/[pcre]/code/trunk/pcre_compile.c
ViewVC logotype

Diff of /code/trunk/pcre_compile.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 836 by ph10, Wed Dec 28 17:16:11 2011 UTC revision 1538 by ph10, Sun Mar 29 11:22:24 2015 UTC
# Line 6  Line 6 
6  and semantics are as close as possible to those of the Perl 5 language.  and semantics are as close as possible to those of the Perl 5 language.
7    
8                         Written by Philip Hazel                         Written by Philip Hazel
9             Copyright (c) 1997-2012 University of Cambridge             Copyright (c) 1997-2014 University of Cambridge
10    
11  -----------------------------------------------------------------------------  -----------------------------------------------------------------------------
12  Redistribution and use in source and binary forms, with or without  Redistribution and use in source and binary forms, with or without
# Line 47  supporting internal functions that are n Line 47  supporting internal functions that are n
47  #endif  #endif
48    
49  #define NLBLOCK cd             /* Block containing newline information */  #define NLBLOCK cd             /* Block containing newline information */
50  #define PSSTART start_pattern  /* Field containing processed string start */  #define PSSTART start_pattern  /* Field containing pattern start */
51  #define PSEND   end_pattern    /* Field containing processed string end */  #define PSEND   end_pattern    /* Field containing pattern end */
52    
53  #include "pcre_internal.h"  #include "pcre_internal.h"
54    
55    
56  /* When PCRE_DEBUG is defined, we need the pcre(16)_printint() function, which  /* When PCRE_DEBUG is defined, we need the pcre(16|32)_printint() function, which
57  is also used by pcretest. PCRE_DEBUG is not defined when building a production  is also used by pcretest. PCRE_DEBUG is not defined when building a production
58  library. We do not need to select pcre16_printint.c specially, because the  library. We do not need to select pcre16_printint.c specially, because the
59  COMPILE_PCREx macro will already be appropriately set. */  COMPILE_PCREx macro will already be appropriately set. */
60    
61  #ifdef PCRE_DEBUG  #ifdef PCRE_DEBUG
# Line 68  COMPILE_PCREx macro will already be appr Line 68  COMPILE_PCREx macro will already be appr
68    
69  /* Macro for setting individual bits in class bitmaps. */  /* Macro for setting individual bits in class bitmaps. */
70    
71  #define SETBIT(a,b) a[b/8] |= (1 << (b%8))  #define SETBIT(a,b) a[(b)/8] |= (1 << ((b)&7))
72    
73  /* Maximum length value to check against when making sure that the integer that  /* Maximum length value to check against when making sure that the integer that
74  holds the compiled pattern length does not overflow. We make it a bit less than  holds the compiled pattern length does not overflow. We make it a bit less than
# Line 77  to check them every time. */ Line 77  to check them every time. */
77    
78  #define OFLOW_MAX (INT_MAX - 20)  #define OFLOW_MAX (INT_MAX - 20)
79    
80    /* Definitions to allow mutual recursion */
81    
82    static int
83      add_list_to_class(pcre_uint8 *, pcre_uchar **, int, compile_data *,
84        const pcre_uint32 *, unsigned int);
85    
86    static BOOL
87      compile_regex(int, pcre_uchar **, const pcre_uchar **, int *, BOOL, BOOL, int, int,
88        pcre_uint32 *, pcre_int32 *, pcre_uint32 *, pcre_int32 *, branch_chain *,
89        compile_data *, int *);
90    
91    
92    
93  /*************************************************  /*************************************************
94  *      Code parameters and static tables         *  *      Code parameters and static tables         *
# Line 103  kicks in at the same number of forward r Line 115  kicks in at the same number of forward r
115  #define COMPILE_WORK_SIZE (2048*LINK_SIZE)  #define COMPILE_WORK_SIZE (2048*LINK_SIZE)
116  #define COMPILE_WORK_SIZE_MAX (100*COMPILE_WORK_SIZE)  #define COMPILE_WORK_SIZE_MAX (100*COMPILE_WORK_SIZE)
117    
118    /* This value determines the size of the initial vector that is used for
119    remembering named groups during the pre-compile. It is allocated on the stack,
120    but if it is too small, it is expanded using malloc(), in a similar way to the
121    workspace. The value is the number of slots in the list. */
122    
123    #define NAMED_GROUP_LIST_SIZE  20
124    
125  /* The overrun tests check for a slightly smaller size so that they detect the  /* The overrun tests check for a slightly smaller size so that they detect the
126  overrun before it actually does run off the end of the data block. */  overrun before it actually does run off the end of the data block. */
127    
# Line 110  overrun before it actually does run off Line 129  overrun before it actually does run off
129    
130  /* Private flags added to firstchar and reqchar. */  /* Private flags added to firstchar and reqchar. */
131    
132  #define REQ_CASELESS   0x10000000l      /* Indicates caselessness */  #define REQ_CASELESS    (1 << 0)        /* Indicates caselessness */
133  #define REQ_VARY       0x20000000l      /* Reqchar followed non-literal item */  #define REQ_VARY        (1 << 1)        /* Reqchar followed non-literal item */
134    /* Negative values for the firstchar and reqchar flags */
135    #define REQ_UNSET       (-2)
136    #define REQ_NONE        (-1)
137    
138  /* Repeated character flags. */  /* Repeated character flags. */
139    
# Line 238  static const verbitem verbs[] = { Line 260  static const verbitem verbs[] = {
260  static const int verbcount = sizeof(verbs)/sizeof(verbitem);  static const int verbcount = sizeof(verbs)/sizeof(verbitem);
261    
262    
263    /* Substitutes for [[:<:]] and [[:>:]], which mean start and end of word in
264    another regex library. */
265    
266    static const pcre_uchar sub_start_of_word[] = {
267      CHAR_BACKSLASH, CHAR_b, CHAR_LEFT_PARENTHESIS, CHAR_QUESTION_MARK,
268      CHAR_EQUALS_SIGN, CHAR_BACKSLASH, CHAR_w, CHAR_RIGHT_PARENTHESIS, '\0' };
269    
270    static const pcre_uchar sub_end_of_word[] = {
271      CHAR_BACKSLASH, CHAR_b, CHAR_LEFT_PARENTHESIS, CHAR_QUESTION_MARK,
272      CHAR_LESS_THAN_SIGN, CHAR_EQUALS_SIGN, CHAR_BACKSLASH, CHAR_w,
273      CHAR_RIGHT_PARENTHESIS, '\0' };
274    
275    
276  /* Tables of names of POSIX character classes and their lengths. The names are  /* Tables of names of POSIX character classes and their lengths. The names are
277  now all in a single string, to reduce the number of relocations when a shared  now all in a single string, to reduce the number of relocations when a shared
278  library is dynamically loaded. The list of lengths is terminated by a zero  library is dynamically loaded. The list of lengths is terminated by a zero
279  length entry. The first three must be alpha, lower, upper, as this is assumed  length entry. The first three must be alpha, lower, upper, as this is assumed
280  for handling case independence. */  for handling case independence. The indices for graph, print, and punct are
281    needed, so identify them. */
282    
283  static const char posix_names[] =  static const char posix_names[] =
284    STRING_alpha0 STRING_lower0 STRING_upper0 STRING_alnum0    STRING_alpha0 STRING_lower0 STRING_upper0 STRING_alnum0
# Line 253  static const char posix_names[] = Line 289  static const char posix_names[] =
289  static const pcre_uint8 posix_name_lengths[] = {  static const pcre_uint8 posix_name_lengths[] = {
290    5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };    5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };
291    
292    #define PC_GRAPH  8
293    #define PC_PRINT  9
294    #define PC_PUNCT 10
295    
296    
297  /* Table of class bit maps for each POSIX class. Each class is formed from a  /* Table of class bit maps for each POSIX class. Each class is formed from a
298  base map, with an optional addition or removal of another map. Then, for some  base map, with an optional addition or removal of another map. Then, for some
299  classes, there is some additional tweaking: for [:blank:] the vertical space  classes, there is some additional tweaking: for [:blank:] the vertical space
# Line 280  static const int posix_class_maps[] = { Line 321  static const int posix_class_maps[] = {
321    cbit_xdigit,-1,          0              /* xdigit */    cbit_xdigit,-1,          0              /* xdigit */
322  };  };
323    
324  /* Table of substitutes for \d etc when PCRE_UCP is set. The POSIX class  /* Table of substitutes for \d etc when PCRE_UCP is set. They are replaced by
325  substitutes must be in the order of the names, defined above, and there are  Unicode property escapes. */
 both positive and negative cases. NULL means no substitute. */  
326    
327  #ifdef SUPPORT_UCP  #ifdef SUPPORT_UCP
328  static const pcre_uchar string_PNd[]  = {  static const pcre_uchar string_PNd[]  = {
# Line 307  static const pcre_uchar string_pXwd[] = Line 347  static const pcre_uchar string_pXwd[] =
347  static const pcre_uchar *substitutes[] = {  static const pcre_uchar *substitutes[] = {
348    string_PNd,           /* \D */    string_PNd,           /* \D */
349    string_pNd,           /* \d */    string_pNd,           /* \d */
350    string_PXsp,          /* \S */       /* NOTE: Xsp is Perl space */    string_PXsp,          /* \S */   /* Xsp is Perl space, but from 8.34, Perl */
351    string_pXsp,          /* \s */    string_pXsp,          /* \s */   /* space and POSIX space are the same. */
352    string_PXwd,          /* \W */    string_PXwd,          /* \W */
353    string_pXwd           /* \w */    string_pXwd           /* \w */
354  };  };
355    
356    /* The POSIX class substitutes must be in the order of the POSIX class names,
357    defined above, and there are both positive and negative cases. NULL means no
358    general substitute of a Unicode property escape (\p or \P). However, for some
359    POSIX classes (e.g. graph, print, punct) a special property code is compiled
360    directly. */
361    
362  static const pcre_uchar string_pL[] =   {  static const pcre_uchar string_pL[] =   {
363    CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,    CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
364    CHAR_L, CHAR_RIGHT_CURLY_BRACKET, '\0' };    CHAR_L, CHAR_RIGHT_CURLY_BRACKET, '\0' };
# Line 360  static const pcre_uchar *posix_substitut Line 406  static const pcre_uchar *posix_substitut
406    NULL,                 /* graph */    NULL,                 /* graph */
407    NULL,                 /* print */    NULL,                 /* print */
408    NULL,                 /* punct */    NULL,                 /* punct */
409    string_pXps,          /* space */    /* NOTE: Xps is POSIX space */    string_pXps,          /* space */   /* Xps is POSIX space, but from 8.34 */
410    string_pXwd,          /* word */    string_pXwd,          /* word  */   /* Perl and POSIX space are the same */
411    NULL,                 /* xdigit */    NULL,                 /* xdigit */
412    /* Negated cases */    /* Negated cases */
413    string_PL,            /* ^alpha */    string_PL,            /* ^alpha */
# Line 375  static const pcre_uchar *posix_substitut Line 421  static const pcre_uchar *posix_substitut
421    NULL,                 /* ^graph */    NULL,                 /* ^graph */
422    NULL,                 /* ^print */    NULL,                 /* ^print */
423    NULL,                 /* ^punct */    NULL,                 /* ^punct */
424    string_PXps,          /* ^space */   /* NOTE: Xps is POSIX space */    string_PXps,          /* ^space */  /* Xps is POSIX space, but from 8.34 */
425    string_PXwd,          /* ^word */    string_PXwd,          /* ^word */   /* Perl and POSIX space are the same */
426    NULL                  /* ^xdigit */    NULL                  /* ^xdigit */
427  };  };
428  #define POSIX_SUBSIZE (sizeof(posix_substitutes) / sizeof(pcre_uchar *))  #define POSIX_SUBSIZE (sizeof(posix_substitutes) / sizeof(pcre_uchar *))
# Line 438  static const char error_texts[] = Line 484  static const char error_texts[] =
484    /* 30 */    /* 30 */
485    "unknown POSIX class name\0"    "unknown POSIX class name\0"
486    "POSIX collating elements are not supported\0"    "POSIX collating elements are not supported\0"
487    "this version of PCRE is not compiled with PCRE_UTF8 support\0"    "this version of PCRE is compiled without UTF support\0"
488    "spare error\0"  /** DEAD **/    "spare error\0"  /** DEAD **/
489    "character value in \\x{...} sequence is too large\0"    "character value in \\x{} or \\o{} is too large\0"
490    /* 35 */    /* 35 */
491    "invalid condition (?(0)\0"    "invalid condition (?(0)\0"
492    "\\C not allowed in lookbehind assertion\0"    "\\C not allowed in lookbehind assertion\0"
# Line 461  static const char error_texts[] = Line 507  static const char error_texts[] =
507    "too many named subpatterns (maximum " XSTRING(MAX_NAME_COUNT) ")\0"    "too many named subpatterns (maximum " XSTRING(MAX_NAME_COUNT) ")\0"
508    /* 50 */    /* 50 */
509    "repeated subpattern is too long\0"    /** DEAD **/    "repeated subpattern is too long\0"    /** DEAD **/
510    "octal value is greater than \\377 (not in UTF-8 mode)\0"    "octal value is greater than \\377 in 8-bit non-UTF-8 mode\0"
511    "internal error: overran compiling workspace\0"    "internal error: overran compiling workspace\0"
512    "internal error: previously-checked referenced subpattern not found\0"    "internal error: previously-checked referenced subpattern not found\0"
513    "DEFINE group contains more than one branch\0"    "DEFINE group contains more than one branch\0"
# Line 472  static const char error_texts[] = Line 518  static const char error_texts[] =
518    "a numbered reference must not be zero\0"    "a numbered reference must not be zero\0"
519    "an argument is not allowed for (*ACCEPT), (*FAIL), or (*COMMIT)\0"    "an argument is not allowed for (*ACCEPT), (*FAIL), or (*COMMIT)\0"
520    /* 60 */    /* 60 */
521    "(*VERB) not recognized\0"    "(*VERB) not recognized or malformed\0"
522    "number is too big\0"    "number is too big\0"
523    "subpattern name expected\0"    "subpattern name expected\0"
524    "digit expected after (?+\0"    "digit expected after (?+\0"
# Line 480  static const char error_texts[] = Line 526  static const char error_texts[] =
526    /* 65 */    /* 65 */
527    "different names for subpatterns of the same number are not allowed\0"    "different names for subpatterns of the same number are not allowed\0"
528    "(*MARK) must have an argument\0"    "(*MARK) must have an argument\0"
529    "this version of PCRE is not compiled with PCRE_UCP support\0"    "this version of PCRE is not compiled with Unicode property support\0"
530    "\\c must be followed by an ASCII character\0"    "\\c must be followed by an ASCII character\0"
531    "\\k is not followed by a braced, angle-bracketed, or quoted name\0"    "\\k is not followed by a braced, angle-bracketed, or quoted name\0"
532    /* 70 */    /* 70 */
533    "internal error: unknown opcode in find_fixedlength()\0"    "internal error: unknown opcode in find_fixedlength()\0"
534    "\\N is not supported in a class\0"    "\\N is not supported in a class\0"
535    "too many forward references\0"    "too many forward references\0"
536    "disallowed UTF-8/16 code point (>= 0xd800 && <= 0xdfff)\0"    "disallowed Unicode code point (>= 0xd800 && <= 0xdfff)\0"
537      "invalid UTF-16 string\0"
538      /* 75 */
539      "name is too long in (*MARK), (*PRUNE), (*SKIP), or (*THEN)\0"
540      "character value in \\u.... sequence is too large\0"
541      "invalid UTF-32 string\0"
542      "setting UTF is disabled by the application\0"
543      "non-hex character in \\x{} (closing brace missing?)\0"
544      /* 80 */
545      "non-octal character in \\o{} (closing brace missing?)\0"
546      "missing opening brace after \\o\0"
547      "parentheses are too deeply nested\0"
548      "invalid range in character class\0"
549      "group name must start with a non-digit\0"
550      /* 85 */
551      "parentheses are too deeply nested (stack check)\0"
552      "digits missing in \\x{} or \\o{}\0"
553    ;    ;
554    
555  /* Table to identify digits and hex digits. This is used when compiling  /* Table to identify digits and hex digits. This is used when compiling
# Line 627  static const pcre_uint8 ebcdic_chartab[] Line 689  static const pcre_uint8 ebcdic_chartab[]
689  #endif  #endif
690    
691    
692  /* Definition to allow mutual recursion */  /* This table is used to check whether auto-possessification is possible
693    between adjacent character-type opcodes. The left-hand (repeated) opcode is
694    used to select the row, and the right-hand opcode is use to select the column.
695    A value of 1 means that auto-possessification is OK. For example, the second
696    value in the first row means that \D+\d can be turned into \D++\d.
697    
698    The Unicode property types (\P and \p) have to be present to fill out the table
699    because of what their opcode values are, but the table values should always be
700    zero because property types are handled separately in the code. The last four
701    columns apply to items that cannot be repeated, so there is no need to have
702    rows for them. Note that OP_DIGIT etc. are generated only when PCRE_UCP is
703    *not* set. When it is set, \d etc. are converted into OP_(NOT_)PROP codes. */
704    
705    #define APTROWS (LAST_AUTOTAB_LEFT_OP - FIRST_AUTOTAB_OP + 1)
706    #define APTCOLS (LAST_AUTOTAB_RIGHT_OP - FIRST_AUTOTAB_OP + 1)
707    
708    static const pcre_uint8 autoposstab[APTROWS][APTCOLS] = {
709    /* \D \d \S \s \W \w  . .+ \C \P \p \R \H \h \V \v \X \Z \z  $ $M */
710      { 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0 },  /* \D */
711      { 1, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1 },  /* \d */
712      { 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1 },  /* \S */
713      { 0, 1, 1, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0 },  /* \s */
714      { 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0 },  /* \W */
715      { 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1 },  /* \w */
716      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 1, 0, 0 },  /* .  */
717      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0 },  /* .+ */
718      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0 },  /* \C */
719      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 },  /* \P */
720      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 },  /* \p */
721      { 0, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0 },  /* \R */
722      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0 },  /* \H */
723      { 0, 1, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 0, 0, 1, 0, 0 },  /* \h */
724      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 1, 0, 0 },  /* \V */
725      { 0, 1, 1, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 0, 1, 0, 0 },  /* \v */
726      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0 }   /* \X */
727    };
728    
729    
730  static BOOL  /* This table is used to check whether auto-possessification is possible
731    compile_regex(int, pcre_uchar **, const pcre_uchar **, int *, BOOL, BOOL, int, int,  between adjacent Unicode property opcodes (OP_PROP and OP_NOTPROP). The
732      int *, int *, branch_chain *, compile_data *, int *);  left-hand (repeated) opcode is used to select the row, and the right-hand
733    opcode is used to select the column. The values are as follows:
734    
735      0   Always return FALSE (never auto-possessify)
736      1   Character groups are distinct (possessify if both are OP_PROP)
737      2   Check character categories in the same group (general or particular)
738      3   TRUE if the two opcodes are not the same (PROP vs NOTPROP)
739    
740      4   Check left general category vs right particular category
741      5   Check right general category vs left particular category
742    
743      6   Left alphanum vs right general category
744      7   Left space vs right general category
745      8   Left word vs right general category
746    
747      9   Right alphanum vs left general category
748     10   Right space vs left general category
749     11   Right word vs left general category
750    
751     12   Left alphanum vs right particular category
752     13   Left space vs right particular category
753     14   Left word vs right particular category
754    
755     15   Right alphanum vs left particular category
756     16   Right space vs left particular category
757     17   Right word vs left particular category
758    */
759    
760    static const pcre_uint8 propposstab[PT_TABSIZE][PT_TABSIZE] = {
761    /* ANY LAMP GC  PC  SC ALNUM SPACE PXSPACE WORD CLIST UCNC */
762      { 0,  0,  0,  0,  0,    0,    0,      0,   0,    0,   0 },  /* PT_ANY */
763      { 0,  3,  0,  0,  0,    3,    1,      1,   0,    0,   0 },  /* PT_LAMP */
764      { 0,  0,  2,  4,  0,    9,   10,     10,  11,    0,   0 },  /* PT_GC */
765      { 0,  0,  5,  2,  0,   15,   16,     16,  17,    0,   0 },  /* PT_PC */
766      { 0,  0,  0,  0,  2,    0,    0,      0,   0,    0,   0 },  /* PT_SC */
767      { 0,  3,  6, 12,  0,    3,    1,      1,   0,    0,   0 },  /* PT_ALNUM */
768      { 0,  1,  7, 13,  0,    1,    3,      3,   1,    0,   0 },  /* PT_SPACE */
769      { 0,  1,  7, 13,  0,    1,    3,      3,   1,    0,   0 },  /* PT_PXSPACE */
770      { 0,  0,  8, 14,  0,    0,    1,      1,   3,    0,   0 },  /* PT_WORD */
771      { 0,  0,  0,  0,  0,    0,    0,      0,   0,    0,   0 },  /* PT_CLIST */
772      { 0,  0,  0,  0,  0,    0,    0,      0,   0,    0,   3 }   /* PT_UCNC */
773    };
774    
775    /* This table is used to check whether auto-possessification is possible
776    between adjacent Unicode property opcodes (OP_PROP and OP_NOTPROP) when one
777    specifies a general category and the other specifies a particular category. The
778    row is selected by the general category and the column by the particular
779    category. The value is 1 if the particular category is not part of the general
780    category. */
781    
782    static const pcre_uint8 catposstab[7][30] = {
783    /* Cc Cf Cn Co Cs Ll Lm Lo Lt Lu Mc Me Mn Nd Nl No Pc Pd Pe Pf Pi Po Ps Sc Sk Sm So Zl Zp Zs */
784      { 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 },  /* C */
785      { 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 },  /* L */
786      { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 },  /* M */
787      { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 },  /* N */
788      { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1 },  /* P */
789      { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1, 1, 1 },  /* S */
790      { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0 }   /* Z */
791    };
792    
793    /* This table is used when checking ALNUM, (PX)SPACE, SPACE, and WORD against
794    a general or particular category. The properties in each row are those
795    that apply to the character set in question. Duplication means that a little
796    unnecessary work is done when checking, but this keeps things much simpler
797    because they can all use the same code. For more details see the comment where
798    this table is used.
799    
800    Note: SPACE and PXSPACE used to be different because Perl excluded VT from
801    "space", but from Perl 5.18 it's included, so both categories are treated the
802    same here. */
803    
804    static const pcre_uint8 posspropstab[3][4] = {
805      { ucp_L, ucp_N, ucp_N, ucp_Nl },  /* ALNUM, 3rd and 4th values redundant */
806      { ucp_Z, ucp_Z, ucp_C, ucp_Cc },  /* SPACE and PXSPACE, 2nd value redundant */
807      { ucp_L, ucp_N, ucp_P, ucp_Po }   /* WORD */
808    };
809    
810    /* This table is used when converting repeating opcodes into possessified
811    versions as a result of an explicit possessive quantifier such as ++. A zero
812    value means there is no possessified version - in those cases the item in
813    question must be wrapped in ONCE brackets. The table is truncated at OP_CALLOUT
814    because all relevant opcodes are less than that. */
815    
816    static const pcre_uint8 opcode_possessify[] = {
817      0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,   /* 0 - 15  */
818      0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,   /* 16 - 31 */
819    
820      0,                       /* NOTI */
821      OP_POSSTAR, 0,           /* STAR, MINSTAR */
822      OP_POSPLUS, 0,           /* PLUS, MINPLUS */
823      OP_POSQUERY, 0,          /* QUERY, MINQUERY */
824      OP_POSUPTO, 0,           /* UPTO, MINUPTO */
825      0,                       /* EXACT */
826      0, 0, 0, 0,              /* POS{STAR,PLUS,QUERY,UPTO} */
827    
828      OP_POSSTARI, 0,          /* STARI, MINSTARI */
829      OP_POSPLUSI, 0,          /* PLUSI, MINPLUSI */
830      OP_POSQUERYI, 0,         /* QUERYI, MINQUERYI */
831      OP_POSUPTOI, 0,          /* UPTOI, MINUPTOI */
832      0,                       /* EXACTI */
833      0, 0, 0, 0,              /* POS{STARI,PLUSI,QUERYI,UPTOI} */
834    
835      OP_NOTPOSSTAR, 0,        /* NOTSTAR, NOTMINSTAR */
836      OP_NOTPOSPLUS, 0,        /* NOTPLUS, NOTMINPLUS */
837      OP_NOTPOSQUERY, 0,       /* NOTQUERY, NOTMINQUERY */
838      OP_NOTPOSUPTO, 0,        /* NOTUPTO, NOTMINUPTO */
839      0,                       /* NOTEXACT */
840      0, 0, 0, 0,              /* NOTPOS{STAR,PLUS,QUERY,UPTO} */
841    
842      OP_NOTPOSSTARI, 0,       /* NOTSTARI, NOTMINSTARI */
843      OP_NOTPOSPLUSI, 0,       /* NOTPLUSI, NOTMINPLUSI */
844      OP_NOTPOSQUERYI, 0,      /* NOTQUERYI, NOTMINQUERYI */
845      OP_NOTPOSUPTOI, 0,       /* NOTUPTOI, NOTMINUPTOI */
846      0,                       /* NOTEXACTI */
847      0, 0, 0, 0,              /* NOTPOS{STARI,PLUSI,QUERYI,UPTOI} */
848    
849      OP_TYPEPOSSTAR, 0,       /* TYPESTAR, TYPEMINSTAR */
850      OP_TYPEPOSPLUS, 0,       /* TYPEPLUS, TYPEMINPLUS */
851      OP_TYPEPOSQUERY, 0,      /* TYPEQUERY, TYPEMINQUERY */
852      OP_TYPEPOSUPTO, 0,       /* TYPEUPTO, TYPEMINUPTO */
853      0,                       /* TYPEEXACT */
854      0, 0, 0, 0,              /* TYPEPOS{STAR,PLUS,QUERY,UPTO} */
855    
856      OP_CRPOSSTAR, 0,         /* CRSTAR, CRMINSTAR */
857      OP_CRPOSPLUS, 0,         /* CRPLUS, CRMINPLUS */
858      OP_CRPOSQUERY, 0,        /* CRQUERY, CRMINQUERY */
859      OP_CRPOSRANGE, 0,        /* CRRANGE, CRMINRANGE */
860      0, 0, 0, 0,              /* CRPOS{STAR,PLUS,QUERY,RANGE} */
861    
862      0, 0, 0,                 /* CLASS, NCLASS, XCLASS */
863      0, 0,                    /* REF, REFI */
864      0, 0,                    /* DNREF, DNREFI */
865      0, 0                     /* RECURSE, CALLOUT */
866    };
867    
868    
869    
# Line 654  find_error_text(int n) Line 886  find_error_text(int n)
886  const char *s = error_texts;  const char *s = error_texts;
887  for (; n > 0; n--)  for (; n > 0; n--)
888    {    {
889    while (*s++ != 0) {};    while (*s++ != CHAR_NULL) {};
890    if (*s == 0) return "Error text not found (please report)";    if (*s == CHAR_NULL) return "Error text not found (please report)";
891    }    }
892  return s;  return s;
893  }  }
894    
895    
896    
897  /*************************************************  /*************************************************
898  *           Expand the workspace                 *  *           Expand the workspace                 *
899  *************************************************/  *************************************************/
# Line 738  return (*p == CHAR_RIGHT_CURLY_BRACKET); Line 971  return (*p == CHAR_RIGHT_CURLY_BRACKET);
971  *************************************************/  *************************************************/
972    
973  /* This function is called when a \ has been encountered. It either returns a  /* This function is called when a \ has been encountered. It either returns a
974  positive value for a simple escape such as \n, or a negative value which  positive value for a simple escape such as \n, or 0 for a data character which
975  encodes one of the more complicated things such as \d. A backreference to group  will be placed in chptr. A backreference to group n is returned as negative n.
976  n is returned as -(ESC_REF + n); ESC_REF is the highest ESC_xxx macro. When  When UTF-8 is enabled, a positive value greater than 255 may be returned in
977  UTF-8 is enabled, a positive value greater than 255 may be returned. On entry,  chptr. On entry, ptr is pointing at the \. On exit, it is on the final
