regex for non-emptiness       *
2726    *************************************************/
2727    
2728    /* This function is called to check for left recursive calls. We want to check
2729    the current branch of the current pattern to see if it could match the empty
2730    string. If it could, we must look outwards for branches at other levels,
2731    stopping when we pass beyond the bracket which is the subject of the recursion.
2732    This function is called only during the real compile, not during the
2733    pre-compile.
2734    
2735    Arguments:
2736      code        points to start of the recursion
2737      endcode     points to where to stop (current RECURSE item)
2738      bcptr       points to the chain of current (unclosed) branch starts
2739      utf         TRUE if in UTF-8 / UTF-16 / UTF-32 mode
2740      cd          pointers to tables etc
2741    
2742    Returns:      TRUE if what is matched could be empty
2743    */
2744    
2745    static BOOL
2746    could_be_empty(const pcre_uchar *code, const pcre_uchar *endcode,
2747      branch_chain *bcptr, BOOL utf, compile_data *cd)
2748    {
2749    while (bcptr != NULL && bcptr->current_branch >= code)
2750      {
2751      if (!could_be_empty_branch(bcptr->current_branch, endcode, utf, cd, NULL))
2752        return FALSE;
2753      bcptr = bcptr->outer;
2754      }
2755    return TRUE;
2756    }
2757    
2758    
2759    
2760    /*************************************************
2761    *        Base opcode of repeated opcodes         *
2762    *************************************************/
2763    
2764    /* Returns the base opcode for repeated single character type opcodes. If the
2765    opcode is not a repeated character type, it returns with the original value.
2766    
2767    Arguments:  c opcode
2768    Returns:    base opcode for the type
2769    */
2770    
2771    static pcre_uchar
2772    get_repeat_base(pcre_uchar c)
2773    {
2774    return (c > OP_TYPEPOSUPTO)? c :
2775           (c >= OP_TYPESTAR)?   OP_TYPESTAR :
2776           (c >= OP_NOTSTARI)?   OP_NOTSTARI :
2777           (c >= OP_NOTSTAR)?    OP_NOTSTAR :
2778           (c >= OP_STARI)?      OP_STARI :
2779                                 OP_STAR;
2780    }
2781    
2782    
2783    
2784    #ifdef SUPPORT_UCP
2785    /*************************************************
2786    *        Check a character and a property        *
2787    *************************************************/
2788    
2789    /* This function is called by check_auto_possessive() when a property item
2790    is adjacent to a fixed character.
2791    
2792    Arguments:
2793      c            the character
2794      ptype        the property type
2795      pdata        the data for the type
2796      negated      TRUE if it's a negated property (\P or \p{^)
2797    
2798    Returns:       TRUE if auto-possessifying is OK
2799    */
2800    
2801    static BOOL
2802    check_char_prop(pcre_uint32 c, unsigned int ptype, unsigned int pdata,
2803      BOOL negated)
2804    {
2805    const pcre_uint32 *p;
2806    const ucd_record *prop = GET_UCD(c);
2807    
2808    switch(ptype)
2809      {
2810      case PT_LAMP:
2811      return (prop->chartype == ucp_Lu ||
2812              prop->chartype == ucp_Ll ||
2813              prop->chartype == ucp_Lt) == negated;
2814    
2815      case PT_GC:
2816      return (pdata == PRIV(ucp_gentype)[prop->chartype]) == negated;
2817    
2818      case PT_PC:
2819      return (pdata == prop->chartype) == negated;
2820    
2821      case PT_SC:
2822      return (pdata == prop->script) == negated;
2823    
2824      /* These are specials */
2825    
2826      case PT_ALNUM:
2827      return (PRIV(ucp_gentype)[prop->chartype] == ucp_L ||
2828              PRIV(ucp_gentype)[prop->chartype] == ucp_N) == negated;
