/[pcre]/code/trunk/pcre_compile.c
ViewVC logotype

Contents of /code/trunk/pcre_compile.c

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1124 - (show annotations)
Thu Oct 18 18:34:53 2012 UTC (7 years, 1 month ago) by chpe
File MIME type: text/plain
File size: 275553 byte(s)
pcre32: Remove a stray comment
1 /*************************************************
2 * Perl-Compatible Regular Expressions *
3 *************************************************/
4
5 /* PCRE is a library of functions to support regular expressions whose syntax
6 and semantics are as close as possible to those of the Perl 5 language.
7
8 Written by Philip Hazel
9 Copyright (c) 1997-2012 University of Cambridge
10
11 -----------------------------------------------------------------------------
12 Redistribution and use in source and binary forms, with or without
13 modification, are permitted provided that the following conditions are met:
14
15 * Redistributions of source code must retain the above copyright notice,
16 this list of conditions and the following disclaimer.
17
18 * Redistributions in binary form must reproduce the above copyright
19 notice, this list of conditions and the following disclaimer in the
20 documentation and/or other materials provided with the distribution.
21
22 * Neither the name of the University of Cambridge nor the names of its
23 contributors may be used to endorse or promote products derived from
24 this software without specific prior written permission.
25
26 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
27 AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
30 LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
31 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
32 SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
33 INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
34 CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
35 ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
36 POSSIBILITY OF SUCH DAMAGE.
37 -----------------------------------------------------------------------------
38 */
39
40
41 /* This module contains the external function pcre_compile(), along with
42 supporting internal functions that are not used by other modules. */
43
44
45 #ifdef HAVE_CONFIG_H
46 #include "config.h"
47 #endif
48
49 #define NLBLOCK cd /* Block containing newline information */
50 #define PSSTART start_pattern /* Field containing processed string start */
51 #define PSEND end_pattern /* Field containing processed string end */
52
53 #include "pcre_internal.h"
54
55
56 /* When PCRE_DEBUG is defined, we need the pcre(16|32)_printint() function, which
57 is also used by pcretest. PCRE_DEBUG is not defined when building a production
58 library. We do not need to select pcre16_printint.c specially, because the
59 COMPILE_PCREx macro will already be appropriately set. */
60
61 #ifdef PCRE_DEBUG
62 /* pcre_printint.c should not include any headers */
63 #define PCRE_INCLUDED
64 #include "pcre_printint.c"
65 #undef PCRE_INCLUDED
66 #endif
67
68
69 /* Macro for setting individual bits in class bitmaps. */
70
71 #define SETBIT(a,b) a[(b)/8] |= (1 << ((b)&7))
72
73 /* Maximum length value to check against when making sure that the integer that
74 holds the compiled pattern length does not overflow. We make it a bit less than
75 INT_MAX to allow for adding in group terminating bytes, so that we don't have
76 to check them every time. */
77
78 #define OFLOW_MAX (INT_MAX - 20)
79
80 /* Definitions to allow mutual recursion */
81
82 static int
83 add_list_to_class(pcre_uint8 *, pcre_uchar **, int, compile_data *,
84 const pcre_uint32 *, unsigned int);
85
86 static BOOL
87 compile_regex(int, pcre_uchar **, const pcre_uchar **, int *, BOOL, BOOL, int, int,
88 pcre_uint32 *, pcre_int32 *, pcre_uint32 *, pcre_int32 *, branch_chain *,
89 compile_data *, int *);
90
91
92
93 /*************************************************
94 * Code parameters and static tables *
95 *************************************************/
96
97 /* This value specifies the size of stack workspace that is used during the
98 first pre-compile phase that determines how much memory is required. The regex
99 is partly compiled into this space, but the compiled parts are discarded as
100 soon as they can be, so that hopefully there will never be an overrun. The code
101 does, however, check for an overrun. The largest amount I've seen used is 218,
102 so this number is very generous.
103
104 The same workspace is used during the second, actual compile phase for
105 remembering forward references to groups so that they can be filled in at the
106 end. Each entry in this list occupies LINK_SIZE bytes, so even when LINK_SIZE
107 is 4 there is plenty of room for most patterns. However, the memory can get
108 filled up by repetitions of forward references, for example patterns like
109 /(?1){0,1999}(b)/, and one user did hit the limit. The code has been changed so
110 that the workspace is expanded using malloc() in this situation. The value
111 below is therefore a minimum, and we put a maximum on it for safety. The
112 minimum is now also defined in terms of LINK_SIZE so that the use of malloc()
113 kicks in at the same number of forward references in all cases. */
114
115 #define COMPILE_WORK_SIZE (2048*LINK_SIZE)
116 #define COMPILE_WORK_SIZE_MAX (100*COMPILE_WORK_SIZE)
117
118 /* The overrun tests check for a slightly smaller size so that they detect the
119 overrun before it actually does run off the end of the data block. */
120
121 #define WORK_SIZE_SAFETY_MARGIN (100)
122
123 /* Private flags added to firstchar and reqchar. */
124
125 #define REQ_CASELESS (1 << 0) /* Indicates caselessness */
126 #define REQ_VARY (1 << 1) /* Reqchar followed non-literal item */
127 /* Negative values for the firstchar and reqchar flags */
128 #define REQ_UNSET (-2)
129 #define REQ_NONE (-1)
130
131 /* Repeated character flags. */
132
133 #define UTF_LENGTH 0x10000000l /* The char contains its length. */
134
135 /* Table for handling escaped characters in the range '0'-'z'. Positive returns
136 are simple data values; negative values are for special things like \d and so
137 on. Zero means further processing is needed (for things like \x), or the escape
138 is invalid. */
139
140 #ifndef EBCDIC
141
142 /* This is the "normal" table for ASCII systems or for EBCDIC systems running
143 in UTF-8 mode. */
144
145 static const short int escapes[] = {
146 0, 0,
147 0, 0,
148 0, 0,
149 0, 0,
150 0, 0,
151 CHAR_COLON, CHAR_SEMICOLON,
152 CHAR_LESS_THAN_SIGN, CHAR_EQUALS_SIGN,
153 CHAR_GREATER_THAN_SIGN, CHAR_QUESTION_MARK,
154 CHAR_COMMERCIAL_AT, -ESC_A,
155 -ESC_B, -ESC_C,
156 -ESC_D, -ESC_E,
157 0, -ESC_G,
158 -ESC_H, 0,
159 0, -ESC_K,
160 0, 0,
161 -ESC_N, 0,
162 -ESC_P, -ESC_Q,
163 -ESC_R, -ESC_S,
164 0, 0,
165 -ESC_V, -ESC_W,
166 -ESC_X, 0,
167 -ESC_Z, CHAR_LEFT_SQUARE_BRACKET,
168 CHAR_BACKSLASH, CHAR_RIGHT_SQUARE_BRACKET,
169 CHAR_CIRCUMFLEX_ACCENT, CHAR_UNDERSCORE,
170 CHAR_GRAVE_ACCENT, 7,
171 -ESC_b, 0,
172 -ESC_d, ESC_e,
173 ESC_f, 0,
174 -ESC_h, 0,
175 0, -ESC_k,
176 0, 0,
177 ESC_n, 0,
178 -ESC_p, 0,
179 ESC_r, -ESC_s,
180 ESC_tee, 0,
181 -ESC_v, -ESC_w,
182 0, 0,
183 -ESC_z
184 };
185
186 #else
187
188 /* This is the "abnormal" table for EBCDIC systems without UTF-8 support. */
189
190 static const short int escapes[] = {
191 /* 48 */ 0, 0, 0, '.', '<', '(', '+', '|',
192 /* 50 */ '&', 0, 0, 0, 0, 0, 0, 0,
193 /* 58 */ 0, 0, '!', '$', '*', ')', ';', '~',
194 /* 60 */ '-', '/', 0, 0, 0, 0, 0, 0,
195 /* 68 */ 0, 0, '|', ',', '%', '_', '>', '?',
196 /* 70 */ 0, 0, 0, 0, 0, 0, 0, 0,
197 /* 78 */ 0, '`', ':', '#', '@', '\'', '=', '"',
198 /* 80 */ 0, 7, -ESC_b, 0, -ESC_d, ESC_e, ESC_f, 0,
199 /* 88 */-ESC_h, 0, 0, '{', 0, 0, 0, 0,
200 /* 90 */ 0, 0, -ESC_k, 'l', 0, ESC_n, 0, -ESC_p,
201 /* 98 */ 0, ESC_r, 0, '}', 0, 0, 0, 0,
202 /* A0 */ 0, '~', -ESC_s, ESC_tee, 0,-ESC_v, -ESC_w, 0,
203 /* A8 */ 0,-ESC_z, 0, 0, 0, '[', 0, 0,
204 /* B0 */ 0, 0, 0, 0, 0, 0, 0, 0,
205 /* B8 */ 0, 0, 0, 0, 0, ']', '=', '-',
206 /* C0 */ '{',-ESC_A, -ESC_B, -ESC_C, -ESC_D,-ESC_E, 0, -ESC_G,
207 /* C8 */-ESC_H, 0, 0, 0, 0, 0, 0, 0,
208 /* D0 */ '}', 0, -ESC_K, 0, 0,-ESC_N, 0, -ESC_P,
209 /* D8 */-ESC_Q,-ESC_R, 0, 0, 0, 0, 0, 0,
210 /* E0 */ '\\', 0, -ESC_S, 0, 0,-ESC_V, -ESC_W, -ESC_X,
211 /* E8 */ 0,-ESC_Z, 0, 0, 0, 0, 0, 0,
212 /* F0 */ 0, 0, 0, 0, 0, 0, 0, 0,
213 /* F8 */ 0, 0, 0, 0, 0, 0, 0, 0
214 };
215 #endif
216
217
218 /* Table of special "verbs" like (*PRUNE). This is a short table, so it is
219 searched linearly. Put all the names into a single string, in order to reduce
220 the number of relocations when a shared library is dynamically linked. The
221 string is built from string macros so that it works in UTF-8 mode on EBCDIC
222 platforms. */
223
224 typedef struct verbitem {
225 int len; /* Length of verb name */
226 int op; /* Op when no arg, or -1 if arg mandatory */
227 int op_arg; /* Op when arg present, or -1 if not allowed */
228 } verbitem;
229
230 static const char verbnames[] =
231 "\0" /* Empty name is a shorthand for MARK */
232 STRING_MARK0
233 STRING_ACCEPT0
234 STRING_COMMIT0
235 STRING_F0
236 STRING_FAIL0
237 STRING_PRUNE0
238 STRING_SKIP0
239 STRING_THEN;
240
241 static const verbitem verbs[] = {
242 { 0, -1, OP_MARK },
243 { 4, -1, OP_MARK },
244 { 6, OP_ACCEPT, -1 },
245 { 6, OP_COMMIT, -1 },
246 { 1, OP_FAIL, -1 },
247 { 4, OP_FAIL, -1 },
248 { 5, OP_PRUNE, OP_PRUNE_ARG },
249 { 4, OP_SKIP, OP_SKIP_ARG },
250 { 4, OP_THEN, OP_THEN_ARG }
251 };
252
253 static const int verbcount = sizeof(verbs)/sizeof(verbitem);
254
255
256 /* Tables of names of POSIX character classes and their lengths. The names are
257 now all in a single string, to reduce the number of relocations when a shared
258 library is dynamically loaded. The list of lengths is terminated by a zero
259 length entry. The first three must be alpha, lower, upper, as this is assumed
260 for handling case independence. */
261
262 static const char posix_names[] =
263 STRING_alpha0 STRING_lower0 STRING_upper0 STRING_alnum0
264 STRING_ascii0 STRING_blank0 STRING_cntrl0 STRING_digit0
265 STRING_graph0 STRING_print0 STRING_punct0 STRING_space0
266 STRING_word0 STRING_xdigit;
267
268 static const pcre_uint8 posix_name_lengths[] = {
269 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };
270
271 /* Table of class bit maps for each POSIX class. Each class is formed from a
272 base map, with an optional addition or removal of another map. Then, for some
273 classes, there is some additional tweaking: for [:blank:] the vertical space
274 characters are removed, and for [:alpha:] and [:alnum:] the underscore
275 character is removed. The triples in the table consist of the base map offset,
276 second map offset or -1 if no second map, and a non-negative value for map
277 addition or a negative value for map subtraction (if there are two maps). The
278 absolute value of the third field has these meanings: 0 => no tweaking, 1 =>
279 remove vertical space characters, 2 => remove underscore. */
280
281 static const int posix_class_maps[] = {
282 cbit_word, cbit_digit, -2, /* alpha */
283 cbit_lower, -1, 0, /* lower */
284 cbit_upper, -1, 0, /* upper */
285 cbit_word, -1, 2, /* alnum - word without underscore */
286 cbit_print, cbit_cntrl, 0, /* ascii */
287 cbit_space, -1, 1, /* blank - a GNU extension */
288 cbit_cntrl, -1, 0, /* cntrl */
289 cbit_digit, -1, 0, /* digit */
290 cbit_graph, -1, 0, /* graph */
291 cbit_print, -1, 0, /* print */
292 cbit_punct, -1, 0, /* punct */
293 cbit_space, -1, 0, /* space */
294 cbit_word, -1, 0, /* word - a Perl extension */
295 cbit_xdigit,-1, 0 /* xdigit */
296 };
297
298 /* Table of substitutes for \d etc when PCRE_UCP is set. The POSIX class
299 substitutes must be in the order of the names, defined above, and there are
300 both positive and negative cases. NULL means no substitute. */
301
302 #ifdef SUPPORT_UCP
303 static const pcre_uchar string_PNd[] = {
304 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
305 CHAR_N, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
306 static const pcre_uchar string_pNd[] = {
307 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
308 CHAR_N, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
309 static const pcre_uchar string_PXsp[] = {
310 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
311 CHAR_X, CHAR_s, CHAR_p, CHAR_RIGHT_CURLY_BRACKET, '\0' };
312 static const pcre_uchar string_pXsp[] = {
313 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
314 CHAR_X, CHAR_s, CHAR_p, CHAR_RIGHT_CURLY_BRACKET, '\0' };
315 static const pcre_uchar string_PXwd[] = {
316 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
317 CHAR_X, CHAR_w, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
318 static const pcre_uchar string_pXwd[] = {
319 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
320 CHAR_X, CHAR_w, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
321
322 static const pcre_uchar *substitutes[] = {
323 string_PNd, /* \D */
324 string_pNd, /* \d */
325 string_PXsp, /* \S */ /* NOTE: Xsp is Perl space */
326 string_pXsp, /* \s */
327 string_PXwd, /* \W */
328 string_pXwd /* \w */
329 };
330
331 static const pcre_uchar string_pL[] = {
332 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
333 CHAR_L, CHAR_RIGHT_CURLY_BRACKET, '\0' };
334 static const pcre_uchar string_pLl[] = {
335 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
336 CHAR_L, CHAR_l, CHAR_RIGHT_CURLY_BRACKET, '\0' };
337 static const pcre_uchar string_pLu[] = {
338 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
339 CHAR_L, CHAR_u, CHAR_RIGHT_CURLY_BRACKET, '\0' };
340 static const pcre_uchar string_pXan[] = {
341 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
342 CHAR_X, CHAR_a, CHAR_n, CHAR_RIGHT_CURLY_BRACKET, '\0' };
343 static const pcre_uchar string_h[] = {
344 CHAR_BACKSLASH, CHAR_h, '\0' };
345 static const pcre_uchar string_pXps[] = {
346 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
347 CHAR_X, CHAR_p, CHAR_s, CHAR_RIGHT_CURLY_BRACKET, '\0' };
348 static const pcre_uchar string_PL[] = {
349 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
350 CHAR_L, CHAR_RIGHT_CURLY_BRACKET, '\0' };
351 static const pcre_uchar string_PLl[] = {
352 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
353 CHAR_L, CHAR_l, CHAR_RIGHT_CURLY_BRACKET, '\0' };
354 static const pcre_uchar string_PLu[] = {
355 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
356 CHAR_L, CHAR_u, CHAR_RIGHT_CURLY_BRACKET, '\0' };
357 static const pcre_uchar string_PXan[] = {
358 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
359 CHAR_X, CHAR_a, CHAR_n, CHAR_RIGHT_CURLY_BRACKET, '\0' };
360 static const pcre_uchar string_H[] = {
361 CHAR_BACKSLASH, CHAR_H, '\0' };
362 static const pcre_uchar string_PXps[] = {
363 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
364 CHAR_X, CHAR_p, CHAR_s, CHAR_RIGHT_CURLY_BRACKET, '\0' };
365
366 static const pcre_uchar *posix_substitutes[] = {
367 string_pL, /* alpha */
368 string_pLl, /* lower */
369 string_pLu, /* upper */
370 string_pXan, /* alnum */
371 NULL, /* ascii */
372 string_h, /* blank */
373 NULL, /* cntrl */
374 string_pNd, /* digit */
375 NULL, /* graph */
376 NULL, /* print */
377 NULL, /* punct */
378 string_pXps, /* space */ /* NOTE: Xps is POSIX space */
379 string_pXwd, /* word */
380 NULL, /* xdigit */
381 /* Negated cases */
382 string_PL, /* ^alpha */
383 string_PLl, /* ^lower */
384 string_PLu, /* ^upper */
385 string_PXan, /* ^alnum */
386 NULL, /* ^ascii */
387 string_H, /* ^blank */
388 NULL, /* ^cntrl */
389 string_PNd, /* ^digit */
390 NULL, /* ^graph */
391 NULL, /* ^print */
392 NULL, /* ^punct */
393 string_PXps, /* ^space */ /* NOTE: Xps is POSIX space */
394 string_PXwd, /* ^word */
395 NULL /* ^xdigit */
396 };
397 #define POSIX_SUBSIZE (sizeof(posix_substitutes) / sizeof(pcre_uchar *))
398 #endif
399
400 #define STRING(a) # a
401 #define XSTRING(s) STRING(s)
402
403 /* The texts of compile-time error messages. These are "char *" because they
404 are passed to the outside world. Do not ever re-use any error number, because
405 they are documented. Always add a new error instead. Messages marked DEAD below
406 are no longer used. This used to be a table of strings, but in order to reduce
407 the number of relocations needed when a shared library is loaded dynamically,
408 it is now one long string. We cannot use a table of offsets, because the
409 lengths of inserts such as XSTRING(MAX_NAME_SIZE) are not known. Instead, we
410 simply count through to the one we want - this isn't a performance issue
411 because these strings are used only when there is a compilation error.
412
413 Each substring ends with \0 to insert a null character. This includes the final
414 substring, so that the whole string ends with \0\0, which can be detected when
415 counting through. */
416
417 static const char error_texts[] =
418 "no error\0"
419 "\\ at end of pattern\0"
420 "\\c at end of pattern\0"
421 "unrecognized character follows \\\0"
422 "numbers out of order in {} quantifier\0"
423 /* 5 */
424 "number too big in {} quantifier\0"
425 "missing terminating ] for character class\0"
426 "invalid escape sequence in character class\0"
427 "range out of order in character class\0"
428 "nothing to repeat\0"
429 /* 10 */
430 "operand of unlimited repeat could match the empty string\0" /** DEAD **/
431 "internal error: unexpected repeat\0"
432 "unrecognized character after (? or (?-\0"
433 "POSIX named classes are supported only within a class\0"
434 "missing )\0"
435 /* 15 */
436 "reference to non-existent subpattern\0"
437 "erroffset passed as NULL\0"
438 "unknown option bit(s) set\0"
439 "missing ) after comment\0"
440 "parentheses nested too deeply\0" /** DEAD **/
441 /* 20 */
442 "regular expression is too large\0"
443 "failed to get memory\0"
444 "unmatched parentheses\0"
445 "internal error: code overflow\0"
446 "unrecognized character after (?<\0"
447 /* 25 */
448 "lookbehind assertion is not fixed length\0"
449 "malformed number or name after (?(\0"
450 "conditional group contains more than two branches\0"
451 "assertion expected after (?(\0"
452 "(?R or (?[+-]digits must be followed by )\0"
453 /* 30 */
454 "unknown POSIX class name\0"
455 "POSIX collating elements are not supported\0"
456 "this version of PCRE is compiled without UTF support\0"
457 "spare error\0" /** DEAD **/
458 "character value in \\x{...} sequence is too large\0"
459 /* 35 */
460 "invalid condition (?(0)\0"
461 "\\C not allowed in lookbehind assertion\0"
462 "PCRE does not support \\L, \\l, \\N{name}, \\U, or \\u\0"
463 "number after (?C is > 255\0"
464 "closing ) for (?C expected\0"
465 /* 40 */
466 "recursive call could loop indefinitely\0"
467 "unrecognized character after (?P\0"
468 "syntax error in subpattern name (missing terminator)\0"
469 "two named subpatterns have the same name\0"
470 "invalid UTF-8 string\0"
471 /* 45 */
472 "support for \\P, \\p, and \\X has not been compiled\0"
473 "malformed \\P or \\p sequence\0"
474 "unknown property name after \\P or \\p\0"
475 "subpattern name is too long (maximum " XSTRING(MAX_NAME_SIZE) " characters)\0"
476 "too many named subpatterns (maximum " XSTRING(MAX_NAME_COUNT) ")\0"
477 /* 50 */
478 "repeated subpattern is too long\0" /** DEAD **/
479 "octal value is greater than \\377 in 8-bit non-UTF-8 mode\0"
480 "internal error: overran compiling workspace\0"
481 "internal error: previously-checked referenced subpattern not found\0"
482 "DEFINE group contains more than one branch\0"
483 /* 55 */
484 "repeating a DEFINE group is not allowed\0" /** DEAD **/
485 "inconsistent NEWLINE options\0"
486 "\\g is not followed by a braced, angle-bracketed, or quoted name/number or by a plain number\0"
487 "a numbered reference must not be zero\0"
488 "an argument is not allowed for (*ACCEPT), (*FAIL), or (*COMMIT)\0"
489 /* 60 */
490 "(*VERB) not recognized\0"
491 "number is too big\0"
492 "subpattern name expected\0"
493 "digit expected after (?+\0"
494 "] is an invalid data character in JavaScript compatibility mode\0"
495 /* 65 */
496 "different names for subpatterns of the same number are not allowed\0"
497 "(*MARK) must have an argument\0"
498 "this version of PCRE is not compiled with Unicode property support\0"
499 "\\c must be followed by an ASCII character\0"
500 "\\k is not followed by a braced, angle-bracketed, or quoted name\0"
501 /* 70 */
502 "internal error: unknown opcode in find_fixedlength()\0"
503 "\\N is not supported in a class\0"
504 "too many forward references\0"
505 "disallowed Unicode code point (>= 0xd800 && <= 0xdfff)\0"
506 "invalid UTF-16 string\0"
507 /* 75 */
508 "name is too long in (*MARK), (*PRUNE), (*SKIP), or (*THEN)\0"
509 "character value in \\u.... sequence is too large\0"
510 "invalid UTF-32 string\0"
511 ;
512
513 /* Table to identify digits and hex digits. This is used when compiling
514 patterns. Note that the tables in chartables are dependent on the locale, and
515 may mark arbitrary characters as digits - but the PCRE compiling code expects
516 to handle only 0-9, a-z, and A-Z as digits when compiling. That is why we have
517 a private table here. It costs 256 bytes, but it is a lot faster than doing
518 character value tests (at least in some simple cases I timed), and in some
519 applications one wants PCRE to compile efficiently as well as match
520 efficiently.
