/[pcre]/code/trunk/pcre_compile.c
ViewVC logotype

Diff of /code/trunk/pcre_compile.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 87 by nigel, Sat Feb 24 21:41:21 2007 UTC revision 503 by ph10, Sun Mar 7 17:35:52 2010 UTC
# Line 6  Line 6 
6  and semantics are as close as possible to those of the Perl 5 language.  and semantics are as close as possible to those of the Perl 5 language.
7    
8                         Written by Philip Hazel                         Written by Philip Hazel
9             Copyright (c) 1997-2006 University of Cambridge             Copyright (c) 1997-2010 University of Cambridge
10    
11  -----------------------------------------------------------------------------  -----------------------------------------------------------------------------
12  Redistribution and use in source and binary forms, with or without  Redistribution and use in source and binary forms, with or without
# Line 42  POSSIBILITY OF SUCH DAMAGE. Line 42  POSSIBILITY OF SUCH DAMAGE.
42  supporting internal functions that are not used by other modules. */  supporting internal functions that are not used by other modules. */
43    
44    
45    #ifdef HAVE_CONFIG_H
46    #include "config.h"
47    #endif
48    
49    #define NLBLOCK cd             /* Block containing newline information */
50    #define PSSTART start_pattern  /* Field containing processed string start */
51    #define PSEND   end_pattern    /* Field containing processed string end */
52    
53  #include "pcre_internal.h"  #include "pcre_internal.h"
54    
55    
56  /* When DEBUG is defined, we need the pcre_printint() function, which is also  /* When PCRE_DEBUG is defined, we need the pcre_printint() function, which is
57  used by pcretest. DEBUG is not defined when building a production library. */  also used by pcretest. PCRE_DEBUG is not defined when building a production
58    library. */
59    
60  #ifdef DEBUG  #ifdef PCRE_DEBUG
61  #include "pcre_printint.src"  #include "pcre_printint.src"
62  #endif  #endif
63    
64    
65    /* Macro for setting individual bits in class bitmaps. */
66    
67    #define SETBIT(a,b) a[b/8] |= (1 << (b%8))
68    
69    /* Maximum length value to check against when making sure that the integer that
70    holds the compiled pattern length does not overflow. We make it a bit less than
71    INT_MAX to allow for adding in group terminating bytes, so that we don't have
72    to check them every time. */
73    
74    #define OFLOW_MAX (INT_MAX - 20)
75    
76    
77  /*************************************************  /*************************************************
78  *      Code parameters and static tables         *  *      Code parameters and static tables         *
79  *************************************************/  *************************************************/
80    
81  /* Maximum number of items on the nested bracket stacks at compile time. This  /* This value specifies the size of stack workspace that is used during the
82  applies to the nesting of all kinds of parentheses. It does not limit  first pre-compile phase that determines how much memory is required. The regex
83  un-nested, non-capturing parentheses. This number can be made bigger if  is partly compiled into this space, but the compiled parts are discarded as
84  necessary - it is used to dimension one int and one unsigned char vector at  soon as they can be, so that hopefully there will never be an overrun. The code
85  compile time. */  does, however, check for an overrun. The largest amount I've seen used is 218,
86    so this number is very generous.
87    
88    The same workspace is used during the second, actual compile phase for
89    remembering forward references to groups so that they can be filled in at the
90    end. Each entry in this list occupies LINK_SIZE bytes, so even when LINK_SIZE
91    is 4 there is plenty of room. */
92    
93  #define BRASTACK_SIZE 200  #define COMPILE_WORK_SIZE (4096)
94    
95    
96  /* Table for handling escaped characters in the range '0'-'z'. Positive returns  /* Table for handling escaped characters in the range '0'-'z'. Positive returns
# Line 72  are simple data values; negative values Line 98  are simple data values; negative values
98  on. Zero means further processing is needed (for things like \x), or the escape  on. Zero means further processing is needed (for things like \x), or the escape
99  is invalid. */  is invalid. */
100    
101  #if !EBCDIC   /* This is the "normal" table for ASCII systems */  #ifndef EBCDIC
102    
103    /* This is the "normal" table for ASCII systems or for EBCDIC systems running
104    in UTF-8 mode. */
105    
106  static const short int escapes[] = {  static const short int escapes[] = {
107       0,      0,      0,      0,      0,      0,      0,      0,   /* 0 - 7 */       0,                       0,
108       0,      0,    ':',    ';',    '<',    '=',    '>',    '?',   /* 8 - ? */       0,                       0,
109     '@', -ESC_A, -ESC_B, -ESC_C, -ESC_D, -ESC_E,      0, -ESC_G,   /* @ - G */       0,                       0,
110       0,      0,      0,      0,      0,      0,      0,      0,   /* H - O */       0,                       0,
111  -ESC_P, -ESC_Q,      0, -ESC_S,      0,      0,      0, -ESC_W,   /* P - W */       0,                       0,
112  -ESC_X,      0, -ESC_Z,    '[',   '\\',    ']',    '^',    '_',   /* X - _ */       CHAR_COLON,              CHAR_SEMICOLON,
113     '`',      7, -ESC_b,      0, -ESC_d,  ESC_e,  ESC_f,      0,   /* ` - g */       CHAR_LESS_THAN_SIGN,     CHAR_EQUALS_SIGN,
114       0,      0,      0,      0,      0,      0,  ESC_n,      0,   /* h - o */       CHAR_GREATER_THAN_SIGN,  CHAR_QUESTION_MARK,
115  -ESC_p,      0,  ESC_r, -ESC_s,  ESC_tee,    0,      0, -ESC_w,   /* p - w */       CHAR_COMMERCIAL_AT,      -ESC_A,
116       0,      0, -ESC_z                                            /* x - z */       -ESC_B,                  -ESC_C,
117         -ESC_D,                  -ESC_E,
118         0,                       -ESC_G,
119         -ESC_H,                  0,
120         0,                       -ESC_K,
121         0,                       0,
122         0,                       0,
123         -ESC_P,                  -ESC_Q,
124         -ESC_R,                  -ESC_S,
125         0,                       0,
126         -ESC_V,                  -ESC_W,
127         -ESC_X,                  0,
128         -ESC_Z,                  CHAR_LEFT_SQUARE_BRACKET,
129         CHAR_BACKSLASH,          CHAR_RIGHT_SQUARE_BRACKET,
130         CHAR_CIRCUMFLEX_ACCENT,  CHAR_UNDERSCORE,
131         CHAR_GRAVE_ACCENT,       7,
132         -ESC_b,                  0,
133         -ESC_d,                  ESC_e,
134         ESC_f,                   0,
135         -ESC_h,                  0,
136         0,                       -ESC_k,
137         0,                       0,
138         ESC_n,                   0,
139         -ESC_p,                  0,
140         ESC_r,                   -ESC_s,
141         ESC_tee,                 0,
142         -ESC_v,                  -ESC_w,
143         0,                       0,
144         -ESC_z
145  };  };
146    
147  #else         /* This is the "abnormal" table for EBCDIC systems */  #else
148    
149    /* This is the "abnormal" table for EBCDIC systems without UTF-8 support. */
150    
151  static const short int escapes[] = {  static const short int escapes[] = {
152  /*  48 */     0,     0,      0,     '.',    '<',   '(',    '+',    '|',  /*  48 */     0,     0,      0,     '.',    '<',   '(',    '+',    '|',
153  /*  50 */   '&',     0,      0,       0,      0,     0,      0,      0,  /*  50 */   '&',     0,      0,       0,      0,     0,      0,      0,
# Line 96  static const short int escapes[] = { Line 157  static const short int escapes[] = {
157  /*  70 */     0,     0,      0,       0,      0,     0,      0,      0,  /*  70 */     0,     0,      0,       0,      0,     0,      0,      0,
158  /*  78 */     0,   '`',    ':',     '#',    '@',  '\'',    '=',    '"',  /*  78 */     0,   '`',    ':',     '#',    '@',  '\'',    '=',    '"',
159  /*  80 */     0,     7, -ESC_b,       0, -ESC_d, ESC_e,  ESC_f,      0,  /*  80 */     0,     7, -ESC_b,       0, -ESC_d, ESC_e,  ESC_f,      0,
160  /*  88 */     0,     0,      0,     '{',      0,     0,      0,      0,  /*  88 */-ESC_h,     0,      0,     '{',      0,     0,      0,      0,
161  /*  90 */     0,     0,      0,     'l',      0, ESC_n,      0, -ESC_p,  /*  90 */     0,     0, -ESC_k,     'l',      0, ESC_n,      0, -ESC_p,
162  /*  98 */     0, ESC_r,      0,     '}',      0,     0,      0,      0,  /*  98 */     0, ESC_r,      0,     '}',      0,     0,      0,      0,
163  /*  A0 */     0,   '~', -ESC_s, ESC_tee,      0,     0, -ESC_w,      0,  /*  A0 */     0,   '~', -ESC_s, ESC_tee,      0,-ESC_v, -ESC_w,      0,
164  /*  A8 */     0,-ESC_z,      0,       0,      0,   '[',      0,      0,  /*  A8 */     0,-ESC_z,      0,       0,      0,   '[',      0,      0,
165  /*  B0 */     0,     0,      0,       0,      0,     0,      0,      0,  /*  B0 */     0,     0,      0,       0,      0,     0,      0,      0,
166  /*  B8 */     0,     0,      0,       0,      0,   ']',    '=',    '-',  /*  B8 */     0,     0,      0,       0,      0,   ']',    '=',    '-',
167  /*  C0 */   '{',-ESC_A, -ESC_B,  -ESC_C, -ESC_D,-ESC_E,      0, -ESC_G,  /*  C0 */   '{',-ESC_A, -ESC_B,  -ESC_C, -ESC_D,-ESC_E,      0, -ESC_G,
168  /*  C8 */     0,     0,      0,       0,      0,     0,      0,      0,  /*  C8 */-ESC_H,     0,      0,       0,      0,     0,      0,      0,
169  /*  D0 */   '}',     0,      0,       0,      0,     0,      0, -ESC_P,  /*  D0 */   '}',     0, -ESC_K,       0,      0,     0,      0, -ESC_P,
170  /*  D8 */-ESC_Q,     0,      0,       0,      0,     0,      0,      0,  /*  D8 */-ESC_Q,-ESC_R,      0,       0,      0,     0,      0,      0,
171  /*  E0 */  '\\',     0, -ESC_S,       0,      0,     0, -ESC_W, -ESC_X,  /*  E0 */  '\\',     0, -ESC_S,       0,      0,-ESC_V, -ESC_W, -ESC_X,
172  /*  E8 */     0,-ESC_Z,      0,       0,      0,     0,      0,      0,  /*  E8 */     0,-ESC_Z,      0,       0,      0,     0,      0,      0,
173  /*  F0 */     0,     0,      0,       0,      0,     0,      0,      0,  /*  F0 */     0,     0,      0,       0,      0,     0,      0,      0,
174  /*  F8 */     0,     0,      0,       0,      0,     0,      0,      0  /*  F8 */     0,     0,      0,       0,      0,     0,      0,      0
# Line 115  static const short int escapes[] = { Line 176  static const short int escapes[] = {
176  #endif  #endif
177    
178    
179  /* Tables of names of POSIX character classes and their lengths. The list is  /* Table of special "verbs" like (*PRUNE). This is a short table, so it is
180  terminated by a zero length entry. The first three must be alpha, lower, upper,  searched linearly. Put all the names into a single string, in order to reduce
181  as this is assumed for handling case independence. */  the number of relocations when a shared library is dynamically linked. The
182    string is built from string macros so that it works in UTF-8 mode on EBCDIC
183  static const char *const posix_names[] = {  platforms. */
184    "alpha", "lower", "upper",  
185    "alnum", "ascii", "blank", "cntrl", "digit", "graph",  typedef struct verbitem {
186    "print", "punct", "space", "word",  "xdigit" };    int   len;
187      int   op;
188    } verbitem;
189    
190    static const char verbnames[] =
191      STRING_ACCEPT0
192      STRING_COMMIT0
193      STRING_F0
194      STRING_FAIL0
195      STRING_PRUNE0
196      STRING_SKIP0
197      STRING_THEN;
198    
199    static const verbitem verbs[] = {
200      { 6, OP_ACCEPT },
201      { 6, OP_COMMIT },
202      { 1, OP_FAIL },
203      { 4, OP_FAIL },
204      { 5, OP_PRUNE },
205      { 4, OP_SKIP  },
206      { 4, OP_THEN  }
207    };
208    
209    static const int verbcount = sizeof(verbs)/sizeof(verbitem);
210    
211    
212    /* Tables of names of POSIX character classes and their lengths. The names are
213    now all in a single string, to reduce the number of relocations when a shared
214    library is dynamically loaded. The list of lengths is terminated by a zero
215    length entry. The first three must be alpha, lower, upper, as this is assumed
216    for handling case independence. */
217    
218    static const char posix_names[] =
219      STRING_alpha0 STRING_lower0 STRING_upper0 STRING_alnum0
220      STRING_ascii0 STRING_blank0 STRING_cntrl0 STRING_digit0
221      STRING_graph0 STRING_print0 STRING_punct0 STRING_space0
222      STRING_word0  STRING_xdigit;
223    
224  static const uschar posix_name_lengths[] = {  static const uschar posix_name_lengths[] = {
225    5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };    5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };
# Line 155  static const int posix_class_maps[] = { Line 252  static const int posix_class_maps[] = {
252  };  };
253    
254    
255  /* The texts of compile-time error messages. These are "char *" because they  #define STRING(a)  # a
256  are passed to the outside world. */  #define XSTRING(s) STRING(s)
257    
258  static const char *error_texts[] = {  /* The texts of compile-time error messages. These are "char *" because they
259    "no error",  are passed to the outside world. Do not ever re-use any error number, because
260    "\\ at end of pattern",  they are documented. Always add a new error instead. Messages marked DEAD below
261    "\\c at end of pattern",  are no longer used. This used to be a table of strings, but in order to reduce
262    "unrecognized character follows \\",  the number of relocations needed when a shared library is loaded dynamically,
263    "numbers out of order in {} quantifier",  it is now one long string. We cannot use a table of offsets, because the
264    lengths of inserts such as XSTRING(MAX_NAME_SIZE) are not known. Instead, we
265    simply count through to the one we want - this isn't a performance issue
266    because these strings are used only when there is a compilation error.
267    
268    Each substring ends with \0 to insert a null character. This includes the final
269    substring, so that the whole string ends with \0\0, which can be detected when
270    counting through. */
271    
272    static const char error_texts[] =
273      "no error\0"
274      "\\ at end of pattern\0"
275      "\\c at end of pattern\0"
276      "unrecognized character follows \\\0"
277      "numbers out of order in {} quantifier\0"
278    /* 5 */    /* 5 */
279    "number too big in {} quantifier",    "number too big in {} quantifier\0"
280    "missing terminating ] for character class",    "missing terminating ] for character class\0"
281    "invalid escape sequence in character class",    "invalid escape sequence in character class\0"
282    "range out of order in character class",    "range out of order in character class\0"
283    "nothing to repeat",    "nothing to repeat\0"
284    /* 10 */    /* 10 */
285    "operand of unlimited repeat could match the empty string",    "operand of unlimited repeat could match the empty string\0"  /** DEAD **/
286    "internal error: unexpected repeat",    "internal error: unexpected repeat\0"
287    "unrecognized character after (?",    "unrecognized character after (? or (?-\0"
288    "POSIX named classes are supported only within a class",    "POSIX named classes are supported only within a class\0"
289    "missing )",    "missing )\0"
290    /* 15 */    /* 15 */
291    "reference to non-existent subpattern",    "reference to non-existent subpattern\0"
292    "erroffset passed as NULL",    "erroffset passed as NULL\0"
293    "unknown option bit(s) set",    "unknown option bit(s) set\0"
294    "missing ) after comment",    "missing ) after comment\0"
295    "parentheses nested too deeply",    "parentheses nested too deeply\0"  /** DEAD **/
296    /* 20 */    /* 20 */
297    "regular expression too large",    "regular expression is too large\0"
298    "failed to get memory",    "failed to get memory\0"
299    "unmatched parentheses",    "unmatched parentheses\0"
300    "internal error: code overflow",    "internal error: code overflow\0"
301    "unrecognized character after (?<",    "unrecognized character after (?<\0"
302    /* 25 */    /* 25 */
303    "lookbehind assertion is not fixed length",    "lookbehind assertion is not fixed length\0"
304    "malformed number after (?(",    "malformed number or name after (?(\0"
305    "conditional group contains more than two branches",    "conditional group contains more than two branches\0"
306    "assertion expected after (?(",    "assertion expected after (?(\0"
307    "(?R or (?digits must be followed by )",    "(?R or (?[+-]digits must be followed by )\0"
308    /* 30 */    /* 30 */
309    "unknown POSIX class name",    "unknown POSIX class name\0"
310    "POSIX collating elements are not supported",    "POSIX collating elements are not supported\0"
311    "this version of PCRE is not compiled with PCRE_UTF8 support",    "this version of PCRE is not compiled with PCRE_UTF8 support\0"
312    "spare error",    "spare error\0"  /** DEAD **/
313    "character value in \\x{...} sequence is too large",    "character value in \\x{...} sequence is too large\0"
314    /* 35 */    /* 35 */
315    "invalid condition (?(0)",    "invalid condition (?(0)\0"
316    "\\C not allowed in lookbehind assertion",    "\\C not allowed in lookbehind assertion\0"
317    "PCRE does not support \\L, \\l, \\N, \\U, or \\u",    "PCRE does not support \\L, \\l, \\N, \\U, or \\u\0"
318    "number after (?C is > 255",    "number after (?C is > 255\0"
319    "closing ) for (?C expected",    "closing ) for (?C expected\0"
320    /* 40 */    /* 40 */
321    "recursive call could loop indefinitely",    "recursive call could loop indefinitely\0"
322    "unrecognized character after (?P",    "unrecognized character after (?P\0"
323    "syntax error after (?P",    "syntax error in subpattern name (missing terminator)\0"
324    "two named groups have the same name",    "two named subpatterns have the same name\0"
325    "invalid UTF-8 string",    "invalid UTF-8 string\0"
326    /* 45 */    /* 45 */
327    "support for \\P, \\p, and \\X has not been compiled",    "support for \\P, \\p, and \\X has not been compiled\0"
328    "malformed \\P or \\p sequence",    "malformed \\P or \\p sequence\0"
329    "unknown property name after \\P or \\p"    "unknown property name after \\P or \\p\0"
330  };    "subpattern name is too long (maximum " XSTRING(MAX_NAME_SIZE) " characters)\0"
331      "too many named subpatterns (maximum " XSTRING(MAX_NAME_COUNT) ")\0"
332      /* 50 */
333      "repeated subpattern is too long\0"    /** DEAD **/
334      "octal value is greater than \\377 (not in UTF-8 mode)\0"
335      "internal error: overran compiling workspace\0"
336      "internal error: previously-checked referenced subpattern not found\0"
337      "DEFINE group contains more than one branch\0"
338      /* 55 */
339      "repeating a DEFINE group is not allowed\0"
340      "inconsistent NEWLINE options\0"
341      "\\g is not followed by a braced, angle-bracketed, or quoted name/number or by a plain number\0"
342      "a numbered reference must not be zero\0"
343      "(*VERB) with an argument is not supported\0"
344      /* 60 */
345      "(*VERB) not recognized\0"
346      "number is too big\0"
347      "subpattern name expected\0"
348      "digit expected after (?+\0"
349      "] is an invalid data character in JavaScript compatibility mode\0"
350      /* 65 */
351      "different names for subpatterns of the same number are not allowed\0";
352    
353  /* Table to identify digits and hex digits. This is used when compiling  /* Table to identify digits and hex digits. This is used when compiling
354  patterns. Note that the tables in chartables are dependent on the locale, and  patterns. Note that the tables in chartables are dependent on the locale, and
# Line 235  For convenience, we use the same bit def Line 366  For convenience, we use the same bit def
366    
367  Then we can use ctype_digit and ctype_xdigit in the code. */  Then we can use ctype_digit and ctype_xdigit in the code. */
368    
369  #if !EBCDIC    /* This is the "normal" case, for ASCII systems */  #ifndef EBCDIC
370    
371    /* This is the "normal" case, for ASCII systems, and EBCDIC systems running in
372    UTF-8 mode. */
373    
374  static const unsigned char digitab[] =  static const unsigned char digitab[] =
375    {    {
376    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7 */
# Line 271  static const unsigned char digitab[] = Line 406  static const unsigned char digitab[] =
406    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 240-247 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 240-247 */
407    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};/* 248-255 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};/* 248-255 */
408    
409  #else          /* This is the "abnormal" case, for EBCDIC systems */  #else
410    
411    /* This is the "abnormal" case, for EBCDIC systems not running in UTF-8 mode. */
412    
413  static const unsigned char digitab[] =  static const unsigned char digitab[] =
414    {    {
415    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7  0 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7  0 */
# Line 285  static const unsigned char digitab[] = Line 423  static const unsigned char digitab[] =
423    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*    - 71 40 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*    - 71 40 */
424    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  72- |     */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  72- |     */
425    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  & - 87 50 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  & - 87 50 */
426    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  88-     */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  88- 95    */
427    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  - -103 60 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  - -103 60 */
428    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 104- ?     */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 104- ?     */
429    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 70 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 70 */
# Line 319  static const unsigned char ebcdic_charta Line 457  static const unsigned char ebcdic_charta
457    0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*    - 71 */    0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*    - 71 */
458    0x00,0x00,0x00,0x80,0x00,0x80,0x80,0x80, /*  72- |  */    0x00,0x00,0x00,0x80,0x00,0x80,0x80,0x80, /*  72- |  */
459    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  & - 87 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  & - 87 */
460    0x00,0x00,0x00,0x80,0x80,0x80,0x00,0x00, /*  88-  */    0x00,0x00,0x00,0x80,0x80,0x80,0x00,0x00, /*  88- 95 */
461    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  - -103 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  - -103 */
462    0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x80, /* 104- ?  */    0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x80, /* 104- ?  */
463    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 */
# Line 346  static const unsigned char ebcdic_charta Line 484  static const unsigned char ebcdic_charta
484  /* Definition to allow mutual recursion */  /* Definition to allow mutual recursion */
485    
486  static BOOL  static BOOL
487    compile_regex(int, int, int *, uschar **, const uschar **, int *, BOOL, int,    compile_regex(int, int, uschar **, const uschar **, int *, BOOL, BOOL, int,
488      int *, int *, branch_chain *, compile_data *);      int *, int *, branch_chain *, compile_data *, int *);
489    
490    
491    
492    /*************************************************
493    *            Find an error text                  *
494    *************************************************/
495    
496    /* The error texts are now all in one long string, to save on relocations. As
497    some of the text is of unknown length, we can't use a table of offsets.
498    Instead, just count through the strings. This is not a performance issue
499    because it happens only when there has been a compilation error.
500    
501    Argument:   the error number
502    Returns:    pointer to the error string
503    */
504    
505    static const char *
506    find_error_text(int n)
507    {
508    const char *s = error_texts;
509    for (; n > 0; n--)
510      {
511      while (*s++ != 0) {};
512      if (*s == 0) return "Error text not found (please report)";
513      }
514    return s;
515    }
516    
517    
518  /*************************************************  /*************************************************
# Line 357  static BOOL Line 521  static BOOL
521    
522  /* This function is called when a \ has been encountered. It either returns a  /* This function is called when a \ has been encountered. It either returns a
523  positive value for a simple escape such as \n, or a negative value which  positive value for a simple escape such as \n, or a negative value which
524  encodes one of the more complicated things such as \d. When UTF-8 is enabled,  encodes one of the more complicated things such as \d. A backreference to group
525  a positive value greater than 255 may be returned. On entry, ptr is pointing at  n is returned as -(ESC_REF + n); ESC_REF is the highest ESC_xxx macro. When
526  the \. On exit, it is on the final character of the escape sequence.  UTF-8 is enabled, a positive value greater than 255 may be returned. On entry,
527    ptr is pointing at the \. On exit, it is on the final character of the escape
528    sequence.
529    
530  Arguments:  Arguments:
531    ptrptr         points to the pattern position pointer    ptrptr         points to the pattern position pointer
# Line 370  Arguments: Line 536  Arguments:
536    
537  Returns:         zero or positive => a data character  Returns:         zero or positive => a data character
538                   negative => a special escape sequence                   negative => a special escape sequence
539                   on error, errorptr is set                   on error, errorcodeptr is set
540  */  */
541    
542  static int  static int
# Line 388  ptr--;                            /* Set Line 554  ptr--;                            /* Set
554    
555  if (c == 0) *errorcodeptr = ERR1;  if (c == 0) *errorcodeptr = ERR1;
556    
557  /* Non-alphamerics are literals. For digits or letters, do an initial lookup in  /* Non-alphanumerics are literals. For digits or letters, do an initial lookup
558  a table. A non-zero result is something that can be returned immediately.  in a table. A non-zero result is something that can be returned immediately.
559  Otherwise further processing may be required. */  Otherwise further processing may be required. */
560    
561  #if !EBCDIC    /* ASCII coding */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
562  else if (c < '0' || c > 'z') {}                           /* Not alphameric */  else if (c < CHAR_0 || c > CHAR_z) {}                     /* Not alphanumeric */
563  else if ((i = escapes[c - '0']) != 0) c = i;  else if ((i = escapes[c - CHAR_0]) != 0) c = i;
564    
565  #else          /* EBCDIC coding */  #else           /* EBCDIC coding */
566  else if (c < 'a' || (ebcdic_chartab[c] & 0x0E) == 0) {}   /* Not alphameric */  else if (c < 'a' || (ebcdic_chartab[c] & 0x0E) == 0) {}   /* Not alphanumeric */
567  else if ((i = escapes[c - 0x48]) != 0)  c = i;  else if ((i = escapes[c - 0x48]) != 0)  c = i;
568  #endif  #endif
569    
# Line 406  else if ((i = escapes[c - 0x48]) != 0) Line 572  else if ((i = escapes[c - 0x48]) != 0)
572  else  else
573    {    {
574    const uschar *oldptr;    const uschar *oldptr;
575      BOOL braced, negated;
576    
577    switch (c)    switch (c)
578      {      {
579      /* A number of Perl escapes are not handled by PCRE. We give an explicit      /* A number of Perl escapes are not handled by PCRE. We give an explicit
580      error. */      error. */
581    
582      case 'l':      case CHAR_l:
583      case 'L':      case CHAR_L:
584      case 'N':      case CHAR_N:
585      case 'u':      case CHAR_u:
586      case 'U':      case CHAR_U:
587      *errorcodeptr = ERR37;      *errorcodeptr = ERR37;
588      break;      break;
589    
590        /* \g must be followed by one of a number of specific things:
591    
592        (1) A number, either plain or braced. If positive, it is an absolute
593        backreference. If negative, it is a relative backreference. This is a Perl
594        5.10 feature.
595    
596        (2) Perl 5.10 also supports \g{name} as a reference to a named group. This
597        is part of Perl's movement towards a unified syntax for back references. As
598        this is synonymous with \k{name}, we fudge it up by pretending it really
599        was \k.
600    
601        (3) For Oniguruma compatibility we also support \g followed by a name or a
602        number either in angle brackets or in single quotes. However, these are
603        (possibly recursive) subroutine calls, _not_ backreferences. Just return
604        the -ESC_g code (cf \k). */
605    
606        case CHAR_g:
607        if (ptr[1] == CHAR_LESS_THAN_SIGN || ptr[1] == CHAR_APOSTROPHE)
608          {
609          c = -ESC_g;
610          break;
611          }
612    
613        /* Handle the Perl-compatible cases */
614    
615        if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
616          {
617          const uschar *p;
618          for (p = ptr+2; *p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET; p++)
619            if (*p != CHAR_MINUS && (digitab[*p] & ctype_digit) == 0) break;
620          if (*p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET)
621            {
622            c = -ESC_k;
623            break;
624            }
625          braced = TRUE;
626          ptr++;
627          }
628        else braced = FALSE;
629    
630        if (ptr[1] == CHAR_MINUS)
631          {
632          negated = TRUE;
633          ptr++;
634          }
635        else negated = FALSE;
636    
637        c = 0;
638        while ((digitab[ptr[1]] & ctype_digit) != 0)
639          c = c * 10 + *(++ptr) - CHAR_0;
640    
641        if (c < 0)   /* Integer overflow */
642          {
643          *errorcodeptr = ERR61;
644          break;
645          }
646    
647        if (braced && *(++ptr) != CHAR_RIGHT_CURLY_BRACKET)
648          {
649          *errorcodeptr = ERR57;
650          break;
651          }
652    
653        if (c == 0)
654          {
655          *errorcodeptr = ERR58;
656          break;
657          }
658    
659        if (negated)
660          {
661          if (c > bracount)
662            {
663            *errorcodeptr = ERR15;
664            break;
665            }
666          c = bracount - (c - 1);
667          }
668    
669        c = -(ESC_REF + c);
670        break;
671    
672      /* The handling of escape sequences consisting of a string of digits      /* The handling of escape sequences consisting of a string of digits
673      starting with one that is not zero is not straightforward. By experiment,      starting with one that is not zero is not straightforward. By experiment,
674      the way Perl works seems to be as follows:      the way Perl works seems to be as follows:
# Line 431  else Line 681  else
681      value is greater than 377, the least significant 8 bits are taken. Inside a      value is greater than 377, the least significant 8 bits are taken. Inside a
682      character class, \ followed by a digit is always an octal number. */      character class, \ followed by a digit is always an octal number. */
683    
684      case '1': case '2': case '3': case '4': case '5':      case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4: case CHAR_5:
685      case '6': case '7': case '8': case '9':      case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
686    
687      if (!isclass)      if (!isclass)
688        {        {
689        oldptr = ptr;        oldptr = ptr;
690        c -= '0';        c -= CHAR_0;
691        while ((digitab[ptr[1]] & ctype_digit) != 0)        while ((digitab[ptr[1]] & ctype_digit) != 0)
692          c = c * 10 + *(++ptr) - '0';          c = c * 10 + *(++ptr) - CHAR_0;
693          if (c < 0)    /* Integer overflow */
694            {
695            *errorcodeptr = ERR61;
696            break;
697            }
698        if (c < 10 || c <= bracount)        if (c < 10 || c <= bracount)
699          {          {
700          c = -(ESC_REF + c);          c = -(ESC_REF + c);
# Line 452  else Line 707  else
707      generates a binary zero byte and treats the digit as a following literal.      generates a binary zero byte and treats the digit as a following literal.
708      Thus we have to pull back the pointer by one. */      Thus we have to pull back the pointer by one. */
709    
710      if ((c = *ptr) >= '8')      if ((c = *ptr) >= CHAR_8)
711        {        {
712        ptr--;        ptr--;
713        c = 0;        c = 0;
# Line 460  else Line 715  else
715        }        }
716    
717      /* \0 always starts an octal number, but we may drop through to here with a      /* \0 always starts an octal number, but we may drop through to here with a
718      larger first octal digit. */      larger first octal digit. The original code used just to take the least
719        significant 8 bits of octal numbers (I think this is what early Perls used
720      case '0':      to do). Nowadays we allow for larger numbers in UTF-8 mode, but no more
721      c -= '0';      than 3 octal digits. */
722      while(i++ < 2 && ptr[1] >= '0' && ptr[1] <= '7')  
723          c = c * 8 + *(++ptr) - '0';      case CHAR_0:
724      c &= 255;     /* Take least significant 8 bits */      c -= CHAR_0;
725        while(i++ < 2 && ptr[1] >= CHAR_0 && ptr[1] <= CHAR_7)
726            c = c * 8 + *(++ptr) - CHAR_0;
727        if (!utf8 && c > 255) *errorcodeptr = ERR51;
728      break;      break;
729    
730      /* \x is complicated. \x{ddd} is a character number which can be greater      /* \x is complicated. \x{ddd} is a character number which can be greater
731      than 0xff in utf8 mode, but only if the ddd are hex digits. If not, { is      than 0xff in utf8 mode, but only if the ddd are hex digits. If not, { is
732      treated as a data character. */      treated as a data character. */
733    
734      case 'x':      case CHAR_x:
735      if (ptr[1] == '{')      if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
736        {        {
737        const uschar *pt = ptr + 2;        const uschar *pt = ptr + 2;
738        int count = 0;        int count = 0;
# Line 483  else Line 741  else
741        while ((digitab[*pt] & ctype_xdigit) != 0)        while ((digitab[*pt] & ctype_xdigit) != 0)
742          {          {
743          register int cc = *pt++;          register int cc = *pt++;
744          if (c == 0 && cc == '0') continue;     /* Leading zeroes */          if (c == 0 && cc == CHAR_0) continue;     /* Leading zeroes */
745          count++;          count++;
746    
747  #if !EBCDIC    /* ASCII coding */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
748          if (cc >= 'a') cc -= 32;               /* Convert to upper case */          if (cc >= CHAR_a) cc -= 32;               /* Convert to upper case */
749          c = (c << 4) + cc - ((cc < 'A')? '0' : ('A' - 10));          c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
750  #else          /* EBCDIC coding */  #else           /* EBCDIC coding */
751          if (cc >= 'a' && cc <= 'z') cc += 64;  /* Convert to upper case */          if (cc >= CHAR_a && cc <= CHAR_z) cc += 64;  /* Convert to upper case */
752          c = (c << 4) + cc - ((cc >= '0')? '0' : ('A' - 10));          c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
753  #endif  #endif
754          }          }
755    
756        if (*pt == '}')        if (*pt == CHAR_RIGHT_CURLY_BRACKET)
757          {          {
758          if (c < 0 || count > (utf8? 8 : 2)) *errorcodeptr = ERR34;          if (c < 0 || count > (utf8? 8 : 2)) *errorcodeptr = ERR34;
759          ptr = pt;          ptr = pt;
# Line 511  else Line 769  else
769      c = 0;      c = 0;
770      while (i++ < 2 && (digitab[ptr[1]] & ctype_xdigit) != 0)      while (i++ < 2 && (digitab[ptr[1]] & ctype_xdigit) != 0)
771        {        {
772        int cc;                               /* Some compilers don't like ++ */        int cc;                                  /* Some compilers don't like */
773        cc = *(++ptr);                        /* in initializers */        cc = *(++ptr);                           /* ++ in initializers */
774  #if !EBCDIC    /* ASCII coding */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
775        if (cc >= 'a') cc -= 32;              /* Convert to upper case */        if (cc >= CHAR_a) cc -= 32;              /* Convert to upper case */
776        c = c * 16 + cc - ((cc < 'A')? '0' : ('A' - 10));        c = c * 16 + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
777  #else          /* EBCDIC coding */  #else           /* EBCDIC coding */
778        if (cc <= 'z') cc += 64;              /* Convert to upper case */        if (cc <= CHAR_z) cc += 64;              /* Convert to upper case */
779        c = c * 16 + cc - ((cc >= '0')? '0' : ('A' - 10));        c = c * 16 + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
780  #endif  #endif
781        }        }
782      break;      break;
783    
784      /* Other special escapes not starting with a digit are straightforward */      /* For \c, a following letter is upper-cased; then the 0x40 bit is flipped.
785        This coding is ASCII-specific, but then the whole concept of \cx is
786        ASCII-specific. (However, an EBCDIC equivalent has now been added.) */
787    
788      case 'c':      case CHAR_c:
789      c = *(++ptr);      c = *(++ptr);
790      if (c == 0)      if (c == 0)
791        {        {
792        *errorcodeptr = ERR2;        *errorcodeptr = ERR2;
793        return 0;        break;
794        }        }
795    
796      /* A letter is upper-cased; then the 0x40 bit is flipped. This coding  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
797      is ASCII-specific, but then the whole concept of \cx is ASCII-specific.      if (c >= CHAR_a && c <= CHAR_z) c -= 32;
     (However, an EBCDIC equivalent has now been added.) */  
   