978  ptr is pointing at the \. On exit, it is on the final character of the escape  character of the escape sequence.
 sequence.  
979    
980  Arguments:  Arguments:
981    ptrptr         points to the pattern position pointer    ptrptr         points to the pattern position pointer
982      chptr          points to a returned data character
983    errorcodeptr   points to the errorcode variable    errorcodeptr   points to the errorcode variable
984    bracount       number of previous extracting brackets    bracount       number of previous extracting brackets
985    options        the options bits    options        the options bits
986    isclass        TRUE if inside a character class    isclass        TRUE if inside a character class
987    
988  Returns:         zero or positive => a data character  Returns:         zero => a data character
989                   negative => a special escape sequence                   positive => a special escape sequence
990                     negative => a back reference
991                   on error, errorcodeptr is set                   on error, errorcodeptr is set
992  */  */
993    
994  static int  static int
995  check_escape(const pcre_uchar **ptrptr, int *errorcodeptr, int bracount,  check_escape(const pcre_uchar **ptrptr, pcre_uint32 *chptr, int *errorcodeptr,
996    int options, BOOL isclass)    int bracount, int options, BOOL isclass)
997  {  {
998  /* PCRE_UTF16 has the same value as PCRE_UTF8. */  /* PCRE_UTF16 has the same value as PCRE_UTF8. */
999  BOOL utf = (options & PCRE_UTF8) != 0;  BOOL utf = (options & PCRE_UTF8) != 0;
1000  const pcre_uchar *ptr = *ptrptr + 1;  const pcre_uchar *ptr = *ptrptr + 1;
1001  pcre_int32 c;  pcre_uint32 c;
1002    int escape = 0;
1003  int i;  int i;
1004    
1005  GETCHARINCTEST(c, ptr);           /* Get character value, increment pointer */  GETCHARINCTEST(c, ptr);           /* Get character value, increment pointer */
# Line 772  ptr--;                            /* Set Line 1007  ptr--;                            /* Set
1007    
1008  /* If backslash is at the end of the pattern, it's an error. */  /* If backslash is at the end of the pattern, it's an error. */
1009    
1010  if (c == 0) *errorcodeptr = ERR1;  if (c == CHAR_NULL) *errorcodeptr = ERR1;
1011    
1012  /* Non-alphanumerics are literals. For digits or letters, do an initial lookup  /* Non-alphanumerics are literals. For digits or letters, do an initial lookup
1013  in a table. A non-zero result is something that can be returned immediately.  in a table. A non-zero result is something that can be returned immediately.
# Line 781  Otherwise further processing may be requ Line 1016  Otherwise further processing may be requ
1016  #ifndef EBCDIC  /* ASCII/UTF-8 coding */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
1017  /* Not alphanumeric */  /* Not alphanumeric */
1018  else if (c < CHAR_0 || c > CHAR_z) {}  else if (c < CHAR_0 || c > CHAR_z) {}
1019  else if ((i = escapes[c - CHAR_0]) != 0) c = i;  else if ((i = escapes[c - CHAR_0]) != 0)
1020      { if (i > 0) c = (pcre_uint32)i; else escape = -i; }
1021    
1022  #else           /* EBCDIC coding */  #else           /* EBCDIC coding */
1023  /* Not alphanumeric */  /* Not alphanumeric */
1024  else if (c < 'a' || (!MAX_255(c) || (ebcdic_chartab[c] & 0x0E) == 0)) {}  else if (c < CHAR_a || (!MAX_255(c) || (ebcdic_chartab[c] & 0x0E) == 0)) {}
1025  else if ((i = escapes[c - 0x48]) != 0)  c = i;  else if ((i = escapes[c - 0x48]) != 0)  { if (i > 0) c = (pcre_uint32)i; else escape = -i; }
1026  #endif  #endif
1027    
1028  /* Escapes that need further processing, or are illegal. */  /* Escapes that need further processing, or are illegal. */
# Line 794  else if ((i = escapes[c - 0x48]) != 0) Line 1030  else if ((i = escapes[c - 0x48]) != 0)
1030  else  else
1031    {    {
1032    const pcre_uchar *oldptr;    const pcre_uchar *oldptr;
1033    BOOL braced, negated;    BOOL braced, negated, overflow;
1034      int s;
1035    
1036    switch (c)    switch (c)
1037      {      {
# Line 819  else Line 1056  else
1056          c = 0;          c = 0;
1057          for (i = 0; i < 4; ++i)          for (i = 0; i < 4; ++i)
1058            {            {
1059            register int cc = *(++ptr);            register pcre_uint32 cc = *(++ptr);
1060  #ifndef EBCDIC  /* ASCII/UTF-8 coding */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
1061            if (cc >= CHAR_a) cc -= 32;               /* Convert to upper case */            if (cc >= CHAR_a) cc -= 32;               /* Convert to upper case */
1062            c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));            c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
# Line 828  else Line 1065  else
1065            c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));            c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1066  #endif  #endif
1067            }            }
1068    
1069    #if defined COMPILE_PCRE8
1070            if (c > (utf ? 0x10ffffU : 0xffU))
1071    #elif defined COMPILE_PCRE16
1072            if (c > (utf ? 0x10ffffU : 0xffffU))
1073    #elif defined COMPILE_PCRE32
1074            if (utf && c > 0x10ffffU)
1075    #endif
1076              {
1077              *errorcodeptr = ERR76;
1078              }
1079            else if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;
1080          }          }
1081        }        }
1082      else      else
# Line 854  else Line 1103  else
1103      (3) For Oniguruma compatibility we also support \g followed by a name or a      (3) For Oniguruma compatibility we also support \g followed by a name or a
1104      number either in angle brackets or in single quotes. However, these are      number either in angle brackets or in single quotes. However, these are
1105      (possibly recursive) subroutine calls, _not_ backreferences. Just return      (possibly recursive) subroutine calls, _not_ backreferences. Just return
1106      the -ESC_g code (cf \k). */      the ESC_g code (cf \k). */
1107    
1108      case CHAR_g:      case CHAR_g:
1109      if (isclass) break;      if (isclass) break;
1110      if (ptr[1] == CHAR_LESS_THAN_SIGN || ptr[1] == CHAR_APOSTROPHE)      if (ptr[1] == CHAR_LESS_THAN_SIGN || ptr[1] == CHAR_APOSTROPHE)
1111        {        {
1112        c = -ESC_g;        escape = ESC_g;
1113        break;        break;
1114        }        }
1115    
# Line 869  else Line 1118  else
1118      if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)      if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
1119        {        {
1120        const pcre_uchar *p;        const pcre_uchar *p;
1121        for (p = ptr+2; *p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET; p++)        for (p = ptr+2; *p != CHAR_NULL && *p != CHAR_RIGHT_CURLY_BRACKET; p++)
1122          if (*p != CHAR_MINUS && !IS_DIGIT(*p)) break;          if (*p != CHAR_MINUS && !IS_DIGIT(*p)) break;
1123        if (*p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET)        if (*p != CHAR_NULL && *p != CHAR_RIGHT_CURLY_BRACKET)
1124          {          {
1125          c = -ESC_k;          escape = ESC_k;
1126          break;          break;
1127          }          }
1128        braced = TRUE;        braced = TRUE;
# Line 889  else Line 1138  else
1138      else negated = FALSE;      else negated = FALSE;
1139    
1140      /* The integer range is limited by the machine's int representation. */      /* The integer range is limited by the machine's int representation. */
1141      c = 0;      s = 0;
1142        overflow = FALSE;
1143      while (IS_DIGIT(ptr[1]))      while (IS_DIGIT(ptr[1]))
1144        {        {
1145        if (((unsigned int)c) > INT_MAX / 10) /* Integer overflow */        if (s > INT_MAX / 10 - 1) /* Integer overflow */
1146          {          {
1147          c = -1;          overflow = TRUE;
1148          break;          break;
1149          }          }
1150        c = c * 10 + *(++ptr) - CHAR_0;        s = s * 10 + (int)(*(++ptr) - CHAR_0);
1151        }        }
1152      if (((unsigned int)c) > INT_MAX) /* Integer overflow */      if (overflow) /* Integer overflow */
1153        {        {
1154        while (IS_DIGIT(ptr[1]))        while (IS_DIGIT(ptr[1]))
1155          ptr++;          ptr++;
# Line 913  else Line 1163  else
1163        break;        break;
1164        }        }
1165    
1166      if (c == 0)      if (s == 0)
1167        {        {
1168        *errorcodeptr = ERR58;        *errorcodeptr = ERR58;
1169        break;        break;
# Line 921  else Line 1171  else
1171    
1172      if (negated)      if (negated)
1173        {        {
1174        if (c > bracount)        if (s > bracount)
1175          {          {
1176          *errorcodeptr = ERR15;          *errorcodeptr = ERR15;
1177          break;          break;
1178          }          }
1179        c = bracount - (c - 1);        s = bracount - (s - 1);
1180        }        }
1181    
1182      c = -(ESC_REF + c);      escape = -s;
1183      break;      break;
1184    
1185      /* The handling of escape sequences consisting of a string of digits      /* The handling of escape sequences consisting of a string of digits
1186      starting with one that is not zero is not straightforward. By experiment,      starting with one that is not zero is not straightforward. Perl has changed
1187      the way Perl works seems to be as follows:      over the years. Nowadays \g{} for backreferences and \o{} for octal are
1188        recommended to avoid the ambiguities in the old syntax.
1189    
1190      Outside a character class, the digits are read as a decimal number. If the      Outside a character class, the digits are read as a decimal number. If the
1191      number is less than 10, or if there are that many previous extracting      number is less than 8 (used to be 10), or if there are that many previous
1192      left brackets, then it is a back reference. Otherwise, up to three octal      extracting left brackets, then it is a back reference. Otherwise, up to
1193      digits are read to form an escaped byte. Thus \123 is likely to be octal      three octal digits are read to form an escaped byte. Thus \123 is likely to
1194      123 (cf \0123, which is octal 012 followed by the literal 3). If the octal      be octal 123 (cf \0123, which is octal 012 followed by the literal 3). If
1195      value is greater than 377, the least significant 8 bits are taken. Inside a      the octal value is greater than 377, the least significant 8 bits are
1196      character class, \ followed by a digit is always an octal number. */      taken. \8 and \9 are treated as the literal characters 8 and 9.
1197    
1198        Inside a character class, \ followed by a digit is always either a literal
1199        8 or 9 or an octal number. */
1200    
1201      case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4: case CHAR_5:      case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4: case CHAR_5:
1202      case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:      case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
# Line 951  else Line 1205  else
1205        {        {
1206        oldptr = ptr;        oldptr = ptr;
1207        /* The integer range is limited by the machine's int representation. */        /* The integer range is limited by the machine's int representation. */
1208        c -= CHAR_0;        s = (int)(c -CHAR_0);
1209          overflow = FALSE;
1210        while (IS_DIGIT(ptr[1]))        while (IS_DIGIT(ptr[1]))
1211          {          {
1212          if (((unsigned int)c) > INT_MAX / 10) /* Integer overflow */          if (s > INT_MAX / 10 - 1) /* Integer overflow */
1213            {            {
1214            c = -1;            overflow = TRUE;
1215            break;            break;
1216            }            }
1217          c = c * 10 + *(++ptr) - CHAR_0;          s = s * 10 + (int)(*(++ptr) - CHAR_0);
1218          }          }
1219        if (((unsigned int)c) > INT_MAX) /* Integer overflow */        if (overflow) /* Integer overflow */
1220          {          {
1221          while (IS_DIGIT(ptr[1]))          while (IS_DIGIT(ptr[1]))
1222            ptr++;            ptr++;
1223          *errorcodeptr = ERR61;          *errorcodeptr = ERR61;
1224          break;          break;
1225          }          }
1226        if (c < 10 || c <= bracount)        if (s < 8 || s <= bracount)  /* Check for back reference */
1227          {          {
1228          c = -(ESC_REF + c);          escape = -s;
1229          break;          break;
1230          }          }
1231        ptr = oldptr;      /* Put the pointer back and fall through */        ptr = oldptr;      /* Put the pointer back and fall through */
1232        }        }
1233    
1234      /* Handle an octal number following \. If the first digit is 8 or 9, Perl      /* Handle a digit following \ when the number is not a back reference. If
1235      generates a binary zero byte and treats the digit as a following literal.      the first digit is 8 or 9, Perl used to generate a binary zero byte and
1236      Thus we have to pull back the pointer by one. */      then treat the digit as a following literal. At least by Perl 5.18 this
1237        changed so as not to insert the binary zero. */
1238    
1239      if ((c = *ptr) >= CHAR_8)      if ((c = *ptr) >= CHAR_8) break;
1240        {  
1241        ptr--;      /* Fall through with a digit less than 8 */
       c = 0;  
       break;  
       }  
1242    
1243      /* \0 always starts an octal number, but we may drop through to here with a      /* \0 always starts an octal number, but we may drop through to here with a
1244      larger first octal digit. The original code used just to take the least      larger first octal digit. The original code used just to take the least
1245      significant 8 bits of octal numbers (I think this is what early Perls used      significant 8 bits of octal numbers (I think this is what early Perls used
1246      to do). Nowadays we allow for larger numbers in UTF-8 mode, but no more      to do). Nowadays we allow for larger numbers in UTF-8 mode and 16-bit mode,
1247      than 3 octal digits. */      but no more than 3 octal digits. */
1248    
1249      case CHAR_0:      case CHAR_0:
1250      c -= CHAR_0;      c -= CHAR_0;
1251      while(i++ < 2 && ptr[1] >= CHAR_0 && ptr[1] <= CHAR_7)      while(i++ < 2 && ptr[1] >= CHAR_0 && ptr[1] <= CHAR_7)
1252          c = c * 8 + *(++ptr) - CHAR_0;          c = c * 8 + *(++ptr) - CHAR_0;
1253    #ifdef COMPILE_PCRE8
1254      if (!utf && c > 0xff) *errorcodeptr = ERR51;      if (!utf && c > 0xff) *errorcodeptr = ERR51;
1255    #endif
1256        break;
1257    
1258        /* \o is a relatively new Perl feature, supporting a more general way of
1259        specifying character codes in octal. The only supported form is \o{ddd}. */
1260    
1261        case CHAR_o:
1262        if (ptr[1] != CHAR_LEFT_CURLY_BRACKET) *errorcodeptr = ERR81; else
1263        if (ptr[2] == CHAR_RIGHT_CURLY_BRACKET) *errorcodeptr = ERR86; else
1264          {
1265          ptr += 2;
1266          c = 0;
1267          overflow = FALSE;
1268          while (*ptr >= CHAR_0 && *ptr <= CHAR_7)
1269            {
1270            register pcre_uint32 cc = *ptr++;
1271            if (c == 0 && cc == CHAR_0) continue;     /* Leading zeroes */
1272    #ifdef COMPILE_PCRE32
1273            if (c >= 0x20000000l) { overflow = TRUE; break; }
1274    #endif
1275            c = (c << 3) + cc - CHAR_0 ;
1276    #if defined COMPILE_PCRE8
1277            if (c > (utf ? 0x10ffffU : 0xffU)) { overflow = TRUE; break; }
1278    #elif defined COMPILE_PCRE16
1279            if (c > (utf ? 0x10ffffU : 0xffffU)) { overflow = TRUE; break; }
1280    #elif defined COMPILE_PCRE32
1281            if (utf && c > 0x10ffffU) { overflow = TRUE; break; }
1282    #endif
1283            }
1284          if (overflow)
1285            {
1286            while (*ptr >= CHAR_0 && *ptr <= CHAR_7) ptr++;
1287            *errorcodeptr = ERR34;
1288            }
1289          else if (*ptr == CHAR_RIGHT_CURLY_BRACKET)
1290            {
1291            if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;
1292            }
1293          else *errorcodeptr = ERR80;
1294          }
1295      break;      break;
1296    
1297      /* \x is complicated. \x{ddd} is a character number which can be greater      /* \x is complicated. In JavaScript, \x must be followed by two hexadecimal
1298      than 0xff in utf or non-8bit mode, but only if the ddd are hex digits.      numbers. Otherwise it is a lowercase x letter. */
     If not, { is treated as a data character. */  
1299    
1300      case CHAR_x:      case CHAR_x:
1301      if ((options & PCRE_JAVASCRIPT_COMPAT) != 0)      if ((options & PCRE_JAVASCRIPT_COMPAT) != 0)
1302        {        {
       /* In JavaScript, \x must be followed by two hexadecimal numbers.  
       Otherwise it is a lowercase x letter. */  
1303        if (MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0        if (MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0
1304          && MAX_255(ptr[2]) && (digitab[ptr[2]] & ctype_xdigit) != 0)          && MAX_255(ptr[2]) && (digitab[ptr[2]] & ctype_xdigit) != 0)
1305          {          {
1306          c = 0;          c = 0;
1307          for (i = 0; i < 2; ++i)          for (i = 0; i < 2; ++i)
1308            {            {
1309            register int cc = *(++ptr);            register pcre_uint32 cc = *(++ptr);
1310  #ifndef EBCDIC  /* ASCII/UTF-8 coding */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
1311            if (cc >= CHAR_a) cc -= 32;               /* Convert to upper case */            if (cc >= CHAR_a) cc -= 32;               /* Convert to upper case */
1312            c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));            c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
# Line 1025  else Line 1316  else
1316  #endif  #endif
1317            }            }
1318          }          }
1319        break;        }    /* End JavaScript handling */
       }  
1320    
1321      if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)      /* Handle \x in Perl's style. \x{ddd} is a character number which can be
1322        {      greater than 0xff in utf or non-8bit mode, but only if the ddd are hex
1323        const pcre_uchar *pt = ptr + 2;      digits. If not, { used to be treated as a data character. However, Perl
1324        seems to read hex digits up to the first non-such, and ignore the rest, so
1325        that, for example \x{zz} matches a binary zero. This seems crazy, so PCRE
1326        now gives an error. */
1327    
1328        c = 0;      else
1329        while (MAX_255(*pt) && (digitab[*pt] & ctype_xdigit) != 0)        {
1330          if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
1331          {          {
1332          register int cc = *pt++;          ptr += 2;
1333          if (c == 0 && cc == CHAR_0) continue;     /* Leading zeroes */          if (*ptr == CHAR_RIGHT_CURLY_BRACKET)
1334              {
1335              *errorcodeptr = ERR86;
1336              break;
1337              }
1338            c = 0;
1339            overflow = FALSE;
1340            while (MAX_255(*ptr) && (digitab[*ptr] & ctype_xdigit) != 0)
1341              {
1342              register pcre_uint32 cc = *ptr++;
1343              if (c == 0 && cc == CHAR_0) continue;     /* Leading zeroes */
1344    
1345    #ifdef COMPILE_PCRE32
1346              if (c >= 0x10000000l) { overflow = TRUE; break; }
1347    #endif
1348    
1349  #ifndef EBCDIC  /* ASCII/UTF-8 coding */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
1350          if (cc >= CHAR_a) cc -= 32;               /* Convert to upper case */            if (cc >= CHAR_a) cc -= 32;               /* Convert to upper case */
1351          c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));            c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1352  #else           /* EBCDIC coding */  #else           /* EBCDIC coding */
1353          if (cc >= CHAR_a && cc <= CHAR_z) cc += 64;  /* Convert to upper case */            if (cc >= CHAR_a && cc <= CHAR_z) cc += 64;  /* Convert to upper case */
1354          c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));            c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1355  #endif  #endif
1356    
1357  #ifdef COMPILE_PCRE8  #if defined COMPILE_PCRE8
1358          if (c > (utf ? 0x10ffff : 0xff)) { c = -1; break; }            if (c > (utf ? 0x10ffffU : 0xffU)) { overflow = TRUE; break; }
1359  #else  #elif defined COMPILE_PCRE16
1360  #ifdef COMPILE_PCRE16            if (c > (utf ? 0x10ffffU : 0xffffU)) { overflow = TRUE; break; }
1361          if (c > (utf ? 0x10ffff : 0xffff)) { c = -1; break; }  #elif defined COMPILE_PCRE32
1362  #endif            if (utf && c > 0x10ffffU) { overflow = TRUE; break; }
1363  #endif  #endif
1364          }            }
1365    
1366        if (c < 0)          if (overflow)
1367          {            {
1368          while (MAX_255(*pt) && (digitab[*pt] & ctype_xdigit) != 0) pt++;            while (MAX_255(*ptr) && (digitab[*ptr] & ctype_xdigit) != 0) ptr++;
1369          *errorcodeptr = ERR34;            *errorcodeptr = ERR34;
1370          }            }
1371    
1372        if (*pt == CHAR_RIGHT_CURLY_BRACKET)          else if (*ptr == CHAR_RIGHT_CURLY_BRACKET)
1373          {            {
1374          if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;            if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;
1375          ptr = pt;            }
         break;  
         }  
1376    
1377        /* If the sequence of hex digits does not end with '}', then we don't          /* If the sequence of hex digits does not end with '}', give an error.
1378        recognize this construct; fall through to the normal \x handling. */          We used just to recognize this construct and fall through to the normal
1379        }          \x handling, but nowadays Perl gives an error, which seems much more
1380            sensible, so we do too. */
1381    
1382      /* Read just a single-byte hex-defined char */          else *errorcodeptr = ERR79;
1383            }   /* End of \x{} processing */
1384    
1385      c = 0;        /* Read a single-byte hex-defined char (up to two hex digits after \x) */
1386      while (i++ < 2 && MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0)  
1387        {        else
1388        int cc;                                  /* Some compilers don't like */          {
1389        cc = *(++ptr);                           /* ++ in initializers */          c = 0;
1390            while (i++ < 2 && MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0)
1391              {
1392              pcre_uint32 cc;                          /* Some compilers don't like */
1393              cc = *(++ptr);                           /* ++ in initializers */
1394  #ifndef EBCDIC  /* ASCII/UTF-8 coding */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
1395        if (cc >= CHAR_a) cc -= 32;              /* Convert to upper case */            if (cc >= CHAR_a) cc -= 32;              /* Convert to upper case */
1396        c = c * 16 + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));            c = c * 16 + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1397  #else           /* EBCDIC coding */  #else           /* EBCDIC coding */
1398        if (cc <= CHAR_z) cc += 64;              /* Convert to upper case */            if (cc <= CHAR_z) cc += 64;              /* Convert to upper case */
1399        c = c * 16 + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));            c = c * 16 + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1400  #endif  #endif
1401        }            }
1402            }     /* End of \xdd handling */
1403          }       /* End of Perl-style \x handling */
1404      break;      break;
1405    
1406      /* For \c, a following letter is upper-cased; then the 0x40 bit is flipped.      /* For \c, a following letter is upper-cased; then the 0x40 bit is flipped.
# Line 1096  else Line 1410  else
1410    
1411      case CHAR_c:      case CHAR_c:
1412      c = *(++ptr);      c = *(++ptr);
1413      if (c == 0)      if (c == CHAR_NULL)
1414        {        {
1415        *errorcodeptr = ERR2;        *errorcodeptr = ERR2;
1416        break;        break;
# Line 1136  else Line 1450  else
1450  newline". PCRE does not support \N{name}. However, it does support  newline". PCRE does not support \N{name}. However, it does support
1451  quantification such as \N{2,3}. */  quantification such as \N{2,3}. */
1452    
1453  if (c == -ESC_N && ptr[1] == CHAR_LEFT_CURLY_BRACKET &&  if (escape == ESC_N && ptr[1] == CHAR_LEFT_CURLY_BRACKET &&
1454       !is_counted_repeat(ptr+2))       !is_counted_repeat(ptr+2))
1455    *errorcodeptr = ERR37;    *errorcodeptr = ERR37;
1456    
1457  /* If PCRE_UCP is set, we change the values for \d etc. */  /* If PCRE_UCP is set, we change the values for \d etc. */
1458    
1459  if ((options & PCRE_UCP) != 0 && c <= -ESC_D && c >= -ESC_w)  if ((options & PCRE_UCP) != 0 && escape >= ESC_D && escape <= ESC_w)
1460    c -= (ESC_DU - ESC_D);    escape += (ESC_DU - ESC_D);
1461    
1462  /* Set the pointer to the final character before returning. */  /* Set the pointer to the final character before returning. */
1463    
1464  *ptrptr = ptr;  *ptrptr = ptr;
1465  return c;  *chptr = c;
1466    return escape;
1467  }  }
1468    
1469    
# Line 1166  escape sequence. Line 1481  escape sequence.
1481  Argument:  Argument:
1482    ptrptr         points to the pattern position pointer    ptrptr         points to the pattern position pointer
1483    negptr         points to a boolean that is set TRUE for negation else FALSE    negptr         points to a boolean that is set TRUE for negation else FALSE
1484    dptr           points to an int that is set to the detailed property value    ptypeptr       points to an unsigned int that is set to the type value
1485      pdataptr       points to an unsigned int that is set to the detailed property value
1486    errorcodeptr   points to the error code variable    errorcodeptr   points to the error code variable
1487    
1488  Returns:         type value from ucp_type_table, or -1 for an invalid type  Returns:         TRUE if the type value was found, or FALSE for an invalid type
1489  */  */
1490    
1491  static int  static BOOL
1492  get_ucp(const pcre_uchar **ptrptr, BOOL *negptr, int *dptr, int *errorcodeptr)  get_ucp(const pcre_uchar **ptrptr, BOOL *negptr, unsigned int *ptypeptr,
1493      unsigned int *pdataptr, int *errorcodeptr)
1494  {  {
1495  int c, i, bot, top;  pcre_uchar c;
1496    int i, bot, top;
1497  const pcre_uchar *ptr = *ptrptr;  const pcre_uchar *ptr = *ptrptr;
1498  pcre_uchar name[32];  pcre_uchar name[32];
1499    
1500  c = *(++ptr);  c = *(++ptr);
1501  if (c == 0) goto ERROR_RETURN;  if (c == CHAR_NULL) goto ERROR_RETURN;
1502    
1503  *negptr = FALSE;  *negptr = FALSE;
1504    
# Line 1197  if (c == CHAR_LEFT_CURLY_BRACKET) Line 1515  if (c == CHAR_LEFT_CURLY_BRACKET)
1515    for (i = 0; i < (int)(sizeof(name) / sizeof(pcre_uchar)) - 1; i++)    for (i = 0; i < (int)(sizeof(name) / sizeof(pcre_uchar)) - 1; i++)
1516      {      {
1517      c = *(++ptr);      c = *(++ptr);
1518      if (c == 0) goto ERROR_RETURN;      if (c == CHAR_NULL) goto ERROR_RETURN;
1519      if (c == CHAR_RIGHT_CURLY_BRACKET) break;      if (c == CHAR_RIGHT_CURLY_BRACKET) break;
1520      name[i] = c;      name[i] = c;
1521      }      }
# Line 1222  top = PRIV(utt_size); Line 1540  top = PRIV(utt_size);
1540    
1541  while (bot < top)  while (bot < top)
1542    {    {
1543      int r;
1544    i = (bot + top) >> 1;    i = (bot + top) >> 1;
1545    c = STRCMP_UC_C8(name, PRIV(utt_names) + PRIV(utt)[i].name_offset);    r = STRCMP_UC_C8(name, PRIV(utt_names) + PRIV(utt)[i].name_offset);
1546    if (c == 0)    if (r == 0)
1547      {      {
1548      *dptr = PRIV(utt)[i].value;      *ptypeptr = PRIV(utt)[i].type;
1549      return PRIV(utt)[i].type;      *pdataptr = PRIV(utt)[i].value;
1550        return TRUE;
1551      }      }
1552    if (c > 0) bot = i + 1; else top = i;    if (r > 0) bot = i + 1; else top = i;
1553    }    }
1554    
1555  *errorcodeptr = ERR47;  *errorcodeptr = ERR47;
1556  *ptrptr = ptr;  *ptrptr = ptr;
1557  return -1;  return FALSE;
1558    
1559  ERROR_RETURN:  ERROR_RETURN:
1560  *errorcodeptr = ERR46;  *errorcodeptr = ERR46;
1561  *ptrptr = ptr;  *ptrptr = ptr;
1562  return -1;  return FALSE;
1563  }  }
1564  #endif  #endif
1565    
1566    
1567    
   