521
522 For convenience, we use the same bit definitions as in chartables:
523
524 0x04 decimal digit
525 0x08 hexadecimal digit
526
527 Then we can use ctype_digit and ctype_xdigit in the code. */
528
529 /* Using a simple comparison for decimal numbers rather than a memory read
530 is much faster, and the resulting code is simpler (the compiler turns it
531 into a subtraction and unsigned comparison). */
532
533 #define IS_DIGIT(x) ((x) >= CHAR_0 && (x) <= CHAR_9)
534
535 #ifndef EBCDIC
536
537 /* This is the "normal" case, for ASCII systems, and EBCDIC systems running in
538 UTF-8 mode. */
539
540 static const pcre_uint8 digitab[] =
541 {
542 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 0- 7 */
543 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 8- 15 */
544 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 16- 23 */
545 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */
546 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - ' */
547 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ( - / */
548 0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c, /* 0 - 7 */
549 0x0c,0x0c,0x00,0x00,0x00,0x00,0x00,0x00, /* 8 - ? */
550 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* @ - G */
551 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* H - O */
552 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* P - W */
553 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* X - _ */
554 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* ` - g */
555 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* h - o */
556 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* p - w */
557 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* x -127 */
558 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 128-135 */
559 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 136-143 */
560 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 144-151 */
561 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 152-159 */
562 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 160-167 */
563 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 168-175 */
564 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 176-183 */
565 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
566 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 192-199 */
567 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 200-207 */
568 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 208-215 */
569 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 216-223 */
570 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 224-231 */
571 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 232-239 */
572 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 240-247 */
573 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};/* 248-255 */
574
575 #else
576
577 /* This is the "abnormal" case, for EBCDIC systems not running in UTF-8 mode. */
578
579 static const pcre_uint8 digitab[] =
580 {
581 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 0- 7 0 */
582 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 8- 15 */
583 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 16- 23 10 */
584 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */
585 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 32- 39 20 */
586 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 40- 47 */
587 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 48- 55 30 */
588 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 56- 63 */
589 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - 71 40 */
590 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 72- | */
591 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* & - 87 50 */
592 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 88- 95 */
593 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - -103 60 */
594 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 104- ? */
595 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 70 */
596 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 120- " */
597 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* 128- g 80 */
598 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* h -143 */
599 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 144- p 90 */
600 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* q -159 */
601 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 160- x A0 */
602 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* y -175 */
603 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ^ -183 B0 */
604 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
605 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* { - G C0 */
606 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* H -207 */
607 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* } - P D0 */
608 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* Q -223 */
609 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* \ - X E0 */
610 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* Y -239 */
611 0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c, /* 0 - 7 F0 */
612 0x0c,0x0c,0x00,0x00,0x00,0x00,0x00,0x00};/* 8 -255 */
613
614 static const pcre_uint8 ebcdic_chartab[] = { /* chartable partial dup */
615 0x80,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /* 0- 7 */
616 0x00,0x00,0x00,0x00,0x01,0x01,0x00,0x00, /* 8- 15 */
617 0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /* 16- 23 */
618 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */
619 0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /* 32- 39 */
620 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 40- 47 */
621 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 48- 55 */
622 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 56- 63 */
623 0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - 71 */
624 0x00,0x00,0x00,0x80,0x00,0x80,0x80,0x80, /* 72- | */
625 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* & - 87 */
626 0x00,0x00,0x00,0x80,0x80,0x80,0x00,0x00, /* 88- 95 */
627 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - -103 */
628 0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x80, /* 104- ? */
629 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 */
630 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 120- " */
631 0x00,0x1a,0x1a,0x1a,0x1a,0x1a,0x1a,0x12, /* 128- g */
632 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* h -143 */
633 0x00,0x12,0x12,0x12,0x12,0x12,0x12,0x12, /* 144- p */
634 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* q -159 */
635 0x00,0x00,0x12,0x12,0x12,0x12,0x12,0x12, /* 160- x */
636 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* y -175 */
637 0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ^ -183 */
638 0x00,0x00,0x80,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
639 0x80,0x1a,0x1a,0x1a,0x1a,0x1a,0x1a,0x12, /* { - G */
640 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* H -207 */
641 0x00,0x12,0x12,0x12,0x12,0x12,0x12,0x12, /* } - P */
642 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* Q -223 */
643 0x00,0x00,0x12,0x12,0x12,0x12,0x12,0x12, /* \ - X */
644 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* Y -239 */
645 0x1c,0x1c,0x1c,0x1c,0x1c,0x1c,0x1c,0x1c, /* 0 - 7 */
646 0x1c,0x1c,0x00,0x00,0x00,0x00,0x00,0x00};/* 8 -255 */
647 #endif
648
649
650
651 /*************************************************
652 * Find an error text *
653 *************************************************/
654
655 /* The error texts are now all in one long string, to save on relocations. As
656 some of the text is of unknown length, we can't use a table of offsets.
657 Instead, just count through the strings. This is not a performance issue
658 because it happens only when there has been a compilation error.
659
660 Argument: the error number
661 Returns: pointer to the error string
662 */
663
664 static const char *
665 find_error_text(int n)
666 {
667 const char *s = error_texts;
668 for (; n > 0; n--)
669 {
670 while (*s++ != 0) {};
671 if (*s == 0) return "Error text not found (please report)";
672 }
673 return s;
674 }
675
676
677 /*************************************************
678 * Expand the workspace *
679 *************************************************/
680
681 /* This function is called during the second compiling phase, if the number of
682 forward references fills the existing workspace, which is originally a block on
683 the stack. A larger block is obtained from malloc() unless the ultimate limit
684 has been reached or the increase will be rather small.
685
686 Argument: pointer to the compile data block
687 Returns: 0 if all went well, else an error number
688 */
689
690 static int
691 expand_workspace(compile_data *cd)
692 {
693 pcre_uchar *newspace;
694 int newsize = cd->workspace_size * 2;
695
696 if (newsize > COMPILE_WORK_SIZE_MAX) newsize = COMPILE_WORK_SIZE_MAX;
697 if (cd->workspace_size >= COMPILE_WORK_SIZE_MAX ||
698 newsize - cd->workspace_size < WORK_SIZE_SAFETY_MARGIN)
699 return ERR72;
700
701 newspace = (PUBL(malloc))(IN_UCHARS(newsize));
702 if (newspace == NULL) return ERR21;
703 memcpy(newspace, cd->start_workspace, cd->workspace_size * sizeof(pcre_uchar));
704 cd->hwm = (pcre_uchar *)newspace + (cd->hwm - cd->start_workspace);
705 if (cd->workspace_size > COMPILE_WORK_SIZE)
706 (PUBL(free))((void *)cd->start_workspace);
707 cd->start_workspace = newspace;
708 cd->workspace_size = newsize;
709 return 0;
710 }
711
712
713
714 /*************************************************
715 * Check for counted repeat *
716 *************************************************/
717
718 /* This function is called when a '{' is encountered in a place where it might
719 start a quantifier. It looks ahead to see if it really is a quantifier or not.
720 It is only a quantifier if it is one of the forms {ddd} {ddd,} or {ddd,ddd}
721 where the ddds are digits.
722
723 Arguments:
724 p pointer to the first char after '{'
725
726 Returns: TRUE or FALSE
727 */
728
729 static BOOL
730 is_counted_repeat(const pcre_uchar *p)
731 {
732 if (!IS_DIGIT(*p)) return FALSE;
733 p++;
734 while (IS_DIGIT(*p)) p++;
735 if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
736
737 if (*p++ != CHAR_COMMA) return FALSE;
738 if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
739
740 if (!IS_DIGIT(*p)) return FALSE;
741 p++;
742 while (IS_DIGIT(*p)) p++;
743
744 return (*p == CHAR_RIGHT_CURLY_BRACKET);
745 }
746
747
748
749 /*************************************************
750 * Handle escapes *
751 *************************************************/
752
753 /* This function is called when a \ has been encountered. It either returns a
754 positive value for a simple escape such as \n, or 0 for a data character
755 which will be placed in chptr. A backreference to group n is returned as
756 negative n. When UTF-8 is enabled, a positive value greater than 255 may
757 be returned in chptr.
758 On entry,ptr is pointing at the \. On exit, it is on the final character of the
759 escape sequence.
760
761 Arguments:
762 ptrptr points to the pattern position pointer
763 chptr points to the data character
764 errorcodeptr points to the errorcode variable
765 bracount number of previous extracting brackets
766 options the options bits
767 isclass TRUE if inside a character class
768
769 Returns: zero => a data character
770 positive => a special escape sequence
771 negative => a back reference
772 on error, errorcodeptr is set
773 */
774
775 static int
776 check_escape(const pcre_uchar **ptrptr, pcre_uint32 *chptr, int *errorcodeptr,
777 int bracount, int options, BOOL isclass)
778 {
779 /* PCRE_UTF16 has the same value as PCRE_UTF8. */
780 BOOL utf = (options & PCRE_UTF8) != 0;
781 const pcre_uchar *ptr = *ptrptr + 1;
782 pcre_uint32 c;
783 int escape = 0;
784 int i;
785
786 GETCHARINCTEST(c, ptr); /* Get character value, increment pointer */
787 ptr--; /* Set pointer back to the last byte */
788
789 /* If backslash is at the end of the pattern, it's an error. */
790
791 if (c == 0) *errorcodeptr = ERR1;
792
793 /* Non-alphanumerics are literals. For digits or letters, do an initial lookup
794 in a table. A non-zero result is something that can be returned immediately.
795 Otherwise further processing may be required. */
796
797 #ifndef EBCDIC /* ASCII/UTF-8 coding */
798 /* Not alphanumeric */
799 else if (c < CHAR_0 || c > CHAR_z) {}
800 else if ((i = escapes[c - CHAR_0]) != 0) { if (i > 0) c = (pcre_uint32)i; else escape = -i; }
801
802 #else /* EBCDIC coding */
803 /* Not alphanumeric */
804 else if (c < CHAR_a || (!MAX_255(c) || (ebcdic_chartab[c] & 0x0E) == 0)) {}
805 else if ((i = escapes[c - 0x48]) != 0) { if (i > 0) c = (pcre_uint32)i; else escape = -i; }
806 #endif
807
808 /* Escapes that need further processing, or are illegal. */
809
810 else
811 {
812 const pcre_uchar *oldptr;
813 BOOL braced, negated, overflow;
814 int s;
815
816 switch (c)
817 {
818 /* A number of Perl escapes are not handled by PCRE. We give an explicit
819 error. */
820
821 case CHAR_l:
822 case CHAR_L:
823 *errorcodeptr = ERR37;
824 break;
825
826 case CHAR_u:
827 if ((options & PCRE_JAVASCRIPT_COMPAT) != 0)
828 {
829 /* In JavaScript, \u must be followed by four hexadecimal numbers.
830 Otherwise it is a lowercase u letter. */
831 if (MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0
832 && MAX_255(ptr[2]) && (digitab[ptr[2]] & ctype_xdigit) != 0
833 && MAX_255(ptr[3]) && (digitab[ptr[3]] & ctype_xdigit) != 0
834 && MAX_255(ptr[4]) && (digitab[ptr[4]] & ctype_xdigit) != 0)
835 {
836 c = 0;
837 for (i = 0; i < 4; ++i)
838 {
839 register pcre_uint32 cc = *(++ptr);
840 #ifndef EBCDIC /* ASCII/UTF-8 coding */
841 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
842 c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
843 #else /* EBCDIC coding */
844 if (cc >= CHAR_a && cc <= CHAR_z) cc += 64; /* Convert to upper case */
845 c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
846 #endif
847 }
848
849 #if defined COMPILE_PCRE8
850 if (c > (utf ? 0x10ffff : 0xff))
851 #elif defined COMPILE_PCRE16
852 if (c > (utf ? 0x10ffff : 0xffff))
853 #elif defined COMPILE_PCRE32
854 if (utf && c > 0x10ffff)
855 #endif
856 {
857 *errorcodeptr = ERR76;
858 }
859 else if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;
860 }
861 }
862 else
863 *errorcodeptr = ERR37;
864 break;
865
866 case CHAR_U:
867 /* In JavaScript, \U is an uppercase U letter. */
868 if ((options & PCRE_JAVASCRIPT_COMPAT) == 0) *errorcodeptr = ERR37;
869 break;
870
871 /* In a character class, \g is just a literal "g". Outside a character
872 class, \g must be followed by one of a number of specific things:
873
874 (1) A number, either plain or braced. If positive, it is an absolute
875 backreference. If negative, it is a relative backreference. This is a Perl
876 5.10 feature.
877
878 (2) Perl 5.10 also supports \g{name} as a reference to a named group. This
879 is part of Perl's movement towards a unified syntax for back references. As
880 this is synonymous with \k{name}, we fudge it up by pretending it really
881 was \k.
882
883 (3) For Oniguruma compatibility we also support \g followed by a name or a
884 number either in angle brackets or in single quotes. However, these are
885 (possibly recursive) subroutine calls, _not_ backreferences. Just return
886 the ESC_g code (cf \k). */
887
888 case CHAR_g:
889 if (isclass) break;
890 if (ptr[1] == CHAR_LESS_THAN_SIGN || ptr[1] == CHAR_APOSTROPHE)
891 {
892 escape = ESC_g;
893 break;
894 }
895
896 /* Handle the Perl-compatible cases */
897
898 if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
899 {
900 const pcre_uchar *p;
901 for (p = ptr+2; *p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET; p++)
902 if (*p != CHAR_MINUS && !IS_DIGIT(*p)) break;
903 if (*p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET)
904 {
905 escape = ESC_k;
906 break;
907 }
908 braced = TRUE;
909 ptr++;
910 }
911 else braced = FALSE;
912
913 if (ptr[1] == CHAR_MINUS)
914 {
915 negated = TRUE;
916 ptr++;
917 }
918 else negated = FALSE;
919
920 /* The integer range is limited by the machine's int representation. */
921 s = 0;
922 overflow = FALSE;
923 while (IS_DIGIT(ptr[1]))
924 {
925 if (s > INT_MAX / 10 - 1) /* Integer overflow */
926 {
927 overflow = TRUE;
928 break;
929 }
930 s = s * 10 + (int)(*(++ptr) - CHAR_0);
931 }
932 if (overflow) /* Integer overflow */
933 {
934 while (IS_DIGIT(ptr[1]))
935 ptr++;
936 *errorcodeptr = ERR61;
937 break;
938 }
939
940 if (braced && *(++ptr) != CHAR_RIGHT_CURLY_BRACKET)
941 {
942 *errorcodeptr = ERR57;
943 break;
944 }
945
946 if (s == 0)
947 {
948 *errorcodeptr = ERR58;
949 break;
950 }
951
952 if (negated)
953 {
954 if (s > bracount)
955 {
956 *errorcodeptr = ERR15;
957 break;
958 }
959 s = bracount - (s - 1);
960 }
961
962 escape = -s;
963 break;
964
965 /* The handling of escape sequences consisting of a string of digits
966 starting with one that is not zero is not straightforward. By experiment,
967 the way Perl works seems to be as follows:
968
969 Outside a character class, the digits are read as a decimal number. If the
970 number is less than 10, or if there are that many previous extracting
971 left brackets, then it is a back reference. Otherwise, up to three octal
972 digits are read to form an escaped byte. Thus \123 is likely to be octal
973 123 (cf \0123, which is octal 012 followed by the literal 3). If the octal
974 value is greater than 377, the least significant 8 bits are taken. Inside a
975 character class, \ followed by a digit is always an octal number. */
976
977 case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4: case CHAR_5:
978 case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
979
980 if (!isclass)
981 {
982 oldptr = ptr;
983 /* The integer range is limited by the machine's int representation. */
984 s = (int)(c -CHAR_0);
985 overflow = FALSE;
986 while (IS_DIGIT(ptr[1]))
987 {
988 if (s > INT_MAX / 10 - 1) /* Integer overflow */
989 {
990 overflow = TRUE;
991 break;
992 }
993 s = s * 10 + (int)(*(++ptr) - CHAR_0);
994 }
995 if (overflow) /* Integer overflow */
996 {
997 while (IS_DIGIT(ptr[1]))
998 ptr++;
999 *errorcodeptr = ERR61;
1000 break;
1001 }
1002 if (s < 10 || s <= bracount)
1003 {
1004 escape = -s;
1005 break;
1006 }
1007 ptr = oldptr; /* Put the pointer back and fall through */
1008 }
1009
1010 /* Handle an octal number following \. If the first digit is 8 or 9, Perl
1011 generates a binary zero byte and treats the digit as a following literal.
1012 Thus we have to pull back the pointer by one. */
1013
1014 if ((c = *ptr) >= CHAR_8)
1015 {
1016 ptr--;
1017 c = 0;
1018 break;
1019 }
1020
1021 /* \0 always starts an octal number, but we may drop through to here with a
1022 larger first octal digit. The original code used just to take the least
1023 significant 8 bits of octal numbers (I think this is what early Perls used
1024 to do). Nowadays we allow for larger numbers in UTF-8 mode and 16-bit mode,
1025 but no more than 3 octal digits. */
1026
1027 case CHAR_0:
1028 c -= CHAR_0;
1029 while(i++ < 2 && ptr[1] >= CHAR_0 && ptr[1] <= CHAR_7)
1030 c = c * 8 + *(++ptr) - CHAR_0;
1031 #ifdef COMPILE_PCRE8
1032 if (!utf && c > 0xff) *errorcodeptr = ERR51;
1033 #endif
1034 break;
1035
1036 /* \x is complicated. \x{ddd} is a character number which can be greater
1037 than 0xff in utf or non-8bit mode, but only if the ddd are hex digits.
1038 If not, { is treated as a data character. */
1039
1040 case CHAR_x:
1041 if ((options & PCRE_JAVASCRIPT_COMPAT) != 0)
1042 {
1043 /* In JavaScript, \x must be followed by two hexadecimal numbers.
1044 Otherwise it is a lowercase x letter. */
1045 if (MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0
1046 && MAX_255(ptr[2]) && (digitab[ptr[2]] & ctype_xdigit) != 0)
1047 {
1048 c = 0;
1049 for (i = 0; i < 2; ++i)
1050 {
1051 register pcre_uint32 cc = *(++ptr);
1052 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1053 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
1054 c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1055 #else /* EBCDIC coding */
1056 if (cc >= CHAR_a && cc <= CHAR_z) cc += 64; /* Convert to upper case */
1057 c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1058 #endif
1059 }
1060 }
1061 break;
1062 }
1063
1064 if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
1065 {
1066 const pcre_uchar *pt = ptr + 2;
1067
1068 c = 0;
1069 overflow = FALSE;
1070 while (MAX_255(*pt) && (digitab[*pt] & ctype_xdigit) != 0)
1071 {
1072 register pcre_uint32 cc = *pt++;
1073 if (c == 0 && cc == CHAR_0) continue; /* Leading zeroes */
1074
1075 #ifdef COMPILE_PCRE32
1076 if (c >= 0x10000000l) { overflow = TRUE; break; }
1077 #endif
1078
1079 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1080 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
1081 c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1082 #else /* EBCDIC coding */
1083 if (cc >= CHAR_a && cc <= CHAR_z) cc += 64; /* Convert to upper case */
1084 c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1085 #endif
1086
1087 #if defined COMPILE_PCRE8
1088 if (c > (utf ? 0x10ffff : 0xff)) { overflow = TRUE; break; }
1089 #elif defined COMPILE_PCRE16
1090 if (c > (utf ? 0x10ffff : 0xffff)) { overflow = TRUE; break; }
1091 #elif defined COMPILE_PCRE32
1092 if (utf && c > 0x10ffff) { overflow = TRUE; break; }
1093 #endif
1094 }
1095
1096 if (overflow)
1097 {
1098 while (MAX_255(*pt) && (digitab[*pt] & ctype_xdigit) != 0) pt++;
1099 *errorcodeptr = ERR34;
1100 }
1101
1102 if (*pt == CHAR_RIGHT_CURLY_BRACKET)
1103 {
1104 if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;
1105 ptr = pt;
1106 break;
1107 }
1108
1109 /* If the sequence of hex digits does not end with '}', then we don't
1110 recognize this construct; fall through to the normal \x handling. */
1111 }
1112
1113 /* Read just a single-byte hex-defined char */
1114
1115 c = 0;
1116 while (i++ < 2 && MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0)
1117 {
1118 pcre_uint32 cc; /* Some compilers don't like */
1119 cc = *(++ptr); /* ++ in initializers */
1120 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1121 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
1122 c = c * 16 + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1123 #else /* EBCDIC coding */
1124 if (cc <= CHAR_z) cc += 64; /* Convert to upper case */
1125 c = c * 16 + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1126 #endif
1127 }
1128 break;
1129
1130 /* For \c, a following letter is upper-cased; then the 0x40 bit is flipped.
1131 An error is given if the byte following \c is not an ASCII character. This
1132 coding is ASCII-specific, but then the whole concept of \cx is
1133 ASCII-specific. (However, an EBCDIC equivalent has now been added.) */
1134
1135 case CHAR_c:
1136 c = *(++ptr);
1137 if (c == 0)
1138 {
1139 *errorcodeptr = ERR2;
1140 break;
1141 }
1142 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1143 if (c > 127) /* Excludes all non-ASCII in either mode */
1144 {
1145 *errorcodeptr = ERR68;
1146 break;
1147 }
1148 if (c >= CHAR_a && c <= CHAR_z) c -= 32;
1149 c ^= 0x40;
1150 #else /* EBCDIC coding */
1151 if (c >= CHAR_a && c <= CHAR_z) c += 64;
1152 c ^= 0xC0;
1153 #endif
1154 break;
1155
1156 /* PCRE_EXTRA enables extensions to Perl in the matter of escapes. Any
1157 other alphanumeric following \ is an error if PCRE_EXTRA was set;
1158 otherwise, for Perl compatibility, it is a literal. This code looks a bit
1159 odd, but there used to be some cases other than the default, and there may
1160 be again in future, so I haven't "optimized" it. */
1161
1162 default:
1163 if ((options & PCRE_EXTRA) != 0) switch(c)
1164 {
1165 default:
1166 *errorcodeptr = ERR3;
1167 break;
1168 }
1169 break;
1170 }
1171 }
1172
1173 /* Perl supports \N{name} for character names, as well as plain \N for "not
1174 newline". PCRE does not support \N{name}. However, it does support
1175 quantification such as \N{2,3}. */
1176
1177 if (escape == ESC_N && ptr[1] == CHAR_LEFT_CURLY_BRACKET &&
1178 !is_counted_repeat(ptr+2))
1179 *errorcodeptr = ERR37;
1180
1181 /* If PCRE_UCP is set, we change the values for \d etc. */
1182
1183 if ((options & PCRE_UCP) != 0 && escape >= ESC_D && escape <= ESC_w)
1184 escape += (ESC_DU - ESC_D);
1185
1186 /* Set the pointer to the final character before returning. */
1187
1188 *ptrptr = ptr;
1189 *chptr = c;
1190 return escape;
1191 }
1192
1193 #ifdef SUPPORT_UCP
1194 /*************************************************
1195 * Handle \P and \p *
1196 *************************************************/
1197
1198 /* This function is called after \P or \p has been encountered, provided that
1199 PCRE is compiled with support for Unicode properties. On entry, ptrptr is
1200 pointing at the P or p. On exit, it is pointing at the final character of the
1201 escape sequence.
1202
1203 Argument:
1204 ptrptr points to the pattern position pointer
1205 negptr points to a boolean that is set TRUE for negation else FALSE
1206 dptr points to an int that is set to the detailed property value
1207 errorcodeptr points to the error code variable
1208
1209 Returns: type value from ucp_type_table, or -1 for an invalid type
1210 */
1211
1212 static int
1213 get_ucp(const pcre_uchar **ptrptr, BOOL *negptr, int *dptr, int *errorcodeptr)
1214 {
1215 pcre_uchar c;
1216 int i, bot, top;
1217 const pcre_uchar *ptr = *ptrptr;
1218 pcre_uchar name[32];
1219
1220 c = *(++ptr);
1221 if (c == 0) goto ERROR_RETURN;
1222
1223 *negptr = FALSE;
1224
1225 /* \P or \p can be followed by a name in {}, optionally preceded by ^ for
1226 negation. */
1227
1228 if (c == CHAR_LEFT_CURLY_BRACKET)
1229 {
1230 if (ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
1231 {
1232 *negptr = TRUE;
1233 ptr++;
1234 }
1235 for (i = 0; i < (int)(sizeof(name) / sizeof(pcre_uchar)) - 1; i++)
1236 {
1237 c = *(++ptr);
1238 if (c == 0) goto ERROR_RETURN;
1239 if (c == CHAR_RIGHT_CURLY_BRACKET) break;
1240 name[i] = c;
1241 }
1242 if (c != CHAR_RIGHT_CURLY_BRACKET) goto ERROR_RETURN;
1243 name[i] = 0;
1244 }
1245
1246 /* Otherwise there is just one following character */
1247
1248 else
1249 {
1250 name[0] = c;
1251 name[1] = 0;
1252 }
1253
1254 *ptrptr = ptr;
1255
1256 /* Search for a recognized property name using binary chop */
1257
1258 bot = 0;
1259 top = PRIV(utt_size);
1260
1261 while (bot < top)
1262 {
1263 int r;
1264 i = (bot + top) >> 1;
1265 r = STRCMP_UC_C8(name, PRIV(utt_names) + PRIV(utt)[i].name_offset);
1266 if (r == 0)
1267 {
1268 *dptr = PRIV(utt)[i].value;
1269 return PRIV(utt)[i].type;
1270 }
1271 if (r > 0) bot = i + 1; else top = i;
1272 }
1273
1274 *errorcodeptr = ERR47;
1275 *ptrptr = ptr;
1276 return -1;
1277
1278 ERROR_RETURN:
1279 *errorcodeptr = ERR46;
1280 *ptrptr = ptr;
1281 return -1;
1282 }
1283 #endif
1284
1285
1286
1287
1288 /*************************************************
1289 * Read repeat counts *
1290 *************************************************/
1291
1292 /* Read an item of the form {n,m} and return the values. This is called only
1293 after is_counted_repeat() has confirmed that a repeat-count quantifier exists,
1294 so the syntax is guaranteed to be correct, but we need to check the values.
1295
1296 Arguments:
1297 p pointer to first char after '{'
1298 minp pointer to int for min
1299 maxp pointer to int for max
1300 returned as -1 if no max
1301 errorcodeptr points to error code variable
1302
1303 Returns: pointer to '}' on success;
1304 current ptr on error, with errorcodeptr set non-zero
1305 */
1306
1307 static const pcre_uchar *
1308 read_repeat_counts(const pcre_uchar *p, int *minp, int *maxp, int *errorcodeptr)
1309 {
1310 int min = 0;
1311 int max = -1;
1312
1313 /* Read the minimum value and do a paranoid check: a negative value indicates
1314 an integer overflow. */
1315
1316 while (IS_DIGIT(*p)) min = min * 10 + (int)(*p++ - CHAR_0);
1317 if (min < 0 || min > 65535)
1318 {
1319 *errorcodeptr = ERR5;
1320 return p;
1321 }
1322
1323 /* Read the maximum value if there is one, and again do a paranoid on its size.
