/[pcre]/code/trunk/pcre_compile.c
ViewVC logotype

Diff of /code/trunk/pcre_compile.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 77 by nigel, Sat Feb 24 21:40:45 2007 UTC revision 457 by ph10, Sat Oct 3 16:24:08 2009 UTC
# Line 6  Line 6 
6  and semantics are as close as possible to those of the Perl 5 language.  and semantics are as close as possible to those of the Perl 5 language.
7    
8                         Written by Philip Hazel                         Written by Philip Hazel
9             Copyright (c) 1997-2005 University of Cambridge             Copyright (c) 1997-2009 University of Cambridge
10    
11  -----------------------------------------------------------------------------  -----------------------------------------------------------------------------
12  Redistribution and use in source and binary forms, with or without  Redistribution and use in source and binary forms, with or without
# Line 42  POSSIBILITY OF SUCH DAMAGE. Line 42  POSSIBILITY OF SUCH DAMAGE.
42  supporting internal functions that are not used by other modules. */  supporting internal functions that are not used by other modules. */
43    
44    
45    #ifdef HAVE_CONFIG_H
46    #include "config.h"
47    #endif
48    
49    #define NLBLOCK cd             /* Block containing newline information */
50    #define PSSTART start_pattern  /* Field containing processed string start */
51    #define PSEND   end_pattern    /* Field containing processed string end */
52    
53  #include "pcre_internal.h"  #include "pcre_internal.h"
54    
55    
56    /* When DEBUG is defined, we need the pcre_printint() function, which is also
57    used by pcretest. DEBUG is not defined when building a production library. */
58    
59    #ifdef DEBUG
60    #include "pcre_printint.src"
61    #endif
62    
63    
64    /* Macro for setting individual bits in class bitmaps. */
65    
66    #define SETBIT(a,b) a[b/8] |= (1 << (b%8))
67    
68    /* Maximum length value to check against when making sure that the integer that
69    holds the compiled pattern length does not overflow. We make it a bit less than
70    INT_MAX to allow for adding in group terminating bytes, so that we don't have
71    to check them every time. */
72    
73    #define OFLOW_MAX (INT_MAX - 20)
74    
75    
76  /*************************************************  /*************************************************
77  *      Code parameters and static tables         *  *      Code parameters and static tables         *
78  *************************************************/  *************************************************/
79    
80  /* Maximum number of items on the nested bracket stacks at compile time. This  /* This value specifies the size of stack workspace that is used during the
81  applies to the nesting of all kinds of parentheses. It does not limit  first pre-compile phase that determines how much memory is required. The regex
82  un-nested, non-capturing parentheses. This number can be made bigger if  is partly compiled into this space, but the compiled parts are discarded as
83  necessary - it is used to dimension one int and one unsigned char vector at  soon as they can be, so that hopefully there will never be an overrun. The code
84  compile time. */  does, however, check for an overrun. The largest amount I've seen used is 218,
85    so this number is very generous.
86    
87    The same workspace is used during the second, actual compile phase for
88    remembering forward references to groups so that they can be filled in at the
89    end. Each entry in this list occupies LINK_SIZE bytes, so even when LINK_SIZE
90    is 4 there is plenty of room. */
91    
92  #define BRASTACK_SIZE 200  #define COMPILE_WORK_SIZE (4096)
93    
94    
95  /* Table for handling escaped characters in the range '0'-'z'. Positive returns  /* Table for handling escaped characters in the range '0'-'z'. Positive returns
# Line 63  are simple data values; negative values Line 97  are simple data values; negative values
97  on. Zero means further processing is needed (for things like \x), or the escape  on. Zero means further processing is needed (for things like \x), or the escape
98  is invalid. */  is invalid. */
99    
100  #if !EBCDIC   /* This is the "normal" table for ASCII systems */  #ifndef EBCDIC
101    
102    /* This is the "normal" table for ASCII systems or for EBCDIC systems running
103    in UTF-8 mode. */
104    
105  static const short int escapes[] = {  static const short int escapes[] = {
106       0,      0,      0,      0,      0,      0,      0,      0,   /* 0 - 7 */       0,                       0,
107       0,      0,    ':',    ';',    '<',    '=',    '>',    '?',   /* 8 - ? */       0,                       0,
108     '@', -ESC_A, -ESC_B, -ESC_C, -ESC_D, -ESC_E,      0, -ESC_G,   /* @ - G */       0,                       0,
109       0,      0,      0,      0,      0,      0,      0,      0,   /* H - O */       0,                       0,
110  -ESC_P, -ESC_Q,      0, -ESC_S,      0,      0,      0, -ESC_W,   /* P - W */       0,                       0,
111  -ESC_X,      0, -ESC_Z,    '[',   '\\',    ']',    '^',    '_',   /* X - _ */       CHAR_COLON,              CHAR_SEMICOLON,
112     '`',      7, -ESC_b,      0, -ESC_d,  ESC_e,  ESC_f,      0,   /* ` - g */       CHAR_LESS_THAN_SIGN,     CHAR_EQUALS_SIGN,
113       0,      0,      0,      0,      0,      0,  ESC_n,      0,   /* h - o */       CHAR_GREATER_THAN_SIGN,  CHAR_QUESTION_MARK,
114  -ESC_p,      0,  ESC_r, -ESC_s,  ESC_tee,    0,      0, -ESC_w,   /* p - w */       CHAR_COMMERCIAL_AT,      -ESC_A,
115       0,      0, -ESC_z                                            /* x - z */       -ESC_B,                  -ESC_C,
116         -ESC_D,                  -ESC_E,
117         0,                       -ESC_G,
118         -ESC_H,                  0,
119         0,                       -ESC_K,
120         0,                       0,
121         0,                       0,
122         -ESC_P,                  -ESC_Q,
123         -ESC_R,                  -ESC_S,
124         0,                       0,
125         -ESC_V,                  -ESC_W,
126         -ESC_X,                  0,
127         -ESC_Z,                  CHAR_LEFT_SQUARE_BRACKET,
128         CHAR_BACKSLASH,          CHAR_RIGHT_SQUARE_BRACKET,
129         CHAR_CIRCUMFLEX_ACCENT,  CHAR_UNDERSCORE,
130         CHAR_GRAVE_ACCENT,       7,
131         -ESC_b,                  0,
132         -ESC_d,                  ESC_e,
133         ESC_f,                   0,
134         -ESC_h,                  0,
135         0,                       -ESC_k,
136         0,                       0,
137         ESC_n,                   0,
138         -ESC_p,                  0,
139         ESC_r,                   -ESC_s,
140         ESC_tee,                 0,
141         -ESC_v,                  -ESC_w,
142         0,                       0,
143         -ESC_z
144  };  };
145    
146  #else         /* This is the "abnormal" table for EBCDIC systems */  #else
147    
148    /* This is the "abnormal" table for EBCDIC systems without UTF-8 support. */
149    
150  static const short int escapes[] = {  static const short int escapes[] = {
151  /*  48 */     0,     0,      0,     '.',    '<',   '(',    '+',    '|',  /*  48 */     0,     0,      0,     '.',    '<',   '(',    '+',    '|',
152  /*  50 */   '&',     0,      0,       0,      0,     0,      0,      0,  /*  50 */   '&',     0,      0,       0,      0,     0,      0,      0,
# Line 87  static const short int escapes[] = { Line 156  static const short int escapes[] = {
156  /*  70 */     0,     0,      0,       0,      0,     0,      0,      0,  /*  70 */     0,     0,      0,       0,      0,     0,      0,      0,
157  /*  78 */     0,   '`',    ':',     '#',    '@',  '\'',    '=',    '"',  /*  78 */     0,   '`',    ':',     '#',    '@',  '\'',    '=',    '"',
158  /*  80 */     0,     7, -ESC_b,       0, -ESC_d, ESC_e,  ESC_f,      0,  /*  80 */     0,     7, -ESC_b,       0, -ESC_d, ESC_e,  ESC_f,      0,
159  /*  88 */     0,     0,      0,     '{',      0,     0,      0,      0,  /*  88 */-ESC_h,     0,      0,     '{',      0,     0,      0,      0,
160  /*  90 */     0,     0,      0,     'l',      0, ESC_n,      0, -ESC_p,  /*  90 */     0,     0, -ESC_k,     'l',      0, ESC_n,      0, -ESC_p,
161  /*  98 */     0, ESC_r,      0,     '}',      0,     0,      0,      0,  /*  98 */     0, ESC_r,      0,     '}',      0,     0,      0,      0,
162  /*  A0 */     0,   '~', -ESC_s, ESC_tee,      0,     0, -ESC_w,      0,  /*  A0 */     0,   '~', -ESC_s, ESC_tee,      0,-ESC_v, -ESC_w,      0,
163  /*  A8 */     0,-ESC_z,      0,       0,      0,   '[',      0,      0,  /*  A8 */     0,-ESC_z,      0,       0,      0,   '[',      0,      0,
164  /*  B0 */     0,     0,      0,       0,      0,     0,      0,      0,  /*  B0 */     0,     0,      0,       0,      0,     0,      0,      0,
165  /*  B8 */     0,     0,      0,       0,      0,   ']',    '=',    '-',  /*  B8 */     0,     0,      0,       0,      0,   ']',    '=',    '-',
166  /*  C0 */   '{',-ESC_A, -ESC_B,  -ESC_C, -ESC_D,-ESC_E,      0, -ESC_G,  /*  C0 */   '{',-ESC_A, -ESC_B,  -ESC_C, -ESC_D,-ESC_E,      0, -ESC_G,
167  /*  C8 */     0,     0,      0,       0,      0,     0,      0,      0,  /*  C8 */-ESC_H,     0,      0,       0,      0,     0,      0,      0,
168  /*  D0 */   '}',     0,      0,       0,      0,     0,      0, -ESC_P,  /*  D0 */   '}',     0, -ESC_K,       0,      0,     0,      0, -ESC_P,
169  /*  D8 */-ESC_Q,     0,      0,       0,      0,     0,      0,      0,  /*  D8 */-ESC_Q,-ESC_R,      0,       0,      0,     0,      0,      0,
170  /*  E0 */  '\\',     0, -ESC_S,       0,      0,     0, -ESC_W, -ESC_X,  /*  E0 */  '\\',     0, -ESC_S,       0,      0,-ESC_V, -ESC_W, -ESC_X,
171  /*  E8 */     0,-ESC_Z,      0,       0,      0,     0,      0,      0,  /*  E8 */     0,-ESC_Z,      0,       0,      0,     0,      0,      0,
172  /*  F0 */     0,     0,      0,       0,      0,     0,      0,      0,  /*  F0 */     0,     0,      0,       0,      0,     0,      0,      0,
173  /*  F8 */     0,     0,      0,       0,      0,     0,      0,      0  /*  F8 */     0,     0,      0,       0,      0,     0,      0,      0
# Line 106  static const short int escapes[] = { Line 175  static const short int escapes[] = {
175  #endif  #endif
176    
177    
178  /* Tables of names of POSIX character classes and their lengths. The list is  /* Table of special "verbs" like (*PRUNE). This is a short table, so it is
179  terminated by a zero length entry. The first three must be alpha, upper, lower,  searched linearly. Put all the names into a single string, in order to reduce
180  as this is assumed for handling case independence. */  the number of relocations when a shared library is dynamically linked. The
181    string is built from string macros so that it works in UTF-8 mode on EBCDIC
182  static const char *const posix_names[] = {  platforms. */
183    "alpha", "lower", "upper",  
184    "alnum", "ascii", "blank", "cntrl", "digit", "graph",  typedef struct verbitem {
185    "print", "punct", "space", "word",  "xdigit" };    int   len;
186      int   op;
187    } verbitem;
188    
189    static const char verbnames[] =
190      STRING_ACCEPT0
191      STRING_COMMIT0
192      STRING_F0
193      STRING_FAIL0
194      STRING_PRUNE0
195      STRING_SKIP0
196      STRING_THEN;
197    
198    static const verbitem verbs[] = {
199      { 6, OP_ACCEPT },
200      { 6, OP_COMMIT },
201      { 1, OP_FAIL },
202      { 4, OP_FAIL },
203      { 5, OP_PRUNE },
204      { 4, OP_SKIP  },
205      { 4, OP_THEN  }
206    };
207    
208    static const int verbcount = sizeof(verbs)/sizeof(verbitem);
209    
210    
211    /* Tables of names of POSIX character classes and their lengths. The names are
212    now all in a single string, to reduce the number of relocations when a shared
213    library is dynamically loaded. The list of lengths is terminated by a zero
214    length entry. The first three must be alpha, lower, upper, as this is assumed
215    for handling case independence. */
216    
217    static const char posix_names[] =
218      STRING_alpha0 STRING_lower0 STRING_upper0 STRING_alnum0
219      STRING_ascii0 STRING_blank0 STRING_cntrl0 STRING_digit0
220      STRING_graph0 STRING_print0 STRING_punct0 STRING_space0
221      STRING_word0  STRING_xdigit;
222    
223  static const uschar posix_name_lengths[] = {  static const uschar posix_name_lengths[] = {
224    5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };    5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };
225    
226  /* Table of class bit maps for each POSIX class; up to three may be combined  /* Table of class bit maps for each POSIX class. Each class is formed from a
227  to form the class. The table for [:blank:] is dynamically modified to remove  base map, with an optional addition or removal of another map. Then, for some
228  the vertical space characters. */  classes, there is some additional tweaking: for [:blank:] the vertical space
229    characters are removed, and for [:alpha:] and [:alnum:] the underscore
230    character is removed. The triples in the table consist of the base map offset,
231    second map offset or -1 if no second map, and a non-negative value for map
232    addition or a negative value for map subtraction (if there are two maps). The
233    absolute value of the third field has these meanings: 0 => no tweaking, 1 =>
234    remove vertical space characters, 2 => remove underscore. */
235    
236  static const int posix_class_maps[] = {  static const int posix_class_maps[] = {
237    cbit_lower, cbit_upper, -1,             /* alpha */    cbit_word,  cbit_digit, -2,             /* alpha */
238    cbit_lower, -1,         -1,             /* lower */    cbit_lower, -1,          0,             /* lower */
239    cbit_upper, -1,         -1,             /* upper */    cbit_upper, -1,          0,             /* upper */
240    cbit_digit, cbit_lower, cbit_upper,     /* alnum */    cbit_word,  -1,          2,             /* alnum - word without underscore */
241    cbit_print, cbit_cntrl, -1,             /* ascii */    cbit_print, cbit_cntrl,  0,             /* ascii */
242    cbit_space, -1,         -1,             /* blank - a GNU extension */    cbit_space, -1,          1,             /* blank - a GNU extension */
243    cbit_cntrl, -1,         -1,             /* cntrl */    cbit_cntrl, -1,          0,             /* cntrl */
244    cbit_digit, -1,         -1,             /* digit */    cbit_digit, -1,          0,             /* digit */
245    cbit_graph, -1,         -1,             /* graph */    cbit_graph, -1,          0,             /* graph */
246    cbit_print, -1,         -1,             /* print */    cbit_print, -1,          0,             /* print */
247    cbit_punct, -1,         -1,             /* punct */    cbit_punct, -1,          0,             /* punct */
248    cbit_space, -1,         -1,             /* space */    cbit_space, -1,          0,             /* space */
249    cbit_word,  -1,         -1,             /* word - a Perl extension */    cbit_word,  -1,          0,             /* word - a Perl extension */
250    cbit_xdigit,-1,         -1              /* xdigit */    cbit_xdigit,-1,          0              /* xdigit */
251  };  };
252    
253    
254  /* The texts of compile-time error messages. These are "char *" because they  #define STRING(a)  # a
255  are passed to the outside world. */  #define XSTRING(s) STRING(s)
256    
257  static const char *error_texts[] = {  /* The texts of compile-time error messages. These are "char *" because they
258    "no error",  are passed to the outside world. Do not ever re-use any error number, because
259    "\\ at end of pattern",  they are documented. Always add a new error instead. Messages marked DEAD below
260    "\\c at end of pattern",  are no longer used. This used to be a table of strings, but in order to reduce
261    "unrecognized character follows \\",  the number of relocations needed when a shared library is loaded dynamically,
262    "numbers out of order in {} quantifier",  it is now one long string. We cannot use a table of offsets, because the
263    lengths of inserts such as XSTRING(MAX_NAME_SIZE) are not known. Instead, we
264    simply count through to the one we want - this isn't a performance issue
265    because these strings are used only when there is a compilation error. */
266    
267    static const char error_texts[] =
268      "no error\0"
269      "\\ at end of pattern\0"
270      "\\c at end of pattern\0"
271      "unrecognized character follows \\\0"
272      "numbers out of order in {} quantifier\0"
273    /* 5 */    /* 5 */
274    "number too big in {} quantifier",    "number too big in {} quantifier\0"
275    "missing terminating ] for character class",    "missing terminating ] for character class\0"
276    "invalid escape sequence in character class",    "invalid escape sequence in character class\0"
277    "range out of order in character class",    "range out of order in character class\0"
278    "nothing to repeat",    "nothing to repeat\0"
279    /* 10 */    /* 10 */
280    "operand of unlimited repeat could match the empty string",    "operand of unlimited repeat could match the empty string\0"  /** DEAD **/
281    "internal error: unexpected repeat",    "internal error: unexpected repeat\0"
282    "unrecognized character after (?",    "unrecognized character after (? or (?-\0"
283    "POSIX named classes are supported only within a class",    "POSIX named classes are supported only within a class\0"
284    "missing )",    "missing )\0"
285    /* 15 */    /* 15 */
286    "reference to non-existent subpattern",    "reference to non-existent subpattern\0"
287    "erroffset passed as NULL",    "erroffset passed as NULL\0"
288    "unknown option bit(s) set",    "unknown option bit(s) set\0"
289    "missing ) after comment",    "missing ) after comment\0"
290    "parentheses nested too deeply",    "parentheses nested too deeply\0"  /** DEAD **/
291    /* 20 */    /* 20 */
292    "regular expression too large",    "regular expression is too large\0"
293    "failed to get memory",    "failed to get memory\0"
294    "unmatched parentheses",    "unmatched parentheses\0"
295    "internal error: code overflow",    "internal error: code overflow\0"
296    "unrecognized character after (?<",    "unrecognized character after (?<\0"
297    /* 25 */    /* 25 */
298    "lookbehind assertion is not fixed length",    "lookbehind assertion is not fixed length\0"
299    "malformed number after (?(",    "malformed number or name after (?(\0"
300    "conditional group contains more than two branches",    "conditional group contains more than two branches\0"
301    "assertion expected after (?(",    "assertion expected after (?(\0"
302    "(?R or (?digits must be followed by )",    "(?R or (?[+-]digits must be followed by )\0"
303    /* 30 */    /* 30 */
304    "unknown POSIX class name",    "unknown POSIX class name\0"
305    "POSIX collating elements are not supported",    "POSIX collating elements are not supported\0"
306    "this version of PCRE is not compiled with PCRE_UTF8 support",    "this version of PCRE is not compiled with PCRE_UTF8 support\0"
307    "spare error",    "spare error\0"  /** DEAD **/
308    "character value in \\x{...} sequence is too large",    "character value in \\x{...} sequence is too large\0"
309    /* 35 */    /* 35 */
310    "invalid condition (?(0)",    "invalid condition (?(0)\0"
311    "\\C not allowed in lookbehind assertion",    "\\C not allowed in lookbehind assertion\0"
312    "PCRE does not support \\L, \\l, \\N, \\U, or \\u",    "PCRE does not support \\L, \\l, \\N, \\U, or \\u\0"
313    "number after (?C is > 255",    "number after (?C is > 255\0"
314    "closing ) for (?C expected",    "closing ) for (?C expected\0"
315    /* 40 */    /* 40 */
316    "recursive call could loop indefinitely",    "recursive call could loop indefinitely\0"
317    "unrecognized character after (?P",    "unrecognized character after (?P\0"
318    "syntax error after (?P",    "syntax error in subpattern name (missing terminator)\0"
319    "two named groups have the same name",    "two named subpatterns have the same name\0"
320    "invalid UTF-8 string",    "invalid UTF-8 string\0"
321    /* 45 */    /* 45 */
322    "support for \\P, \\p, and \\X has not been compiled",    "support for \\P, \\p, and \\X has not been compiled\0"
323    "malformed \\P or \\p sequence",    "malformed \\P or \\p sequence\0"
324    "unknown property name after \\P or \\p"    "unknown property name after \\P or \\p\0"
325  };    "subpattern name is too long (maximum " XSTRING(MAX_NAME_SIZE) " characters)\0"
326      "too many named subpatterns (maximum " XSTRING(MAX_NAME_COUNT) ")\0"
327      /* 50 */
328      "repeated subpattern is too long\0"    /** DEAD **/
329      "octal value is greater than \\377 (not in UTF-8 mode)\0"
330      "internal error: overran compiling workspace\0"
331      "internal error: previously-checked referenced subpattern not found\0"
332      "DEFINE group contains more than one branch\0"
333      /* 55 */
334      "repeating a DEFINE group is not allowed\0"
335      "inconsistent NEWLINE options\0"
336      "\\g is not followed by a braced, angle-bracketed, or quoted name/number or by a plain number\0"
337      "a numbered reference must not be zero\0"
338      "(*VERB) with an argument is not supported\0"
339      /* 60 */
340      "(*VERB) not recognized\0"
341      "number is too big\0"
342      "subpattern name expected\0"
343      "digit expected after (?+\0"
344      "] is an invalid data character in JavaScript compatibility mode\0"
345      /* 65 */
346      "different names for subpatterns of the same number are not allowed";
347    
348    
349  /* Table to identify digits and hex digits. This is used when compiling  /* Table to identify digits and hex digits. This is used when compiling
# Line 220  For convenience, we use the same bit def Line 362  For convenience, we use the same bit def
362    
363  Then we can use ctype_digit and ctype_xdigit in the code. */  Then we can use ctype_digit and ctype_xdigit in the code. */
364    
365  #if !EBCDIC    /* This is the "normal" case, for ASCII systems */  #ifndef EBCDIC
366    
367    /* This is the "normal" case, for ASCII systems, and EBCDIC systems running in
368    UTF-8 mode. */
369    
370  static const unsigned char digitab[] =  static const unsigned char digitab[] =
371    {    {
372    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7 */
# Line 256  static const unsigned char digitab[] = Line 402  static const unsigned char digitab[] =
402    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 240-247 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 240-247 */
403    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};/* 248-255 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};/* 248-255 */
404    
405  #else          /* This is the "abnormal" case, for EBCDIC systems */  #else
406    
407    /* This is the "abnormal" case, for EBCDIC systems not running in UTF-8 mode. */
408    
409  static const unsigned char digitab[] =  static const unsigned char digitab[] =
410    {    {
411    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7  0 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7  0 */
# Line 270  static const unsigned char digitab[] = Line 419  static const unsigned char digitab[] =
419    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*    - 71 40 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*    - 71 40 */
420    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  72- |     */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  72- |     */
421    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  & - 87 50 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  & - 87 50 */
422    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  88-     */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  88- 95    */
423    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  - -103 60 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  - -103 60 */
424    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 104- ?     */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 104- ?     */
425    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 70 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 70 */
# Line 304  static const unsigned char ebcdic_charta Line 453  static const unsigned char ebcdic_charta
453    0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*    - 71 */    0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*    - 71 */
454    0x00,0x00,0x00,0x80,0x00,0x80,0x80,0x80, /*  72- |  */    0x00,0x00,0x00,0x80,0x00,0x80,0x80,0x80, /*  72- |  */
455    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  & - 87 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  & - 87 */
456    0x00,0x00,0x00,0x80,0x80,0x80,0x00,0x00, /*  88-  */    0x00,0x00,0x00,0x80,0x80,0x80,0x00,0x00, /*  88- 95 */
457    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  - -103 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  - -103 */
458    0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x80, /* 104- ?  */    0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x80, /* 104- ?  */
459    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 */
# Line 331  static const unsigned char ebcdic_charta Line 480  static const unsigned char ebcdic_charta
480  /* Definition to allow mutual recursion */  /* Definition to allow mutual recursion */
481    
482  static BOOL  static BOOL
483    compile_regex(int, int, int *, uschar **, const uschar **, int *, BOOL, int,    compile_regex(int, int, uschar **, const uschar **, int *, BOOL, BOOL, int,
484      int *, int *, branch_chain *, compile_data *);      int *, int *, branch_chain *, compile_data *, int *);
485    
486    
487    
488    /*************************************************
489    *            Find an error text                  *
490    *************************************************/
491    
492    /* The error texts are now all in one long string, to save on relocations. As
493    some of the text is of unknown length, we can't use a table of offsets.
494    Instead, just count through the strings. This is not a performance issue
495    because it happens only when there has been a compilation error.
496    
497    Argument:   the error number
498    Returns:    pointer to the error string
499    */
500    
501    static const char *
502    find_error_text(int n)
503    {
504    const char *s = error_texts;
505    for (; n > 0; n--) while (*s++ != 0) {};
506    return s;
507    }
508    
509    
510  /*************************************************  /*************************************************
# Line 342  static BOOL Line 513  static BOOL
513    
514  /* This function is called when a \ has been encountered. It either returns a  /* This function is called when a \ has been encountered. It either returns a
515  positive value for a simple escape such as \n, or a negative value which  positive value for a simple escape such as \n, or a negative value which
516  encodes one of the more complicated things such as \d. When UTF-8 is enabled,  encodes one of the more complicated things such as \d. A backreference to group
517  a positive value greater than 255 may be returned. On entry, ptr is pointing at  n is returned as -(ESC_REF + n); ESC_REF is the highest ESC_xxx macro. When
518  the \. On exit, it is on the final character of the escape sequence.  UTF-8 is enabled, a positive value greater than 255 may be returned. On entry,
519    ptr is pointing at the \. On exit, it is on the final character of the escape
520    sequence.
521    
522  Arguments:  Arguments:
523    ptrptr         points to the pattern position pointer    ptrptr         points to the pattern position pointer
# Line 355  Arguments: Line 528  Arguments:
528    
529  Returns:         zero or positive => a data character  Returns:         zero or positive => a data character
530                   negative => a special escape sequence                   negative => a special escape sequence
531                   on error, errorptr is set                   on error, errorcodeptr is set
532  */  */
533    
534  static int  static int
535  check_escape(const uschar **ptrptr, int *errorcodeptr, int bracount,  check_escape(const uschar **ptrptr, int *errorcodeptr, int bracount,
536    int options, BOOL isclass)    int options, BOOL isclass)
537  {  {
538  const uschar *ptr = *ptrptr;  BOOL utf8 = (options & PCRE_UTF8) != 0;
539    const uschar *ptr = *ptrptr + 1;
540  int c, i;  int c, i;
541    
542    GETCHARINCTEST(c, ptr);           /* Get character value, increment pointer */
543    ptr--;                            /* Set pointer back to the last byte */
544    
545  /* If backslash is at the end of the pattern, it's an error. */  /* If backslash is at the end of the pattern, it's an error. */
546    
 c = *(++ptr);  
547  if (c == 0) *errorcodeptr = ERR1;  if (c == 0) *errorcodeptr = ERR1;
548    
549  /* Non-alphamerics are literals. For digits or letters, do an initial lookup in  /* Non-alphanumerics are literals. For digits or letters, do an initial lookup
550  a table. A non-zero result is something that can be returned immediately.  in a table. A non-zero result is something that can be returned immediately.
551  Otherwise further processing may be required. */  Otherwise further processing may be required. */
552    
553  #if !EBCDIC    /* ASCII coding */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
554  else if (c < '0' || c > 'z') {}                           /* Not alphameric */  else if (c < CHAR_0 || c > CHAR_z) {}                     /* Not alphanumeric */
555  else if ((i = escapes[c - '0']) != 0) c = i;  else if ((i = escapes[c - CHAR_0]) != 0) c = i;
556    
557  #else          /* EBCDIC coding */  #else           /* EBCDIC coding */
558  else if (c < 'a' || (ebcdic_chartab[c] & 0x0E) == 0) {}   /* Not alphameric */  else if (c < 'a' || (ebcdic_chartab[c] & 0x0E) == 0) {}   /* Not alphanumeric */
559  else if ((i = escapes[c - 0x48]) != 0)  c = i;  else if ((i = escapes[c - 0x48]) != 0)  c = i;
560  #endif  #endif
561    
# Line 388  else if ((i = escapes[c - 0x48]) != 0) Line 564  else if ((i = escapes[c - 0x48]) != 0)
564  else  else
565    {    {
566    const uschar *oldptr;    const uschar *oldptr;
567      BOOL braced, negated;
568    
569    switch (c)    switch (c)
570      {      {
571      /* A number of Perl escapes are not handled by PCRE. We give an explicit      /* A number of Perl escapes are not handled by PCRE. We give an explicit
572      error. */      error. */
573    
574      case 'l':      case CHAR_l:
575      case 'L':      case CHAR_L:
576      case 'N':      case CHAR_N:
577      case 'u':      case CHAR_u:
578      case 'U':      case CHAR_U:
579      *errorcodeptr = ERR37;      *errorcodeptr = ERR37;
580      break;      break;
581    
582        /* \g must be followed by one of a number of specific things:
583    
584        (1) A number, either plain or braced. If positive, it is an absolute
585        backreference. If negative, it is a relative backreference. This is a Perl
586        5.10 feature.
587    
588        (2) Perl 5.10 also supports \g{name} as a reference to a named group. This
589        is part of Perl's movement towards a unified syntax for back references. As
590        this is synonymous with \k{name}, we fudge it up by pretending it really
591        was \k.
592    
593        (3) For Oniguruma compatibility we also support \g followed by a name or a
594        number either in angle brackets or in single quotes. However, these are
595        (possibly recursive) subroutine calls, _not_ backreferences. Just return
596        the -ESC_g code (cf \k). */
597    
598        case CHAR_g:
599        if (ptr[1] == CHAR_LESS_THAN_SIGN || ptr[1] == CHAR_APOSTROPHE)
600          {
601          c = -ESC_g;
602          break;
603          }
604    
605        /* Handle the Perl-compatible cases */
606    
607        if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
608          {
609          const uschar *p;
610          for (p = ptr+2; *p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET; p++)
611            if (*p != CHAR_MINUS && (digitab[*p] & ctype_digit) == 0) break;
612          if (*p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET)
613            {
614            c = -ESC_k;
615            break;
616            }
617          braced = TRUE;
618          ptr++;
619          }
620        else braced = FALSE;
621    
622        if (ptr[1] == CHAR_MINUS)
623          {
624          negated = TRUE;
625          ptr++;
626          }
627        else negated = FALSE;
628    
629        c = 0;
630        while ((digitab[ptr[1]] & ctype_digit) != 0)
631          c = c * 10 + *(++ptr) - CHAR_0;
632    
633        if (c < 0)   /* Integer overflow */
634          {
635          *errorcodeptr = ERR61;
636          break;
637          }
638    
639        if (braced && *(++ptr) != CHAR_RIGHT_CURLY_BRACKET)
640          {
641          *errorcodeptr = ERR57;
642          break;
643          }
644    
645        if (c == 0)
646          {
647          *errorcodeptr = ERR58;
648          break;
649          }
650    
651        if (negated)
652          {
653          if (c > bracount)
654            {
655            *errorcodeptr = ERR15;
656            break;
657            }
658          c = bracount - (c - 1);
659          }
660    
661        c = -(ESC_REF + c);
662        break;
663    
664      /* The handling of escape sequences consisting of a string of digits      /* The handling of escape sequences consisting of a string of digits
665      starting with one that is not zero is not straightforward. By experiment,      starting with one that is not zero is not straightforward. By experiment,
666      the way Perl works seems to be as follows:      the way Perl works seems to be as follows:
# Line 413  else Line 673  else
673      value is greater than 377, the least significant 8 bits are taken. Inside a      value is greater than 377, the least significant 8 bits are taken. Inside a
674      character class, \ followed by a digit is always an octal number. */      character class, \ followed by a digit is always an octal number. */
675    
676      case '1': case '2': case '3': case '4': case '5':      case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4: case CHAR_5:
677      case '6': case '7': case '8': case '9':      case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
678    
679      if (!isclass)      if (!isclass)
680        {        {
681        oldptr = ptr;        oldptr = ptr;
682        c -= '0';        c -= CHAR_0;
683        while ((digitab[ptr[1]] & ctype_digit) != 0)        while ((digitab[ptr[1]] & ctype_digit) != 0)
684          c = c * 10 + *(++ptr) - '0';          c = c * 10 + *(++ptr) - CHAR_0;
685          if (c < 0)    /* Integer overflow */
686            {
687            *errorcodeptr = ERR61;
688            break;
689            }
690        if (c < 10 || c <= bracount)        if (c < 10 || c <= bracount)
691          {          {
692          c = -(ESC_REF + c);          c = -(ESC_REF + c);
# Line 434  else Line 699  else
699      generates a binary zero byte and treats the digit as a following literal.      generates a binary zero byte and treats the digit as a following literal.
700      Thus we have to pull back the pointer by one. */      Thus we have to pull back the pointer by one. */
701    
702      if ((c = *ptr) >= '8')      if ((c = *ptr) >= CHAR_8)
703        {        {
704        ptr--;        ptr--;
705        c = 0;        c = 0;
# Line 442  else Line 707  else
707        }        }
708    
709      /* \0 always starts an octal number, but we may drop through to here with a      /* \0 always starts an octal number, but we may drop through to here with a
710      larger first octal digit. */      larger first octal digit. The original code used just to take the least
711        significant 8 bits of octal numbers (I think this is what early Perls used
712      case '0':      to do). Nowadays we allow for larger numbers in UTF-8 mode, but no more
713      c -= '0';      than 3 octal digits. */
714      while(i++ < 2 && ptr[1] >= '0' && ptr[1] <= '7')  
715          c = c * 8 + *(++ptr) - '0';      case CHAR_0:
716      c &= 255;     /* Take least significant 8 bits */      c -= CHAR_0;
717        while(i++ < 2 && ptr[1] >= CHAR_0 && ptr[1] <= CHAR_7)
718            c = c * 8 + *(++ptr) - CHAR_0;
719        if (!utf8 && c > 255) *errorcodeptr = ERR51;
720      break;      break;
721    
722      /* \x is complicated when UTF-8 is enabled. \x{ddd} is a character number      /* \x is complicated. \x{ddd} is a character number which can be greater
723      which can be greater than 0xff, but only if the ddd are hex digits. */      than 0xff in utf8 mode, but only if the ddd are hex digits. If not, { is
724        treated as a data character. */
725    
726      case 'x':      case CHAR_x:
727  #ifdef SUPPORT_UTF8      if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
     if (ptr[1] == '{' && (options & PCRE_UTF8) != 0)  
728        {        {
729        const uschar *pt = ptr + 2;        const uschar *pt = ptr + 2;
730        register int count = 0;        int count = 0;
731    
732        c = 0;        c = 0;
733        while ((digitab[*pt] & ctype_xdigit) != 0)        while ((digitab[*pt] & ctype_xdigit) != 0)
734          {          {
735          int cc = *pt++;          register int cc = *pt++;
736            if (c == 0 && cc == CHAR_0) continue;     /* Leading zeroes */
737          count++;          count++;
738  #if !EBCDIC    /* ASCII coding */  
739          if (cc >= 'a') cc -= 32;               /* Convert to upper case */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
740          c = c * 16 + cc - ((cc < 'A')? '0' : ('A' - 10));          if (cc >= CHAR_a) cc -= 32;               /* Convert to upper case */
741  #else          /* EBCDIC coding */          c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
742          if (cc >= 'a' && cc <= 'z') cc += 64;  /* Convert to upper case */  #else           /* EBCDIC coding */
743          c = c * 16 + cc - ((cc >= '0')? '0' : ('A' - 10));          if (cc >= CHAR_a && cc <= CHAR_z) cc += 64;  /* Convert to upper case */
744            c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
745  #endif  #endif
746          }          }
747        if (*pt == '}')  
748          if (*pt == CHAR_RIGHT_CURLY_BRACKET)
749          {          {
750          if (c < 0 || count > 8) *errorcodeptr = ERR34;          if (c < 0 || count > (utf8? 8 : 2)) *errorcodeptr = ERR34;
751          ptr = pt;          ptr = pt;
752          break;          break;
753          }          }
754    
755        /* If the sequence of hex digits does not end with '}', then we don't        /* If the sequence of hex digits does not end with '}', then we don't
756        recognize this construct; fall through to the normal \x handling. */        recognize this construct; fall through to the normal \x handling. */
757        }        }
 #endif  
758    
759      /* Read just a single hex char */      /* Read just a single-byte hex-defined char */
760    
761      c = 0;      c = 0;
762      while (i++ < 2 && (digitab[ptr[1]] & ctype_xdigit) != 0)      while (i++ < 2 && (digitab[ptr[1]] & ctype_xdigit) != 0)
763        {        {
764        int cc;                               /* Some compilers don't like ++ */        int cc;                                  /* Some compilers don't like */
765        cc = *(++ptr);                        /* in initializers */        cc = *(++ptr);                           /* ++ in initializers */
766  #if !EBCDIC    /* ASCII coding */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
767        if (cc >= 'a') cc -= 32;              /* Convert to upper case */        if (cc >= CHAR_a) cc -= 32;              /* Convert to upper case */
768        c = c * 16 + cc - ((cc < 'A')? '0' : ('A' - 10));        c = c * 16 + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
769  #else          /* EBCDIC coding */  #else           /* EBCDIC coding */
770        if (cc <= 'z') cc += 64;              /* Convert to upper case */        if (cc <= CHAR_z) cc += 64;              /* Convert to upper case */
771        c = c * 16 + cc - ((cc >= '0')? '0' : ('A' - 10));        c = c * 16 + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
772  #endif  #endif
773        }        }
774      break;      break;
775    
776      /* Other special escapes not starting with a digit are straightforward */      /* For \c, a following letter is upper-cased; then the 0x40 bit is flipped.
777        This coding is ASCII-specific, but then the whole concept of \cx is
778        ASCII-specific. (However, an EBCDIC equivalent has now been added.) */
779    
780      case 'c':      case CHAR_c:
781      c = *(++ptr);      c = *(++ptr);
782      if (c == 0)      if (c == 0)
783        {        {
784        *errorcodeptr = ERR2;        *errorcodeptr = ERR2;
785        return 0;        break;
786        }        }
787    
788      /* A letter is upper-cased; then the 0x40 bit is flipped. This coding  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
789      is ASCII-specific, but then the whole concept of \cx is ASCII-specific.      if (c >= CHAR_a && c <= CHAR_z) c -= 32;
     (However, an EBCDIC equivalent has now been added.) */  
   