1568  /*************************************************  /*************************************************
1569  *         Read repeat counts                     *  *         Read repeat counts                     *
1570  *************************************************/  *************************************************/
# Line 1271  read_repeat_counts(const pcre_uchar *p, Line 1590  read_repeat_counts(const pcre_uchar *p,
1590  int min = 0;  int min = 0;
1591  int max = -1;  int max = -1;
1592    
1593  /* Read the minimum value and do a paranoid check: a negative value indicates  while (IS_DIGIT(*p))
 an integer overflow. */  
   
 while (IS_DIGIT(*p)) min = min * 10 + *p++ - CHAR_0;  
 if (min < 0 || min > 65535)  
1594    {    {
1595    *errorcodeptr = ERR5;    min = min * 10 + (int)(*p++ - CHAR_0);
1596    return p;    if (min > 65535)
1597        {
1598        *errorcodeptr = ERR5;
1599        return p;
1600        }
1601    }    }
1602    
 /* Read the maximum value if there is one, and again do a paranoid on its size.  
 Also, max must not be less than min. */  
   
1603  if (*p == CHAR_RIGHT_CURLY_BRACKET) max = min; else  if (*p == CHAR_RIGHT_CURLY_BRACKET) max = min; else
1604    {    {
1605    if (*(++p) != CHAR_RIGHT_CURLY_BRACKET)    if (*(++p) != CHAR_RIGHT_CURLY_BRACKET)
1606      {      {
1607      max = 0;      max = 0;
1608      while(IS_DIGIT(*p)) max = max * 10 + *p++ - CHAR_0;      while(IS_DIGIT(*p))
     if (max < 0 || max > 65535)  
1609        {        {
1610        *errorcodeptr = ERR5;        max = max * 10 + (int)(*p++ - CHAR_0);
1611        return p;        if (max > 65535)
1612            {
1613            *errorcodeptr = ERR5;
1614            return p;
1615            }
1616        }        }
1617      if (max < min)      if (max < min)
1618        {        {
# Line 1303  if (*p == CHAR_RIGHT_CURLY_BRACKET) max Line 1622  if (*p == CHAR_RIGHT_CURLY_BRACKET) max
1622      }      }
1623    }    }
1624    
 /* Fill in the required variables, and pass back the pointer to the terminating  
 '}'. */  
   
1625  *minp = min;  *minp = min;
1626  *maxp = max;  *maxp = max;
1627  return p;  return p;
# Line 1314  return p; Line 1630  return p;
1630    
1631    
1632  /*************************************************  /*************************************************
 *  Subroutine for finding forward reference      *  
 *************************************************/  
   
 /* This recursive function is called only from find_parens() below. The  
 top-level call starts at the beginning of the pattern. All other calls must  
 start at a parenthesis. It scans along a pattern's text looking for capturing  
 subpatterns, and counting them. If it finds a named pattern that matches the  
 name it is given, it returns its number. Alternatively, if the name is NULL, it  
 returns when it reaches a given numbered subpattern. Recursion is used to keep  
 track of subpatterns that reset the capturing group numbers - the (?| feature.  
   
 This function was originally called only from the second pass, in which we know  
 that if (?< or (?' or (?P< is encountered, the name will be correctly  
 terminated because that is checked in the first pass. There is now one call to  
 this function in the first pass, to check for a recursive back reference by  
 name (so that we can make the whole group atomic). In this case, we need check  
 only up to the current position in the pattern, and that is still OK because  
 and previous occurrences will have been checked. To make this work, the test  
 for "end of pattern" is a check against cd->end_pattern in the main loop,  
 instead of looking for a binary zero. This means that the special first-pass  
 call can adjust cd->end_pattern temporarily. (Checks for binary zero while  
 processing items within the loop are OK, because afterwards the main loop will  
 terminate.)  
   