1324 Also, max must not be less than min. */
1325
1326 if (*p == CHAR_RIGHT_CURLY_BRACKET) max = min; else
1327 {
1328 if (*(++p) != CHAR_RIGHT_CURLY_BRACKET)
1329 {
1330 max = 0;
1331 while(IS_DIGIT(*p)) max = max * 10 + (int)(*p++ - CHAR_0);
1332 if (max < 0 || max > 65535)
1333 {
1334 *errorcodeptr = ERR5;
1335 return p;
1336 }
1337 if (max < min)
1338 {
1339 *errorcodeptr = ERR4;
1340 return p;
1341 }
1342 }
1343 }
1344
1345 /* Fill in the required variables, and pass back the pointer to the terminating
1346 '}'. */
1347
1348 *minp = min;
1349 *maxp = max;
1350 return p;
1351 }
1352
1353
1354
1355 /*************************************************
1356 * Subroutine for finding forward reference *
1357 *************************************************/
1358
1359 /* This recursive function is called only from find_parens() below. The
1360 top-level call starts at the beginning of the pattern. All other calls must
1361 start at a parenthesis. It scans along a pattern's text looking for capturing
1362 subpatterns, and counting them. If it finds a named pattern that matches the
1363 name it is given, it returns its number. Alternatively, if the name is NULL, it
1364 returns when it reaches a given numbered subpattern. Recursion is used to keep
1365 track of subpatterns that reset the capturing group numbers - the (?| feature.
1366
1367 This function was originally called only from the second pass, in which we know
1368 that if (?< or (?' or (?P< is encountered, the name will be correctly
1369 terminated because that is checked in the first pass. There is now one call to
1370 this function in the first pass, to check for a recursive back reference by
1371 name (so that we can make the whole group atomic). In this case, we need check
1372 only up to the current position in the pattern, and that is still OK because
1373 and previous occurrences will have been checked. To make this work, the test
1374 for "end of pattern" is a check against cd->end_pattern in the main loop,
1375 instead of looking for a binary zero. This means that the special first-pass
1376 call can adjust cd->end_pattern temporarily. (Checks for binary zero while
1377 processing items within the loop are OK, because afterwards the main loop will
1378 terminate.)
1379
1380 Arguments:
1381 ptrptr address of the current character pointer (updated)
1382 cd compile background data
1383 name name to seek, or NULL if seeking a numbered subpattern
1384 lorn name length, or subpattern number if name is NULL
1385 xmode TRUE if we are in /x mode
1386 utf TRUE if we are in UTF-8 / UTF-16 / UTF-32 mode
1387 count pointer to the current capturing subpattern number (updated)
1388
1389 Returns: the number of the named subpattern, or -1 if not found
1390 */
1391
1392 static int
1393 find_parens_sub(pcre_uchar **ptrptr, compile_data *cd, const pcre_uchar *name, int lorn,
1394 BOOL xmode, BOOL utf, int *count)
1395 {
1396 pcre_uchar *ptr = *ptrptr;
1397 int start_count = *count;
1398 int hwm_count = start_count;
1399 BOOL dup_parens = FALSE;
1400
1401 /* If the first character is a parenthesis, check on the type of group we are
1402 dealing with. The very first call may not start with a parenthesis. */
1403
1404 if (ptr[0] == CHAR_LEFT_PARENTHESIS)
1405 {
1406 /* Handle specials such as (*SKIP) or (*UTF8) etc. */
1407
1408 if (ptr[1] == CHAR_ASTERISK) ptr += 2;
1409
1410 /* Handle a normal, unnamed capturing parenthesis. */
1411
1412 else if (ptr[1] != CHAR_QUESTION_MARK)
1413 {
1414 *count += 1;
1415 if (name == NULL && *count == lorn) return *count;
1416 ptr++;
1417 }
1418
1419 /* All cases now have (? at the start. Remember when we are in a group
1420 where the parenthesis numbers are duplicated. */
1421
1422 else if (ptr[2] == CHAR_VERTICAL_LINE)
1423 {
1424 ptr += 3;
1425 dup_parens = TRUE;
1426 }
1427
1428 /* Handle comments; all characters are allowed until a ket is reached. */
1429
1430 else if (ptr[2] == CHAR_NUMBER_SIGN)
1431 {
1432 for (ptr += 3; *ptr != 0; ptr++) if (*ptr == CHAR_RIGHT_PARENTHESIS) break;
1433 goto FAIL_EXIT;
1434 }
1435
1436 /* Handle a condition. If it is an assertion, just carry on so that it
1437 is processed as normal. If not, skip to the closing parenthesis of the
1438 condition (there can't be any nested parens). */
1439
1440 else if (ptr[2] == CHAR_LEFT_PARENTHESIS)
1441 {
1442 ptr += 2;
1443 if (ptr[1] != CHAR_QUESTION_MARK)
1444 {
1445 while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
1446 if (*ptr != 0) ptr++;
1447 }
1448 }
1449
1450 /* Start with (? but not a condition. */
1451
1452 else
1453 {
1454 ptr += 2;
1455 if (*ptr == CHAR_P) ptr++; /* Allow optional P */
1456
1457 /* We have to disambiguate (?<! and (?<= from (?<name> for named groups */
1458
1459 if ((*ptr == CHAR_LESS_THAN_SIGN && ptr[1] != CHAR_EXCLAMATION_MARK &&
1460 ptr[1] != CHAR_EQUALS_SIGN) || *ptr == CHAR_APOSTROPHE)
1461 {
1462 pcre_uchar term;
1463 const pcre_uchar *thisname;
1464 *count += 1;
1465 if (name == NULL && *count == lorn) return *count;
1466 term = *ptr++;
1467 if (term == CHAR_LESS_THAN_SIGN) term = CHAR_GREATER_THAN_SIGN;
1468 thisname = ptr;
1469 while (*ptr != term) ptr++;
1470 if (name != NULL && lorn == (int)(ptr - thisname) &&
1471 STRNCMP_UC_UC(name, thisname, (unsigned int)lorn) == 0)
1472 return *count;
1473 term++;
1474 }
1475 }
1476 }
1477
1478 /* Past any initial parenthesis handling, scan for parentheses or vertical
1479 bars. Stop if we get to cd->end_pattern. Note that this is important for the
1480 first-pass call when this value is temporarily adjusted to stop at the current
1481 position. So DO NOT change this to a test for binary zero. */
1482
1483 for (; ptr < cd->end_pattern; ptr++)
1484 {
1485 /* Skip over backslashed characters and also entire \Q...\E */
1486
1487 if (*ptr == CHAR_BACKSLASH)
1488 {
1489 if (*(++ptr) == 0) goto FAIL_EXIT;
1490 if (*ptr == CHAR_Q) for (;;)
1491 {
1492 while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};
1493 if (*ptr == 0) goto FAIL_EXIT;
1494 if (*(++ptr) == CHAR_E) break;
1495 }
1496 continue;
1497 }
1498
1499 /* Skip over character classes; this logic must be similar to the way they
1500 are handled for real. If the first character is '^', skip it. Also, if the
1501 first few characters (either before or after ^) are \Q\E or \E we skip them
1502 too. This makes for compatibility with Perl. Note the use of STR macros to
1503 encode "Q\\E" so that it works in UTF-8 on EBCDIC platforms. */
1504
1505 if (*ptr == CHAR_LEFT_SQUARE_BRACKET)
1506 {
1507 BOOL negate_class = FALSE;
1508 for (;;)
1509 {
1510 if (ptr[1] == CHAR_BACKSLASH)
1511 {
1512 if (ptr[2] == CHAR_E)
1513 ptr+= 2;
1514 else if (STRNCMP_UC_C8(ptr + 2,
1515 STR_Q STR_BACKSLASH STR_E, 3) == 0)
1516 ptr += 4;
1517 else
1518 break;
1519 }
1520 else if (!negate_class && ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
1521 {
1522 negate_class = TRUE;
1523 ptr++;
1524 }
1525 else break;
1526 }
1527
1528 /* If the next character is ']', it is a data character that must be
1529 skipped, except in JavaScript compatibility mode. */
1530
1531 if (ptr[1] == CHAR_RIGHT_SQUARE_BRACKET &&
1532 (cd->external_options & PCRE_JAVASCRIPT_COMPAT) == 0)
1533 ptr++;
1534
1535 while (*(++ptr) != CHAR_RIGHT_SQUARE_BRACKET)
1536 {
1537 if (*ptr == 0) return -1;
1538 if (*ptr == CHAR_BACKSLASH)
1539 {
1540 if (*(++ptr) == 0) goto FAIL_EXIT;
1541 if (*ptr == CHAR_Q) for (;;)
1542 {
1543 while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};
1544 if (*ptr == 0) goto FAIL_EXIT;
1545 if (*(++ptr) == CHAR_E) break;
1546 }
1547 continue;
1548 }
1549 }
1550 continue;
1551 }
1552
1553 /* Skip comments in /x mode */
1554
1555 if (xmode && *ptr == CHAR_NUMBER_SIGN)
1556 {
1557 ptr++;
1558 while (*ptr != 0)
1559 {
1560 if (IS_NEWLINE(ptr)) { ptr += cd->nllen - 1; break; }
1561 ptr++;
1562 #ifdef SUPPORT_UTF
1563 if (utf) FORWARDCHAR(ptr);
1564 #endif
1565 }
1566 if (*ptr == 0) goto FAIL_EXIT;
1567 continue;
1568 }
1569
1570 /* Check for the special metacharacters */
1571
1572 if (*ptr == CHAR_LEFT_PARENTHESIS)
1573 {
1574 int rc = find_parens_sub(&ptr, cd, name, lorn, xmode, utf, count);
1575 if (rc > 0) return rc;
1576 if (*ptr == 0) goto FAIL_EXIT;
1577 }
1578
1579 else if (*ptr == CHAR_RIGHT_PARENTHESIS)
1580 {
1581 if (dup_parens && *count < hwm_count) *count = hwm_count;
1582 goto FAIL_EXIT;
1583 }
1584
1585 else if (*ptr == CHAR_VERTICAL_LINE && dup_parens)
1586 {
1587 if (*count > hwm_count) hwm_count = *count;
1588 *count = start_count;
1589 }
1590 }
1591
1592 FAIL_EXIT:
1593 *ptrptr = ptr;
1594 return -1;
1595 }
1596
1597
1598
1599
1600 /*************************************************
1601 * Find forward referenced subpattern *
1602 *************************************************/
1603
1604 /* This function scans along a pattern's text looking for capturing
1605 subpatterns, and counting them. If it finds a named pattern that matches the
1606 name it is given, it returns its number. Alternatively, if the name is NULL, it
1607 returns when it reaches a given numbered subpattern. This is used for forward
1608 references to subpatterns. We used to be able to start this scan from the
1609 current compiling point, using the current count value from cd->bracount, and
1610 do it all in a single loop, but the addition of the possibility of duplicate
1611 subpattern numbers means that we have to scan from the very start, in order to
1612 take account of such duplicates, and to use a recursive function to keep track
1613 of the different types of group.
1614
1615 Arguments:
1616 cd compile background data
1617 name name to seek, or NULL if seeking a numbered subpattern
1618 lorn name length, or subpattern number if name is NULL
1619 xmode TRUE if we are in /x mode
1620 utf TRUE if we are in UTF-8 / UTF-16 / UTF-32 mode
1621
1622 Returns: the number of the found subpattern, or -1 if not found
1623 */
1624
1625 static int
1626 find_parens(compile_data *cd, const pcre_uchar *name, int lorn, BOOL xmode,
1627 BOOL utf)
1628 {
1629 pcre_uchar *ptr = (pcre_uchar *)cd->start_pattern;
1630 int count = 0;
1631 int rc;
1632
1633 /* If the pattern does not start with an opening parenthesis, the first call
1634 to find_parens_sub() will scan right to the end (if necessary). However, if it
1635 does start with a parenthesis, find_parens_sub() will return when it hits the
1636 matching closing parens. That is why we have to have a loop. */
1637
1638 for (;;)
1639 {
1640 rc = find_parens_sub(&ptr, cd, name, lorn, xmode, utf, &count);
1641 if (rc > 0 || *ptr++ == 0) break;
1642 }
1643
1644 return rc;
1645 }
1646
1647
1648
1649
1650 /*************************************************
1651 * Find first significant op code *
1652 *************************************************/
1653
1654 /* This is called by several functions that scan a compiled expression looking
1655 for a fixed first character, or an anchoring op code etc. It skips over things
1656 that do not influence this. For some calls, it makes sense to skip negative
1657 forward and all backward assertions, and also the \b assertion; for others it
1658 does not.
1659
1660 Arguments:
1661 code pointer to the start of the group
1662 skipassert TRUE if certain assertions are to be skipped
1663
1664 Returns: pointer to the first significant opcode
1665 */
1666
1667 static const pcre_uchar*
1668 first_significant_code(const pcre_uchar *code, BOOL skipassert)
1669 {
1670 for (;;)
1671 {
1672 switch ((int)*code)
1673 {
1674 case OP_ASSERT_NOT:
1675 case OP_ASSERTBACK:
1676 case OP_ASSERTBACK_NOT:
1677 if (!skipassert) return code;
1678 do code += GET(code, 1); while (*code == OP_ALT);
1679 code += PRIV(OP_lengths)[*code];
1680 break;
1681
1682 case OP_WORD_BOUNDARY:
1683 case OP_NOT_WORD_BOUNDARY:
1684 if (!skipassert) return code;
1685 /* Fall through */
1686
1687 case OP_CALLOUT:
1688 case OP_CREF:
1689 case OP_NCREF:
1690 case OP_RREF:
1691 case OP_NRREF:
1692 case OP_DEF:
1693 code += PRIV(OP_lengths)[*code];
1694 break;
1695
1696 default:
1697 return code;
1698 }
1699 }
1700 /* Control never reaches here */
1701 }
1702
1703
1704
1705
1706 /*************************************************
1707 * Find the fixed length of a branch *
1708 *************************************************/
1709
1710 /* Scan a branch and compute the fixed length of subject that will match it,
1711 if the length is fixed. This is needed for dealing with backward assertions.
1712 In UTF8 mode, the result is in characters rather than bytes. The branch is
1713 temporarily terminated with OP_END when this function is called.
1714
1715 This function is called when a backward assertion is encountered, so that if it
1716 fails, the error message can point to the correct place in the pattern.
1717 However, we cannot do this when the assertion contains subroutine calls,
1718 because they can be forward references. We solve this by remembering this case
1719 and doing the check at the end; a flag specifies which mode we are running in.
1720
1721 Arguments:
1722 code points to the start of the pattern (the bracket)
1723 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
1724 atend TRUE if called when the pattern is complete
1725 cd the "compile data" structure
1726
1727 Returns: the fixed length,
1728 or -1 if there is no fixed length,
1729 or -2 if \C was encountered (in UTF-8 mode only)
1730 or -3 if an OP_RECURSE item was encountered and atend is FALSE
1731 or -4 if an unknown opcode was encountered (internal error)
1732 */
1733
1734 static int
1735 find_fixedlength(pcre_uchar *code, BOOL utf, BOOL atend, compile_data *cd)
1736 {
1737 int length = -1;
1738
1739 register int branchlength = 0;
1740 register pcre_uchar *cc = code + 1 + LINK_SIZE;
1741
1742 /* Scan along the opcodes for this branch. If we get to the end of the
1743 branch, check the length against that of the other branches. */
1744
1745 for (;;)
1746 {
1747 int d;
1748 pcre_uchar *ce, *cs;
1749 register pcre_uchar op = *cc;
1750
1751 switch (op)
1752 {
1753 /* We only need to continue for OP_CBRA (normal capturing bracket) and
1754 OP_BRA (normal non-capturing bracket) because the other variants of these
1755 opcodes are all concerned with unlimited repeated groups, which of course
1756 are not of fixed length. */
1757
1758 case OP_CBRA:
1759 case OP_BRA:
1760 case OP_ONCE:
1761 case OP_ONCE_NC:
1762 case OP_COND:
1763 d = find_fixedlength(cc + ((op == OP_CBRA)? IMM2_SIZE : 0), utf, atend, cd);
1764 if (d < 0) return d;
1765 branchlength += d;
1766 do cc += GET(cc, 1); while (*cc == OP_ALT);
1767 cc += 1 + LINK_SIZE;
1768 break;
1769
1770 /* Reached end of a branch; if it's a ket it is the end of a nested call.
1771 If it's ALT it is an alternation in a nested call. An ACCEPT is effectively
1772 an ALT. If it is END it's the end of the outer call. All can be handled by
1773 the same code. Note that we must not include the OP_KETRxxx opcodes here,
1774 because they all imply an unlimited repeat. */
1775
1776 case OP_ALT:
1777 case OP_KET:
1778 case OP_END:
1779 case OP_ACCEPT:
1780 case OP_ASSERT_ACCEPT:
1781 if (length < 0) length = branchlength;
1782 else if (length != branchlength) return -1;
1783 if (*cc != OP_ALT) return length;
1784 cc += 1 + LINK_SIZE;
1785 branchlength = 0;
1786 break;
1787
1788 /* A true recursion implies not fixed length, but a subroutine call may
1789 be OK. If the subroutine is a forward reference, we can't deal with
1790 it until the end of the pattern, so return -3. */
1791
1792 case OP_RECURSE:
1793 if (!atend) return -3;
1794 cs = ce = (pcre_uchar *)cd->start_code + GET(cc, 1); /* Start subpattern */
1795 do ce += GET(ce, 1); while (*ce == OP_ALT); /* End subpattern */
1796 if (cc > cs && cc < ce) return -1; /* Recursion */
1797 d = find_fixedlength(cs + IMM2_SIZE, utf, atend, cd);
1798 if (d < 0) return d;
1799 branchlength += d;
1800 cc += 1 + LINK_SIZE;
1801 break;
1802
1803 /* Skip over assertive subpatterns */
1804
1805 case OP_ASSERT:
1806 case OP_ASSERT_NOT:
1807 case OP_ASSERTBACK:
1808 case OP_ASSERTBACK_NOT:
1809 do cc += GET(cc, 1); while (*cc == OP_ALT);
1810 cc += PRIV(OP_lengths)[*cc];
1811 break;
1812
1813 /* Skip over things that don't match chars */
1814
1815 case OP_MARK:
1816 case OP_PRUNE_ARG:
1817 case OP_SKIP_ARG:
1818 case OP_THEN_ARG:
1819 cc += cc[1] + PRIV(OP_lengths)[*cc];
1820 break;
1821
1822 case OP_CALLOUT:
1823 case OP_CIRC:
1824 case OP_CIRCM:
1825 case OP_CLOSE:
1826 case OP_COMMIT:
1827 case OP_CREF:
1828 case OP_DEF:
1829 case OP_DOLL:
1830 case OP_DOLLM:
1831 case OP_EOD:
1832 case OP_EODN:
1833 case OP_FAIL:
1834 case OP_NCREF:
1835 case OP_NRREF:
1836 case OP_NOT_WORD_BOUNDARY:
1837 case OP_PRUNE:
1838 case OP_REVERSE:
1839 case OP_RREF:
1840 case OP_SET_SOM:
1841 case OP_SKIP:
1842 case OP_SOD:
1843 case OP_SOM:
1844 case OP_THEN:
1845 case OP_WORD_BOUNDARY:
1846 cc += PRIV(OP_lengths)[*cc];
1847 break;
1848
1849 /* Handle literal characters */
1850
1851 case OP_CHAR:
1852 case OP_CHARI:
1853 case OP_NOT:
1854 case OP_NOTI:
1855 branchlength++;
1856 cc += 2;
1857 #ifdef SUPPORT_UTF
1858 if (utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]);
1859 #endif
1860 break;
1861
1862 /* Handle exact repetitions. The count is already in characters, but we
1863 need to skip over a multibyte character in UTF8 mode. */
1864
1865 case OP_EXACT:
1866 case OP_EXACTI:
1867 case OP_NOTEXACT:
1868 case OP_NOTEXACTI:
1869 branchlength += (int)GET2(cc,1);
1870 cc += 2 + IMM2_SIZE;
1871 #ifdef SUPPORT_UTF
1872 if (utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]);
1873 #endif
1874 break;
1875
1876 case OP_TYPEEXACT:
1877 branchlength += GET2(cc,1);
1878 if (cc[1 + IMM2_SIZE] == OP_PROP || cc[1 + IMM2_SIZE] == OP_NOTPROP)
1879 cc += 2;
1880 cc += 1 + IMM2_SIZE + 1;
1881 break;
1882
1883 /* Handle single-char matchers */
1884
1885 case OP_PROP:
1886 case OP_NOTPROP:
1887 cc += 2;
1888 /* Fall through */
1889
1890 case OP_HSPACE:
1891 case OP_VSPACE:
1892 case OP_NOT_HSPACE:
1893 case OP_NOT_VSPACE:
1894 case OP_NOT_DIGIT:
1895 case OP_DIGIT:
1896 case OP_NOT_WHITESPACE:
1897 case OP_WHITESPACE:
1898 case OP_NOT_WORDCHAR:
1899 case OP_WORDCHAR:
1900 case OP_ANY:
1901 case OP_ALLANY:
1902 branchlength++;
1903 cc++;
1904 break;
1905
1906 /* The single-byte matcher isn't allowed. This only happens in UTF-8 mode;
1907 otherwise \C is coded as OP_ALLANY. */
1908
1909 case OP_ANYBYTE:
1910 return -2;
1911
1912 /* Check a class for variable quantification */
1913
1914 #if defined SUPPORT_UTF || defined COMPILE_PCRE16 || defined COMPILE_PCRE32
1915 case OP_XCLASS:
1916 cc += GET(cc, 1) - PRIV(OP_lengths)[OP_CLASS];
1917 /* Fall through */
1918 #endif
1919
1920 case OP_CLASS:
1921 case OP_NCLASS:
1922 cc += PRIV(OP_lengths)[OP_CLASS];
1923
1924 switch (*cc)
1925 {
1926 case OP_CRPLUS:
1927 case OP_CRMINPLUS:
1928 case OP_CRSTAR:
1929 case OP_CRMINSTAR:
1930 case OP_CRQUERY:
1931 case OP_CRMINQUERY:
1932 return -1;
1933
1934 case OP_CRRANGE:
1935 case OP_CRMINRANGE:
1936 if (GET2(cc,1) != GET2(cc,1+IMM2_SIZE)) return -1;
1937 branchlength += (int)GET2(cc,1);
1938 cc += 1 + 2 * IMM2_SIZE;
1939 break;
1940
1941 default:
1942 branchlength++;
1943 }
1944 break;
1945
1946 /* Anything else is variable length */
1947
1948 case OP_ANYNL:
1949 case OP_BRAMINZERO:
1950 case OP_BRAPOS:
1951 case OP_BRAPOSZERO:
1952 case OP_BRAZERO:
1953 case OP_CBRAPOS:
1954 case OP_EXTUNI:
1955 case OP_KETRMAX:
1956 case OP_KETRMIN:
1957 case OP_KETRPOS:
1958 case OP_MINPLUS:
1959 case OP_MINPLUSI:
1960 case OP_MINQUERY:
1961 case OP_MINQUERYI:
1962 case OP_MINSTAR:
1963 case OP_MINSTARI:
1964 case OP_MINUPTO:
1965 case OP_MINUPTOI:
1966 case OP_NOTMINPLUS:
1967 case OP_NOTMINPLUSI:
1968 case OP_NOTMINQUERY:
1969 case OP_NOTMINQUERYI:
1970 case OP_NOTMINSTAR:
1971 case OP_NOTMINSTARI:
1972 case OP_NOTMINUPTO:
1973 case OP_NOTMINUPTOI:
1974 case OP_NOTPLUS:
1975 case OP_NOTPLUSI:
1976 case OP_NOTPOSPLUS:
1977 case OP_NOTPOSPLUSI:
1978 case OP_NOTPOSQUERY:
1979 case OP_NOTPOSQUERYI:
1980 case OP_NOTPOSSTAR:
1981 case OP_NOTPOSSTARI:
1982 case OP_NOTPOSUPTO:
1983 case OP_NOTPOSUPTOI:
1984 case OP_NOTQUERY:
1985 case OP_NOTQUERYI:
1986 case OP_NOTSTAR:
1987 case OP_NOTSTARI:
1988 case OP_NOTUPTO:
1989 case OP_NOTUPTOI:
1990 case OP_PLUS:
1991 case OP_PLUSI:
1992 case OP_POSPLUS:
1993 case OP_POSPLUSI:
1994 case OP_POSQUERY:
1995 case OP_POSQUERYI:
1996 case OP_POSSTAR:
1997 case OP_POSSTARI:
1998 case OP_POSUPTO:
1999 case OP_POSUPTOI:
2000 case OP_QUERY:
2001 case OP_QUERYI:
2002 case OP_REF:
2003 case OP_REFI:
2004 case OP_SBRA:
2005 case OP_SBRAPOS:
2006 case OP_SCBRA:
2007 case OP_SCBRAPOS:
2008 case OP_SCOND:
2009 case OP_SKIPZERO:
2010 case OP_STAR:
2011 case OP_STARI:
2012 case OP_TYPEMINPLUS:
2013 case OP_TYPEMINQUERY:
2014 case OP_TYPEMINSTAR:
2015 case OP_TYPEMINUPTO:
2016 case OP_TYPEPLUS:
2017 case OP_TYPEPOSPLUS:
2018 case OP_TYPEPOSQUERY:
2019 case OP_TYPEPOSSTAR:
2020 case OP_TYPEPOSUPTO:
2021 case OP_TYPEQUERY:
2022 case OP_TYPESTAR:
2023 case OP_TYPEUPTO:
2024 case OP_UPTO:
2025 case OP_UPTOI:
2026 return -1;
2027
2028 /* Catch unrecognized opcodes so that when new ones are added they
2029 are not forgotten, as has happened in the past. */
2030
2031 default:
2032 return -4;
2033 }
2034 }
2035 /* Control never gets here */
2036 }
2037
2038
2039
2040
2041 /*************************************************
2042 * Scan compiled regex for specific bracket *
2043 *************************************************/
2044
2045 /* This little function scans through a compiled pattern until it finds a
2046 capturing bracket with the given number, or, if the number is negative, an
2047 instance of OP_REVERSE for a lookbehind. The function is global in the C sense
2048 so that it can be called from pcre_study() when finding the minimum matching
2049 length.