 #if !EBCDIC    /* ASCII coding */  
     if (c >= 'a' && c <= 'z') c -= 32;  
798      c ^= 0x40;      c ^= 0x40;
799  #else          /* EBCDIC coding */  #else           /* EBCDIC coding */
800      if (c >= 'a' && c <= 'z') c += 64;      if (c >= CHAR_a && c <= CHAR_z) c += 64;
801      c ^= 0xC0;      c ^= 0xC0;
802  #endif  #endif
803      break;      break;
804    
805      /* PCRE_EXTRA enables extensions to Perl in the matter of escapes. Any      /* PCRE_EXTRA enables extensions to Perl in the matter of escapes. Any
806      other alphameric following \ is an error if PCRE_EXTRA was set; otherwise,      other alphanumeric following \ is an error if PCRE_EXTRA was set;
807      for Perl compatibility, it is a literal. This code looks a bit odd, but      otherwise, for Perl compatibility, it is a literal. This code looks a bit
808      there used to be some cases other than the default, and there may be again      odd, but there used to be some cases other than the default, and there may
809      in future, so I haven't "optimized" it. */      be again in future, so I haven't "optimized" it. */
810    
811      default:      default:
812      if ((options & PCRE_EXTRA) != 0) switch(c)      if ((options & PCRE_EXTRA) != 0) switch(c)
# Line 603  if (c == 0) goto ERROR_RETURN; Line 859  if (c == 0) goto ERROR_RETURN;
859  /* \P or \p can be followed by a name in {}, optionally preceded by ^ for  /* \P or \p can be followed by a name in {}, optionally preceded by ^ for
860  negation. */  negation. */
861    
862  if (c == '{')  if (c == CHAR_LEFT_CURLY_BRACKET)
863    {    {
864    if (ptr[1] == '^')    if (ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
865      {      {
866      *negptr = TRUE;      *negptr = TRUE;
867      ptr++;      ptr++;
868      }      }
869    for (i = 0; i < sizeof(name) - 1; i++)    for (i = 0; i < (int)sizeof(name) - 1; i++)
870      {      {
871      c = *(++ptr);      c = *(++ptr);
872      if (c == 0) goto ERROR_RETURN;      if (c == 0) goto ERROR_RETURN;
873      if (c == '}') break;      if (c == CHAR_RIGHT_CURLY_BRACKET) break;
874      name[i] = c;      name[i] = c;
875      }      }
876    if (c !='}') goto ERROR_RETURN;    if (c != CHAR_RIGHT_CURLY_BRACKET) goto ERROR_RETURN;
877    name[i] = 0;    name[i] = 0;
878    }    }
879    
# Line 639  top = _pcre_utt_size; Line 895  top = _pcre_utt_size;
895  while (bot < top)  while (bot < top)
896    {    {
897    i = (bot + top) >> 1;    i = (bot + top) >> 1;
898    c = strcmp(name, _pcre_utt[i].name);    c = strcmp(name, _pcre_utt_names + _pcre_utt[i].name_offset);
899    if (c == 0)    if (c == 0)
900      {      {
901      *dptr = _pcre_utt[i].value;      *dptr = _pcre_utt[i].value;
# Line 682  is_counted_repeat(const uschar *p) Line 938  is_counted_repeat(const uschar *p)
938  {  {
939  if ((digitab[*p++] & ctype_digit) == 0) return FALSE;  if ((digitab[*p++] & ctype_digit) == 0) return FALSE;
940  while ((digitab[*p] & ctype_digit) != 0) p++;  while ((digitab[*p] & ctype_digit) != 0) p++;
941  if (*p == '}') return TRUE;  if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
942    
943  if (*p++ != ',') return FALSE;  if (*p++ != CHAR_COMMA) return FALSE;
944  if (*p == '}') return TRUE;  if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
945    
946  if ((digitab[*p++] & ctype_digit) == 0) return FALSE;  if ((digitab[*p++] & ctype_digit) == 0) return FALSE;
947  while ((digitab[*p] & ctype_digit) != 0) p++;  while ((digitab[*p] & ctype_digit) != 0) p++;
948    
949  return (*p == '}');  return (*p == CHAR_RIGHT_CURLY_BRACKET);
950  }  }
951    
952    
# Line 723  int max = -1; Line 979  int max = -1;
979  /* Read the minimum value and do a paranoid check: a negative value indicates  /* Read the minimum value and do a paranoid check: a negative value indicates
980  an integer overflow. */  an integer overflow. */
981    
982  while ((digitab[*p] & ctype_digit) != 0) min = min * 10 + *p++ - '0';  while ((digitab[*p] & ctype_digit) != 0) min = min * 10 + *p++ - CHAR_0;
983  if (min < 0 || min > 65535)  if (min < 0 || min > 65535)
984    {    {
985    *errorcodeptr = ERR5;    *errorcodeptr = ERR5;
# Line 733  if (min < 0 || min > 65535) Line 989  if (min < 0 || min > 65535)
989  /* Read the maximum value if there is one, and again do a paranoid on its size.  /* Read the maximum value if there is one, and again do a paranoid on its size.
990  Also, max must not be less than min. */  Also, max must not be less than min. */
991    
992  if (*p == '}') max = min; else  if (*p == CHAR_RIGHT_CURLY_BRACKET) max = min; else
993    {    {
994    if (*(++p) != '}')    if (*(++p) != CHAR_RIGHT_CURLY_BRACKET)
995      {      {
996      max = 0;      max = 0;
997      while((digitab[*p] & ctype_digit) != 0) max = max * 10 + *p++ - '0';      while((digitab[*p] & ctype_digit) != 0) max = max * 10 + *p++ - CHAR_0;
998      if (max < 0 || max > 65535)      if (max < 0 || max > 65535)
999        {        {
1000        *errorcodeptr = ERR5;        *errorcodeptr = ERR5;
# Line 763  return p; Line 1019  return p;
1019    
1020    
1021  /*************************************************  /*************************************************
1022    *  Subroutine for finding forward reference      *
1023    *************************************************/
1024    
1025    /* This recursive function is called only from find_parens() below. The
1026    top-level call starts at the beginning of the pattern. All other calls must
1027    start at a parenthesis. It scans along a pattern's text looking for capturing
1028    subpatterns, and counting them. If it finds a named pattern that matches the
1029    name it is given, it returns its number. Alternatively, if the name is NULL, it
1030    returns when it reaches a given numbered subpattern. We know that if (?P< is
1031    encountered, the name will be terminated by '>' because that is checked in the
1032    first pass. Recursion is used to keep track of subpatterns that reset the
1033    capturing group numbers - the (?| feature.
1034    
1035    Arguments:
1036      ptrptr       address of the current character pointer (updated)
1037      cd           compile background data
1038      name         name to seek, or NULL if seeking a numbered subpattern
1039      lorn         name length, or subpattern number if name is NULL
1040      xmode        TRUE if we are in /x mode
1041      count        pointer to the current capturing subpattern number (updated)
1042    
1043    Returns:       the number of the named subpattern, or -1 if not found
1044    */
1045    
1046    static int
1047    find_parens_sub(uschar **ptrptr, compile_data *cd, const uschar *name, int lorn,
1048      BOOL xmode, int *count)
1049    {
1050    uschar *ptr = *ptrptr;
1051    int start_count = *count;
1052    int hwm_count = start_count;
1053    BOOL dup_parens = FALSE;
1054    
1055    /* If the first character is a parenthesis, check on the type of group we are
1056    dealing with. The very first call may not start with a parenthesis. */
1057    
1058    if (ptr[0] == CHAR_LEFT_PARENTHESIS)
1059      {
1060      if (ptr[1] == CHAR_QUESTION_MARK &&
1061          ptr[2] == CHAR_VERTICAL_LINE)
1062        {
1063        ptr += 3;
1064        dup_parens = TRUE;
1065        }
1066    
1067      /* Handle a normal, unnamed capturing parenthesis */
1068    
1069      else if (ptr[1] != CHAR_QUESTION_MARK && ptr[1] != CHAR_ASTERISK)
1070        {
1071        *count += 1;
1072        if (name == NULL && *count == lorn) return *count;
1073        ptr++;
1074        }
1075    
1076      /* Handle a condition. If it is an assertion, just carry on so that it
1077      is processed as normal. If not, skip to the closing parenthesis of the
1078      condition (there can't be any nested parens. */
1079    
1080      else if (ptr[2] == CHAR_LEFT_PARENTHESIS)
1081        {
1082        ptr += 2;
1083        if (ptr[1] != CHAR_QUESTION_MARK)
1084          {
1085          while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
1086          if (*ptr != 0) ptr++;
1087          }
1088        }
1089    
1090      /* We have either (? or (* and not a condition */
1091    
1092      else
1093        {
1094        ptr += 2;
1095        if (*ptr == CHAR_P) ptr++;                      /* Allow optional P */
1096    
1097        /* We have to disambiguate (?<! and (?<= from (?<name> for named groups */
1098    
1099        if ((*ptr == CHAR_LESS_THAN_SIGN && ptr[1] != CHAR_EXCLAMATION_MARK &&
1100            ptr[1] != CHAR_EQUALS_SIGN) || *ptr == CHAR_APOSTROPHE)
1101          {
1102          int term;
1103          const uschar *thisname;
1104          *count += 1;
1105          if (name == NULL && *count == lorn) return *count;
1106          term = *ptr++;
1107          if (term == CHAR_LESS_THAN_SIGN) term = CHAR_GREATER_THAN_SIGN;
1108          thisname = ptr;
1109          while (*ptr != term) ptr++;
1110          if (name != NULL && lorn == ptr - thisname &&
1111              strncmp((const char *)name, (const char *)thisname, lorn) == 0)
1112            return *count;
1113          term++;
1114          }
1115        }
1116      }
1117    
1118    /* Past any initial parenthesis handling, scan for parentheses or vertical
1119    bars. */
1120    
1121    for (; *ptr != 0; ptr++)
1122      {
1123      /* Skip over backslashed characters and also entire \Q...\E */
1124    
1125      if (*ptr == CHAR_BACKSLASH)
1126        {
1127        if (*(++ptr) == 0) goto FAIL_EXIT;
1128        if (*ptr == CHAR_Q) for (;;)
1129          {
1130          while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};
1131          if (*ptr == 0) goto FAIL_EXIT;
1132          if (*(++ptr) == CHAR_E) break;
1133          }
1134        continue;
1135        }
1136    
1137      /* Skip over character classes; this logic must be similar to the way they
1138      are handled for real. If the first character is '^', skip it. Also, if the
1139      first few characters (either before or after ^) are \Q\E or \E we skip them
1140      too. This makes for compatibility with Perl. Note the use of STR macros to
1141      encode "Q\\E" so that it works in UTF-8 on EBCDIC platforms. */
1142    
1143      if (*ptr == CHAR_LEFT_SQUARE_BRACKET)
1144        {
1145        BOOL negate_class = FALSE;
1146        for (;;)
1147          {
1148          if (ptr[1] == CHAR_BACKSLASH)
1149            {
1150            if (ptr[2] == CHAR_E)
1151              ptr+= 2;
1152            else if (strncmp((const char *)ptr+2,
1153                     STR_Q STR_BACKSLASH STR_E, 3) == 0)
1154              ptr += 4;
1155            else
1156              break;
1157            }
1158          else if (!negate_class && ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
1159            {
1160            negate_class = TRUE;
1161            ptr++;
1162            }
1163          else break;
1164          }
1165    
1166        /* If the next character is ']', it is a data character that must be
1167        skipped, except in JavaScript compatibility mode. */
1168    
1169        if (ptr[1] == CHAR_RIGHT_SQUARE_BRACKET &&
1170            (cd->external_options & PCRE_JAVASCRIPT_COMPAT) == 0)
1171          ptr++;
1172    
1173        while (*(++ptr) != CHAR_RIGHT_SQUARE_BRACKET)
1174          {
1175          if (*ptr == 0) return -1;
1176          if (*ptr == CHAR_BACKSLASH)
1177            {
1178            if (*(++ptr) == 0) goto FAIL_EXIT;
1179            if (*ptr == CHAR_Q) for (;;)
1180              {
1181              while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};
1182              if (*ptr == 0) goto FAIL_EXIT;
1183              if (*(++ptr) == CHAR_E) break;
1184              }
1185            continue;
1186            }
1187          }
1188        continue;
1189        }
1190    
1191      /* Skip comments in /x mode */
1192    
1193      if (xmode && *ptr == CHAR_NUMBER_SIGN)
1194        {
1195        while (*(++ptr) != 0 && *ptr != CHAR_NL) {};
1196        if (*ptr == 0) goto FAIL_EXIT;
1197        continue;
1198        }
1199    
1200      /* Check for the special metacharacters */
1201    
1202      if (*ptr == CHAR_LEFT_PARENTHESIS)
1203        {
1204        int rc = find_parens_sub(&ptr, cd, name, lorn, xmode, count);
1205        if (rc > 0) return rc;
1206        if (*ptr == 0) goto FAIL_EXIT;
1207        }
1208    
1209      else if (*ptr == CHAR_RIGHT_PARENTHESIS)
1210        {
1211        if (dup_parens && *count < hwm_count) *count = hwm_count;
1212        *ptrptr = ptr;
1213        return -1;
1214        }
1215    
1216      else if (*ptr == CHAR_VERTICAL_LINE && dup_parens)
1217        {
1218        if (*count > hwm_count) hwm_count = *count;
1219        *count = start_count;
1220        }
1221      }
1222    
1223    FAIL_EXIT:
1224    *ptrptr = ptr;
1225    return -1;
1226    }
1227    
1228    
1229    
1230    
1231    /*************************************************
1232    *       Find forward referenced subpattern       *
1233    *************************************************/
1234    
1235    /* This function scans along a pattern's text looking for capturing
1236    subpatterns, and counting them. If it finds a named pattern that matches the
1237    name it is given, it returns its number. Alternatively, if the name is NULL, it
1238    returns when it reaches a given numbered subpattern. This is used for forward
1239    references to subpatterns. We used to be able to start this scan from the
1240    current compiling point, using the current count value from cd->bracount, and
1241    do it all in a single loop, but the addition of the possibility of duplicate
1242    subpattern numbers means that we have to scan from the very start, in order to
1243    take account of such duplicates, and to use a recursive function to keep track
1244    of the different types of group.
1245    
1246    Arguments:
1247      cd           compile background data
1248      name         name to seek, or NULL if seeking a numbered subpattern
1249      lorn         name length, or subpattern number if name is NULL
1250      xmode        TRUE if we are in /x mode
1251    
1252    Returns:       the number of the found subpattern, or -1 if not found
1253    */
1254    
1255    static int
1256    find_parens(compile_data *cd, const uschar *name, int lorn, BOOL xmode)
1257    {
1258    uschar *ptr = (uschar *)cd->start_pattern;
1259    int count = 0;
1260    int rc;
1261    
1262    /* If the pattern does not start with an opening parenthesis, the first call
1263    to find_parens_sub() will scan right to the end (if necessary). However, if it
1264    does start with a parenthesis, find_parens_sub() will return when it hits the
1265    matching closing parens. That is why we have to have a loop. */
1266    
1267    for (;;)
1268      {
1269      rc = find_parens_sub(&ptr, cd, name, lorn, xmode, &count);
1270      if (rc > 0 || *ptr++ == 0) break;
1271      }
1272    
1273    return rc;
1274    }
1275    
1276    
1277    
1278    
1279    /*************************************************
1280  *      Find first significant op code            *  *      Find first significant op code            *
1281  *************************************************/  *************************************************/
1282    
# Line 811  for (;;) Line 1325  for (;;)
1325    
1326      case OP_CALLOUT:      case OP_CALLOUT:
1327      case OP_CREF:      case OP_CREF:
1328      case OP_BRANUMBER:      case OP_NCREF:
1329        case OP_RREF:
1330        case OP_NRREF:
1331        case OP_DEF:
1332      code += _pcre_OP_lengths[*code];      code += _pcre_OP_lengths[*code];
1333      break;      break;
1334    
# Line 826  for (;;) Line 1343  for (;;)
1343    
1344    
1345  /*************************************************  /*************************************************
1346  *        Find the fixed length of a pattern      *  *        Find the fixed length of a branch       *
1347  *************************************************/  *************************************************/
1348    
1349  /* Scan a pattern and compute the fixed length of subject that will match it,  /* Scan a branch and compute the fixed length of subject that will match it,
1350  if the length is fixed. This is needed for dealing with backward assertions.  if the length is fixed. This is needed for dealing with backward assertions.
1351  In UTF8 mode, the result is in characters rather than bytes.  In UTF8 mode, the result is in characters rather than bytes. The branch is
1352    temporarily terminated with OP_END when this function is called.
1353    
1354    This function is called when a backward assertion is encountered, so that if it
1355    fails, the error message can point to the correct place in the pattern.
1356    However, we cannot do this when the assertion contains subroutine calls,
1357    because they can be forward references. We solve this by remembering this case
1358    and doing the check at the end; a flag specifies which mode we are running in.
1359    
1360  Arguments:  Arguments:
1361    code     points to the start of the pattern (the bracket)    code     points to the start of the pattern (the bracket)
1362    options  the compiling options    options  the compiling options
1363      atend    TRUE if called when the pattern is complete
1364      cd       the "compile data" structure
1365    
1366  Returns:   the fixed length, or -1 if there is no fixed length,  Returns:   the fixed length,
1367                 or -1 if there is no fixed length,
1368               or -2 if \C was encountered               or -2 if \C was encountered
1369                 or -3 if an OP_RECURSE item was encountered and atend is FALSE
1370  */  */
1371    
1372  static int  static int
1373  find_fixedlength(uschar *code, int options)  find_fixedlength(uschar *code, int options, BOOL atend, compile_data *cd)
1374  {  {
1375  int length = -1;  int length = -1;
1376    
# Line 855  branch, check the length against that of Line 1383  branch, check the length against that of
1383  for (;;)  for (;;)
1384    {    {
1385    int d;    int d;
1386      uschar *ce, *cs;
1387    register int op = *cc;    register int op = *cc;
   if (op >= OP_BRA) op = OP_BRA;  
   