 Arguments:  
   ptrptr       address of the current character pointer (updated)  
   cd           compile background data  
   name         name to seek, or NULL if seeking a numbered subpattern  
   lorn         name length, or subpattern number if name is NULL  
   xmode        TRUE if we are in /x mode  
   utf          TRUE if we are in UTF-8 / UTF-16 mode  
   count        pointer to the current capturing subpattern number (updated)  
   
 Returns:       the number of the named subpattern, or -1 if not found  
 */  
   
 static int  
 find_parens_sub(pcre_uchar **ptrptr, compile_data *cd, const pcre_uchar *name, int lorn,  
   BOOL xmode, BOOL utf, int *count)  
 {  
 pcre_uchar *ptr = *ptrptr;  
 int start_count = *count;  
 int hwm_count = start_count;  
 BOOL dup_parens = FALSE;  
   
 /* If the first character is a parenthesis, check on the type of group we are  
 dealing with. The very first call may not start with a parenthesis. */  
   
 if (ptr[0] == CHAR_LEFT_PARENTHESIS)  
   {  
   /* Handle specials such as (*SKIP) or (*UTF8) etc. */  
   
   if (ptr[1] == CHAR_ASTERISK) ptr += 2;  
   
   /* Handle a normal, unnamed capturing parenthesis. */  
   
   else if (ptr[1] != CHAR_QUESTION_MARK)  
     {  
     *count += 1;  
     if (name == NULL && *count == lorn) return *count;  
     ptr++;  
     }  
   
   /* All cases now have (? at the start. Remember when we are in a group  
   where the parenthesis numbers are duplicated. */  
   
   else if (ptr[2] == CHAR_VERTICAL_LINE)  
     {  
     ptr += 3;  
     dup_parens = TRUE;  
     }  
   
   /* Handle comments; all characters are allowed until a ket is reached. */  
   
   else if (ptr[2] == CHAR_NUMBER_SIGN)  
     {  
     for (ptr += 3; *ptr != 0; ptr++) if (*ptr == CHAR_RIGHT_PARENTHESIS) break;  
     goto FAIL_EXIT;  
     }  
   
   /* Handle a condition. If it is an assertion, just carry on so that it  
   is processed as normal. If not, skip to the closing parenthesis of the  
   condition (there can't be any nested parens). */  
   
   else if (ptr[2] == CHAR_LEFT_PARENTHESIS)  
     {  
     ptr += 2;  
     if (ptr[1] != CHAR_QUESTION_MARK)  
       {  
       while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;  
       if (*ptr != 0) ptr++;  
       }  
     }  
   
   /* Start with (? but not a condition. */  
   
   else  
     {  
     ptr += 2;  
     if (*ptr == CHAR_P) ptr++;                      /* Allow optional P */  
   
     /* We have to disambiguate (?<! and (?<= from (?<name> for named groups */  
   
     if ((*ptr == CHAR_LESS_THAN_SIGN && ptr[1] != CHAR_EXCLAMATION_MARK &&  
         ptr[1] != CHAR_EQUALS_SIGN) || *ptr == CHAR_APOSTROPHE)  
       {  
       int term;  
       const pcre_uchar *thisname;  
       *count += 1;  
       if (name == NULL && *count == lorn) return *count;  
       term = *ptr++;  
       if (term == CHAR_LESS_THAN_SIGN) term = CHAR_GREATER_THAN_SIGN;  
       thisname = ptr;  
       while (*ptr != term) ptr++;  
       if (name != NULL && lorn == ptr - thisname &&  
           STRNCMP_UC_UC(name, thisname, lorn) == 0)  
         return *count;  
       term++;  
       }  
     }  
   }  
   
 /* Past any initial parenthesis handling, scan for parentheses or vertical  
 bars. Stop if we get to cd->end_pattern. Note that this is important for the  
 first-pass call when this value is temporarily adjusted to stop at the current  
 position. So DO NOT change this to a test for binary zero. */  
   
 for (; ptr < cd->end_pattern; ptr++)  
   {  
   /* Skip over backslashed characters and also entire \Q...\E */  
   
   if (*ptr == CHAR_BACKSLASH)  
     {  
     if (*(++ptr) == 0) goto FAIL_EXIT;  
     if (*ptr == CHAR_Q) for (;;)  
       {  
       while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};  
       if (*ptr == 0) goto FAIL_EXIT;  
       if (*(++ptr) == CHAR_E) break;  
       }  
     continue;  
     }  
   
   /* Skip over character classes; this logic must be similar to the way they  
   are handled for real. If the first character is '^', skip it. Also, if the  
   first few characters (either before or after ^) are \Q\E or \E we skip them  
   too. This makes for compatibility with Perl. Note the use of STR macros to  
   encode "Q\\E" so that it works in UTF-8 on EBCDIC platforms. */  
   
   if (*ptr == CHAR_LEFT_SQUARE_BRACKET)  
     {  
     BOOL negate_class = FALSE;  
     for (;;)  
       {  
       if (ptr[1] == CHAR_BACKSLASH)  
         {  
         if (ptr[2] == CHAR_E)  
           ptr+= 2;  
         else if (STRNCMP_UC_C8(ptr + 2,  
                  STR_Q STR_BACKSLASH STR_E, 3) == 0)  
           ptr += 4;  
         else  
           break;  
         }  
       else if (!negate_class && ptr[1] == CHAR_CIRCUMFLEX_ACCENT)  
         {  
         negate_class = TRUE;  
         ptr++;  
         }  
       else break;  
       }  
   
     /* If the next character is ']', it is a data character that must be  
     skipped, except in JavaScript compatibility mode. */  
   
     if (ptr[1] == CHAR_RIGHT_SQUARE_BRACKET &&  
         (cd->external_options & PCRE_JAVASCRIPT_COMPAT) == 0)  
       ptr++;  
   
     while (*(++ptr) != CHAR_RIGHT_SQUARE_BRACKET)  
       {  
       if (*ptr == 0) return -1;  
       if (*ptr == CHAR_BACKSLASH)  
         {  
         if (*(++ptr) == 0) goto FAIL_EXIT;  
         if (*ptr == CHAR_Q) for (;;)  
           {  
           while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};  
           if (*ptr == 0) goto FAIL_EXIT;  
           if (*(++ptr) == CHAR_E) break;  
           }  
         continue;  
         }  
       }  
     continue;  
     }  
   
   /* Skip comments in /x mode */  
   
   if (xmode && *ptr == CHAR_NUMBER_SIGN)  
     {  
     ptr++;  
     while (*ptr != 0)  
       {  
       if (IS_NEWLINE(ptr)) { ptr += cd->nllen - 1; break; }  
       ptr++;  
 #ifdef SUPPORT_UTF  
       if (utf) FORWARDCHAR(ptr);  
 #endif  
       }  
     if (*ptr == 0) goto FAIL_EXIT;  
     continue;  
     }  
   
   /* Check for the special metacharacters */  
   
   if (*ptr == CHAR_LEFT_PARENTHESIS)  
     {  
     int rc = find_parens_sub(&ptr, cd, name, lorn, xmode, utf, count);  
     if (rc > 0) return rc;  
     if (*ptr == 0) goto FAIL_EXIT;  
     }  
   
   else if (*ptr == CHAR_RIGHT_PARENTHESIS)  
     {  
     if (dup_parens && *count < hwm_count) *count = hwm_count;  
     goto FAIL_EXIT;  
     }  
   
   else if (*ptr == CHAR_VERTICAL_LINE && dup_parens)  
     {  
     if (*count > hwm_count) hwm_count = *count;  
     *count = start_count;  
     }  
   }  
   
 FAIL_EXIT:  
 *ptrptr = ptr;  
 return -1;  
 }  
   
   
   
   
 /*************************************************  
 *       Find forward referenced subpattern       *  
 *************************************************/  
   
 /* This function scans along a pattern's text looking for capturing  
 subpatterns, and counting them. If it finds a named pattern that matches the  
 name it is given, it returns its number. Alternatively, if the name is NULL, it  
 returns when it reaches a given numbered subpattern. This is used for forward  
 references to subpatterns. We used to be able to start this scan from the  
 current compiling point, using the current count value from cd->bracount, and  
 do it all in a single loop, but the addition of the possibility of duplicate  
 subpattern numbers means that we have to scan from the very start, in order to  
 take account of such duplicates, and to use a recursive function to keep track  
 of the different types of group.  
   
 Arguments:  
   cd           compile background data  
   name         name to seek, or NULL if seeking a numbered subpattern  
   lorn         name length, or subpattern number if name is NULL  
   xmode        TRUE if we are in /x mode  
   utf          TRUE if we are in UTF-8 / UTF-16 mode  
   
 Returns:       the number of the found subpattern, or -1 if not found  
 */  
   
 static int  
 find_parens(compile_data *cd, const pcre_uchar *name, int lorn, BOOL xmode,  
   BOOL utf)  
 {  
 pcre_uchar *ptr = (pcre_uchar *)cd->start_pattern;  
 int count = 0;  
 int rc;  
   
 /* If the pattern does not start with an opening parenthesis, the first call  
 to find_parens_sub() will scan right to the end (if necessary). However, if it  
 does start with a parenthesis, find_parens_sub() will return when it hits the  
 matching closing parens. That is why we have to have a loop. */  
   
 for (;;)  
   {  
   rc = find_parens_sub(&ptr, cd, name, lorn, xmode, utf, &count);  
   if (rc > 0 || *ptr++ == 0) break;  
   }  
   
 return rc;  
 }  
   
   
   
   
 /*************************************************  
1633  *      Find first significant op code            *  *      Find first significant op code            *
1634  *************************************************/  *************************************************/
1635    
# Line 1647  for (;;) Line 1668  for (;;)
1668    
1669      case OP_CALLOUT:      case OP_CALLOUT:
1670      case OP_CREF:      case OP_CREF:
1671      case OP_NCREF:      case OP_DNCREF:
1672      case OP_RREF:      case OP_RREF:
1673      case OP_NRREF:      case OP_DNRREF:
1674      case OP_DEF:      case OP_DEF:
1675      code += PRIV(OP_lengths)[*code];      code += PRIV(OP_lengths)[*code];
1676      break;      break;
# Line 1663  for (;;) Line 1684  for (;;)
1684    
1685    
1686    
   
1687  /*************************************************  /*************************************************
1688  *        Find the fixed length of a branch       *  *        Find the fixed length of a branch       *
1689  *************************************************/  *************************************************/
# Line 1681  and doing the check at the end; a flag s Line 1701  and doing the check at the end; a flag s
1701    
1702  Arguments:  Arguments:
1703    code     points to the start of the pattern (the bracket)    code     points to the start of the pattern (the bracket)
1704    utf      TRUE in UTF-8 / UTF-16 mode    utf      TRUE in UTF-8 / UTF-16 / UTF-32 mode
1705    atend    TRUE if called when the pattern is complete    atend    TRUE if called when the pattern is complete
1706    cd       the "compile data" structure    cd       the "compile data" structure
1707    
# Line 1707  for (;;) Line 1727  for (;;)
1727    {    {
1728    int d;    int d;
1729    pcre_uchar *ce, *cs;    pcre_uchar *ce, *cs;
1730    register int op = *cc;    register pcre_uchar op = *cc;
1731    
1732    switch (op)    switch (op)
1733      {      {
1734      /* We only need to continue for OP_CBRA (normal capturing bracket) and      /* We only need to continue for OP_CBRA (normal capturing bracket) and
# Line 1769  for (;;) Line 1789  for (;;)
1789      case OP_ASSERTBACK_NOT:      case OP_ASSERTBACK_NOT:
1790      do cc += GET(cc, 1); while (*cc == OP_ALT);      do cc += GET(cc, 1); while (*cc == OP_ALT);
1791      cc += PRIV(OP_lengths)[*cc];      cc += PRIV(OP_lengths)[*cc];
1792      break;      break;
1793    
1794      /* Skip over things that don't match chars */      /* Skip over things that don't match chars */
1795    
# Line 1787  for (;;) Line 1807  for (;;)
1807      case OP_COMMIT:      case OP_COMMIT:
1808      case OP_CREF:      case OP_CREF:
1809      case OP_DEF:      case OP_DEF:
1810        case OP_DNCREF:
1811        case OP_DNRREF:
1812      case OP_DOLL:      case OP_DOLL:
1813      case OP_DOLLM:      case OP_DOLLM:
1814      case OP_EOD:      case OP_EOD:
1815      case OP_EODN:      case OP_EODN:
1816      case OP_FAIL:      case OP_FAIL:
     case OP_NCREF:  
     case OP_NRREF:  
1817      case OP_NOT_WORD_BOUNDARY:      case OP_NOT_WORD_BOUNDARY:
1818      case OP_PRUNE:      case OP_PRUNE:
1819      case OP_REVERSE:      case OP_REVERSE:
# Line 1827  for (;;) Line 1847  for (;;)
1847      case OP_EXACTI:      case OP_EXACTI:
1848      case OP_NOTEXACT:      case OP_NOTEXACT:
1849      case OP_NOTEXACTI:      case OP_NOTEXACTI:
1850      branchlength += GET2(cc,1);      branchlength += (int)GET2(cc,1);
1851      cc += 2 + IMM2_SIZE;      cc += 2 + IMM2_SIZE;
1852  #ifdef SUPPORT_UTF  #ifdef SUPPORT_UTF
1853      if (utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]);      if (utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]);
# Line 1836  for (;;) Line 1856  for (;;)
1856    
1857      case OP_TYPEEXACT:      case OP_TYPEEXACT:
1858      branchlength += GET2(cc,1);      branchlength += GET2(cc,1);
1859      if (cc[1 + IMM2_SIZE] == OP_PROP || cc[1 + IMM2_SIZE] == OP_NOTPROP) cc += 2;      if (cc[1 + IMM2_SIZE] == OP_PROP || cc[1 + IMM2_SIZE] == OP_NOTPROP)
1860          cc += 2;
1861      cc += 1 + IMM2_SIZE + 1;      cc += 1 + IMM2_SIZE + 1;
1862      break;      break;
1863    
# Line 1871  for (;;) Line 1892  for (;;)
1892    
1893      /* Check a class for variable quantification */      /* Check a class for variable quantification */
1894    
 #if defined SUPPORT_UTF || defined COMPILE_PCRE16  
     case OP_XCLASS:  
     cc += GET(cc, 1) - PRIV(OP_lengths)[OP_CLASS];  
     /* Fall through */  
 #endif  
   
1895      case OP_CLASS:      case OP_CLASS:
1896      case OP_NCLASS:      case OP_NCLASS:
1897    #if defined SUPPORT_UTF || defined COMPILE_PCRE16 || defined COMPILE_PCRE32
1898        case OP_XCLASS:
1899        /* The original code caused an unsigned overflow in 64 bit systems,
1900        so now we use a conditional statement. */
1901        if (op == OP_XCLASS)
1902          cc += GET(cc, 1);
1903        else
1904          cc += PRIV(OP_lengths)[OP_CLASS];
1905    #else
1906      cc += PRIV(OP_lengths)[OP_CLASS];      cc += PRIV(OP_lengths)[OP_CLASS];
1907    #endif
1908    
1909      switch (*cc)      switch (*cc)
1910        {        {
       case OP_CRPLUS:  
       case OP_CRMINPLUS:  
1911        case OP_CRSTAR:        case OP_CRSTAR:
1912        case OP_CRMINSTAR:        case OP_CRMINSTAR:
1913          case OP_CRPLUS:
1914          case OP_CRMINPLUS:
1915        case OP_CRQUERY:        case OP_CRQUERY:
1916        case OP_CRMINQUERY:        case OP_CRMINQUERY:
1917          case OP_CRPOSSTAR:
1918          case OP_CRPOSPLUS:
1919          case OP_CRPOSQUERY:
1920        return -1;        return -1;
1921    
1922        case OP_CRRANGE:        case OP_CRRANGE:
1923        case OP_CRMINRANGE:        case OP_CRMINRANGE:
1924          case OP_CRPOSRANGE:
1925        if (GET2(cc,1) != GET2(cc,1+IMM2_SIZE)) return -1;        if (GET2(cc,1) != GET2(cc,1+IMM2_SIZE)) return -1;
1926        branchlength += GET2(cc,1);        branchlength += (int)GET2(cc,1);
1927        cc += 1 + 2 * IMM2_SIZE;        cc += 1 + 2 * IMM2_SIZE;
1928        break;        break;
1929    
# Line 1961  for (;;) Line 1990  for (;;)
1990      case OP_QUERYI:      case OP_QUERYI:
1991      case OP_REF:      case OP_REF:
1992      case OP_REFI:      case OP_REFI:
1993        case OP_DNREF:
1994        case OP_DNREFI:
1995      case OP_SBRA:      case OP_SBRA:
1996      case OP_SBRAPOS:      case OP_SBRAPOS:
1997      case OP_SCBRA:      case OP_SCBRA:
# Line 1997  for (;;) Line 2028  for (;;)
2028    
2029    
2030    
   
2031  /*************************************************  /*************************************************
2032  *    Scan compiled regex for specific bracket    *  *    Scan compiled regex for specific bracket    *
2033  *************************************************/  *************************************************/
# Line 2010  length. Line 2040  length.
2040    
2041  Arguments:  Arguments:
2042    code        points to start of expression    code        points to start of expression
2043    utf         TRUE in UTF-8 / UTF-16 mode    utf         TRUE in UTF-8 / UTF-16 / UTF-32 mode
2044    number      the required bracket number or negative to find a lookbehind    number      the required bracket number or negative to find a lookbehind
2045    
2046  Returns:      pointer to the opcode for the bracket, or NULL if not found  Returns:      pointer to the opcode for the bracket, or NULL if not found
# Line 2021  PRIV(find_bracket)(const pcre_uchar *cod Line 2051  PRIV(find_bracket)(const pcre_uchar *cod
2051  {  {
2052  for (;;)  for (;;)
2053    {    {
2054    register int c = *code;    register pcre_uchar c = *code;
2055    
2056    if (c == OP_END) return NULL;    if (c == OP_END) return NULL;
2057    
# Line 2044  for (;;) Line 2074  for (;;)
2074    else if (c == OP_CBRA || c == OP_SCBRA ||    else if (c == OP_CBRA || c == OP_SCBRA ||
2075             c == OP_CBRAPOS || c == OP_SCBRAPOS)             c == OP_CBRAPOS || c == OP_SCBRAPOS)
2076      {      {
2077      int n = GET2(code, 1+LINK_SIZE);      int n = (int)GET2(code, 1+LINK_SIZE);
2078      if (n == number) return (pcre_uchar *)code;      if (n == number) return (pcre_uchar *)code;
2079      code += PRIV(OP_lengths)[c];      code += PRIV(OP_lengths)[c];
2080      }      }
# Line 2074  for (;;) Line 2104  for (;;)
2104        case OP_TYPEMINUPTO:        case OP_TYPEMINUPTO:
2105        case OP_TYPEEXACT:        case OP_TYPEEXACT:
2106        case OP_TYPEPOSUPTO:        case OP_TYPEPOSUPTO:
2107        if (code[1 + IMM2_SIZE] == OP_PROP        if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2108          || code[1 + IMM2_SIZE] == OP_NOTPROP) code += 2;          code += 2;
2109        break;        break;
2110    
2111        case OP_MARK:        case OP_MARK:
2112        case OP_PRUNE_ARG:        case OP_PRUNE_ARG:
2113        case OP_SKIP_ARG:        case OP_SKIP_ARG:
       code += code[1];  
       break;  
   