2829    
2830      /* Perl space used to exclude VT, but from Perl 5.18 it is included, which
2831      means that Perl space and POSIX space are now identical. PCRE was changed
2832      at release 8.34. */
2833    
2834      case PT_SPACE:    /* Perl space */
2835      case PT_PXSPACE:  /* POSIX space */
2836      switch(c)
2837        {
2838        HSPACE_CASES:
2839        VSPACE_CASES:
2840        return negated;
2841    
2842        default:
2843        return (PRIV(ucp_gentype)[prop->chartype] == ucp_Z) == negated;
2844        }
2845      break;  /* Control never reaches here */
2846    
2847      case PT_WORD:
2848      return (PRIV(ucp_gentype)[prop->chartype] == ucp_L ||
2849              PRIV(ucp_gentype)[prop->chartype] == ucp_N ||
2850              c == CHAR_UNDERSCORE) == negated;
2851    
2852      case PT_CLIST:
2853      p = PRIV(ucd_caseless_sets) + prop->caseset;
2854      for (;;)
2855        {
2856        if (c < *p) return !negated;
2857        if (c == *p++) return negated;
2858        }
2859      break;  /* Control never reaches here */
2860      }
2861    
2862    return FALSE;
2863    }
2864    #endif  /* SUPPORT_UCP */
2865    
2866    
2867    
2868    /*************************************************
2869    *        Fill the character property list        *
2870    *************************************************/
2871    
2872    /* Checks whether the code points to an opcode that can take part in auto-
2873    possessification, and if so, fills a list with its properties.
2874    
2875    Arguments:
2876      code        points to start of expression
2877      utf         TRUE if in UTF-8 / UTF-16 / UTF-32 mode
2878      fcc         points to case-flipping table
2879      list        points to output list
2880                  list[0] will be filled with the opcode
2881                  list[1] will be non-zero if this opcode
2882                    can match an empty character string
2883                  list[2..7] depends on the opcode
2884    
2885    Returns:      points to the start of the next opcode if *code is accepted
2886                  NULL if *code is not accepted
2887    */
2888    
2889    static const pcre_uchar *
2890    get_chr_property_list(const pcre_uchar *code, BOOL utf,
2891      const pcre_uint8 *fcc, pcre_uint32 *list)
2892    {
2893    pcre_uchar c = *code;
2894    pcre_uchar base;
2895    const pcre_uchar *end;
2896    pcre_uint32 chr;
2897    
2898    #ifdef SUPPORT_UCP
2899    pcre_uint32 *clist_dest;
2900    const pcre_uint32 *clist_src;
2901    #else
2902    utf = utf;  /* Suppress "unused parameter" compiler warning */
2903    #endif
2904    
2905    list[0] = c;
2906    list[1] = FALSE;
2907    code++;
2908    
2909    if (c >= OP_STAR && c <= OP_TYPEPOSUPTO)
2910      {
2911      base = get_repeat_base(c);
2912      c -= (base - OP_STAR);
2913    
2914      if (c == OP_UPTO || c == OP_MINUPTO || c == OP_EXACT || c == OP_POSUPTO)
2915        code += IMM2_SIZE;
2916    
2917      list[1] = (c != OP_PLUS && c != OP_MINPLUS && c != OP_EXACT && c != OP_POSPLUS);
2918    
2919      switch(base)
2920        {
2921        case OP_STAR:
2922        list[0] = OP_CHAR;
2923        break;
2924    
2925        case OP_STARI:
2926        list[0] = OP_CHARI;
2927        break;
2928    
2929        case OP_NOTSTAR:
2930        list[0] = OP_NOT;
2931        break;
2932    
2933        case OP_NOTSTARI:
2934        list[0] = OP_NOTI;
2935        break;
2936    
2937        case OP_TYPESTAR:
2938        list[0] = *code;
2939        code++;
2940        break;
2941        }
2942      c = list[0];
2943      }
2944    
2945    switch(c)
2946      {
2947      case OP_NOT_DIGIT:
2948      case OP_DIGIT:
2949      case OP_NOT_WHITESPACE:
2950      case OP_WHITESPACE:
2951      case OP_NOT_WORDCHAR:
2952      case OP_WORDCHAR:
2953      case OP_ANY:
2954      case OP_ALLANY:
2955      case OP_ANYNL:
2956      case OP_NOT_HSPACE:
2957      case OP_HSPACE:
2958      case OP_NOT_VSPACE:
2959      case OP_VSPACE:
2960      case OP_EXTUNI:
2961      case OP_EODN:
2962      case OP_EOD:
2963      case OP_DOLL:
2964      case OP_DOLLM:
2965      return code;
2966    
2967      case OP_CHAR:
2968      case OP_NOT:
2969      GETCHARINCTEST(chr, code);
2970      list[2] = chr;
2971      list[3] = NOTACHAR;
2972      return code;
2973    
2974      case OP_CHARI:
2975      case OP_NOTI:
2976      list[0] = (c == OP_CHARI) ? OP_CHAR : OP_NOT;
2977      GETCHARINCTEST(chr, code);
2978      list[2] = chr;
2979    
2980    #ifdef SUPPORT_UCP
2981      if (chr < 128 || (chr < 256 && !utf))
2982        list[3] = fcc[chr];
2983      else
2984        list[3] = UCD_OTHERCASE(chr);
2985    #elif defined SUPPORT_UTF || !defined COMPILE_PCRE8
2986      list[3] = (chr < 256) ? fcc[chr] : chr;
2987    #else
2988      list[3] = fcc[chr];
2989    #endif
2990    
2991      /* The othercase might be the same value. */
2992    
2993      if (chr == list[3])
2994        list[3] = NOTACHAR;
2995      else
2996        list[4] = NOTACHAR;
2997      return code;
2998    
2999    #ifdef SUPPORT_UCP
3000      case OP_PROP:
3001      case OP_NOTPROP:
3002      if (code[0] != PT_CLIST)
3003        {
3004        list[2] = code[0];
3005        list[3] = code[1];
3006        return code + 2;
3007        }
3008    
3009      /* Convert only if we have enough space. */
3010    
3011      clist_src = PRIV(ucd_caseless_sets) + code[1];
3012      clist_dest = list + 2;
3013      code += 2;
3014    
3015      do {
3016         if (clist_dest >= list + 8)
3017           {
3018           /* Early return if there is not enough space. This should never
3019           happen, since all clists are shorter than 5 character now. */
3020           list[2] = code[0];
3021           list[3] = code[1];
3022           return code;
3023           }
3024         *clist_dest++ = *clist_src;
3025         }
3026      while(*clist_src++ != NOTACHAR);
3027    
3028      /* All characters are stored. The terminating NOTACHAR
3029      is copied form the clist itself. */
3030    
3031      list[0] = (c == OP_PROP) ? OP_CHAR : OP_NOT;
3032      return code;
3033    #endif
3034    
3035      case OP_NCLASS:
3036      case OP_CLASS:
3037    #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3038      case OP_XCLASS:
3039      if (c == OP_XCLASS)
3040        end = code + GET(code, 0) - 1;
3041      else
3042    #endif
3043        end = code + 32 / sizeof(pcre_uchar);
3044    
3045      switch(*end)
3046        {
3047        case OP_CRSTAR:
3048        case OP_CRMINSTAR:
3049        case OP_CRQUERY:
3050        case OP_CRMINQUERY:
3051        case OP_CRPOSSTAR:
3052        case OP_CRPOSQUERY:
3053        list[1] = TRUE;
3054        end++;
3055        break;
3056    
3057        case OP_CRPLUS:
3058        case OP_CRMINPLUS:
3059        case OP_CRPOSPLUS:
3060        end++;
3061        break;
3062    
3063        case OP_CRRANGE:
3064        case OP_CRMINRANGE:
3065        case OP_CRPOSRANGE:
3066        list[1] = (GET2(end, 1) == 0);
3067        end += 1 + 2 * IMM2_SIZE;
3068        break;
3069        }
3070      list[2] = (pcre_uint32)(end - code);
3071      return end;
3072      }
3073    return NULL;    /* Opcode not accepted */
3074    }
3075    
3076    
3077    
3078    /*************************************************
3079    *    Scan further character sets for match       *
3080    *************************************************/
3081    
3082    /* Checks whether the base and the current opcode have a common character, in
3083    which case the base cannot be possessified.