 #if !EBCDIC    /* ASCII coding */  
     if (c >= 'a' && c <= 'z') c -= 32;  
790      c ^= 0x40;      c ^= 0x40;
791  #else          /* EBCDIC coding */  #else           /* EBCDIC coding */
792      if (c >= 'a' && c <= 'z') c += 64;      if (c >= CHAR_a && c <= CHAR_z) c += 64;
793      c ^= 0xC0;      c ^= 0xC0;
794  #endif  #endif
795      break;      break;
796    
797      /* PCRE_EXTRA enables extensions to Perl in the matter of escapes. Any      /* PCRE_EXTRA enables extensions to Perl in the matter of escapes. Any
798      other alphameric following \ is an error if PCRE_EXTRA was set; otherwise,      other alphanumeric following \ is an error if PCRE_EXTRA was set;
799      for Perl compatibility, it is a literal. This code looks a bit odd, but      otherwise, for Perl compatibility, it is a literal. This code looks a bit
800      there used to be some cases other than the default, and there may be again      odd, but there used to be some cases other than the default, and there may
801      in future, so I haven't "optimized" it. */      be again in future, so I haven't "optimized" it. */
802    
803      default:      default:
804      if ((options & PCRE_EXTRA) != 0) switch(c)      if ((options & PCRE_EXTRA) != 0) switch(c)
# Line 560  escape sequence. Line 830  escape sequence.
830  Argument:  Argument:
831    ptrptr         points to the pattern position pointer    ptrptr         points to the pattern position pointer
832    negptr         points to a boolean that is set TRUE for negation else FALSE    negptr         points to a boolean that is set TRUE for negation else FALSE
833      dptr           points to an int that is set to the detailed property value
834    errorcodeptr   points to the error code variable    errorcodeptr   points to the error code variable
835    
836  Returns:     value from ucp_type_table, or -1 for an invalid type  Returns:         type value from ucp_type_table, or -1 for an invalid type
837  */  */
838    
839  static int  static int
840  get_ucp(const uschar **ptrptr, BOOL *negptr, int *errorcodeptr)  get_ucp(const uschar **ptrptr, BOOL *negptr, int *dptr, int *errorcodeptr)
841  {  {
842  int c, i, bot, top;  int c, i, bot, top;
843  const uschar *ptr = *ptrptr;  const uschar *ptr = *ptrptr;
844  char name[4];  char name[32];
845    
846  c = *(++ptr);  c = *(++ptr);
847  if (c == 0) goto ERROR_RETURN;  if (c == 0) goto ERROR_RETURN;
848    
849  *negptr = FALSE;  *negptr = FALSE;
850    
851  /* \P or \p can be followed by a one- or two-character name in {}, optionally  /* \P or \p can be followed by a name in {}, optionally preceded by ^ for
852  preceded by ^ for negation. */  negation. */
853    
854  if (c == '{')  if (c == CHAR_LEFT_CURLY_BRACKET)
855    {    {
856    if (ptr[1] == '^')    if (ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
857      {      {
858      *negptr = TRUE;      *negptr = TRUE;
859      ptr++;      ptr++;
860      }      }
861    for (i = 0; i <= 2; i++)    for (i = 0; i < (int)sizeof(name) - 1; i++)
862      {      {
863      c = *(++ptr);      c = *(++ptr);
864      if (c == 0) goto ERROR_RETURN;      if (c == 0) goto ERROR_RETURN;
865      if (c == '}') break;      if (c == CHAR_RIGHT_CURLY_BRACKET) break;
866      name[i] = c;      name[i] = c;
867      }      }
868    if (c !='}')   /* Try to distinguish error cases */    if (c != CHAR_RIGHT_CURLY_BRACKET) goto ERROR_RETURN;
     {  
     while (*(++ptr) != 0 && *ptr != '}');  
     if (*ptr == '}') goto UNKNOWN_RETURN; else goto ERROR_RETURN;  
     }  
869    name[i] = 0;    name[i] = 0;
870    }    }
871    
# Line 619  top = _pcre_utt_size; Line 886  top = _pcre_utt_size;
886    
887  while (bot < top)  while (bot < top)
888    {    {
889    i = (bot + top)/2;    i = (bot + top) >> 1;
890    c = strcmp(name, _pcre_utt[i].name);    c = strcmp(name, _pcre_utt_names + _pcre_utt[i].name_offset);
891    if (c == 0) return _pcre_utt[i].value;    if (c == 0)
892        {
893        *dptr = _pcre_utt[i].value;
894        return _pcre_utt[i].type;
895        }
896    if (c > 0) bot = i + 1; else top = i;    if (c > 0) bot = i + 1; else top = i;
897    }    }
898    
 UNKNOWN_RETURN:  
899  *errorcodeptr = ERR47;  *errorcodeptr = ERR47;
900  *ptrptr = ptr;  *ptrptr = ptr;
901  return -1;  return -1;
# Line 660  is_counted_repeat(const uschar *p) Line 930  is_counted_repeat(const uschar *p)
930  {  {
931  if ((digitab[*p++] & ctype_digit) == 0) return FALSE;  if ((digitab[*p++] & ctype_digit) == 0) return FALSE;
932  while ((digitab[*p] & ctype_digit) != 0) p++;  while ((digitab[*p] & ctype_digit) != 0) p++;
933  if (*p == '}') return TRUE;  if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
934    
935  if (*p++ != ',') return FALSE;  if (*p++ != CHAR_COMMA) return FALSE;
936  if (*p == '}') return TRUE;  if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
937    
938  if ((digitab[*p++] & ctype_digit) == 0) return FALSE;  if ((digitab[*p++] & ctype_digit) == 0) return FALSE;
939  while ((digitab[*p] & ctype_digit) != 0) p++;  while ((digitab[*p] & ctype_digit) != 0) p++;
940    
941  return (*p == '}');  return (*p == CHAR_RIGHT_CURLY_BRACKET);
942  }  }
943    
944    
# Line 698  read_repeat_counts(const uschar *p, int Line 968  read_repeat_counts(const uschar *p, int
968  int min = 0;  int min = 0;
969  int max = -1;  int max = -1;
970    
971  while ((digitab[*p] & ctype_digit) != 0) min = min * 10 + *p++ - '0';  /* Read the minimum value and do a paranoid check: a negative value indicates
972    an integer overflow. */
973    
974    while ((digitab[*p] & ctype_digit) != 0) min = min * 10 + *p++ - CHAR_0;
975    if (min < 0 || min > 65535)
976      {
977      *errorcodeptr = ERR5;
978      return p;
979      }
980    
981    /* Read the maximum value if there is one, and again do a paranoid on its size.
982    Also, max must not be less than min. */
983    
984  if (*p == '}') max = min; else  if (*p == CHAR_RIGHT_CURLY_BRACKET) max = min; else
985    {    {
986    if (*(++p) != '}')    if (*(++p) != CHAR_RIGHT_CURLY_BRACKET)
987      {      {
988      max = 0;      max = 0;
989      while((digitab[*p] & ctype_digit) != 0) max = max * 10 + *p++ - '0';      while((digitab[*p] & ctype_digit) != 0) max = max * 10 + *p++ - CHAR_0;
990        if (max < 0 || max > 65535)
991          {
992          *errorcodeptr = ERR5;
993          return p;
994          }
995      if (max < min)      if (max < min)
996        {        {
997        *errorcodeptr = ERR4;        *errorcodeptr = ERR4;
# Line 714  if (*p == '}') max = min; else Line 1000  if (*p == '}') max = min; else
1000      }      }
1001    }    }
1002    
1003  /* Do paranoid checks, then fill in the required variables, and pass back the  /* Fill in the required variables, and pass back the pointer to the terminating
1004  pointer to the terminating '}'. */  '}'. */
1005    
1006  if (min > 65535 || max > 65535)  *minp = min;
1007    *errorcodeptr = ERR5;  *maxp = max;
1008  else  return p;
1009    }
1010    
1011    
1012    
1013    /*************************************************
1014    *  Subroutine for finding forward reference      *
1015    *************************************************/
1016    
1017    /* This recursive function is called only from find_parens() below. The
1018    top-level call starts at the beginning of the pattern. All other calls must
1019    start at a parenthesis. It scans along a pattern's text looking for capturing
1020    subpatterns, and counting them. If it finds a named pattern that matches the
1021    name it is given, it returns its number. Alternatively, if the name is NULL, it
1022    returns when it reaches a given numbered subpattern. We know that if (?P< is
1023    encountered, the name will be terminated by '>' because that is checked in the
1024    first pass. Recursion is used to keep track of subpatterns that reset the
1025    capturing group numbers - the (?| feature.
1026    
1027    Arguments:
1028      ptrptr       address of the current character pointer (updated)
1029      cd           compile background data
1030      name         name to seek, or NULL if seeking a numbered subpattern
1031      lorn         name length, or subpattern number if name is NULL
1032      xmode        TRUE if we are in /x mode
1033      count        pointer to the current capturing subpattern number (updated)
1034    
1035    Returns:       the number of the named subpattern, or -1 if not found
1036    */
1037    
1038    static int
1039    find_parens_sub(uschar **ptrptr, compile_data *cd, const uschar *name, int lorn,
1040      BOOL xmode, int *count)
1041    {
1042    uschar *ptr = *ptrptr;
1043    int start_count = *count;
1044    int hwm_count = start_count;
1045    BOOL dup_parens = FALSE;
1046    
1047    /* If the first character is a parenthesis, check on the type of group we are
1048    dealing with. The very first call may not start with a parenthesis. */
1049    
1050    if (ptr[0] == CHAR_LEFT_PARENTHESIS)
1051    {    {
1052    *minp = min;    if (ptr[1] == CHAR_QUESTION_MARK &&
1053    *maxp = max;        ptr[2] == CHAR_VERTICAL_LINE)
1054        {
1055        ptr += 3;
1056        dup_parens = TRUE;
1057        }
1058    
1059      /* Handle a normal, unnamed capturing parenthesis */
1060    
1061      else if (ptr[1] != CHAR_QUESTION_MARK && ptr[1] != CHAR_ASTERISK)
1062        {
1063        *count += 1;
1064        if (name == NULL && *count == lorn) return *count;
1065        ptr++;
1066        }
1067    
1068      /* Handle a condition. If it is an assertion, just carry on so that it
1069      is processed as normal. If not, skip to the closing parenthesis of the
1070      condition (there can't be any nested parens. */
1071    
1072      else if (ptr[2] == CHAR_LEFT_PARENTHESIS)
1073        {
1074        ptr += 2;
1075        if (ptr[1] != CHAR_QUESTION_MARK)
1076          {
1077          while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
1078          if (*ptr != 0) ptr++;
1079          }
1080        }
1081    
1082      /* We have either (? or (* and not a condition */
1083    
1084      else
1085        {
1086        ptr += 2;
1087        if (*ptr == CHAR_P) ptr++;                      /* Allow optional P */
1088    
1089        /* We have to disambiguate (?<! and (?<= from (?<name> for named groups */
1090    
1091        if ((*ptr == CHAR_LESS_THAN_SIGN && ptr[1] != CHAR_EXCLAMATION_MARK &&
1092            ptr[1] != CHAR_EQUALS_SIGN) || *ptr == CHAR_APOSTROPHE)
1093          {
1094          int term;
1095          const uschar *thisname;
1096          *count += 1;
1097          if (name == NULL && *count == lorn) return *count;
1098          term = *ptr++;
1099          if (term == CHAR_LESS_THAN_SIGN) term = CHAR_GREATER_THAN_SIGN;
1100          thisname = ptr;
1101          while (*ptr != term) ptr++;
1102          if (name != NULL && lorn == ptr - thisname &&
1103              strncmp((const char *)name, (const char *)thisname, lorn) == 0)
1104            return *count;
1105          term++;
1106          }
1107        }
1108    }    }
1109  return p;  
1110    /* Past any initial parenthesis handling, scan for parentheses or vertical
1111    bars. */
1112    
1113    for (; *ptr != 0; ptr++)
1114      {
1115      /* Skip over backslashed characters and also entire \Q...\E */
1116    
1117      if (*ptr == CHAR_BACKSLASH)
1118        {
1119        if (*(++ptr) == 0) goto FAIL_EXIT;
1120        if (*ptr == CHAR_Q) for (;;)
1121          {
1122          while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};
1123          if (*ptr == 0) goto FAIL_EXIT;
1124          if (*(++ptr) == CHAR_E) break;
1125          }
1126        continue;
1127        }
1128    
1129      /* Skip over character classes; this logic must be similar to the way they
1130      are handled for real. If the first character is '^', skip it. Also, if the
1131      first few characters (either before or after ^) are \Q\E or \E we skip them
1132      too. This makes for compatibility with Perl. Note the use of STR macros to
1133      encode "Q\\E" so that it works in UTF-8 on EBCDIC platforms. */
1134    
1135      if (*ptr == CHAR_LEFT_SQUARE_BRACKET)
1136        {
1137        BOOL negate_class = FALSE;
1138        for (;;)
1139          {
1140          if (ptr[1] == CHAR_BACKSLASH)
1141            {
1142            if (ptr[2] == CHAR_E)
1143              ptr+= 2;
1144            else if (strncmp((const char *)ptr+2,
1145                     STR_Q STR_BACKSLASH STR_E, 3) == 0)
1146              ptr += 4;
1147            else
1148              break;
1149            }
1150          else if (!negate_class && ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
1151            {
1152            negate_class = TRUE;
1153            ptr++;
1154            }
1155          else break;
1156          }
1157    
1158        /* If the next character is ']', it is a data character that must be
1159        skipped, except in JavaScript compatibility mode. */
1160    
1161        if (ptr[1] == CHAR_RIGHT_SQUARE_BRACKET &&
1162            (cd->external_options & PCRE_JAVASCRIPT_COMPAT) == 0)
1163          ptr++;
1164    
1165        while (*(++ptr) != CHAR_RIGHT_SQUARE_BRACKET)
1166          {
1167          if (*ptr == 0) return -1;
1168          if (*ptr == CHAR_BACKSLASH)
1169            {
1170            if (*(++ptr) == 0) goto FAIL_EXIT;
1171            if (*ptr == CHAR_Q) for (;;)
1172              {
1173              while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};
1174              if (*ptr == 0) goto FAIL_EXIT;
1175              if (*(++ptr) == CHAR_E) break;
1176              }
1177            continue;
1178            }
1179          }
1180        continue;
1181        }
1182    
1183      /* Skip comments in /x mode */
1184    
1185      if (xmode && *ptr == CHAR_NUMBER_SIGN)
1186        {
1187        while (*(++ptr) != 0 && *ptr != CHAR_NL) {};
1188        if (*ptr == 0) goto FAIL_EXIT;
1189        continue;
1190        }
1191    
1192      /* Check for the special metacharacters */
1193    
1194      if (*ptr == CHAR_LEFT_PARENTHESIS)
1195        {
1196        int rc = find_parens_sub(&ptr, cd, name, lorn, xmode, count);
1197        if (rc > 0) return rc;
1198        if (*ptr == 0) goto FAIL_EXIT;
1199        }
1200    
1201      else if (*ptr == CHAR_RIGHT_PARENTHESIS)
1202        {
1203        if (dup_parens && *count < hwm_count) *count = hwm_count;
1204        *ptrptr = ptr;
1205        return -1;
1206        }
1207    
1208      else if (*ptr == CHAR_VERTICAL_LINE && dup_parens)
1209        {
1210        if (*count > hwm_count) hwm_count = *count;
1211        *count = start_count;
1212        }
1213      }
1214    
1215    FAIL_EXIT:
1216    *ptrptr = ptr;
1217    return -1;
1218    }
1219    
1220    
1221    
1222    
1223    /*************************************************
1224    *       Find forward referenced subpattern       *
1225    *************************************************/
1226    
1227    /* This function scans along a pattern's text looking for capturing
1228    subpatterns, and counting them. If it finds a named pattern that matches the
1229    name it is given, it returns its number. Alternatively, if the name is NULL, it
1230    returns when it reaches a given numbered subpattern. This is used for forward
1231    references to subpatterns. We used to be able to start this scan from the
1232    current compiling point, using the current count value from cd->bracount, and
1233    do it all in a single loop, but the addition of the possibility of duplicate
1234    subpattern numbers means that we have to scan from the very start, in order to
1235    take account of such duplicates, and to use a recursive function to keep track
1236    of the different types of group.
1237    
1238    Arguments:
1239      cd           compile background data
1240      name         name to seek, or NULL if seeking a numbered subpattern
1241      lorn         name length, or subpattern number if name is NULL
1242      xmode        TRUE if we are in /x mode
1243    
1244    Returns:       the number of the found subpattern, or -1 if not found
1245    */
1246    
1247    static int
1248    find_parens(compile_data *cd, const uschar *name, int lorn, BOOL xmode)
1249    {
1250    uschar *ptr = (uschar *)cd->start_pattern;
1251    int count = 0;
1252    int rc;
1253    
1254    /* If the pattern does not start with an opening parenthesis, the first call
1255    to find_parens_sub() will scan right to the end (if necessary). However, if it
1256    does start with a parenthesis, find_parens_sub() will return when it hits the
1257    matching closing parens. That is why we have to have a loop. */
1258    
1259    for (;;)
1260      {
1261      rc = find_parens_sub(&ptr, cd, name, lorn, xmode, &count);
1262      if (rc > 0 || *ptr++ == 0) break;
1263      }
1264    
1265    return rc;
1266  }  }
1267    
1268    
1269    
1270    
1271  /*************************************************  /*************************************************
1272  *      Find first significant op code            *  *      Find first significant op code            *
1273  *************************************************/  *************************************************/
# Line 778  for (;;) Line 1317  for (;;)
1317    
1318      case OP_CALLOUT:      case OP_CALLOUT:
1319      case OP_CREF:      case OP_CREF:
1320      case OP_BRANUMBER:      case OP_RREF:
1321        case OP_DEF:
1322      code += _pcre_OP_lengths[*code];      code += _pcre_OP_lengths[*code];
1323      break;      break;
1324    
# Line 793  for (;;) Line 1333  for (;;)
1333    
1334    
1335  /*************************************************  /*************************************************
1336  *        Find the fixed length of a pattern      *  *        Find the fixed length of a branch       *
1337  *************************************************/  *************************************************/
1338    
1339  /* Scan a pattern and compute the fixed length of subject that will match it,  /* Scan a branch and compute the fixed length of subject that will match it,
1340  if the length is fixed. This is needed for dealing with backward assertions.  if the length is fixed. This is needed for dealing with backward assertions.
1341  In UTF8 mode, the result is in characters rather than bytes.  In UTF8 mode, the result is in characters rather than bytes. The branch is
1342    temporarily terminated with OP_END when this function is called.
1343    
1344    This function is called when a backward assertion is encountered, so that if it
1345    fails, the error message can point to the correct place in the pattern.
1346    However, we cannot do this when the assertion contains subroutine calls,
1347    because they can be forward references. We solve this by remembering this case
1348    and doing the check at the end; a flag specifies which mode we are running in.
1349    
1350  Arguments:  Arguments:
1351    code     points to the start of the pattern (the bracket)    code     points to the start of the pattern (the bracket)
1352    options  the compiling options    options  the compiling options
1353      atend    TRUE if called when the pattern is complete
1354      cd       the "compile data" structure
1355    
1356  Returns:   the fixed length, or -1 if there is no fixed length,  Returns:   the fixed length,
1357                 or -1 if there is no fixed length,
1358               or -2 if \C was encountered               or -2 if \C was encountered
1359                 or -3 if an OP_RECURSE item was encountered and atend is FALSE
1360  */  */
1361    
1362  static int  static int
1363  find_fixedlength(uschar *code, int options)  find_fixedlength(uschar *code, int options, BOOL atend, compile_data *cd)
1364  {  {
1365  int length = -1;  int length = -1;
1366    
# Line 822  branch, check the length against that of Line 1373  branch, check the length against that of
1373  for (;;)  for (;;)
1374    {    {
1375    int d;    int d;
1376      uschar *ce, *cs;
1377    register int op = *cc;    register int op = *cc;
   if (op >= OP_BRA) op = OP_BRA;  
   