1388    switch (op)    switch (op)
1389      {      {
1390        case OP_CBRA:
1391      case OP_BRA:      case OP_BRA:
1392      case OP_ONCE:      case OP_ONCE:
1393      case OP_COND:      case OP_COND:
1394      d = find_fixedlength(cc, options);      d = find_fixedlength(cc + ((op == OP_CBRA)? 2:0), options, atend, cd);
1395      if (d < 0) return d;      if (d < 0) return d;
1396      branchlength += d;      branchlength += d;
1397      do cc += GET(cc, 1); while (*cc == OP_ALT);      do cc += GET(cc, 1); while (*cc == OP_ALT);
# Line 886  for (;;) Line 1414  for (;;)
1414      branchlength = 0;      branchlength = 0;
1415      break;      break;
1416    
1417        /* A true recursion implies not fixed length, but a subroutine call may
1418        be OK. If the subroutine is a forward reference, we can't deal with
1419        it until the end of the pattern, so return -3. */
1420    
1421        case OP_RECURSE:
1422        if (!atend) return -3;
1423        cs = ce = (uschar *)cd->start_code + GET(cc, 1);  /* Start subpattern */
1424        do ce += GET(ce, 1); while (*ce == OP_ALT);       /* End subpattern */
1425        if (cc > cs && cc < ce) return -1;                /* Recursion */
1426        d = find_fixedlength(cs + 2, options, atend, cd);
1427        if (d < 0) return d;
1428        branchlength += d;
1429        cc += 1 + LINK_SIZE;
1430        break;
1431    
1432      /* Skip over assertive subpatterns */      /* Skip over assertive subpatterns */
1433    
1434      case OP_ASSERT:      case OP_ASSERT:
# Line 898  for (;;) Line 1441  for (;;)
1441      /* Skip over things that don't match chars */      /* Skip over things that don't match chars */
1442    
1443      case OP_REVERSE:      case OP_REVERSE:
     case OP_BRANUMBER:  
1444      case OP_CREF:      case OP_CREF:
1445        case OP_NCREF:
1446        case OP_RREF:
1447        case OP_NRREF:
1448        case OP_DEF:
1449      case OP_OPT:      case OP_OPT:
1450      case OP_CALLOUT:      case OP_CALLOUT:
1451      case OP_SOD:      case OP_SOD:
1452      case OP_SOM:      case OP_SOM:
1453        case OP_SET_SOM:
1454      case OP_EOD:      case OP_EOD:
1455      case OP_EODN:      case OP_EODN:
1456      case OP_CIRC:      case OP_CIRC:
# Line 917  for (;;) Line 1464  for (;;)
1464    
1465      case OP_CHAR:      case OP_CHAR:
1466      case OP_CHARNC:      case OP_CHARNC:
1467        case OP_NOT:
1468      branchlength++;      branchlength++;
1469      cc += 2;      cc += 2;
1470  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
1471      if ((options & PCRE_UTF8) != 0)      if ((options & PCRE_UTF8) != 0 && cc[-1] >= 0xc0)
1472        {        cc += _pcre_utf8_table4[cc[-1] & 0x3f];
       while ((*cc & 0xc0) == 0x80) cc++;  
       }  
1473  #endif  #endif
1474      break;      break;
1475    
# Line 934  for (;;) Line 1480  for (;;)
1480      branchlength += GET2(cc,1);      branchlength += GET2(cc,1);
1481      cc += 4;      cc += 4;
1482  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
1483      if ((options & PCRE_UTF8) != 0)      if ((options & PCRE_UTF8) != 0 && cc[-1] >= 0xc0)
1484        {        cc += _pcre_utf8_table4[cc[-1] & 0x3f];
       while((*cc & 0x80) == 0x80) cc++;  
       }  
1485  #endif  #endif
1486      break;      break;
1487    
1488      case OP_TYPEEXACT:      case OP_TYPEEXACT:
1489      branchlength += GET2(cc,1);      branchlength += GET2(cc,1);
1490        if (cc[3] == OP_PROP || cc[3] == OP_NOTPROP) cc += 2;
1491      cc += 4;      cc += 4;
1492      break;      break;
1493    
# Line 960  for (;;) Line 1505  for (;;)
1505      case OP_NOT_WORDCHAR:      case OP_NOT_WORDCHAR:
1506      case OP_WORDCHAR:      case OP_WORDCHAR:
1507      case OP_ANY:      case OP_ANY:
1508        case OP_ALLANY:
1509      branchlength++;      branchlength++;
1510      cc++;      cc++;
1511      break;      break;
# Line 1014  for (;;) Line 1560  for (;;)
1560    
1561    
1562  /*************************************************  /*************************************************
1563  *    Scan compiled regex for numbered bracket    *  *    Scan compiled regex for specific bracket    *
1564  *************************************************/  *************************************************/
1565    
1566  /* This little function scans through a compiled pattern until it finds a  /* This little function scans through a compiled pattern until it finds a
1567  capturing bracket with the given number.  capturing bracket with the given number, or, if the number is negative, an
1568    instance of OP_REVERSE for a lookbehind. The function is global in the C sense
1569    so that it can be called from pcre_study() when finding the minimum matching
1570    length.
1571    
1572  Arguments:  Arguments:
1573    code        points to start of expression    code        points to start of expression
1574    utf8        TRUE in UTF-8 mode    utf8        TRUE in UTF-8 mode
1575    number      the required bracket number    number      the required bracket number or negative to find a lookbehind
1576    
1577  Returns:      pointer to the opcode for the bracket, or NULL if not found  Returns:      pointer to the opcode for the bracket, or NULL if not found
1578  */  */
1579    
1580  static const uschar *  const uschar *
1581  find_bracket(const uschar *code, BOOL utf8, int number)  _pcre_find_bracket(const uschar *code, BOOL utf8, int number)
1582  {  {
 #ifndef SUPPORT_UTF8  
 utf8 = utf8;               /* Stop pedantic compilers complaining */  
 #endif  
   
1583  for (;;)  for (;;)
1584    {    {
1585    register int c = *code;    register int c = *code;
1586    if (c == OP_END) return NULL;    if (c == OP_END) return NULL;
1587    else if (c > OP_BRA)  
1588      /* XCLASS is used for classes that cannot be represented just by a bit
1589      map. This includes negated single high-valued characters. The length in
1590      the table is zero; the actual length is stored in the compiled code. */
1591    
1592      if (c == OP_XCLASS) code += GET(code, 1);
1593    
1594      /* Handle recursion */
1595    
1596      else if (c == OP_REVERSE)
1597        {
1598        if (number < 0) return (uschar *)code;
1599        code += _pcre_OP_lengths[c];
1600        }
1601    
1602      /* Handle capturing bracket */
1603    
1604      else if (c == OP_CBRA)
1605      {      {
1606      int n = c - OP_BRA;      int n = GET2(code, 1+LINK_SIZE);
     if (n > EXTRACT_BASIC_MAX) n = GET2(code, 2+LINK_SIZE);  
1607      if (n == number) return (uschar *)code;      if (n == number) return (uschar *)code;
1608      code += _pcre_OP_lengths[OP_BRA];      code += _pcre_OP_lengths[c];
1609      }      }
1610    
1611      /* Otherwise, we can get the item's length from the table, except that for
1612      repeated character types, we have to test for \p and \P, which have an extra
1613      two bytes of parameters. */
1614    
1615    else    else
1616      {      {
1617      code += _pcre_OP_lengths[c];      switch(c)
1618          {
1619          case OP_TYPESTAR:
1620          case OP_TYPEMINSTAR:
1621          case OP_TYPEPLUS:
1622          case OP_TYPEMINPLUS:
1623          case OP_TYPEQUERY:
1624          case OP_TYPEMINQUERY:
1625          case OP_TYPEPOSSTAR:
1626          case OP_TYPEPOSPLUS:
1627          case OP_TYPEPOSQUERY:
1628          if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
1629          break;
1630    
1631  #ifdef SUPPORT_UTF8        case OP_TYPEUPTO:
1632          case OP_TYPEMINUPTO:
1633          case OP_TYPEEXACT:
1634          case OP_TYPEPOSUPTO:
1635          if (code[3] == OP_PROP || code[3] == OP_NOTPROP) code += 2;
1636          break;
1637          }
1638    
1639      /* In UTF-8 mode, opcodes that are followed by a character may be followed      /* Add in the fixed length from the table */
     by a multi-byte character. The length in the table is a minimum, so we have  
     to scan along to skip the extra bytes. All opcodes are less than 128, so we  
     can use relatively efficient code. */  
1640    
1641        code += _pcre_OP_lengths[c];
1642    
1643      /* In UTF-8 mode, opcodes that are followed by a character may be followed by
1644      a multi-byte character. The length in the table is a minimum, so we have to
1645      arrange to skip the extra bytes. */
1646    
1647    #ifdef SUPPORT_UTF8
1648      if (utf8) switch(c)      if (utf8) switch(c)
1649        {        {
1650        case OP_CHAR:        case OP_CHAR:
# Line 1064  for (;;) Line 1652  for (;;)
1652        case OP_EXACT:        case OP_EXACT:
1653        case OP_UPTO:        case OP_UPTO:
1654        case OP_MINUPTO:        case OP_MINUPTO:
1655          case OP_POSUPTO:
1656        case OP_STAR:        case OP_STAR:
1657        case OP_MINSTAR:        case OP_MINSTAR:
1658          case OP_POSSTAR:
1659        case OP_PLUS:        case OP_PLUS:
1660        case OP_MINPLUS:        case OP_MINPLUS:
1661          case OP_POSPLUS:
1662        case OP_QUERY:        case OP_QUERY:
1663        case OP_MINQUERY:        case OP_MINQUERY:
1664        while ((*code & 0xc0) == 0x80) code++;        case OP_POSQUERY:
1665        break;        if (code[-1] >= 0xc0) code += _pcre_utf8_table4[code[-1] & 0x3f];
   
       /* XCLASS is used for classes that cannot be represented just by a bit  
       map. This includes negated single high-valued characters. The length in  
       the table is zero; the actual length is stored in the compiled code. */  
   
       case OP_XCLASS:  
       code += GET(code, 1) + 1;  
1666        break;        break;
1667        }        }
1668    #else
1669        (void)(utf8);  /* Keep compiler happy by referencing function argument */
1670  #endif  #endif
1671      }      }
1672    }    }
# Line 1105  Returns:      pointer to the opcode for Line 1691  Returns:      pointer to the opcode for
1691  static const uschar *  static const uschar *
1692  find_recurse(const uschar *code, BOOL utf8)  find_recurse(const uschar *code, BOOL utf8)
1693  {  {
 #ifndef SUPPORT_UTF8  
 utf8 = utf8;               /* Stop pedantic compilers complaining */  
 #endif  
   
1694  for (;;)  for (;;)
1695    {    {
1696    register int c = *code;    register int c = *code;
1697    if (c == OP_END) return NULL;    if (c == OP_END) return NULL;
1698    else if (c == OP_RECURSE) return code;    if (c == OP_RECURSE) return code;
   else if (c > OP_BRA)  
     {  
     code += _pcre_OP_lengths[OP_BRA];  
     }  
   else  
     {  
     code += _pcre_OP_lengths[c];  
1699    
1700  #ifdef SUPPORT_UTF8    /* XCLASS is used for classes that cannot be represented just by a bit
1701      map. This includes negated single high-valued characters. The length in
1702      the table is zero; the actual length is stored in the compiled code. */
1703    
1704      /* In UTF-8 mode, opcodes that are followed by a character may be followed    if (c == OP_XCLASS) code += GET(code, 1);
     by a multi-byte character. The length in the table is a minimum, so we have  
     to scan along to skip the extra bytes. All opcodes are less than 128, so we  
     can use relatively efficient code. */  
1705    
1706      if (utf8) switch(c)    /* Otherwise, we can get the item's length from the table, except that for
1707        {    repeated character types, we have to test for \p and \P, which have an extra
1708      two bytes of parameters. */
1709    
1710      else
1711        {
1712        switch(c)
1713          {
1714          case OP_TYPESTAR:
1715          case OP_TYPEMINSTAR:
1716          case OP_TYPEPLUS:
1717          case OP_TYPEMINPLUS:
1718          case OP_TYPEQUERY:
1719          case OP_TYPEMINQUERY:
1720          case OP_TYPEPOSSTAR:
1721          case OP_TYPEPOSPLUS:
1722          case OP_TYPEPOSQUERY:
1723          if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
1724          break;
1725    
1726          case OP_TYPEPOSUPTO:
1727          case OP_TYPEUPTO:
1728          case OP_TYPEMINUPTO:
1729          case OP_TYPEEXACT:
1730          if (code[3] == OP_PROP || code[3] == OP_NOTPROP) code += 2;
1731          break;
1732          }
1733    
1734        /* Add in the fixed length from the table */
1735    
1736        code += _pcre_OP_lengths[c];
1737    
1738        /* In UTF-8 mode, opcodes that are followed by a character may be followed
1739        by a multi-byte character. The length in the table is a minimum, so we have
1740        to arrange to skip the extra bytes. */
1741    
1742    #ifdef SUPPORT_UTF8
1743        if (utf8) switch(c)
1744          {
1745        case OP_CHAR:        case OP_CHAR:
1746        case OP_CHARNC:        case OP_CHARNC:
1747        case OP_EXACT:        case OP_EXACT:
1748        case OP_UPTO:        case OP_UPTO:
1749        case OP_MINUPTO:        case OP_MINUPTO:
1750          case OP_POSUPTO:
1751        case OP_STAR:        case OP_STAR:
1752        case OP_MINSTAR:        case OP_MINSTAR:
1753          case OP_POSSTAR:
1754        case OP_PLUS:        case OP_PLUS:
1755        case OP_MINPLUS:        case OP_MINPLUS:
1756          case OP_POSPLUS:
1757        case OP_QUERY:        case OP_QUERY:
1758        case OP_MINQUERY:        case OP_MINQUERY:
1759        while ((*code & 0xc0) == 0x80) code++;        case OP_POSQUERY:
1760        break;        if (code[-1] >= 0xc0) code += _pcre_utf8_table4[code[-1] & 0x3f];
   