2114        case OP_THEN_ARG:        case OP_THEN_ARG:
2115        code += code[1];        code += code[1];
2116        break;        break;
# Line 2097  for (;;) Line 2124  for (;;)
2124    a multi-byte character. The length in the table is a minimum, so we have to    a multi-byte character. The length in the table is a minimum, so we have to
2125    arrange to skip the extra bytes. */    arrange to skip the extra bytes. */
2126    
2127  #ifdef SUPPORT_UTF  #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2128      if (utf) switch(c)      if (utf) switch(c)
2129        {        {
2130        case OP_CHAR:        case OP_CHAR:
2131        case OP_CHARI:        case OP_CHARI:
2132          case OP_NOT:
2133          case OP_NOTI:
2134        case OP_EXACT:        case OP_EXACT:
2135        case OP_EXACTI:        case OP_EXACTI:
2136          case OP_NOTEXACT:
2137          case OP_NOTEXACTI:
2138        case OP_UPTO:        case OP_UPTO:
2139        case OP_UPTOI:        case OP_UPTOI:
2140          case OP_NOTUPTO:
2141          case OP_NOTUPTOI:
2142        case OP_MINUPTO:        case OP_MINUPTO:
2143        case OP_MINUPTOI:        case OP_MINUPTOI:
2144          case OP_NOTMINUPTO:
2145          case OP_NOTMINUPTOI:
2146        case OP_POSUPTO:        case OP_POSUPTO:
2147        case OP_POSUPTOI:        case OP_POSUPTOI:
2148          case OP_NOTPOSUPTO:
2149          case OP_NOTPOSUPTOI:
2150        case OP_STAR:        case OP_STAR:
2151        case OP_STARI:        case OP_STARI:
2152          case OP_NOTSTAR:
2153          case OP_NOTSTARI:
2154        case OP_MINSTAR:        case OP_MINSTAR:
2155        case OP_MINSTARI:        case OP_MINSTARI:
2156          case OP_NOTMINSTAR:
2157          case OP_NOTMINSTARI:
2158        case OP_POSSTAR:        case OP_POSSTAR:
2159        case OP_POSSTARI:        case OP_POSSTARI:
2160          case OP_NOTPOSSTAR:
2161          case OP_NOTPOSSTARI:
2162        case OP_PLUS:        case OP_PLUS:
2163        case OP_PLUSI:        case OP_PLUSI:
2164          case OP_NOTPLUS:
2165          case OP_NOTPLUSI:
2166        case OP_MINPLUS:        case OP_MINPLUS:
2167        case OP_MINPLUSI:        case OP_MINPLUSI:
2168          case OP_NOTMINPLUS:
2169          case OP_NOTMINPLUSI:
2170        case OP_POSPLUS:        case OP_POSPLUS:
2171        case OP_POSPLUSI:        case OP_POSPLUSI:
2172          case OP_NOTPOSPLUS:
2173          case OP_NOTPOSPLUSI:
2174        case OP_QUERY:        case OP_QUERY:
2175        case OP_QUERYI:        case OP_QUERYI:
2176          case OP_NOTQUERY:
2177          case OP_NOTQUERYI:
2178        case OP_MINQUERY:        case OP_MINQUERY:
2179        case OP_MINQUERYI:        case OP_MINQUERYI:
2180          case OP_NOTMINQUERY:
2181          case OP_NOTMINQUERYI:
2182        case OP_POSQUERY:        case OP_POSQUERY:
2183        case OP_POSQUERYI:        case OP_POSQUERYI:
2184          case OP_NOTPOSQUERY:
2185          case OP_NOTPOSQUERYI:
2186        if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);        if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);
2187        break;        break;
2188        }        }
# Line 2149  instance of OP_RECURSE. Line 2204  instance of OP_RECURSE.
2204    
2205  Arguments:  Arguments:
2206    code        points to start of expression    code        points to start of expression
2207    utf         TRUE in UTF-8 / UTF-16 mode    utf         TRUE in UTF-8 / UTF-16 / UTF-32 mode
2208    
2209  Returns:      pointer to the opcode for OP_RECURSE, or NULL if not found  Returns:      pointer to the opcode for OP_RECURSE, or NULL if not found
2210  */  */
# Line 2159  find_recurse(const pcre_uchar *code, BOO Line 2214  find_recurse(const pcre_uchar *code, BOO
2214  {  {
2215  for (;;)  for (;;)
2216    {    {
2217    register int c = *code;    register pcre_uchar c = *code;
2218    if (c == OP_END) return NULL;    if (c == OP_END) return NULL;
2219    if (c == OP_RECURSE) return code;    if (c == OP_RECURSE) return code;
2220    
# Line 2194  for (;;) Line 2249  for (;;)
2249        case OP_TYPEUPTO:        case OP_TYPEUPTO:
2250        case OP_TYPEMINUPTO:        case OP_TYPEMINUPTO:
2251        case OP_TYPEEXACT:        case OP_TYPEEXACT:
2252        if (code[1 + IMM2_SIZE] == OP_PROP        if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2253          || code[1 + IMM2_SIZE] == OP_NOTPROP) code += 2;          code += 2;
2254        break;        break;
2255    
2256        case OP_MARK:        case OP_MARK:
2257        case OP_PRUNE_ARG:        case OP_PRUNE_ARG:
2258        case OP_SKIP_ARG:        case OP_SKIP_ARG:
       code += code[1];  
       break;  
   
2259        case OP_THEN_ARG:        case OP_THEN_ARG:
2260        code += code[1];        code += code[1];
2261        break;        break;
# Line 2217  for (;;) Line 2269  for (;;)
2269      by a multi-byte character. The length in the table is a minimum, so we have      by a multi-byte character. The length in the table is a minimum, so we have
2270      to arrange to skip the extra bytes. */      to arrange to skip the extra bytes. */
2271    
2272  #ifdef SUPPORT_UTF  #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2273      if (utf) switch(c)      if (utf) switch(c)
2274        {        {
2275        case OP_CHAR:        case OP_CHAR:
2276        case OP_CHARI:        case OP_CHARI:
2277          case OP_NOT:
2278          case OP_NOTI:
2279        case OP_EXACT:        case OP_EXACT:
2280        case OP_EXACTI:        case OP_EXACTI:
2281          case OP_NOTEXACT:
2282          case OP_NOTEXACTI:
2283        case OP_UPTO:        case OP_UPTO:
2284        case OP_UPTOI:        case OP_UPTOI:
2285          case OP_NOTUPTO:
2286          case OP_NOTUPTOI:
2287        case OP_MINUPTO:        case OP_MINUPTO:
2288        case OP_MINUPTOI:        case OP_MINUPTOI:
2289          case OP_NOTMINUPTO:
2290          case OP_NOTMINUPTOI:
2291        case OP_POSUPTO:        case OP_POSUPTO:
2292        case OP_POSUPTOI:        case OP_POSUPTOI:
2293          case OP_NOTPOSUPTO:
2294          case OP_NOTPOSUPTOI:
2295        case OP_STAR:        case OP_STAR:
2296        case OP_STARI:        case OP_STARI:
2297          case OP_NOTSTAR:
2298          case OP_NOTSTARI:
2299        case OP_MINSTAR:        case OP_MINSTAR:
2300        case OP_MINSTARI:        case OP_MINSTARI:
2301          case OP_NOTMINSTAR:
2302          case OP_NOTMINSTARI:
2303        case OP_POSSTAR:        case OP_POSSTAR:
2304        case OP_POSSTARI:        case OP_POSSTARI:
2305          case OP_NOTPOSSTAR:
2306          case OP_NOTPOSSTARI:
2307        case OP_PLUS:        case OP_PLUS:
2308        case OP_PLUSI:        case OP_PLUSI:
2309          case OP_NOTPLUS:
2310          case OP_NOTPLUSI:
2311        case OP_MINPLUS:        case OP_MINPLUS:
2312        case OP_MINPLUSI:        case OP_MINPLUSI:
2313          case OP_NOTMINPLUS:
2314          case OP_NOTMINPLUSI:
2315        case OP_POSPLUS:        case OP_POSPLUS:
2316        case OP_POSPLUSI:        case OP_POSPLUSI:
2317          case OP_NOTPOSPLUS:
2318          case OP_NOTPOSPLUSI:
2319        case OP_QUERY:        case OP_QUERY:
2320        case OP_QUERYI:        case OP_QUERYI:
2321          case OP_NOTQUERY:
2322          case OP_NOTQUERYI:
2323        case OP_MINQUERY:        case OP_MINQUERY:
2324        case OP_MINQUERYI:        case OP_MINQUERYI:
2325          case OP_NOTMINQUERY:
2326          case OP_NOTMINQUERYI:
2327        case OP_POSQUERY:        case OP_POSQUERY:
2328        case OP_POSQUERYI:        case OP_POSQUERYI:
2329          case OP_NOTPOSQUERY:
2330          case OP_NOTPOSQUERYI:
2331        if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);        if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);
2332        break;        break;
2333        }        }
# Line 2275  bracket whose current branch will alread Line 2355  bracket whose current branch will alread
2355  Arguments:  Arguments:
2356    code        points to start of search    code        points to start of search
2357    endcode     points to where to stop    endcode     points to where to stop
2358    utf         TRUE if in UTF-8 / UTF-16 mode    utf         TRUE if in UTF-8 / UTF-16 / UTF-32 mode
2359    cd          contains pointers to tables etc.    cd          contains pointers to tables etc.
2360      recurses    chain of recurse_check to catch mutual recursion
2361    
2362  Returns:      TRUE if what is matched could be empty  Returns:      TRUE if what is matched could be empty
2363  */  */
2364    
2365    typedef struct recurse_check {
2366      struct recurse_check *prev;
2367      const pcre_uchar *group;
2368    } recurse_check;
2369    
2370  static BOOL  static BOOL
2371  could_be_empty_branch(const pcre_uchar *code, const pcre_uchar *endcode,  could_be_empty_branch(const pcre_uchar *code, const pcre_uchar *endcode,
2372    BOOL utf, compile_data *cd)    BOOL utf, compile_data *cd, recurse_check *recurses)
2373  {  {
2374  register int c;  register pcre_uchar c;
2375    recurse_check this_recurse;
2376    
2377  for (code = first_significant_code(code + PRIV(OP_lengths)[*code], TRUE);  for (code = first_significant_code(code + PRIV(OP_lengths)[*code], TRUE);
2378       code < endcode;       code < endcode;
2379       code = first_significant_code(code + PRIV(OP_lengths)[c], TRUE))       code = first_significant_code(code + PRIV(OP_lengths)[c], TRUE))
# Line 2313  for (code = first_significant_code(code Line 2401  for (code = first_significant_code(code
2401    
2402    if (c == OP_RECURSE)    if (c == OP_RECURSE)
2403      {      {
2404      const pcre_uchar *scode;      const pcre_uchar *scode = cd->start_code + GET(code, 1);
2405        const pcre_uchar *endgroup = scode;
2406      BOOL empty_branch;      BOOL empty_branch;
2407    
2408      /* Test for forward reference */      /* Test for forward reference or uncompleted reference. This is disabled
2409        when called to scan a completed pattern by setting cd->start_workspace to
2410        NULL. */
2411    
2412        if (cd->start_workspace != NULL)
2413          {
2414          const pcre_uchar *tcode;
2415          for (tcode = cd->start_workspace; tcode < cd->hwm; tcode += LINK_SIZE)
2416            if ((int)GET(tcode, 0) == (int)(code + 1 - cd->start_code)) return TRUE;
2417          if (GET(scode, 1) == 0) return TRUE;    /* Unclosed */
2418          }
2419    
2420        /* If the reference is to a completed group, we need to detect whether this
2421        is a recursive call, as otherwise there will be an infinite loop. If it is
2422        a recursion, just skip over it. Simple recursions are easily detected. For
2423        mutual recursions we keep a chain on the stack. */
2424    
2425      for (scode = cd->start_workspace; scode < cd->hwm; scode += LINK_SIZE)      do endgroup += GET(endgroup, 1); while (*endgroup == OP_ALT);
2426        if (GET(scode, 0) == code + 1 - cd->start_code) return TRUE;      if (code >= scode && code <= endgroup) continue;  /* Simple recursion */
2427        else
2428          {
2429          recurse_check *r = recurses;
2430          for (r = recurses; r != NULL; r = r->prev)
2431            if (r->group == scode) break;
2432          if (r != NULL) continue;   /* Mutual recursion */
2433          }
2434    
2435      /* Not a forward reference, test for completed backward reference */      /* Completed reference; scan the referenced group, remembering it on the
2436        stack chain to detect mutual recursions. */
2437    
2438      empty_branch = FALSE;      empty_branch = FALSE;
2439      scode = cd->start_code + GET(code, 1);      this_recurse.prev = recurses;
2440      if (GET(scode, 1) == 0) return TRUE;    /* Unclosed */      this_recurse.group = scode;
   
     /* Completed backwards reference */  
2441    
2442      do      do
2443        {        {
2444        if (could_be_empty_branch(scode, endcode, utf, cd))        if (could_be_empty_branch(scode, endcode, utf, cd, &this_recurse))
2445          {          {
2446          empty_branch = TRUE;          empty_branch = TRUE;
2447          break;          break;
# Line 2387  for (code = first_significant_code(code Line 2497  for (code = first_significant_code(code
2497        empty_branch = FALSE;        empty_branch = FALSE;
2498        do        do
2499          {          {
2500          if (!empty_branch && could_be_empty_branch(code, endcode, utf, cd))          if (!empty_branch && could_be_empty_branch(code, endcode, utf, cd,
2501            empty_branch = TRUE;            recurses)) empty_branch = TRUE;
2502          code += GET(code, 1);          code += GET(code, 1);
2503          }          }
2504        while (*code == OP_ALT);        while (*code == OP_ALT);
# Line 2429  for (code = first_significant_code(code Line 2539  for (code = first_significant_code(code
2539        case OP_CRMINSTAR:        case OP_CRMINSTAR:
2540        case OP_CRQUERY:        case OP_CRQUERY:
2541        case OP_CRMINQUERY:        case OP_CRMINQUERY:
2542          case OP_CRPOSSTAR:
2543          case OP_CRPOSQUERY:
2544        break;        break;
2545    
2546        default:                   /* Non-repeat => class must match */        default:                   /* Non-repeat => class must match */
2547        case OP_CRPLUS:            /* These repeats aren't empty */        case OP_CRPLUS:            /* These repeats aren't empty */
2548        case OP_CRMINPLUS:        case OP_CRMINPLUS:
2549          case OP_CRPOSPLUS:
2550        return FALSE;        return FALSE;
2551    
2552        case OP_CRRANGE:        case OP_CRRANGE:
2553        case OP_CRMINRANGE:        case OP_CRMINRANGE:
2554          case OP_CRPOSRANGE:
2555        if (GET2(ccode, 1) > 0) return FALSE;  /* Minimum > 0 */        if (GET2(ccode, 1) > 0) return FALSE;  /* Minimum > 0 */
2556        break;        break;
2557        }        }
# Line 2445  for (code = first_significant_code(code Line 2559  for (code = first_significant_code(code
2559    
2560      /* Opcodes that must match a character */      /* Opcodes that must match a character */
2561    
2562        case OP_ANY:
2563        case OP_ALLANY:
2564        case OP_ANYBYTE:
2565    
2566      case OP_PROP:      case OP_PROP:
2567      case OP_NOTPROP:      case OP_NOTPROP:
2568        case OP_ANYNL:
2569    
2570        case OP_NOT_HSPACE:
2571        case OP_HSPACE:
2572        case OP_NOT_VSPACE:
2573        case OP_VSPACE:
2574      case OP_EXTUNI:      case OP_EXTUNI:
2575    
2576      case OP_NOT_DIGIT:      case OP_NOT_DIGIT:
2577      case OP_DIGIT:      case OP_DIGIT:
2578      case OP_NOT_WHITESPACE:      case OP_NOT_WHITESPACE:
2579      case OP_WHITESPACE:      case OP_WHITESPACE:
2580      case OP_NOT_WORDCHAR:      case OP_NOT_WORDCHAR:
2581      case OP_WORDCHAR:      case OP_WORDCHAR:
2582      case OP_ANY:  
     case OP_ALLANY:  
     case OP_ANYBYTE:  
2583      case OP_CHAR:      case OP_CHAR:
2584      case OP_CHARI:      case OP_CHARI:
2585      case OP_NOT:      case OP_NOT:
2586      case OP_NOTI:      case OP_NOTI:
2587    
2588      case OP_PLUS:      case OP_PLUS:
2589        case OP_PLUSI:
2590      case OP_MINPLUS:      case OP_MINPLUS:
2591      case OP_POSPLUS:      case OP_MINPLUSI:
2592      case OP_EXACT:  
2593      case OP_NOTPLUS:      case OP_NOTPLUS:
2594        case OP_NOTPLUSI:
2595      case OP_NOTMINPLUS:      case OP_NOTMINPLUS:
2596        case OP_NOTMINPLUSI:
2597    
2598        case OP_POSPLUS:
2599        case OP_POSPLUSI:
2600      case OP_NOTPOSPLUS:      case OP_NOTPOSPLUS:
2601        case OP_NOTPOSPLUSI:
2602    
2603        case OP_EXACT:
2604        case OP_EXACTI:
2605      case OP_NOTEXACT:      case OP_NOTEXACT:
2606        case OP_NOTEXACTI:
2607    
2608      case OP_TYPEPLUS:      case OP_TYPEPLUS:
2609      case OP_TYPEMINPLUS:      case OP_TYPEMINPLUS:
2610      case OP_TYPEPOSPLUS:      case OP_TYPEPOSPLUS:
2611      case OP_TYPEEXACT:      case OP_TYPEEXACT:
2612    
2613      return FALSE;      return FALSE;
2614    
2615      /* These are going to continue, as they may be empty, but we have to      /* These are going to continue, as they may be empty, but we have to
# Line 2492  for (code = first_significant_code(code Line 2629  for (code = first_significant_code(code
2629      case OP_TYPEUPTO:      case OP_TYPEUPTO:
2630      case OP_TYPEMINUPTO:      case OP_TYPEMINUPTO:
2631      case OP_TYPEPOSUPTO:      case OP_TYPEPOSUPTO:
2632      if (code[1 + IMM2_SIZE] == OP_PROP      if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2633        || code[1 + IMM2_SIZE] == OP_NOTPROP) code += 2;        code += 2;
2634      break;      break;
2635    
2636      /* End of branch */      /* End of branch */
# Line 2506  for (code = first_significant_code(code Line 2643  for (code = first_significant_code(code
2643      return TRUE;      return TRUE;
2644    
2645      /* In UTF-8 mode, STAR, MINSTAR, POSSTAR, QUERY, MINQUERY, POSQUERY, UPTO,      /* In UTF-8 mode, STAR, MINSTAR, POSSTAR, QUERY, MINQUERY, POSQUERY, UPTO,
2646      MINUPTO, and POSUPTO may be followed by a multibyte character */      MINUPTO, and POSUPTO and their caseless and negative versions may be
2647        followed by a multibyte character. */
2648    
2649  #ifdef SUPPORT_UTF  #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2650      case OP_STAR:      case OP_STAR:
2651      case OP_STARI:      case OP_STARI:
2652        case OP_NOTSTAR:
2653        case OP_NOTSTARI:
2654    
2655      case OP_MINSTAR:      case OP_MINSTAR:
2656      case OP_MINSTARI:      case OP_MINSTARI:
2657        case OP_NOTMINSTAR:
2658        case OP_NOTMINSTARI:
2659    
2660      case OP_POSSTAR:      case OP_POSSTAR:
2661      case OP_POSSTARI:      case OP_POSSTARI:
2662        case OP_NOTPOSSTAR:
2663        case OP_NOTPOSSTARI:
2664    
2665      case OP_QUERY:      case OP_QUERY:
2666      case OP_QUERYI:      case OP_QUERYI:
2667        case OP_NOTQUERY:
2668        case OP_NOTQUERYI:
2669    
2670      case OP_MINQUERY:      case OP_MINQUERY:
2671      case OP_MINQUERYI:      case OP_MINQUERYI:
2672        case OP_NOTMINQUERY:
2673        case OP_NOTMINQUERYI:
2674    
2675      case OP_POSQUERY:      case OP_POSQUERY:
2676      case OP_POSQUERYI:      case OP_POSQUERYI:
2677        case OP_NOTPOSQUERY:
2678        case OP_NOTPOSQUERYI:
2679    
2680      if (utf && HAS_EXTRALEN(code[1])) code += GET_EXTRALEN(code[1]);      if (utf && HAS_EXTRALEN(code[1])) code += GET_EXTRALEN(code[1]);
2681      break;      break;
2682    
2683      case OP_UPTO:      case OP_UPTO:
2684      case OP_UPTOI:      case OP_UPTOI:
2685        case OP_NOTUPTO:
2686        case OP_NOTUPTOI:
2687    
2688      case OP_MINUPTO:      case OP_MINUPTO:
2689      case OP_MINUPTOI:      case OP_MINUPTOI:
2690        case OP_NOTMINUPTO:
2691        case OP_NOTMINUPTOI:
2692    
2693      case OP_POSUPTO:      case OP_POSUPTO:
2694      case OP_POSUPTOI:      case OP_POSUPTOI:
2695        case OP_NOTPOSUPTO:
2696        case OP_NOTPOSUPTOI:
2697    
2698      if (utf && HAS_EXTRALEN(code[1 + IMM2_SIZE])) code += GET_EXTRALEN(code[1 + IMM2_SIZE]);      if (utf && HAS_EXTRALEN(code[1 + IMM2_SIZE])) code += GET_EXTRALEN(code[1 + IMM2_SIZE]);
2699      break;      break;
2700  #endif  #endif
# Line 2540  for (code = first_significant_code(code Line 2705  for (code = first_significant_code(code
2705      case OP_MARK:      case OP_MARK:
2706      case OP_PRUNE_ARG:      case OP_PRUNE_ARG:
2707      case OP_SKIP_ARG:      case OP_SKIP_ARG:
     code += code[1];  
     break;  
   