2050
2051 Arguments:
2052 code points to start of expression
2053 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
2054 number the required bracket number or negative to find a lookbehind
2055
2056 Returns: pointer to the opcode for the bracket, or NULL if not found
2057 */
2058
2059 const pcre_uchar *
2060 PRIV(find_bracket)(const pcre_uchar *code, BOOL utf, int number)
2061 {
2062 for (;;)
2063 {
2064 register pcre_uchar c = *code;
2065
2066 if (c == OP_END) return NULL;
2067
2068 /* XCLASS is used for classes that cannot be represented just by a bit
2069 map. This includes negated single high-valued characters. The length in
2070 the table is zero; the actual length is stored in the compiled code. */
2071
2072 if (c == OP_XCLASS) code += GET(code, 1);
2073
2074 /* Handle recursion */
2075
2076 else if (c == OP_REVERSE)
2077 {
2078 if (number < 0) return (pcre_uchar *)code;
2079 code += PRIV(OP_lengths)[c];
2080 }
2081
2082 /* Handle capturing bracket */
2083
2084 else if (c == OP_CBRA || c == OP_SCBRA ||
2085 c == OP_CBRAPOS || c == OP_SCBRAPOS)
2086 {
2087 int n = (int)GET2(code, 1+LINK_SIZE);
2088 if (n == number) return (pcre_uchar *)code;
2089 code += PRIV(OP_lengths)[c];
2090 }
2091
2092 /* Otherwise, we can get the item's length from the table, except that for
2093 repeated character types, we have to test for \p and \P, which have an extra
2094 two bytes of parameters, and for MARK/PRUNE/SKIP/THEN with an argument, we
2095 must add in its length. */
2096
2097 else
2098 {
2099 switch(c)
2100 {
2101 case OP_TYPESTAR:
2102 case OP_TYPEMINSTAR:
2103 case OP_TYPEPLUS:
2104 case OP_TYPEMINPLUS:
2105 case OP_TYPEQUERY:
2106 case OP_TYPEMINQUERY:
2107 case OP_TYPEPOSSTAR:
2108 case OP_TYPEPOSPLUS:
2109 case OP_TYPEPOSQUERY:
2110 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2111 break;
2112
2113 case OP_TYPEUPTO:
2114 case OP_TYPEMINUPTO:
2115 case OP_TYPEEXACT:
2116 case OP_TYPEPOSUPTO:
2117 if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2118 code += 2;
2119 break;
2120
2121 case OP_MARK:
2122 case OP_PRUNE_ARG:
2123 case OP_SKIP_ARG:
2124 code += code[1];
2125 break;
2126
2127 case OP_THEN_ARG:
2128 code += code[1];
2129 break;
2130 }
2131
2132 /* Add in the fixed length from the table */
2133
2134 code += PRIV(OP_lengths)[c];
2135
2136 /* In UTF-8 mode, opcodes that are followed by a character may be followed by
2137 a multi-byte character. The length in the table is a minimum, so we have to
2138 arrange to skip the extra bytes. */
2139
2140 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2141 if (utf) switch(c)
2142 {
2143 case OP_CHAR:
2144 case OP_CHARI:
2145 case OP_EXACT:
2146 case OP_EXACTI:
2147 case OP_UPTO:
2148 case OP_UPTOI:
2149 case OP_MINUPTO:
2150 case OP_MINUPTOI:
2151 case OP_POSUPTO:
2152 case OP_POSUPTOI:
2153 case OP_STAR:
2154 case OP_STARI:
2155 case OP_MINSTAR:
2156 case OP_MINSTARI:
2157 case OP_POSSTAR:
2158 case OP_POSSTARI:
2159 case OP_PLUS:
2160 case OP_PLUSI:
2161 case OP_MINPLUS:
2162 case OP_MINPLUSI:
2163 case OP_POSPLUS:
2164 case OP_POSPLUSI:
2165 case OP_QUERY:
2166 case OP_QUERYI:
2167 case OP_MINQUERY:
2168 case OP_MINQUERYI:
2169 case OP_POSQUERY:
2170 case OP_POSQUERYI:
2171 if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);
2172 break;
2173 }
2174 #else
2175 (void)(utf); /* Keep compiler happy by referencing function argument */
2176 #endif
2177 }
2178 }
2179 }
2180
2181
2182
2183 /*************************************************
2184 * Scan compiled regex for recursion reference *
2185 *************************************************/
2186
2187 /* This little function scans through a compiled pattern until it finds an
2188 instance of OP_RECURSE.
2189
2190 Arguments:
2191 code points to start of expression
2192 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
2193
2194 Returns: pointer to the opcode for OP_RECURSE, or NULL if not found
2195 */
2196
2197 static const pcre_uchar *
2198 find_recurse(const pcre_uchar *code, BOOL utf)
2199 {
2200 for (;;)
2201 {
2202 register pcre_uchar c = *code;
2203 if (c == OP_END) return NULL;
2204 if (c == OP_RECURSE) return code;
2205
2206 /* XCLASS is used for classes that cannot be represented just by a bit
2207 map. This includes negated single high-valued characters. The length in
2208 the table is zero; the actual length is stored in the compiled code. */
2209
2210 if (c == OP_XCLASS) code += GET(code, 1);
2211
2212 /* Otherwise, we can get the item's length from the table, except that for
2213 repeated character types, we have to test for \p and \P, which have an extra
2214 two bytes of parameters, and for MARK/PRUNE/SKIP/THEN with an argument, we
2215 must add in its length. */
2216
2217 else
2218 {
2219 switch(c)
2220 {
2221 case OP_TYPESTAR:
2222 case OP_TYPEMINSTAR:
2223 case OP_TYPEPLUS:
2224 case OP_TYPEMINPLUS:
2225 case OP_TYPEQUERY:
2226 case OP_TYPEMINQUERY:
2227 case OP_TYPEPOSSTAR:
2228 case OP_TYPEPOSPLUS:
2229 case OP_TYPEPOSQUERY:
2230 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2231 break;
2232
2233 case OP_TYPEPOSUPTO:
2234 case OP_TYPEUPTO:
2235 case OP_TYPEMINUPTO:
2236 case OP_TYPEEXACT:
2237 if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2238 code += 2;
2239 break;
2240
2241 case OP_MARK:
2242 case OP_PRUNE_ARG:
2243 case OP_SKIP_ARG:
2244 code += code[1];
2245 break;
2246
2247 case OP_THEN_ARG:
2248 code += code[1];
2249 break;
2250 }
2251
2252 /* Add in the fixed length from the table */
2253
2254 code += PRIV(OP_lengths)[c];
2255
2256 /* In UTF-8 mode, opcodes that are followed by a character may be followed
2257 by a multi-byte character. The length in the table is a minimum, so we have
2258 to arrange to skip the extra bytes. */
2259
2260 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2261 if (utf) switch(c)
2262 {
2263 case OP_CHAR:
2264 case OP_CHARI:
2265 case OP_NOT:
2266 case OP_NOTI:
2267 case OP_EXACT:
2268 case OP_EXACTI:
2269 case OP_NOTEXACT:
2270 case OP_NOTEXACTI:
2271 case OP_UPTO:
2272 case OP_UPTOI:
2273 case OP_NOTUPTO:
2274 case OP_NOTUPTOI:
2275 case OP_MINUPTO:
2276 case OP_MINUPTOI:
2277 case OP_NOTMINUPTO:
2278 case OP_NOTMINUPTOI:
2279 case OP_POSUPTO:
2280 case OP_POSUPTOI:
2281 case OP_NOTPOSUPTO:
2282 case OP_NOTPOSUPTOI:
2283 case OP_STAR:
2284 case OP_STARI:
2285 case OP_NOTSTAR:
2286 case OP_NOTSTARI:
2287 case OP_MINSTAR:
2288 case OP_MINSTARI:
2289 case OP_NOTMINSTAR:
2290 case OP_NOTMINSTARI:
2291 case OP_POSSTAR:
2292 case OP_POSSTARI:
2293 case OP_NOTPOSSTAR:
2294 case OP_NOTPOSSTARI:
2295 case OP_PLUS:
2296 case OP_PLUSI:
2297 case OP_NOTPLUS:
2298 case OP_NOTPLUSI:
2299 case OP_MINPLUS:
2300 case OP_MINPLUSI:
2301 case OP_NOTMINPLUS:
2302 case OP_NOTMINPLUSI:
2303 case OP_POSPLUS:
2304 case OP_POSPLUSI:
2305 case OP_NOTPOSPLUS:
2306 case OP_NOTPOSPLUSI:
2307 case OP_QUERY:
2308 case OP_QUERYI:
2309 case OP_NOTQUERY:
2310 case OP_NOTQUERYI:
2311 case OP_MINQUERY:
2312 case OP_MINQUERYI:
2313 case OP_NOTMINQUERY:
2314 case OP_NOTMINQUERYI:
2315 case OP_POSQUERY:
2316 case OP_POSQUERYI:
2317 case OP_NOTPOSQUERY:
2318 case OP_NOTPOSQUERYI:
2319 if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);
2320 break;
2321 }
2322 #else
2323 (void)(utf); /* Keep compiler happy by referencing function argument */
2324 #endif
2325 }
2326 }
2327 }
2328
2329
2330
2331 /*************************************************
2332 * Scan compiled branch for non-emptiness *
2333 *************************************************/
2334
2335 /* This function scans through a branch of a compiled pattern to see whether it
2336 can match the empty string or not. It is called from could_be_empty()
2337 below and from compile_branch() when checking for an unlimited repeat of a
2338 group that can match nothing. Note that first_significant_code() skips over
2339 backward and negative forward assertions when its final argument is TRUE. If we
2340 hit an unclosed bracket, we return "empty" - this means we've struck an inner
2341 bracket whose current branch will already have been scanned.
2342
2343 Arguments:
2344 code points to start of search
2345 endcode points to where to stop
2346 utf TRUE if in UTF-8 / UTF-16 / UTF-32 mode
2347 cd contains pointers to tables etc.
2348
2349 Returns: TRUE if what is matched could be empty
2350 */
2351
2352 static BOOL
2353 could_be_empty_branch(const pcre_uchar *code, const pcre_uchar *endcode,
2354 BOOL utf, compile_data *cd)
2355 {
2356 register pcre_uchar c;
2357 for (code = first_significant_code(code + PRIV(OP_lengths)[*code], TRUE);
2358 code < endcode;
2359 code = first_significant_code(code + PRIV(OP_lengths)[c], TRUE))
2360 {
2361 const pcre_uchar *ccode;
2362
2363 c = *code;
2364
2365 /* Skip over forward assertions; the other assertions are skipped by
2366 first_significant_code() with a TRUE final argument. */
2367
2368 if (c == OP_ASSERT)
2369 {
2370 do code += GET(code, 1); while (*code == OP_ALT);
2371 c = *code;
2372 continue;
2373 }
2374
2375 /* For a recursion/subroutine call, if its end has been reached, which
2376 implies a backward reference subroutine call, we can scan it. If it's a
2377 forward reference subroutine call, we can't. To detect forward reference
2378 we have to scan up the list that is kept in the workspace. This function is
2379 called only when doing the real compile, not during the pre-compile that
2380 measures the size of the compiled pattern. */
2381
2382 if (c == OP_RECURSE)
2383 {
2384 const pcre_uchar *scode;
2385 BOOL empty_branch;
2386
2387 /* Test for forward reference */
2388
2389 for (scode = cd->start_workspace; scode < cd->hwm; scode += LINK_SIZE)
2390 if ((int)GET(scode, 0) == (int)(code + 1 - cd->start_code)) return TRUE;
2391
2392 /* Not a forward reference, test for completed backward reference */
2393
2394 empty_branch = FALSE;
2395 scode = cd->start_code + GET(code, 1);
2396 if (GET(scode, 1) == 0) return TRUE; /* Unclosed */
2397
2398 /* Completed backwards reference */
2399
2400 do
2401 {
2402 if (could_be_empty_branch(scode, endcode, utf, cd))
2403 {
2404 empty_branch = TRUE;
2405 break;
2406 }
2407 scode += GET(scode, 1);
2408 }
2409 while (*scode == OP_ALT);
2410
2411 if (!empty_branch) return FALSE; /* All branches are non-empty */
2412 continue;
2413 }
2414
2415 /* Groups with zero repeats can of course be empty; skip them. */
2416
2417 if (c == OP_BRAZERO || c == OP_BRAMINZERO || c == OP_SKIPZERO ||
2418 c == OP_BRAPOSZERO)
2419 {
2420 code += PRIV(OP_lengths)[c];
2421 do code += GET(code, 1); while (*code == OP_ALT);
2422 c = *code;
2423 continue;
2424 }
2425
2426 /* A nested group that is already marked as "could be empty" can just be
2427 skipped. */
2428
2429 if (c == OP_SBRA || c == OP_SBRAPOS ||
2430 c == OP_SCBRA || c == OP_SCBRAPOS)
2431 {
2432 do code += GET(code, 1); while (*code == OP_ALT);
2433 c = *code;
2434 continue;
2435 }
2436
2437 /* For other groups, scan the branches. */
2438
2439 if (c == OP_BRA || c == OP_BRAPOS ||
2440 c == OP_CBRA || c == OP_CBRAPOS ||
2441 c == OP_ONCE || c == OP_ONCE_NC ||
2442 c == OP_COND)
2443 {
2444 BOOL empty_branch;
2445 if (GET(code, 1) == 0) return TRUE; /* Hit unclosed bracket */
2446
2447 /* If a conditional group has only one branch, there is a second, implied,
2448 empty branch, so just skip over the conditional, because it could be empty.
2449 Otherwise, scan the individual branches of the group. */
2450
2451 if (c == OP_COND && code[GET(code, 1)] != OP_ALT)
2452 code += GET(code, 1);
2453 else
2454 {
2455 empty_branch = FALSE;
2456 do
2457 {
2458 if (!empty_branch && could_be_empty_branch(code, endcode, utf, cd))
2459 empty_branch = TRUE;
2460 code += GET(code, 1);
2461 }
2462 while (*code == OP_ALT);
2463 if (!empty_branch) return FALSE; /* All branches are non-empty */
2464 }
2465
2466 c = *code;
2467 continue;
2468 }
2469
2470 /* Handle the other opcodes */
2471
2472 switch (c)
2473 {
2474 /* Check for quantifiers after a class. XCLASS is used for classes that
2475 cannot be represented just by a bit map. This includes negated single
2476 high-valued characters. The length in PRIV(OP_lengths)[] is zero; the
2477 actual length is stored in the compiled code, so we must update "code"
2478 here. */
2479
2480 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
2481 case OP_XCLASS:
2482 ccode = code += GET(code, 1);
2483 goto CHECK_CLASS_REPEAT;
2484 #endif
2485
2486 case OP_CLASS:
2487 case OP_NCLASS:
2488 ccode = code + PRIV(OP_lengths)[OP_CLASS];
2489
2490 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
2491 CHECK_CLASS_REPEAT:
2492 #endif
2493
2494 switch (*ccode)
2495 {
2496 case OP_CRSTAR: /* These could be empty; continue */
2497 case OP_CRMINSTAR:
2498 case OP_CRQUERY:
2499 case OP_CRMINQUERY:
2500 break;
2501
2502 default: /* Non-repeat => class must match */
2503 case OP_CRPLUS: /* These repeats aren't empty */
2504 case OP_CRMINPLUS:
2505 return FALSE;
2506
2507 case OP_CRRANGE:
2508 case OP_CRMINRANGE:
2509 if (GET2(ccode, 1) > 0) return FALSE; /* Minimum > 0 */
2510 break;
2511 }
2512 break;
2513
2514 /* Opcodes that must match a character */
2515
2516 case OP_PROP:
2517 case OP_NOTPROP:
2518 case OP_EXTUNI:
2519 case OP_NOT_DIGIT:
2520 case OP_DIGIT:
2521 case OP_NOT_WHITESPACE:
2522 case OP_WHITESPACE:
2523 case OP_NOT_WORDCHAR:
2524 case OP_WORDCHAR:
2525 case OP_ANY:
2526 case OP_ALLANY:
2527 case OP_ANYBYTE:
2528 case OP_CHAR:
2529 case OP_CHARI:
2530 case OP_NOT:
2531 case OP_NOTI:
2532 case OP_PLUS:
2533 case OP_MINPLUS:
2534 case OP_POSPLUS:
2535 case OP_EXACT:
2536 case OP_NOTPLUS:
2537 case OP_NOTMINPLUS:
2538 case OP_NOTPOSPLUS:
2539 case OP_NOTEXACT:
2540 case OP_TYPEPLUS:
2541 case OP_TYPEMINPLUS:
2542 case OP_TYPEPOSPLUS:
2543 case OP_TYPEEXACT:
2544 return FALSE;
2545
2546 /* These are going to continue, as they may be empty, but we have to
2547 fudge the length for the \p and \P cases. */
2548
2549 case OP_TYPESTAR:
2550 case OP_TYPEMINSTAR:
2551 case OP_TYPEPOSSTAR:
2552 case OP_TYPEQUERY:
2553 case OP_TYPEMINQUERY:
2554 case OP_TYPEPOSQUERY:
2555 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2556 break;
2557
2558 /* Same for these */
2559
2560 case OP_TYPEUPTO:
2561 case OP_TYPEMINUPTO:
2562 case OP_TYPEPOSUPTO:
2563 if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2564 code += 2;
2565 break;
2566
2567 /* End of branch */
2568
2569 case OP_KET:
2570 case OP_KETRMAX:
2571 case OP_KETRMIN:
2572 case OP_KETRPOS:
2573 case OP_ALT:
2574 return TRUE;
2575
2576 /* In UTF-8 mode, STAR, MINSTAR, POSSTAR, QUERY, MINQUERY, POSQUERY, UPTO,
2577 MINUPTO, and POSUPTO may be followed by a multibyte character */
2578
2579 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2580 case OP_STAR:
2581 case OP_STARI:
2582 case OP_MINSTAR:
2583 case OP_MINSTARI:
2584 case OP_POSSTAR:
2585 case OP_POSSTARI:
2586 case OP_QUERY:
2587 case OP_QUERYI:
2588 case OP_MINQUERY:
2589 case OP_MINQUERYI:
2590 case OP_POSQUERY:
2591 case OP_POSQUERYI:
2592 if (utf && HAS_EXTRALEN(code[1])) code += GET_EXTRALEN(code[1]);
2593 break;
2594
2595 case OP_UPTO:
2596 case OP_UPTOI:
2597 case OP_MINUPTO:
2598 case OP_MINUPTOI:
2599 case OP_POSUPTO:
2600 case OP_POSUPTOI:
2601 if (utf && HAS_EXTRALEN(code[1 + IMM2_SIZE])) code += GET_EXTRALEN(code[1 + IMM2_SIZE]);
2602 break;
2603 #endif
2604
2605 /* MARK, and PRUNE/SKIP/THEN with an argument must skip over the argument
2606 string. */
2607
2608 case OP_MARK:
2609 case OP_PRUNE_ARG:
2610 case OP_SKIP_ARG:
2611 code += code[1];
2612 break;
2613
2614 case OP_THEN_ARG:
2615 code += code[1];
2616 break;
2617
2618 /* None of the remaining opcodes are required to match a character. */
2619
2620 default:
2621 break;
2622 }
2623 }
2624
2625 return TRUE;
2626 }
2627
2628
2629
2630 /*************************************************
2631 * Scan compiled regex for non-emptiness *
2632 *************************************************/
2633
2634 /* This function is called to check for left recursive calls. We want to check
2635 the current branch of the current pattern to see if it could match the empty
2636 string. If it could, we must look outwards for branches at other levels,
2637 stopping when we pass beyond the bracket which is the subject of the recursion.
2638 This function is called only during the real compile, not during the
2639 pre-compile.
2640
2641 Arguments:
2642 code points to start of the recursion
2643 endcode points to where to stop (current RECURSE item)
2644 bcptr points to the chain of current (unclosed) branch starts
2645 utf TRUE if in UTF-8 / UTF-16 / UTF-32 mode
2646 cd pointers to tables etc
2647
2648 Returns: TRUE if what is matched could be empty
2649 */
2650
2651 static BOOL
2652 could_be_empty(const pcre_uchar *code, const pcre_uchar *endcode,
2653 branch_chain *bcptr, BOOL utf, compile_data *cd)
2654 {
2655 while (bcptr != NULL && bcptr->current_branch >= code)
2656 {
2657 if (!could_be_empty_branch(bcptr->current_branch, endcode, utf, cd))
2658 return FALSE;
2659 bcptr = bcptr->outer;
2660 }
2661 return TRUE;
2662 }
2663
2664
2665
2666 /*************************************************
2667 * Check for POSIX class syntax *
2668 *************************************************/
2669
2670 /* This function is called when the sequence "[:" or "[." or "[=" is
2671 encountered in a character class. It checks whether this is followed by a
2672 sequence of characters terminated by a matching ":]" or ".]" or "=]". If we
2673 reach an unescaped ']' without the special preceding character, return FALSE.
2674
2675 Originally, this function only recognized a sequence of letters between the
2676 terminators, but it seems that Perl recognizes any sequence of characters,
2677 though of course unknown POSIX names are subsequently rejected. Perl gives an
2678 "Unknown POSIX class" error for [:f\oo:] for example, where previously PCRE
2679 didn't consider this to be a POSIX class. Likewise for [:1234:].
2680
2681 The problem in trying to be exactly like Perl is in the handling of escapes. We
2682 have to be sure that [abc[:x\]pqr] is *not* treated as containing a POSIX
2683 class, but [abc[:x\]pqr:]] is (so that an error can be generated). The code
2684 below handles the special case of \], but does not try to do any other escape
2685 processing. This makes it different from Perl for cases such as [:l\ower:]
2686 where Perl recognizes it as the POSIX class "lower" but PCRE does not recognize
2687 "l\ower". This is a lesser evil that not diagnosing bad classes when Perl does,
2688 I think.
2689
2690 A user pointed out that PCRE was rejecting [:a[:digit:]] whereas Perl was not.
2691 It seems that the appearance of a nested POSIX class supersedes an apparent
2692 external class. For example, [:a[:digit:]b:] matches "a", "b", ":", or
2693 a digit.
2694
2695 In Perl, unescaped square brackets may also appear as part of class names. For
2696 example, [:a[:abc]b:] gives unknown POSIX class "[:abc]b:]". However, for
2697 [:a[:abc]b][b:] it gives unknown POSIX class "[:abc]b][b:]", which does not
2698 seem right at all. PCRE does not allow closing square brackets in POSIX class
2699 names.
2700
2701 Arguments:
2702 ptr pointer to the initial [
2703 endptr where to return the end pointer
2704
2705 Returns: TRUE or FALSE
2706 */
2707
2708 static BOOL
2709 check_posix_syntax(const pcre_uchar *ptr, const pcre_uchar **endptr)
2710 {
2711 pcre_uchar terminator; /* Don't combine these lines; the Solaris cc */
2712 terminator = *(++ptr); /* compiler warns about "non-constant" initializer. */
2713 for (++ptr; *ptr != 0; ptr++)
2714 {
2715 if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
2716 ptr++;
2717 else if (*ptr == CHAR_RIGHT_SQUARE_BRACKET) return FALSE;
2718 else
2719 {
2720 if (*ptr == terminator && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
2721 {
2722 *endptr = ptr;
2723 return TRUE;
2724 }
2725 if (*ptr == CHAR_LEFT_SQUARE_BRACKET &&
2726 (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
2727 ptr[1] == CHAR_EQUALS_SIGN) &&
2728 check_posix_syntax(ptr, endptr))
2729 return FALSE;
2730 }
2731 }
2732 return FALSE;
2733 }
2734
2735
2736
2737
2738 /*************************************************
2739 * Check POSIX class name *
2740 *************************************************/
2741
2742 /* This function is called to check the name given in a POSIX-style class entry
2743 such as [:alnum:].