3084    
3085    Arguments:
3086      code        points to the byte code
3087      utf         TRUE in UTF-8 / UTF-16 / UTF-32 mode
3088      cd          static compile data
3089      base_list   the data list of the base opcode
3090    
3091    Returns:      TRUE if the auto-possessification is possible
3092    */
3093    
3094    static BOOL
3095    compare_opcodes(const pcre_uchar *code, BOOL utf, const compile_data *cd,
3096      const pcre_uint32 *base_list, const pcre_uchar *base_end, int *rec_limit)
3097    {
3098    pcre_uchar c;
3099    pcre_uint32 list[8];
3100    const pcre_uint32 *chr_ptr;
3101    const pcre_uint32 *ochr_ptr;
3102    const pcre_uint32 *list_ptr;
3103    const pcre_uchar *next_code;
3104    #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3105    const pcre_uchar *xclass_flags;
3106    #endif
3107    const pcre_uint8 *class_bitset;
3108    const pcre_uint8 *set1, *set2, *set_end;
3109    pcre_uint32 chr;
3110    BOOL accepted, invert_bits;
3111    BOOL entered_a_group = FALSE;
3112    
3113    if (*rec_limit == 0) return FALSE;
3114    --(*rec_limit);
3115    
3116    /* Note: the base_list[1] contains whether the current opcode has greedy
3117    (represented by a non-zero value) quantifier. This is a different from
3118    other character type lists, which stores here that the character iterator
3119    matches to an empty string (also represented by a non-zero value). */
3120    
3121    for(;;)
3122      {
3123      /* All operations move the code pointer forward.
3124      Therefore infinite recursions are not possible. */
3125    
3126      c = *code;
3127    
3128      /* Skip over callouts */
3129    
3130      if (c == OP_CALLOUT)
3131        {
3132        code += PRIV(OP_lengths)[c];
3133        continue;
3134        }
3135    
3136      if (c == OP_ALT)
3137        {
3138        do code += GET(code, 1); while (*code == OP_ALT);
3139        c = *code;
3140        }
3141    
3142      switch(c)
3143        {
3144        case OP_END:
3145        case OP_KETRPOS:
3146        /* TRUE only in greedy case. The non-greedy case could be replaced by
3147        an OP_EXACT, but it is probably not worth it. (And note that OP_EXACT
3148        uses more memory, which we cannot get at this stage.) */
3149    
3150        return base_list[1] != 0;
3151    
3152        case OP_KET:
3153        /* If the bracket is capturing, and referenced by an OP_RECURSE, or
3154        it is an atomic sub-pattern (assert, once, etc.) the non-greedy case
3155        cannot be converted to a possessive form. */
3156    
3157        if (base_list[1] == 0) return FALSE;
3158    
3159        switch(*(code - GET(code, 1)))
3160          {
3161          case OP_ASSERT:
3162          case OP_ASSERT_NOT:
3163          case OP_ASSERTBACK:
3164          case OP_ASSERTBACK_NOT:
3165          case OP_ONCE:
3166          case OP_ONCE_NC:
3167          /* Atomic sub-patterns and assertions can always auto-possessify their
3168          last iterator. However, if the group was entered as a result of checking
3169          a previous iterator, this is not possible. */
3170    
3171          return !entered_a_group;
3172          }
3173    
3174        code += PRIV(OP_lengths)[c];
3175        continue;
3176    
3177        case OP_ONCE:
3178        case OP_ONCE_NC:
3179        case OP_BRA:
3180        case OP_CBRA:
3181        next_code = code + GET(code, 1);
3182        code += PRIV(OP_lengths)[c];
3183    
3184        while (*next_code == OP_ALT)
3185          {
3186          if (!compare_opcodes(code, utf, cd, base_list, base_end, rec_limit))
3187            return FALSE;
3188          code = next_code + 1 + LINK_SIZE;
3189          next_code += GET(next_code, 1);
3190          }
3191    
3192        entered_a_group = TRUE;
3193        continue;
3194    
3195        case OP_BRAZERO:
3196        case OP_BRAMINZERO:
3197    