2708      case OP_THEN_ARG:      case OP_THEN_ARG:
2709      code += code[1];      code += code[1];
2710      break;      break;
# Line 2574  Arguments: Line 2736  Arguments:
2736    code        points to start of the recursion    code        points to start of the recursion
2737    endcode     points to where to stop (current RECURSE item)    endcode     points to where to stop (current RECURSE item)
2738    bcptr       points to the chain of current (unclosed) branch starts    bcptr       points to the chain of current (unclosed) branch starts
2739    utf         TRUE if in UTF-8 / UTF-16 mode    utf         TRUE if in UTF-8 / UTF-16 / UTF-32 mode
2740    cd          pointers to tables etc    cd          pointers to tables etc
2741    
2742  Returns:      TRUE if what is matched could be empty  Returns:      TRUE if what is matched could be empty
# Line 2586  could_be_empty(const pcre_uchar *code, c Line 2748  could_be_empty(const pcre_uchar *code, c
2748  {  {
2749  while (bcptr != NULL && bcptr->current_branch >= code)  while (bcptr != NULL && bcptr->current_branch >= code)
2750    {    {
2751    if (!could_be_empty_branch(bcptr->current_branch, endcode, utf, cd))    if (!could_be_empty_branch(bcptr->current_branch, endcode, utf, cd, NULL))
2752      return FALSE;      return FALSE;
2753    bcptr = bcptr->outer;    bcptr = bcptr->outer;
2754    }    }
# Line 2596  return TRUE; Line 2758  return TRUE;
2758    
2759    
2760  /*************************************************  /*************************************************
2761  *           Check for POSIX class syntax         *  *        Base opcode of repeated opcodes         *
2762  *************************************************/  *************************************************/
2763    
2764  /* This function is called when the sequence "[:" or "[." or "[=" is  /* Returns the base opcode for repeated single character type opcodes. If the
2765  encountered in a character class. It checks whether this is followed by a  opcode is not a repeated character type, it returns with the original value.
 sequence of characters terminated by a matching ":]" or ".]" or "=]". If we  
 reach an unescaped ']' without the special preceding character, return FALSE.  
2766    
2767  Originally, this function only recognized a sequence of letters between the  Arguments:  c opcode
2768  terminators, but it seems that Perl recognizes any sequence of characters,  Returns:    base opcode for the type
2769  though of course unknown POSIX names are subsequently rejected. Perl gives an  */
 "Unknown POSIX class" error for [:f\oo:] for example, where previously PCRE  
 didn't consider this to be a POSIX class. Likewise for [:1234:].  
2770    
2771  The problem in trying to be exactly like Perl is in the handling of escapes. We  static pcre_uchar
2772  have to be sure that [abc[:x\]pqr] is *not* treated as containing a POSIX  get_repeat_base(pcre_uchar c)
2773  class, but [abc[:x\]pqr:]] is (so that an error can be generated). The code  {
2774  below handles the special case of \], but does not try to do any other escape  return (c > OP_TYPEPOSUPTO)? c :
2775  processing. This makes it different from Perl for cases such as [:l\ower:]         (c >= OP_TYPESTAR)?   OP_TYPESTAR :
2776  where Perl recognizes it as the POSIX class "lower" but PCRE does not recognize         (c >= OP_NOTSTARI)?   OP_NOTSTARI :
2777  "l\ower". This is a lesser evil that not diagnosing bad classes when Perl does,         (c >= OP_NOTSTAR)?    OP_NOTSTAR :
2778  I think.         (c >= OP_STARI)?      OP_STARI :
2779                                 OP_STAR;
2780    }
2781    
 A user pointed out that PCRE was rejecting [:a[:digit:]] whereas Perl was not.  
 It seems that the appearance of a nested POSIX class supersedes an apparent  
 external class. For example, [:a[:digit:]b:] matches "a", "b", ":", or  
 a digit.  
2782    
2783  In Perl, unescaped square brackets may also appear as part of class names. For  
2784  example, [:a[:abc]b:] gives unknown POSIX class "[:abc]b:]". However, for  #ifdef SUPPORT_UCP
2785  [:a[:abc]b][b:] it gives unknown POSIX class "[:abc]b][b:]", which does not  /*************************************************
2786  seem right at all. PCRE does not allow closing square brackets in POSIX class  *        Check a character and a property        *
2787  names.  *************************************************/
2788    
2789    /* This function is called by check_auto_possessive() when a property item
2790    is adjacent to a fixed character.
2791    
2792  Arguments:  Arguments:
2793    ptr      pointer to the initial [    c            the character
2794    endptr   where to return the end pointer    ptype        the property type
2795      pdata        the data for the type
2796      negated      TRUE if it's a negated property (\P or \p{^)
2797    
2798  Returns:   TRUE or FALSE  Returns:       TRUE if auto-possessifying is OK
2799  */  */
2800    
2801  static BOOL  static BOOL
2802  check_posix_syntax(const pcre_uchar *ptr, const pcre_uchar **endptr)  check_char_prop(pcre_uint32 c, unsigned int ptype, unsigned int pdata,
2803      BOOL negated)
2804  {  {
2805  int terminator;          /* Don't combine these lines; the Solaris cc */  const pcre_uint32 *p;
2806  terminator = *(++ptr);   /* compiler warns about "non-constant" initializer. */  const ucd_record *prop = GET_UCD(c);
2807  for (++ptr; *ptr != 0; ptr++)  
2808    switch(ptype)
2809    {    {
2810    if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)    case PT_LAMP:
2811      ptr++;    return (prop->chartype == ucp_Lu ||
2812    else if (*ptr == CHAR_RIGHT_SQUARE_BRACKET) return FALSE;            prop->chartype == ucp_Ll ||
2813    else            prop->chartype == ucp_Lt) == negated;
     {  
     if (*ptr == terminator && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)  
       {  
       *endptr = ptr;  
       return TRUE;  
       }  
     if (*ptr == CHAR_LEFT_SQUARE_BRACKET &&  
          (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||  
           ptr[1] == CHAR_EQUALS_SIGN) &&  
         check_posix_syntax(ptr, endptr))  
       return FALSE;  
     }  
   }  
 return FALSE;  
 }  
2814    
2815      case PT_GC:
2816      return (pdata == PRIV(ucp_gentype)[prop->chartype]) == negated;
2817    
2818      case PT_PC:
2819      return (pdata == prop->chartype) == negated;
2820    
2821      case PT_SC:
2822      return (pdata == prop->script) == negated;
2823    
2824  /*************************************************    /* These are specials */
 *          Check POSIX class name                *  
 *************************************************/  
2825    
2826  /* This function is called to check the name given in a POSIX-style class entry    case PT_ALNUM:
2827  such as [:alnum:].    return (PRIV(ucp_gentype)[prop->chartype] == ucp_L ||
2828              PRIV(ucp_gentype)[prop->chartype] == ucp_N) == negated;
2829    
2830  Arguments:    /* Perl space used to exclude VT, but from Perl 5.18 it is included, which
2831    ptr        points to the first letter    means that Perl space and POSIX space are now identical. PCRE was changed
2832    len        the length of the name    at release 8.34. */
2833    
2834  Returns:     a value representing the name, or -1 if unknown    case PT_SPACE:    /* Perl space */
2835  */    case PT_PXSPACE:  /* POSIX space */
2836      switch(c)
2837        {
2838        HSPACE_CASES:
2839        VSPACE_CASES:
2840        return negated;
2841    
2842  static int      default:
2843  check_posix_name(const pcre_uchar *ptr, int len)      return (PRIV(ucp_gentype)[prop->chartype] == ucp_Z) == negated;
2844  {      }
2845  const char *pn = posix_names;    break;  /* Control never reaches here */
2846  register int yield = 0;  
2847  while (posix_name_lengths[yield] != 0)    case PT_WORD:
2848    {    return (PRIV(ucp_gentype)[prop->chartype] == ucp_L ||
2849    if (len == posix_name_lengths[yield] &&            PRIV(ucp_gentype)[prop->chartype] == ucp_N ||
2850      STRNCMP_UC_C8(ptr, pn, len) == 0) return yield;            c == CHAR_UNDERSCORE) == negated;
2851    pn += posix_name_lengths[yield] + 1;  
2852    yield++;    case PT_CLIST:
2853      p = PRIV(ucd_caseless_sets) + prop->caseset;
2854      for (;;)
2855        {
2856        if (c < *p) return !negated;
2857        if (c == *p++) return negated;
2858        }
2859      break;  /* Control never reaches here */
2860    }    }
2861  return -1;  
2862    return FALSE;
2863  }  }
2864    #endif  /* SUPPORT_UCP */
2865    
2866    
2867    
2868  /*************************************************  /*************************************************
2869  *    Adjust OP_RECURSE items in repeated group   *  *        Fill the character property list        *
2870  *************************************************/  *************************************************/
2871    
2872  /* OP_RECURSE items contain an offset from the start of the regex to the group  /* Checks whether the code points to an opcode that can take part in auto-
2873  that is referenced. This means that groups can be replicated for fixed  possessification, and if so, fills a list with its properties.
 repetition simply by copying (because the recursion is allowed to refer to  
 earlier groups that are outside the current group). However, when a group is  
 optional (i.e. the minimum quantifier is zero), OP_BRAZERO or OP_SKIPZERO is  
 inserted before it, after it has been compiled. This means that any OP_RECURSE  
 items within it that refer to the group itself or any contained groups have to  
 have their offsets adjusted. That one of the jobs of this function. Before it  
 is called, the partially compiled regex must be temporarily terminated with  
 OP_END.  
   