2744
2745 Arguments:
2746 ptr points to the first letter
2747 len the length of the name
2748
2749 Returns: a value representing the name, or -1 if unknown
2750 */
2751
2752 static int
2753 check_posix_name(const pcre_uchar *ptr, int len)
2754 {
2755 const char *pn = posix_names;
2756 register int yield = 0;
2757 while (posix_name_lengths[yield] != 0)
2758 {
2759 if (len == posix_name_lengths[yield] &&
2760 STRNCMP_UC_C8(ptr, pn, (unsigned int)len) == 0) return yield;
2761 pn += posix_name_lengths[yield] + 1;
2762 yield++;
2763 }
2764 return -1;
2765 }
2766
2767
2768 /*************************************************
2769 * Adjust OP_RECURSE items in repeated group *
2770 *************************************************/
2771
2772 /* OP_RECURSE items contain an offset from the start of the regex to the group
2773 that is referenced. This means that groups can be replicated for fixed
2774 repetition simply by copying (because the recursion is allowed to refer to
2775 earlier groups that are outside the current group). However, when a group is
2776 optional (i.e. the minimum quantifier is zero), OP_BRAZERO or OP_SKIPZERO is
2777 inserted before it, after it has been compiled. This means that any OP_RECURSE
2778 items within it that refer to the group itself or any contained groups have to
2779 have their offsets adjusted. That one of the jobs of this function. Before it
2780 is called, the partially compiled regex must be temporarily terminated with
2781 OP_END.
2782
2783 This function has been extended with the possibility of forward references for
2784 recursions and subroutine calls. It must also check the list of such references
2785 for the group we are dealing with. If it finds that one of the recursions in
2786 the current group is on this list, it adjusts the offset in the list, not the
2787 value in the reference (which is a group number).
2788
2789 Arguments:
2790 group points to the start of the group
2791 adjust the amount by which the group is to be moved
2792 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
2793 cd contains pointers to tables etc.
2794 save_hwm the hwm forward reference pointer at the start of the group
2795
2796 Returns: nothing
2797 */
2798
2799 static void
2800 adjust_recurse(pcre_uchar *group, int adjust, BOOL utf, compile_data *cd,
2801 pcre_uchar *save_hwm)
2802 {
2803 pcre_uchar *ptr = group;
2804
2805 while ((ptr = (pcre_uchar *)find_recurse(ptr, utf)) != NULL)
2806 {
2807 int offset;
2808 pcre_uchar *hc;
2809
2810 /* See if this recursion is on the forward reference list. If so, adjust the
2811 reference. */
2812
2813 for (hc = save_hwm; hc < cd->hwm; hc += LINK_SIZE)
2814 {
2815 offset = (int)GET(hc, 0);
2816 if (cd->start_code + offset == ptr + 1)
2817 {
2818 PUT(hc, 0, offset + adjust);
2819 break;
2820 }
2821 }
2822
2823 /* Otherwise, adjust the recursion offset if it's after the start of this
2824 group. */
2825
2826 if (hc >= cd->hwm)
2827 {
2828 offset = (int)GET(ptr, 1);
2829 if (cd->start_code + offset >= group) PUT(ptr, 1, offset + adjust);
2830 }
2831
2832 ptr += 1 + LINK_SIZE;
2833 }
2834 }
2835
2836
2837
2838 /*************************************************
2839 * Insert an automatic callout point *
2840 *************************************************/
2841
2842 /* This function is called when the PCRE_AUTO_CALLOUT option is set, to insert
2843 callout points before each pattern item.
2844
2845 Arguments:
2846 code current code pointer
2847 ptr current pattern pointer
2848 cd pointers to tables etc
2849
2850 Returns: new code pointer
2851 */
2852
2853 static pcre_uchar *
2854 auto_callout(pcre_uchar *code, const pcre_uchar *ptr, compile_data *cd)
2855 {
2856 *code++ = OP_CALLOUT;
2857 *code++ = 255;
2858 PUT(code, 0, (int)(ptr - cd->start_pattern)); /* Pattern offset */
2859 PUT(code, LINK_SIZE, 0); /* Default length */
2860 return code + 2 * LINK_SIZE;
2861 }
2862
2863
2864
2865 /*************************************************
2866 * Complete a callout item *
2867 *************************************************/
2868
2869 /* A callout item contains the length of the next item in the pattern, which
2870 we can't fill in till after we have reached the relevant point. This is used
2871 for both automatic and manual callouts.
2872
2873 Arguments:
2874 previous_callout points to previous callout item
2875 ptr current pattern pointer
2876 cd pointers to tables etc
2877
2878 Returns: nothing
2879 */
2880
2881 static void
2882 complete_callout(pcre_uchar *previous_callout, const pcre_uchar *ptr, compile_data *cd)
2883 {
2884 int length = (int)(ptr - cd->start_pattern - GET(previous_callout, 2));
2885 PUT(previous_callout, 2 + LINK_SIZE, length);
2886 }
2887
2888
2889
2890 #ifdef SUPPORT_UCP
2891 /*************************************************
2892 * Get othercase range *
2893 *************************************************/
2894
2895 /* This function is passed the start and end of a class range, in UTF-8 mode
2896 with UCP support. It searches up the characters, looking for ranges of
2897 characters in the "other" case. Each call returns the next one, updating the
2898 start address. A character with multiple other cases is returned on its own
2899 with a special return value.
2900
2901 Arguments:
2902 cptr points to starting character value; updated
2903 d end value
2904 ocptr where to put start of othercase range
2905 odptr where to put end of othercase range
2906
2907 Yield: -1 when no more
2908 0 when a range is returned
2909 >0 the CASESET offset for char with multiple other cases
2910 in this case, ocptr contains the original
2911 */
2912
2913 static int
2914 get_othercase_range(pcre_uint32 *cptr, pcre_uint32 d, pcre_uint32 *ocptr,
2915 pcre_uint32 *odptr)
2916 {
2917 pcre_uint32 c, othercase, next;
2918 int co;
2919
2920 /* Find the first character that has an other case. If it has multiple other
2921 cases, return its case offset value. */
2922
2923 for (c = *cptr; c <= d; c++)
2924 {
2925 if ((co = UCD_CASESET(c)) != 0)
2926 {
2927 *ocptr = c++; /* Character that has the set */
2928 *cptr = c; /* Rest of input range */
2929 return co;
2930 }
2931 if ((othercase = UCD_OTHERCASE(c)) != c) break;
2932 }
2933
2934 if (c > d) return -1; /* Reached end of range */
2935
2936 *ocptr = othercase;
2937 next = othercase + 1;
2938
2939 for (++c; c <= d; c++)
2940 {
2941 if (UCD_OTHERCASE(c) != next) break;
2942 next++;
2943 }
2944
2945 *odptr = next - 1; /* End of othercase range */
2946 *cptr = c; /* Rest of input range */
2947 return 0;
2948 }
2949
2950
2951
2952 /*************************************************
2953 * Check a character and a property *
2954 *************************************************/
2955
2956 /* This function is called by check_auto_possessive() when a property item
2957 is adjacent to a fixed character.
2958
2959 Arguments:
2960 c the character
2961 ptype the property type
2962 pdata the data for the type
2963 negated TRUE if it's a negated property (\P or \p{^)
2964
2965 Returns: TRUE if auto-possessifying is OK
2966 */
2967
2968 static BOOL
2969 check_char_prop(pcre_uint32 c, int ptype, int pdata, BOOL negated)
2970 {
2971 #ifdef SUPPORT_UCP
2972 const pcre_uint32 *p;
2973 #endif
2974
2975 const ucd_record *prop = GET_UCD(c);
2976
2977 switch(ptype)
2978 {
2979 case PT_LAMP:
2980 return (prop->chartype == ucp_Lu ||
2981 prop->chartype == ucp_Ll ||
2982 prop->chartype == ucp_Lt) == negated;
2983
2984 case PT_GC:
2985 return (pdata == PRIV(ucp_gentype)[prop->chartype]) == negated;
2986
2987 case PT_PC:
2988 return (pdata == prop->chartype) == negated;
2989
2990 case PT_SC:
2991 return (pdata == prop->script) == negated;
2992
2993 /* These are specials */
2994
2995 case PT_ALNUM:
2996 return (PRIV(ucp_gentype)[prop->chartype] == ucp_L ||
2997 PRIV(ucp_gentype)[prop->chartype] == ucp_N) == negated;
2998
2999 case PT_SPACE: /* Perl space */
3000 return (PRIV(ucp_gentype)[prop->chartype] == ucp_Z ||
3001 c == CHAR_HT || c == CHAR_NL || c == CHAR_FF || c == CHAR_CR)
3002 == negated;
3003
3004 case PT_PXSPACE: /* POSIX space */
3005 return (PRIV(ucp_gentype)[prop->chartype] == ucp_Z ||
3006 c == CHAR_HT || c == CHAR_NL || c == CHAR_VT ||
3007 c == CHAR_FF || c == CHAR_CR)
3008 == negated;
3009
3010 case PT_WORD:
3011 return (PRIV(ucp_gentype)[prop->chartype] == ucp_L ||
3012 PRIV(ucp_gentype)[prop->chartype] == ucp_N ||
3013 c == CHAR_UNDERSCORE) == negated;
3014
3015 #ifdef SUPPORT_UCP
3016 case PT_CLIST:
3017 p = PRIV(ucd_caseless_sets) + prop->caseset;
3018 for (;;)
3019 {
3020 if ((unsigned int)c < *p) return !negated;
3021 if ((unsigned int)c == *p++) return negated;
3022 }
3023 break; /* Control never reaches here */
3024 #endif
3025 }
3026
3027 return FALSE;
3028 }
3029 #endif /* SUPPORT_UCP */
3030
3031
3032
3033 /*************************************************
3034 * Check if auto-possessifying is possible *
3035 *************************************************/
3036
3037 /* This function is called for unlimited repeats of certain items, to see
3038 whether the next thing could possibly match the repeated item. If not, it makes
3039 sense to automatically possessify the repeated item.
3040
3041 Arguments:
3042 previous pointer to the repeated opcode
3043 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
3044 ptr next character in pattern
3045 options options bits
3046 cd contains pointers to tables etc.
3047
3048 Returns: TRUE if possessifying is wanted
3049 */
3050
3051 static BOOL
3052 check_auto_possessive(const pcre_uchar *previous, BOOL utf,
3053 const pcre_uchar *ptr, int options, compile_data *cd)
3054 {
3055 pcre_uint32 c = NOTACHAR;
3056 pcre_uint32 next;
3057 int escape;
3058 pcre_uchar op_code = *previous++;
3059
3060 /* Skip whitespace and comments in extended mode */
3061
3062 if ((options & PCRE_EXTENDED) != 0)
3063 {
3064 for (;;)
3065 {
3066 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_space) != 0) ptr++;
3067 if (*ptr == CHAR_NUMBER_SIGN)
3068 {
3069 ptr++;
3070 while (*ptr != 0)
3071 {
3072 if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }
3073 ptr++;
3074 #ifdef SUPPORT_UTF
3075 if (utf) FORWARDCHAR(ptr);
3076 #endif
3077 }
3078 }
3079 else break;
3080 }
3081 }
3082
3083 /* If the next item is one that we can handle, get its value. A non-negative
3084 value is a character, a negative value is an escape value. */
3085
3086 if (*ptr == CHAR_BACKSLASH)
3087 {
3088 int temperrorcode = 0;
3089 escape = check_escape(&ptr, &next, &temperrorcode, cd->bracount, options, FALSE);
3090 if (temperrorcode != 0) return FALSE;
3091 ptr++; /* Point after the escape sequence */
3092 }
3093 else if (!MAX_255(*ptr) || (cd->ctypes[*ptr] & ctype_meta) == 0)
3094 {
3095 escape = 0;
3096 #ifdef SUPPORT_UTF
3097 if (utf) { GETCHARINC(next, ptr); } else
3098 #endif
3099 next = *ptr++;
3100 }
3101 else return FALSE;
3102
3103 /* Skip whitespace and comments in extended mode */
3104
3105 if ((options & PCRE_EXTENDED) != 0)
3106 {
3107 for (;;)
3108 {
3109 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_space) != 0) ptr++;
3110 if (*ptr == CHAR_NUMBER_SIGN)
3111 {
3112 ptr++;
3113 while (*ptr != 0)
3114 {
3115 if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }
3116 ptr++;
3117 #ifdef SUPPORT_UTF
3118 if (utf) FORWARDCHAR(ptr);
3119 #endif
3120 }
3121 }
3122 else break;
3123 }
3124 }
3125
3126 /* If the next thing is itself optional, we have to give up. */
3127
3128 if (*ptr == CHAR_ASTERISK || *ptr == CHAR_QUESTION_MARK ||
3129 STRNCMP_UC_C8(ptr, STR_LEFT_CURLY_BRACKET STR_0 STR_COMMA, 3) == 0)
3130 return FALSE;
3131
3132 /* If the previous item is a character, get its value. */
3133
3134 if (op_code == OP_CHAR || op_code == OP_CHARI ||
3135 op_code == OP_NOT || op_code == OP_NOTI)
3136 {
3137 #ifdef SUPPORT_UTF
3138 GETCHARTEST(c, previous);
3139 #else
3140 c = *previous;
3141 #endif
3142 }
3143
3144 /* Now compare the next item with the previous opcode. First, handle cases when
3145 the next item is a character. */
3146
3147 if (escape == 0)
3148 {
3149 /* For a caseless UTF match, the next character may have more than one other
3150 case, which maps to the special PT_CLIST property. Check this first. */
3151
3152 #ifdef SUPPORT_UCP
3153 if (utf && c != NOTACHAR && (options & PCRE_CASELESS) != 0)
3154 {
3155 int ocs = UCD_CASESET(next);
3156 if (ocs > 0) return check_char_prop(c, PT_CLIST, ocs, op_code >= OP_NOT);
3157 }
3158 #endif
3159
3160 switch(op_code)
3161 {
3162 case OP_CHAR:
3163 return c != next;
3164
3165 /* For CHARI (caseless character) we must check the other case. If we have
3166 Unicode property support, we can use it to test the other case of
3167 high-valued characters. We know that next can have only one other case,
3168 because multi-other-case characters are dealt with above. */
3169
3170 case OP_CHARI:
3171 if (c == next) return FALSE;
3172 #ifdef SUPPORT_UTF
3173 if (utf)
3174 {
3175 pcre_uint32 othercase;
3176 if (next < 128) othercase = cd->fcc[next]; else
3177 #ifdef SUPPORT_UCP
3178 othercase = UCD_OTHERCASE(next);
3179 #else
3180 othercase = NOTACHAR;
3181 #endif
3182 return c != othercase;
3183 }
3184 else
3185 #endif /* SUPPORT_UTF */
3186 return (c != TABLE_GET(next, cd->fcc, next)); /* Not UTF */
3187
3188 case OP_NOT:
3189 return c == next;
3190
3191 case OP_NOTI:
3192 if (c == next) return TRUE;
3193 #ifdef SUPPORT_UTF
3194 if (utf)
3195 {
3196 pcre_uint32 othercase;
3197 if (next < 128) othercase = cd->fcc[next]; else
3198 #ifdef SUPPORT_UCP
3199 othercase = UCD_OTHERCASE(next);
3200 #else
3201 othercase = NOTACHAR;
3202 #endif
3203 return c == othercase;
3204 }
3205 else
3206 #endif /* SUPPORT_UTF */
3207 return (c == TABLE_GET(next, cd->fcc, next)); /* Not UTF */
3208
3209 /* Note that OP_DIGIT etc. are generated only when PCRE_UCP is *not* set.
3210 When it is set, \d etc. are converted into OP_(NOT_)PROP codes. */
3211
3212 case OP_DIGIT:
3213 return next > 255 || (cd->ctypes[next] & ctype_digit) == 0;
3214
3215 case OP_NOT_DIGIT:
3216 return next <= 255 && (cd->ctypes[next] & ctype_digit) != 0;
3217
3218 case OP_WHITESPACE:
3219 return next > 255 || (cd->ctypes[next] & ctype_space) == 0;
3220
3221 case OP_NOT_WHITESPACE:
3222 return next <= 255 && (cd->ctypes[next] & ctype_space) != 0;
3223
3224 case OP_WORDCHAR:
3225 return next > 255 || (cd->ctypes[next] & ctype_word) == 0;
3226
3227 case OP_NOT_WORDCHAR:
3228 return next <= 255 && (cd->ctypes[next] & ctype_word) != 0;
3229
3230 case OP_HSPACE:
3231 case OP_NOT_HSPACE:
3232 switch(next)
3233 {
3234 HSPACE_CASES:
3235 return op_code == OP_NOT_HSPACE;
3236
3237 default:
3238 return op_code != OP_NOT_HSPACE;
3239 }
3240
3241 case OP_ANYNL:
3242 case OP_VSPACE:
3243 case OP_NOT_VSPACE:
3244 switch(next)
3245 {
3246 VSPACE_CASES:
3247 return op_code == OP_NOT_VSPACE;
3248
3249 default:
3250 return op_code != OP_NOT_VSPACE;
3251 }
3252
3253 #ifdef SUPPORT_UCP
3254 case OP_PROP:
3255 return check_char_prop(next, (int)previous[0], (int)previous[1], FALSE);
3256
3257 case OP_NOTPROP:
3258 return check_char_prop(next, (int)previous[0], (int)previous[1], TRUE);
3259 #endif
3260
3261 default:
3262 return FALSE;
3263 }
3264 }
3265
3266 /* Handle the case when the next item is \d, \s, etc. Note that when PCRE_UCP
3267 is set, \d turns into ESC_du rather than ESC_d, etc., so ESC_d etc. are
3268 generated only when PCRE_UCP is *not* set, that is, when only ASCII
3269 characteristics are recognized. Similarly, the opcodes OP_DIGIT etc. are
3270 replaced by OP_PROP codes when PCRE_UCP is set. */
3271
3272 switch(op_code)
3273 {
3274 case OP_CHAR:
3275 case OP_CHARI:
3276 switch(escape)
3277 {
3278 case ESC_d:
3279 return c > 255 || (cd->ctypes[c] & ctype_digit) == 0;
3280
3281 case ESC_D:
3282 return c <= 255 && (cd->ctypes[c] & ctype_digit) != 0;
3283
3284 case ESC_s:
3285 return c > 255 || (cd->ctypes[c] & ctype_space) == 0;
3286
3287 case ESC_S:
3288 return c <= 255 && (cd->ctypes[c] & ctype_space) != 0;
3289
3290 case ESC_w:
3291 return c > 255 || (cd->ctypes[c] & ctype_word) == 0;
3292
3293 case ESC_W:
3294 return c <= 255 && (cd->ctypes[c] & ctype_word) != 0;
3295
3296 case ESC_h:
3297 case ESC_H:
3298 switch(c)
3299 {
3300 HSPACE_CASES:
3301 return escape != ESC_h;
3302
3303 default:
3304 return escape == ESC_h;
3305 }
3306
3307 case ESC_v:
3308 case ESC_V:
3309 switch(c)
3310 {
3311 VSPACE_CASES:
3312 return escape != ESC_v;
3313
3314 default:
3315 return escape == ESC_v;
3316 }
3317
3318 /* When PCRE_UCP is set, these values get generated for \d etc. Find
3319 their substitutions and process them. The result will always be either
3320 ESC_p or ESC_P. Then fall through to process those values. */
3321
3322 #ifdef SUPPORT_UCP
3323 case ESC_du:
3324 case ESC_DU:
3325 case ESC_wu:
3326 case ESC_WU:
3327 case ESC_su:
3328 case ESC_SU:
3329 {
3330 int temperrorcode = 0;
3331 ptr = substitutes[escape - ESC_DU];
3332 escape = check_escape(&ptr, &next, &temperrorcode, 0, options, FALSE);
3333 if (temperrorcode != 0) return FALSE;
3334 ptr++; /* For compatibility */
3335 }
3336 /* Fall through */
3337
3338 case ESC_p:
3339 case ESC_P:
3340 {
3341 int ptype, pdata, errorcodeptr;
3342 BOOL negated;
3343
3344 ptr--; /* Make ptr point at the p or P */
3345 ptype = get_ucp(&ptr, &negated, &pdata, &errorcodeptr);
3346 if (ptype < 0) return FALSE;
3347 ptr++; /* Point past the final curly ket */
3348
3349 /* If the property item is optional, we have to give up. (When generated
3350 from \d etc by PCRE_UCP, this test will have been applied much earlier,
3351 to the original \d etc. At this point, ptr will point to a zero byte. */
3352
3353 if (*ptr == CHAR_ASTERISK || *ptr == CHAR_QUESTION_MARK ||
3354 STRNCMP_UC_C8(ptr, STR_LEFT_CURLY_BRACKET STR_0 STR_COMMA, 3) == 0)
3355 return FALSE;
3356
3357 /* Do the property check. */
3358
3359 return check_char_prop(c, ptype, pdata, (escape == ESC_P) != negated);
3360 }
3361 #endif
3362
3363 default:
3364 return FALSE;
3365 }
3366
3367 /* In principle, support for Unicode properties should be integrated here as
3368 well. It means re-organizing the above code so as to get hold of the property
3369 values before switching on the op-code. However, I wonder how many patterns
3370 combine ASCII \d etc with Unicode properties? (Note that if PCRE_UCP is set,
3371 these op-codes are never generated.) */
3372
3373 case OP_DIGIT:
3374 return escape == ESC_D || escape == ESC_s || escape == ESC_W ||
3375 escape == ESC_h || escape == ESC_v || escape == ESC_R;
3376
3377 case OP_NOT_DIGIT:
3378 return escape == ESC_d;
3379
3380 case OP_WHITESPACE:
3381 return escape == ESC_S || escape == ESC_d || escape == ESC_w;
3382
3383 case OP_NOT_WHITESPACE:
3384 return escape == ESC_s || escape == ESC_h || escape == ESC_v || escape == ESC_R;
3385
3386 case OP_HSPACE:
3387 return escape == ESC_S || escape == ESC_H || escape == ESC_d ||
3388 escape == ESC_w || escape == ESC_v || escape == ESC_R;
3389
3390 case OP_NOT_HSPACE:
3391 return escape == ESC_h;
3392
3393 /* Can't have \S in here because VT matches \S (Perl anomaly) */
3394 case OP_ANYNL:
3395 case OP_VSPACE:
3396 return escape == ESC_V || escape == ESC_d || escape == ESC_w;
3397
3398 case OP_NOT_VSPACE:
3399 return escape == ESC_v || escape == ESC_R;
3400
3401 case OP_WORDCHAR:
3402 return escape == ESC_W || escape == ESC_s || escape == ESC_h ||
3403 escape == ESC_v || escape == ESC_R;
3404
3405 case OP_NOT_WORDCHAR:
3406 return escape == ESC_w || escape == ESC_d;
3407
3408 default:
3409 return FALSE;
3410 }
3411
3412 /* Control does not reach here */
3413 }
3414
3415
3416
3417 /*************************************************
3418 * Add a character or range to a class *
3419 *************************************************/
3420
3421 /* This function packages up the logic of adding a character or range of
3422 characters to a class. The character values in the arguments will be within the
3423 valid values for the current mode (8-bit, 16-bit, UTF, etc). This function is
3424 mutually recursive with the function immediately below.
3425
3426 Arguments:
3427 classbits the bit map for characters < 256
3428 uchardptr points to the pointer for extra data
3429 options the options word
3430 cd contains pointers to tables etc.