       /* XCLASS is used for classes that cannot be represented just by a bit  
       map. This includes negated single high-valued characters. The length in  
       the table is zero; the actual length is stored in the compiled code. */  
   
       case OP_XCLASS:  
       code += GET(code, 1) + 1;  
1761        break;        break;
1762        }        }
1763    #else
1764        (void)(utf8);  /* Keep compiler happy by referencing function argument */
1765  #endif  #endif
1766      }      }
1767    }    }
# Line 1165  for (;;) Line 1774  for (;;)
1774  *************************************************/  *************************************************/
1775    
1776  /* This function scans through a branch of a compiled pattern to see whether it  /* This function scans through a branch of a compiled pattern to see whether it
1777  can match the empty string or not. It is called only from could_be_empty()  can match the empty string or not. It is called from could_be_empty()
1778  below. Note that first_significant_code() skips over assertions. If we hit an  below and from compile_branch() when checking for an unlimited repeat of a
1779  unclosed bracket, we return "empty" - this means we've struck an inner bracket  group that can match nothing. Note that first_significant_code() skips over
1780  whose current branch will already have been scanned.  backward and negative forward assertions when its final argument is TRUE. If we
1781    hit an unclosed bracket, we return "empty" - this means we've struck an inner
1782    bracket whose current branch will already have been scanned.
1783    
1784  Arguments:  Arguments:
1785    code        points to start of search    code        points to start of search
1786    endcode     points to where to stop    endcode     points to where to stop
1787    utf8        TRUE if in UTF8 mode    utf8        TRUE if in UTF8 mode
1788      cd          contains pointers to tables etc.
1789    
1790  Returns:      TRUE if what is matched could be empty  Returns:      TRUE if what is matched could be empty
1791  */  */
1792    
1793  static BOOL  static BOOL
1794  could_be_empty_branch(const uschar *code, const uschar *endcode, BOOL utf8)  could_be_empty_branch(const uschar *code, const uschar *endcode, BOOL utf8,
1795      compile_data *cd)
1796  {  {
1797  register int c;  register int c;
1798  for (code = first_significant_code(code + 1 + LINK_SIZE, NULL, 0, TRUE);  for (code = first_significant_code(code + _pcre_OP_lengths[*code], NULL, 0, TRUE);
1799       code < endcode;       code < endcode;
1800       code = first_significant_code(code + _pcre_OP_lengths[c], NULL, 0, TRUE))       code = first_significant_code(code + _pcre_OP_lengths[c], NULL, 0, TRUE))
1801    {    {
1802    const uschar *ccode;    const uschar *ccode;
1803    
1804    c = *code;    c = *code;
1805    
1806      /* Skip over forward assertions; the other assertions are skipped by
1807      first_significant_code() with a TRUE final argument. */
1808    
1809    if (c >= OP_BRA)    if (c == OP_ASSERT)
1810      {      {
1811      BOOL empty_branch;      do code += GET(code, 1); while (*code == OP_ALT);
1812      if (GET(code, 1) == 0) return TRUE;    /* Hit unclosed bracket */      c = *code;
1813        continue;
1814        }
1815    
1816      /* Scan a closed bracket */    /* Groups with zero repeats can of course be empty; skip them. */
1817    
1818      empty_branch = FALSE;    if (c == OP_BRAZERO || c == OP_BRAMINZERO || c == OP_SKIPZERO)
1819        {
1820        code += _pcre_OP_lengths[c];
1821        do code += GET(code, 1); while (*code == OP_ALT);
1822        c = *code;
1823        continue;
1824        }
1825    
1826      /* For a recursion/subroutine call, if its end has been reached, which
1827      implies a subroutine call, we can scan it. */
1828    
1829      if (c == OP_RECURSE)
1830        {
1831        const uschar *scode = cd->start_code + GET(code, 1);
1832        if (GET(scode, 1) == 0) return TRUE;    /* Unclosed */
1833      do      do
1834        {        {
1835        if (!empty_branch && could_be_empty_branch(code, endcode, utf8))        if (!could_be_empty_branch(scode, endcode, utf8, cd)) return FALSE;
1836          empty_branch = TRUE;        scode += GET(scode, 1);
1837          }
1838        while (*scode == OP_ALT);
1839        continue;
1840        }
1841    
1842      /* For other groups, scan the branches. */
1843    
1844      if (c == OP_BRA || c == OP_CBRA || c == OP_ONCE || c == OP_COND)
1845        {
1846        BOOL empty_branch;
1847        if (GET(code, 1) == 0) return TRUE;    /* Hit unclosed bracket */
1848    
1849        /* If a conditional group has only one branch, there is a second, implied,
1850        empty branch, so just skip over the conditional, because it could be empty.
1851        Otherwise, scan the individual branches of the group. */
1852    
1853        if (c == OP_COND && code[GET(code, 1)] != OP_ALT)
1854        code += GET(code, 1);        code += GET(code, 1);
1855        else
1856          {
1857          empty_branch = FALSE;
1858          do
1859            {
1860            if (!empty_branch && could_be_empty_branch(code, endcode, utf8, cd))
1861              empty_branch = TRUE;
1862            code += GET(code, 1);
1863            }
1864          while (*code == OP_ALT);
1865          if (!empty_branch) return FALSE;   /* All branches are non-empty */
1866        }        }
1867      while (*code == OP_ALT);  
     if (!empty_branch) return FALSE;   /* All branches are non-empty */  
     code += 1 + LINK_SIZE;  
1868      c = *code;      c = *code;
1869        continue;
1870      }      }
1871    
1872    else switch (c)    /* Handle the other opcodes */
1873    
1874      switch (c)
1875      {      {
1876      /* Check for quantifiers after a class */      /* Check for quantifiers after a class. XCLASS is used for classes that
1877        cannot be represented just by a bit map. This includes negated single
1878        high-valued characters. The length in _pcre_OP_lengths[] is zero; the
1879        actual length is stored in the compiled code, so we must update "code"
1880        here. */
1881    
1882  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
1883      case OP_XCLASS:      case OP_XCLASS:
1884      ccode = code + GET(code, 1);      ccode = code += GET(code, 1);
1885      goto CHECK_CLASS_REPEAT;      goto CHECK_CLASS_REPEAT;
1886  #endif  #endif
1887    
# Line 1260  for (code = first_significant_code(code Line 1925  for (code = first_significant_code(code
1925      case OP_NOT_WORDCHAR:      case OP_NOT_WORDCHAR:
1926      case OP_WORDCHAR:      case OP_WORDCHAR:
1927      case OP_ANY:      case OP_ANY:
1928        case OP_ALLANY:
1929      case OP_ANYBYTE:      case OP_ANYBYTE:
1930      case OP_CHAR:      case OP_CHAR:
1931      case OP_CHARNC:      case OP_CHARNC:
1932      case OP_NOT:      case OP_NOT:
1933      case OP_PLUS:      case OP_PLUS:
1934      case OP_MINPLUS:      case OP_MINPLUS:
1935        case OP_POSPLUS:
1936      case OP_EXACT:      case OP_EXACT:
1937      case OP_NOTPLUS:      case OP_NOTPLUS:
1938      case OP_NOTMINPLUS:      case OP_NOTMINPLUS:
1939        case OP_NOTPOSPLUS:
1940      case OP_NOTEXACT:      case OP_NOTEXACT:
1941      case OP_TYPEPLUS:      case OP_TYPEPLUS:
1942      case OP_TYPEMINPLUS:      case OP_TYPEMINPLUS:
1943        case OP_TYPEPOSPLUS:
1944      case OP_TYPEEXACT:      case OP_TYPEEXACT:
1945      return FALSE;      return FALSE;
1946    
1947        /* These are going to continue, as they may be empty, but we have to
1948        fudge the length for the \p and \P cases. */
1949    
1950        case OP_TYPESTAR:
1951        case OP_TYPEMINSTAR:
1952        case OP_TYPEPOSSTAR:
1953        case OP_TYPEQUERY:
1954        case OP_TYPEMINQUERY:
1955        case OP_TYPEPOSQUERY:
1956        if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
1957        break;
1958    
1959        /* Same for these */
1960    
1961        case OP_TYPEUPTO:
1962        case OP_TYPEMINUPTO:
1963        case OP_TYPEPOSUPTO:
1964        if (code[3] == OP_PROP || code[3] == OP_NOTPROP) code += 2;
1965        break;
1966    
1967      /* End of branch */      /* End of branch */
1968    
1969      case OP_KET:      case OP_KET:
# Line 1283  for (code = first_significant_code(code Line 1972  for (code = first_significant_code(code
1972      case OP_ALT:      case OP_ALT:
1973      return TRUE;      return TRUE;
1974    
1975      /* In UTF-8 mode, STAR, MINSTAR, QUERY, MINQUERY, UPTO, and MINUPTO  may be      /* In UTF-8 mode, STAR, MINSTAR, POSSTAR, QUERY, MINQUERY, POSQUERY, UPTO,
1976      followed by a multibyte character */      MINUPTO, and POSUPTO may be followed by a multibyte character */
1977    
1978  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
1979      case OP_STAR:      case OP_STAR:
1980      case OP_MINSTAR:      case OP_MINSTAR:
1981        case OP_POSSTAR:
1982      case OP_QUERY:      case OP_QUERY:
1983      case OP_MINQUERY:      case OP_MINQUERY:
1984        case OP_POSQUERY:
1985        if (utf8 && code[1] >= 0xc0) code += _pcre_utf8_table4[code[1] & 0x3f];
1986        break;
1987    
1988      case OP_UPTO:      case OP_UPTO:
1989      case OP_MINUPTO:      case OP_MINUPTO:
1990      if (utf8) while ((code[2] & 0xc0) == 0x80) code++;      case OP_POSUPTO:
1991        if (utf8 && code[3] >= 0xc0) code += _pcre_utf8_table4[code[3] & 0x3f];
1992      break;      break;
1993  #endif  #endif
1994    
1995        /* None of the remaining opcodes are required to match a character. */
1996    
1997        default:
1998        break;
1999      }      }
2000    }    }
2001    
# Line 1318  Arguments: Line 2018  Arguments:
2018    endcode     points to where to stop (current RECURSE item)    endcode     points to where to stop (current RECURSE item)
2019    bcptr       points to the chain of current (unclosed) branch starts    bcptr       points to the chain of current (unclosed) branch starts
2020    utf8        TRUE if in UTF-8 mode    utf8        TRUE if in UTF-8 mode
2021      cd          pointers to tables etc
2022    
2023  Returns:      TRUE if what is matched could be empty  Returns:      TRUE if what is matched could be empty
2024  */  */
2025    
2026  static BOOL  static BOOL
2027  could_be_empty(const uschar *code, const uschar *endcode, branch_chain *bcptr,  could_be_empty(const uschar *code, const uschar *endcode, branch_chain *bcptr,
2028    BOOL utf8)    BOOL utf8, compile_data *cd)
2029  {  {
2030  while (bcptr != NULL && bcptr->current >= code)  while (bcptr != NULL && bcptr->current_branch >= code)
2031    {    {
2032    if (!could_be_empty_branch(bcptr->current, endcode, utf8)) return FALSE;    if (!could_be_empty_branch(bcptr->current_branch, endcode, utf8, cd))
2033        return FALSE;
2034    bcptr = bcptr->outer;    bcptr = bcptr->outer;
2035    }    }
2036  return TRUE;  return TRUE;
# Line 1341  return TRUE; Line 2043  return TRUE;
2043  *************************************************/  *************************************************/
2044    
2045  /* This function is called when the sequence "[:" or "[." or "[=" is  /* This function is called when the sequence "[:" or "[." or "[=" is
2046  encountered in a character class. It checks whether this is followed by an  encountered in a character class. It checks whether this is followed by a
2047  optional ^ and then a sequence of letters, terminated by a matching ":]" or  sequence of characters terminated by a matching ":]" or ".]" or "=]". If we
2048  ".]" or "=]".  reach an unescaped ']' without the special preceding character, return FALSE.
2049    
2050    Originally, this function only recognized a sequence of letters between the
2051    terminators, but it seems that Perl recognizes any sequence of characters,
2052    though of course unknown POSIX names are subsequently rejected. Perl gives an
2053    "Unknown POSIX class" error for [:f\oo:] for example, where previously PCRE
2054    didn't consider this to be a POSIX class. Likewise for [:1234:].
2055    
2056    The problem in trying to be exactly like Perl is in the handling of escapes. We
2057    have to be sure that [abc[:x\]pqr] is *not* treated as containing a POSIX
2058    class, but [abc[:x\]pqr:]] is (so that an error can be generated). The code
2059    below handles the special case of \], but does not try to do any other escape
2060    processing. This makes it different from Perl for cases such as [:l\ower:]
2061    where Perl recognizes it as the POSIX class "lower" but PCRE does not recognize
2062    "l\ower". This is a lesser evil that not diagnosing bad classes when Perl does,
2063    I think.
2064    
2065  Argument:  Arguments:
2066    ptr      pointer to the initial [    ptr      pointer to the initial [
2067    endptr   where to return the end pointer    endptr   where to return the end pointer
   cd       pointer to compile data  
2068    
2069  Returns:   TRUE or FALSE  Returns:   TRUE or FALSE
2070  */  */
2071    
2072  static BOOL  static BOOL
2073  check_posix_syntax(const uschar *ptr, const uschar **endptr, compile_data *cd)  check_posix_syntax(const uschar *ptr, const uschar **endptr)
2074  {  {
2075  int terminator;          /* Don't combine these lines; the Solaris cc */  int terminator;          /* Don't combine these lines; the Solaris cc */
2076  terminator = *(++ptr);   /* compiler warns about "non-constant" initializer. */  terminator = *(++ptr);   /* compiler warns about "non-constant" initializer. */
2077  if (*(++ptr) == '^') ptr++;  for (++ptr; *ptr != 0; ptr++)
 while ((cd->ctypes[*ptr] & ctype_letter) != 0) ptr++;  
 if (*ptr == terminator && ptr[1] == ']')  
2078    {    {
2079    *endptr = ptr;    if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET) ptr++; else
2080    return TRUE;      {
2081        if (*ptr == CHAR_RIGHT_SQUARE_BRACKET) return FALSE;
2082        if (*ptr == terminator && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
2083          {
2084          *endptr = ptr;
2085          return TRUE;
2086          }
2087        }
2088    }    }
2089  return FALSE;  return FALSE;
2090  }  }
# Line 1388  Returns:     a value representing the na Line 2109  Returns:     a value representing the na
2109  static int  static int
2110  check_posix_name(const uschar *ptr, int len)  check_posix_name(const uschar *ptr, int len)
2111  {  {
2112    const char *pn = posix_names;
2113  register int yield = 0;  register int yield = 0;
2114  while (posix_name_lengths[yield] != 0)  while (posix_name_lengths[yield] != 0)
2115    {    {
2116    if (len == posix_name_lengths[yield] &&    if (len == posix_name_lengths[yield] &&
2117      strncmp((const char *)ptr, posix_names[yield], len) == 0) return yield;      strncmp((const char *)ptr, pn, len) == 0) return yield;
2118      pn += posix_name_lengths[yield] + 1;
2119    yield++;    yield++;
2120    }    }
2121  return -1;  return -1;
# Line 1407  return -1; Line 2130  return -1;
2130  that is referenced. This means that groups can be replicated for fixed  that is referenced. This means that groups can be replicated for fixed
2131  repetition simply by copying (because the recursion is allowed to refer to  repetition simply by copying (because the recursion is allowed to refer to
2132  earlier groups that are outside the current group). However, when a group is  earlier groups that are outside the current group). However, when a group is
2133  optional (i.e. the minimum quantifier is zero), OP_BRAZERO is inserted before  optional (i.e. the minimum quantifier is zero), OP_BRAZERO or OP_SKIPZERO is
2134  it, after it has been compiled. This means that any OP_RECURSE items within it  inserted before it, after it has been compiled. This means that any OP_RECURSE
2135  that refer to the group itself or any contained groups have to have their  items within it that refer to the group itself or any contained groups have to
2136  offsets adjusted. That is the job of this function. Before it is called, the  have their offsets adjusted. That one of the jobs of this function. Before it
2137  partially compiled regex must be temporarily terminated with OP_END.  is called, the partially compiled regex must be temporarily terminated with
2138    OP_END.
2139    
2140    This function has been extended with the possibility of forward references for
2141    recursions and subroutine calls. It must also check the list of such references
2142    for the group we are dealing with. If it finds that one of the recursions in
2143    the current group is on this list, it adjusts the offset in the list, not the
2144    value in the reference (which is a group number).
2145    
2146  Arguments:  Arguments:
2147    group      points to the start of the group    group      points to the start of the group
2148    adjust     the amount by which the group is to be moved    adjust     the amount by which the group is to be moved
2149    utf8       TRUE in UTF-8 mode    utf8       TRUE in UTF-8 mode
2150    cd         contains pointers to tables etc.    cd         contains pointers to tables etc.
2151      save_hwm   the hwm forward reference pointer at the start of the group
2152    
2153  Returns:     nothing  Returns:     nothing
2154  */  */
2155    
2156  static void  static void
2157  adjust_recurse(uschar *group, int adjust, BOOL utf8, compile_data *cd)  adjust_recurse(uschar *group, int adjust, BOOL utf8, compile_data *cd,
2158      uschar *save_hwm)
2159  {  {
2160  uschar *ptr = group;  uschar *ptr = group;
2161    
2162  while ((ptr = (uschar *)find_recurse(ptr, utf8)) != NULL)  while ((ptr = (uschar *)find_recurse(ptr, utf8)) != NULL)
2163    {    {
2164    int offset = GET(ptr, 1);    int offset;
2165    if (cd->start_code + offset >= group) PUT(ptr, 1, offset + adjust);    uschar *hc;
2166    
2167      /* See if this recursion is on the forward reference list. If so, adjust the
2168      reference. */
2169    
2170      for (hc = save_hwm; hc < cd->hwm; hc += LINK_SIZE)
2171        {
2172        offset = GET(hc, 0);
2173        if (cd->start_code + offset == ptr + 1)
2174          {
2175          PUT(hc, 0, offset + adjust);
2176          break;
2177          }
2178        }
2179    
2180      /* Otherwise, adjust the recursion offset if it's after the start of this
2181      group. */
2182    
2183      if (hc >= cd->hwm)
2184        {
2185        offset = GET(ptr, 1);
2186        if (cd->start_code + offset >= group) PUT(ptr, 1, offset + adjust);
2187        }
2188    
2189    ptr += 1 + LINK_SIZE;    ptr += 1 + LINK_SIZE;
2190    }    }
2191  }  }
# Line 1508  Yield:        TRUE when range returned; Line 2264  Yield:        TRUE when range returned;
2264  */  */
2265    
2266  static BOOL  static BOOL
2267  get_othercase_range(int *cptr, int d, int *ocptr, int *odptr)  get_othercase_range(unsigned int *cptr, unsigned int d, unsigned int *ocptr,
2268      unsigned int *odptr)
2269  {  {
2270  int c, othercase, next;  unsigned int c, othercase, next;
2271    
2272  for (c = *cptr; c <= d; c++)  for (c = *cptr; c <= d; c++)
2273    { if ((othercase = _pcre_ucp_othercase(c)) >= 0) break; }    { if ((othercase = UCD_OTHERCASE(c)) != c) break; }
2274    
2275  if (c > d) return FALSE;  if (c > d) return FALSE;
2276    
# Line 1522  next = othercase + 1; Line 2279  next = othercase + 1;
2279    
2280  for (++c; c <= d; c++)  for (++c; c <= d; c++)
2281    {    {
2282    if (_pcre_ucp_othercase(c) != next) break;    if (UCD_OTHERCASE(c) != next) break;
2283    next++;    next++;
2284    }    }
2285    
# Line 1534  return TRUE; Line 2291  return TRUE;
2291  #endif  /* SUPPORT_UCP */  #endif  /* SUPPORT_UCP */
2292    
2293    
2294    
2295    /*************************************************
2296    *     Check if auto-possessifying is possible    *
2297    *************************************************/
2298    
2299    /* This function is called for unlimited repeats of certain items, to see
2300    whether the next thing could possibly match the repeated item. If not, it makes
2301    sense to automatically possessify the repeated item.
2302    
2303    Arguments:
2304      op_code       the repeated op code
2305      this          data for this item, depends on the opcode
2306      utf8          TRUE in UTF-8 mode
2307      utf8_char     used for utf8 character bytes, NULL if not relevant
2308      ptr           next character in pattern
2309      options       options bits
2310      cd            contains pointers to tables etc.
2311    
2312    Returns:        TRUE if possessifying is wanted
2313    */
2314    
2315    static BOOL
2316    check_auto_possessive(int op_code, int item, BOOL utf8, uschar *utf8_char,
2317      const uschar *ptr, int options, compile_data *cd)
2318    {
2319    int next;
2320    
2321    /* Skip whitespace and comments in extended mode */
2322    
2323    if ((options & PCRE_EXTENDED) != 0)
2324      {
2325      for (;;)
2326        {
2327        while ((cd->ctypes[*ptr] & ctype_space) != 0) ptr++;
2328        if (*ptr == CHAR_NUMBER_SIGN)
2329          {
2330          while (*(++ptr) != 0)
2331            if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }
2332          }
2333        else break;
2334        }
2335      }
2336    
2337    /* If the next item is one that we can handle, get its value. A non-negative
2338    value is a character, a negative value is an escape value. */
2339    
2340    if (*ptr == CHAR_BACKSLASH)
2341      {
2342      int temperrorcode = 0;
2343      next = check_escape(&ptr, &temperrorcode, cd->bracount, options, FALSE);
2344      if (temperrorcode != 0) return FALSE;
2345      ptr++;    /* Point after the escape sequence */
2346      }
2347    
2348    else if ((cd->ctypes[*ptr] & ctype_meta) == 0)
2349      {
2350    #ifdef SUPPORT_UTF8
2351      if (utf8) { GETCHARINC(next, ptr); } else
2352    #endif
2353      next = *ptr++;
2354      }
2355    
2356    else return FALSE;
2357    
2358    /* Skip whitespace and comments in extended mode */
2359    
2360    if ((options & PCRE_EXTENDED) != 0)
2361      {
2362      for (;;)
2363        {
2364        while ((cd->ctypes[*ptr] & ctype_space) != 0) ptr++;
2365        if (*ptr == CHAR_NUMBER_SIGN)
2366          {
2367          while (*(++ptr) != 0)
2368            if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }
2369          }
2370        else break;
2371        }
2372      }
2373    
2374    /* If the next thing is itself optional, we have to give up. */
2375    
2376    if (*ptr == CHAR_ASTERISK || *ptr == CHAR_QUESTION_MARK ||
2377      strncmp((char *)ptr, STR_LEFT_CURLY_BRACKET STR_0 STR_COMMA, 3) == 0)
2378        return FALSE;
2379    
2380    /* Now compare the next item with the previous opcode. If the previous is a
2381    positive single character match, "item" either contains the character or, if
2382    "item" is greater than 127 in utf8 mode, the character's bytes are in
2383    utf8_char. */
2384    
2385    
2386    /* Handle cases when the next item is a character. */
2387    
2388    if (next >= 0) switch(op_code)
2389      {
2390      case OP_CHAR:
2391    #ifdef SUPPORT_UTF8
2392      if (utf8 && item > 127) { GETCHAR(item, utf8_char); }
2393    #else
2394      (void)(utf8_char);  /* Keep compiler happy by referencing function argument */
2395    #endif
2396      return item != next;
2397    
2398      /* For CHARNC (caseless character) we must check the other case. If we have
2399      Unicode property support, we can use it to test the other case of
2400      high-valued characters. */
2401    
2402      case OP_CHARNC:
2403    #ifdef SUPPORT_UTF8
2404      if (utf8 && item > 127) { GETCHAR(item, utf8_char); }
2405    #endif
2406      if (item == next) return FALSE;
2407    #ifdef SUPPORT_UTF8
2408      if (utf8)
2409        {
2410        unsigned int othercase;
2411        if (next < 128) othercase = cd->fcc[next]; else
2412    #ifdef SUPPORT_UCP
2413        othercase = UCD_OTHERCASE((unsigned int)next);
2414    #else
2415        othercase = NOTACHAR;
2416    #endif
2417        return (unsigned int)item != othercase;
2418        }
2419      else
2420    #endif  /* SUPPORT_UTF8 */
2421      return (item != cd->fcc[next]);  /* Non-UTF-8 mode */
2422    
2423      /* For OP_NOT, "item" must be a single-byte character. */
2424    
2425      case OP_NOT:
2426      if (item == next) return TRUE;
2427      if ((options & PCRE_CASELESS) == 0) return FALSE;
2428    #ifdef SUPPORT_UTF8
2429      if (utf8)
2430        {
2431        unsigned int othercase;
2432        if (next < 128) othercase = cd->fcc[next]; else
2433    #ifdef SUPPORT_UCP
2434        othercase = UCD_OTHERCASE(next);
2435    #else
2436        othercase = NOTACHAR;
2437    #endif
2438        return (unsigned int)item == othercase;
2439        }
2440      else
2441    #endif  /* SUPPORT_UTF8 */
2442      return (item == cd->fcc[next]);  /* Non-UTF-8 mode */
2443    
2444      case OP_DIGIT:
2445      return next > 127 || (cd->ctypes[next] & ctype_digit) == 0;
2446    
2447      case OP_NOT_DIGIT:
2448      return next <= 127 && (cd->ctypes[next] & ctype_digit) != 0;