3198        next_code = code + 1;
3199        if (*next_code != OP_BRA && *next_code != OP_CBRA
3200            && *next_code != OP_ONCE && *next_code != OP_ONCE_NC) return FALSE;
3201    
3202        do next_code += GET(next_code, 1); while (*next_code == OP_ALT);
3203    
3204        /* The bracket content will be checked by the
3205        OP_BRA/OP_CBRA case above. */
3206        next_code += 1 + LINK_SIZE;
3207        if (!compare_opcodes(next_code, utf, cd, base_list, base_end, rec_limit))
3208          return FALSE;
3209    
3210        code += PRIV(OP_lengths)[c];
3211        continue;
3212    
3213        default:
3214        break;
3215        }
3216    
3217      /* Check for a supported opcode, and load its properties. */
3218    
3219      code = get_chr_property_list(code, utf, cd->fcc, list);
3220      if (code == NULL) return FALSE;    /* Unsupported */
3221    
3222      /* If either opcode is a small character list, set pointers for comparing
3223      characters from that list with another list, or with a property. */
3224    
3225      if (base_list[0] == OP_CHAR)
3226        {
3227        chr_ptr = base_list + 2;
3228        list_ptr = list;
3229        }
3230      else if (list[0] == OP_CHAR)
3231        {
3232        chr_ptr = list + 2;
3233        list_ptr = base_list;
3234        }
3235    
3236      /* Character bitsets can also be compared to certain opcodes. */
3237    
3238      else if (base_list[0] == OP_CLASS || list[0] == OP_CLASS
3239    #ifdef COMPILE_PCRE8
3240          /* In 8 bit, non-UTF mode, OP_CLASS and OP_NCLASS are the same. */
3241          || (!utf && (base_list[0] == OP_NCLASS || list[0] == OP_NCLASS))
3242    #endif
3243          )
3244        {
3245    #ifdef COMPILE_PCRE8
3246        if (base_list[0] == OP_CLASS || (!utf && base_list[0] == OP_NCLASS))
3247    #else
3248        if (base_list[0] == OP_CLASS)
3249    #endif
3250          {
3251          set1 = (pcre_uint8 *)(base_end - base_list[2]);
3252          list_ptr = list;
3253          }
3254        else
3255          {
3256          set1 = (pcre_uint8 *)(code - list[2]);
3257          list_ptr = base_list;
3258          }
3259    
3260        invert_bits = FALSE;
3261        switch(list_ptr[0])
3262          {
3263          case OP_CLASS:
3264          case OP_NCLASS:
3265          set2 = (pcre_uint8 *)
3266            ((list_ptr == list ? code : base_end) - list_ptr[2]);
3267          break;
3268    
3269    #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3270          case OP_XCLASS:
3271          xclass_flags = (list_ptr == list ? code : base_end) - list_ptr[2] + LINK_SIZE;
3272          if ((*xclass_flags & XCL_HASPROP) != 0) return FALSE;
3273          if ((*xclass_flags & XCL_MAP) == 0)
3274            {
3275            /* No bits are set for characters < 256. */
3276            if (list[1] == 0) return TRUE;
3277            /* Might be an empty repeat. */
3278            continue;
3279            }
3280          set2 = (pcre_uint8 *)(xclass_flags + 1);
3281          break;
3282    #endif
3283    
3284          case OP_NOT_DIGIT:
3285          invert_bits = TRUE;
3286          /* Fall through */
3287          case OP_DIGIT:
3288          set2 = (pcre_uint8 *)(cd->cbits + cbit_digit);
3289          break;
3290    
3291          case OP_NOT_WHITESPACE:
3292          invert_bits = TRUE;
3293          /* Fall through */
3294          case OP_WHITESPACE:
3295          set2 = (pcre_uint8 *)(cd->cbits + cbit_space);
3296          break;
3297    
3298          case OP_NOT_WORDCHAR:
3299          invert_bits = TRUE;
3300          /* Fall through */
3301          case OP_WORDCHAR:
3302          set2 = (pcre_uint8 *)(cd->cbits + cbit_word);
3303          break;
3304    
3305          default:
3306          return FALSE;
3307          }
3308    
3309        /* Because the sets are unaligned, we need
3310        to perform byte comparison here. */