3431 start start of range character
3432 end end of range character
3433
3434 Returns: the number of < 256 characters added
3435 the pointer to extra data is updated
3436 */
3437
3438 static int
3439 add_to_class(pcre_uint8 *classbits, pcre_uchar **uchardptr, int options,
3440 compile_data *cd, pcre_uint32 start, pcre_uint32 end)
3441 {
3442 pcre_uint32 c;
3443 int n8 = 0;
3444
3445 /* If caseless matching is required, scan the range and process alternate
3446 cases. In Unicode, there are 8-bit characters that have alternate cases that
3447 are greater than 255 and vice-versa. Sometimes we can just extend the original
3448 range. */
3449
3450 if ((options & PCRE_CASELESS) != 0)
3451 {
3452 #ifdef SUPPORT_UCP
3453 if ((options & PCRE_UTF8) != 0)
3454 {
3455 int rc;
3456 pcre_uint32 oc, od;
3457
3458 options &= ~PCRE_CASELESS; /* Remove for recursive calls */
3459 c = start;
3460
3461 while ((rc = get_othercase_range(&c, end, &oc, &od)) >= 0)
3462 {
3463 /* Handle a single character that has more than one other case. */
3464
3465 if (rc > 0) n8 += add_list_to_class(classbits, uchardptr, options, cd,
3466 PRIV(ucd_caseless_sets) + rc, oc);
3467
3468 /* Do nothing if the other case range is within the original range. */
3469
3470 else if (oc >= start && od <= end) continue;
3471
3472 /* Extend the original range if there is overlap, noting that if oc < c, we
3473 can't have od > end because a subrange is always shorter than the basic
3474 range. Otherwise, use a recursive call to add the additional range. */
3475
3476 else if (oc < start && od >= start - 1) start = oc; /* Extend downwards */
3477 else if (od > end && oc <= end + 1) end = od; /* Extend upwards */
3478 else n8 += add_to_class(classbits, uchardptr, options, cd, oc, od);
3479 }
3480 }
3481 else
3482 #endif /* SUPPORT_UCP */
3483
3484 /* Not UTF-mode, or no UCP */
3485
3486 for (c = start; c <= end && c < 256; c++)
3487 {
3488 SETBIT(classbits, cd->fcc[c]);
3489 n8++;
3490 }
3491 }
3492
3493 /* Now handle the original range. Adjust the final value according to the bit
3494 length - this means that the same lists of (e.g.) horizontal spaces can be used
3495 in all cases. */
3496
3497 #if defined COMPILE_PCRE8
3498 #ifdef SUPPORT_UTF
3499 if ((options & PCRE_UTF8) == 0)
3500 #endif
3501 if (end > 0xff) end = 0xff;
3502
3503 #elif defined COMPILE_PCRE16
3504 #ifdef SUPPORT_UTF
3505 if ((options & PCRE_UTF16) == 0)
3506 #endif
3507 if (end > 0xffff) end = 0xffff;
3508
3509 #endif /* COMPILE_PCRE[8|16] */
3510
3511 /* If all characters are less than 256, use the bit map. Otherwise use extra
3512 data. */
3513
3514 if (end < 0x100)
3515 {
3516 for (c = start; c <= end; c++)
3517 {
3518 n8++;
3519 SETBIT(classbits, c);
3520 }
3521 }
3522
3523 else
3524 {
3525 pcre_uchar *uchardata = *uchardptr;
3526
3527 #ifdef SUPPORT_UTF
3528 if ((options & PCRE_UTF8) != 0) /* All UTFs use the same flag bit */
3529 {
3530 if (start < end)
3531 {
3532 *uchardata++ = XCL_RANGE;
3533 uchardata += PRIV(ord2utf)(start, uchardata);
3534 uchardata += PRIV(ord2utf)(end, uchardata);
3535 }
3536 else if (start == end)
3537 {
3538 *uchardata++ = XCL_SINGLE;
3539 uchardata += PRIV(ord2utf)(start, uchardata);
3540 }
3541 }
3542 else
3543 #endif /* SUPPORT_UTF */
3544
3545 /* Without UTF support, character values are constrained by the bit length,
3546 and can only be > 256 for 16-bit and 32-bit libraries. */
3547
3548 #ifdef COMPILE_PCRE8
3549 {}
3550 #else
3551 if (start < end)
3552 {
3553 *uchardata++ = XCL_RANGE;
3554 *uchardata++ = start;
3555 *uchardata++ = end;
3556 }
3557 else if (start == end)
3558 {
3559 *uchardata++ = XCL_SINGLE;
3560 *uchardata++ = start;
3561 }
3562 #endif
3563
3564 *uchardptr = uchardata; /* Updata extra data pointer */
3565 }
3566
3567 return n8; /* Number of 8-bit characters */
3568 }
3569
3570
3571
3572
3573 /*************************************************
3574 * Add a list of characters to a class *
3575 *************************************************/
3576
3577 /* This function is used for adding a list of case-equivalent characters to a
3578 class, and also for adding a list of horizontal or vertical whitespace. If the
3579 list is in order (which it should be), ranges of characters are detected and
3580 handled appropriately. This function is mutually recursive with the function
3581 above.
3582
3583 Arguments:
3584 classbits the bit map for characters < 256
3585 uchardptr points to the pointer for extra data
3586 options the options word
3587 cd contains pointers to tables etc.
3588 p points to row of 32-bit values, terminated by NOTACHAR
3589 except character to omit; this is used when adding lists of
3590 case-equivalent characters to avoid including the one we
3591 already know about
3592
3593 Returns: the number of < 256 characters added
3594 the pointer to extra data is updated
3595 */
3596
3597 static int
3598 add_list_to_class(pcre_uint8 *classbits, pcre_uchar **uchardptr, int options,
3599 compile_data *cd, const pcre_uint32 *p, unsigned int except)
3600 {
3601 int n8 = 0;
3602 while (p[0] < NOTACHAR)
3603 {
3604 int n = 0;
3605 if (p[0] != except)
3606 {
3607 while(p[n+1] == p[0] + n + 1) n++;
3608 n8 += add_to_class(classbits, uchardptr, options, cd, p[0], p[n]);
3609 }
3610 p += n + 1;
3611 }
3612 return n8;
3613 }
3614
3615
3616
3617 /*************************************************
3618 * Add characters not in a list to a class *
3619 *************************************************/
3620
3621 /* This function is used for adding the complement of a list of horizontal or
3622 vertical whitespace to a class. The list must be in order.
3623
3624 Arguments:
3625 classbits the bit map for characters < 256
3626 uchardptr points to the pointer for extra data
3627 options the options word
3628 cd contains pointers to tables etc.
3629 p points to row of 32-bit values, terminated by NOTACHAR
3630
3631 Returns: the number of < 256 characters added
3632 the pointer to extra data is updated
3633 */
3634
3635 static int
3636 add_not_list_to_class(pcre_uint8 *classbits, pcre_uchar **uchardptr,
3637 int options, compile_data *cd, const pcre_uint32 *p)
3638 {
3639 BOOL utf = (options & PCRE_UTF8) != 0;
3640 int n8 = 0;
3641 if (p[0] > 0)
3642 n8 += add_to_class(classbits, uchardptr, options, cd, 0, p[0] - 1);
3643 while (p[0] < NOTACHAR)
3644 {
3645 while (p[1] == p[0] + 1) p++;
3646 n8 += add_to_class(classbits, uchardptr, options, cd, p[0] + 1,
3647 (p[1] == NOTACHAR) ? (utf ? 0x10ffffu : 0xffffffffu) : p[1] - 1);
3648 p++;
3649 }
3650 return n8;
3651 }
3652
3653
3654
3655 /*************************************************
3656 * Compile one branch *
3657 *************************************************/
3658
3659 /* Scan the pattern, compiling it into the a vector. If the options are
3660 changed during the branch, the pointer is used to change the external options
3661 bits. This function is used during the pre-compile phase when we are trying
3662 to find out the amount of memory needed, as well as during the real compile
3663 phase. The value of lengthptr distinguishes the two phases.
3664
3665 Arguments:
3666 optionsptr pointer to the option bits
3667 codeptr points to the pointer to the current code point
3668 ptrptr points to the current pattern pointer
3669 errorcodeptr points to error code variable
3670 firstcharptr place to put the first required character
3671 firstcharflagsptr place to put the first character flags, or a negative number
3672 reqcharptr place to put the last required character
3673 reqcharflagsptr place to put the last required character flags, or a negative number
3674 bcptr points to current branch chain
3675 cond_depth conditional nesting depth
3676 cd contains pointers to tables etc.
3677 lengthptr NULL during the real compile phase
3678 points to length accumulator during pre-compile phase
3679
3680 Returns: TRUE on success
3681 FALSE, with *errorcodeptr set non-zero on error
3682 */
3683
3684 static BOOL
3685 compile_branch(int *optionsptr, pcre_uchar **codeptr,
3686 const pcre_uchar **ptrptr, int *errorcodeptr,
3687 pcre_uint32 *firstcharptr, pcre_int32 *firstcharflagsptr,
3688 pcre_uint32 *reqcharptr, pcre_int32 *reqcharflagsptr,
3689 branch_chain *bcptr, int cond_depth,
3690 compile_data *cd, int *lengthptr)
3691 {
3692 int repeat_type, op_type;
3693 int repeat_min = 0, repeat_max = 0; /* To please picky compilers */
3694 int bravalue = 0;
3695 int greedy_default, greedy_non_default;
3696 pcre_uint32 firstchar, reqchar;
3697 pcre_int32 firstcharflags, reqcharflags;
3698 pcre_uint32 zeroreqchar, zerofirstchar;
3699 pcre_int32 zeroreqcharflags, zerofirstcharflags;
3700 pcre_int32 req_caseopt, reqvary, tempreqvary;
3701 int options = *optionsptr; /* May change dynamically */
3702 int after_manual_callout = 0;
3703 int length_prevgroup = 0;
3704 register pcre_uint32 c;
3705 int escape;
3706 register pcre_uchar *code = *codeptr;
3707 pcre_uchar *last_code = code;
3708 pcre_uchar *orig_code = code;
3709 pcre_uchar *tempcode;
3710 BOOL inescq = FALSE;
3711 BOOL groupsetfirstchar = FALSE;
3712 const pcre_uchar *ptr = *ptrptr;
3713 const pcre_uchar *tempptr;
3714 const pcre_uchar *nestptr = NULL;
3715 pcre_uchar *previous = NULL;
3716 pcre_uchar *previous_callout = NULL;
3717 pcre_uchar *save_hwm = NULL;
3718 pcre_uint8 classbits[32];
3719
3720 /* We can fish out the UTF-8 setting once and for all into a BOOL, but we
3721 must not do this for other options (e.g. PCRE_EXTENDED) because they may change
3722 dynamically as we process the pattern. */
3723
3724 #ifdef SUPPORT_UTF
3725 /* PCRE_UTF[16|32] have the same value as PCRE_UTF8. */
3726 BOOL utf = (options & PCRE_UTF8) != 0;
3727 #ifndef COMPILE_PCRE32
3728 pcre_uchar utf_chars[6];
3729 #endif
3730 #else
3731 BOOL utf = FALSE;
3732 #endif
3733
3734 /* Helper variables for OP_XCLASS opcode (for characters > 255). We define
3735 class_uchardata always so that it can be passed to add_to_class() always,
3736 though it will not be used in non-UTF 8-bit cases. This avoids having to supply
3737 alternative calls for the different cases. */
3738
3739 pcre_uchar *class_uchardata;
3740 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3741 BOOL xclass;
3742 pcre_uchar *class_uchardata_base;
3743 #endif
3744
3745 #ifdef PCRE_DEBUG
3746 if (lengthptr != NULL) DPRINTF((">> start branch\n"));
3747 #endif
3748
3749 /* Set up the default and non-default settings for greediness */
3750
3751 greedy_default = ((options & PCRE_UNGREEDY) != 0);
3752 greedy_non_default = greedy_default ^ 1;
3753
3754 /* Initialize no first byte, no required byte. REQ_UNSET means "no char
3755 matching encountered yet". It gets changed to REQ_NONE if we hit something that
3756 matches a non-fixed char first char; reqchar just remains unset if we never
3757 find one.
3758
3759 When we hit a repeat whose minimum is zero, we may have to adjust these values
3760 to take the zero repeat into account. This is implemented by setting them to
3761 zerofirstbyte and zeroreqchar when such a repeat is encountered. The individual
3762 item types that can be repeated set these backoff variables appropriately. */
3763
3764 firstchar = reqchar = zerofirstchar = zeroreqchar = 0;
3765 firstcharflags = reqcharflags = zerofirstcharflags = zeroreqcharflags = REQ_UNSET;
3766
3767 /* The variable req_caseopt contains either the REQ_CASELESS value
3768 or zero, according to the current setting of the caseless flag. The
3769 REQ_CASELESS leaves the lower 28 bit empty. It is added into the
3770 firstchar or reqchar variables to record the case status of the
3771 value. This is used only for ASCII characters. */
3772
3773 req_caseopt = ((options & PCRE_CASELESS) != 0)? REQ_CASELESS:0;
3774
3775 /* Switch on next character until the end of the branch */
3776
3777 for (;; ptr++)
3778 {
3779 BOOL negate_class;
3780 BOOL should_flip_negation;
3781 BOOL possessive_quantifier;
3782 BOOL is_quantifier;
3783 BOOL is_recurse;
3784 BOOL reset_bracount;
3785 int class_has_8bitchar;
3786 int class_one_char;
3787 int newoptions;
3788 int recno;
3789 int refsign;
3790 int skipbytes;
3791 pcre_uint32 subreqchar, subfirstchar;
3792 pcre_int32 subreqcharflags, subfirstcharflags;
3793 int terminator;
3794 int mclength;
3795 int tempbracount;
3796 pcre_uint32 ec;
3797 pcre_uchar mcbuffer[8];
3798
3799 /* Get next character in the pattern */
3800
3801 c = *ptr;
3802
3803 /* If we are at the end of a nested substitution, revert to the outer level
3804 string. Nesting only happens one level deep. */
3805
3806 if (c == 0 && nestptr != NULL)
3807 {
3808 ptr = nestptr;
3809 nestptr = NULL;
3810 c = *ptr;
3811 }
3812
3813 /* If we are in the pre-compile phase, accumulate the length used for the
3814 previous cycle of this loop. */
3815
3816 if (lengthptr != NULL)
3817 {
3818 #ifdef PCRE_DEBUG
3819 if (code > cd->hwm) cd->hwm = code; /* High water info */
3820 #endif
3821 if (code > cd->start_workspace + cd->workspace_size -
3822 WORK_SIZE_SAFETY_MARGIN) /* Check for overrun */
3823 {
3824 *errorcodeptr = ERR52;
3825 goto FAILED;
3826 }
3827
3828 /* There is at least one situation where code goes backwards: this is the
3829 case of a zero quantifier after a class (e.g. [ab]{0}). At compile time,
3830 the class is simply eliminated. However, it is created first, so we have to
3831 allow memory for it. Therefore, don't ever reduce the length at this point.
3832 */
3833
3834 if (code < last_code) code = last_code;
3835
3836 /* Paranoid check for integer overflow */
3837
3838 if (OFLOW_MAX - *lengthptr < code - last_code)
3839 {
3840 *errorcodeptr = ERR20;
3841 goto FAILED;
3842 }
3843
3844 *lengthptr += (int)(code - last_code);
3845 DPRINTF(("length=%d added %d c=%c (0x%x)\n", *lengthptr,
3846 (int)(code - last_code), c, c));
3847
3848 /* If "previous" is set and it is not at the start of the work space, move
3849 it back to there, in order to avoid filling up the work space. Otherwise,
3850 if "previous" is NULL, reset the current code pointer to the start. */
3851
3852 if (previous != NULL)
3853 {
3854 if (previous > orig_code)
3855 {
3856 memmove(orig_code, previous, IN_UCHARS(code - previous));
3857 code -= previous - orig_code;
3858 previous = orig_code;
3859 }
3860 }
3861 else code = orig_code;
3862
3863 /* Remember where this code item starts so we can pick up the length
3864 next time round. */
3865
3866 last_code = code;
3867 }
3868
3869 /* In the real compile phase, just check the workspace used by the forward
3870 reference list. */
3871
3872 else if (cd->hwm > cd->start_workspace + cd->workspace_size -
3873 WORK_SIZE_SAFETY_MARGIN)
3874 {
3875 *errorcodeptr = ERR52;
3876 goto FAILED;
3877 }
3878
3879 /* If in \Q...\E, check for the end; if not, we have a literal */
3880
3881 if (inescq && c != 0)
3882 {
3883 if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E)
3884 {
3885 inescq = FALSE;
3886 ptr++;
3887 continue;
3888 }
3889 else
3890 {
3891 if (previous_callout != NULL)
3892 {
3893 if (lengthptr == NULL) /* Don't attempt in pre-compile phase */
3894 complete_callout(previous_callout, ptr, cd);
3895 previous_callout = NULL;
3896 }
3897 if ((options & PCRE_AUTO_CALLOUT) != 0)
3898 {
3899 previous_callout = code;
3900 code = auto_callout(code, ptr, cd);
3901 }
3902 goto NORMAL_CHAR;
3903 }
3904 }
3905
3906 /* Fill in length of a previous callout, except when the next thing is
3907 a quantifier. */
3908
3909 is_quantifier =
3910 c == CHAR_ASTERISK || c == CHAR_PLUS || c == CHAR_QUESTION_MARK ||
3911 (c == CHAR_LEFT_CURLY_BRACKET && is_counted_repeat(ptr+1));
3912
3913 if (!is_quantifier && previous_callout != NULL &&
3914 after_manual_callout-- <= 0)
3915 {
3916 if (lengthptr == NULL) /* Don't attempt in pre-compile phase */
3917 complete_callout(previous_callout, ptr, cd);
3918 previous_callout = NULL;
3919 }
3920
3921 /* In extended mode, skip white space and comments. */
3922
3923 if ((options & PCRE_EXTENDED) != 0)
3924 {
3925 if (MAX_255(*ptr) && (cd->ctypes[c] & ctype_space) != 0) continue;
3926 if (c == CHAR_NUMBER_SIGN)
3927 {
3928 ptr++;
3929 while (*ptr != 0)
3930 {
3931 if (IS_NEWLINE(ptr)) { ptr += cd->nllen - 1; break; }
3932 ptr++;
3933 #ifdef SUPPORT_UTF
3934 if (utf) FORWARDCHAR(ptr);
3935 #endif
3936 }
3937 if (*ptr != 0) continue;
3938
3939 /* Else fall through to handle end of string */
3940 c = 0;
3941 }
3942 }
3943
3944 /* No auto callout for quantifiers. */
3945
3946 if ((options & PCRE_AUTO_CALLOUT) != 0 && !is_quantifier)
3947 {
3948 previous_callout = code;
3949 code = auto_callout(code, ptr, cd);
3950 }
3951
3952 switch(c)
3953 {
3954 /* ===================================================================*/
3955 case 0: /* The branch terminates at string end */
3956 case CHAR_VERTICAL_LINE: /* or | or ) */
3957 case CHAR_RIGHT_PARENTHESIS:
3958 *firstcharptr = firstchar;
3959 *firstcharflagsptr = firstcharflags;
3960 *reqcharptr = reqchar;
3961 *reqcharflagsptr = reqcharflags;
3962 *codeptr = code;
3963 *ptrptr = ptr;
3964 if (lengthptr != NULL)
3965 {
3966 if (OFLOW_MAX - *lengthptr < code - last_code)
3967 {
3968 *errorcodeptr = ERR20;
3969 goto FAILED;
3970 }
3971 *lengthptr += (int)(code - last_code); /* To include callout length */
3972 DPRINTF((">> end branch\n"));
3973 }
3974 return TRUE;
3975
3976
3977 /* ===================================================================*/
3978 /* Handle single-character metacharacters. In multiline mode, ^ disables
3979 the setting of any following char as a first character. */
3980
3981 case CHAR_CIRCUMFLEX_ACCENT:
3982 previous = NULL;
3983 if ((options & PCRE_MULTILINE) != 0)
3984 {
3985 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
3986 *code++ = OP_CIRCM;
3987 }
3988 else *code++ = OP_CIRC;
3989 break;
3990
3991 case CHAR_DOLLAR_SIGN:
3992 previous = NULL;
3993 *code++ = ((options & PCRE_MULTILINE) != 0)? OP_DOLLM : OP_DOLL;
3994 break;
3995
3996 /* There can never be a first char if '.' is first, whatever happens about
3997 repeats. The value of reqchar doesn't change either. */
3998
3999 case CHAR_DOT:
4000 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
4001 zerofirstchar = firstchar;
4002 zerofirstcharflags = firstcharflags;
4003 zeroreqchar = reqchar;
4004 zeroreqcharflags = reqcharflags;
4005 previous = code;
4006 *code++ = ((options & PCRE_DOTALL) != 0)? OP_ALLANY: OP_ANY;
4007 break;
4008
4009
4010 /* ===================================================================*/
4011 /* Character classes. If the included characters are all < 256, we build a
4012 32-byte bitmap of the permitted characters, except in the special case
4013 where there is only one such character. For negated classes, we build the
4014 map as usual, then invert it at the end. However, we use a different opcode
4015 so that data characters > 255 can be handled correctly.
4016
4017 If the class contains characters outside the 0-255 range, a different
4018 opcode is compiled. It may optionally have a bit map for characters < 256,
4019 but those above are are explicitly listed afterwards. A flag byte tells
4020 whether the bitmap is present, and whether this is a negated class or not.
4021
4022 In JavaScript compatibility mode, an isolated ']' causes an error. In
4023 default (Perl) mode, it is treated as a data character. */
4024
4025 case CHAR_RIGHT_SQUARE_BRACKET:
4026 if ((cd->external_options & PCRE_JAVASCRIPT_COMPAT) != 0)
4027 {
4028 *errorcodeptr = ERR64;
4029 goto FAILED;
4030 }
4031 goto NORMAL_CHAR;
4032
4033 case CHAR_LEFT_SQUARE_BRACKET:
4034 previous = code;
4035
4036 /* PCRE supports POSIX class stuff inside a class. Perl gives an error if
4037 they are encountered at the top level, so we'll do that too. */
4038
4039 if ((ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
4040 ptr[1] == CHAR_EQUALS_SIGN) &&
4041 check_posix_syntax(ptr, &tempptr))
4042 {
4043 *errorcodeptr = (ptr[1] == CHAR_COLON)? ERR13 : ERR31;
4044 goto FAILED;
4045 }
4046
4047 /* If the first character is '^', set the negation flag and skip it. Also,
4048 if the first few characters (either before or after ^) are \Q\E or \E we
4049 skip them too. This makes for compatibility with Perl. */
4050
4051 negate_class = FALSE;
4052 for (;;)
4053 {
4054 c = *(++ptr);
4055 if (c == CHAR_BACKSLASH)
4056 {
4057 if (ptr[1] == CHAR_E)
4058 ptr++;
4059 else if (STRNCMP_UC_C8(ptr + 1, STR_Q STR_BACKSLASH STR_E, 3) == 0)
4060 ptr += 3;
4061 else
4062 break;
4063 }
4064 else if (!negate_class && c == CHAR_CIRCUMFLEX_ACCENT)
4065 negate_class = TRUE;
4066 else break;
4067 }
4068
4069 /* Empty classes are allowed in JavaScript compatibility mode. Otherwise,
4070 an initial ']' is taken as a data character -- the code below handles
4071 that. In JS mode, [] must always fail, so generate OP_FAIL, whereas
4072 [^] must match any character, so generate OP_ALLANY. */
4073
4074 if (c == CHAR_RIGHT_SQUARE_BRACKET &&
4075 (cd->external_options & PCRE_JAVASCRIPT_COMPAT) != 0)
4076 {
4077 *code++ = negate_class? OP_ALLANY : OP_FAIL;
4078 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
4079 zerofirstchar = firstchar;
4080 zerofirstcharflags = firstcharflags;
4081 break;
4082 }
4083
4084 /* If a class contains a negative special such as \S, we need to flip the
4085 negation flag at the end, so that support for characters > 255 works
4086 correctly (they are all included in the class). */
4087
4088 should_flip_negation = FALSE;
4089
4090 /* For optimization purposes, we track some properties of the class:
4091 class_has_8bitchar will be non-zero if the class contains at least one <
4092 256 character; class_one_char will be 1 if the class contains just one
4093 character. */
4094
4095 class_has_8bitchar = 0;
4096 class_one_char = 0;
4097
4098 /* Initialize the 32-char bit map to all zeros. We build the map in a
4099 temporary bit of memory, in case the class contains fewer than two
4100 8-bit characters because in that case the compiled code doesn't use the bit
4101 map. */
4102
4103 memset(classbits, 0, 32 * sizeof(pcre_uint8));
4104
4105 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4106 xclass = FALSE;
4107 class_uchardata = code + LINK_SIZE + 2; /* For XCLASS items */
4108 class_uchardata_base = class_uchardata; /* Save the start */
4109 #endif
4110
4111 /* Process characters until ] is reached. By writing this as a "do" it
4112 means that an initial ] is taken as a data character. At the start of the
4113 loop, c contains the first byte of the character. */
4114
4115 if (c != 0) do
4116 {
4117 const pcre_uchar *oldptr;
4118
4119 #ifdef SUPPORT_UTF
4120 if (utf && HAS_EXTRALEN(c))
4121 { /* Braces are required because the */
4122 GETCHARLEN(c, ptr, ptr); /* macro generates multiple statements */
4123 }
4124 #endif
4125
4126 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4127 /* In the pre-compile phase, accumulate the length of any extra
4128 data and reset the pointer. This is so that very large classes that
4129 contain a zillion > 255 characters no longer overwrite the work space
4130 (which is on the stack). We have to remember that there was XCLASS data,
4131 however. */
4132
4133 if (lengthptr != NULL && class_uchardata > class_uchardata_base)
4134 {
4135 xclass = TRUE;
4136 *lengthptr += class_uchardata - class_uchardata_base;
4137 class_uchardata = class_uchardata_base;
4138 }
4139 #endif
4140
4141 /* Inside \Q...\E everything is literal except \E */
4142
4143 if (inescq)
4144 {
4145 if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E) /* If we are at \E */
4146 {
4147 inescq = FALSE; /* Reset literal state */
4148 ptr++; /* Skip the 'E' */
4149 continue; /* Carry on with next */
4150 }
4151 goto CHECK_RANGE; /* Could be range if \E follows */
4152 }
4153
4154 /* Handle POSIX class names. Perl allows a negation extension of the
4155 form [:^name:]. A square bracket that doesn't match the syntax is
4156 treated as a literal. We also recognize the POSIX constructions
4157 [.ch.] and [=ch=] ("collating elements") and fault them, as Perl
4158 5.6 and 5.8 do. */
4159
4160 if (c == CHAR_LEFT_SQUARE_BRACKET &&
4161 (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
4162 ptr[1] == CHAR_EQUALS_SIGN) && check_posix_syntax(ptr, &tempptr))
4163 {
4164 BOOL local_negate = FALSE;
4165 int posix_class, taboffset, tabopt;
4166 register const pcre_uint8 *cbits = cd->cbits;
4167 pcre_uint8 pbits[32];
4168
4169 if (ptr[1] != CHAR_COLON)
4170 {
4171 *errorcodeptr = ERR31;
4172 goto FAILED;
4173 }
4174
4175 ptr += 2;
4176 if (*ptr == CHAR_CIRCUMFLEX_ACCENT)
4177 {
4178 local_negate = TRUE;
4179 should_flip_negation = TRUE; /* Note negative special */
4180 ptr++;
4181 }
4182
4183 posix_class = check_posix_name(ptr, (int)(tempptr - ptr));
4184 if (posix_class < 0)
4185 {
4186 *errorcodeptr = ERR30;
4187 goto FAILED;
4188 }
4189
4190 /* If matching is caseless, upper and lower are converted to
4191 alpha. This relies on the fact that the class table starts with
4192 alpha, lower, upper as the first 3 entries. */
4193
4194 if ((options & PCRE_CASELESS) != 0 && posix_class <= 2)
4195 posix_class = 0;
4196
4197 /* When PCRE_UCP is set, some of the POSIX classes are converted to
4198 different escape sequences that use Unicode properties. */
4199
4200 #ifdef SUPPORT_UCP
4201 if ((options & PCRE_UCP) != 0)
4202 {
4203 int pc = posix_class + ((local_negate)? POSIX_SUBSIZE/2 : 0);
4204 if (posix_substitutes[pc] != NULL)
4205 {
4206 nestptr = tempptr + 1;
4207 ptr = posix_substitutes[pc] - 1;
4208 continue;
4209 }
4210 }
4211 #endif
4212 /* In the non-UCP case, we build the bit map for the POSIX class in a
4213 chunk of local store because we may be adding and subtracting from it,
4214 and we don't want to subtract bits that may be in the main map already.