 This function has been extended with the possibility of forward references for  
 recursions and subroutine calls. It must also check the list of such references  
 for the group we are dealing with. If it finds that one of the recursions in  
 the current group is on this list, it adjusts the offset in the list, not the  
 value in the reference (which is a group number).  
2874    
2875  Arguments:  Arguments:
2876    group      points to the start of the group    code        points to start of expression
2877    adjust     the amount by which the group is to be moved    utf         TRUE if in UTF-8 / UTF-16 / UTF-32 mode
2878    utf        TRUE in UTF-8 / UTF-16 mode    fcc         points to case-flipping table
2879    cd         contains pointers to tables etc.    list        points to output list
2880    save_hwm   the hwm forward reference pointer at the start of the group                list[0] will be filled with the opcode
2881                  list[1] will be non-zero if this opcode
2882                    can match an empty character string
2883                  list[2..7] depends on the opcode
2884    
2885  Returns:     nothing  Returns:      points to the start of the next opcode if *code is accepted
2886                  NULL if *code is not accepted
2887  */  */
2888    
2889  static void  static const pcre_uchar *
2890  adjust_recurse(pcre_uchar *group, int adjust, BOOL utf, compile_data *cd,  get_chr_property_list(const pcre_uchar *code, BOOL utf,
2891    pcre_uchar *save_hwm)    const pcre_uint8 *fcc, pcre_uint32 *list)
2892  {  {
2893  pcre_uchar *ptr = group;  pcre_uchar c = *code;
2894    pcre_uchar base;
2895    const pcre_uchar *end;
2896    pcre_uint32 chr;
2897    
2898  while ((ptr = (pcre_uchar *)find_recurse(ptr, utf)) != NULL)  #ifdef SUPPORT_UCP
2899    pcre_uint32 *clist_dest;
2900    const pcre_uint32 *clist_src;
2901    #else
2902    utf = utf;  /* Suppress "unused parameter" compiler warning */
2903    #endif
2904    
2905    list[0] = c;
2906    list[1] = FALSE;
2907    code++;
2908    
2909    if (c >= OP_STAR && c <= OP_TYPEPOSUPTO)
2910    {    {
2911    int offset;    base = get_repeat_base(c);
2912    pcre_uchar *hc;    c -= (base - OP_STAR);
2913    
2914    /* See if this recursion is on the forward reference list. If so, adjust the    if (c == OP_UPTO || c == OP_MINUPTO || c == OP_EXACT || c == OP_POSUPTO)
2915    reference. */      code += IMM2_SIZE;
2916    
2917      list[1] = (c != OP_PLUS && c != OP_MINPLUS && c != OP_EXACT && c != OP_POSPLUS);
2918    
2919    for (hc = save_hwm; hc < cd->hwm; hc += LINK_SIZE)    switch(base)
2920      {      {
2921      offset = GET(hc, 0);      case OP_STAR:
2922      if (cd->start_code + offset == ptr + 1)      list[0] = OP_CHAR;
2923        {      break;
2924    
2925        case OP_STARI:
2926        list[0] = OP_CHARI;
2927        break;
2928    
2929        case OP_NOTSTAR:
2930        list[0] = OP_NOT;
2931        break;
2932    
2933        case OP_NOTSTARI:
2934        list[0] = OP_NOTI;
2935        break;
2936    
2937        case OP_TYPESTAR:
2938        list[0] = *code;
2939        code++;
2940        break;
2941        }
2942      c = list[0];
2943      }
2944    
2945    switch(c)
2946      {
2947      case OP_NOT_DIGIT:
2948      case OP_DIGIT:
2949      case OP_NOT_WHITESPACE:
2950      case OP_WHITESPACE:
2951      case OP_NOT_WORDCHAR:
2952      case OP_WORDCHAR:
2953      case OP_ANY:
2954      case OP_ALLANY:
2955      case OP_ANYNL:
2956      case OP_NOT_HSPACE:
2957      case OP_HSPACE:
2958      case OP_NOT_VSPACE:
2959      case OP_VSPACE:
2960      case OP_EXTUNI:
2961      case OP_EODN:
2962      case OP_EOD:
2963      case OP_DOLL:
2964      case OP_DOLLM:
2965      return code;
2966    
2967      case OP_CHAR:
2968      case OP_NOT:
2969      GETCHARINCTEST(chr, code);
2970      list[2] = chr;
2971      list[3] = NOTACHAR;
2972      return code;
2973    
2974      case OP_CHARI:
2975      case OP_NOTI:
2976      list[0] = (c == OP_CHARI) ? OP_CHAR : OP_NOT;
2977      GETCHARINCTEST(chr, code);
2978      list[2] = chr;
2979    
2980    #ifdef SUPPORT_UCP
2981      if (chr < 128 || (chr < 256 && !utf))
2982        list[3] = fcc[chr];
2983      else
2984        list[3] = UCD_OTHERCASE(chr);
2985    #elif defined SUPPORT_UTF || !defined COMPILE_PCRE8
2986      list[3] = (chr < 256) ? fcc[chr] : chr;
2987    #else
2988      list[3] = fcc[chr];
2989    #endif
2990    
2991      /* The othercase might be the same value. */
2992    
2993      if (chr == list[3])
2994        list[3] = NOTACHAR;
2995      else
2996        list[4] = NOTACHAR;
2997      return code;
2998    
2999    #ifdef SUPPORT_UCP
3000      case OP_PROP:
3001      case OP_NOTPROP:
3002      if (code[0] != PT_CLIST)
3003        {
3004        list[2] = code[0];
3005        list[3] = code[1];
3006        return code + 2;
3007        }
3008    
3009      /* Convert only if we have enough space. */
3010    
3011      clist_src = PRIV(ucd_caseless_sets) + code[1];
3012      clist_dest = list + 2;
3013      code += 2;
3014    
3015      do {
3016         if (clist_dest >= list + 8)
3017           {
3018           /* Early return if there is not enough space. This should never
3019           happen, since all clists are shorter than 5 character now. */
3020           list[2] = code[0];
3021           list[3] = code[1];
3022           return code;
3023           }
3024         *clist_dest++ = *clist_src;
3025         }
3026      while(*clist_src++ != NOTACHAR);
3027    
3028      /* All characters are stored. The terminating NOTACHAR
3029      is copied form the clist itself. */
3030    
3031      list[0] = (c == OP_PROP) ? OP_CHAR : OP_NOT;
3032      return code;
3033    #endif
3034    
3035      case OP_NCLASS:
3036      case OP_CLASS:
3037    #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3038      case OP_XCLASS:
3039      if (c == OP_XCLASS)
3040        end = code + GET(code, 0) - 1;
3041      else
3042    #endif
3043        end = code + 32 / sizeof(pcre_uchar);
3044    
3045      switch(*end)
3046        {
3047        case OP_CRSTAR:
3048        case OP_CRMINSTAR:
3049        case OP_CRQUERY:
3050        case OP_CRMINQUERY:
3051        case OP_CRPOSSTAR:
3052        case OP_CRPOSQUERY:
3053        list[1] = TRUE;
3054        end++;
3055        break;
3056    
3057        case OP_CRPLUS:
3058        case OP_CRMINPLUS:
3059        case OP_CRPOSPLUS:
3060        end++;
3061        break;
3062    
3063        case OP_CRRANGE:
3064        case OP_CRMINRANGE:
3065        case OP_CRPOSRANGE:
3066        list[1] = (GET2(end, 1) == 0);
3067        end += 1 + 2 * IMM2_SIZE;
3068        break;
3069        }
3070      list[2] = (pcre_uint32)(end - code);
3071      return end;
3072      }
3073    return NULL;    /* Opcode not accepted */
3074    }
3075    
3076    
3077    
3078    /*************************************************
3079    *    Scan further character sets for match       *
3080    *************************************************/
3081    
3082    /* Checks whether the base and the current opcode have a common character, in
3083    which case the base cannot be possessified.
3084    
3085    Arguments:
3086      code        points to the byte code
3087      utf         TRUE in UTF-8 / UTF-16 / UTF-32 mode
3088      cd          static compile data
3089      base_list   the data list of the base opcode
3090    
3091    Returns:      TRUE if the auto-possessification is possible
3092    */
3093    
3094    static BOOL
3095    compare_opcodes(const pcre_uchar *code, BOOL utf, const compile_data *cd,
3096      const pcre_uint32 *base_list, const pcre_uchar *base_end, int *rec_limit)
3097    {
3098    pcre_uchar c;
3099    pcre_uint32 list[8];
3100    const pcre_uint32 *chr_ptr;
3101    const pcre_uint32 *ochr_ptr;
3102    const pcre_uint32 *list_ptr;
3103    const pcre_uchar *next_code;
3104    #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3105    const pcre_uchar *xclass_flags;
3106    #endif
3107    const pcre_uint8 *class_bitset;
3108    const pcre_uint8 *set1, *set2, *set_end;
3109    pcre_uint32 chr;
3110    BOOL accepted, invert_bits;
3111    BOOL entered_a_group = FALSE;
3112    
3113    if (*rec_limit == 0) return FALSE;
3114    --(*rec_limit);
3115    
3116    /* Note: the base_list[1] contains whether the current opcode has greedy
3117    (represented by a non-zero value) quantifier. This is a different from
3118    other character type lists, which stores here that the character iterator
3119    matches to an empty string (also represented by a non-zero value). */
3120    
3121    for(;;)
3122      {
3123      /* All operations move the code pointer forward.
3124      Therefore infinite recursions are not possible. */
3125    
3126      c = *code;
3127    
3128      /* Skip over callouts */
3129    
3130      if (c == OP_CALLOUT)
3131        {
3132        code += PRIV(OP_lengths)[c];
3133        continue;
3134        }
3135    
3136      if (c == OP_ALT)
3137        {
3138        do code += GET(code, 1); while (*code == OP_ALT);
3139        c = *code;
3140        }
3141    
3142      switch(c)
3143        {
3144        case OP_END:
3145        case OP_KETRPOS:
3146        /* TRUE only in greedy case. The non-greedy case could be replaced by
3147        an OP_EXACT, but it is probably not worth it. (And note that OP_EXACT
3148        uses more memory, which we cannot get at this stage.) */
3149    
3150        return base_list[1] != 0;
3151    
3152        case OP_KET:
3153        /* If the bracket is capturing, and referenced by an OP_RECURSE, or
3154        it is an atomic sub-pattern (assert, once, etc.) the non-greedy case
3155        cannot be converted to a possessive form. */
3156    
3157        if (base_list[1] == 0) return FALSE;
3158    
3159        switch(*(code - GET(code, 1)))
3160          {
3161          case OP_ASSERT:
3162          case OP_ASSERT_NOT:
3163          case OP_ASSERTBACK:
3164          case OP_ASSERTBACK_NOT:
3165          case OP_ONCE:
3166          case OP_ONCE_NC:
3167          /* Atomic sub-patterns and assertions can always auto-possessify their
3168          last iterator. However, if the group was entered as a result of checking
3169          a previous iterator, this is not possible. */
3170    
3171          return !entered_a_group;
3172          }
3173    
3174        code += PRIV(OP_lengths)[c];
3175        continue;
3176    
3177        case OP_ONCE:
3178        case OP_ONCE_NC:
3179        case OP_BRA:
3180        case OP_CBRA:
3181        next_code = code + GET(code, 1);
3182        code += PRIV(OP_lengths)[c];
3183    
3184        while (*next_code == OP_ALT)
3185          {
3186          if (!compare_opcodes(code, utf, cd, base_list, base_end, rec_limit))
3187            return FALSE;
3188          code = next_code + 1 + LINK_SIZE;
3189          next_code += GET(next_code, 1);
3190          }
3191    
3192        entered_a_group = TRUE;
3193        continue;
3194    
3195        case OP_BRAZERO:
3196        case OP_BRAMINZERO:
3197    
3198        next_code = code + 1;
3199        if (*next_code != OP_BRA && *next_code != OP_CBRA
3200            && *next_code != OP_ONCE && *next_code != OP_ONCE_NC) return FALSE;
3201    
3202        do next_code += GET(next_code, 1); while (*next_code == OP_ALT);
3203    
3204        /* The bracket content will be checked by the
3205        OP_BRA/OP_CBRA case above. */
3206        next_code += 1 + LINK_SIZE;
3207        if (!compare_opcodes(next_code, utf, cd, base_list, base_end, rec_limit))
3208          return FALSE;
3209    
3210        code += PRIV(OP_lengths)[c];
3211        continue;
3212    
3213        default:
3214        break;
3215        }
3216    
3217      /* Check for a supported opcode, and load its properties. */
3218    
3219      code = get_chr_property_list(code, utf, cd->fcc, list);
3220      if (code == NULL) return FALSE;    /* Unsupported */
3221    
3222      /* If either opcode is a small character list, set pointers for comparing
3223      characters from that list with another list, or with a property. */
3224    
3225      if (base_list[0] == OP_CHAR)
3226        {
3227        chr_ptr = base_list + 2;
3228        list_ptr = list;
3229        }
3230      else if (list[0] == OP_CHAR)
3231        {
3232        chr_ptr = list + 2;
3233        list_ptr = base_list;
3234        }
3235    
3236      /* Character bitsets can also be compared to certain opcodes. */
3237    
3238      else if (base_list[0] == OP_CLASS || list[0] == OP_CLASS
3239    #ifdef COMPILE_PCRE8
3240          /* In 8 bit, non-UTF mode, OP_CLASS and OP_NCLASS are the same. */
3241          || (!utf && (base_list[0] == OP_NCLASS || list[0] == OP_NCLASS))
3242    #endif
3243          )
3244        {
3245    #ifdef COMPILE_PCRE8
3246        if (base_list[0] == OP_CLASS || (!utf && base_list[0] == OP_NCLASS))
3247    #else
3248        if (base_list[0] == OP_CLASS)
3249    #endif
3250          {
3251          set1 = (pcre_uint8 *)(base_end - base_list[2]);
3252          list_ptr = list;
3253          }
3254        else
3255          {
3256          set1 = (pcre_uint8 *)(code - list[2]);
3257          list_ptr = base_list;
3258          }
3259    
3260        invert_bits = FALSE;
3261        switch(list_ptr[0])
3262          {
3263          case OP_CLASS:
3264          case OP_NCLASS:
3265          set2 = (pcre_uint8 *)
3266            ((list_ptr == list ? code : base_end) - list_ptr[2]);
3267          break;
3268    
3269    #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3270          case OP_XCLASS:
3271          xclass_flags = (list_ptr == list ? code : base_end) - list_ptr[2] + LINK_SIZE;
3272          if ((*xclass_flags & XCL_HASPROP) != 0) return FALSE;
3273          if ((*xclass_flags & XCL_MAP) == 0)
3274            {
3275            /* No bits are set for characters < 256. */
3276            if (list[1] == 0) return TRUE;
3277            /* Might be an empty repeat. */
3278            continue;
3279            }
3280          set2 = (pcre_uint8 *)(xclass_flags + 1);
3281          break;
3282    #endif
3283    
3284          case OP_NOT_DIGIT:
3285          invert_bits = TRUE;
3286          /* Fall through */
3287          case OP_DIGIT:
3288          set2 = (pcre_uint8 *)(cd->cbits + cbit_digit);
3289          break;
3290    
3291          case OP_NOT_WHITESPACE:
3292          invert_bits = TRUE;
3293          /* Fall through */
3294          case OP_WHITESPACE:
3295          set2 = (pcre_uint8 *)(cd->cbits + cbit_space);
3296          break;
3297    
3298          case OP_NOT_WORDCHAR:
3299          invert_bits = TRUE;
3300          /* Fall through */
3301          case OP_WORDCHAR:
3302          set2 = (pcre_uint8 *)(cd->cbits + cbit_word);
3303          break;
3304    
3305          default:
3306          return FALSE;
3307          }
3308    
3309        /* Because the sets are unaligned, we need
3310        to perform byte comparison here. */
3311        set_end = set1 + 32;
3312        if (invert_bits)
3313          {
3314          do
3315            {
3316            if ((*set1++ & ~(*set2++)) != 0) return FALSE;
3317            }
3318          while (set1 < set_end);
3319          }
3320        else
3321          {
3322          do
3323            {
3324            if ((*set1++ & *set2++) != 0) return FALSE;
3325            }
3326          while (set1 < set_end);
3327          }
3328    
3329        if (list[1] == 0) return TRUE;
3330        /* Might be an empty repeat. */
3331        continue;
3332        }
3333    
3334      /* Some property combinations also acceptable. Unicode property opcodes are
3335      processed specially; the rest can be handled with a lookup table. */
3336    
3337      else
3338        {
3339        pcre_uint32 leftop, rightop;
3340    
3341        leftop = base_list[0];
3342        rightop = list[0];
3343    
3344    #ifdef SUPPORT_UCP
3345        accepted = FALSE; /* Always set in non-unicode case. */
3346        if (leftop == OP_PROP || leftop == OP_NOTPROP)
3347          {
3348          if (rightop == OP_EOD)
3349            accepted = TRUE;
3350          else if (rightop == OP_PROP || rightop == OP_NOTPROP)
3351            {
3352            int n;
3353            const pcre_uint8 *p;
3354            BOOL same = leftop == rightop;
3355            BOOL lisprop = leftop == OP_PROP;
3356            BOOL risprop = rightop == OP_PROP;
3357            BOOL bothprop = lisprop && risprop;
3358    
3359            /* There's a table that specifies how each combination is to be
3360            processed:
3361              0   Always return FALSE (never auto-possessify)
3362              1   Character groups are distinct (possessify if both are OP_PROP)
3363              2   Check character categories in the same group (general or particular)
3364              3   Return TRUE if the two opcodes are not the same
3365              ... see comments below
3366            */
3367    
3368            n = propposstab[base_list[2]][list[2]];
3369            switch(n)
3370              {
3371              case 0: break;
3372              case 1: accepted = bothprop; break;
3373              case 2: accepted = (base_list[3] == list[3]) != same; break;
3374              case 3: accepted = !same; break;
3375    
3376              case 4:  /* Left general category, right particular category */
3377              accepted = risprop && catposstab[base_list[3]][list[3]] == same;
3378              break;
3379    
3380              case 5:  /* Right general category, left particular category */
3381              accepted = lisprop && catposstab[list[3]][base_list[3]] == same;
3382              break;
3383    
3384              /* This code is logically tricky. Think hard before fiddling with it.
3385              The posspropstab table has four entries per row. Each row relates to
3386              one of PCRE's special properties such as ALNUM or SPACE or WORD.
3387              Only WORD actually needs all four entries, but using repeats for the
3388              others means they can all use the same code below.
3389    
3390              The first two entries in each row are Unicode general categories, and
3391              apply always, because all the characters they include are part of the
3392              PCRE character set. The third and fourth entries are a general and a
3393              particular category, respectively, that include one or more relevant
3394              characters. One or the other is used, depending on whether the check
3395              is for a general or a particular category. However, in both cases the
3396              category contains more characters than the specials that are defined
3397              for the property being tested against. Therefore, it cannot be used
3398              in a NOTPROP case.
3399    
3400              Example: the row for WORD contains ucp_L, ucp_N, ucp_P, ucp_Po.
3401              Underscore is covered by ucp_P or ucp_Po. */
3402    
3403              case 6:  /* Left alphanum vs right general category */
3404              case 7:  /* Left space vs right general category */
3405              case 8:  /* Left word vs right general category */
3406              p = posspropstab[n-6];
3407              accepted = risprop && lisprop ==
3408                (list[3] != p[0] &&
3409                 list[3] != p[1] &&
3410                (list[3] != p[2] || !lisprop));
3411              break;
3412    
3413              case 9:   /* Right alphanum vs left general category */
3414              case 10:  /* Right space vs left general category */
3415              case 11:  /* Right word vs left general category */
3416              p = posspropstab[n-9];
3417              accepted = lisprop && risprop ==
3418                (base_list[3] != p[0] &&
3419                 base_list[3] != p[1] &&
3420                (base_list[3] != p[2] || !risprop));
3421              break;
3422    
3423              case 12:  /* Left alphanum vs right particular category */
3424              case 13:  /* Left space vs right particular category */
3425              case 14:  /* Left word vs right particular category */
3426              p = posspropstab[n-12];
3427              accepted = risprop && lisprop ==
3428                (catposstab[p[0]][list[3]] &&
3429                 catposstab[p[1]][list[3]] &&
3430                (list[3] != p[3] || !lisprop));
3431              break;
3432    
3433              case 15:  /* Right alphanum vs left particular category */
3434              case 16:  /* Right space vs left particular category */
3435              case 17:  /* Right word vs left particular category */
3436              p = posspropstab[n-15];
3437              accepted = lisprop && risprop ==
3438                (catposstab[p[0]][base_list[3]] &&
3439                 catposstab[p[1]][base_list[3]] &&
3440                (base_list[3] != p[3] || !risprop));
3441              break;
3442              }
3443            }
3444          }
3445    
3446        else
3447    #endif  /* SUPPORT_UCP */
3448    
3449        accepted = leftop >= FIRST_AUTOTAB_OP && leftop <= LAST_AUTOTAB_LEFT_OP &&
3450               rightop >= FIRST_AUTOTAB_OP && rightop <= LAST_AUTOTAB_RIGHT_OP &&
3451               autoposstab[leftop - FIRST_AUTOTAB_OP][rightop - FIRST_AUTOTAB_OP];
3452    
3453        if (!accepted) return FALSE;
3454    
3455        if (list[1] == 0) return TRUE;
3456        /* Might be an empty repeat. */
3457        continue;
3458        }
3459    
3460      /* Control reaches here only if one of the items is a small character list.
3461      All characters are checked against the other side. */
3462    
3463      do
3464        {
3465        chr = *chr_ptr;
3466    
3467        switch(list_ptr[0])
3468          {
3469          case OP_CHAR:
3470          ochr_ptr = list_ptr + 2;
3471          do
3472            {
3473            if (chr == *ochr_ptr) return FALSE;
3474            ochr_ptr++;
3475            }
3476          while(*ochr_ptr != NOTACHAR);
3477          break;
3478    
3479          case OP_NOT:
3480          ochr_ptr = list_ptr + 2;
3481          do
3482            {
3483            if (chr == *ochr_ptr)
3484              break;
3485            ochr_ptr++;
3486            }
3487          while(*ochr_ptr != NOTACHAR);
3488          if (*ochr_ptr == NOTACHAR) return FALSE;   /* Not found */
3489          break;
3490    
3491          /* Note that OP_DIGIT etc. are generated only when PCRE_UCP is *not*
3492          set. When it is set, \d etc. are converted into OP_(NOT_)PROP codes. */
3493    
3494          case OP_DIGIT:
3495          if (chr < 256 && (cd->ctypes[chr] & ctype_digit) != 0) return FALSE;
3496          break;
3497    
3498          case OP_NOT_DIGIT:
3499          if (chr > 255 || (cd->ctypes[chr] & ctype_digit) == 0) return FALSE;
3500          break;
3501    
3502          case OP_WHITESPACE:
3503          if (chr < 256 && (cd->ctypes[chr] & ctype_space) != 0) return FALSE;
3504          break;
3505    
3506          case OP_NOT_WHITESPACE:
3507          if (chr > 255 || (cd->ctypes[chr] & ctype_space) == 0) return FALSE;
3508          break;
3509    
3510          case OP_WORDCHAR:
3511          if (chr < 255 && (cd->ctypes[chr] & ctype_word) != 0) return FALSE;
3512          break;
3513    
3514          case OP_NOT_WORDCHAR:
3515          if (chr > 255 || (cd->ctypes[chr] & ctype_word) == 0) return FALSE;
3516          break;
3517    
3518          case OP_HSPACE:
3519          switch(chr)
3520            {
3521            HSPACE_CASES: return FALSE;
3522            default: break;
3523            }
3524          break;
3525    
3526          case OP_NOT_HSPACE:
3527          switch(chr)
3528            {
3529            HSPACE_CASES: break;
3530            default: return FALSE;
3531            }
3532          break;
3533    
3534          case OP_ANYNL:
3535          case OP_VSPACE:
3536          switch(chr)
3537            {
3538            VSPACE_CASES: return FALSE;
3539            default: break;
3540            }
3541          break;
3542    
3543          case OP_NOT_VSPACE:
3544          switch(chr)
3545            {
3546            VSPACE_CASES: break;
3547            default: return FALSE;
3548            }
3549          break;
3550    
3551          case OP_DOLL:
3552          case OP_EODN:
3553          switch (chr)
3554            {
3555            case CHAR_CR:
3556            case CHAR_LF:
3557            case CHAR_VT:
3558            case CHAR_FF:
3559            case CHAR_NEL:
3560    #ifndef EBCDIC
3561            case 0x2028:
3562            case 0x2029:
3563    #endif  /* Not EBCDIC */
3564            return FALSE;
3565            }
3566          break;
3567    
3568          case OP_EOD:    /* Can always possessify before \z */
3569          break;
3570    
3571    #ifdef SUPPORT_UCP
3572          case OP_PROP:
3573          case OP_NOTPROP:
3574          if (!check_char_prop(chr, list_ptr[2], list_ptr[3],
3575                list_ptr[0] == OP_NOTPROP))
3576            return FALSE;
3577          break;
3578    #endif
3579    
3580          case OP_NCLASS:
3581          if (chr > 255) return FALSE;
3582          /* Fall through */
3583    
3584          case OP_CLASS:
3585          if (chr > 255) break;
3586          class_bitset = (pcre_uint8 *)
3587            ((list_ptr == list ? code : base_end) - list_ptr[2]);
3588          if ((class_bitset[chr >> 3] & (1 << (chr & 7))) != 0) return FALSE;
3589          break;
3590    
3591    #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3592          case OP_XCLASS:
3593          if (PRIV(xclass)(chr, (list_ptr == list ? code : base_end) -
3594              list_ptr[2] + LINK_SIZE, utf)) return FALSE;
3595          break;
3596    #endif
3597    
3598          default:
3599          return FALSE;
3600          }
3601    
3602        chr_ptr++;
3603        }
3604      while(*chr_ptr != NOTACHAR);
3605    
3606      /* At least one character must be matched from this opcode. */
3607    
3608      if (list[1] == 0) return TRUE;
3609      }
3610    
3611    /* Control never reaches here. There used to be a fail-save return FALSE; here,
3612    but some compilers complain about an unreachable statement. */
3613    
3614    }
3615    
3616    
3617    
3618    /*************************************************
3619    *    Scan compiled regex for auto-possession     *
3620    *************************************************/
3621    
3622    /* Replaces single character iterations with their possessive alternatives
3623    if appropriate. This function modifies the compiled opcode!
3624    
3625    Arguments:
3626      code        points to start of the byte code
3627      utf         TRUE in UTF-8 / UTF-16 / UTF-32 mode
3628      cd          static compile data
3629    
3630    Returns:      nothing
3631    */
3632    
3633    static void
3634    auto_possessify(pcre_uchar *code, BOOL utf, const compile_data *cd)
3635    {
3636    register pcre_uchar c;
3637    const pcre_uchar *end;
3638    pcre_uchar *repeat_opcode;
3639    pcre_uint32 list[8];
3640    int rec_limit;
3641    
3642    for (;;)
3643      {
3644      c = *code;
3645    
3646      /* When a pattern with bad UTF-8 encoding is compiled with NO_UTF_CHECK,
3647      it may compile without complaining, but may get into a loop here if the code
3648      pointer points to a bad value. This is, of course a documentated possibility,
3649      when NO_UTF_CHECK is set, so it isn't a bug, but we can detect this case and
3650      just give up on this optimization. */
3651    
3652      if (c >= OP_TABLE_LENGTH) return;
3653    
3654      if (c >= OP_STAR && c <= OP_TYPEPOSUPTO)
3655        {
3656        c -= get_repeat_base(c) - OP_STAR;
3657        end = (c <= OP_MINUPTO) ?
3658          get_chr_property_list(code, utf, cd->fcc, list) : NULL;
3659        list[1] = c == OP_STAR || c == OP_PLUS || c == OP_QUERY || c == OP_UPTO;
3660    
3661        rec_limit = 10000;
3662        if (end != NULL && compare_opcodes(end, utf, cd, list, end, &rec_limit))
3663          {
3664          switch(c)
3665            {
3666            case OP_STAR:
3667            *code += OP_POSSTAR - OP_STAR;
3668            break;
3669    
3670            case OP_MINSTAR:
3671            *code += OP_POSSTAR - OP_MINSTAR;
3672            break;
3673    
3674            case OP_PLUS:
3675            *code += OP_POSPLUS - OP_PLUS;
3676            break;
3677    
3678            case OP_MINPLUS:
3679            *code += OP_POSPLUS - OP_MINPLUS;
3680            break;
3681    
3682            case OP_QUERY:
3683            *code += OP_POSQUERY - OP_QUERY;
3684            break;
3685    
3686            case OP_MINQUERY:
3687            *code += OP_POSQUERY - OP_MINQUERY;
3688            break;
3689    
3690            case OP_UPTO:
3691            *code += OP_POSUPTO - OP_UPTO;
3692            break;
3693    
3694            case OP_MINUPTO:
3695            *code += OP_POSUPTO - OP_MINUPTO;
3696            break;
3697            }
3698          }
3699        c = *code;
3700        }
3701      else if (c == OP_CLASS || c == OP_NCLASS || c == OP_XCLASS)
3702        {
3703    #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3704        if (c == OP_XCLASS)
3705          repeat_opcode = code + GET(code, 1);
3706        else
3707    #endif
3708          repeat_opcode = code + 1 + (32 / sizeof(pcre_uchar));
3709    
3710        c = *repeat_opcode;
3711        if (c >= OP_CRSTAR && c <= OP_CRMINRANGE)
3712          {
3713          /* end must not be NULL. */
3714          end = get_chr_property_list(code, utf, cd->fcc, list);
3715    
3716          list[1] = (c & 1) == 0;
3717    
3718          rec_limit = 10000;
3719          if (compare_opcodes(end, utf, cd, list, end, &rec_limit))
3720            {
3721            switch (c)
3722              {
3723              case OP_CRSTAR:
3724              case OP_CRMINSTAR:
3725              *repeat_opcode = OP_CRPOSSTAR;
3726              break;
3727    
3728              case OP_CRPLUS:
3729              case OP_CRMINPLUS:
3730              *repeat_opcode = OP_CRPOSPLUS;
3731              break;
3732    
3733              case OP_CRQUERY:
3734              case OP_CRMINQUERY:
3735              *repeat_opcode = OP_CRPOSQUERY;
3736              break;
3737    
3738              case OP_CRRANGE:
3739              case OP_CRMINRANGE:
3740              *repeat_opcode = OP_CRPOSRANGE;
3741              break;
3742              }
3743            }
3744          }
3745        c = *code;
3746        }
3747    
3748      switch(c)
3749        {
3750        case OP_END:
3751        return;
3752    
3753        case OP_TYPESTAR:
3754        case OP_TYPEMINSTAR:
3755        case OP_TYPEPLUS:
3756        case OP_TYPEMINPLUS:
3757        case OP_TYPEQUERY:
3758        case OP_TYPEMINQUERY:
3759        case OP_TYPEPOSSTAR:
3760        case OP_TYPEPOSPLUS:
3761        case OP_TYPEPOSQUERY:
3762        if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
3763        break;
3764    
3765        case OP_TYPEUPTO:
3766        case OP_TYPEMINUPTO:
3767        case OP_TYPEEXACT:
3768        case OP_TYPEPOSUPTO:
3769        if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
3770          code += 2;
3771        break;
3772    
3773    #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3774        case OP_XCLASS:
3775        code += GET(code, 1);
3776        break;
3777    #endif
3778    
3779        case OP_MARK:
3780        case OP_PRUNE_ARG:
3781        case OP_SKIP_ARG:
3782        case OP_THEN_ARG:
3783        code += code[1];
3784        break;
3785        }
3786    
3787      /* Add in the fixed length from the table */
3788    
3789      code += PRIV(OP_lengths)[c];
3790    
3791      /* In UTF-8 mode, opcodes that are followed by a character may be followed by
3792      a multi-byte character. The length in the table is a minimum, so we have to
3793      arrange to skip the extra bytes. */
3794    
3795    #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
3796      if (utf) switch(c)
3797        {
3798        case OP_CHAR:
3799        case OP_CHARI:
3800        case OP_NOT:
3801        case OP_NOTI:
3802        case OP_STAR:
3803        case OP_MINSTAR:
3804        case OP_PLUS:
3805        case OP_MINPLUS:
3806        case OP_QUERY:
3807        case OP_MINQUERY:
3808        case OP_UPTO:
3809        case OP_MINUPTO:
3810        case OP_EXACT:
3811        case OP_POSSTAR:
3812        case OP_POSPLUS:
3813        case OP_POSQUERY:
3814        case OP_POSUPTO:
3815        case OP_STARI:
3816        case OP_MINSTARI:
3817        case OP_PLUSI:
3818        case OP_MINPLUSI:
3819        case OP_QUERYI:
3820        case OP_MINQUERYI:
3821        case OP_UPTOI:
3822        case OP_MINUPTOI:
3823        case OP_EXACTI:
3824        case OP_POSSTARI:
3825        case OP_POSPLUSI:
3826        case OP_POSQUERYI:
3827        case OP_POSUPTOI:
3828        case OP_NOTSTAR:
3829        case OP_NOTMINSTAR:
3830        case OP_NOTPLUS:
3831        case OP_NOTMINPLUS:
3832        case OP_NOTQUERY:
3833        case OP_NOTMINQUERY:
3834        case OP_NOTUPTO:
3835        case OP_NOTMINUPTO:
3836        case OP_NOTEXACT:
3837        case OP_NOTPOSSTAR:
3838        case OP_NOTPOSPLUS:
3839        case OP_NOTPOSQUERY:
3840        case OP_NOTPOSUPTO:
3841        case OP_NOTSTARI:
3842        case OP_NOTMINSTARI:
3843        case OP_NOTPLUSI:
3844        case OP_NOTMINPLUSI:
3845        case OP_NOTQUERYI:
3846        case OP_NOTMINQUERYI:
3847        case OP_NOTUPTOI:
3848        case OP_NOTMINUPTOI:
3849        case OP_NOTEXACTI:
3850        case OP_NOTPOSSTARI:
3851        case OP_NOTPOSPLUSI:
3852        case OP_NOTPOSQUERYI:
3853        case OP_NOTPOSUPTOI:
3854        if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);
3855        break;
3856        }
3857    #else
3858      (void)(utf);  /* Keep compiler happy by referencing function argument */
3859    #endif
3860      }
3861    }
3862    
3863    
3864    
3865    /*************************************************
3866    *           Check for POSIX class syntax         *
3867    *************************************************/
3868    
3869    /* This function is called when the sequence "[:" or "[." or "[=" is
3870    encountered in a character class. It checks whether this is followed by a
3871    sequence of characters terminated by a matching ":]" or ".]" or "=]". If we
3872    reach an unescaped ']' without the special preceding character, return FALSE.
3873    
3874    Originally, this function only recognized a sequence of letters between the
3875    terminators, but it seems that Perl recognizes any sequence of characters,
3876    though of course unknown POSIX names are subsequently rejected. Perl gives an
3877    "Unknown POSIX class" error for [:f\oo:] for example, where previously PCRE
3878    didn't consider this to be a POSIX class. Likewise for [:1234:].
3879    
3880    The problem in trying to be exactly like Perl is in the handling of escapes. We
3881    have to be sure that [abc[:x\]pqr] is *not* treated as containing a POSIX
3882    class, but [abc[:x\]pqr:]] is (so that an error can be generated). The code
3883    below handles the special case of \], but does not try to do any other escape
3884    processing. This makes it different from Perl for cases such as [:l\ower:]
3885    where Perl recognizes it as the POSIX class "lower" but PCRE does not recognize
3886    "l\ower". This is a lesser evil than not diagnosing bad classes when Perl does,
3887    I think.
3888    
3889    A user pointed out that PCRE was rejecting [:a[:digit:]] whereas Perl was not.
3890    It seems that the appearance of a nested POSIX class supersedes an apparent
3891    external class. For example, [:a[:digit:]b:] matches "a", "b", ":", or
3892    a digit.
3893    
3894    In Perl, unescaped square brackets may also appear as part of class names. For
3895    example, [:a[:abc]b:] gives unknown POSIX class "[:abc]b:]". However, for
3896    [:a[:abc]b][b:] it gives unknown POSIX class "[:abc]b][b:]", which does not
3897    seem right at all. PCRE does not allow closing square brackets in POSIX class
3898    names.
3899    
3900    Arguments:
3901      ptr      pointer to the initial [
3902      endptr   where to return the end pointer
3903    
3904    Returns:   TRUE or FALSE
3905    */
3906    
3907    static BOOL
3908    check_posix_syntax(const pcre_uchar *ptr, const pcre_uchar **endptr)
3909    {
3910    pcre_uchar terminator;          /* Don't combine these lines; the Solaris cc */
3911    terminator = *(++ptr);   /* compiler warns about "non-constant" initializer. */
3912    for (++ptr; *ptr != CHAR_NULL; ptr++)
3913      {
3914      if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
3915        ptr++;
3916      else if (*ptr == CHAR_RIGHT_SQUARE_BRACKET) return FALSE;
3917      else
3918        {
3919        if (*ptr == terminator && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
3920          {
3921          *endptr = ptr;
3922          return TRUE;
3923          }
3924        if (*ptr == CHAR_LEFT_SQUARE_BRACKET &&
3925             (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
3926              ptr[1] == CHAR_EQUALS_SIGN) &&
3927            check_posix_syntax(ptr, endptr))
3928          return FALSE;
3929        }
3930      }
3931    return FALSE;
3932    }
3933    
3934    
3935    
3936    
3937    /*************************************************
3938    *          Check POSIX class name                *
3939    *************************************************/
3940    
3941    /* This function is called to check the name given in a POSIX-style class entry
3942    such as [:alnum:].
3943    
3944    Arguments:
3945      ptr        points to the first letter
3946      len        the length of the name
3947    
3948    Returns:     a value representing the name, or -1 if unknown
3949    */
3950    
3951    static int
3952    check_posix_name(const pcre_uchar *ptr, int len)
3953    {
3954    const char *pn = posix_names;
3955    register int yield = 0;
3956    while (posix_name_lengths[yield] != 0)
3957      {
3958      if (len == posix_name_lengths[yield] &&
3959        STRNCMP_UC_C8(ptr, pn, (unsigned int)len) == 0) return yield;
3960      pn += posix_name_lengths[yield] + 1;
3961      yield++;
3962      }
3963    return -1;
3964    }
3965    
3966    
3967    /*************************************************
3968    *    Adjust OP_RECURSE items in repeated group   *
3969    *************************************************/
3970    
3971    /* OP_RECURSE items contain an offset from the start of the regex to the group
3972    that is referenced. This means that groups can be replicated for fixed
3973    repetition simply by copying (because the recursion is allowed to refer to
3974    earlier groups that are outside the current group). However, when a group is
3975    optional (i.e. the minimum quantifier is zero), OP_BRAZERO or OP_SKIPZERO is
3976    inserted before it, after it has been compiled. This means that any OP_RECURSE
3977    items within it that refer to the group itself or any contained groups have to
3978    have their offsets adjusted. That one of the jobs of this function. Before it
3979    is called, the partially compiled regex must be temporarily terminated with
3980    OP_END.
3981    
3982    This function has been extended with the possibility of forward references for
3983    recursions and subroutine calls. It must also check the list of such references
3984    for the group we are dealing with. If it finds that one of the recursions in
3985    the current group is on this list, it adjusts the offset in the list, not the
3986    value in the reference (which is a group number).
3987    
3988    Arguments:
3989      group      points to the start of the group
3990      adjust     the amount by which the group is to be moved
3991      utf        TRUE in UTF-8 / UTF-16 / UTF-32 mode
3992      cd         contains pointers to tables etc.
3993      save_hwm_offset   the hwm forward reference offset at the start of the group
3994    
3995    Returns:     nothing
3996    */
3997    
3998    static void
3999    adjust_recurse(pcre_uchar *group, int adjust, BOOL utf, compile_data *cd,
4000      size_t save_hwm_offset)
4001    {
4002    pcre_uchar *ptr = group;
4003    
4004    while ((ptr = (pcre_uchar *)find_recurse(ptr, utf)) != NULL)
4005      {
4006      int offset;
4007      pcre_uchar *hc;
4008    
4009      /* See if this recursion is on the forward reference list. If so, adjust the
4010      reference. */
4011    
4012      for (hc = (pcre_uchar *)cd->start_workspace + save_hwm_offset; hc < cd->hwm;
4013           hc += LINK_SIZE)
4014        {
4015        offset = (int)GET(hc, 0);
4016        if (cd->start_code + offset == ptr + 1)
4017          {
4018        PUT(hc, 0, offset + adjust);        PUT(hc, 0, offset + adjust);
4019        break;        break;
4020        }        }
# Line 2757  while ((ptr = (pcre_uchar *)find_recurse Line 4025  while ((ptr = (pcre_uchar *)find_recurse
4025    
4026    if (hc >= cd->hwm)    if (hc >= cd->hwm)
4027      {      {
4028      offset = GET(ptr, 1);      offset = (int)GET(ptr, 1);
4029      if (cd->start_code + offset >= group) PUT(ptr, 1, offset + adjust);      if (cd->start_code + offset >= group) PUT(ptr, 1, offset + adjust);
4030      }      }
4031    
# Line 2825  PUT(previous_callout, 2 + LINK_SIZE, len Line 4093  PUT(previous_callout, 2 + LINK_SIZE, len
4093  *************************************************/  *************************************************/
4094    
4095  /* This function is passed the start and end of a class range, in UTF-8 mode  /* This function is passed the start and end of a class range, in UTF-8 mode
4096  with UCP support. It searches up the characters, looking for internal ranges of  with UCP support. It searches up the characters, looking for ranges of
4097  characters in the "other" case. Each call returns the next one, updating the  characters in the "other" case. Each call returns the next one, updating the
4098  start address.  start address. A character with multiple other cases is returned on its own
4099    with a special return value.
4100    
4101  Arguments:  Arguments:
4102    cptr        points to starting character value; updated    cptr        points to starting character value; updated
# Line 2835  Arguments: Line 4104  Arguments:
4104    ocptr       where to put start of othercase range    ocptr       where to put start of othercase range
4105    odptr       where to put end of othercase range    odptr       where to put end of othercase range
4106    
4107  Yield:        TRUE when range returned; FALSE when no more  Yield:        -1 when no more
4108  */                 0 when a range is returned
4109                  >0 the CASESET offset for char with multiple other cases
4110  static BOOL                  in this case, ocptr contains the original
 get_othercase_range(unsigned int *cptr, unsigned int d, unsigned int *ocptr,  
   unsigned int *odptr)  
 {  
 unsigned int c, othercase, next;  
   