2449    
2450      case OP_WHITESPACE:
2451      return next > 127 || (cd->ctypes[next] & ctype_space) == 0;
2452    
2453      case OP_NOT_WHITESPACE:
2454      return next <= 127 && (cd->ctypes[next] & ctype_space) != 0;
2455    
2456      case OP_WORDCHAR:
2457      return next > 127 || (cd->ctypes[next] & ctype_word) == 0;
2458    
2459      case OP_NOT_WORDCHAR:
2460      return next <= 127 && (cd->ctypes[next] & ctype_word) != 0;
2461    
2462      case OP_HSPACE:
2463      case OP_NOT_HSPACE:
2464      switch(next)
2465        {
2466        case 0x09:
2467        case 0x20:
2468        case 0xa0:
2469        case 0x1680:
2470        case 0x180e:
2471        case 0x2000:
2472        case 0x2001:
2473        case 0x2002:
2474        case 0x2003:
2475        case 0x2004:
2476        case 0x2005:
2477        case 0x2006:
2478        case 0x2007:
2479        case 0x2008:
2480        case 0x2009:
2481        case 0x200A:
2482        case 0x202f:
2483        case 0x205f:
2484        case 0x3000:
2485        return op_code != OP_HSPACE;
2486        default:
2487        return op_code == OP_HSPACE;
2488        }
2489    
2490      case OP_VSPACE:
2491      case OP_NOT_VSPACE:
2492      switch(next)
2493        {
2494        case 0x0a:
2495        case 0x0b:
2496        case 0x0c:
2497        case 0x0d:
2498        case 0x85:
2499        case 0x2028:
2500        case 0x2029:
2501        return op_code != OP_VSPACE;
2502        default:
2503        return op_code == OP_VSPACE;
2504        }
2505    
2506      default:
2507      return FALSE;
2508      }
2509    
2510    
2511    /* Handle the case when the next item is \d, \s, etc. */
2512    
2513    switch(op_code)
2514      {
2515      case OP_CHAR:
2516      case OP_CHARNC:
2517    #ifdef SUPPORT_UTF8
2518      if (utf8 && item > 127) { GETCHAR(item, utf8_char); }
2519    #endif
2520      switch(-next)
2521        {
2522        case ESC_d:
2523        return item > 127 || (cd->ctypes[item] & ctype_digit) == 0;
2524    
2525        case ESC_D:
2526        return item <= 127 && (cd->ctypes[item] & ctype_digit) != 0;
2527    
2528        case ESC_s:
2529        return item > 127 || (cd->ctypes[item] & ctype_space) == 0;
2530    
2531        case ESC_S:
2532        return item <= 127 && (cd->ctypes[item] & ctype_space) != 0;
2533    
2534        case ESC_w:
2535        return item > 127 || (cd->ctypes[item] & ctype_word) == 0;
2536    
2537        case ESC_W:
2538        return item <= 127 && (cd->ctypes[item] & ctype_word) != 0;
2539    
2540        case ESC_h:
2541        case ESC_H:
2542        switch(item)
2543          {
2544          case 0x09:
2545          case 0x20:
2546          case 0xa0:
2547          case 0x1680:
2548          case 0x180e:
2549          case 0x2000:
2550          case 0x2001:
2551          case 0x2002:
2552          case 0x2003:
2553          case 0x2004:
2554          case 0x2005:
2555          case 0x2006:
2556          case 0x2007:
2557          case 0x2008:
2558          case 0x2009:
2559          case 0x200A:
2560          case 0x202f:
2561          case 0x205f:
2562          case 0x3000:
2563          return -next != ESC_h;
2564          default:
2565          return -next == ESC_h;
2566          }
2567    
2568        case ESC_v:
2569        case ESC_V:
2570        switch(item)
2571          {
2572          case 0x0a:
2573          case 0x0b:
2574          case 0x0c:
2575          case 0x0d:
2576          case 0x85:
2577          case 0x2028:
2578          case 0x2029:
2579          return -next != ESC_v;
2580          default:
2581          return -next == ESC_v;
2582          }
2583    
2584        default:
2585        return FALSE;
2586        }
2587    
2588      case OP_DIGIT:
2589      return next == -ESC_D || next == -ESC_s || next == -ESC_W ||
2590             next == -ESC_h || next == -ESC_v;
2591    
2592      case OP_NOT_DIGIT:
2593      return next == -ESC_d;
2594    
2595      case OP_WHITESPACE:
2596      return next == -ESC_S || next == -ESC_d || next == -ESC_w;
2597    
2598      case OP_NOT_WHITESPACE:
2599      return next == -ESC_s || next == -ESC_h || next == -ESC_v;
2600    
2601      case OP_HSPACE:
2602      return next == -ESC_S || next == -ESC_H || next == -ESC_d || next == -ESC_w;
2603    
2604      case OP_NOT_HSPACE:
2605      return next == -ESC_h;
2606    
2607      /* Can't have \S in here because VT matches \S (Perl anomaly) */
2608      case OP_VSPACE:
2609      return next == -ESC_V || next == -ESC_d || next == -ESC_w;
2610    
2611      case OP_NOT_VSPACE:
2612      return next == -ESC_v;
2613    
2614      case OP_WORDCHAR:
2615      return next == -ESC_W || next == -ESC_s || next == -ESC_h || next == -ESC_v;
2616    
2617      case OP_NOT_WORDCHAR:
2618      return next == -ESC_w || next == -ESC_d;
2619    
2620      default:
2621      return FALSE;
2622      }
2623    
2624    /* Control does not reach here */
2625    }
2626    
2627    
2628    
2629  /*************************************************  /*************************************************
2630  *           Compile one branch                   *  *           Compile one branch                   *
2631  *************************************************/  *************************************************/
2632    
2633  /* Scan the pattern, compiling it into the code vector. If the options are  /* Scan the pattern, compiling it into the a vector. If the options are
2634  changed during the branch, the pointer is used to change the external options  changed during the branch, the pointer is used to change the external options
2635  bits.  bits. This function is used during the pre-compile phase when we are trying
2636    to find out the amount of memory needed, as well as during the real compile
2637    phase. The value of lengthptr distinguishes the two phases.
2638    
2639  Arguments:  Arguments:
2640    optionsptr     pointer to the option bits    optionsptr     pointer to the option bits
   brackets       points to number of extracting brackets used  
2641    codeptr        points to the pointer to the current code point    codeptr        points to the pointer to the current code point
2642    ptrptr         points to the current pattern pointer    ptrptr         points to the current pattern pointer
2643    errorcodeptr   points to error code variable    errorcodeptr   points to error code variable
# Line 1552  Arguments: Line 2645  Arguments:
2645    reqbyteptr     set to the last literal character required, else < 0    reqbyteptr     set to the last literal character required, else < 0
2646    bcptr          points to current branch chain    bcptr          points to current branch chain
2647    cd             contains pointers to tables etc.    cd             contains pointers to tables etc.
2648      lengthptr      NULL during the real compile phase
2649                     points to length accumulator during pre-compile phase
2650    
2651  Returns:         TRUE on success  Returns:         TRUE on success
2652                   FALSE, with *errorcodeptr set non-zero on error                   FALSE, with *errorcodeptr set non-zero on error
2653  */  */
2654    
2655  static BOOL  static BOOL
2656  compile_branch(int *optionsptr, int *brackets, uschar **codeptr,  compile_branch(int *optionsptr, uschar **codeptr, const uschar **ptrptr,
2657    const uschar **ptrptr, int *errorcodeptr, int *firstbyteptr,    int *errorcodeptr, int *firstbyteptr, int *reqbyteptr, branch_chain *bcptr,
2658    int *reqbyteptr, branch_chain *bcptr, compile_data *cd)    compile_data *cd, int *lengthptr)
2659  {  {
2660  int repeat_type, op_type;  int repeat_type, op_type;
2661  int repeat_min = 0, repeat_max = 0;      /* To please picky compilers */  int repeat_min = 0, repeat_max = 0;      /* To please picky compilers */
# Line 1569  int greedy_default, greedy_non_default; Line 2664  int greedy_default, greedy_non_default;
2664  int firstbyte, reqbyte;  int firstbyte, reqbyte;
2665  int zeroreqbyte, zerofirstbyte;  int zeroreqbyte, zerofirstbyte;
2666  int req_caseopt, reqvary, tempreqvary;  int req_caseopt, reqvary, tempreqvary;
 int condcount = 0;  
2667  int options = *optionsptr;  int options = *optionsptr;
2668  int after_manual_callout = 0;  int after_manual_callout = 0;
2669    int length_prevgroup = 0;
2670  register int c;  register int c;
2671  register uschar *code = *codeptr;  register uschar *code = *codeptr;
2672    uschar *last_code = code;
2673    uschar *orig_code = code;
2674  uschar *tempcode;  uschar *tempcode;
2675  BOOL inescq = FALSE;  BOOL inescq = FALSE;
2676  BOOL groupsetfirstbyte = FALSE;  BOOL groupsetfirstbyte = FALSE;
# Line 1581  const uschar *ptr = *ptrptr; Line 2678  const uschar *ptr = *ptrptr;
2678  const uschar *tempptr;  const uschar *tempptr;
2679  uschar *previous = NULL;  uschar *previous = NULL;
2680  uschar *previous_callout = NULL;  uschar *previous_callout = NULL;
2681    uschar *save_hwm = NULL;
2682  uschar classbits[32];  uschar classbits[32];
2683    
2684  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
2685  BOOL class_utf8;  BOOL class_utf8;
2686  BOOL utf8 = (options & PCRE_UTF8) != 0;  BOOL utf8 = (options & PCRE_UTF8) != 0;
2687  uschar *class_utf8data;  uschar *class_utf8data;
2688    uschar *class_utf8data_base;
2689  uschar utf8_char[6];  uschar utf8_char[6];
2690  #else  #else
2691  BOOL utf8 = FALSE;  BOOL utf8 = FALSE;
2692    uschar *utf8_char = NULL;
2693    #endif
2694    
2695    #ifdef PCRE_DEBUG
2696    if (lengthptr != NULL) DPRINTF((">> start branch\n"));
2697  #endif  #endif
2698    
2699  /* Set up the default and non-default settings for greediness */  /* Set up the default and non-default settings for greediness */
# Line 1621  req_caseopt = ((options & PCRE_CASELESS) Line 2725  req_caseopt = ((options & PCRE_CASELESS)
2725  for (;; ptr++)  for (;; ptr++)
2726    {    {
2727    BOOL negate_class;    BOOL negate_class;
2728      BOOL should_flip_negation;
2729    BOOL possessive_quantifier;    BOOL possessive_quantifier;
2730    BOOL is_quantifier;    BOOL is_quantifier;
2731      BOOL is_recurse;
2732      BOOL reset_bracount;
2733    int class_charcount;    int class_charcount;
2734    int class_lastchar;    int class_lastchar;
2735    int newoptions;    int newoptions;
2736    int recno;    int recno;
2737      int refsign;
2738    int skipbytes;    int skipbytes;
2739    int subreqbyte;    int subreqbyte;
2740    int subfirstbyte;    int subfirstbyte;
2741      int terminator;
2742    int mclength;    int mclength;
2743    uschar mcbuffer[8];    uschar mcbuffer[8];
2744    
2745    /* Next byte in the pattern */    /* Get next byte in the pattern */
2746    
2747    c = *ptr;    c = *ptr;
2748    
2749      /* If we are in the pre-compile phase, accumulate the length used for the
2750      previous cycle of this loop. */
2751    
2752      if (lengthptr != NULL)
2753        {
2754    #ifdef PCRE_DEBUG
2755        if (code > cd->hwm) cd->hwm = code;                 /* High water info */
2756    #endif
2757        if (code > cd->start_workspace + COMPILE_WORK_SIZE) /* Check for overrun */
2758          {
2759          *errorcodeptr = ERR52;
2760          goto FAILED;
2761          }
2762    
2763        /* There is at least one situation where code goes backwards: this is the
2764        case of a zero quantifier after a class (e.g. [ab]{0}). At compile time,
2765        the class is simply eliminated. However, it is created first, so we have to
2766        allow memory for it. Therefore, don't ever reduce the length at this point.
2767        */
2768    
2769        if (code < last_code) code = last_code;
2770    
2771        /* Paranoid check for integer overflow */
2772    
2773        if (OFLOW_MAX - *lengthptr < code - last_code)
2774          {
2775          *errorcodeptr = ERR20;
2776          goto FAILED;
2777          }
2778    
2779        *lengthptr += code - last_code;
2780        DPRINTF(("length=%d added %d c=%c\n", *lengthptr, code - last_code, c));
2781    
2782        /* If "previous" is set and it is not at the start of the work space, move
2783        it back to there, in order to avoid filling up the work space. Otherwise,
2784        if "previous" is NULL, reset the current code pointer to the start. */
2785    
2786        if (previous != NULL)
2787          {
2788          if (previous > orig_code)
2789            {
2790            memmove(orig_code, previous, code - previous);
2791            code -= previous - orig_code;
2792            previous = orig_code;
2793            }
2794          }
2795        else code = orig_code;
2796    
2797        /* Remember where this code item starts so we can pick up the length
2798        next time round. */
2799    
2800        last_code = code;
2801        }
2802    
2803      /* In the real compile phase, just check the workspace used by the forward
2804      reference list. */
2805    
2806      else if (cd->hwm > cd->start_workspace + COMPILE_WORK_SIZE)
2807        {
2808        *errorcodeptr = ERR52;
2809        goto FAILED;
2810        }
2811    
2812    /* If in \Q...\E, check for the end; if not, we have a literal */    /* If in \Q...\E, check for the end; if not, we have a literal */
2813    
2814    if (inescq && c != 0)    if (inescq && c != 0)
2815      {      {
2816      if (c == '\\' && ptr[1] == 'E')      if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E)
2817        {        {
2818        inescq = FALSE;        inescq = FALSE;
2819        ptr++;        ptr++;
# Line 1651  for (;; ptr++) Line 2823  for (;; ptr++)
2823        {        {
2824        if (previous_callout != NULL)        if (previous_callout != NULL)
2825          {          {
2826          complete_callout(previous_callout, ptr, cd);          if (lengthptr == NULL)  /* Don't attempt in pre-compile phase */
2827              complete_callout(previous_callout, ptr, cd);
2828          previous_callout = NULL;          previous_callout = NULL;
2829          }          }
2830        if ((options & PCRE_AUTO_CALLOUT) != 0)        if ((options & PCRE_AUTO_CALLOUT) != 0)
# Line 1666  for (;; ptr++) Line 2839  for (;; ptr++)
2839    /* Fill in length of a previous callout, except when the next thing is    /* Fill in length of a previous callout, except when the next thing is
2840    a quantifier. */    a quantifier. */
2841    
2842    is_quantifier = c == '*' || c == '+' || c == '?' ||    is_quantifier =
2843      (c == '{' && is_counted_repeat(ptr+1));      c == CHAR_ASTERISK || c == CHAR_PLUS || c == CHAR_QUESTION_MARK ||
2844        (c == CHAR_LEFT_CURLY_BRACKET && is_counted_repeat(ptr+1));
2845    
2846    if (!is_quantifier && previous_callout != NULL &&    if (!is_quantifier && previous_callout != NULL &&
2847         after_manual_callout-- <= 0)         after_manual_callout-- <= 0)
2848      {      {
2849      complete_callout(previous_callout, ptr, cd);      if (lengthptr == NULL)      /* Don't attempt in pre-compile phase */
2850          complete_callout(previous_callout, ptr, cd);
2851      previous_callout = NULL;      previous_callout = NULL;
2852      }      }
2853    
# Line 1681  for (;; ptr++) Line 2856  for (;; ptr++)
2856    if ((options & PCRE_EXTENDED) != 0)    if ((options & PCRE_EXTENDED) != 0)
2857      {      {
2858      if ((cd->ctypes[c] & ctype_space) != 0) continue;      if ((cd->ctypes[c] & ctype_space) != 0) continue;
2859      if (c == '#')      if (c == CHAR_NUMBER_SIGN)
2860        {        {
2861        /* The space before the ; is to avoid a warning on a silly compiler        while (*(++ptr) != 0)
2862        on the Macintosh. */          {
2863        while ((c = *(++ptr)) != 0 && c != NEWLINE) ;          if (IS_NEWLINE(ptr)) { ptr += cd->nllen - 1; break; }
2864        if (c != 0) continue;   /* Else fall through to handle end of string */          }
2865          if (*ptr != 0) continue;
2866    
2867          /* Else fall through to handle end of string */
2868          c = 0;
2869        }        }
2870      }      }
2871    
# Line 1700  for (;; ptr++) Line 2879  for (;; ptr++)
2879    
2880    switch(c)    switch(c)
2881      {      {
2882      /* The branch terminates at end of string, |, or ). */      /* ===================================================================*/
2883        case 0:                        /* The branch terminates at string end */
2884      case 0:      case CHAR_VERTICAL_LINE:       /* or | or ) */
2885      case '|':      case CHAR_RIGHT_PARENTHESIS:
     case ')':  
2886      *firstbyteptr = firstbyte;      *firstbyteptr = firstbyte;
2887      *reqbyteptr = reqbyte;      *reqbyteptr = reqbyte;
2888      *codeptr = code;      *codeptr = code;
2889      *ptrptr = ptr;      *ptrptr = ptr;
2890        if (lengthptr != NULL)
2891          {
2892          if (OFLOW_MAX - *lengthptr < code - last_code)
2893            {
2894            *errorcodeptr = ERR20;
2895            goto FAILED;
2896            }
2897          *lengthptr += code - last_code;   /* To include callout length */
2898          DPRINTF((">> end branch\n"));
2899          }
2900      return TRUE;      return TRUE;
2901    
2902    
2903        /* ===================================================================*/
2904      /* Handle single-character metacharacters. In multiline mode, ^ disables      /* Handle single-character metacharacters. In multiline mode, ^ disables
2905      the setting of any following char as a first character. */      the setting of any following char as a first character. */
2906    
2907      case '^':      case CHAR_CIRCUMFLEX_ACCENT:
2908      if ((options & PCRE_MULTILINE) != 0)      if ((options & PCRE_MULTILINE) != 0)
2909        {        {
2910        if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;        if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;
# Line 1723  for (;; ptr++) Line 2913  for (;; ptr++)
2913      *code++ = OP_CIRC;      *code++ = OP_CIRC;
2914      break;      break;
2915    
2916      case '$':      case CHAR_DOLLAR_SIGN:
2917      previous = NULL;      previous = NULL;
2918      *code++ = OP_DOLL;      *code++ = OP_DOLL;
2919      break;      break;
# Line 1731  for (;; ptr++) Line 2921  for (;; ptr++)
2921      /* There can never be a first char if '.' is first, whatever happens about      /* There can never be a first char if '.' is first, whatever happens about
2922      repeats. The value of reqbyte doesn't change either. */      repeats. The value of reqbyte doesn't change either. */
2923    
2924      case '.':      case CHAR_DOT:
2925      if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;      if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;
2926      zerofirstbyte = firstbyte;      zerofirstbyte = firstbyte;
2927      zeroreqbyte = reqbyte;      zeroreqbyte = reqbyte;
2928      previous = code;      previous = code;
2929      *code++ = OP_ANY;      *code++ = ((options & PCRE_DOTALL) != 0)? OP_ALLANY: OP_ANY;
2930      break;      break;
2931    
2932    
2933        /* ===================================================================*/
2934      /* Character classes. If the included characters are all < 256, we build a      /* Character classes. If the included characters are all < 256, we build a
2935      32-byte bitmap of the permitted characters, except in the special case      32-byte bitmap of the permitted characters, except in the special case
2936      where there is only one such character. For negated classes, we build the      where there is only one such character. For negated classes, we build the
# Line 1749  for (;; ptr++) Line 2941  for (;; ptr++)
2941      opcode is compiled. It may optionally have a bit map for characters < 256,      opcode is compiled. It may optionally have a bit map for characters < 256,
2942      but those above are are explicitly listed afterwards. A flag byte tells      but those above are are explicitly listed afterwards. A flag byte tells
2943      whether the bitmap is present, and whether this is a negated class or not.      whether the bitmap is present, and whether this is a negated class or not.
     */  
2944    
2945      case '[':      In JavaScript compatibility mode, an isolated ']' causes an error. In
2946        default (Perl) mode, it is treated as a data character. */
2947    
2948        case CHAR_RIGHT_SQUARE_BRACKET:
2949        if ((cd->external_options & PCRE_JAVASCRIPT_COMPAT) != 0)
2950          {
2951          *errorcodeptr = ERR64;
2952          goto FAILED;
2953          }
2954        goto NORMAL_CHAR;
2955    
2956        case CHAR_LEFT_SQUARE_BRACKET:
2957      previous = code;      previous = code;
2958    
2959      /* PCRE supports POSIX class stuff inside a class. Perl gives an error if      /* PCRE supports POSIX class stuff inside a class. Perl gives an error if
2960      they are encountered at the top level, so we'll do that too. */      they are encountered at the top level, so we'll do that too. */
2961    
2962      if ((ptr[1] == ':' || ptr[1] == '.' || ptr[1] == '=') &&      if ((ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
2963          check_posix_syntax(ptr, &tempptr, cd))           ptr[1] == CHAR_EQUALS_SIGN) &&
2964            check_posix_syntax(ptr, &tempptr))
2965        {        {
2966        *errorcodeptr = (ptr[1] == ':')? ERR13 : ERR31;        *errorcodeptr = (ptr[1] == CHAR_COLON)? ERR13 : ERR31;
2967        goto FAILED;        goto FAILED;
2968        }        }
2969    
2970      /* If the first character is '^', set the negation flag and skip it. */      /* If the first character is '^', set the negation flag and skip it. Also,
2971        if the first few characters (either before or after ^) are \Q\E or \E we
2972        skip them too. This makes for compatibility with Perl. */
2973    
2974      if ((c = *(++ptr)) == '^')      negate_class = FALSE;
2975        for (;;)
2976        {        {
       negate_class = TRUE;  
2977        c = *(++ptr);        c = *(++ptr);
2978        }        if (c == CHAR_BACKSLASH)
2979      else          {
2980            if (ptr[1] == CHAR_E)
2981              ptr++;
2982            else if (strncmp((const char *)ptr+1,
2983                              STR_Q STR_BACKSLASH STR_E, 3) == 0)
2984              ptr += 3;
2985            else
2986              break;
2987            }
2988          else if (!negate_class && c == CHAR_CIRCUMFLEX_ACCENT)
2989            negate_class = TRUE;
2990          else break;
2991          }
2992    
2993        /* Empty classes are allowed in JavaScript compatibility mode. Otherwise,
2994        an initial ']' is taken as a data character -- the code below handles
2995        that. In JS mode, [] must always fail, so generate OP_FAIL, whereas
2996        [^] must match any character, so generate OP_ALLANY. */
2997    
2998        if (c == CHAR_RIGHT_SQUARE_BRACKET &&
2999            (cd->external_options & PCRE_JAVASCRIPT_COMPAT) != 0)
3000        {        {
3001        negate_class = FALSE;        *code++ = negate_class? OP_ALLANY : OP_FAIL;
3002          if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;
3003          zerofirstbyte = firstbyte;
3004          break;
3005        }        }
3006    
3007        /* If a class contains a negative special such as \S, we need to flip the
3008        negation flag at the end, so that support for characters > 255 works
3009        correctly (they are all included in the class). */
3010    
3011        should_flip_negation = FALSE;
3012    
3013      /* Keep a count of chars with values < 256 so that we can optimize the case      /* Keep a count of chars with values < 256 so that we can optimize the case
3014      of just a single character (as long as it's < 256). For higher valued UTF-8      of just a single character (as long as it's < 256). However, For higher
3015      characters, we don't yet do any optimization. */      valued UTF-8 characters, we don't yet do any optimization. */
3016    
3017      class_charcount = 0;      class_charcount = 0;
3018      class_lastchar = -1;      class_lastchar = -1;
3019    
3020        /* Initialize the 32-char bit map to all zeros. We build the map in a
3021        temporary bit of memory, in case the class contains only 1 character (less
3022        than 256), because in that case the compiled code doesn't use the bit map.
3023        */
3024    
3025        memset(classbits, 0, 32 * sizeof(uschar));
3026    
3027  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
3028      class_utf8 = FALSE;                       /* No chars >= 256 */      class_utf8 = FALSE;                       /* No chars >= 256 */
3029      class_utf8data = code + LINK_SIZE + 34;   /* For UTF-8 items */      class_utf8data = code + LINK_SIZE + 2;    /* For UTF-8 items */
3030        class_utf8data_base = class_utf8data;     /* For resetting in pass 1 */
3031  #endif  #endif
3032    
     /* Initialize the 32-char bit map to all zeros. We have to build the  
     map in a temporary bit of store, in case the class contains only 1  
     character (< 256), because in that case the compiled code doesn't use the  
     bit map. */  
   