4215 At the end we or the result into the bit map that is being built. */
4216
4217 posix_class *= 3;
4218
4219 /* Copy in the first table (always present) */
4220
4221 memcpy(pbits, cbits + posix_class_maps[posix_class],
4222 32 * sizeof(pcre_uint8));
4223
4224 /* If there is a second table, add or remove it as required. */
4225
4226 taboffset = posix_class_maps[posix_class + 1];
4227 tabopt = posix_class_maps[posix_class + 2];
4228
4229 if (taboffset >= 0)
4230 {
4231 if (tabopt >= 0)
4232 for (c = 0; c < 32; c++) pbits[c] |= cbits[c + taboffset];
4233 else
4234 for (c = 0; c < 32; c++) pbits[c] &= ~cbits[c + taboffset];
4235 }
4236
4237 /* Now see if we need to remove any special characters. An option
4238 value of 1 removes vertical space and 2 removes underscore. */
4239
4240 if (tabopt < 0) tabopt = -tabopt;
4241 if (tabopt == 1) pbits[1] &= ~0x3c;
4242 else if (tabopt == 2) pbits[11] &= 0x7f;
4243
4244 /* Add the POSIX table or its complement into the main table that is
4245 being built and we are done. */
4246
4247 if (local_negate)
4248 for (c = 0; c < 32; c++) classbits[c] |= ~pbits[c];
4249 else
4250 for (c = 0; c < 32; c++) classbits[c] |= pbits[c];
4251
4252 ptr = tempptr + 1;
4253 /* Every class contains at least one < 256 character. */
4254 class_has_8bitchar = 1;
4255 /* Every class contains at least two characters. */
4256 class_one_char = 2;
4257 continue; /* End of POSIX syntax handling */
4258 }
4259
4260 /* Backslash may introduce a single character, or it may introduce one
4261 of the specials, which just set a flag. The sequence \b is a special
4262 case. Inside a class (and only there) it is treated as backspace. We
4263 assume that other escapes have more than one character in them, so
4264 speculatively set both class_has_8bitchar and class_one_char bigger
4265 than one. Unrecognized escapes fall through and are either treated
4266 as literal characters (by default), or are faulted if
4267 PCRE_EXTRA is set. */
4268
4269 if (c == CHAR_BACKSLASH)
4270 {
4271 escape = check_escape(&ptr, &ec, errorcodeptr, cd->bracount, options, TRUE);
4272
4273 if (*errorcodeptr != 0) goto FAILED;
4274
4275 if (escape == 0)
4276 c = ec;
4277 else if (escape == ESC_b) c = CHAR_BS; /* \b is backspace in a class */
4278 else if (escape == ESC_N) /* \N is not supported in a class */
4279 {
4280 *errorcodeptr = ERR71;
4281 goto FAILED;
4282 }
4283 else if (escape == ESC_Q) /* Handle start of quoted string */
4284 {
4285 if (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
4286 {
4287 ptr += 2; /* avoid empty string */
4288 }
4289 else inescq = TRUE;
4290 continue;
4291 }
4292 else if (escape == ESC_E) continue; /* Ignore orphan \E */
4293
4294 else
4295 {
4296 register const pcre_uint8 *cbits = cd->cbits;
4297 /* Every class contains at least two < 256 characters. */
4298 class_has_8bitchar++;
4299 /* Every class contains at least two characters. */
4300 class_one_char += 2;
4301
4302 switch (escape)
4303 {
4304 #ifdef SUPPORT_UCP
4305 case ESC_du: /* These are the values given for \d etc */
4306 case ESC_DU: /* when PCRE_UCP is set. We replace the */
4307 case ESC_wu: /* escape sequence with an appropriate \p */
4308 case ESC_WU: /* or \P to test Unicode properties instead */
4309 case ESC_su: /* of the default ASCII testing. */
4310 case ESC_SU:
4311 nestptr = ptr;
4312 ptr = substitutes[escape - ESC_DU] - 1; /* Just before substitute */
4313 class_has_8bitchar--; /* Undo! */
4314 continue;
4315 #endif
4316 case ESC_d:
4317 for (c = 0; c < 32; c++) classbits[c] |= cbits[c+cbit_digit];
4318 continue;
4319
4320 case ESC_D:
4321 should_flip_negation = TRUE;
4322 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_digit];
4323 continue;
4324
4325 case ESC_w:
4326 for (c = 0; c < 32; c++) classbits[c] |= cbits[c+cbit_word];
4327 continue;
4328
4329 case ESC_W:
4330 should_flip_negation = TRUE;
4331 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_word];
4332 continue;
4333
4334 /* Perl 5.004 onwards omits VT from \s, but we must preserve it
4335 if it was previously set by something earlier in the character
4336 class. Luckily, the value of CHAR_VT is 0x0b in both ASCII and
4337 EBCDIC, so we lazily just adjust the appropriate bit. */
4338
4339 case ESC_s:
4340 classbits[0] |= cbits[cbit_space];
4341 classbits[1] |= cbits[cbit_space+1] & ~0x08;
4342 for (c = 2; c < 32; c++) classbits[c] |= cbits[c+cbit_space];
4343 continue;
4344
4345 case ESC_S:
4346 should_flip_negation = TRUE;
4347 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_space];
4348 classbits[1] |= 0x08; /* Perl 5.004 onwards omits VT from \s */
4349 continue;
4350
4351 /* The rest apply in both UCP and non-UCP cases. */
4352
4353 case ESC_h:
4354 (void)add_list_to_class(classbits, &class_uchardata, options, cd,
4355 PRIV(hspace_list), NOTACHAR);
4356 continue;
4357
4358 case ESC_H:
4359 (void)add_not_list_to_class(classbits, &class_uchardata, options,
4360 cd, PRIV(hspace_list));
4361 continue;
4362
4363 case ESC_v:
4364 (void)add_list_to_class(classbits, &class_uchardata, options, cd,
4365 PRIV(vspace_list), NOTACHAR);
4366 continue;
4367
4368 case ESC_V:
4369 (void)add_not_list_to_class(classbits, &class_uchardata, options,
4370 cd, PRIV(vspace_list));
4371 continue;
4372
4373 #ifdef SUPPORT_UCP
4374 case ESC_p:
4375 case ESC_P:
4376 {
4377 BOOL negated;
4378 int pdata;
4379 int ptype = get_ucp(&ptr, &negated, &pdata, errorcodeptr);
4380 if (ptype < 0) goto FAILED;
4381 *class_uchardata++ = ((escape == ESC_p) != negated)?
4382 XCL_PROP : XCL_NOTPROP;
4383 *class_uchardata++ = ptype;
4384 *class_uchardata++ = pdata;
4385 class_has_8bitchar--; /* Undo! */
4386 continue;
4387 }
4388 #endif
4389 /* Unrecognized escapes are faulted if PCRE is running in its
4390 strict mode. By default, for compatibility with Perl, they are
4391 treated as literals. */
4392
4393 default:
4394 if ((options & PCRE_EXTRA) != 0)
4395 {
4396 *errorcodeptr = ERR7;
4397 goto FAILED;
4398 }
4399 class_has_8bitchar--; /* Undo the speculative increase. */
4400 class_one_char -= 2; /* Undo the speculative increase. */
4401 c = *ptr; /* Get the final character and fall through */
4402 break;
4403 }
4404 }
4405
4406 /* Fall through if the escape just defined a single character (c >= 0).
4407 This may be greater than 256. */
4408
4409 escape = 0;
4410
4411 } /* End of backslash handling */
4412
4413 /* A character may be followed by '-' to form a range. However, Perl does
4414 not permit ']' to be the end of the range. A '-' character at the end is
4415 treated as a literal. Perl ignores orphaned \E sequences entirely. The
4416 code for handling \Q and \E is messy. */
4417
4418 CHECK_RANGE:
4419 while (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
4420 {
4421 inescq = FALSE;
4422 ptr += 2;
4423 }
4424 oldptr = ptr;
4425
4426 /* Remember if \r or \n were explicitly used */
4427
4428 if (c == CHAR_CR || c == CHAR_NL) cd->external_flags |= PCRE_HASCRORLF;
4429
4430 /* Check for range */
4431
4432 if (!inescq && ptr[1] == CHAR_MINUS)
4433 {
4434 pcre_uint32 d;
4435 ptr += 2;
4436 while (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_E) ptr += 2;
4437
4438 /* If we hit \Q (not followed by \E) at this point, go into escaped
4439 mode. */
4440
4441 while (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_Q)
4442 {
4443 ptr += 2;
4444 if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_E)
4445 { ptr += 2; continue; }
4446 inescq = TRUE;
4447 break;
4448 }
4449
4450 /* Minus (hyphen) at the end of a class is treated as a literal, so put
4451 back the pointer and jump to handle the character that preceded it. */
4452
4453 if (*ptr == 0 || (!inescq && *ptr == CHAR_RIGHT_SQUARE_BRACKET))
4454 {
4455 ptr = oldptr;
4456 goto CLASS_SINGLE_CHARACTER;
4457 }
4458
4459 /* Otherwise, we have a potential range; pick up the next character */
4460
4461 #ifdef SUPPORT_UTF
4462 if (utf)
4463 { /* Braces are required because the */
4464 GETCHARLEN(d, ptr, ptr); /* macro generates multiple statements */
4465 }
4466 else
4467 #endif
4468 d = *ptr; /* Not UTF-8 mode */
4469
4470 /* The second part of a range can be a single-character escape, but
4471 not any of the other escapes. Perl 5.6 treats a hyphen as a literal
4472 in such circumstances. */
4473
4474 if (!inescq && d == CHAR_BACKSLASH)
4475 {
4476 int descape;
4477 descape = check_escape(&ptr, &d, errorcodeptr, cd->bracount, options, TRUE);
4478 if (*errorcodeptr != 0) goto FAILED;
4479
4480 /* \b is backspace; any other special means the '-' was literal. */
4481
4482 if (descape != 0)
4483 {
4484 if (descape == ESC_b) d = CHAR_BS; else
4485 {
4486 ptr = oldptr;
4487 goto CLASS_SINGLE_CHARACTER; /* A few lines below */
4488 }
4489 }
4490 }
4491
4492 /* Check that the two values are in the correct order. Optimize
4493 one-character ranges. */
4494
4495 if (d < c)
4496 {
4497 *errorcodeptr = ERR8;
4498 goto FAILED;
4499 }
4500 if (d == c) goto CLASS_SINGLE_CHARACTER; /* A few lines below */
4501
4502 /* We have found a character range, so single character optimizations
4503 cannot be done anymore. Any value greater than 1 indicates that there
4504 is more than one character. */
4505
4506 class_one_char = 2;
4507
4508 /* Remember an explicit \r or \n, and add the range to the class. */
4509
4510 if (d == CHAR_CR || d == CHAR_NL) cd->external_flags |= PCRE_HASCRORLF;
4511
4512 class_has_8bitchar +=
4513 add_to_class(classbits, &class_uchardata, options, cd, c, d);
4514
4515 continue; /* Go get the next char in the class */
4516 }
4517
4518 /* Handle a single character - we can get here for a normal non-escape
4519 char, or after \ that introduces a single character or for an apparent
4520 range that isn't. Only the value 1 matters for class_one_char, so don't
4521 increase it if it is already 2 or more ... just in case there's a class
4522 with a zillion characters in it. */
4523
4524 CLASS_SINGLE_CHARACTER:
4525 if (class_one_char < 2) class_one_char++;
4526
4527 /* If class_one_char is 1, we have the first single character in the
4528 class, and there have been no prior ranges, or XCLASS items generated by
4529 escapes. If this is the final character in the class, we can optimize by
4530 turning the item into a 1-character OP_CHAR[I] if it's positive, or
4531 OP_NOT[I] if it's negative. In the positive case, it can cause firstchar
4532 to be set. Otherwise, there can be no first char if this item is first,
4533 whatever repeat count may follow. In the case of reqchar, save the
4534 previous value for reinstating. */
4535
4536 if (class_one_char == 1 && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
4537 {
4538 ptr++;
4539 zeroreqchar = reqchar;
4540 zeroreqcharflags = reqcharflags;
4541
4542 if (negate_class)
4543 {
4544 #ifdef SUPPORT_UCP
4545 int d;
4546 #endif
4547 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
4548 zerofirstchar = firstchar;
4549 zerofirstcharflags = firstcharflags;
4550
4551 /* For caseless UTF-8 mode when UCP support is available, check
4552 whether this character has more than one other case. If so, generate
4553 a special OP_NOTPROP item instead of OP_NOTI. */
4554
4555 #ifdef SUPPORT_UCP
4556 if (utf && (options & PCRE_CASELESS) != 0 &&
4557 (d = UCD_CASESET(c)) != 0)
4558 {
4559 *code++ = OP_NOTPROP;
4560 *code++ = PT_CLIST;
4561 *code++ = d;
4562 }
4563 else
4564 #endif
4565 /* Char has only one other case, or UCP not available */
4566
4567 {
4568 *code++ = ((options & PCRE_CASELESS) != 0)? OP_NOTI: OP_NOT;
4569 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4570 if (utf && c > MAX_VALUE_FOR_SINGLE_CHAR)
4571 code += PRIV(ord2utf)(c, code);
4572 else
4573 #endif
4574 *code++ = c;
4575 }
4576
4577 /* We are finished with this character class */
4578
4579 goto END_CLASS;
4580 }
4581
4582 /* For a single, positive character, get the value into mcbuffer, and
4583 then we can handle this with the normal one-character code. */
4584
4585 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4586 if (utf && c > MAX_VALUE_FOR_SINGLE_CHAR)
4587 mclength = PRIV(ord2utf)(c, mcbuffer);
4588 else
4589 #endif
4590 {
4591 mcbuffer[0] = c;
4592 mclength = 1;
4593 }
4594 goto ONE_CHAR;
4595 } /* End of 1-char optimization */
4596
4597 /* There is more than one character in the class, or an XCLASS item
4598 has been generated. Add this character to the class. */
4599
4600 class_has_8bitchar +=
4601 add_to_class(classbits, &class_uchardata, options, cd, c, c);
4602 }
4603
4604 /* Loop until ']' reached. This "while" is the end of the "do" far above.
4605 If we are at the end of an internal nested string, revert to the outer
4606 string. */
4607
4608 while (((c = *(++ptr)) != 0 ||
4609 (nestptr != NULL &&
4610 (ptr = nestptr, nestptr = NULL, c = *(++ptr)) != 0)) &&
4611 (c != CHAR_RIGHT_SQUARE_BRACKET || inescq));
4612
4613 /* Check for missing terminating ']' */
4614
4615 if (c == 0)
4616 {
4617 *errorcodeptr = ERR6;
4618 goto FAILED;
4619 }
4620
4621 /* We will need an XCLASS if data has been placed in class_uchardata. In
4622 the second phase this is a sufficient test. However, in the pre-compile
4623 phase, class_uchardata gets emptied to prevent workspace overflow, so it
4624 only if the very last character in the class needs XCLASS will it contain
4625 anything at this point. For this reason, xclass gets set TRUE above when
4626 uchar_classdata is emptied, and that's why this code is the way it is here
4627 instead of just doing a test on class_uchardata below. */
4628
4629 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4630 if (class_uchardata > class_uchardata_base) xclass = TRUE;
4631 #endif
4632
4633 /* If this is the first thing in the branch, there can be no first char
4634 setting, whatever the repeat count. Any reqchar setting must remain
4635 unchanged after any kind of repeat. */
4636
4637 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
4638 zerofirstchar = firstchar;
4639 zerofirstcharflags = firstcharflags;
4640 zeroreqchar = reqchar;
4641 zeroreqcharflags = reqcharflags;
4642
4643 /* If there are characters with values > 255, we have to compile an
4644 extended class, with its own opcode, unless there was a negated special
4645 such as \S in the class, and PCRE_UCP is not set, because in that case all
4646 characters > 255 are in the class, so any that were explicitly given as
4647 well can be ignored. If (when there are explicit characters > 255 that must
4648 be listed) there are no characters < 256, we can omit the bitmap in the
4649 actual compiled code. */
4650
4651 #ifdef SUPPORT_UTF
4652 if (xclass && (!should_flip_negation || (options & PCRE_UCP) != 0))
4653 #elif !defined COMPILE_PCRE8
4654 if (xclass && !should_flip_negation)
4655 #endif
4656 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4657 {
4658 *class_uchardata++ = XCL_END; /* Marks the end of extra data */
4659 *code++ = OP_XCLASS;
4660 code += LINK_SIZE;
4661 *code = negate_class? XCL_NOT:0;
4662
4663 /* If the map is required, move up the extra data to make room for it;
4664 otherwise just move the code pointer to the end of the extra data. */
4665
4666 if (class_has_8bitchar > 0)
4667 {
4668 *code++ |= XCL_MAP;
4669 memmove(code + (32 / sizeof(pcre_uchar)), code,
4670 IN_UCHARS(class_uchardata - code));
4671 memcpy(code, classbits, 32);
4672 code = class_uchardata + (32 / sizeof(pcre_uchar));
4673 }
4674 else code = class_uchardata;
4675
4676 /* Now fill in the complete length of the item */
4677
4678 PUT(previous, 1, (int)(code - previous));
4679 break; /* End of class handling */
4680 }
4681 #endif
4682
4683 /* If there are no characters > 255, or they are all to be included or
4684 excluded, set the opcode to OP_CLASS or OP_NCLASS, depending on whether the
4685 whole class was negated and whether there were negative specials such as \S
4686 (non-UCP) in the class. Then copy the 32-byte map into the code vector,
4687 negating it if necessary. */
4688
4689 *code++ = (negate_class == should_flip_negation) ? OP_CLASS : OP_NCLASS;
4690 if (lengthptr == NULL) /* Save time in the pre-compile phase */
4691 {
4692 if (negate_class)
4693 for (c = 0; c < 32; c++) classbits[c] = ~classbits[c];
4694 memcpy(code, classbits, 32);
4695 }
4696 code += 32 / sizeof(pcre_uchar);
4697
4698 END_CLASS:
4699 break;
4700
4701
4702 /* ===================================================================*/
4703 /* Various kinds of repeat; '{' is not necessarily a quantifier, but this
4704 has been tested above. */
4705
4706 case CHAR_LEFT_CURLY_BRACKET:
4707 if (!is_quantifier) goto NORMAL_CHAR;
4708 ptr = read_repeat_counts(ptr+1, &repeat_min, &repeat_max, errorcodeptr);
4709 if (*errorcodeptr != 0) goto FAILED;
4710 goto REPEAT;
4711
4712 case CHAR_ASTERISK:
4713 repeat_min = 0;
4714 repeat_max = -1;
4715 goto REPEAT;
4716
4717 case CHAR_PLUS:
4718 repeat_min = 1;
4719 repeat_max = -1;
4720 goto REPEAT;
4721
4722 case CHAR_QUESTION_MARK:
4723 repeat_min = 0;
4724 repeat_max = 1;
4725
4726 REPEAT:
4727 if (previous == NULL)
4728 {
4729 *errorcodeptr = ERR9;
4730 goto FAILED;
4731 }
4732
4733 if (repeat_min == 0)
4734 {
4735 firstchar = zerofirstchar; /* Adjust for zero repeat */
4736 firstcharflags = zerofirstcharflags;
4737 reqchar = zeroreqchar; /* Ditto */
4738 reqcharflags = zeroreqcharflags;
4739 }
4740
4741 /* Remember whether this is a variable length repeat */
4742
4743 reqvary = (repeat_min == repeat_max)? 0 : REQ_VARY;
4744
4745 op_type = 0; /* Default single-char op codes */
4746 possessive_quantifier = FALSE; /* Default not possessive quantifier */
4747
4748 /* Save start of previous item, in case we have to move it up in order to
4749 insert something before it. */
4750
4751 tempcode = previous;
4752
4753 /* If the next character is '+', we have a possessive quantifier. This
4754 implies greediness, whatever the setting of the PCRE_UNGREEDY option.