1378    switch (op)    switch (op)
1379      {      {
1380        case OP_CBRA:
1381      case OP_BRA:      case OP_BRA:
1382      case OP_ONCE:      case OP_ONCE:
1383      case OP_COND:      case OP_COND:
1384      d = find_fixedlength(cc, options);      d = find_fixedlength(cc + ((op == OP_CBRA)? 2:0), options, atend, cd);
1385      if (d < 0) return d;      if (d < 0) return d;
1386      branchlength += d;      branchlength += d;
1387      do cc += GET(cc, 1); while (*cc == OP_ALT);      do cc += GET(cc, 1); while (*cc == OP_ALT);
# Line 852  for (;;) Line 1403  for (;;)
1403      cc += 1 + LINK_SIZE;      cc += 1 + LINK_SIZE;
1404      branchlength = 0;      branchlength = 0;
1405      break;      break;
1406    
1407        /* A true recursion implies not fixed length, but a subroutine call may
1408        be OK. If the subroutine is a forward reference, we can't deal with
1409        it until the end of the pattern, so return -3. */
1410    
1411        case OP_RECURSE:
1412        if (!atend) return -3;
1413        cs = ce = (uschar *)cd->start_code + GET(cc, 1);  /* Start subpattern */
1414        do ce += GET(ce, 1); while (*ce == OP_ALT);       /* End subpattern */
1415        if (cc > cs && cc < ce) return -1;                /* Recursion */
1416        d = find_fixedlength(cs + 2, options, atend, cd);
1417        if (d < 0) return d;
1418        branchlength += d;
1419        cc += 1 + LINK_SIZE;
1420        break;
1421    
1422      /* Skip over assertive subpatterns */      /* Skip over assertive subpatterns */
1423    
# Line 865  for (;;) Line 1431  for (;;)
1431      /* Skip over things that don't match chars */      /* Skip over things that don't match chars */
1432    
1433      case OP_REVERSE:      case OP_REVERSE:
     case OP_BRANUMBER:  
1434      case OP_CREF:      case OP_CREF:
1435        case OP_RREF:
1436        case OP_DEF:
1437      case OP_OPT:      case OP_OPT:
1438      case OP_CALLOUT:      case OP_CALLOUT:
1439      case OP_SOD:      case OP_SOD:
# Line 884  for (;;) Line 1451  for (;;)
1451    
1452      case OP_CHAR:      case OP_CHAR:
1453      case OP_CHARNC:      case OP_CHARNC:
1454        case OP_NOT:
1455      branchlength++;      branchlength++;
1456      cc += 2;      cc += 2;
1457  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
1458      if ((options & PCRE_UTF8) != 0)      if ((options & PCRE_UTF8) != 0 && cc[-1] >= 0xc0)
1459        {        cc += _pcre_utf8_table4[cc[-1] & 0x3f];
       while ((*cc & 0xc0) == 0x80) cc++;  
       }  
1460  #endif  #endif
1461      break;      break;
1462    
# Line 901  for (;;) Line 1467  for (;;)
1467      branchlength += GET2(cc,1);      branchlength += GET2(cc,1);
1468      cc += 4;      cc += 4;
1469  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
1470      if ((options & PCRE_UTF8) != 0)      if ((options & PCRE_UTF8) != 0 && cc[-1] >= 0xc0)
1471        {        cc += _pcre_utf8_table4[cc[-1] & 0x3f];
       while((*cc & 0x80) == 0x80) cc++;  
       }  
1472  #endif  #endif
1473      break;      break;
1474    
1475      case OP_TYPEEXACT:      case OP_TYPEEXACT:
1476      branchlength += GET2(cc,1);      branchlength += GET2(cc,1);
1477        if (cc[3] == OP_PROP || cc[3] == OP_NOTPROP) cc += 2;
1478      cc += 4;      cc += 4;
1479      break;      break;
1480    
# Line 917  for (;;) Line 1482  for (;;)
1482    
1483      case OP_PROP:      case OP_PROP:
1484      case OP_NOTPROP:      case OP_NOTPROP:
1485      cc++;      cc += 2;
1486      /* Fall through */      /* Fall through */
1487    
1488      case OP_NOT_DIGIT:      case OP_NOT_DIGIT:
# Line 927  for (;;) Line 1492  for (;;)
1492      case OP_NOT_WORDCHAR:      case OP_NOT_WORDCHAR:
1493      case OP_WORDCHAR:      case OP_WORDCHAR:
1494      case OP_ANY:      case OP_ANY:
1495        case OP_ALLANY:
1496      branchlength++;      branchlength++;
1497      cc++;      cc++;
1498      break;      break;
# Line 981  for (;;) Line 1547  for (;;)
1547    
1548    
1549  /*************************************************  /*************************************************
1550  *    Scan compiled regex for numbered bracket    *  *    Scan compiled regex for specific bracket    *
1551  *************************************************/  *************************************************/
1552    
1553  /* This little function scans through a compiled pattern until it finds a  /* This little function scans through a compiled pattern until it finds a
1554  capturing bracket with the given number.  capturing bracket with the given number, or, if the number is negative, an
1555    instance of OP_REVERSE for a lookbehind. The function is global in the C sense
1556    so that it can be called from pcre_study() when finding the minimum matching
1557    length.
1558    
1559  Arguments:  Arguments:
1560    code        points to start of expression    code        points to start of expression
1561    utf8        TRUE in UTF-8 mode    utf8        TRUE in UTF-8 mode
1562    number      the required bracket number    number      the required bracket number or negative to find a lookbehind
1563    
1564  Returns:      pointer to the opcode for the bracket, or NULL if not found  Returns:      pointer to the opcode for the bracket, or NULL if not found
1565  */  */
1566    
1567  static const uschar *  const uschar *
1568  find_bracket(const uschar *code, BOOL utf8, int number)  _pcre_find_bracket(const uschar *code, BOOL utf8, int number)
1569  {  {
 #ifndef SUPPORT_UTF8  
 utf8 = utf8;               /* Stop pedantic compilers complaining */  
 #endif  
   
1570  for (;;)  for (;;)
1571    {    {
1572    register int c = *code;    register int c = *code;
1573    if (c == OP_END) return NULL;    if (c == OP_END) return NULL;
1574    else if (c > OP_BRA)  
1575      /* XCLASS is used for classes that cannot be represented just by a bit
1576      map. This includes negated single high-valued characters. The length in
1577      the table is zero; the actual length is stored in the compiled code. */
1578    
1579      if (c == OP_XCLASS) code += GET(code, 1);
1580    
1581      /* Handle recursion */
1582    
1583      else if (c == OP_REVERSE)
1584      {      {
1585      int n = c - OP_BRA;      if (number < 0) return (uschar *)code;
1586      if (n > EXTRACT_BASIC_MAX) n = GET2(code, 2+LINK_SIZE);      code += _pcre_OP_lengths[c];
     if (n == number) return (uschar *)code;  
     code += _pcre_OP_lengths[OP_BRA];  
1587      }      }
1588    else  
1589      /* Handle capturing bracket */
1590    
1591      else if (c == OP_CBRA)
1592      {      {
1593        int n = GET2(code, 1+LINK_SIZE);
1594        if (n == number) return (uschar *)code;
1595      code += _pcre_OP_lengths[c];      code += _pcre_OP_lengths[c];
1596        }
1597    
1598  #ifdef SUPPORT_UTF8    /* Otherwise, we can get the item's length from the table, except that for
1599      repeated character types, we have to test for \p and \P, which have an extra
1600      /* In UTF-8 mode, opcodes that are followed by a character may be followed    two bytes of parameters. */
     by a multi-byte character. The length in the table is a minimum, so we have  
     to scan along to skip the extra bytes. All opcodes are less than 128, so we  
     can use relatively efficient code. */  
1601    
1602      if (utf8) switch(c)    else
1603        {
1604        switch(c)
1605          {
1606          case OP_TYPESTAR:
1607          case OP_TYPEMINSTAR:
1608          case OP_TYPEPLUS:
1609          case OP_TYPEMINPLUS:
1610          case OP_TYPEQUERY:
1611          case OP_TYPEMINQUERY:
1612          case OP_TYPEPOSSTAR:
1613          case OP_TYPEPOSPLUS:
1614          case OP_TYPEPOSQUERY:
1615          if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
1616          break;
1617    
1618          case OP_TYPEUPTO:
1619          case OP_TYPEMINUPTO:
1620          case OP_TYPEEXACT:
1621          case OP_TYPEPOSUPTO:
1622          if (code[3] == OP_PROP || code[3] == OP_NOTPROP) code += 2;
1623          break;
1624          }
1625    
1626        /* Add in the fixed length from the table */
1627    
1628        code += _pcre_OP_lengths[c];
1629    
1630      /* In UTF-8 mode, opcodes that are followed by a character may be followed by
1631      a multi-byte character. The length in the table is a minimum, so we have to
1632      arrange to skip the extra bytes. */
1633    
1634    #ifdef SUPPORT_UTF8
1635        if (utf8) switch(c)
1636        {        {
1637        case OP_CHAR:        case OP_CHAR:
1638        case OP_CHARNC:        case OP_CHARNC:
1639        case OP_EXACT:        case OP_EXACT:
1640        case OP_UPTO:        case OP_UPTO:
1641        case OP_MINUPTO:        case OP_MINUPTO:
1642          case OP_POSUPTO:
1643        case OP_STAR:        case OP_STAR:
1644        case OP_MINSTAR:        case OP_MINSTAR:
1645          case OP_POSSTAR:
1646        case OP_PLUS:        case OP_PLUS:
1647        case OP_MINPLUS:        case OP_MINPLUS:
1648          case OP_POSPLUS:
1649        case OP_QUERY:        case OP_QUERY:
1650        case OP_MINQUERY:        case OP_MINQUERY:
1651        while ((*code & 0xc0) == 0x80) code++;        case OP_POSQUERY:
1652        break;        if (code[-1] >= 0xc0) code += _pcre_utf8_table4[code[-1] & 0x3f];
   