     memset(classbits, 0, 32 * sizeof(uschar));  
   
3033      /* Process characters until ] is reached. By writing this as a "do" it      /* Process characters until ] is reached. By writing this as a "do" it
3034      means that an initial ] is taken as a data character. The first pass      means that an initial ] is taken as a data character. At the start of the
3035      through the regex checked the overall syntax, so we don't need to be very      loop, c contains the first byte of the character. */
     strict here. At the start of the loop, c contains the first byte of the  
     character. */  
3036    
3037      do      if (c != 0) do
3038        {        {
3039          const uschar *oldptr;
3040    
3041  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
3042        if (utf8 && c > 127)        if (utf8 && c > 127)
3043          {                           /* Braces are required because the */          {                           /* Braces are required because the */
3044          GETCHARLEN(c, ptr, ptr);    /* macro generates multiple statements */          GETCHARLEN(c, ptr, ptr);    /* macro generates multiple statements */
3045          }          }
3046    
3047          /* In the pre-compile phase, accumulate the length of any UTF-8 extra
3048          data and reset the pointer. This is so that very large classes that
3049          contain a zillion UTF-8 characters no longer overwrite the work space
3050          (which is on the stack). */
3051    
3052          if (lengthptr != NULL)
3053            {
3054            *lengthptr += class_utf8data - class_utf8data_base;
3055            class_utf8data = class_utf8data_base;
3056            }
3057    
3058  #endif  #endif
3059    
3060        /* Inside \Q...\E everything is literal except \E */        /* Inside \Q...\E everything is literal except \E */
3061    
3062        if (inescq)        if (inescq)
3063          {          {
3064          if (c == '\\' && ptr[1] == 'E')          if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E)  /* If we are at \E */
3065            {            {
3066            inescq = FALSE;            inescq = FALSE;                   /* Reset literal state */
3067            ptr++;            ptr++;                            /* Skip the 'E' */
3068            continue;            continue;                         /* Carry on with next */
3069            }            }
3070          else goto LONE_SINGLE_CHARACTER;          goto CHECK_RANGE;                   /* Could be range if \E follows */
3071          }          }
3072    
3073        /* Handle POSIX class names. Perl allows a negation extension of the        /* Handle POSIX class names. Perl allows a negation extension of the
# Line 1829  for (;; ptr++) Line 3076  for (;; ptr++)
3076        [.ch.] and [=ch=] ("collating elements") and fault them, as Perl        [.ch.] and [=ch=] ("collating elements") and fault them, as Perl
3077        5.6 and 5.8 do. */        5.6 and 5.8 do. */
3078    
3079        if (c == '[' &&        if (c == CHAR_LEFT_SQUARE_BRACKET &&
3080            (ptr[1] == ':' || ptr[1] == '.' || ptr[1] == '=') &&            (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
3081            check_posix_syntax(ptr, &tempptr, cd))             ptr[1] == CHAR_EQUALS_SIGN) && check_posix_syntax(ptr, &tempptr))
3082          {          {
3083          BOOL local_negate = FALSE;          BOOL local_negate = FALSE;
3084          int posix_class, taboffset, tabopt;          int posix_class, taboffset, tabopt;
3085          register const uschar *cbits = cd->cbits;          register const uschar *cbits = cd->cbits;
3086          uschar pbits[32];          uschar pbits[32];
3087    
3088          if (ptr[1] != ':')          if (ptr[1] != CHAR_COLON)
3089            {            {
3090            *errorcodeptr = ERR31;            *errorcodeptr = ERR31;
3091            goto FAILED;            goto FAILED;
3092            }            }
3093    
3094          ptr += 2;          ptr += 2;
3095          if (*ptr == '^')          if (*ptr == CHAR_CIRCUMFLEX_ACCENT)
3096            {            {
3097            local_negate = TRUE;            local_negate = TRUE;
3098              should_flip_negation = TRUE;  /* Note negative special */
3099            ptr++;            ptr++;
3100            }            }
3101    
# Line 1911  for (;; ptr++) Line 3159  for (;; ptr++)
3159          }          }
3160    
3161        /* Backslash may introduce a single character, or it may introduce one        /* Backslash may introduce a single character, or it may introduce one
3162        of the specials, which just set a flag. Escaped items are checked for        of the specials, which just set a flag. The sequence \b is a special
3163        validity in the pre-compiling pass. The sequence \b is a special case.        case. Inside a class (and only there) it is treated as backspace.
3164        Inside a class (and only there) it is treated as backspace. Elsewhere        Elsewhere it marks a word boundary. Other escapes have preset maps ready
3165        it marks a word boundary. Other escapes have preset maps ready to        to 'or' into the one we are building. We assume they have more than one
       or into the one we are building. We assume they have more than one  
3166        character in them, so set class_charcount bigger than one. */        character in them, so set class_charcount bigger than one. */
3167    
3168        if (c == '\\')        if (c == CHAR_BACKSLASH)
3169          {          {
3170          c = check_escape(&ptr, errorcodeptr, *brackets, options, TRUE);          c = check_escape(&ptr, errorcodeptr, cd->bracount, options, TRUE);
3171            if (*errorcodeptr != 0) goto FAILED;
3172    
3173          if (-c == ESC_b) c = '\b';       /* \b is backslash in a class */          if (-c == ESC_b) c = CHAR_BS;       /* \b is backspace in a class */
3174          else if (-c == ESC_X) c = 'X';   /* \X is literal X in a class */          else if (-c == ESC_X) c = CHAR_X;   /* \X is literal X in a class */
3175            else if (-c == ESC_R) c = CHAR_R;   /* \R is literal R in a class */
3176          else if (-c == ESC_Q)            /* Handle start of quoted string */          else if (-c == ESC_Q)            /* Handle start of quoted string */
3177            {            {
3178            if (ptr[1] == '\\' && ptr[2] == 'E')            if (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
3179              {              {
3180              ptr += 2; /* avoid empty string */              ptr += 2; /* avoid empty string */
3181              }              }
3182            else inescq = TRUE;            else inescq = TRUE;
3183            continue;            continue;
3184            }            }
3185            else if (-c == ESC_E) continue;  /* Ignore orphan \E */
3186    
3187          if (c < 0)          if (c < 0)
3188            {            {
3189            register const uschar *cbits = cd->cbits;            register const uschar *cbits = cd->cbits;
3190            class_charcount += 2;     /* Greater than 1 is what matters */            class_charcount += 2;     /* Greater than 1 is what matters */
3191            switch (-c)  
3192              /* Save time by not doing this in the pre-compile phase. */
3193    
3194              if (lengthptr == NULL) switch (-c)
3195              {              {
3196              case ESC_d:              case ESC_d:
3197              for (c = 0; c < 32; c++) classbits[c] |= cbits[c+cbit_digit];              for (c = 0; c < 32; c++) classbits[c] |= cbits[c+cbit_digit];
3198              continue;              continue;
3199    
3200              case ESC_D:              case ESC_D:
3201                should_flip_negation = TRUE;
3202              for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_digit];              for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_digit];
3203              continue;              continue;
3204    
# Line 1953  for (;; ptr++) Line 3207  for (;; ptr++)
3207              continue;              continue;
3208    
3209              case ESC_W:              case ESC_W:
3210                should_flip_negation = TRUE;
3211              for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_word];              for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_word];
3212              continue;              continue;
3213    
# Line 1962  for (;; ptr++) Line 3217  for (;; ptr++)
3217              continue;              continue;
3218    
3219              case ESC_S:              case ESC_S:
3220                should_flip_negation = TRUE;
3221              for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_space];              for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_space];
3222              classbits[1] |= 0x08;    /* Perl 5.004 onwards omits VT from \s */              classbits[1] |= 0x08;    /* Perl 5.004 onwards omits VT from \s */
3223              continue;              continue;
3224    
3225  #ifdef SUPPORT_UCP              default:    /* Not recognized; fall through */
3226              case ESC_p:              break;      /* Need "default" setting to stop compiler warning. */
3227              case ESC_P:              }
3228    
3229              /* In the pre-compile phase, just do the recognition. */
3230    
3231              else if (c == -ESC_d || c == -ESC_D || c == -ESC_w ||
3232                       c == -ESC_W || c == -ESC_s || c == -ESC_S) continue;
3233    
3234              /* We need to deal with \H, \h, \V, and \v in both phases because
3235              they use extra memory. */
3236    
3237              if (-c == ESC_h)
3238                {
3239                SETBIT(classbits, 0x09); /* VT */
3240                SETBIT(classbits, 0x20); /* SPACE */
3241                SETBIT(classbits, 0xa0); /* NSBP */
3242    #ifdef SUPPORT_UTF8
3243                if (utf8)
3244                  {
3245                  class_utf8 = TRUE;
3246                  *class_utf8data++ = XCL_SINGLE;
3247                  class_utf8data += _pcre_ord2utf8(0x1680, class_utf8data);
3248                  *class_utf8data++ = XCL_SINGLE;
3249                  class_utf8data += _pcre_ord2utf8(0x180e, class_utf8data);
3250                  *class_utf8data++ = XCL_RANGE;
3251                  class_utf8data += _pcre_ord2utf8(0x2000, class_utf8data);
3252                  class_utf8data += _pcre_ord2utf8(0x200A, class_utf8data);
3253                  *class_utf8data++ = XCL_SINGLE;
3254                  class_utf8data += _pcre_ord2utf8(0x202f, class_utf8data);
3255                  *class_utf8data++ = XCL_SINGLE;
3256                  class_utf8data += _pcre_ord2utf8(0x205f, class_utf8data);
3257                  *class_utf8data++ = XCL_SINGLE;
3258                  class_utf8data += _pcre_ord2utf8(0x3000, class_utf8data);
3259                  }
3260    #endif
3261                continue;
3262                }
3263    
3264              if (-c == ESC_H)
3265                {
3266                for (c = 0; c < 32; c++)
3267                  {
3268                  int x = 0xff;
3269                  switch (c)
3270                    {
3271                    case 0x09/8: x ^= 1 << (0x09%8); break;
3272                    case 0x20/8: x ^= 1 << (0x20%8); break;
3273                    case 0xa0/8: x ^= 1 << (0xa0%8); break;
3274                    default: break;
3275                    }
3276                  classbits[c] |= x;
3277                  }
3278    
3279    #ifdef SUPPORT_UTF8
3280                if (utf8)
3281                {                {
               BOOL negated;  
               int pdata;  
               int ptype = get_ucp(&ptr, &negated, &pdata, errorcodeptr);  
               if (ptype < 0) goto FAILED;  
3282                class_utf8 = TRUE;                class_utf8 = TRUE;
3283                *class_utf8data++ = ((-c == ESC_p) != negated)?                *class_utf8data++ = XCL_RANGE;
3284                  XCL_PROP : XCL_NOTPROP;                class_utf8data += _pcre_ord2utf8(0x0100, class_utf8data);
3285                *class_utf8data++ = ptype;                class_utf8data += _pcre_ord2utf8(0x167f, class_utf8data);
3286                *class_utf8data++ = pdata;                *class_utf8data++ = XCL_RANGE;
3287                class_charcount -= 2;   /* Not a < 256 character */                class_utf8data += _pcre_ord2utf8(0x1681, class_utf8data);
3288                  class_utf8data += _pcre_ord2utf8(0x180d, class_utf8data);
3289                  *class_utf8data++ = XCL_RANGE;
3290                  class_utf8data += _pcre_ord2utf8(0x180f, class_utf8data);
3291                  class_utf8data += _pcre_ord2utf8(0x1fff, class_utf8data);
3292                  *class_utf8data++ = XCL_RANGE;
3293                  class_utf8data += _pcre_ord2utf8(0x200B, class_utf8data);
3294                  class_utf8data += _pcre_ord2utf8(0x202e, class_utf8data);
3295                  *class_utf8data++ = XCL_RANGE;
3296                  class_utf8data += _pcre_ord2utf8(0x2030, class_utf8data);
3297                  class_utf8data += _pcre_ord2utf8(0x205e, class_utf8data);
3298                  *class_utf8data++ = XCL_RANGE;
3299                  class_utf8data += _pcre_ord2utf8(0x2060, class_utf8data);
3300                  class_utf8data += _pcre_ord2utf8(0x2fff, class_utf8data);
3301                  *class_utf8data++ = XCL_RANGE;
3302                  class_utf8data += _pcre_ord2utf8(0x3001, class_utf8data);
3303                  class_utf8data += _pcre_ord2utf8(0x7fffffff, class_utf8data);
3304                }                }
3305    #endif
3306              continue;              continue;
3307                }
3308    
3309              if (-c == ESC_v)
3310                {
3311                SETBIT(classbits, 0x0a); /* LF */
3312                SETBIT(classbits, 0x0b); /* VT */
3313                SETBIT(classbits, 0x0c); /* FF */
3314                SETBIT(classbits, 0x0d); /* CR */
3315                SETBIT(classbits, 0x85); /* NEL */
3316    #ifdef SUPPORT_UTF8
3317                if (utf8)
3318                  {
3319                  class_utf8 = TRUE;
3320                  *class_utf8data++ = XCL_RANGE;
3321                  class_utf8data += _pcre_ord2utf8(0x2028, class_utf8data);
3322                  class_utf8data += _pcre_ord2utf8(0x2029, class_utf8data);
3323                  }
3324  #endif  #endif
3325                continue;
3326                }
3327    
3328              /* Unrecognized escapes are faulted if PCRE is running in its            if (-c == ESC_V)
3329              strict mode. By default, for compatibility with Perl, they are              {
3330              treated as literals. */              for (c = 0; c < 32; c++)
3331                  {
3332                  int x = 0xff;
3333                  switch (c)
3334                    {
3335                    case 0x0a/8: x ^= 1 << (0x0a%8);
3336                                 x ^= 1 << (0x0b%8);
3337                                 x ^= 1 << (0x0c%8);
3338                                 x ^= 1 << (0x0d%8);
3339                                 break;
3340                    case 0x85/8: x ^= 1 << (0x85%8); break;
3341                    default: break;
3342                    }
3343                  classbits[c] |= x;
3344                  }
3345    
3346              default:  #ifdef SUPPORT_UTF8
3347              if ((options & PCRE_EXTRA) != 0)              if (utf8)
3348                {                {
3349                *errorcodeptr = ERR7;                class_utf8 = TRUE;
3350                goto FAILED;                *class_utf8data++ = XCL_RANGE;
3351                  class_utf8data += _pcre_ord2utf8(0x0100, class_utf8data);
3352                  class_utf8data += _pcre_ord2utf8(0x2027, class_utf8data);
3353                  *class_utf8data++ = XCL_RANGE;
3354                  class_utf8data += _pcre_ord2utf8(0x2029, class_utf8data);
3355                  class_utf8data += _pcre_ord2utf8(0x7fffffff, class_utf8data);
3356                }                }
3357              c = *ptr;              /* The final character */  #endif
3358              class_charcount -= 2;  /* Undo the default count from above */              continue;
3359                }
3360    
3361              /* We need to deal with \P and \p in both phases. */
3362    
3363    #ifdef SUPPORT_UCP
3364              if (-c == ESC_p || -c == ESC_P)
3365                {
3366                BOOL negated;
3367                int pdata;
3368                int ptype = get_ucp(&ptr, &negated, &pdata, errorcodeptr);
3369                if (ptype < 0) goto FAILED;
3370                class_utf8 = TRUE;
3371                *class_utf8data++ = ((-c == ESC_p) != negated)?
3372                  XCL_PROP : XCL_NOTPROP;
3373                *class_utf8data++ = ptype;
3374                *class_utf8data++ = pdata;
3375                class_charcount -= 2;   /* Not a < 256 character */
3376                continue;
3377                }
3378    #endif
3379              /* Unrecognized escapes are faulted if PCRE is running in its
3380              strict mode. By default, for compatibility with Perl, they are
3381              treated as literals. */
3382    
3383              if ((options & PCRE_EXTRA) != 0)
3384                {
3385                *errorcodeptr = ERR7;
3386                goto FAILED;
3387              }              }
3388    
3389              class_charcount -= 2;  /* Undo the default count from above */
3390              c = *ptr;              /* Get the final character and fall through */
3391            }            }
3392    
3393          /* Fall through if we have a single character (c >= 0). This may be          /* Fall through if we have a single character (c >= 0). This may be
3394          > 256 in UTF-8 mode. */          greater than 256 in UTF-8 mode. */
3395    
3396          }   /* End of backslash handling */          }   /* End of backslash handling */
3397    
3398        /* A single character may be followed by '-' to form a range. However,        /* A single character may be followed by '-' to form a range. However,
3399        Perl does not permit ']' to be the end of the range. A '-' character        Perl does not permit ']' to be the end of the range. A '-' character
3400        here is treated as a literal. */        at the end is treated as a literal. Perl ignores orphaned \E sequences
3401          entirely. The code for handling \Q and \E is messy. */
3402    
3403          CHECK_RANGE:
3404          while (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
3405            {
3406            inescq = FALSE;
3407            ptr += 2;
3408            }
3409    
3410          oldptr = ptr;
3411    
3412          /* Remember \r or \n */
3413    
3414        if (ptr[1] == '-' && ptr[2] != ']')        if (c == CHAR_CR || c == CHAR_NL) cd->external_flags |= PCRE_HASCRORLF;
3415    
3416          /* Check for range */
3417    
3418          if (!inescq && ptr[1] == CHAR_MINUS)
3419          {          {
3420          int d;          int d;
3421          ptr += 2;          ptr += 2;
3422            while (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_E) ptr += 2;
3423    
3424            /* If we hit \Q (not followed by \E) at this point, go into escaped
3425            mode. */
3426    
3427            while (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_Q)
3428              {
3429              ptr += 2;
3430              if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_E)
3431                { ptr += 2; continue; }
3432              inescq = TRUE;
3433              break;
3434              }
3435    
3436            if (*ptr == 0 || (!inescq && *ptr == CHAR_RIGHT_SQUARE_BRACKET))
3437              {
3438              ptr = oldptr;
3439              goto LONE_SINGLE_CHARACTER;
3440              }
3441    
3442  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
3443          if (utf8)          if (utf8)
# Line 2026  for (;; ptr++) Line 3452  for (;; ptr++)
3452          not any of the other escapes. Perl 5.6 treats a hyphen as a literal          not any of the other escapes. Perl 5.6 treats a hyphen as a literal
3453          in such circumstances. */          in such circumstances. */
3454    
3455          if (d == '\\')          if (!inescq && d == CHAR_BACKSLASH)
3456            {            {
3457            const uschar *oldptr = ptr;            d = check_escape(&ptr, errorcodeptr, cd->bracount, options, TRUE);
3458            d = check_escape(&ptr, errorcodeptr, *brackets, options, TRUE);            if (*errorcodeptr != 0) goto FAILED;
3459    
3460            /* \b is backslash; \X is literal X; any other special means the '-'            /* \b is backspace; \X is literal X; \R is literal R; any other
3461            was literal */            special means the '-' was literal */
3462    
3463            if (d < 0)            if (d < 0)
3464              {              {
3465              if (d == -ESC_b) d = '\b';              if (d == -ESC_b) d = CHAR_BS;
3466              else if (d == -ESC_X) d = 'X'; else              else if (d == -ESC_X) d = CHAR_X;
3467                else if (d == -ESC_R) d = CHAR_R; else
3468                {                {
3469                ptr = oldptr - 2;                ptr = oldptr;
3470                goto LONE_SINGLE_CHARACTER;  /* A few lines below */                goto LONE_SINGLE_CHARACTER;  /* A few lines below */
3471                }                }
3472              }              }
3473            }            }
3474    
3475          /* The check that the two values are in the correct order happens in          /* Check that the two values are in the correct order. Optimize
3476          the pre-pass. Optimize one-character ranges */          one-character ranges */
3477    
3478            if (d < c)
3479              {
3480              *errorcodeptr = ERR8;
3481              goto FAILED;
3482              }
3483    
3484          if (d == c) goto LONE_SINGLE_CHARACTER;  /* A few lines below */          if (d == c) goto LONE_SINGLE_CHARACTER;  /* A few lines below */
3485    
3486            /* Remember \r or \n */
3487    
3488            if (d == CHAR_CR || d == CHAR_NL) cd->external_flags |= PCRE_HASCRORLF;
3489    
3490          /* In UTF-8 mode, if the upper limit is > 255, or > 127 for caseless          /* In UTF-8 mode, if the upper limit is > 255, or > 127 for caseless
3491          matching, we have to use an XCLASS with extra data items. Caseless          matching, we have to use an XCLASS with extra data items. Caseless
3492          matching for characters > 127 is available only if UCP support is          matching for characters > 127 is available only if UCP support is
# Line 2067  for (;; ptr++) Line 3504  for (;; ptr++)
3504  #ifdef SUPPORT_UCP  #ifdef SUPPORT_UCP
3505            if ((options & PCRE_CASELESS) != 0)            if ((options & PCRE_CASELESS) != 0)
3506              {              {
3507              int occ, ocd;              unsigned int occ, ocd;
3508              int cc = c;              unsigned int cc = c;
3509              int origd = d;              unsigned int origd = d;
3510              while (get_othercase_range(&cc, origd, &occ, &ocd))              while (get_othercase_range(&cc, origd, &occ, &ocd))
3511                {                {
3512                if (occ >= c && ocd <= d) continue;  /* Skip embedded ranges */                if (occ >= (unsigned int)c &&
3513                      ocd <= (unsigned int)d)
3514                    continue;                          /* Skip embedded ranges */
3515    
3516                if (occ < c  && ocd >= c - 1)        /* Extend the basic range */                if (occ < (unsigned int)c  &&
3517                      ocd >= (unsigned int)c - 1)      /* Extend the basic range */
3518                  {                                  /* if there is overlap,   */                  {                                  /* if there is overlap,   */
3519                  c = occ;                           /* noting that if occ < c */                  c = occ;                           /* noting that if occ < c */
3520                  continue;                          /* we can't have ocd > d  */                  continue;                          /* we can't have ocd > d  */
3521                  }                                  /* because a subrange is  */                  }                                  /* because a subrange is  */
3522                if (ocd > d && occ <= d + 1)         /* always shorter than    */                if (ocd > (unsigned int)d &&
3523                      occ <= (unsigned int)d + 1)      /* always shorter than    */
3524                  {                                  /* the basic range.       */                  {                                  /* the basic range.       */
3525                  d = ocd;                  d = ocd;
3526                  continue;                  continue;
# Line 2127  for (;; ptr++) Line 3568  for (;; ptr++)
3568          ranges that lie entirely within 0-127 when there is UCP support; else          ranges that lie entirely within 0-127 when there is UCP support; else
3569          for partial ranges without UCP support. */          for partial ranges without UCP support. */
3570    
3571          for (; c <= d; c++)          class_charcount += d - c + 1;
3572            class_lastchar = d;
3573    
3574            /* We can save a bit of time by skipping this in the pre-compile. */
3575    
3576            if (lengthptr == NULL) for (; c <= d; c++)
3577            {            {
3578            classbits[c/8] |= (1 << (c&7));            classbits[c/8] |= (1 << (c&7));
3579            if ((options & PCRE_CASELESS) != 0)            if ((options & PCRE_CASELESS) != 0)
# Line 2135  for (;; ptr++) Line 3581  for (;; ptr++)
3581              int uc = cd->fcc[c];           /* flip case */              int uc = cd->fcc[c];           /* flip case */
3582              classbits[uc/8] |= (1 << (uc&7));              classbits[uc/8] |= (1 << (uc&7));
3583              }              }
           class_charcount++;                /* in case a one-char range */  
           class_lastchar = c;  
3584            }            }
3585    
3586          continue;   /* Go get the next char in the class */          continue;   /* Go get the next char in the class */
# Line 2160  for (;; ptr++) Line 3604  for (;; ptr++)
3604  #ifdef SUPPORT_UCP  #ifdef SUPPORT_UCP
3605          if ((options & PCRE_CASELESS) != 0)          if ((options & PCRE_CASELESS) != 0)
3606            {            {
3607            int othercase;            unsigned int othercase;
3608            if ((othercase = _pcre_ucp_othercase(c)) >= 0)            if ((othercase = UCD_OTHERCASE(c)) != c)
3609              {              {
3610              *class_utf8data++ = XCL_SINGLE;              *class_utf8data++ = XCL_SINGLE;
3611              class_utf8data += _pcre_ord2utf8(othercase, class_utf8data);              class_utf8data += _pcre_ord2utf8(othercase, class_utf8data);
# Line 2186  for (;; ptr++) Line 3630  for (;; ptr++)
3630          }          }
3631        }        }
3632    
3633      /* Loop until ']' reached; the check for end of string happens inside the      /* Loop until ']' reached. This "while" is the end of the "do" above. */
3634      loop. This "while" is the end of the "do" above. */  
3635        while ((c = *(++ptr)) != 0 && (c != CHAR_RIGHT_SQUARE_BRACKET || inescq));
3636    
3637        if (c == 0)                          /* Missing terminating ']' */
3638          {
3639          *errorcodeptr = ERR6;
3640          goto FAILED;
3641          }
3642    
3643    
3644    /* This code has been disabled because it would mean that \s counts as
3645    an explicit \r or \n reference, and that's not really what is wanted. Now
3646    we set the flag only if there is a literal "\r" or "\n" in the class. */
3647    
3648    #if 0
3649        /* Remember whether \r or \n are in this class */
3650    
3651        if (negate_class)
3652          {
3653          if ((classbits[1] & 0x24) != 0x24) cd->external_flags |= PCRE_HASCRORLF;
3654          }
3655        else
3656          {
3657          if ((classbits[1] & 0x24) != 0) cd->external_flags |= PCRE_HASCRORLF;
3658          }
3659    #endif
3660    
     while ((c = *(++ptr)) != ']' || inescq);  
3661    
3662      /* If class_charcount is 1, we saw precisely one character whose value is      /* If class_charcount is 1, we saw precisely one character whose value is
3663      less than 256. In non-UTF-8 mode we can always optimize. In UTF-8 mode, we      less than 256. As long as there were no characters >= 128 and there was no
3664      can optimize the negative case only if there were no characters >= 128      use of \p or \P, in other words, no use of any XCLASS features, we can
3665      because OP_NOT and the related opcodes like OP_NOTSTAR operate on      optimize.
3666      single-bytes only. This is an historical hangover. Maybe one day we can  
3667      tidy these opcodes to handle multi-byte characters.      In UTF-8 mode, we can optimize the negative case only if there were no
3668        characters >= 128 because OP_NOT and the related opcodes like OP_NOTSTAR
3669        operate on single-bytes only. This is an historical hangover. Maybe one day
3670        we can tidy these opcodes to handle multi-byte characters.
3671    
3672      The optimization throws away the bit map. We turn the item into a      The optimization throws away the bit map. We turn the item into a
3673      1-character OP_CHAR[NC] if it's positive, or OP_NOT if it's negative. Note      1-character OP_CHAR[NC] if it's positive, or OP_NOT if it's negative. Note
# Line 2206  for (;; ptr++) Line 3677  for (;; ptr++)
3677      reqbyte, save the previous value for reinstating. */      reqbyte, save the previous value for reinstating. */
3678    
3679  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
3680      if (class_charcount == 1 &&      if (class_charcount == 1 && !class_utf8 &&
3681            (!utf8 ||        (!utf8 || !negate_class || class_lastchar < 128))
           (!class_utf8 && (!negate_class || class_lastchar < 128))))  
   