 for (c = *cptr; c <= d; c++)  
   { if ((othercase = UCD_OTHERCASE(c)) != c) break; }  
   
 if (c > d) return FALSE;  
   
 *ocptr = othercase;  
 next = othercase + 1;  
   
 for (++c; c <= d; c++)  
   {  
   if (UCD_OTHERCASE(c) != next) break;  
   next++;  
   }  
   
 *odptr = next - 1;  
 *cptr = c;  
   
 return TRUE;  
 }  
   
   
   
 /*************************************************  
 *        Check a character and a property        *  
 *************************************************/  
   
 /* This function is called by check_auto_possessive() when a property item  
 is adjacent to a fixed character.  
   
 Arguments:  
   c            the character  
   ptype        the property type  
   pdata        the data for the type  
   negated      TRUE if it's a negated property (\P or \p{^)  
   
 Returns:       TRUE if auto-possessifying is OK  
 */  
   
 static BOOL  
 check_char_prop(int c, int ptype, int pdata, BOOL negated)  
 {  
 const ucd_record *prop = GET_UCD(c);  
 switch(ptype)  
   {  
   case PT_LAMP:  
   return (prop->chartype == ucp_Lu ||  
           prop->chartype == ucp_Ll ||  
           prop->chartype == ucp_Lt) == negated;  
   
   case PT_GC:  
   return (pdata == PRIV(ucp_gentype)[prop->chartype]) == negated;  
   
   case PT_PC:  
   return (pdata == prop->chartype) == negated;  
   
   case PT_SC:  
   return (pdata == prop->script) == negated;  
   
   /* These are specials */  
   
   case PT_ALNUM:  
   return (PRIV(ucp_gentype)[prop->chartype] == ucp_L ||  
           PRIV(ucp_gentype)[prop->chartype] == ucp_N) == negated;  
   
   case PT_SPACE:    /* Perl space */  
   return (PRIV(ucp_gentype)[prop->chartype] == ucp_Z ||  
           c == CHAR_HT || c == CHAR_NL || c == CHAR_FF || c == CHAR_CR)  
           == negated;  
   
   case PT_PXSPACE:  /* POSIX space */  
   return (PRIV(ucp_gentype)[prop->chartype] == ucp_Z ||  
           c == CHAR_HT || c == CHAR_NL || c == CHAR_VT ||  
           c == CHAR_FF || c == CHAR_CR)  
           == negated;  
   
   case PT_WORD:  
   return (PRIV(ucp_gentype)[prop->chartype] == ucp_L ||  
           PRIV(ucp_gentype)[prop->chartype] == ucp_N ||  
           c == CHAR_UNDERSCORE) == negated;  
   }  
 return FALSE;  
 }  
 #endif  /* SUPPORT_UCP */  
   
   
   
 /*************************************************  
 *     Check if auto-possessifying is possible    *  
 *************************************************/  
   
 /* This function is called for unlimited repeats of certain items, to see  
 whether the next thing could possibly match the repeated item. If not, it makes  
 sense to automatically possessify the repeated item.  
   
 Arguments:  
   previous      pointer to the repeated opcode  
   utf           TRUE in UTF-8 / UTF-16 mode  
   ptr           next character in pattern  
   options       options bits  
   cd            contains pointers to tables etc.  
   
 Returns:        TRUE if possessifying is wanted  
4111  */  */
4112    
4113  static BOOL  static int
4114  check_auto_possessive(const pcre_uchar *previous, BOOL utf,  get_othercase_range(pcre_uint32 *cptr, pcre_uint32 d, pcre_uint32 *ocptr,
4115    const pcre_uchar *ptr, int options, compile_data *cd)    pcre_uint32 *odptr)
4116  {  {
4117  pcre_int32 c, next;  pcre_uint32 c, othercase, next;
4118  int op_code = *previous++;  unsigned int co;
4119    
4120  /* Skip whitespace and comments in extended mode */  /* Find the first character that has an other case. If it has multiple other
4121    cases, return its case offset value. */
4122    
4123  if ((options & PCRE_EXTENDED) != 0)  for (c = *cptr; c <= d; c++)
4124    {    {
4125    for (;;)    if ((co = UCD_CASESET(c)) != 0)
4126      {      {
4127      while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_space) != 0) ptr++;      *ocptr = c++;   /* Character that has the set */
4128      if (*ptr == CHAR_NUMBER_SIGN)      *cptr = c;      /* Rest of input range */
4129        {      return (int)co;
       ptr++;  
       while (*ptr != 0)  
         {  
         if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }  
         ptr++;  
 #ifdef SUPPORT_UTF  
         if (utf) FORWARDCHAR(ptr);  
 #endif  
         }  
       }  
     else break;  
4130      }      }
4131      if ((othercase = UCD_OTHERCASE(c)) != c) break;
4132    }    }
4133    
4134  /* If the next item is one that we can handle, get its value. A non-negative  if (c > d) return -1;  /* Reached end of range */
 value is a character, a negative value is an escape value. */  
4135    
4136  if (*ptr == CHAR_BACKSLASH)  /* Found a character that has a single other case. Search for the end of the
4137    {  range, which is either the end of the input range, or a character that has zero
4138    int temperrorcode = 0;  or more than one other cases. */
   next = check_escape(&ptr, &temperrorcode, cd->bracount, options, FALSE);  
   if (temperrorcode != 0) return FALSE;  
   ptr++;    /* Point after the escape sequence */  
   }  
 else if (!MAX_255(*ptr) || (cd->ctypes[*ptr] & ctype_meta) == 0)  
   {  
 #ifdef SUPPORT_UTF  
   if (utf) { GETCHARINC(next, ptr); } else  
 #endif  
   next = *ptr++;  
   }  
 else return FALSE;  
4139    
4140  /* Skip whitespace and comments in extended mode */  *ocptr = othercase;
4141    next = othercase + 1;
4142    
4143  if ((options & PCRE_EXTENDED) != 0)  for (++c; c <= d; c++)
4144    {    {
4145    for (;;)    if ((co = UCD_CASESET(c)) != 0 || UCD_OTHERCASE(c) != next) break;
4146      {    next++;
     while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_space) != 0) ptr++;  
     if (*ptr == CHAR_NUMBER_SIGN)  
       {  
       ptr++;  
       while (*ptr != 0)  
         {  
         if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }  
         ptr++;  
 #ifdef SUPPORT_UTF  
         if (utf) FORWARDCHAR(ptr);  
 #endif  
         }  
       }  
     else break;  
     }  
4147    }    }
4148    
4149  /* If the next thing is itself optional, we have to give up. */  *odptr = next - 1;     /* End of othercase range */
4150    *cptr = c;             /* Rest of input range */
4151    return 0;
4152    }
4153    #endif  /* SUPPORT_UCP */
4154    
 if (*ptr == CHAR_ASTERISK || *ptr == CHAR_QUESTION_MARK ||  
   STRNCMP_UC_C8(ptr, STR_LEFT_CURLY_BRACKET STR_0 STR_COMMA, 3) == 0)  
     return FALSE;  
4155    
 /* Now compare the next item with the previous opcode. First, handle cases when  
 the next item is a character. */  
4156    
4157  if (next >= 0) switch(op_code)  /*************************************************
4158    {  *        Add a character or range to a class     *
4159    case OP_CHAR:  *************************************************/
 #ifdef SUPPORT_UTF  
   GETCHARTEST(c, previous);  
 #else  
   c = *previous;  
 #endif  
   return c != next;  
4160    
4161    /* For CHARI (caseless character) we must check the other case. If we have  /* This function packages up the logic of adding a character or range of
4162    Unicode property support, we can use it to test the other case of  characters to a class. The character values in the arguments will be within the
4163    high-valued characters. */  valid values for the current mode (8-bit, 16-bit, UTF, etc). This function is
4164    mutually recursive with the function immediately below.
4165    
4166    case OP_CHARI:  Arguments:
4167  #ifdef SUPPORT_UTF    classbits     the bit map for characters < 256
4168    GETCHARTEST(c, previous);    uchardptr     points to the pointer for extra data
4169  #else    options       the options word
4170    c = *previous;    cd            contains pointers to tables etc.
4171  #endif    start         start of range character
4172    if (c == next) return FALSE;    end           end of range character
 #ifdef SUPPORT_UTF  
   if (utf)  
     {  
     unsigned int othercase;  
     if (next < 128) othercase = cd->fcc[next]; else  
 #ifdef SUPPORT_UCP  
     othercase = UCD_OTHERCASE((unsigned int)next);  
 #else  
     othercase = NOTACHAR;  
 #endif  
     return (unsigned int)c != othercase;  
     }  
   else  
 #endif  /* SUPPORT_UTF */  
   return (c != TABLE_GET(next, cd->fcc, next));  /* Non-UTF-8 mode */  
4173    
4174    /* For OP_NOT and OP_NOTI, the data is always a single-byte character. These  Returns:        the number of < 256 characters added
4175    opcodes are not used for multi-byte characters, because they are coded using                  the pointer to extra data is updated
4176    an XCLASS instead. */  */
4177    
4178    case OP_NOT:  static int
4179    return (c = *previous) == next;  add_to_class(pcre_uint8 *classbits, pcre_uchar **uchardptr, int options,
4180      compile_data *cd, pcre_uint32 start, pcre_uint32 end)
4181    {
4182    pcre_uint32 c;
4183    pcre_uint32 classbits_end = (end <= 0xff ? end : 0xff);
4184    int n8 = 0;
4185    
4186    /* If caseless matching is required, scan the range and process alternate
4187    cases. In Unicode, there are 8-bit characters that have alternate cases that
4188    are greater than 255 and vice-versa. Sometimes we can just extend the original
4189    range. */
4190    
4191    case OP_NOTI:  if ((options & PCRE_CASELESS) != 0)
4192    if ((c = *previous) == next) return TRUE;    {
 #ifdef SUPPORT_UTF  
   if (utf)  
     {  
     unsigned int othercase;  
     if (next < 128) othercase = cd->fcc[next]; else  
4193  #ifdef SUPPORT_UCP  #ifdef SUPPORT_UCP
4194      othercase = UCD_OTHERCASE(next);    if ((options & PCRE_UTF8) != 0)
4195  #else      {