       /* XCLASS is used for classes that cannot be represented just by a bit  
       map. This includes negated single high-valued characters. The length in  
       the table is zero; the actual length is stored in the compiled code. */  
   
       case OP_XCLASS:  
       code += GET(code, 1) + 1;  
1653        break;        break;
1654        }        }
1655    #else
1656        (void)(utf8);  /* Keep compiler happy by referencing function argument */
1657  #endif  #endif
1658      }      }
1659    }    }
# Line 1072  Returns:      pointer to the opcode for Line 1678  Returns:      pointer to the opcode for
1678  static const uschar *  static const uschar *
1679  find_recurse(const uschar *code, BOOL utf8)  find_recurse(const uschar *code, BOOL utf8)
1680  {  {
 #ifndef SUPPORT_UTF8  
 utf8 = utf8;               /* Stop pedantic compilers complaining */  
 #endif  
   
1681  for (;;)  for (;;)
1682    {    {
1683    register int c = *code;    register int c = *code;
1684    if (c == OP_END) return NULL;    if (c == OP_END) return NULL;
1685    else if (c == OP_RECURSE) return code;    if (c == OP_RECURSE) return code;
1686    else if (c > OP_BRA)  
1687      {    /* XCLASS is used for classes that cannot be represented just by a bit
1688      code += _pcre_OP_lengths[OP_BRA];    map. This includes negated single high-valued characters. The length in
1689      }    the table is zero; the actual length is stored in the compiled code. */
1690    
1691      if (c == OP_XCLASS) code += GET(code, 1);
1692    
1693      /* Otherwise, we can get the item's length from the table, except that for
1694      repeated character types, we have to test for \p and \P, which have an extra
1695      two bytes of parameters. */
1696    
1697    else    else
1698      {      {
1699      code += _pcre_OP_lengths[c];      switch(c)
1700          {
1701          case OP_TYPESTAR:
1702          case OP_TYPEMINSTAR:
1703          case OP_TYPEPLUS:
1704          case OP_TYPEMINPLUS:
1705          case OP_TYPEQUERY:
1706          case OP_TYPEMINQUERY:
1707          case OP_TYPEPOSSTAR:
1708          case OP_TYPEPOSPLUS:
1709          case OP_TYPEPOSQUERY:
1710          if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
1711          break;
1712    
1713  #ifdef SUPPORT_UTF8        case OP_TYPEPOSUPTO:
1714          case OP_TYPEUPTO:
1715          case OP_TYPEMINUPTO:
1716          case OP_TYPEEXACT:
1717          if (code[3] == OP_PROP || code[3] == OP_NOTPROP) code += 2;
1718          break;
1719          }
1720    
1721        /* Add in the fixed length from the table */
1722    
1723        code += _pcre_OP_lengths[c];
1724    
1725      /* In UTF-8 mode, opcodes that are followed by a character may be followed      /* In UTF-8 mode, opcodes that are followed by a character may be followed
1726      by a multi-byte character. The length in the table is a minimum, so we have      by a multi-byte character. The length in the table is a minimum, so we have
1727      to scan along to skip the extra bytes. All opcodes are less than 128, so we      to arrange to skip the extra bytes. */
     can use relatively efficient code. */  
1728    
1729    #ifdef SUPPORT_UTF8
1730      if (utf8) switch(c)      if (utf8) switch(c)
1731        {        {
1732        case OP_CHAR:        case OP_CHAR:
# Line 1103  for (;;) Line 1734  for (;;)
1734        case OP_EXACT:        case OP_EXACT:
1735        case OP_UPTO:        case OP_UPTO:
1736        case OP_MINUPTO:        case OP_MINUPTO:
1737          case OP_POSUPTO:
1738        case OP_STAR:        case OP_STAR:
1739        case OP_MINSTAR:        case OP_MINSTAR:
1740          case OP_POSSTAR:
1741        case OP_PLUS:        case OP_PLUS:
1742        case OP_MINPLUS:        case OP_MINPLUS:
1743          case OP_POSPLUS:
1744        case OP_QUERY:        case OP_QUERY:
1745        case OP_MINQUERY:        case OP_MINQUERY:
1746        while ((*code & 0xc0) == 0x80) code++;        case OP_POSQUERY:
1747        break;        if (code[-1] >= 0xc0) code += _pcre_utf8_table4[code[-1] & 0x3f];
   
       /* XCLASS is used for classes that cannot be represented just by a bit  
       map. This includes negated single high-valued characters. The length in  
       the table is zero; the actual length is stored in the compiled code. */  
   