3311        set_end = set1 + 32;
3312        if (invert_bits)
3313          {
3314          do
3315            {
3316            if ((*set1++ & ~(*set2++)) != 0) return FALSE;
3317            }
3318          while (set1 < set_end);
3319          }
3320        else
3321          {
3322          do
3323            {
3324            if ((*set1++ & *set2++) != 0) return FALSE;
3325            }
3326          while (set1 < set_end);
3327          }
3328    
3329        if (list[1] == 0) return TRUE;
3330        /* Might be an empty repeat. */
3331        continue;
3332        }
3333    
3334      /* Some property combinations also acceptable. Unicode property opcodes are
3335      processed specially; the rest can be handled with a lookup table. */
3336    
3337      else
3338        {
3339        pcre_uint32 leftop, rightop;
3340    
3341        leftop = base_list[0];
3342        rightop = list[0];
3343    
3344    #ifdef SUPPORT_UCP
3345        accepted = FALSE; /* Always set in non-unicode case. */
3346        if (leftop == OP_PROP || leftop == OP_NOTPROP)
3347          {
3348          if (rightop == OP_EOD)
3349            accepted = TRUE;
3350          else if (rightop == OP_PROP || rightop == OP_NOTPROP)
3351            {
3352            int n;
3353            const pcre_uint8 *p;
3354            BOOL same = leftop == rightop;
3355            BOOL lisprop = leftop == OP_PROP;
3356            BOOL risprop = rightop == OP_PROP;
3357            BOOL bothprop = lisprop && risprop;
3358    
3359            /* There's a table that specifies how each combination is to be
3360            processed:
3361              0   Always return FALSE (never auto-possessify)
3362              1   Character groups are distinct (possessify if both are OP_PROP)
3363              2   Check character categories in the same group (general or particular)
3364              3   Return TRUE if the two opcodes are not the same
3365              ... see comments below
3366            */
3367    
3368            n = propposstab[base_list[2]][list[2]];
3369            switch(n)
3370              {
3371              case 0: break;
3372              case 1: accepted = bothprop; break;
3373              case 2: accepted = (base_list[3] == list[3]) != same; break;
3374              case 3: accepted = !same; break;
3375    
3376              case 4:  /* Left general category, right particular category */
3377              accepted = risprop && catposstab[base_list[3]][list[3]] == same;
3378              break;
3379    
3380              case 5:  /* Right general category, left particular category */
3381              accepted = lisprop && catposstab[list[3]][base_list[3]] == same;
3382              break;
3383    
3384              /* This code is logically tricky. Think hard before fiddling with it.
3385              The posspropstab table has four entries per row. Each row relates to
3386              one of PCRE's special properties such as ALNUM or SPACE or WORD.
3387              Only WORD actually needs all four entries, but using repeats for the
3388              others means they can all use the same code below.
3389    
3390              The first two entries in each row are Unicode general categories, and
3391              apply always, because all the characters they include are part of the
3392              PCRE character set. The third and fourth entries are a general and a
3393              particular category, respectively, that include one or more relevant
3394              characters. One or the other is used, depending on whether the check
3395              is for a general or a particular category. However, in both cases the
3396              category contains more characters than the specials that are defined
3397              for the property being tested against. Therefore, it cannot be used
3398              in a NOTPROP case.