3682  #else  #else
3683      if (class_charcount == 1)      if (class_charcount == 1)
3684  #endif  #endif
# Line 2252  for (;; ptr++) Line 3721  for (;; ptr++)
3721      zeroreqbyte = reqbyte;      zeroreqbyte = reqbyte;
3722    
3723      /* If there are characters with values > 255, we have to compile an      /* If there are characters with values > 255, we have to compile an
3724      extended class, with its own opcode. If there are no characters < 256,      extended class, with its own opcode, unless there was a negated special
3725      we can omit the bitmap. */      such as \S in the class, because in that case all characters > 255 are in
3726        the class, so any that were explicitly given as well can be ignored. If
3727        (when there are explicit characters > 255 that must be listed) there are no
3728        characters < 256, we can omit the bitmap in the actual compiled code. */
3729    
3730  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF8
3731      if (class_utf8)      if (class_utf8 && !should_flip_negation)
3732        {        {
3733        *class_utf8data++ = XCL_END;    /* Marks the end of extra data */        *class_utf8data++ = XCL_END;    /* Marks the end of extra data */
3734        *code++ = OP_XCLASS;        *code++ = OP_XCLASS;
3735        code += LINK_SIZE;        code += LINK_SIZE;
3736        *code = negate_class? XCL_NOT : 0;        *code = negate_class? XCL_NOT : 0;
3737    
3738        /* If the map is required, install it, and move on to the end of        /* If the map is required, move up the extra data to make room for it;
3739        the extra data */        otherwise just move the code pointer to the end of the extra data. */
3740    
3741        if (class_charcount > 0)        if (class_charcount > 0)
3742          {          {
3743          *code++ |= XCL_MAP;          *code++ |= XCL_MAP;
3744            memmove(code + 32, code, class_utf8data - code);
3745          memcpy(code, classbits, 32);          memcpy(code, classbits, 32);
3746          code = class_utf8data;          code = class_utf8data + 32;
         }  
   
       /* If the map is not required, slide down the extra data. */  
   
       else  
         {  
         int len = class_utf8data - (code + 33);  
         memmove(code + 1, code + 33, len);  
         code += len + 1;  
3747          }          }
3748          else code = class_utf8data;
3749    
3750        /* Now fill in the complete length of the item */        /* Now fill in the complete length of the item */
3751    
# Line 2289  for (;; ptr++) Line 3754  for (;; ptr++)
3754        }        }
3755  #endif  #endif
3756    
3757      /* If there are no characters > 255, negate the 32-byte map if necessary,      /* If there are no characters > 255, set the opcode to OP_CLASS or
3758      and copy it into the code vector. If this is the first thing in the branch,      OP_NCLASS, depending on whether the whole class was negated and whether
3759      there can be no first char setting, whatever the repeat count. Any reqbyte      there were negative specials such as \S in the class. Then copy the 32-byte
3760      setting must remain unchanged after any kind of repeat. */      map into the code vector, negating it if necessary. */
3761    
3762        *code++ = (negate_class == should_flip_negation) ? OP_CLASS : OP_NCLASS;
3763      if (negate_class)      if (negate_class)
3764        {        {
3765        *code++ = OP_NCLASS;        if (lengthptr == NULL)    /* Save time in the pre-compile phase */
3766        for (c = 0; c < 32; c++) code[c] = ~classbits[c];          for (c = 0; c < 32; c++) code[c] = ~classbits[c];
3767        }        }
3768      else      else
3769        {        {
       *code++ = OP_CLASS;  
3770        memcpy(code, classbits, 32);        memcpy(code, classbits, 32);
3771        }        }
3772      code += 32;      code += 32;
3773      break;      break;
3774    
3775    
3776        /* ===================================================================*/
3777      /* Various kinds of repeat; '{' is not necessarily a quantifier, but this      /* Various kinds of repeat; '{' is not necessarily a quantifier, but this
3778      has been tested above. */      has been tested above. */
3779    
3780      case '{':      case CHAR_LEFT_CURLY_BRACKET:
3781      if (!is_quantifier) goto NORMAL_CHAR;      if (!is_quantifier) goto NORMAL_CHAR;
3782      ptr = read_repeat_counts(ptr+1, &repeat_min, &repeat_max, errorcodeptr);      ptr = read_repeat_counts(ptr+1, &repeat_min, &repeat_max, errorcodeptr);
3783      if (*errorcodeptr != 0) goto FAILED;      if (*errorcodeptr != 0) goto FAILED;
3784      goto REPEAT;      goto REPEAT;
3785    
3786      case '*':      case CHAR_ASTERISK:
3787      repeat_min = 0;      repeat_min = 0;
3788      repeat_max = -1;      repeat_max = -1;
3789      goto REPEAT;      goto REPEAT;
3790    
3791      case '+':      case CHAR_PLUS:
3792      repeat_min = 1;      repeat_min = 1;
3793      repeat_max = -1;      repeat_max = -1;
3794      goto REPEAT;      goto REPEAT;
3795    
3796      case '?':      case CHAR_QUESTION_MARK:
3797      repeat_min = 0;      repeat_min = 0;
3798      repeat_max = 1;      repeat_max = 1;
3799    
# Line 2361  for (;; ptr++) Line 3828  for (;; ptr++)
3828      but if PCRE_UNGREEDY is set, it works the other way round. We change the      but if PCRE_UNGREEDY is set, it works the other way round. We change the
3829      repeat type to the non-default. */      repeat type to the non-default. */
3830    
3831      if (ptr[1] == '+')      if (ptr[1] == CHAR_PLUS)
3832        {        {
3833        repeat_type = 0;                  /* Force greedy */        repeat_type = 0;                  /* Force greedy */
3834        possessive_quantifier = TRUE;        possessive_quantifier = TRUE;
3835        ptr++;        ptr++;
3836        }        }
3837      else if (ptr[1] == '?')      else if (ptr[1] == CHAR_QUESTION_MARK)
3838        {        {
3839        repeat_type = greedy_non_default;        repeat_type = greedy_non_default;
3840        ptr++;        ptr++;
3841        }        }
3842      else repeat_type = greedy_default;      else repeat_type = greedy_default;
3843    
     /* If previous was a recursion, we need to wrap it inside brackets so that  
     it can be replicated if necessary. */  
   
     if (*previous == OP_RECURSE)  
       {  
       memmove(previous + 1 + LINK_SIZE, previous, 1 + LINK_SIZE);  
       code += 1 + LINK_SIZE;  
       *previous = OP_BRA;  
       PUT(previous, 1, code - previous);  
       *code = OP_KET;  
       PUT(code, 1, code - previous);  
       code += 1 + LINK_SIZE;  
       }  
   