       case OP_XCLASS:  
       code += GET(code, 1) + 1;  
1748        break;        break;
1749        }        }
1750    #else
1751        (void)(utf8);  /* Keep compiler happy by referencing function argument */
1752  #endif  #endif
1753      }      }
1754    }    }
# Line 1132  for (;;) Line 1761  for (;;)
1761  *************************************************/  *************************************************/
1762    
1763  /* This function scans through a branch of a compiled pattern to see whether it  /* This function scans through a branch of a compiled pattern to see whether it
1764  can match the empty string or not. It is called only from could_be_empty()  can match the empty string or not. It is called from could_be_empty()
1765  below. Note that first_significant_code() skips over assertions. If we hit an  below and from compile_branch() when checking for an unlimited repeat of a
1766  unclosed bracket, we return "empty" - this means we've struck an inner bracket  group that can match nothing. Note that first_significant_code() skips over
1767  whose current branch will already have been scanned.  backward and negative forward assertions when its final argument is TRUE. If we
1768    hit an unclosed bracket, we return "empty" - this means we've struck an inner
1769    bracket whose current branch will already have been scanned.
1770    
1771  Arguments:  Arguments:
1772    code        points to start of search    code        points to start of search
# Line 1149  static BOOL Line 1780  static BOOL
1780  could_be_empty_branch(const uschar *code, const uschar *endcode, BOOL utf8)  could_be_empty_branch(const uschar *code, const uschar *endcode, BOOL utf8)
1781  {  {
1782  register int c;  register int c;
1783  for (code = first_significant_code(code + 1 + LINK_SIZE, NULL, 0, TRUE);  for (code = first_significant_code(code + _pcre_OP_lengths[*code], NULL, 0, TRUE);
1784       code < endcode;       code < endcode;
1785       code = first_significant_code(code + _pcre_OP_lengths[c], NULL, 0, TRUE))       code = first_significant_code(code + _pcre_OP_lengths[c], NULL, 0, TRUE))
1786    {    {
# Line 1157  for (code = first_significant_code(code Line 1788  for (code = first_significant_code(code
1788    
1789    c = *code;    c = *code;
1790    
1791    if (c >= OP_BRA)    /* Skip over forward assertions; the other assertions are skipped by
1792      first_significant_code() with a TRUE final argument. */
1793    
1794      if (c == OP_ASSERT)
1795        {
1796        do code += GET(code, 1); while (*code == OP_ALT);
1797        c = *code;
1798        continue;
1799        }
1800    
1801      /* Groups with zero repeats can of course be empty; skip them. */
1802    
1803      if (c == OP_BRAZERO || c == OP_BRAMINZERO || c == OP_SKIPZERO)
1804        {
1805        code += _pcre_OP_lengths[c];
1806        do code += GET(code, 1); while (*code == OP_ALT);
1807        c = *code;
1808        continue;
1809        }
1810    
1811      /* For other groups, scan the branches. */
1812    
1813      if (c == OP_BRA || c == OP_CBRA || c == OP_ONCE || c == OP_COND)
1814      {      {
1815      BOOL empty_branch;      BOOL empty_branch;
1816      if (GET(code, 1) == 0) return TRUE;    /* Hit unclosed bracket */      if (GET(code, 1) == 0) return TRUE;    /* Hit unclosed bracket */
1817    
1818      /* Scan a closed bracket */      /* If a conditional group has only one branch, there is a second, implied,
1819        empty branch, so just skip over the conditional, because it could be empty.
1820        Otherwise, scan the individual branches of the group. */
1821    
1822      empty_branch = FALSE;      if (c == OP_COND && code[GET(code, 1)] != OP_ALT)
     do  
       {  
       if (!empty_branch && could_be_empty_branch(code, endcode, utf8))  
         empty_branch = TRUE;  
1823        code += GET(code, 1);        code += GET(code, 1);
1824        else
1825          {
1826          empty_branch = FALSE;
1827          do
1828            {
1829            if (!empty_branch && could_be_empty_branch(code, endcode, utf8))
1830              empty_branch = TRUE;
1831            code += GET(code, 1);
1832            }
1833          while (*code == OP_ALT);
1834          if (!empty_branch) return FALSE;   /* All branches are non-empty */
1835        }        }
1836      while (*code == OP_ALT);  
     if (!empty_branch) return FALSE;   /* All branches are non-empty */  
     code += 1 + LINK_SIZE;  
1837      c = *code;      c = *code;
1838        continue;
1839      }      }
1840    
1841    else switch (c)    /* Handle the other opcodes */
1842    
1843      switch (c)
1844      {      {
1845      /* Check for quantifiers after a class */      /* Check for quantifiers after a class. XCLASS is used for classes that
1846        cannot be represented just by a bit map. This includes negated single
1847        high-valued characters. The length in _pcre_OP_lengths[] is zero; the
1848        actual length is stored in the compiled code, so we must update "code"
1849        here. */
1850    
1851  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
1852      case OP_XCLASS:      case OP_XCLASS:
1853      ccode = code + GET(code, 1);      ccode = code += GET(code, 1);
1854      goto CHECK_CLASS_REPEAT;      goto CHECK_CLASS_REPEAT;
1855  #endif  #endif
1856    
# Line 1227  for (code = first_significant_code(code Line 1894  for (code = first_significant_code(code
1894      case OP_NOT_WORDCHAR:      case OP_NOT_WORDCHAR:
1895      case OP_WORDCHAR:      case OP_WORDCHAR:
1896      case OP_ANY:      case OP_ANY:
1897        case OP_ALLANY:
1898      case OP_ANYBYTE:      case OP_ANYBYTE:
1899      case OP_CHAR:      case OP_CHAR:
1900      case OP_CHARNC:      case OP_CHARNC:
1901      case OP_NOT:      case OP_NOT:
1902      case OP_PLUS:      case OP_PLUS:
1903      case OP_MINPLUS:      case OP_MINPLUS:
1904        case OP_POSPLUS:
1905      case OP_EXACT:      case OP_EXACT:
1906      case OP_NOTPLUS:      case OP_NOTPLUS:
1907      case OP_NOTMINPLUS:      case OP_NOTMINPLUS:
1908        case OP_NOTPOSPLUS:
1909      case OP_NOTEXACT:      case OP_NOTEXACT:
1910      case OP_TYPEPLUS:      case OP_TYPEPLUS:
1911      case OP_TYPEMINPLUS:      case OP_TYPEMINPLUS:
1912        case OP_TYPEPOSPLUS:
1913      case OP_TYPEEXACT:      case OP_TYPEEXACT:
1914      return FALSE;      return FALSE;
1915    
1916        /* These are going to continue, as they may be empty, but we have to
1917        fudge the length for the \p and \P cases. */
1918    
1919        case OP_TYPESTAR:
1920        case OP_TYPEMINSTAR:
1921        case OP_TYPEPOSSTAR:
1922        case OP_TYPEQUERY:
1923        case OP_TYPEMINQUERY:
1924        case OP_TYPEPOSQUERY:
1925        if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
1926        break;
1927    
1928        /* Same for these */
1929    
1930        case OP_TYPEUPTO:
1931        case OP_TYPEMINUPTO:
1932        case OP_TYPEPOSUPTO:
1933        if (code[3] == OP_PROP || code[3] == OP_NOTPROP) code += 2;
1934        break;
1935    
1936      /* End of branch */      /* End of branch */
1937    
1938      case OP_KET:      case OP_KET:
# Line 1250  for (code = first_significant_code(code Line 1941  for (code = first_significant_code(code
1941      case OP_ALT:      case OP_ALT:
1942      return TRUE;      return TRUE;
1943    
1944      /* In UTF-8 mode, STAR, MINSTAR, QUERY, MINQUERY, UPTO, and MINUPTO  may be      /* In UTF-8 mode, STAR, MINSTAR, POSSTAR, QUERY, MINQUERY, POSQUERY, UPTO,
1945      followed by a multibyte character */      MINUPTO, and POSUPTO may be followed by a multibyte character */
1946    
1947  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
1948      case OP_STAR:      case OP_STAR:
1949      case OP_MINSTAR:      case OP_MINSTAR:
1950        case OP_POSSTAR:
1951      case OP_QUERY:      case OP_QUERY:
1952      case OP_MINQUERY:      case OP_MINQUERY:
1953        case OP_POSQUERY:
1954        if (utf8 && code[1] >= 0xc0) code += _pcre_utf8_table4[code[1] & 0x3f];
1955        break;
1956    
1957      case OP_UPTO:      case OP_UPTO:
1958      case OP_MINUPTO:      case OP_MINUPTO:
1959      if (utf8) while ((code[2] & 0xc0) == 0x80) code++;      case OP_POSUPTO:
1960        if (utf8 && code[3] >= 0xc0) code += _pcre_utf8_table4[code[3] & 0x3f];
1961      break;      break;
1962  #endif  #endif
1963      }      }
# Line 1308  return TRUE; Line 2005  return TRUE;
2005  *************************************************/  *************************************************/
2006    
2007  /* This function is called when the sequence "[:" or "[." or "[=" is  /* This function is called when the sequence "[:" or "[." or "[=" is
2008  encountered in a character class. It checks whether this is followed by an  encountered in a character class. It checks whether this is followed by a
2009  optional ^ and then a sequence of letters, terminated by a matching ":]" or  sequence of characters terminated by a matching ":]" or ".]" or "=]". If we
2010  ".]" or "=]".  reach an unescaped ']' without the special preceding character, return FALSE.
2011    
2012    Originally, this function only recognized a sequence of letters between the
2013    terminators, but it seems that Perl recognizes any sequence of characters,
2014    though of course unknown POSIX names are subsequently rejected. Perl gives an
2015    "Unknown POSIX class" error for [:f\oo:] for example, where previously PCRE
2016    didn't consider this to be a POSIX class. Likewise for [:1234:].
2017    
2018    The problem in trying to be exactly like Perl is in the handling of escapes. We
2019    have to be sure that [abc[:x\]pqr] is *not* treated as containing a POSIX
2020    class, but [abc[:x\]pqr:]] is (so that an error can be generated). The code
2021    below handles the special case of \], but does not try to do any other escape
2022    processing. This makes it different from Perl for cases such as [:l\ower:]
2023    where Perl recognizes it as the POSIX class "lower" but PCRE does not recognize
2024    "l\ower". This is a lesser evil that not diagnosing bad classes when Perl does,
2025    I think.
2026    
2027  Argument:  Arguments:
2028    ptr      pointer to the initial [    ptr      pointer to the initial [
2029    endptr   where to return the end pointer    endptr   where to return the end pointer
   cd       pointer to compile data  
2030    
2031  Returns:   TRUE or FALSE  Returns:   TRUE or FALSE
2032  */  */
2033    
2034  static BOOL  static BOOL
2035  check_posix_syntax(const uschar *ptr, const uschar **endptr, compile_data *cd)  check_posix_syntax(const uschar *ptr, const uschar **endptr)
2036  {  {
2037  int terminator;          /* Don't combine these lines; the Solaris cc */  int terminator;          /* Don't combine these lines; the Solaris cc */
2038  terminator = *(++ptr);   /* compiler warns about "non-constant" initializer. */  terminator = *(++ptr);   /* compiler warns about "non-constant" initializer. */
2039  if (*(++ptr) == '^') ptr++;  for (++ptr; *ptr != 0; ptr++)
 while ((cd->ctypes[*ptr] & ctype_letter) != 0) ptr++;  
 if (*ptr == terminator && ptr[1] == ']')  
2040    {    {
2041    *endptr = ptr;    if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET) ptr++; else
2042    return TRUE;      {
2043        if (*ptr == CHAR_RIGHT_SQUARE_BRACKET) return FALSE;
2044        if (*ptr == terminator && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
2045          {
2046          *endptr = ptr;
2047          return TRUE;
2048          }
2049        }
2050    }    }
2051  return FALSE;  return FALSE;
2052  }  }
# Line 1355  Returns:     a value representing the na Line 2071  Returns:     a value representing the na
2071  static int  static int
2072  check_posix_name(const uschar *ptr, int len)  check_posix_name(const uschar *ptr, int len)
2073  {  {
2074    const char *pn = posix_names;
2075  register int yield = 0;  register int yield = 0;
2076  while (posix_name_lengths[yield] != 0)  while (posix_name_lengths[yield] != 0)
2077    {    {
2078    if (len == posix_name_lengths[yield] &&    if (len == posix_name_lengths[yield] &&
2079      strncmp((const char *)ptr, posix_names[yield], len) == 0) return yield;      strncmp((const char *)ptr, pn, len) == 0) return yield;
2080      pn += posix_name_lengths[yield] + 1;
2081    yield++;    yield++;
2082    }    }
2083  return -1;  return -1;
# Line 1374  return -1; Line 2092  return -1;
2092  that is referenced. This means that groups can be replicated for fixed  that is referenced. This means that groups can be replicated for fixed
2093  repetition simply by copying (because the recursion is allowed to refer to  repetition simply by copying (because the recursion is allowed to refer to
2094  earlier groups that are outside the current group). However, when a group is  earlier groups that are outside the current group). However, when a group is
2095  optional (i.e. the minimum quantifier is zero), OP_BRAZERO is inserted before  optional (i.e. the minimum quantifier is zero), OP_BRAZERO or OP_SKIPZERO is
2096  it, after it has been compiled. This means that any OP_RECURSE items within it  inserted before it, after it has been compiled. This means that any OP_RECURSE
2097  that refer to the group itself or any contained groups have to have their  items within it that refer to the group itself or any contained groups have to
2098  offsets adjusted. That is the job of this function. Before it is called, the  have their offsets adjusted. That one of the jobs of this function. Before it
2099  partially compiled regex must be temporarily terminated with OP_END.  is called, the partially compiled regex must be temporarily terminated with
2100    OP_END.
2101    
2102    This function has been extended with the possibility of forward references for
2103    recursions and subroutine calls. It must also check the list of such references
2104    for the group we are dealing with. If it finds that one of the recursions in
2105    the current group is on this list, it adjusts the offset in the list, not the
2106    value in the reference (which is a group number).
2107    
2108  Arguments:  Arguments:
2109    group      points to the start of the group    group      points to the start of the group
2110    adjust     the amount by which the group is to be moved    adjust     the amount by which the group is to be moved
2111    utf8       TRUE in UTF-8 mode    utf8       TRUE in UTF-8 mode
2112    cd         contains pointers to tables etc.    cd         contains pointers to tables etc.
2113      save_hwm   the hwm forward reference pointer at the start of the group
2114    
2115  Returns:     nothing  Returns:     nothing
2116  */  */
2117    
2118  static void  static void
2119  adjust_recurse(uschar *group, int adjust, BOOL utf8, compile_data *cd)  adjust_recurse(uschar *group, int adjust, BOOL utf8, compile_data *cd,
2120      uschar *save_hwm)
2121  {  {
2122  uschar *ptr = group;  uschar *ptr = group;
2123    
2124  while ((ptr = (uschar *)find_recurse(ptr, utf8)) != NULL)  while ((ptr = (uschar *)find_recurse(ptr, utf8)) != NULL)
2125    {    {
2126    int offset = GET(ptr, 1);    int offset;
2127    if (cd->start_code + offset >= group) PUT(ptr, 1, offset + adjust);    uschar *hc;
2128    
2129      /* See if this recursion is on the forward reference list. If so, adjust the
2130      reference. */
2131    
2132      for (hc = save_hwm; hc < cd->hwm; hc += LINK_SIZE)
2133        {
2134        offset = GET(hc, 0);
2135        if (cd->start_code + offset == ptr + 1)
2136          {
2137          PUT(hc, 0, offset + adjust);
2138          break;
2139          }
2140        }
2141    
2142      /* Otherwise, adjust the recursion offset if it's after the start of this
2143      group. */
2144    
2145      if (hc >= cd->hwm)
2146        {
2147        offset = GET(ptr, 1);
2148        if (cd->start_code + offset >= group) PUT(ptr, 1, offset + adjust);
2149        }
2150    
2151    ptr += 1 + LINK_SIZE;    ptr += 1 + LINK_SIZE;
2152    }    }
2153  }  }
# Line 1475  Yield:        TRUE when range returned; Line 2226  Yield:        TRUE when range returned;
2226  */  */
2227    
2228  static BOOL  static BOOL
2229  get_othercase_range(int *cptr, int d, int *ocptr, int *odptr)  get_othercase_range(unsigned int *cptr, unsigned int d, unsigned int *ocptr,
2230      unsigned int *odptr)
2231  {  {
2232  int c, chartype, othercase, next;  unsigned int c, othercase, next;
2233    
2234  for (c = *cptr; c <= d; c++)  for (c = *cptr; c <= d; c++)
2235    {    { if ((othercase = UCD_OTHERCASE(c)) != c) break; }
   if (_pcre_ucp_findchar(c, &chartype, &othercase) == ucp_L && othercase != 0)  
     break;  
   }  
2236    
2237  if (c > d) return FALSE;  if (c > d) return FALSE;
2238    
# Line 1492  next = othercase + 1; Line 2241  next = othercase + 1;
2241    
2242  for (++c; c <= d; c++)  for (++c; c <= d; c++)
2243    {    {
2244    if (_pcre_ucp_findchar(c, &chartype, &othercase) != ucp_L ||    if (UCD_OTHERCASE(c) != next) break;
         othercase != next)  
     break;  
2245    next++;    next++;
2246    }    }
2247    
# Line 1506  return TRUE; Line 2253  return TRUE;
2253  #endif  /* SUPPORT_UCP */  #endif  /* SUPPORT_UCP */
2254    
2255    
2256    
2257    /*************************************************
2258    *     Check if auto-possessifying is possible    *
2259    *************************************************/
2260    
2261    /* This function is called for unlimited repeats of certain items, to see
2262    whether the next thing could possibly match the repeated item. If not, it makes
2263    sense to automatically possessify the repeated item.
2264    
2265    Arguments:
2266      op_code       the repeated op code
2267      this          data for this item, depends on the opcode
2268      utf8          TRUE in UTF-8 mode
2269      utf8_char     used for utf8 character bytes, NULL if not relevant
2270      ptr           next character in pattern
2271      options       options bits
2272      cd            contains pointers to tables etc.
2273    
2274    Returns:        TRUE if possessifying is wanted
2275    */
2276    
2277    static BOOL
2278    check_auto_possessive(int op_code, int item, BOOL utf8, uschar *utf8_char,
2279      const uschar *ptr, int options, compile_data *cd)
2280    {
2281    int next;
2282    
2283    /* Skip whitespace and comments in extended mode */
2284    
2285    if ((options & PCRE_EXTENDED) != 0)
2286      {
2287      for (;;)
2288        {
2289        while ((cd->ctypes[*ptr] & ctype_space) != 0) ptr++;
2290        if (*ptr == CHAR_NUMBER_SIGN)
2291          {
2292          while (*(++ptr) != 0)
2293            if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }
2294          }
2295        else break;
2296        }
2297      }
2298    
2299    /* If the next item is one that we can handle, get its value. A non-negative
2300    value is a character, a negative value is an escape value. */
2301    
2302    if (*ptr == CHAR_BACKSLASH)
2303      {
2304      int temperrorcode = 0;
2305      next = check_escape(&ptr, &temperrorcode, cd->bracount, options, FALSE);
2306      if (temperrorcode != 0) return FALSE;
2307      ptr++;    /* Point after the escape sequence */
2308      }
2309    
2310    else if ((cd->ctypes[*ptr] & ctype_meta) == 0)
2311      {
2312    #ifdef SUPPORT_UTF8
2313      if (utf8) { GETCHARINC(next, ptr); } else
2314    #endif
2315      next = *ptr++;
2316      }
2317    
2318    else return FALSE;
2319    
2320    /* Skip whitespace and comments in extended mode */
2321    
2322    if ((options & PCRE_EXTENDED) != 0)
2323      {
2324      for (;;)
2325        {
2326        while ((cd->ctypes[*ptr] & ctype_space) != 0) ptr++;
2327        if (*ptr == CHAR_NUMBER_SIGN)
2328          {
2329          while (*(++ptr) != 0)
2330            if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }
2331          }
2332        else break;
2333        }
2334      }
2335    
2336    /* If the next thing is itself optional, we have to give up. */
2337    
2338    if (*ptr == CHAR_ASTERISK || *ptr == CHAR_QUESTION_MARK ||
2339      strncmp((char *)ptr, STR_LEFT_CURLY_BRACKET STR_0 STR_COMMA, 3) == 0)
2340        return FALSE;
2341    
2342    /* Now compare the next item with the previous opcode. If the previous is a
2343    positive single character match, "item" either contains the character or, if
2344    "item" is greater than 127 in utf8 mode, the character's bytes are in
2345    utf8_char. */
2346    
2347    
2348    /* Handle cases when the next item is a character. */
2349    
2350    if (next >= 0) switch(op_code)
2351      {
2352      case OP_CHAR:
2353    #ifdef SUPPORT_UTF8
2354      if (utf8 && item > 127) { GETCHAR(item, utf8_char); }
2355    #else
2356      (void)(utf8_char);  /* Keep compiler happy by referencing function argument */
2357    #endif
2358      return item != next;
2359    
2360      /* For CHARNC (caseless character) we must check the other case. If we have
2361      Unicode property support, we can use it to test the other case of
2362      high-valued characters. */
2363    
2364      case OP_CHARNC:
2365    #ifdef SUPPORT_UTF8
2366      if (utf8 && item > 127) { GETCHAR(item, utf8_char); }
2367    #endif
2368      if (item == next) return FALSE;
2369    #ifdef SUPPORT_UTF8
2370      if (utf8)
2371        {
2372        unsigned int othercase;
2373        if (next < 128) othercase = cd->fcc[next]; else
2374    #ifdef SUPPORT_UCP
2375        othercase = UCD_OTHERCASE((unsigned int)next);
2376    #else
2377        othercase = NOTACHAR;
2378    #endif
2379        return (unsigned int)item != othercase;
2380        }
2381      else
2382    #endif  /* SUPPORT_UTF8 */
2383      return (item != cd->fcc[next]);  /* Non-UTF-8 mode */
2384    
2385      /* For OP_NOT, "item" must be a single-byte character. */
2386    
2387      case OP_NOT:
2388      if (item == next) return TRUE;
2389      if ((options & PCRE_CASELESS) == 0) return FALSE;
2390    #ifdef SUPPORT_UTF8
2391      if (utf8)
2392        {
2393        unsigned int othercase;
2394        if (next < 128) othercase = cd->fcc[next]; else
2395    #ifdef SUPPORT_UCP
2396        othercase = UCD_OTHERCASE(next);
2397    #else
2398        othercase = NOTACHAR;
2399    #endif
2400        return (unsigned int)item == othercase;
2401        }
2402      else
2403    #endif  /* SUPPORT_UTF8 */
2404      return (item == cd->fcc[next]);  /* Non-UTF-8 mode */
2405    
2406      case OP_DIGIT:
2407      return next > 127 || (cd->ctypes[next] & ctype_digit) == 0;
2408    
2409      case OP_NOT_DIGIT:
2410      return next <= 127 && (cd->ctypes[next] & ctype_digit) != 0;
2411    
2412      case OP_WHITESPACE:
2413      return next > 127 || (cd->ctypes[next] & ctype_space) == 0;
2414    
2415      case OP_NOT_WHITESPACE:
2416      return next <= 127 && (cd->ctypes[next] & ctype_space) != 0;
2417    
2418      case OP_WORDCHAR:
2419      return next > 127 || (cd->ctypes[next] & ctype_word) == 0;
2420    
2421      case OP_NOT_WORDCHAR:
2422      return next <= 127 && (cd->ctypes[next] & ctype_word) != 0;
2423    
2424      case OP_HSPACE:
2425      case OP_NOT_HSPACE:
2426      switch(next)
2427        {
2428        case 0x09:
2429        case 0x20:
2430        case 0xa0:
2431        case 0x1680:
2432        case 0x180e:
2433        case 0x2000:
2434        case 0x2001:
2435        case 0x2002:
2436        case 0x2003:
2437        case 0x2004:
2438        case 0x2005:
2439        case 0x2006:
2440        case 0x2007:
2441        case 0x2008:
2442        case 0x2009:
2443        case 0x200A:
2444        case 0x202f:
2445        case 0x205f:
2446        case 0x3000:
2447        return op_code != OP_HSPACE;
2448        default:
2449        return op_code == OP_HSPACE;
2450        }
2451    
2452      case OP_VSPACE:
2453      case OP_NOT_VSPACE:
2454      switch(next)
2455        {
2456        case 0x0a:
2457        case 0x0b:
2458        case 0x0c:
2459        case 0x0d:
2460        case 0x85:
2461        case 0x2028:
2462        case 0x2029:
2463        return op_code != OP_VSPACE;
2464        default:
2465        return op_code == OP_VSPACE;
2466        }
2467    
2468      default:
2469      return FALSE;
2470      }
2471    
2472    
2473    /* Handle the case when the next item is \d, \s, etc. */
2474    
2475    switch(op_code)
2476      {
2477      case OP_CHAR:
2478      case OP_CHARNC:
2479    #ifdef SUPPORT_UTF8
2480      if (utf8 && item > 127) { GETCHAR(item, utf8_char); }
2481    #endif
2482      switch(-next)
2483        {
2484        case ESC_d:
2485        return item > 127 || (cd->ctypes[item] & ctype_digit) == 0;
2486    
2487        case ESC_D:
2488        return item <= 127 && (cd->ctypes[item] & ctype_digit) != 0;
2489    
2490        case ESC_s:
2491        return item > 127 || (cd->ctypes[item] & ctype_space) == 0;
2492    
2493        case ESC_S:
2494        return item <= 127 && (cd->ctypes[item] & ctype_space) != 0;
2495    
2496        case ESC_w:
2497        return item > 127 || (cd->ctypes[item] & ctype_word) == 0;
2498    
2499        case ESC_W:
2500        return item <= 127 && (cd->ctypes[item] & ctype_word) != 0;
2501    
2502        case ESC_h:
2503        case ESC_H:
2504        switch(item)
2505          {
2506          case 0x09:
2507          case 0x20:
2508          case 0xa0:
2509          case 0x1680:
2510          case 0x180e:
2511          case 0x2000:
2512          case 0x2001:
2513          case 0x2002:
2514          case 0x2003:
2515          case 0x2004:
2516          case 0x2005:
2517          case 0x2006:
2518          case 0x2007:
2519          case 0x2008:
2520          case 0x2009:
2521          case 0x200A:
2522          case 0x202f:
2523          case 0x205f:
2524          case 0x3000:
2525          return -next != ESC_h;
2526          default:
2527          return -next == ESC_h;
2528          }
2529    
2530        case ESC_v:
2531        case ESC_V:
2532        switch(item)
2533          {
2534          case 0x0a:
2535          case 0x0b:
2536          case 0x0c:
2537          case 0x0d:
2538          case 0x85:
2539          case 0x2028:
2540          case 0x2029:
2541          return -next != ESC_v;
2542          default:
2543          return -next == ESC_v;
2544          }
2545    
2546        default:
2547        return FALSE;
2548        }
2549    
2550      case OP_DIGIT:
2551      return next == -ESC_D || next == -ESC_s || next == -ESC_W ||
2552             next == -ESC_h || next == -ESC_v;
2553    
2554      case OP_NOT_DIGIT:
2555      return next == -ESC_d;
2556    
2557      case OP_WHITESPACE:
2558      return next == -ESC_S || next == -ESC_d || next == -ESC_w;
2559    
2560      case OP_NOT_WHITESPACE:
2561      return next == -ESC_s || next == -ESC_h || next == -ESC_v;
2562    
2563      case OP_HSPACE:
2564      return next == -ESC_S || next == -ESC_H || next == -ESC_d || next == -ESC_w;
2565    
2566      case OP_NOT_HSPACE:
2567      return next == -ESC_h;
2568    
2569      /* Can't have \S in here because VT matches \S (Perl anomaly) */
2570      case OP_VSPACE:
2571      return next == -ESC_V || next == -ESC_d || next == -ESC_w;
2572    
2573      case OP_NOT_VSPACE:
2574      return next == -ESC_v;
2575    
2576      case OP_WORDCHAR:
2577      return next == -ESC_W || next == -ESC_s || next == -ESC_h || next == -ESC_v;
2578    
2579      case OP_NOT_WORDCHAR:
2580      return next == -ESC_w || next == -ESC_d;
2581    
2582      default:
2583      return FALSE;
2584      }
2585    
2586    /* Control does not reach here */
2587    }
2588    
2589    
2590    
2591  /*************************************************  /*************************************************
2592  *           Compile one branch                   *  *           Compile one branch                   *
2593  *************************************************/  *************************************************/
2594    
2595  /* Scan the pattern, compiling it into the code vector. If the options are  /* Scan the pattern, compiling it into the a vector. If the options are
2596  changed during the branch, the pointer is used to change the external options  changed during the branch, the pointer is used to change the external options
2597  bits.  bits. This function is used during the pre-compile phase when we are trying
2598    to find out the amount of memory needed, as well as during the real compile
2599    phase. The value of lengthptr distinguishes the two phases.
2600    
2601  Arguments:  Arguments:
2602    optionsptr     pointer to the option bits    optionsptr     pointer to the option bits
   brackets       points to number of extracting brackets used  
2603    codeptr        points to the pointer to the current code point    codeptr        points to the pointer to the current code point
2604    ptrptr         points to the current pattern pointer    ptrptr         points to the current pattern pointer
2605    errorcodeptr   points to error code variable    errorcodeptr   points to error code variable
# Line 1524  Arguments: Line 2607  Arguments:
2607    reqbyteptr     set to the last literal character required, else < 0    reqbyteptr     set to the last literal character required, else < 0
2608    bcptr          points to current branch chain    bcptr          points to current branch chain
2609    cd             contains pointers to tables etc.    cd             contains pointers to tables etc.
2610      lengthptr      NULL during the real compile phase
2611                     points to length accumulator during pre-compile phase
2612    
2613  Returns:         TRUE on success  Returns:         TRUE on success
2614                   FALSE, with *errorcodeptr set non-zero on error                   FALSE, with *errorcodeptr set non-zero on error
2615  */  */
2616    
2617  static BOOL  static BOOL
2618  compile_branch(int *optionsptr, int *brackets, uschar **codeptr,  compile_branch(int *optionsptr, uschar **codeptr, const uschar **ptrptr,
2619    const uschar **ptrptr, int *errorcodeptr, int *firstbyteptr,    int *errorcodeptr, int *firstbyteptr, int *reqbyteptr, branch_chain *bcptr,
2620    int *reqbyteptr, branch_chain *bcptr, compile_data *cd)    compile_data *cd, int *lengthptr)
2621  {  {
2622  int repeat_type, op_type;  int repeat_type, op_type;
2623  int repeat_min = 0, repeat_max = 0;      /* To please picky compilers */  int repeat_min = 0, repeat_max = 0;      /* To please picky compilers */
# Line 1541  int greedy_default, greedy_non_default; Line 2626  int greedy_default, greedy_non_default;
2626  int firstbyte, reqbyte;  int firstbyte, reqbyte;
2627  int zeroreqbyte, zerofirstbyte;  int zeroreqbyte, zerofirstbyte;
2628  int req_caseopt, reqvary, tempreqvary;  int req_caseopt, reqvary, tempreqvary;
 int condcount = 0;  
2629  int options = *optionsptr;  int options = *optionsptr;
2630  int after_manual_callout = 0;  int after_manual_callout = 0;
2631    int length_prevgroup = 0;
2632  register int c;  register int c;
2633  register uschar *code = *codeptr;  register uschar *code = *codeptr;
2634    uschar *last_code = code;
2635    uschar *orig_code = code;
2636  uschar *tempcode;  uschar *tempcode;
2637  BOOL inescq = FALSE;  BOOL inescq = FALSE;
2638  BOOL groupsetfirstbyte = FALSE;  BOOL groupsetfirstbyte = FALSE;
# Line 1553  const uschar *ptr = *ptrptr; Line 2640  const uschar *ptr = *ptrptr;
2640  const uschar *tempptr;  const uschar *tempptr;
2641  uschar *previous = NULL;  uschar *previous = NULL;
2642  uschar *previous_callout = NULL;  uschar *previous_callout = NULL;
2643    uschar *save_hwm = NULL;
2644  uschar classbits[32];  uschar classbits[32];
2645    
2646  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
2647  BOOL class_utf8;  BOOL class_utf8;
2648  BOOL utf8 = (options & PCRE_UTF8) != 0;  BOOL utf8 = (options & PCRE_UTF8) != 0;
2649  uschar *class_utf8data;  uschar *class_utf8data;
2650    uschar *class_utf8data_base;
2651  uschar utf8_char[6];  uschar utf8_char[6];
2652  #else  #else
2653  BOOL utf8 = FALSE;  BOOL utf8 = FALSE;
2654    uschar *utf8_char = NULL;
2655    #endif
2656    
2657    #ifdef DEBUG
2658    if (lengthptr != NULL) DPRINTF((">> start branch\n"));
2659  #endif  #endif
2660    
2661  /* Set up the default and non-default settings for greediness */  /* Set up the default and non-default settings for greediness */
# Line 1593  req_caseopt = ((options & PCRE_CASELESS) Line 2687  req_caseopt = ((options & PCRE_CASELESS)
2687  for (;; ptr++)  for (;; ptr++)
2688    {    {
2689    BOOL negate_class;    BOOL negate_class;
2690      BOOL should_flip_negation;
2691    BOOL possessive_quantifier;    BOOL possessive_quantifier;
2692    BOOL is_quantifier;    BOOL is_quantifier;
2693      BOOL is_recurse;
2694      BOOL reset_bracount;
2695    int class_charcount;    int class_charcount;
2696    int class_lastchar;    int class_lastchar;
2697    int newoptions;    int newoptions;
2698    int recno;    int recno;
2699      int refsign;
2700    int skipbytes;    int skipbytes;
2701    int subreqbyte;    int subreqbyte;
2702    int subfirstbyte;    int subfirstbyte;
2703      int terminator;
2704    int mclength;    int mclength;
2705    uschar mcbuffer[8];    uschar mcbuffer[8];
2706    
2707    /* Next byte in the pattern */    /* Get next byte in the pattern */
2708    
2709    c = *ptr;    c = *ptr;
2710    
2711      /* If we are in the pre-compile phase, accumulate the length used for the
2712      previous cycle of this loop. */
2713    
2714      if (lengthptr != NULL)
2715        {
2716    #ifdef DEBUG
2717        if (code > cd->hwm) cd->hwm = code;                 /* High water info */
2718    #endif
2719        if (code > cd->start_workspace + COMPILE_WORK_SIZE) /* Check for overrun */
2720          {
2721          *errorcodeptr = ERR52;
2722          goto FAILED;
2723          }
2724    
2725        /* There is at least one situation where code goes backwards: this is the
2726        case of a zero quantifier after a class (e.g. [ab]{0}). At compile time,
2727        the class is simply eliminated. However, it is created first, so we have to
2728        allow memory for it. Therefore, don't ever reduce the length at this point.
2729        */
2730    
2731        if (code < last_code) code = last_code;
2732    
2733        /* Paranoid check for integer overflow */
2734    
2735        if (OFLOW_MAX - *lengthptr < code - last_code)
2736          {
2737          *errorcodeptr = ERR20;
2738          goto FAILED;
2739          }
2740    
2741        *lengthptr += code - last_code;
2742        DPRINTF(("length=%d added %d c=%c\n", *lengthptr, code - last_code, c));
2743    
2744        /* If "previous" is set and it is not at the start of the work space, move
2745        it back to there, in order to avoid filling up the work space. Otherwise,
2746        if "previous" is NULL, reset the current code pointer to the start. */
2747    
2748        if (previous != NULL)
2749          {
2750          if (previous > orig_code)
2751            {
2752            memmove(orig_code, previous, code - previous);
2753            code -= previous - orig_code;
2754            previous = orig_code;
2755            }
2756          }
2757        else code = orig_code;
2758    
2759        /* Remember where this code item starts so we can pick up the length
2760        next time round. */
2761    
2762        last_code = code;
2763        }
2764    
2765      /* In the real compile phase, just check the workspace used by the forward
2766      reference list. */
2767    
2768      else if (cd->hwm > cd->start_workspace + COMPILE_WORK_SIZE)
2769        {
2770        *errorcodeptr = ERR52;
2771        goto FAILED;
2772        }
2773    
2774    /* If in \Q...\E, check for the end; if not, we have a literal */    /* If in \Q...\E, check for the end; if not, we have a literal */
2775    
2776    if (inescq && c != 0)    if (inescq && c != 0)
2777      {      {
2778      if (c == '\\' && ptr[1] == 'E')      if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E)
2779        {        {
2780        inescq = FALSE;        inescq = FALSE;
2781        ptr++;        ptr++;
# Line 1623  for (;; ptr++) Line 2785  for (;; ptr++)
2785        {        {
2786        if (previous_callout != NULL)        if (previous_callout != NULL)
2787          {          {
2788          complete_callout(previous_callout, ptr, cd);          if (lengthptr == NULL)  /* Don't attempt in pre-compile phase */
2789              complete_callout(previous_callout, ptr, cd);
2790          previous_callout = NULL;          previous_callout = NULL;
2791          }          }
2792        if ((options & PCRE_AUTO_CALLOUT) != 0)        if ((options & PCRE_AUTO_CALLOUT) != 0)
# Line 1638  for (;; ptr++) Line 2801  for (;; ptr++)
2801    /* Fill in length of a previous callout, except when the next thing is    /* Fill in length of a previous callout, except when the next thing is
2802    a quantifier. */    a quantifier. */
2803    
2804    is_quantifier = c == '*' || c == '+' || c == '?' ||    is_quantifier =
2805      (c == '{' && is_counted_repeat(ptr+1));      c == CHAR_ASTERISK || c == CHAR_PLUS || c == CHAR_QUESTION_MARK ||
2806        (c == CHAR_LEFT_CURLY_BRACKET && is_counted_repeat(ptr+1));
2807    
2808    if (!is_quantifier && previous_callout != NULL &&    if (!is_quantifier && previous_callout != NULL &&
2809         after_manual_callout-- <= 0)         after_manual_callout-- <= 0)
2810      {      {
2811      complete_callout(previous_callout, ptr, cd);      if (lengthptr == NULL)      /* Don't attempt in pre-compile phase */
2812          complete_callout(previous_callout, ptr, cd);
2813      previous_callout = NULL;      previous_callout = NULL;
2814      }      }
2815    
# Line 1653  for (;; ptr++) Line 2818  for (;; ptr++)
2818    if ((options & PCRE_EXTENDED) != 0)    if ((options & PCRE_EXTENDED) != 0)
2819      {      {
2820      if ((cd->ctypes[c] & ctype_space) != 0) continue;      if ((cd->ctypes[c] & ctype_space) != 0) continue;
2821      if (c == '#')      if (c == CHAR_NUMBER_SIGN)
2822        {        {
2823        /* The space before the ; is to avoid a warning on a silly compiler        while (*(++ptr) != 0)
2824        on the Macintosh. */          {
2825        while ((c = *(++ptr)) != 0 && c != NEWLINE) ;          if (IS_NEWLINE(ptr)) { ptr += cd->nllen - 1; break; }
2826        if (c != 0) continue;   /* Else fall through to handle end of string */          }
2827          if (*ptr != 0) continue;
2828    
2829          /* Else fall through to handle end of string */
2830          c = 0;
2831        }        }
2832      }      }
2833    
# Line 1672  for (;; ptr++) Line 2841  for (;; ptr++)
2841    
2842    switch(c)    switch(c)
2843      {      {
2844      /* The branch terminates at end of string, |, or ). */      /* ===================================================================*/
2845        case 0:                        /* The branch terminates at string end */
2846      case 0:      case CHAR_VERTICAL_LINE:       /* or | or ) */
2847      case '|':      case CHAR_RIGHT_PARENTHESIS:
     case ')':  
2848      *firstbyteptr = firstbyte;      *firstbyteptr = firstbyte;
2849      *reqbyteptr = reqbyte;      *reqbyteptr = reqbyte;
2850      *codeptr = code;      *codeptr = code;
2851      *ptrptr = ptr;      *ptrptr = ptr;
2852      return TRUE;      if (lengthptr != NULL)
2853          {
2854          if (OFLOW_MAX - *lengthptr < code - last_code)
2855            {
2856            *errorcodeptr = ERR20;
2857            goto FAILED;
2858            }
2859          *lengthptr += code - last_code;   /* To include callout length */
2860          DPRINTF((">> end branch\n"));
2861          }
2862        return TRUE;
2863    
2864    
2865        /* ===================================================================*/
2866      /* Handle single-character metacharacters. In multiline mode, ^ disables      /* Handle single-character metacharacters. In multiline mode, ^ disables
2867      the setting of any following char as a first character. */      the setting of any following char as a first character. */
2868    
2869      case '^':      case CHAR_CIRCUMFLEX_ACCENT:
2870      if ((options & PCRE_MULTILINE) != 0)      if ((options & PCRE_MULTILINE) != 0)
2871        {        {
2872        if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;        if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;
# Line 1695  for (;; ptr++) Line 2875  for (;; ptr++)
2875      *code++ = OP_CIRC;      *code++ = OP_CIRC;
2876      break;      break;
2877    
2878      case '$':      case CHAR_DOLLAR_SIGN:
2879      previous = NULL;      previous = NULL;
2880      *code++ = OP_DOLL;      *code++ = OP_DOLL;
2881      break;      break;
# Line 1703  for (;; ptr++) Line 2883  for (;; ptr++)
2883      /* There can never be a first char if '.' is first, whatever happens about      /* There can never be a first char if '.' is first, whatever happens about
2884      repeats. The value of reqbyte doesn't change either. */      repeats. The value of reqbyte doesn't change either. */
2885    
2886      case '.':      case CHAR_DOT:
2887      if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;      if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;
2888      zerofirstbyte = firstbyte;      zerofirstbyte = firstbyte;
2889      zeroreqbyte = reqbyte;      zeroreqbyte = reqbyte;
2890      previous = code;      previous = code;
2891      *code++ = OP_ANY;      *code++ = ((options & PCRE_DOTALL) != 0)? OP_ALLANY: OP_ANY;
2892      break;      break;
2893    
2894      /* Character classes. If the included characters are all < 255 in value, we  
2895      build a 32-byte bitmap of the permitted characters, except in the special      /* ===================================================================*/
2896      case where there is only one such character. For negated classes, we build      /* Character classes. If the included characters are all < 256, we build a
2897      the map as usual, then invert it at the end. However, we use a different      32-byte bitmap of the permitted characters, except in the special case
2898      opcode so that data characters > 255 can be handled correctly.      where there is only one such character. For negated classes, we build the
2899        map as usual, then invert it at the end. However, we use a different opcode
2900        so that data characters > 255 can be handled correctly.
2901    
2902      If the class contains characters outside the 0-255 range, a different      If the class contains characters outside the 0-255 range, a different
2903      opcode is compiled. It may optionally have a bit map for characters < 256,      opcode is compiled. It may optionally have a bit map for characters < 256,
2904      but those above are are explicitly listed afterwards. A flag byte tells      but those above are are explicitly listed afterwards. A flag byte tells
2905      whether the bitmap is present, and whether this is a negated class or not.      whether the bitmap is present, and whether this is a negated class or not.
     */  
2906    
2907      case '[':      In JavaScript compatibility mode, an isolated ']' causes an error. In
2908        default (Perl) mode, it is treated as a data character. */
2909    
2910        case CHAR_RIGHT_SQUARE_BRACKET:
2911        if ((cd->external_options & PCRE_JAVASCRIPT_COMPAT) != 0)
2912          {
2913          *errorcodeptr = ERR64;
2914          goto FAILED;
2915          }
2916        goto NORMAL_CHAR;
2917    
2918        case CHAR_LEFT_SQUARE_BRACKET:
2919      previous = code;      previous = code;
2920    
2921      /* PCRE supports POSIX class stuff inside a class. Perl gives an error if      /* PCRE supports POSIX class stuff inside a class. Perl gives an error if
2922      they are encountered at the top level, so we'll do that too. */      they are encountered at the top level, so we'll do that too. */
2923    
2924      if ((ptr[1] == ':' || ptr[1] == '.' || ptr[1] == '=') &&      if ((ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
2925          check_posix_syntax(ptr, &tempptr, cd))           ptr[1] == CHAR_EQUALS_SIGN) &&
2926            check_posix_syntax(ptr, &tempptr))
2927        {        {
2928        *errorcodeptr = (ptr[1] == ':')? ERR13 : ERR31;        *errorcodeptr = (ptr[1] == CHAR_COLON)? ERR13 : ERR31;
2929        goto FAILED;        goto FAILED;
2930        }        }
2931    
2932      /* If the first character is '^', set the negation flag and skip it. */      /* If the first character is '^', set the negation flag and skip it. Also,
2933        if the first few characters (either before or after ^) are \Q\E or \E we
2934        skip them too. This makes for compatibility with Perl. */
2935    
2936      if ((c = *(++ptr)) == '^')      negate_class = FALSE;
2937        for (;;)
2938        {        {
       negate_class = TRUE;  
2939        c = *(++ptr);        c = *(++ptr);
2940          if (c == CHAR_BACKSLASH)
2941            {
2942            if (ptr[1] == CHAR_E)
2943              ptr++;
2944            else if (strncmp((const char *)ptr+1,
2945                              STR_Q STR_BACKSLASH STR_E, 3) == 0)
2946              ptr += 3;
2947            else
2948              break;
2949            }
2950          else if (!negate_class && c == CHAR_CIRCUMFLEX_ACCENT)
2951            negate_class = TRUE;
2952          else break;
2953        }        }
2954      else  
2955        /* Empty classes are allowed in JavaScript compatibility mode. Otherwise,
2956        an initial ']' is taken as a data character -- the code below handles
2957        that. In JS mode, [] must always fail, so generate OP_FAIL, whereas
2958        [^] must match any character, so generate OP_ALLANY. */
2959    
2960        if (c == CHAR_RIGHT_SQUARE_BRACKET &&
2961            (cd->external_options & PCRE_JAVASCRIPT_COMPAT) != 0)
2962        {        {
2963        negate_class = FALSE;        *code++ = negate_class? OP_ALLANY : OP_FAIL;
2964          if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;
2965          zerofirstbyte = firstbyte;
2966          break;
2967        }        }
2968    
2969        /* If a class contains a negative special such as \S, we need to flip the
2970        negation flag at the end, so that support for characters > 255 works
2971        correctly (they are all included in the class). */
2972    
2973        should_flip_negation = FALSE;
2974    
2975      /* Keep a count of chars with values < 256 so that we can optimize the case      /* Keep a count of chars with values < 256 so that we can optimize the case
2976      of just a single character (as long as it's < 256). For higher valued UTF-8      of just a single character (as long as it's < 256). However, For higher
2977      characters, we don't yet do any optimization. */      valued UTF-8 characters, we don't yet do any optimization. */
2978    
2979      class_charcount = 0;      class_charcount = 0;
2980      class_lastchar = -1;      class_lastchar = -1;
2981    
2982        /* Initialize the 32-char bit map to all zeros. We build the map in a
2983        temporary bit of memory, in case the class contains only 1 character (less
2984        than 256), because in that case the compiled code doesn't use the bit map.
2985        */
2986    
2987        memset(classbits, 0, 32 * sizeof(uschar));
2988    
2989  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
2990      class_utf8 = FALSE;                       /* No chars >= 256 */      class_utf8 = FALSE;                       /* No chars >= 256 */
2991      class_utf8data = code + LINK_SIZE + 34;   /* For UTF-8 items */      class_utf8data = code + LINK_SIZE + 2;    /* For UTF-8 items */
2992        class_utf8data_base = class_utf8data;     /* For resetting in pass 1 */
2993  #endif  #endif
2994    
     /* Initialize the 32-char bit map to all zeros. We have to build the  
     map in a temporary bit of store, in case the class contains only 1  
     character (< 256), because in that case the compiled code doesn't use the  
     bit map. */  
   