3399    
3400              Example: the row for WORD contains ucp_L, ucp_N, ucp_P, ucp_Po.
3401              Underscore is covered by ucp_P or ucp_Po. */
3402    
3403              case 6:  /* Left alphanum vs right general category */
3404              case 7:  /* Left space vs right general category */
3405              case 8:  /* Left word vs right general category */
3406              p = posspropstab[n-6];
3407              accepted = risprop && lisprop ==
3408                (list[3] != p[0] &&
3409                 list[3] != p[1] &&
3410                (list[3] != p[2] || !lisprop));
3411              break;
3412    
3413              case 9:   /* Right alphanum vs left general category */
3414              case 10:  /* Right space vs left general category */
3415              case 11:  /* Right word vs left general category */
3416              p = posspropstab[n-9];
3417              accepted = lisprop && risprop ==
3418                (base_list[3] != p[0] &&
3419                 base_list[3] != p[1] &&
3420                (base_list[3] != p[2] || !risprop));
3421              break;
3422    
3423              case 12:  /* Left alphanum vs right particular category */
3424              case 13:  /* Left space vs right particular category */
3425              case 14:  /* Left word vs right particular category */
3426              p = posspropstab[n-12];
3427              accepted = risprop && lisprop ==
3428                (catposstab[p[0]][list[3]] &&
3429                 catposstab[p[1]][list[3]] &&
3430                (list[3] != p[3] || !lisprop));
3431              break;
3432    
3433              case 15:  /* Right alphanum vs left particular category */
3434              case 16:  /* Right space vs left particular category */
3435              case 17:  /* Right word vs left particular category */
3436              p = posspropstab[n-15];
3437              accepted = lisprop && risprop ==
3438                (catposstab[p[0]][base_list[3]] &&
3439                 catposstab[p[1]][base_list[3]] &&
3440                (base_list[3] != p[3] || !risprop));
3441              break;
3442              }
3443            }
3444          }
3445    
3446        else
3447    #endif  /* SUPPORT_UCP */
3448    
3449        accepted = leftop >= FIRST_AUTOTAB_OP && leftop <= LAST_AUTOTAB_LEFT_OP &&
3450               rightop >= FIRST_AUTOTAB_OP && rightop <= LAST_AUTOTAB_RIGHT_OP &&
3451               autoposstab[leftop - FIRST_AUTOTAB_OP][rightop - FIRST_AUTOTAB_OP];
3452    
3453        if (!accepted) return FALSE;
3454    
3455        if (list[1] == 0) return TRUE;
3456        /* Might be an empty repeat. */
3457        continue;
3458        }
3459    
3460      /* Control reaches here only if one of the items is a small character list.
3461      All characters are checked against the other side. */
3462    
3463      do
3464        {
3465        chr = *chr_ptr;
3466    
3467        switch(list_ptr[0])
3468          {
3469          case OP_CHAR:
3470          ochr_ptr = list_ptr + 2;
3471          do
3472            {
3473            if (chr == *ochr_ptr) return FALSE;
3474            ochr_ptr++;
3475            }
3476          while(*ochr_ptr != NOTACHAR);
3477          break;
3478    
3479          case OP_NOT:
3480          ochr_ptr = list_ptr + 2;
3481          do
3482            {
3483            if (chr == *ochr_ptr)
3484              break;
3485            ochr_ptr++;
3486            }
3487          while(*ochr_ptr != NOTACHAR);
3488          if (*ochr_ptr == NOTACHAR) return FALSE;   /* Not found */
3489          break;
3490    
3491          /* Note that OP_DIGIT etc. are generated only when PCRE_UCP is *not*
3492          set. When it is set, \d etc. are converted into OP_(NOT_)PROP codes. */
3493    
3494          case OP_DIGIT:
3495          if (chr < 256 && (cd->ctypes[chr] & ctype_digit) != 0) return FALSE;
3496          break;
3497    
3498          case OP_NOT_DIGIT:
3499          if (chr > 255 || (cd->ctypes[chr] & ctype_digit) == 0) return FALSE;
3500          break;
3501    
3502          case OP_WHITESPACE:
3503          if (chr < 256 && (cd->ctypes[chr] & ctype_space) != 0) return FALSE;
3504          break;
3505    
3506          case OP_NOT_WHITESPACE:
3507          if (chr > 255 || (cd->ctypes[chr] & ctype_space) == 0) return FALSE;
3508          break;