3844      /* If previous was a character match, abolish the item and generate a      /* If previous was a character match, abolish the item and generate a
3845      repeat item instead. If a char item has a minumum of more than one, ensure      repeat item instead. If a char item has a minumum of more than one, ensure
3846      that it is set in reqbyte - it might not be if a sequence such as x{3} is      that it is set in reqbyte - it might not be if a sequence such as x{3} is
# Line 2421  for (;; ptr++) Line 3874  for (;; ptr++)
3874          if (repeat_min > 1) reqbyte = c | req_caseopt | cd->req_varyopt;          if (repeat_min > 1) reqbyte = c | req_caseopt | cd->req_varyopt;
3875          }          }
3876    
3877          /* If the repetition is unlimited, it pays to see if the next thing on
3878          the line is something that cannot possibly match this character. If so,
3879          automatically possessifying this item gains some performance in the case
3880          where the match fails. */
3881    
3882          if (!possessive_quantifier &&
3883              repeat_max < 0 &&
3884              check_auto_possessive(*previous, c, utf8, utf8_char, ptr + 1,
3885                options, cd))
3886            {
3887            repeat_type = 0;    /* Force greedy */
3888            possessive_quantifier = TRUE;
3889            }
3890    
3891        goto OUTPUT_SINGLE_REPEAT;   /* Code shared with single character types */        goto OUTPUT_SINGLE_REPEAT;   /* Code shared with single character types */
3892        }        }
3893    
3894      /* If previous was a single negated character ([^a] or similar), we use      /* If previous was a single negated character ([^a] or similar), we use
3895      one of the special opcodes, replacing it. The code is shared with single-      one of the special opcodes, replacing it. The code is shared with single-
3896      character repeats by setting opt_type to add a suitable offset into      character repeats by setting opt_type to add a suitable offset into
3897      repeat_type. OP_NOT is currently used only for single-byte chars. */      repeat_type. We can also test for auto-possessification. OP_NOT is
3898        currently used only for single-byte chars. */
3899    
3900      else if (*previous == OP_NOT)      else if (*previous == OP_NOT)
3901        {        {
3902        op_type = OP_NOTSTAR - OP_STAR;  /* Use "not" opcodes */        op_type = OP_NOTSTAR - OP_STAR;  /* Use "not" opcodes */
3903        c = previous[1];        c = previous[1];
3904          if (!possessive_quantifier &&
3905              repeat_max < 0 &&
3906              check_auto_possessive(OP_NOT, c, utf8, NULL, ptr + 1, options, cd))
3907            {
3908            repeat_type = 0;    /* Force greedy */
3909            possessive_quantifier = TRUE;
3910            }
3911        goto OUTPUT_SINGLE_REPEAT;        goto OUTPUT_SINGLE_REPEAT;
3912        }        }
3913    
# Line 2450  for (;; ptr++) Line 3925  for (;; ptr++)
3925        op_type = OP_TYPESTAR - OP_STAR;  /* Use type opcodes */        op_type = OP_TYPESTAR - OP_STAR;  /* Use type opcodes */
3926        c = *previous;        c = *previous;
3927    
3928          if (!possessive_quantifier &&
3929              repeat_max < 0 &&
3930              check_auto_possessive(c, 0, utf8, NULL, ptr + 1, options, cd))
3931            {
3932            repeat_type = 0;    /* Force greedy */
3933            possessive_quantifier = TRUE;
3934            }
3935    
3936        OUTPUT_SINGLE_REPEAT:        OUTPUT_SINGLE_REPEAT:
3937        if (*previous == OP_PROP || *previous == OP_NOTPROP)        if (*previous == OP_PROP || *previous == OP_NOTPROP)
3938          {          {
# Line 2466  for (;; ptr++) Line 3949  for (;; ptr++)
3949    
3950        if (repeat_max == 0) goto END_REPEAT;        if (repeat_max == 0) goto END_REPEAT;
3951    
3952          /*--------------------------------------------------------------------*/
3953          /* This code is obsolete from release 8.00; the restriction was finally
3954          removed: */
3955    
3956        /* All real repeats make it impossible to handle partial matching (maybe        /* All real repeats make it impossible to handle partial matching (maybe
3957        one day we will be able to remove this restriction). */        one day we will be able to remove this restriction). */
3958    
3959        if (repeat_max != 1) cd->nopartial = TRUE;        /* if (repeat_max != 1) cd->external_flags |= PCRE_NOPARTIAL; */
3960          /*--------------------------------------------------------------------*/
3961    
3962        /* Combine the op_type with the repeat_type */        /* Combine the op_type with the repeat_type */
3963    
# Line 2490  for (;; ptr++) Line 3978  for (;; ptr++)
3978          }          }
3979    
3980        /* A repeat minimum of 1 is optimized into some special cases. If the        /* A repeat minimum of 1 is optimized into some special cases. If the
3981        maximum is unlimited, we use OP_PLUS. Otherwise, the original item it        maximum is unlimited, we use OP_PLUS. Otherwise, the original item is
3982        left in place and, if the maximum is greater than 1, we use OP_UPTO with        left in place and, if the maximum is greater than 1, we use OP_UPTO with
3983        one less than the maximum. */        one less than the maximum. */
3984    
# Line 2543  for (;; ptr++) Line 4031  for (;; ptr++)
4031            }            }
4032    
4033          /* Else insert an UPTO if the max is greater than the min, again          /* Else insert an UPTO if the max is greater than the min, again
4034          preceded by the character, for the previously inserted code. */          preceded by the character, for the previously inserted code. If the
4035            UPTO is just for 1 instance, we can use QUERY instead. */
4036    
4037          else if (repeat_max != repeat_min)          else if (repeat_max != repeat_min)
4038            {            {
# Line 2562  for (;; ptr++) Line 4051  for (;; ptr++)
4051              *code++ = prop_value;              *code++ = prop_value;
4052              }              }
4053            repeat_max -= repeat_min;            repeat_max -= repeat_min;
4054            *code++ = OP_UPTO + repeat_type;  
4055            PUT2INC(code, 0, repeat_max);            if (repeat_max == 1)
4056                {
4057                *code++ = OP_QUERY + repeat_type;
4058                }
4059              else
4060                {
4061                *code++ = OP_UPTO + repeat_type;
4062                PUT2INC(code, 0, repeat_max);
4063                }
4064            }            }
4065          }          }
4066    
# Line 2607  for (;; ptr++) Line 4104  for (;; ptr++)
4104          goto END_REPEAT;          goto END_REPEAT;
4105          }          }
4106    
4107          /*--------------------------------------------------------------------*/
4108          /* This code is obsolete from release 8.00; the restriction was finally
4109          removed: */
4110    
4111        /* All real repeats make it impossible to handle partial matching (maybe        /* All real repeats make it impossible to handle partial matching (maybe
4112        one day we will be able to remove this restriction). */        one day we will be able to remove this restriction). */
4113    
4114        if (repeat_max != 1) cd->nopartial = TRUE;        /* if (repeat_max != 1) cd->external_flags |= PCRE_NOPARTIAL; */
4115          /*--------------------------------------------------------------------*/
4116    
4117        if (repeat_min == 0 && repeat_max == -1)        if (repeat_min == 0 && repeat_max == -1)
4118          *code++ = OP_CRSTAR + repeat_type;          *code++ = OP_CRSTAR + repeat_type;
# Line 2630  for (;; ptr++) Line 4132  for (;; ptr++)
4132      /* If previous was a bracket group, we may have to replicate it in certain      /* If previous was a bracket group, we may have to replicate it in certain
4133      cases. */      cases. */
4134    
4135      else if (*previous >= OP_BRA || *previous == OP_ONCE ||      else if (*previous == OP_BRA  || *previous == OP_CBRA ||
4136               *previous == OP_COND)               *previous == OP_ONCE || *previous == OP_COND)
4137        {        {
4138        register int i;        register int i;
4139        int ketoffset = 0;        int ketoffset = 0;
4140        int len = code - previous;        int len = code - previous;
4141        uschar *bralink = NULL;        uschar *bralink = NULL;
4142    
4143          /* Repeating a DEFINE group is pointless */
4144    
4145          if (*previous == OP_COND && previous[LINK_SIZE+1] == OP_DEF)
4146            {
4147            *errorcodeptr = ERR55;
4148            goto FAILED;
4149            }
4150    
4151        /* If the maximum repeat count is unlimited, find the end of the bracket        /* If the maximum repeat count is unlimited, find the end of the bracket
4152        by scanning through from the start, and compute the offset back to it        by scanning through from the start, and compute the offset back to it
4153        from the current code pointer. There may be an OP_OPT setting following        from the current code pointer. There may be an OP_OPT setting following
# Line 2660  for (;; ptr++) Line 4170  for (;; ptr++)
4170    
4171        if (repeat_min == 0)        if (repeat_min == 0)
4172          {          {
4173          /* If the maximum is also zero, we just omit the group from the output          /* If the maximum is also zero, we used to just omit the group from the
4174          altogether. */          output altogether, like this:
   
         if (repeat_max == 0)  
           {  
           code = previous;  
           goto END_REPEAT;  
           }  
4175    
4176          /* If the maximum is 1 or unlimited, we just have to stick in the          ** if (repeat_max == 0)
4177          BRAZERO and do no more at this point. However, we do need to adjust          **   {
4178          any OP_RECURSE calls inside the group that refer to the group itself or          **   code = previous;
4179          any internal group, because the offset is from the start of the whole          **   goto END_REPEAT;
4180          regex. Temporarily terminate the pattern while doing this. */          **   }
4181    
4182            However, that fails when a group is referenced as a subroutine from
4183            elsewhere in the pattern, so now we stick in OP_SKIPZERO in front of it
4184            so that it is skipped on execution. As we don't have a list of which
4185            groups are referenced, we cannot do this selectively.
4186    
4187            If the maximum is 1 or unlimited, we just have to stick in the BRAZERO
4188            and do no more at this point. However, we do need to adjust any
4189            OP_RECURSE calls inside the group that refer to the group itself or any
4190            internal or forward referenced group, because the offset is from the
4191            start of the whole regex. Temporarily terminate the pattern while doing
4192            this. */
4193    
4194          if (repeat_max <= 1)          if (repeat_max <= 1)    /* Covers 0, 1, and unlimited */
4195            {            {
4196            *code = OP_END;            *code = OP_END;
4197            adjust_recurse(previous, 1, utf8, cd);            adjust_recurse(previous, 1, utf8, cd, save_hwm);
4198            memmove(previous+1, previous, len);            memmove(previous+1, previous, len);
4199            code++;            code++;
4200              if (repeat_max == 0)
4201                {
4202                *previous++ = OP_SKIPZERO;
4203                goto END_REPEAT;
4204                }
4205            *previous++ = OP_BRAZERO + repeat_type;            *previous++ = OP_BRAZERO + repeat_type;
4206            }            }
4207    
# Line 2696  for (;; ptr++) Line 4217  for (;; ptr++)
4217            {            {
4218            int offset;            int offset;
4219            *code = OP_END;            *code = OP_END;
4220            adjust_recurse(previous, 2 + LINK_SIZE, utf8, cd);            adjust_recurse(previous, 2 + LINK_SIZE, utf8, cd, save_hwm);
4221            memmove(previous + 2 + LINK_SIZE, previous, len);            memmove(previous + 2 + LINK_SIZE, previous, len);
4222            code += 2 + LINK_SIZE;            code += 2 + LINK_SIZE;
4223            *previous++ = OP_BRAZERO + repeat_type;            *previous++ = OP_BRAZERO + repeat_type;
# Line 2716  for (;; ptr++) Line 4237  for (;; ptr++)
4237        /* If the minimum is greater than zero, replicate the group as many        /* If the minimum is greater than zero, replicate the group as many
4238        times as necessary, and adjust the maximum to the number of subsequent        times as necessary, and adjust the maximum to the number of subsequent
4239        copies that we need. If we set a first char from the group, and didn't        copies that we need. If we set a first char from the group, and didn't
4240        set a required char, copy the latter from the former. */        set a required char, copy the latter from the former. If there are any
4241          forward reference subroutine calls in the group, there will be entries on
4242          the workspace list; replicate these with an appropriate increment. */
4243    
4244        else        else
4245          {          {
4246          if (repeat_min > 1)          if (repeat_min > 1)
4247            {            {
4248            if (groupsetfirstbyte && reqbyte < 0) reqbyte = firstbyte;            /* In the pre-compile phase, we don't actually do the replication. We
4249            for (i = 1; i < repeat_min; i++)            just adjust the length as if we had. Do some paranoid checks for
4250              potential integer overflow. The INT64_OR_DOUBLE type is a 64-bit
4251              integer type when available, otherwise double. */
4252    
4253              if (lengthptr != NULL)
4254              {              {
4255              memcpy(code, previous, len);              int delta = (repeat_min - 1)*length_prevgroup;
4256              code += len;              if ((INT64_OR_DOUBLE)(repeat_min - 1)*
4257                      (INT64_OR_DOUBLE)length_prevgroup >
4258                        (INT64_OR_DOUBLE)INT_MAX ||
4259                    OFLOW_MAX - *lengthptr < delta)
4260                  {
4261                  *errorcodeptr = ERR20;
4262                  goto FAILED;
4263                  }
4264                *lengthptr += delta;
4265                }
4266    
4267              /* This is compiling for real */
4268    
4269              else
4270                {
4271                if (groupsetfirstbyte && reqbyte < 0) reqbyte = firstbyte;
4272                for (i = 1; i < repeat_min; i++)
4273                  {
4274                  uschar *hc;
4275                  uschar *this_hwm = cd->hwm;
4276                  memcpy(code, previous, len);
4277                  for (hc = save_hwm; hc < this_hwm; hc += LINK_SIZE)
4278                    {
4279                    PUT(cd->hwm, 0, GET(hc, 0) + len);
4280                    cd->hwm += LINK_SIZE;
4281                    }
4282                  save_hwm = this_hwm;
4283                  code += len;
4284                  }
4285              }              }
4286            }            }
4287    
4288          if (repeat_max > 0) repeat_max -= repeat_min;          if (repeat_max > 0) repeat_max -= repeat_min;
4289          }          }
4290    
# Line 2736  for (;; ptr++) Line 4292  for (;; ptr++)
4292        the maximum is limited, it replicates the group in a nested fashion,        the maximum is limited, it replicates the group in a nested fashion,
4293        remembering the bracket starts on a stack. In the case of a zero minimum,        remembering the bracket starts on a stack. In the case of a zero minimum,
4294        the first one was set up above. In all cases the repeat_max now specifies        the first one was set up above. In all cases the repeat_max now specifies
4295        the number of additional copies needed. */        the number of additional copies needed. Again, we must remember to
4296          replicate entries on the forward reference list. */
4297    
4298        if (repeat_max >= 0)        if (repeat_max >= 0)
4299          {          {
4300          for (i = repeat_max - 1; i >= 0; i--)          /* In the pre-compile phase, we don't actually do the replication. We
4301            just adjust the length as if we had. For each repetition we must add 1
4302            to the length for BRAZERO and for all but the last repetition we must
4303            add 2 + 2*LINKSIZE to allow for the nesting that occurs. Do some
4304            paranoid checks to avoid integer overflow. The INT64_OR_DOUBLE type is
4305            a 64-bit integer type when available, otherwise double. */
4306    
4307            if (lengthptr != NULL && repeat_max > 0)
4308              {
4309              int delta = repeat_max * (length_prevgroup + 1 + 2 + 2*LINK_SIZE) -
4310                          2 - 2*LINK_SIZE;   /* Last one doesn't nest */
4311              if ((INT64_OR_DOUBLE)repeat_max *
4312                    (INT64_OR_DOUBLE)(length_prevgroup + 1 + 2 + 2*LINK_SIZE)
4313                      > (INT64_OR_DOUBLE)INT_MAX ||
4314                  OFLOW_MAX - *lengthptr < delta)
4315                {
4316                *errorcodeptr = ERR20;
4317                goto FAILED;
4318                }
4319              *lengthptr += delta;
4320              }
4321    
4322            /* This is compiling for real */
4323    
4324            else for (i = repeat_max - 1; i >= 0; i--)
4325            {            {
4326              uschar *hc;
4327              uschar *this_hwm = cd->hwm;
4328    
4329            *code++ = OP_BRAZERO + repeat_type;            *code++ = OP_BRAZERO + repeat_type;
4330    
4331            /* All but the final copy start a new nesting, maintaining the            /* All but the final copy start a new nesting, maintaining the
# Line 2757  for (;; ptr++) Line 4341  for (;; ptr++)
4341              }              }
4342    
4343            memcpy(code, previous, len);            memcpy(code, previous, len);
4344              for (hc = save_hwm; hc < this_hwm; hc += LINK_SIZE)
4345                {
4346                PUT(cd->hwm, 0, GET(hc, 0) + len + ((i != 0)? 2+LINK_SIZE : 1));
4347                cd->hwm += LINK_SIZE;
4348                }
4349              save_hwm = this_hwm;
4350            code += len;            code += len;
4351            }            }
4352    
# Line 2779  for (;; ptr++) Line 4369  for (;; ptr++)
4369        /* If the maximum is unlimited, set a repeater in the final copy. We        /* If the maximum is unlimited, set a repeater in the final copy. We
4370        can't just offset backwards from the current code point, because we        can't just offset backwards from the current code point, because we
4371        don't know if there's been an options resetting after the ket. The        don't know if there's been an options resetting after the ket. The
4372        correct offset was computed above. */        correct offset was computed above.
4373    
4374        else code[-ketoffset] = OP_KETRMAX + repeat_type;        Then, when we are doing the actual compile phase, check to see whether
4375          this group is a non-atomic one that could match an empty string. If so,
4376          convert the initial operator to the S form (e.g. OP_BRA -> OP_SBRA) so
4377          that runtime checking can be done. [This check is also applied to
4378          atomic groups at runtime, but in a different way.] */
4379    
4380          else
4381            {
4382            uschar *ketcode = code - ketoffset;
4383            uschar *bracode = ketcode - GET(ketcode, 1);
4384            *ketcode = OP_KETRMAX + repeat_type;
4385            if (lengthptr == NULL && *bracode != OP_ONCE)
4386              {
4387              uschar *scode = bracode;
4388              do
4389                {
4390                if (could_be_empty_branch(scode, ketcode, utf8, cd))
4391                  {
4392                  *bracode += OP_SBRA - OP_BRA;
4393                  break;
4394                  }
4395                scode += GET(scode, 1);
4396                }
4397              while (*scode == OP_ALT);
4398              }
4399            }
4400        }        }
4401    
4402        /* If previous is OP_FAIL, it was generated by an empty class [] in
4403        JavaScript mode. The other ways in which OP_FAIL can be generated, that is
4404        by (*FAIL) or (?!) set previous to NULL, which gives a "nothing to repeat"
4405        error above. We can just ignore the repeat in JS case. */
4406    
4407        else if (*previous == OP_FAIL) goto END_REPEAT;
4408    
4409      /* Else there's some kind of shambles */      /* Else there's some kind of shambles */
4410    
4411      else      else
# Line 2792  for (;; ptr++) Line 4414  for (;; ptr++)
4414        goto FAILED;        goto FAILED;
4415        }        }
4416    
4417      /* If the character following a repeat is '+', we wrap the entire repeated      /* If the character following a repeat is '+', or if certain optimization
4418      item inside OP_ONCE brackets. This is just syntactic sugar, taken from      tests above succeeded, possessive_quantifier is TRUE. For some of the
4419      Sun's Java package. The repeated item starts at tempcode, not at previous,      simpler opcodes, there is an special alternative opcode for this. For
4420      which might be the first part of a string whose (former) last char we      anything else, we wrap the entire repeated item inside OP_ONCE brackets.
4421      repeated. However, we don't support '+' after a greediness '?'. */      The '+' notation is just syntactic sugar, taken from Sun's Java package,
4422        but the special opcodes can optimize it a bit. The repeated item starts at
4423        tempcode, not at previous, which might be the first part of a string whose
4424        (former) last char we repeated.
4425    
4426        Possessifying an 'exact' quantifier has no effect, so we can ignore it. But
4427        an 'upto' may follow. We skip over an 'exact' item, and then test the
4428        length of what remains before proceeding. */
4429    
4430      if (possessive_quantifier)      if (possessive_quantifier)
4431        {        {
4432        int len = code - tempcode;        int len;
4433        memmove(tempcode + 1+LINK_SIZE, tempcode, len);  
4434        code += 1 + LINK_SIZE;        if (*tempcode == OP_TYPEEXACT)
4435        len += 1 + LINK_SIZE;          tempcode += _pcre_OP_lengths[*tempcode] +
4436        tempcode[0] = OP_ONCE;            ((tempcode[3] == OP_PROP || tempcode[3] == OP_NOTPROP)? 2 : 0);
4437        *code++ = OP_KET;  
4438        PUTINC(code, 0, len);        else if (*tempcode == OP_EXACT || *tempcode == OP_NOTEXACT)
4439        PUT(tempcode, 1, len);          {
4440            tempcode += _pcre_OP_lengths[*tempcode];
4441    #ifdef SUPPORT_UTF8
4442            if (utf8 && tempcode[-1] >= 0xc0)
4443              tempcode += _pcre_utf8_table4[tempcode[-1] & 0x3f];
4444    #endif
4445            }
4446    
4447          len = code - tempcode;
4448          if (len > 0) switch (*tempcode)
4449            {
4450            case OP_STAR:  *tempcode = OP_POSSTAR; break;
4451            case OP_PLUS:  *tempcode = OP_POSPLUS; break;
4452            case OP_QUERY: *tempcode = OP_POSQUERY; break;
4453            case OP_UPTO:  *tempcode = OP_POSUPTO; break;
4454    
4455            case OP_TYPESTAR:  *tempcode = OP_TYPEPOSSTAR; break;
4456            case OP_TYPEPLUS:  *tempcode = OP_TYPEPOSPLUS; break;
4457            case OP_TYPEQUERY: *tempcode = OP_TYPEPOSQUERY; break;
4458            case OP_TYPEUPTO:  *tempcode = OP_TYPEPOSUPTO; break;
4459    
4460            case OP_NOTSTAR:  *tempcode = OP_NOTPOSSTAR; break;
4461            case OP_NOTPLUS:  *tempcode = OP_NOTPOSPLUS; break;
4462            case OP_NOTQUERY: *tempcode = OP_NOTPOSQUERY; break;
4463            case OP_NOTUPTO:  *tempcode = OP_NOTPOSUPTO; break;
4464    
4465            /* Because we are moving code along, we must ensure that any
4466            pending recursive references are updated. */
4467    
4468            default:
4469            *code = OP_END;
4470            adjust_recurse(tempcode, 1 + LINK_SIZE, utf8, cd, save_hwm);
4471            memmove(tempcode + 1+LINK_SIZE, tempcode, len);
4472            code += 1 + LINK_SIZE;
4473            len += 1 + LINK_SIZE;
4474            tempcode[0] = OP_ONCE;
4475            *code++ = OP_KET;
4476            PUTINC(code, 0, len);
4477            PUT(tempcode, 1, len);
4478            break;
4479            }
4480        }        }
4481    
4482      /* In all case we no longer have a previous item. We also set the      /* In all case we no longer have a previous item. We also set the
# Line 2820  for (;; ptr++) Line 4489  for (;; ptr++)
4489      break;      break;
4490    
4491    
4492      /* Start of nested bracket sub-expression, or comment or lookahead or      /* ===================================================================*/
4493      lookbehind or option setting or condition. First deal with special things      /* Start of nested parenthesized sub-expression, or comment or lookahead or
4494      that can come after a bracket; all are introduced by ?, and the appearance      lookbehind or option setting or condition or all the other extended
4495      of any of them means that this is not a referencing group. They were      parenthesis forms.  */
     checked for validity in the first pass over the string, so we don't have to  
     check for syntax errors here.  */  
4496    
4497      case '(':      case CHAR_LEFT_PARENTHESIS:
4498      newoptions = options;      newoptions = options;
4499      skipbytes = 0;      skipbytes = 0;
4500        bravalue = OP_CBRA;
4501        save_hwm = cd->hwm;
4502        reset_bracount = FALSE;
4503    
4504        /* First deal with various "verbs" that can be introduced by '*'. */
4505    
4506        if (*(++ptr) == CHAR_ASTERISK && (cd->ctypes[ptr[1]] & ctype_letter) != 0)
4507          {
4508          int i, namelen;
4509          const char *vn = verbnames;
4510          const uschar *name = ++ptr;
4511          previous = NULL;
4512          while ((cd->ctypes[*++ptr] & ctype_letter) != 0) {};
4513          if (*ptr == CHAR_COLON)
4514            {
4515            *errorcodeptr = ERR59;   /* Not supported */
4516            goto FAILED;
4517            }
4518          if (*ptr != CHAR_RIGHT_PARENTHESIS)
4519            {
4520            *errorcodeptr = ERR60;
4521            goto FAILED;
4522            }
4523          namelen = ptr - name;
4524          for (i = 0; i < verbcount; i++)
4525            {
4526            if (namelen == verbs[i].len &&
4527                strncmp((char *)name, vn, namelen) == 0)
4528              {
4529              /* Check for open captures before ACCEPT */
4530    
4531              if (verbs[i].op == OP_ACCEPT)
4532                {
4533                open_capitem *oc;
4534                cd->had_accept = TRUE;
4535                for (oc = cd->open_caps; oc != NULL; oc = oc->next)
4536                  {
4537                  *code++ = OP_CLOSE;
4538                  PUT2INC(code, 0, oc->number);
4539                  }
4540                }
4541              *code++ = verbs[i].op;
4542              break;
4543              }
4544            vn += verbs[i].len + 1;
4545            }
4546          if (i < verbcount) continue;
4547          *errorcodeptr = ERR60;
4548          goto FAILED;
4549          }
4550    
4551      if (*(++ptr) == '?')      /* Deal with the extended parentheses; all are introduced by '?', and the
4552        appearance of any of them means that this is not a capturing group. */
4553    
4554        else if (*ptr == CHAR_QUESTION_MARK)
4555        {        {
4556     &