     memset(classbits, 0, 32 * sizeof(uschar));  
   
2995      /* Process characters until ] is reached. By writing this as a "do" it      /* Process characters until ] is reached. By writing this as a "do" it
2996      means that an initial ] is taken as a data character. The first pass      means that an initial ] is taken as a data character. At the start of the
2997      through the regex checked the overall syntax, so we don't need to be very      loop, c contains the first byte of the character. */
     strict here. At the start of the loop, c contains the first byte of the  
     character. */  
2998    
2999      do      if (c != 0) do
3000        {        {
3001          const uschar *oldptr;
3002    
3003  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
3004        if (utf8 && c > 127)        if (utf8 && c > 127)
3005          {                           /* Braces are required because the */          {                           /* Braces are required because the */
3006          GETCHARLEN(c, ptr, ptr);    /* macro generates multiple statements */          GETCHARLEN(c, ptr, ptr);    /* macro generates multiple statements */
3007          }          }
3008    
3009          /* In the pre-compile phase, accumulate the length of any UTF-8 extra
3010          data and reset the pointer. This is so that very large classes that
3011          contain a zillion UTF-8 characters no longer overwrite the work space
3012          (which is on the stack). */
3013    
3014          if (lengthptr != NULL)
3015            {
3016            *lengthptr += class_utf8data - class_utf8data_base;
3017            class_utf8data = class_utf8data_base;
3018            }
3019    
3020  #endif  #endif
3021    
3022        /* Inside \Q...\E everything is literal except \E */        /* Inside \Q...\E everything is literal except \E */
3023    
3024        if (inescq)        if (inescq)
3025          {          {
3026          if (c == '\\' && ptr[1] == 'E')          if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E)  /* If we are at \E */
3027            {            {
3028            inescq = FALSE;            inescq = FALSE;                   /* Reset literal state */
3029            ptr++;            ptr++;                            /* Skip the 'E' */
3030            continue;            continue;                         /* Carry on with next */
3031            }            }
3032          else goto LONE_SINGLE_CHARACTER;          goto CHECK_RANGE;                   /* Could be range if \E follows */
3033          }          }
3034    
3035        /* Handle POSIX class names. Perl allows a negation extension of the        /* Handle POSIX class names. Perl allows a negation extension of the
# Line 1801  for (;; ptr++) Line 3038  for (;; ptr++)
3038        [.ch.] and [=ch=] ("collating elements") and fault them, as Perl        [.ch.] and [=ch=] ("collating elements") and fault them, as Perl
3039        5.6 and 5.8 do. */        5.6 and 5.8 do. */
3040    
3041        if (c == '[' &&        if (c == CHAR_LEFT_SQUARE_BRACKET &&
3042            (ptr[1] == ':' || ptr[1] == '.' || ptr[1] == '=') &&            (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
3043            check_posix_syntax(ptr, &tempptr, cd))             ptr[1] == CHAR_EQUALS_SIGN) && check_posix_syntax(ptr, &tempptr))
3044          {          {
3045          BOOL local_negate = FALSE;          BOOL local_negate = FALSE;
3046          int posix_class, i;          int posix_class, taboffset, tabopt;
3047          register const uschar *cbits = cd->cbits;          register const uschar *cbits = cd->cbits;
3048            uschar pbits[32];
3049    
3050          if (ptr[1] != ':')          if (ptr[1] != CHAR_COLON)
3051            {            {
3052            *errorcodeptr = ERR31;            *errorcodeptr = ERR31;
3053            goto FAILED;            goto FAILED;
3054            }            }
3055    
3056          ptr += 2;          ptr += 2;
3057          if (*ptr == '^')          if (*ptr == CHAR_CIRCUMFLEX_ACCENT)
3058            {            {
3059            local_negate = TRUE;            local_negate = TRUE;
3060              should_flip_negation = TRUE;  /* Note negative special */
3061            ptr++;            ptr++;
3062            }            }
3063    
# Line 1836  for (;; ptr++) Line 3075  for (;; ptr++)
3075          if ((options & PCRE_CASELESS) != 0 && posix_class <= 2)          if ((options & PCRE_CASELESS) != 0 && posix_class <= 2)
3076            posix_class = 0;            posix_class = 0;
3077    
3078          /* Or into the map we are building up to 3 of the static class          /* We build the bit map for the POSIX class in a chunk of local store
3079          tables, or their negations. The [:blank:] class sets up the same          because we may be adding and subtracting from it, and we don't want to
3080          chars as the [:space:] class (all white space). We remove the vertical          subtract bits that may be in the main map already. At the end we or the
3081          white space chars afterwards. */          result into the bit map that is being built. */
3082    
3083          posix_class *= 3;          posix_class *= 3;
3084          for (i = 0; i < 3; i++)  
3085            /* Copy in the first table (always present) */
3086    
3087            memcpy(pbits, cbits + posix_class_maps[posix_class],
3088              32 * sizeof(uschar));
3089    
3090            /* If there is a second table, add or remove it as required. */
3091    
3092            taboffset = posix_class_maps[posix_class + 1];
3093            tabopt = posix_class_maps[posix_class + 2];
3094    
3095            if (taboffset >= 0)
3096            {            {
3097            BOOL blankclass = strncmp((char *)ptr, "blank", 5) == 0;            if (tabopt >= 0)
3098            int taboffset = posix_class_maps[posix_class + i];              for (c = 0; c < 32; c++) pbits[c] |= cbits[c + taboffset];
           if (taboffset < 0) break;  
           if (local_negate)  
             {  
             if (i == 0)  
               for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+taboffset];  
             else  
               for (c = 0; c < 32; c++) classbits[c] &= ~cbits[c+taboffset];  
             if (blankclass) classbits[1] |= 0x3c;  
             }  
3099            else            else
3100              {              for (c = 0; c < 32; c++) pbits[c] &= ~cbits[c + taboffset];
             for (c = 0; c < 32; c++) classbits[c] |= cbits[c+taboffset];  
             if (blankclass) classbits[1] &= ~0x3c;  
             }  
3101            }            }
3102    
3103            /* Not see if we need to remove any special characters. An option
3104            value of 1 removes vertical space and 2 removes underscore. */
3105    
3106            if (tabopt < 0) tabopt = -tabopt;
3107            if (tabopt == 1) pbits[1] &= ~0x3c;
3108              else if (tabopt == 2) pbits[11] &= 0x7f;
3109    
3110            /* Add the POSIX table or its complement into the main table that is
3111            being built and we are done. */
3112    
3113            if (local_negate)
3114              for (c = 0; c < 32; c++) classbits[c] |= ~pbits[c];
3115            else
3116              for (c = 0; c < 32; c++) classbits[c] |= pbits[c];
3117    
3118          ptr = tempptr + 1;          ptr = tempptr + 1;
3119          class_charcount = 10;  /* Set > 1; assumes more than 1 per class */          class_charcount = 10;  /* Set > 1; assumes more than 1 per class */
3120          continue;    /* End of POSIX syntax handling */          continue;    /* End of POSIX syntax handling */
3121          }          }
3122    
3123        /* Backslash may introduce a single character, or it may introduce one        /* Backslash may introduce a single character, or it may introduce one
3124        of the specials, which just set a flag. Escaped items are checked for        of the specials, which just set a flag. The sequence \b is a special
3125        validity in the pre-compiling pass. The sequence \b is a special case.        case. Inside a class (and only there) it is treated as backspace.
3126        Inside a class (and only there) it is treated as backspace. Elsewhere        Elsewhere it marks a word boundary. Other escapes have preset maps ready
3127        it marks a word boundary. Other escapes have preset maps ready to        to 'or' into the one we are building. We assume they have more than one
       or into the one we are building. We assume they have more than one  
3128        character in them, so set class_charcount bigger than one. */        character in them, so set class_charcount bigger than one. */
3129    
3130        if (c == '\\')        if (c == CHAR_BACKSLASH)
3131          {          {
3132          c = check_escape(&ptr, errorcodeptr, *brackets, options, TRUE);          c = check_escape(&ptr, errorcodeptr, cd->bracount, options, TRUE);
3133            if (*errorcodeptr != 0) goto FAILED;
3134    
3135          if (-c == ESC_b) c = '\b';       /* \b is backslash in a class */          if (-c == ESC_b) c = CHAR_BS;       /* \b is backspace in a class */
3136          else if (-c == ESC_X) c = 'X';   /* \X is literal X in a class */          else if (-c == ESC_X) c = CHAR_X;   /* \X is literal X in a class */
3137            else if (-c == ESC_R) c = CHAR_R;   /* \R is literal R in a class */
3138          else if (-c == ESC_Q)            /* Handle start of quoted string */          else if (-c == ESC_Q)            /* Handle start of quoted string */
3139            {            {
3140            if (ptr[1] == '\\' && ptr[2] == 'E')            if (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
3141              {              {
3142              ptr += 2; /* avoid empty string */              ptr += 2; /* avoid empty string */
3143              }              }
3144            else inescq = TRUE;            else inescq = TRUE;
3145            continue;            continue;
3146            }            }
3147            else if (-c == ESC_E) continue;  /* Ignore orphan \E */
3148    
3149          if (c < 0)          if (c < 0)
3150            {            {
3151            register const uschar *cbits = cd->cbits;            register const uschar *cbits = cd->cbits;
3152            class_charcount += 2;     /* Greater than 1 is what matters */            class_charcount += 2;     /* Greater than 1 is what matters */
3153            switch (-c)  
3154              /* Save time by not doing this in the pre-compile phase. */
3155    
3156              if (lengthptr == NULL) switch (-c)
3157              {              {
3158              case ESC_d:              case ESC_d:
3159              for (c = 0; c < 32; c++) classbits[c] |= cbits[c+cbit_digit];              for (c = 0; c < 32; c++) classbits[c] |= cbits[c+cbit_digit];
3160              continue;              continue;
3161    
3162              case ESC_D:              case ESC_D:
3163                should_flip_negation = TRUE;
3164              for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_digit];              for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_digit];
3165              continue;              continue;
3166    
# Line 1910  for (;; ptr++) Line 3169  for (;; ptr++)
3169              continue;              continue;
3170    
3171              case ESC_W:              case ESC_W:
3172                should_flip_negation = TRUE;
3173              for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_word];              for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_word];
3174              continue;              continue;
3175    
# Line 1919  for (;; ptr++) Line 3179  for (;; ptr++)
3179              continue;              continue;
3180    
3181              case ESC_S:              case ESC_S:
3182                should_flip_negation = TRUE;
3183              for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_space];              for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_space];
3184              classbits[1] |= 0x08;    /* Perl 5.004 onwards omits VT from \s */              classbits[1] |= 0x08;    /* Perl 5.004 onwards omits VT from \s */
3185              continue;              continue;
3186    
3187  #ifdef SUPPORT_UCP              default:    /* Not recognized; fall through */
3188              case ESC_p:              break;      /* Need "default" setting to stop compiler warning. */
3189              case ESC_P:              }
3190    
3191              /* In the pre-compile phase, just do the recognition. */
3192    
3193              else if (c == -ESC_d || c == -ESC_D || c == -ESC_w ||
3194                       c == -ESC_W || c == -ESC_s || c == -ESC_S) continue;
3195    
3196              /* We need to deal with \H, \h, \V, and \v in both phases because
3197              they use extra memory. */
3198    
3199              if (-c == ESC_h)
3200                {
3201                SETBIT(classbits, 0x09); /* VT */
3202                SETBIT(classbits, 0x20); /* SPACE */
3203                SETBIT(classbits, 0xa0); /* NSBP */
3204    #ifdef SUPPORT_UTF8
3205                if (utf8)
3206                {                {
               BOOL negated;  
               int property = get_ucp(&ptr, &negated, errorcodeptr);  
               if (property < 0) goto FAILED;  
3207                class_utf8 = TRUE;                class_utf8 = TRUE;
3208                *class_utf8data++ = ((-c == ESC_p) != negated)?                *class_utf8data++ = XCL_SINGLE;
3209                  XCL_PROP : XCL_NOTPROP;                class_utf8data += _pcre_ord2utf8(0x1680, class_utf8data);
3210                *class_utf8data++ = property;                *class_utf8data++ = XCL_SINGLE;
3211                class_charcount -= 2;   /* Not a < 256 character */                class_utf8data += _pcre_ord2utf8(0x180e, class_utf8data);
3212                  *class_utf8data++ = XCL_RANGE;
3213                  class_utf8data += _pcre_ord2utf8(0x2000, class_utf8data);
3214                  class_utf8data += _pcre_ord2utf8(0x200A, class_utf8data);
3215                  *class_utf8data++ = XCL_SINGLE;
3216                  class_utf8data += _pcre_ord2utf8(0x202f, class_utf8data);
3217                  *class_utf8data++ = XCL_SINGLE;
3218                  class_utf8data += _pcre_ord2utf8(0x205f, class_utf8data);
3219                  *class_utf8data++ = XCL_SINGLE;
3220                  class_utf8data += _pcre_ord2utf8(0x3000, class_utf8data);
3221                }                }
3222    #endif
3223              continue;              continue;
3224                }
3225    
3226              if (-c == ESC_H)
3227                {
3228                for (c = 0; c < 32; c++)
3229                  {
3230                  int x = 0xff;
3231                  switch (c)
3232                    {
3233                    case 0x09/8: x ^= 1 << (0x09%8); break;
3234                    case 0x20/8: x ^= 1 << (0x20%8); break;
3235                    case 0xa0/8: x ^= 1 << (0xa0%8); break;
3236                    default: break;
3237                    }
3238                  classbits[c] |= x;
3239                  }
3240    
3241    #ifdef SUPPORT_UTF8
3242                if (utf8)
3243                  {
3244                  class_utf8 = TRUE;
3245                  *class_utf8data++ = XCL_RANGE;
3246                  class_utf8data += _pcre_ord2utf8(0x0100, class_utf8data);
3247                  class_utf8data += _pcre_ord2utf8(0x167f, class_utf8data);
3248                  *class_utf8data++ = XCL_RANGE;
3249                  class_utf8data += _pcre_ord2utf8(0x1681, class_utf8data);
3250                  class_utf8data += _pcre_ord2utf8(0x180d, class_utf8data);
3251                  *class_utf8data++ = XCL_RANGE;
3252                  class_utf8data += _pcre_ord2utf8(0x180f, class_utf8data);
3253                  class_utf8data += _pcre_ord2utf8(0x1fff, class_utf8data);
3254                  *class_utf8data++ = XCL_RANGE;
3255                  class_utf8data += _pcre_ord2utf8(0x200B, class_utf8data);
3256                  class_utf8data += _pcre_ord2utf8(0x202e, class_utf8data);
3257                  *class_utf8data++ = XCL_RANGE;
3258                  class_utf8data += _pcre_ord2utf8(0x2030, class_utf8data);
3259                  class_utf8data += _pcre_ord2utf8(0x205e, class_utf8data);
3260                  *class_utf8data++ = XCL_RANGE;
3261                  class_utf8data += _pcre_ord2utf8(0x2060, class_utf8data);
3262                  class_utf8data += _pcre_ord2utf8(0x2fff, class_utf8data);
3263                  *class_utf8data++ = XCL_RANGE;
3264                  class_utf8data += _pcre_ord2utf8(0x3001, class_utf8data);
3265                  class_utf8data += _pcre_ord2utf8(0x7fffffff, class_utf8data);
3266                  }
3267  #endif  #endif
3268                continue;
3269                }
3270    
3271              /* Unrecognized escapes are faulted if PCRE is running in its            if (-c == ESC_v)
3272              strict mode. By default, for compatibility with Perl, they are              {
3273              treated as literals. */              SETBIT(classbits, 0x0a); /* LF */
3274                SETBIT(classbits, 0x0b); /* VT */
3275                SETBIT(classbits, 0x0c); /* FF */
3276                SETBIT(classbits, 0x0d); /* CR */
3277                SETBIT(classbits, 0x85); /* NEL */
3278    #ifdef SUPPORT_UTF8
3279                if (utf8)
3280                  {
3281                  class_utf8 = TRUE;
3282                  *class_utf8data++ = XCL_RANGE;
3283                  class_utf8data += _pcre_ord2utf8(0x2028, class_utf8data);
3284                  class_utf8data += _pcre_ord2utf8(0x2029, class_utf8data);
3285                  }
3286    #endif
3287                continue;
3288                }
3289    
3290              default:            if (-c == ESC_V)
3291              if ((options & PCRE_EXTRA) != 0)              {
3292                for (c = 0; c < 32; c++)
3293                {                {
3294                *errorcodeptr = ERR7;                int x = 0xff;
3295                goto FAILED;                switch (c)
3296                    {
3297                    case 0x0a/8: x ^= 1 << (0x0a%8);
3298                                 x ^= 1 << (0x0b%8);
3299                                 x ^= 1 << (0x0c%8);
3300                                 x ^= 1 << (0x0d%8);
3301                                 break;
3302                    case 0x85/8: x ^= 1 << (0x85%8); break;
3303                    default: break;
3304                    }
3305                  classbits[c] |= x;
3306                  }
3307    
3308    #ifdef SUPPORT_UTF8
3309                if (utf8)
3310                  {
3311                  class_utf8 = TRUE;
3312                  *class_utf8data++ = XCL_RANGE;
3313                  class_utf8data += _pcre_ord2utf8(0x0100, class_utf8data);
3314                  class_utf8data += _pcre_ord2utf8(0x2027, class_utf8data);
3315                  *class_utf8data++ = XCL_RANGE;
3316                  class_utf8data += _pcre_ord2utf8(0x2029, class_utf8data);
3317                  class_utf8data += _pcre_ord2utf8(0x7fffffff, class_utf8data);
3318                }                }
3319              c = *ptr;              /* The final character */  #endif
3320              class_charcount -= 2;  /* Undo the default count from above */              continue;
3321                }
3322    
3323              /* We need to deal with \P and \p in both phases. */
3324    
3325    #ifdef SUPPORT_UCP
3326              if (-c == ESC_p || -c == ESC_P)
3327                {
3328                BOOL negated;
3329                int pdata;
3330                int ptype = get_ucp(&ptr, &negated, &pdata, errorcodeptr);
3331                if (ptype < 0) goto FAILED;
3332                class_utf8 = TRUE;
3333                *class_utf8data++ = ((-c == ESC_p) != negated)?
3334                  XCL_PROP : XCL_NOTPROP;
3335                *class_utf8data++ = ptype;
3336                *class_utf8data++ = pdata;
3337                class_charcount -= 2;   /* Not a < 256 character */
3338                continue;
3339                }
3340    #endif
3341              /* Unrecognized escapes are faulted if PCRE is running in its
3342              strict mode. By default, for compatibility with Perl, they are
3343              treated as literals. */
3344    
3345              if ((options & PCRE_EXTRA) != 0)
3346                {
3347                *errorcodeptr = ERR7;
3348                goto FAILED;
3349              }              }
3350    
3351              class_charcount -= 2;  /* Undo the default count from above */
3352              c = *ptr;              /* Get the final character and fall through */
3353            }            }
3354    
3355          /* Fall through if we have a single character (c >= 0). This may be          /* Fall through if we have a single character (c >= 0). This may be
3356          > 256 in UTF-8 mode. */          greater than 256 in UTF-8 mode. */
3357    
3358          }   /* End of backslash handling */          }   /* End of backslash handling */
3359    
3360        /* A single character may be followed by '-' to form a range. However,        /* A single character may be followed by '-' to form a range. However,
3361        Perl does not permit ']' to be the end of the range. A '-' character        Perl does not permit ']' to be the end of the range. A '-' character
3362        here is treated as a literal. */        at the end is treated as a literal. Perl ignores orphaned \E sequences
3363          entirely. The code for handling \Q and \E is messy. */
3364    
3365          CHECK_RANGE:
3366          while (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
3367            {
3368            inescq = FALSE;
3369            ptr += 2;
3370            }
3371    
3372          oldptr = ptr;
3373    
3374          /* Remember \r or \n */
3375    
3376          if (c == CHAR_CR || c == CHAR_NL) cd->external_flags |= PCRE_HASCRORLF;
3377    
3378        if (ptr[1] == '-' && ptr[2] != ']')        /* Check for range */
3379    
3380          if (!inescq && ptr[1] == CHAR_MINUS)
3381          {          {
3382          int d;          int d;
3383          ptr += 2;          ptr += 2;
3384            while (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_E) ptr += 2;
3385    
3386            /* If we hit \Q (not followed by \E) at this point, go into escaped
3387            mode. */
3388    
3389            while (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_Q)
3390              {
3391              ptr += 2;
3392              if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_E)
3393                { ptr += 2; continue; }
3394              inescq = TRUE;
3395              break;
3396              }
3397    
3398            if (*ptr == 0 || (!inescq && *ptr == CHAR_RIGHT_SQUARE_BRACKET))
3399              {
3400              ptr = oldptr;
3401              goto LONE_SINGLE_CHARACTER;
3402              }
3403    
3404  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
3405          if (utf8)          if (utf8)
# Line 1981  for (;; ptr++) Line 3414  for (;; ptr++)
3414          not any of the other escapes. Perl 5.6 treats a hyphen as a literal          not any of the other escapes. Perl 5.6 treats a hyphen as a literal
3415          in such circumstances. */          in such circumstances. */
3416    
3417          if (d == '\\')          if (!inescq && d == CHAR_BACKSLASH)
3418            {            {
3419            const uschar *oldptr = ptr;            d = check_escape(&ptr, errorcodeptr, cd->bracount, options, TRUE);
3420            d = check_escape(&ptr, errorcodeptr, *brackets, options, TRUE);            if (*errorcodeptr != 0) goto FAILED;
3421    
3422            /* \b is backslash; \X is literal X; any other special means the '-'            /* \b is backspace; \X is literal X; \R is literal R; any other
3423            was literal */            special means the '-' was literal */
3424    
3425            if (d < 0)            if (d < 0)
3426              {              {
3427              if (d == -ESC_b) d = '\b';              if (d == -ESC_b) d = CHAR_BS;
3428              else if (d == -ESC_X) d = 'X'; else              else if (d == -ESC_X) d = CHAR_X;
3429                else if (d == -ESC_R) d = CHAR_R; else
3430                {                {
3431                ptr = oldptr - 2;                ptr = oldptr;
3432                goto LONE_SINGLE_CHARACTER;  /* A few lines below */                goto LONE_SINGLE_CHARACTER;  /* A few lines below */
3433                }                }
3434              }              }
3435            }            }
3436    
3437          /* The check that the two values are in the correct order happens in          /* Check that the two values are in the correct order. Optimize
3438          the pre-pass. Optimize one-character ranges */          one-character ranges */
3439    
3440            if (d < c)
3441              {
3442              *errorcodeptr = ERR8;
3443              goto FAILED;
3444              }
3445    
3446          if (d == c) goto LONE_SINGLE_CHARACTER;  /* A few lines below */          if (d == c) goto LONE_SINGLE_CHARACTER;  /* A few lines below */
3447    
3448            /* Remember \r or \n */
3449    
3450            if (d == CHAR_CR || d == CHAR_NL) cd->external_flags |= PCRE_HASCRORLF;
3451    
3452          /* In UTF-8 mode, if the upper limit is > 255, or > 127 for caseless          /* In UTF-8 mode, if the upper limit is > 255, or > 127 for caseless
3453          matching, we have to use an XCLASS with extra data items. Caseless          matching, we have to use an XCLASS with extra data items. Caseless
3454          matching for characters > 127 is available only if UCP support is          matching for characters > 127 is available only if UCP support is
# Line 2022  for (;; ptr++) Line 3466  for (;; ptr++)
3466  #ifdef SUPPORT_UCP  #ifdef SUPPORT_UCP
3467            if ((options & PCRE_CASELESS) != 0)            if ((options & PCRE_CASELESS) != 0)
3468              {              {
3469              int occ, ocd;              unsigned int occ, ocd;
3470              int cc = c;              unsigned int cc = c;
3471              int origd = d;              unsigned int origd = d;
3472              while (get_othercase_range(&cc, origd, &occ, &ocd))              while (get_othercase_range(&cc, origd, &occ, &ocd))
3473                {                {
3474                if (occ >= c && ocd <= d) continue;  /* Skip embedded ranges */                if (occ >= (unsigned int)c &&
3475                      ocd <= (unsigned int)d)
3476                    continue;                          /* Skip embedded ranges */
3477    
3478                if (occ < c  && ocd >= c - 1)        /* Extend the basic range */                if (occ < (unsigned int)c  &&
3479                      ocd >= (unsigned int)c - 1)      /* Extend the basic range */
3480                  {                                  /* if there is overlap,   */                  {                                  /* if there is overlap,   */
3481                  c = occ;                           /* noting that if occ < c */                  c = occ;                           /* noting that if occ < c */
3482                  continue;                          /* we can't have ocd > d  */                  continue;                          /* we can't have ocd > d  */
3483                  }                                  /* because a subrange is  */                  }                                  /* because a subrange is  */
3484                if (ocd > d && occ <= d + 1)         /* always shorter than    */                if (ocd > (unsigned int)d &&
3485                      occ <= (unsigned int)d + 1)      /* always shorter than    */
3486                  {                                  /* the basic range.       */                  {                                  /* the basic range.       */
3487                  d = ocd;                  d = ocd;
3488                  continue;                  continue;
# Line 2082  for (;; ptr++) Line 3530  for (;; ptr++)
3530          ranges that lie entirely within 0-127 when there is UCP support; else          ranges that lie entirely within 0-127 when there is UCP support; else
3531          for partial ranges without UCP support. */          for partial ranges without UCP support. */
3532    
3533          for (; c <= d; c++)          class_charcount += d - c + 1;
3534            class_lastchar = d;
3535    
3536            /* We can save a bit of time by skipping this in the pre-compile. */
3537    
3538            if (lengthptr == NULL) for (; c <= d; c++)
3539            {            {
3540            classbits[c/8] |= (1 << (c&7));            classbits[c/8] |= (1 << (c&7));
3541            if ((options & PCRE_CASELESS) != 0)            if ((options & PCRE_CASELESS) != 0)
# Line 2090  for (;; ptr++) Line 3543  for (;; ptr++)
3543              int uc = cd->fcc[c];           /* flip case */              int uc = cd->fcc[c];           /* flip case */
3544              classbits[uc/8] |= (1 << (uc&7));              classbits[uc/8] |= (1 << (uc&7));
3545              }              }
           class_charcount++;                /* in case a one-char range */  
           class_lastchar = c;  
3546            }            }
3547    
3548          continue;   /* Go get the next char in the class */          continue;   /* Go get the next char in the class */
# Line 2115  for (;; ptr++) Line 3566  for (;; ptr++)
3566  #ifdef SUPPORT_UCP  #ifdef SUPPORT_UCP
3567          if ((options & PCRE_CASELESS) != 0)          if ((options & PCRE_CASELESS) != 0)
3568            {            {
3569            int chartype;            unsigned int othercase;
3570            int othercase;            if ((othercase = UCD_OTHERCASE(c)) != c)
           if (_pcre_ucp_findchar(c, &chartype, &othercase) >= 0 &&  
                othercase > 0)  
3571              {              {
3572              *class_utf8data++ = XCL_SINGLE;              *class_utf8data++ = XCL_SINGLE;
3573              class_utf8data += _pcre_ord2utf8(othercase, class_utf8data);              class_utf8data += _pcre_ord2utf8(othercase, class_utf8data);
# Line 2143  for (;; ptr++) Line 3592  for (;; ptr++)
3592          }          }
3593        }        }
3594    
3595      /* Loop until ']' reached; the check for end of string happens inside the      /* Loop until ']' reached. This "while" is the end of the "do" above. */
3596      loop. This "while" is the end of the "do" above. */  
3597        while ((c = *(++ptr)) != 0 && (c != CHAR_RIGHT_SQUARE_BRACKET || inescq));
3598    
3599        if (c == 0)                          /* Missing terminating ']' */
3600          {
3601          *errorcodeptr = ERR6;
3602          goto FAILED;
3603          }
3604    
3605    
3606    /* This code has been disabled because it would mean that \s counts as
3607    an explicit \r or \n reference, and that's not really what is wanted. Now
3608    we set the flag only if there is a literal "\r" or "\n" in the class. */
3609    
3610    #if 0
3611        /* Remember whether \r or \n are in this class */
3612    
3613        if (negate_class)
3614          {
3615          if ((classbits[1] & 0x24) != 0x24) cd->external_flags |= PCRE_HASCRORLF;
3616          }
3617        else
3618          {
3619          if ((classbits[1] & 0x24) != 0) cd->external_flags |= PCRE_HASCRORLF;
3620          }
3621    #endif
3622    
     while ((c = *(++ptr)) != ']' || inescq);  
3623    
3624      /* If class_charcount is 1, we saw precisely one character whose value is      /* If class_charcount is 1, we saw precisely one character whose value is
3625      less than 256. In non-UTF-8 mode we can always optimize. In UTF-8 mode, we      less than 256. As long as there were no characters >= 128 and there was no
3626      can optimize the negative case only if there were no characters >= 128      use of \p or \P, in other words, no use of any XCLASS features, we can
3627      because OP_NOT and the related opcodes like OP_NOTSTAR operate on      optimize.
3628      single-bytes only. This is an historical hangover. Maybe one day we can  
3629      tidy these opcodes to handle multi-byte characters.      In UTF-8 mode, we can optimize the negative case only if there were no
3630        characters >= 128 because OP_NOT and the related opcodes like OP_NOTSTAR
3631        operate on single-bytes only. This is an historical hangover. Maybe one day
3632        we can tidy these opcodes to handle multi-byte characters.
3633    
3634      The optimization throws away the bit map. We turn the item into a      The optimization throws away the bit map. We turn the item into a
3635      1-character OP_CHAR[NC] if it's positive, or OP_NOT if it's negative. Note      1-character OP_CHAR[NC] if it's positive, or OP_NOT if it's negative. Note
# Line 2163  for (;; ptr++) Line 3639  for (;; ptr++)
3639      reqbyte, save the previous value for reinstating. */      reqbyte, save the previous value for reinstating. */
3640    
3641  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
3642      if (class_charcount == 1 &&      if (class_charcount == 1 && !class_utf8 &&
3643            (!utf8 ||        (!utf8 || !negate_class || class_lastchar < 128))
           (!class_utf8 && (!negate_class || class_lastchar < 128))))  
   
3644  #else  #else
3645      if (class_charcount == 1)      if (class_charcount == 1)
3646  #endif  #endif
# Line 2209  for (;; ptr++) Line 3683  for (;; ptr++)
3683      zeroreqbyte = reqbyte;      zeroreqbyte = reqbyte;
3684    
3685      /* If there are characters with values > 255, we have to compile an      /* If there are characters with values > 255, we have to compile an
3686      extended class, with its own opcode. If there are no characters < 256,      extended class, with its own opcode, unless there was a negated special
3687      we can omit the bitmap. */      such as \S in the class, because in that case all characters > 255 are in
3688        the class, so any that were explicitly given as well can be ignored. If
3689        (when there are explicit characters > 255 that must be listed) there are no
3690        characters < 256, we can omit the bitmap in the actual compiled code. */
3691    
3692  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
3693      if (class_utf8)      if (class_utf8 && !should_flip_negation)
3694        {        {
3695        *class_utf8data++ = XCL_END;    /* Marks the end of extra data */        *class_utf8data++ = XCL_END;    /* Marks the end of extra data */
3696        *code++ = OP_XCLASS;        *code++ = OP_XCLASS;
3697        code += LINK_SIZE;        code += LINK_SIZE;
3698        *code = negate_class? XCL_NOT : 0;        *code = negate_class? XCL_NOT : 0;
3699    
3700        /* If the map is required, install it, and move on to the end of        /* If the map is required, move up the extra data to make room for it;
3701        the extra data */        otherwise just move the code pointer to the end of the extra data. */
3702    
3703        if (class_charcount > 0)        if (class_charcount > 0)
3704          {          {
3705          *code++ |= XCL_MAP;          *code++ |= XCL_MAP;
3706            memmove(code + 32, code, class_utf8data - code);
3707          memcpy(code, classbits, 32);          memcpy(code, classbits, 32);
3708          code = class_utf8data;          code = class_utf8data + 32;
         }  
   
       /* If the map is not required, slide down the extra data. */  
   
       else  
         {  
         int len = class_utf8data - (code + 33);  
         memmove(code + 1, code + 33, len);  
         code += len + 1;  
3709          }          }
3710          else code = class_utf8data;
3711    
3712        /* Now fill in the complete length of the item */        /* Now fill in the complete length of the item */
3713    
# Line 2246  for (;; ptr++) Line 3716  for (;; ptr++)
3716        }        }
3717  #endif  #endif
3718    
3719      /* If there are no characters > 255, negate the 32-byte map if necessary,      /* If there are no characters > 255, set the opcode to OP_CLASS or
3720      and copy it into the code vector. If this is the first thing in the branch,      OP_NCLASS, depending on whether the whole class was negated and whether
3721      there can be no first char setting, whatever the repeat count. Any reqbyte      there were negative specials such as \S in the class. Then copy the 32-byte
3722      setting must remain unchanged after any kind of repeat. */      map into the code vector, negating it if necessary. */
3723    
3724        *code++ = (negate_class == should_flip_negation) ? OP_CLASS : OP_NCLASS;
3725      if (negate_class)      if (negate_class)
3726        {        {
3727        *code++ = OP_NCLASS;        if (lengthptr == NULL)    /* Save time in the pre-compile phase */
3728        for (c = 0; c < 32; c++) code[c] = ~classbits[c];          for (c = 0; c < 32; c++) code[c] = ~classbits[c];
3729        }        }
3730      else      else
3731        {        {
       *code++ = OP_CLASS;  
3732        memcpy(code, classbits, 32);        memcpy(code, classbits, 32);
3733        }        }
3734      code += 32;      code += 32;
3735      break;      break;
3736    
3737    
3738        /* ===================================================================*/
3739      /* Various kinds of repeat; '{' is not necessarily a quantifier, but this      /* Various kinds of repeat; '{' is not necessarily a quantifier, but this
3740      has been tested above. */      has been tested above. */
3741    
3742      case '{':      case CHAR_LEFT_CURLY_BRACKET:
3743      if (!is_quantifier) goto NORMAL_CHAR;      if (!is_quantifier) goto NORMAL_CHAR;
3744      ptr = read_repeat_counts(ptr+1, &repeat_min, &repeat_max, errorcodeptr);      ptr = read_repeat_counts(ptr+1, &repeat_min, &repeat_max, errorcodeptr);
3745      if (*errorcodeptr != 0) goto FAILED;      if (*errorcodeptr != 0) goto FAILED;
3746      goto REPEAT;      goto REPEAT;
3747    
3748      case '*':      case CHAR_ASTERISK:
3749      repeat_min = 0;      repeat_min = 0;
3750      repeat_max = -1;      repeat_max = -1;
3751      goto REPEAT;      goto REPEAT;
3752    
3753      case '+':      case CHAR_PLUS:
3754      repeat_min = 1;      repeat_min = 1;
3755      repeat_max = -1;      repeat_max = -1;
3756      goto REPEAT;      goto REPEAT;
3757    
3758      case '?':      case CHAR_QUESTION_MARK:
3759      repeat_min = 0;      repeat_min = 0;
3760      repeat_max = 1;      repeat_max = 1;
3761    
# Line 2318  for (;; ptr++) Line 3790  for (;; ptr++)
3790      but if PCRE_UNGREEDY is set, it works the other way round. We change the      but if PCRE_UNGREEDY is set, it works the other way round. We change the
3791      repeat type to the non-default. */      repeat type to the non-default. */
3792    
3793      if (ptr[1] == '+')      if (ptr[1] == CHAR_PLUS)
3794        {        {
3795        repeat_type = 0;                  /* Force greedy */        repeat_type = 0;                  /* Force greedy */
3796        possessive_quantifier = TRUE;        possessive_quantifier = TRUE;
3797        ptr++;        ptr++;
3798        }        }
3799      else if (ptr[1] == '?')      else if (ptr[1] == CHAR_QUESTION_MARK)
3800        {        {
3801        repeat_type = greedy_non_default;        repeat_type = greedy_non_default;
3802        ptr++;        ptr++;
3803        }        }
3804      else repeat_type = greedy_default;      else repeat_type = greedy_default;
3805    
     /* If previous was a recursion, we need to wrap it inside brackets so that  
     it can be replicated if necessary. */  
   
     if (*previous == OP_RECURSE)  
       {  
       memmove(previous + 1 + LINK_SIZE, previous, 1 + LINK_SIZE);  
       code += 1 + LINK_SIZE;  
       *previous = OP_BRA;  
       PUT(previous, 1, code - previous);  
       *code = OP_KET;  
       PUT(code, 1, code - previous);  
       code += 1 + LINK_SIZE;  
       }  
   
3806      /* If previous was a character match, abolish the item and generate a      /* If previous was a character match, abolish the item and generate a
3807      repeat item instead. If a char item has a minumum of more than one, ensure      repeat item instead. If a char item has a minumum of more than one, ensure
3808      that it is set in reqbyte - it might not be if a sequence such as x{3} is      that it is set in reqbyte - it might not be if a sequence such as x{3} is
# Line 2378  for (;; ptr++) Line 3836  for (;; ptr++)
3836          if (repeat_min > 1) reqbyte = c | req_caseopt | cd->req_varyopt;          if (repeat_min > 1) reqbyte = c | req_caseopt | cd->req_varyopt;
3837          }          }
3838    
3839          /* If the repetition is unlimited, it pays to see if the next thing on
3840          the line is something that cannot possibly match this character. If so,
3841          automatically possessifying this item gains some performance in the case
3842          where the match fails. */
3843    
3844          if (!possessive_quantifier &&
3845              repeat_max < 0 &&
3846              check_auto_possessive(*previous, c, utf8, utf8_char, ptr + 1,
3847                options, cd))
3848            {
3849            repeat_type = 0;    /* Force greedy */
3850            possessive_quantifier = TRUE;
3851            }
3852    
3853        goto OUTPUT_SINGLE_REPEAT;   /* Code shared with single character types */        goto OUTPUT_SINGLE_REPEAT;   /* Code shared with single character types */
3854        }        }
3855    
3856      /* If previous was a single negated character ([^a] or similar), we use      /* If previous was a single negated character ([^a] or similar), we use
3857      one of the special opcodes, replacing it. The code is shared with single-      one of the special opcodes, replacing it. The code is shared with single-
3858      character repeats by setting opt_type to add a suitable offset into      character repeats by setting opt_type to add a suitable offset into
3859      repeat_type. OP_NOT is currently used only for single-byte chars. */      repeat_type. We can also test for auto-possessification. OP_NOT is
3860        currently used only for single-byte chars. */
3861    
3862      else if (*previous == OP_NOT)      else if (*previous == OP_NOT)
3863        {        {
3864        op_type = OP_NOTSTAR - OP_STAR;  /* Use "not" opcodes */        op_type = OP_NOTSTAR - OP_STAR;  /* Use "not" opcodes */
3865        c = previous[1];        c = previous[1];
3866          if (!possessive_quantifier &&
3867              repeat_max < 0 &&
3868              check_auto_possessive(OP_NOT, c, utf8, NULL, ptr + 1, options, cd))
3869            {
3870            repeat_type = 0;    /* Force greedy */
3871            possessive_quantifier = TRUE;
3872            }
3873        goto OUTPUT_SINGLE_REPEAT;        goto OUTPUT_SINGLE_REPEAT;
3874        }        }
3875    
# Line 2403  for (;; ptr++) Line 3883  for (;; ptr++)
3883      else if (*previous < OP_EODN)      else if (*previous < OP_EODN)
3884        {        {
3885        uschar *oldcode;        uschar *oldcode;
3886        int prop_type;        int prop_type, prop_value;
3887        op_type = OP_TYPESTAR - OP_STAR;  /* Use type opcodes */        op_type = OP_TYPESTAR - OP_STAR;  /* Use type opcodes */
3888        c = *previous;        c = *previous;
3889    
3890          if (!possessive_quantifier &&
3891              repeat_max < 0 &&
3892              check_auto_possessive(c, 0, utf8, NULL, ptr + 1, options, cd))
3893            {
3894            repeat_type = 0;    /* Force greedy */
3895            possessive_quantifier = TRUE;
3896            }
3897    
3898        OUTPUT_SINGLE_REPEAT:        OUTPUT_SINGLE_REPEAT:
3899        prop_type = (*previous == OP_PROP || *previous == OP_NOTPROP)?        if (*previous == OP_PROP || *previous == OP_NOTPROP)
3900          previous[1] : -1;          {
3901            prop_type = previous[1];
3902            prop_value = previous[2];
3903            }
3904          else prop_type = prop_value = -1;
3905    
3906        oldcode = code;        oldcode = code;
3907        code = previous;                  /* Usually overwrite previous item */        code = previous;                  /* Usually overwrite previous item */
# Line 2419  for (;; ptr++) Line 3911  for (;; ptr++)
3911    
3912        if (repeat_max == 0) goto END_REPEAT;        if (repeat_max == 0) goto END_REPEAT;
3913    
3914          /*--------------------------------------------------------------------*/
3915          /* This code is obsolete from release 8.00; the restriction was finally
3916          removed: */
3917    
3918        /* All real repeats make it impossible to handle partial matching (maybe        /* All real repeats make it impossible to handle partial matching (maybe
3919        one day we will be able to remove this restriction). */        one day we will be able to remove this restriction). */
3920    
3921        if (repeat_max != 1) cd->nopartial = TRUE;        /* if (repeat_max != 1) cd->external_flags |= PCRE_NOPARTIAL; */
3922          /*--------------------------------------------------------------------*/
3923    
3924        /* Combine the op_type with the repeat_type */        /* Combine the op_type with the repeat_type */
3925    
# Line 2443  for (;; ptr++) Line 3940  for (;; ptr++)
3940          }          }
3941    
3942        /* A repeat minimum of 1 is optimized into some special cases. If the        /* A repeat minimum of 1 is optimized into some special cases. If the
3943        maximum is unlimited, we use OP_PLUS. Otherwise, the original item it        maximum is unlimited, we use OP_PLUS. Otherwise, the original item is
3944        left in place and, if the maximum is greater than 1, we use OP_UPTO with        left in place and, if the maximum is greater than 1, we use OP_UPTO with
3945        one less than the maximum. */        one less than the maximum. */
3946    
# Line 2470  for (;; ptr++) Line 3967  for (;; ptr++)
3967    
3968          /* If the maximum is unlimited, insert an OP_STAR. Before doing so,          /* If the maximum is unlimited, insert an OP_STAR. Before doing so,
3969          we have to insert the character for the previous code. For a repeated          we have to insert the character for the previous code. For a repeated
3970          Unicode property match, there is an extra byte that defines the          Unicode property match, there are two extra bytes that define the
3971          required property. In UTF-8 mode, long characters have their length in          required property. In UTF-8 mode, long characters have their length in
3972          c, with the 0x80 bit as a flag. */          c, with the 0x80 bit as a flag. */
3973    
# Line 2486  for (;; ptr++) Line 3983  for (;; ptr++)
3983  #endif  #endif
3984              {              {
3985              *code++ = c;              *code++ = c;
3986              if (prop_type >= 0) *code++ = prop_type;              if (prop_type >= 0)
3987                  {
3988                  *code++ = prop_type;
3989                  *code++ = prop_value;
3990                  }
3991              }              }
3992            *code++ = OP_STAR + repeat_type;            *code++ = OP_STAR + repeat_type;
3993            }            }
3994    
3995          /* Else insert an UPTO if the max is greater than the min, again          /* Else insert an UPTO if the max is greater than the min, again
3996          preceded by the character, for the previously inserted code. */          preceded by the character, for the previously inserted code. If the
3997            UPTO is just for 1 instance, we can use QUERY instead. */
3998    
3999          else if (repeat_max != repeat_min)          else if (repeat_max != repeat_min)
4000            {            {
# Line 2505  for (;; ptr++) Line 4007  for (;; ptr++)
4007            else            else
4008  #endif  #endif
4009            *code++ = c;            *code++ = c;
4010            if (prop_type >= 0) *code++ = prop_type;            if (prop_type >= 0)
4011                {
4012                *code++ = prop_type;
4013                *code++ = prop_value;
4014                }
4015            repeat_max -= repeat_min;            repeat_max -= repeat_min;
4016            *code++ = OP_UPTO + repeat_type;  
4017            PUT2INC(code, 0, repeat_max);            if (repeat_max == 1)
4018                {
4019                *code++ = OP_QUERY + repeat_type;
4020                }
4021              else
4022                {
4023                *code++ = OP_UPTO + repeat_type;
4024                PUT2INC(code, 0, repeat_max);
4025                }
4026            }            }
4027          }          }
4028    
# Line 2524  for (;; ptr++) Line 4038  for (;; ptr++)
4038  #endif  #endif
4039        *code++ = c;        *code++ = c;
4040    
4041        /* For a repeated Unicode property match, there is an extra byte that        /* For a repeated Unicode property match, there are two extra bytes that
4042        defines the required property. */        define the required property. */
4043    
4044  #ifdef SUPPORT_UCP  #ifdef SUPPORT_UCP
4045        if (prop_type >= 0) *code++ = prop_type;        if (prop_type >= 0)
4046            {
4047            *code++ = prop_type;
4048            *code++ = prop_value;
4049            }
4050  #endif  #endif
4051        }        }
4052    
# Line 2548  for (;; ptr++) Line 4066  for (;; ptr++)
4066          goto END_REPEAT;          goto END_REPEAT;
4067          }          }
4068    
4069          /*--------------------------------------------------------------------*/
4070          /* This code is obsolete from release 8.00; the restriction was finally
4071          removed: */
4072    
4073        /* All real repeats make it impossible to handle partial matching (maybe        /* All real repeats make it impossible to handle partial matching (maybe
4074        one day we will be able to remove this restriction). */        one day we will be able to remove this restriction). */
4075    
4076        if (repeat_max != 1) cd->nopartial = TRUE;        /* if (repeat_max != 1) cd->external_flags |= PCRE_NOPARTIAL; */
4077          /*--------------------------------------------------------------------*/
4078    
4079        if (repeat_min == 0 && repeat_max == -1)        if (repeat_min == 0 && repeat_max == -1)
4080          *code++ = OP_CRSTAR + repeat_type;          *code++ = OP_CRSTAR + repeat_type;
# Line 2571  for (;; ptr++) Line 4094  for (;; ptr++)
4094      /* If previous was a bracket group, we may have to replicate it in certain      /* If previous was a bracket group, we may have to replicate it in certain
4095      cases. */      cases. */
4096    
4097      else if (*previous >= OP_BRA || *previous == OP_ONCE ||      else if (*previous == OP_BRA  || *previous == OP_CBRA ||
4098               *previous == OP_COND)               *previous == OP_ONCE || *previous == OP_COND)
4099        {        {
4100        register int i;        register int i;
4101        int ketoffset = 0;        int ketoffset = 0;
4102        int len = code - previous;        int len = code - previous;
4103        uschar *bralink = NULL;        uschar *bralink = NULL;
4104    
4105          /* Repeating a DEFINE group is pointless */
4106    
4107          if (*previous == OP_COND && previous[LINK_SIZE+1] == OP_DEF)
4108            {
4109            *errorcodeptr = ERR55;
4110            goto FAILED;
4111            }
4112    
4113        /* If the maximum repeat count is unlimited, find the end of the bracket        /* If the maximum repeat count is unlimited, find the end of the bracket
4114        by scanning through from the start, and compute the offset back to it        by scanning through from the start, and compute the offset back to it
4115        from the current code pointer. There may be an OP_OPT setting following        from the current code pointer. There may be an OP_OPT setting following
# Line 2601  for (;; ptr++) Line 4132  for (;; ptr++)
4132    
4133        if (repeat_min == 0)        if (repeat_min == 0)
4134          {          {
4135          /* If the maximum is also zero, we just omit the group from the output          /* If the maximum is also zero, we used to just omit the group from the
4136          altogether. */          output altogether, like this:
   
         if (repeat_max == 0)  
           {  
           code = previous;  
           goto END_REPEAT;  
           }  
4137    
4138          /* If the maximum is 1 or unlimited, we just have to stick in the          ** if (repeat_max == 0)
4139          BRAZERO and do no more at this point. However, we do need to adjust          **   {
4140          any OP_RECURSE calls inside the group that refer to the group itself or          **   code = previous;
4141          any internal group, because the offset is from the start of the whole          **   goto END_REPEAT;
4142          regex. Temporarily terminate the pattern while doing this. */          **   }
4143    
4144            However, that fails when a group is referenced as a subroutine from
4145            elsewhere in the pattern, so now we stick in OP_SKIPZERO in front of it
4146            so that it is skipped on execution. As we don't have a list of which
4147            groups are referenced, we cannot do this selectively.
4148    
4149            If the maximum is 1 or unlimited, we just have to stick in the BRAZERO
4150            and do no more at this point. However, we do need to adjust any
4151            OP_RECURSE calls inside the group that refer to the group itself or any
4152            internal or forward referenced group, because the offset is from the
4153            start of the whole regex. Temporarily terminate the pattern while doing
4154            this. */
4155    
4156          if (repeat_max <= 1)          if (repeat_max <= 1)    /* Covers 0, 1, and unlimited */
4157            {            {
4158            *code = OP_END;            *code = OP_END;
4159            adjust_recurse(previous, 1, utf8, cd);            adjust_recurse(previous, 1, utf8, cd, save_hwm);
4160            memmove(previous+1, previous, len);            memmove(previous+1, previous, len);
4161            code++;            code++;
4162              if (repeat_max == 0)
4163                {
4164                *previous++ = OP_SKIPZERO;
4165                goto END_REPEAT;
4166                }
4167            *previous++ = OP_BRAZERO + repeat_type;            *previous++ = OP_BRAZERO + repeat_type;
4168            }            }
4169    
# Line 2637  for (;; ptr++) Line 4179  for (;; ptr++)
4179            {            {
4180            int offset;            int offset;
4181            *code = OP_END;            *code = OP_END;
4182            adjust_recurse(previous, 2 + LINK_SIZE, utf8, cd);            adjust_recurse(previous, 2 + LINK_SIZE, utf8, cd, save_hwm);
4183            memmove(previous + 2 + LINK_SIZE, previous, len);            memmove(previous + 2 + LINK_SIZE, previous, len);
4184            code += 2 + LINK_SIZE;            code += 2 + LINK_SIZE;
4185            *previous++ = OP_BRAZERO + repeat_type;            *previous++ = OP_BRAZERO + repeat_type;
# Line 2657  for (;; ptr++) Line 4199  for (;; ptr++)
4199        /* If the minimum is greater than zero, replicate the group as many        /* If the minimum is greater than zero, replicate the group as many
4200        times as necessary, and adjust the maximum to the number of subsequent        times as necessary, and adjust the maximum to the number of subsequent
4201        copies that we need. If we set a first char from the group, and didn't        copies that we need. If we set a first char from the group, and didn't
4202        set a required char, copy the latter from the former. */        set a required char, copy the latter from the former. If there are any
4203          forward reference subroutine calls in the group, there will be entries on
4204          the workspace list; replicate these with an appropriate increment. */
4205    
4206        else        else
4207          {          {
4208          if (repeat_min > 1)          if (repeat_min > 1)
4209            {            {
4210            if (groupsetfirstbyte && reqbyte < 0) reqbyte = firstbyte;            /* In the pre-compile phase, we don't actually do the replication. We
4211            for (i = 1; i < repeat_min; i++)            just adjust the length as if we had. Do some paranoid checks for
4212              potential integer overflow. */
4213    
4214              if (lengthptr != NULL)
4215                {
4216                int delta = (repeat_min - 1)*length_prevgroup;
4217                if ((double)(repeat_min - 1)*(double)length_prevgroup >
4218                                                                (double)INT_MAX ||
4219                    OFLOW_MAX - *lengthptr < delta)
4220                  {
4221                  *errorcodeptr = ERR20;
4222                  goto FAILED;
4223                  }
4224                *lengthptr += delta;
4225                }
4226    
4227              /* This is compiling for real */
4228    
4229              else
4230              {              {
4231              memcpy(code, previous, len);              if (groupsetfirstbyte && reqbyte < 0) reqbyte = firstbyte;
4232              code += len;              for (i = 1; i < repeat_min; i++)
4233                  {
4234                  uschar *hc;
4235                  uschar *this_hwm = cd->hwm;
4236                  memcpy(code, previous, len);
4237                  for (hc = save_hwm; hc < this_hwm; hc += LINK_SIZE)
4238                    {
4239                    PUT(cd->hwm, 0, GET(hc, 0) + len);
4240                    cd->hwm += LINK_SIZE;
4241                    }
4242                  save_hwm = this_hwm;
4243                  code += len;
4244                  }
4245              }              }
4246            }            }
4247    
4248          if (repeat_max > 0) repeat_max -= repeat_min;          if (repeat_max > 0) repeat_max -= repeat_min;
4249          }          }
4250    
# Line 2677  for (;; ptr++) Line 4252  for (;; ptr++)
4252        the maximum is limited, it replicates the group in a nested fashion,        the maximum is limited, it replicates the group in a nested fashion,
4253        remembering the bracket starts on a stack. In the case of a zero minimum,        remembering the bracket starts on a stack. In the case of a zero minimum,
4254        the first one was set up above. In all cases the repeat_max now specifies        the first one was set up above. In all cases the repeat_max now specifies
4255        the number of additional copies needed. */        the number of additional copies needed. Again, we must remember to
4256          replicate entries on the forward reference list. */
4257    
4258        if (repeat_max >= 0)        if (repeat_max >= 0)
4259          {          {
4260          for (i = repeat_max - 1; i >= 0; i--)          /* In the pre-compile phase, we don't actually do the replication. We
4261            just adjust the length as if we had. For each repetition we must add 1
4262            to the length for BRAZERO and for all but the last repetition we must
4263            add 2 + 2*LINKSIZE to allow for the nesting that occurs. Do some
4264            paranoid checks to avoid integer overflow. */
4265    
4266            if (lengthptr != NULL && repeat_max > 0)
4267              {
4268              int delta = repeat_max * (length_prevgroup + 1 + 2 + 2*LINK_SIZE) -
4269                          2 - 2*LINK_SIZE;   /* Last one doesn't nest */
4270              if ((double)repeat_max *
4271                    (double)(length_prevgroup + 1 + 2 + 2*LINK_SIZE)
4272                      > (double)INT_MAX ||
4273                  OFLOW_MAX - *lengthptr < delta)
4274                {
4275                *errorcodeptr = ERR20;
4276                goto FAILED;
4277                }
4278              *lengthptr += delta;
4279              }
4280    
4281            /* This is compiling for real */
4282    
4283            else for (i = repeat_max - 1; i >= 0; i--)
4284            {            {
4285              uschar *hc;
4286              uschar *this_hwm = cd->hwm;
4287    
4288            *code++ = OP_BRAZERO + repeat_type;            *code++ = OP_BRAZERO + repeat_type;
4289    
4290            /* All but the final copy start a new nesting, maintaining the            /* All but the final copy start a new nesting, maintaining the
# Line 2698  for (;; ptr++) Line 4300  for (;; ptr++)
4300              }              }
4301    
4302            memcpy(code, previous, len);            memcpy(code, previous, len);
4303              for (hc = save_hwm; hc < this_hwm; hc += LINK_SIZE)
4304                {
4305                PUT(cd->hwm, 0, GET(hc, 0) + len + ((i != 0)? 2+LINK_SIZE : 1));
4306                cd->hwm += LINK_SIZE;
4307                }
4308              save_hwm = this_hwm;
4309            code += len;            code += len;
4310            }            }
4311    
# Line 2720  for (;; ptr++) Line 4328  for (;; ptr++)
4328        /* If the maximum is unlimited, set a repeater in the final copy. We        /* If the maximum is unlimited, set a repeater in the final copy. We
4329        can't just offset backwards from the current code point, because we        can't just offset backwards from the current code point, because we
4330        don't know if there's been an options resetting after the ket. The        don't know if there's been an options resetting after the ket. The
4331        correct offset was computed above. */        correct offset was computed above.
4332    
4333          Then, when we are doing the actual compile phase, check to see whether
4334          this group is a non-atomic one that could match an empty string. If so,
4335          convert the initial operator to the S form (e.g. OP_BRA -> OP_SBRA) so
4336          that runtime checking can be done. [This check is also applied to
4337          atomic groups at runtime, but in a different way.] */
4338    
4339        else code[-ketoffset] = OP_KETRMAX + repeat_type;        else
4340            {
4341