4755 If the next character is '?' this is a minimizing repeat, by default,
4756 but if PCRE_UNGREEDY is set, it works the other way round. We change the
4757 repeat type to the non-default. */
4758
4759 if (ptr[1] == CHAR_PLUS)
4760 {
4761 repeat_type = 0; /* Force greedy */
4762 possessive_quantifier = TRUE;
4763 ptr++;
4764 }
4765 else if (ptr[1] == CHAR_QUESTION_MARK)
4766 {
4767 repeat_type = greedy_non_default;
4768 ptr++;
4769 }
4770 else repeat_type = greedy_default;
4771
4772 /* If previous was a recursion call, wrap it in atomic brackets so that
4773 previous becomes the atomic group. All recursions were so wrapped in the
4774 past, but it no longer happens for non-repeated recursions. In fact, the
4775 repeated ones could be re-implemented independently so as not to need this,
4776 but for the moment we rely on the code for repeating groups. */
4777
4778 if (*previous == OP_RECURSE)
4779 {
4780 memmove(previous + 1 + LINK_SIZE, previous, IN_UCHARS(1 + LINK_SIZE));
4781 *previous = OP_ONCE;
4782 PUT(previous, 1, 2 + 2*LINK_SIZE);
4783 previous[2 + 2*LINK_SIZE] = OP_KET;
4784 PUT(previous, 3 + 2*LINK_SIZE, 2 + 2*LINK_SIZE);
4785 code += 2 + 2 * LINK_SIZE;
4786 length_prevgroup = 3 + 3*LINK_SIZE;
4787
4788 /* When actually compiling, we need to check whether this was a forward
4789 reference, and if so, adjust the offset. */
4790
4791 if (lengthptr == NULL && cd->hwm >= cd->start_workspace + LINK_SIZE)
4792 {
4793 int offset = GET(cd->hwm, -LINK_SIZE);
4794 if (offset == previous + 1 - cd->start_code)
4795 PUT(cd->hwm, -LINK_SIZE, offset + 1 + LINK_SIZE);
4796 }
4797 }
4798
4799 /* Now handle repetition for the different types of item. */
4800
4801 /* If previous was a character or negated character match, abolish the item
4802 and generate a repeat item instead. If a char item has a minimum of more
4803 than one, ensure that it is set in reqchar - it might not be if a sequence
4804 such as x{3} is the first thing in a branch because the x will have gone
4805 into firstchar instead. */
4806
4807 if (*previous == OP_CHAR || *previous == OP_CHARI
4808 || *previous == OP_NOT || *previous == OP_NOTI)
4809 {
4810 switch (*previous)
4811 {
4812 default: /* Make compiler happy. */
4813 case OP_CHAR: op_type = OP_STAR - OP_STAR; break;
4814 case OP_CHARI: op_type = OP_STARI - OP_STAR; break;
4815 case OP_NOT: op_type = OP_NOTSTAR - OP_STAR; break;
4816 case OP_NOTI: op_type = OP_NOTSTARI - OP_STAR; break;
4817 }
4818
4819 /* Deal with UTF characters that take up more than one character. It's
4820 easier to write this out separately than try to macrify it. Use c to
4821 hold the length of the character in bytes, plus UTF_LENGTH to flag that
4822 it's a length rather than a small character. */
4823
4824 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4825 if (utf && NOT_FIRSTCHAR(code[-1]))
4826 {
4827 pcre_uchar *lastchar = code - 1;
4828 BACKCHAR(lastchar);
4829 c = (int)(code - lastchar); /* Length of UTF-8 character */
4830 memcpy(utf_chars, lastchar, IN_UCHARS(c)); /* Save the char */
4831 c |= UTF_LENGTH; /* Flag c as a length */
4832 }
4833 else
4834 #endif /* SUPPORT_UTF */
4835
4836 /* Handle the case of a single charater - either with no UTF support, or
4837 with UTF disabled, or for a single character UTF character. */
4838 {
4839 c = code[-1];
4840 if (*previous <= OP_CHARI && repeat_min > 1)
4841 {
4842 reqchar = c;
4843 reqcharflags = req_caseopt | cd->req_varyopt;
4844 }
4845 }
4846
4847 /* If the repetition is unlimited, it pays to see if the next thing on
4848 the line is something that cannot possibly match this character. If so,
4849 automatically possessifying this item gains some performance in the case
4850 where the match fails. */
4851
4852 if (!possessive_quantifier &&
4853 repeat_max < 0 &&
4854 check_auto_possessive(previous, utf, ptr + 1, options, cd))
4855 {
4856 repeat_type = 0; /* Force greedy */
4857 possessive_quantifier = TRUE;
4858 }
4859
4860 goto OUTPUT_SINGLE_REPEAT; /* Code shared with single character types */
4861 }
4862
4863 /* If previous was a character type match (\d or similar), abolish it and
4864 create a suitable repeat item. The code is shared with single-character
4865 repeats by setting op_type to add a suitable offset into repeat_type. Note
4866 the the Unicode property types will be present only when SUPPORT_UCP is
4867 defined, but we don't wrap the little bits of code here because it just
4868 makes it horribly messy. */
4869
4870 else if (*previous < OP_EODN)
4871 {
4872 pcre_uchar *oldcode;
4873 int prop_type, prop_value;
4874 op_type = OP_TYPESTAR - OP_STAR; /* Use type opcodes */
4875 c = *previous;
4876
4877 if (!possessive_quantifier &&
4878 repeat_max < 0 &&
4879 check_auto_possessive(previous, utf, ptr + 1, options, cd))
4880 {
4881 repeat_type = 0; /* Force greedy */
4882 possessive_quantifier = TRUE;
4883 }
4884
4885 OUTPUT_SINGLE_REPEAT:
4886 if (*previous == OP_PROP || *previous == OP_NOTPROP)
4887 {
4888 prop_type = previous[1];
4889 prop_value = previous[2];
4890 }
4891 else prop_type = prop_value = -1;
4892
4893 oldcode = code;
4894 code = previous; /* Usually overwrite previous item */
4895
4896 /* If the maximum is zero then the minimum must also be zero; Perl allows
4897 this case, so we do too - by simply omitting the item altogether. */
4898
4899 if (repeat_max == 0) goto END_REPEAT;
4900
4901 /*--------------------------------------------------------------------*/
4902 /* This code is obsolete from release 8.00; the restriction was finally
4903 removed: */
4904
4905 /* All real repeats make it impossible to handle partial matching (maybe
4906 one day we will be able to remove this restriction). */
4907
4908 /* if (repeat_max != 1) cd->external_flags |= PCRE_NOPARTIAL; */
4909 /*--------------------------------------------------------------------*/
4910
4911 /* Combine the op_type with the repeat_type */
4912
4913 repeat_type += op_type;
4914
4915 /* A minimum of zero is handled either as the special case * or ?, or as
4916 an UPTO, with the maximum given. */
4917
4918 if (repeat_min == 0)
4919 {
4920 if (repeat_max == -1) *code++ = OP_STAR + repeat_type;
4921 else if (repeat_max == 1) *code++ = OP_QUERY + repeat_type;
4922 else
4923 {
4924 *code++ = OP_UPTO + repeat_type;
4925 PUT2INC(code, 0, repeat_max);
4926 }
4927 }
4928
4929 /* A repeat minimum of 1 is optimized into some special cases. If the
4930 maximum is unlimited, we use OP_PLUS. Otherwise, the original item is
4931 left in place and, if the maximum is greater than 1, we use OP_UPTO with
4932 one less than the maximum. */
4933
4934 else if (repeat_min == 1)
4935 {
4936 if (repeat_max == -1)
4937 *code++ = OP_PLUS + repeat_type;
4938 else
4939 {
4940 code = oldcode; /* leave previous item in place */
4941 if (repeat_max == 1) goto END_REPEAT;
4942 *code++ = OP_UPTO + repeat_type;
4943 PUT2INC(code, 0, repeat_max - 1);
4944 }
4945 }
4946
4947 /* The case {n,n} is just an EXACT, while the general case {n,m} is
4948 handled as an EXACT followed by an UPTO. */
4949
4950 else
4951 {
4952 *code++ = OP_EXACT + op_type; /* NB EXACT doesn't have repeat_type */
4953 PUT2INC(code, 0, repeat_min);
4954
4955 /* If the maximum is unlimited, insert an OP_STAR. Before doing so,
4956 we have to insert the character for the previous code. For a repeated
4957 Unicode property match, there are two extra bytes that define the
4958 required property. In UTF-8 mode, long characters have their length in
4959 c, with the UTF_LENGTH bit as a flag. */
4960
4961 if (repeat_max < 0)
4962 {
4963 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4964 if (utf && (c & UTF_LENGTH) != 0)
4965 {
4966 memcpy(code, utf_chars, IN_UCHARS(c & 7));
4967 code += c & 7;
4968 }
4969 else
4970 #endif
4971 {
4972 *code++ = c;
4973 if (prop_type >= 0)
4974 {
4975 *code++ = prop_type;
4976 *code++ = prop_value;
4977 }
4978 }
4979 *code++ = OP_STAR + repeat_type;
4980 }
4981
4982 /* Else insert an UPTO if the max is greater than the min, again
4983 preceded by the character, for the previously inserted code. If the
4984 UPTO is just for 1 instance, we can use QUERY instead. */
4985
4986 else if (repeat_max != repeat_min)
4987 {
4988 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4989 if (utf && (c & UTF_LENGTH) != 0)
4990 {
4991 memcpy(code, utf_chars, IN_UCHARS(c & 7));
4992 code += c & 7;
4993 }
4994 else
4995 #endif
4996 *code++ = c;
4997 if (prop_type >= 0)
4998 {
4999 *code++ = prop_type;
5000 *code++ = prop_value;
5001 }
5002 repeat_max -= repeat_min;
5003
5004 if (repeat_max == 1)
5005 {
5006 *code++ = OP_QUERY + repeat_type;
5007 }
5008 else
5009 {
5010 *code++ = OP_UPTO + repeat_type;
5011 PUT2INC(code, 0, repeat_max);
5012 }
5013 }
5014 }
5015
5016 /* The character or character type itself comes last in all cases. */
5017
5018 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
5019 if (utf && (c & UTF_LENGTH) != 0)
5020 {
5021 memcpy(code, utf_chars, IN_UCHARS(c & 7));
5022 code += c & 7;
5023 }
5024 else
5025 #endif
5026 *code++ = c;
5027
5028 /* For a repeated Unicode property match, there are two extra bytes that
5029 define the required property. */
5030
5031 #ifdef SUPPORT_UCP
5032 if (prop_type >= 0)
5033 {
5034 *code++ = prop_type;
5035 *code++ = prop_value;
5036 }
5037 #endif
5038 }
5039
5040 /* If previous was a character class or a back reference, we put the repeat
5041 stuff after it, but just skip the item if the repeat was {0,0}. */
5042
5043 else if (*previous == OP_CLASS ||
5044 *previous == OP_NCLASS ||
5045 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
5046 *previous == OP_XCLASS ||
5047 #endif
5048 *previous == OP_REF ||
5049 *previous == OP_REFI)
5050 {
5051 if (repeat_max == 0)
5052 {
5053 code = previous;
5054 goto END_REPEAT;
5055 }
5056
5057 /*--------------------------------------------------------------------*/
5058 /* This code is obsolete from release 8.00; the restriction was finally
5059 removed: */
5060
5061 /* All real repeats make it impossible to handle partial matching (maybe
5062 one day we will be able to remove this restriction). */
5063
5064 /* if (repeat_max != 1) cd->external_flags |= PCRE_NOPARTIAL; */
5065 /*--------------------------------------------------------------------*/
5066
5067 if (repeat_min == 0 && repeat_max == -1)
5068 *code++ = OP_CRSTAR + repeat_type;
5069 else if (repeat_min == 1 && repeat_max == -1)
5070 *code++ = OP_CRPLUS + repeat_type;
5071 else if (repeat_min == 0 && repeat_max == 1)
5072 *code++ = OP_CRQUERY + repeat_type;
5073 else
5074 {
5075 *code++ = OP_CRRANGE + repeat_type;
5076 PUT2INC(code, 0, repeat_min);
5077 if (repeat_max == -1) repeat_max = 0; /* 2-byte encoding for max */
5078 PUT2INC(code, 0, repeat_max);
5079 }
5080 }
5081
5082 /* If previous was a bracket group, we may have to replicate it in certain
5083 cases. Note that at this point we can encounter only the "basic" bracket
5084 opcodes such as BRA and CBRA, as this is the place where they get converted
5085 into the more special varieties such as BRAPOS and SBRA. A test for >=
5086 OP_ASSERT and <= OP_COND includes ASSERT, ASSERT_NOT, ASSERTBACK,
5087 ASSERTBACK_NOT, ONCE, BRA, CBRA, and COND. Originally, PCRE did not allow
5088 repetition of assertions, but now it does, for Perl compatibility. */
5089
5090 else if (*previous >= OP_ASSERT && *previous <= OP_COND)
5091 {
5092 register int i;
5093 int len = (int)(code - previous);
5094 pcre_uchar *bralink = NULL;
5095 pcre_uchar *brazeroptr = NULL;
5096
5097 /* Repeating a DEFINE group is pointless, but Perl allows the syntax, so
5098 we just ignore the repeat. */
5099
5100 if (*previous == OP_COND && previous[LINK_SIZE+1] == OP_DEF)
5101 goto END_REPEAT;
5102
5103 /* There is no sense in actually repeating assertions. The only potential
5104 use of repetition is in cases when the assertion is optional. Therefore,
5105 if the minimum is greater than zero, just ignore the repeat. If the
5106 maximum is not not zero or one, set it to 1. */
5107
5108 if (*previous < OP_ONCE) /* Assertion */
5109 {
5110 if (repeat_min > 0) goto END_REPEAT;
5111 if (repeat_max < 0 || repeat_max > 1) repeat_max = 1;
5112 }
5113
5114 /* The case of a zero minimum is special because of the need to stick
5115 OP_BRAZERO in front of it, and because the group appears once in the
5116 data, whereas in other cases it appears the minimum number of times. For
5117 this reason, it is simplest to treat this case separately, as otherwise
5118 the code gets far too messy. There are several special subcases when the
5119 minimum is zero. */
5120
5121 if (repeat_min == 0)
5122 {
5123 /* If the maximum is also zero, we used to just omit the group from the
5124 output altogether, like this:
5125
5126 ** if (repeat_max == 0)
5127 ** {
5128 ** code = previous;
5129 ** goto END_REPEAT;
5130 ** }
5131
5132 However, that fails when a group or a subgroup within it is referenced
5133 as a subroutine from elsewhere in the pattern, so now we stick in
5134 OP_SKIPZERO in front of it so that it is skipped on execution. As we
5135 don't have a list of which groups are referenced, we cannot do this
5136 selectively.
5137
5138 If the maximum is 1 or unlimited, we just have to stick in the BRAZERO
5139 and do no more at this point. However, we do need to adjust any
5140 OP_RECURSE calls inside the group that refer to the group itself or any
5141 internal or forward referenced group, because the offset is from the
5142 start of the whole regex. Temporarily terminate the pattern while doing
5143 this. */
5144
5145 if (repeat_max <= 1) /* Covers 0, 1, and unlimited */
5146 {
5147 *code = OP_END;
5148 adjust_recurse(previous, 1, utf, cd, save_hwm);
5149 memmove(previous + 1, previous, IN_UCHARS(len));
5150 code++;
5151 if (repeat_max == 0)
5152 {
5153 *previous++ = OP_SKIPZERO;
5154 goto END_REPEAT;
5155 }
5156 brazeroptr = previous; /* Save for possessive optimizing */
5157 *previous++ = OP_BRAZERO + repeat_type;
5158 }
5159
5160 /* If the maximum is greater than 1 and limited, we have to replicate
5161 in a nested fashion, sticking OP_BRAZERO before each set of brackets.
5162 The first one has to be handled carefully because it's the original
5163 copy, which has to be moved up. The remainder can be handled by code
5164 that is common with the non-zero minimum case below. We have to
5165 adjust the value or repeat_max, since one less copy is required. Once
5166 again, we may have to adjust any OP_RECURSE calls inside the group. */
5167
5168 else
5169 {
5170 int offset;
5171 *code = OP_END;
5172 adjust_recurse(previous, 2 + LINK_SIZE, utf, cd, save_hwm);
5173 memmove(previous + 2 + LINK_SIZE, previous, IN_UCHARS(len));
5174 code += 2 + LINK_SIZE;
5175 *previous++ = OP_BRAZERO + repeat_type;
5176 *previous++ = OP_BRA;
5177
5178 /* We chain together the bracket offset fields that have to be
5179 filled in later when the ends of the brackets are reached. */
5180
5181 offset = (bralink == NULL)? 0 : (int)(previous - bralink);
5182 bralink = previous;
5183 PUTINC(previous, 0, offset);
5184 }
5185
5186 repeat_max--;
5187 }
5188
5189 /* If the minimum is greater than zero, replicate the group as many
5190 times as necessary, and adjust the maximum to the number of subsequent
5191 copies that we need. If we set a first char from the group, and didn't
5192 set a required char, copy the latter from the former. If there are any
5193 forward reference subroutine calls in the group, there will be entries on
5194 the workspace list; replicate these with an appropriate increment. */
5195
5196 else
5197 {
5198 if (repeat_min > 1)
5199 {
5200 /* In the pre-compile phase, we don't actually do the replication. We
5201 just adjust the length as if we had. Do some paranoid checks for
5202 potential integer overflow. The INT64_OR_DOUBLE type is a 64-bit
5203 integer type when available, otherwise double. */
5204
5205 if (lengthptr != NULL)
5206 {
5207 int delta = (repeat_min - 1)*length_prevgroup;
5208 if ((INT64_OR_DOUBLE)(repeat_min - 1)*
5209 (INT64_OR_DOUBLE)length_prevgroup >
5210 (INT64_OR_DOUBLE)INT_MAX ||
5211 OFLOW_MAX - *lengthptr < delta)
5212 {
5213 *errorcodeptr = ERR20;
5214 goto FAILED;
5215 }
5216 *lengthptr += delta;
5217 }
5218
5219 /* This is compiling for real. If there is a set first byte for
5220 the group, and we have not yet set a "required byte", set it. Make
5221 sure there is enough workspace for copying forward references before
5222 doing the copy. */
5223
5224 else
5225 {
5226 if (groupsetfirstchar && reqcharflags < 0)
5227 {
5228 reqchar = firstchar;
5229 reqcharflags = firstcharflags;
5230 }
5231
5232 for (i = 1; i < repeat_min; i++)
5233 {
5234 pcre_uchar *hc;
5235 pcre_uchar *this_hwm = cd->hwm;
5236 memcpy(code, previous, IN_UCHARS(len));
5237
5238 while (cd->hwm > cd->start_workspace + cd->workspace_size -
5239 WORK_SIZE_SAFETY_MARGIN - (this_hwm - save_hwm))
5240 {
5241 int save_offset = save_hwm - cd->start_workspace;
5242 int this_offset = this_hwm - cd->start_workspace;
5243 *errorcodeptr = expand_workspace(cd);
5244 if (*errorcodeptr != 0) goto FAILED;
5245 save_hwm = (pcre_uchar *)cd->start_workspace + save_offset;
5246 this_hwm = (pcre_uchar *)cd->start_workspace + this_offset;
5247 }
5248
5249 for (hc = save_hwm; hc < this_hwm; hc += LINK_SIZE)
5250 {
5251 PUT(cd->hwm, 0, GET(hc, 0) + len);
5252 cd->hwm += LINK_SIZE;
5253 }
5254 save_hwm = this_hwm;
5255 code += len;
5256 }
5257 }
5258 }
5259
5260 if (repeat_max > 0) repeat_max -= repeat_min;
5261 }
5262
5263 /* This code is common to both the zero and non-zero minimum cases. If
5264 the maximum is limited, it replicates the group in a nested fashion,
5265 remembering the bracket starts on a stack. In the case of a zero minimum,
5266 the first one was set up above. In all cases the repeat_max now specifies
5267 the number of additional copies needed. Again, we must remember to
5268 replicate entries on the forward reference list. */
5269
5270 if (repeat_max >= 0)
5271 {
5272 /* In the pre-compile phase, we don't actually do the replication. We
5273 just adjust the length as if we had. For each repetition we must add 1
5274 to the length for BRAZERO and for all but the last repetition we must
5275 add 2 + 2*LINKSIZE to allow for the nesting that occurs. Do some
5276 paranoid checks to avoid integer overflow. The INT64_OR_DOUBLE type is
5277 a 64-bit integer type when available, otherwise double. */
5278
5279 if (lengthptr != NULL && repeat_max > 0)
5280 {
5281 int delta = repeat_max * (length_prevgroup + 1 + 2 + 2*LINK_SIZE) -
5282 2 - 2*LINK_SIZE; /* Last one doesn't nest */
5283 if ((INT64_OR_DOUBLE)repeat_max *
5284 (INT64_OR_DOUBLE)(length_prevgroup + 1 + 2 + 2*LINK_SIZE)
5285 > (INT64_OR_DOUBLE)INT_MAX ||
5286 OFLOW_MAX - *lengthptr < delta)
5287 {
5288 *errorcodeptr = ERR20;
5289 goto FAILED;
5290 }
5291 *lengthptr += delta;
5292 }
5293
5294 /* This is compiling for real */
5295
5296 else for (i = repeat_max - 1; i >= 0; i--)
5297 {
5298 pcre_uchar *hc;
5299 pcre_uchar *this_hwm = cd->hwm;
5300
5301 *code++ = OP_BRAZERO + repeat_type;
5302
5303 /* All but the final copy start a new nesting, maintaining the
5304 chain of brackets outstanding. */
5305
5306 if (i != 0)
5307 {
5308 int offset;
5309 *code++ = OP_BRA;
5310 offset = (bralink == NULL)? 0 : (int)(code - bralink);
5311 bralink = code;
5312 PUTINC(code, 0, offset);
5313 }
5314
5315 memcpy(code, previous, IN_UCHARS(len));
5316
5317 /* Ensure there is enough workspace for forward references before
5318 copying them. */
5319
5320 while (cd->hwm > cd->start_workspace + cd->workspace_size -
5321 WORK_SIZE_SAFETY_MARGIN - (this_hwm - save_hwm))
5322 {
5323 int save_offset = save_hwm - cd->start_workspace;
5324 int this_offset = this_hwm - cd->start_workspace;
5325 *errorcodeptr = expand_workspace(cd);
5326 if (*errorcodeptr != 0) goto FAILED;
5327 save_hwm = (pcre_uchar *)cd->start_workspace + save_offset;
5328 this_hwm = (pcre_uchar *)cd->start_workspace + this_offset;
5329 }
5330
5331 for (hc = save_hwm; hc < this_hwm; hc += LINK_SIZE)
5332 {
5333 PUT(cd->hwm, 0, GET(hc, 0) + len + ((i != 0)? 2+LINK_SIZE : 1));
5334 cd->hwm += LINK_SIZE;
5335 }
5336 save_hwm = this_hwm;
5337 code += len;
5338 }
5339
5340 /* Now chain through the pending brackets, and fill in their length
5341 fields (which are holding the chain links pro tem). */
5342
5343 while (bralink != NULL)
5344 {
5345 int oldlinkoffset;
5346 int offset = (int)(code - bralink + 1);
5347 pcre_uchar *bra = code - offset;
5348 oldlinkoffset = GET(bra, 1);
5349 bralink = (oldlinkoffset == 0)? NULL : bralink - oldlinkoffset;
5350 *code++ = OP_KET;
5351 PUTINC(code, 0, offset);
5352 PUT(bra, 1, offset);
5353 }
5354 }
5355
5356 /* If the maximum is unlimited, set a repeater in the final copy. For
5357 ONCE brackets, that's all we need to do. However, possessively repeated
5358 ONCE brackets can be converted into non-capturing brackets, as the
5359 behaviour of (?:xx)++ is the same as (?>xx)++ and this saves having to
5360 deal with possessive ONCEs specially.
5361
5362 Otherwise, when we are doing the actual compile phase, check to see
5363 whether this group is one that could match an empty string. If so,
5364 convert the initial operator to the S form (e.g. OP_BRA -> OP_SBRA) so
5365 that runtime checking can be done. [This check is also applied to ONCE
5366 groups at runtime, but in a different way.]
5367
5368 Then, if the quantifier was possessive and the bracket is not a
5369 conditional, we convert the BRA code to the POS form, and the KET code to
5370 KETRPOS. (It turns out to be convenient at runtime to detect this kind of
5371 subpattern at both the start and at the end.) The use of special opcodes
5372 makes it possible to reduce greatly the stack usage in pcre_exec(). If
5373 the group is preceded by OP_BRAZERO, convert this to OP_BRAPOSZERO.
5374
5375 Then, if the minimum number of matches is 1 or 0, cancel the possessive
5376 flag so that the default action below, of wrapping everything inside
5377 atomic brackets, does not happen. When the minimum is greater than 1,
5378 there will be earlier copies of the group, and so we still have to wrap
5379 the whole thing. */
5380
5381 else
5382 {
5383 pcre_uchar *ketcode = code - 1 - LINK_SIZE;
5384 pcre_uchar *bracode = ketcode - GET(ketcode, 1);
5385
5386 /* Convert possessive ONCE brackets to non-capturing */
5387
5388 if ((*bracode == OP_ONCE || *bracode == OP_ONCE_NC) &&
5389 possessive_quantifier) *bracode = OP_BRA;
5390
5391 /* For non-possessive ONCE brackets, all we need to do is to
5392 set the KET. */
5393
5394 if (*bracode == OP_ONCE || *bracode == OP_ONCE_NC)
5395 *ketcode = OP_KETRMAX + repeat_type;
5396
5397 /* Handle non-ONCE brackets and possessive ONCEs (which have been
5398 converted to non-capturing above). */
5399
5400 else
5401 {
5402 /* In the compile phase, check for empty string matching. */
5403
5404 if (lengthptr == NULL)
5405 {
5406 pcre_uchar *scode = bracode;
5407 do
5408 {
5409 if (could_be_empty_branch(scode, ketcode, utf, cd))
5410 {
5411 *bracode += OP_SBRA - OP_BRA;
5412 break;
5413 }
5414 scode += GET(scode, 1);
5415 }
5416 while (*scode == OP_ALT);
5417 }
5418
5419 /* Handle possessive quantifiers. */
5420
5421 if (possessive_quantifier)
5422 {
5423 /* For COND brackets, we wrap the whole thing in a possessively
5424 repeated non-capturing bracket, because we have not invented POS
5425 versions of the COND opcodes. Because we are moving code along, we
5426 must ensure that any pending recursive references are updated. */
5427
5428 if (*bracode == OP_COND || *bracode == OP_SCOND)
5429 {
5430 int nlen = (int)(code - bracode);
5431 *code = OP_END;
5432 adjust_recurse(bracode, 1 + LINK_SIZE, utf, cd, save_hwm);
5433 memmove(bracode + 1 + LINK_SIZE, bracode, IN_UCHARS(nlen));
5434 code += 1 + LINK_SIZE;
5435 nlen += 1 + LINK_SIZE;
5436 *bracode = OP_BRAPOS;
5437 *code++ = OP_KETRPOS;
5438 PUTINC(code, 0, nlen);
5439 PUT(bracode, 1, nlen);
5440 }
5441
5442 /* For non-COND brackets, we modify the BRA code and use KETRPOS. */
5443
5444 else
5445 {
5446 *bracode += 1; /* Switch to xxxPOS opcodes */
5447 *ketcode = OP_KETRPOS;
5448 }
5449
5450 /* If the minimum is zero, mark it as possessive, then unset the
5451 possessive flag when the minimum is 0 or 1. */
5452
5453 if (brazeroptr != NULL) *brazeroptr = OP_BRAPOSZERO;
5454 if (repeat_min < 2) possessive_quantifier = FALSE;
5455 }
5456
5457 /* Non-possessive quantifier */
5458
5459 else *ketcode = OP_KETRMAX + repeat_type;
5460 }
5461 }
5462 }
5463
5464 /* If previous is OP_FAIL, it was generated by an empty class [] in
5465 JavaScript mode. The other ways in which OP_FAIL can be generated, that is
5466 by (*FAIL) or (?!) set previous to NULL, which gives a "nothing to repeat"
5467 error above. We can just ignore the repeat in JS case. */
5468
5469 else if (*previous == OP_FAIL) goto END_REPEAT;
5470
5471 /* Else there's some kind of shambles */
5472
5473 else
5474 {
5475 *errorcodeptr = ERR11;
5476 goto FAILED;
5477 }
5478
5479 /* If the character following a repeat is '+', or if certain optimization
5480 tests above succeeded, possessive_quantifier is TRUE. For some opcodes,
5481 there are special alternative opcodes for this case. For anything else, we
5482 wrap the entire repeated item inside OP_ONCE brackets. Logically, the '+'
5483 notation is just syntactic sugar, taken from Sun's Java package, but the
5484 special opcodes can optimize it.
5485
5486 Some (but not all) possessively repeated subpatterns have already been
5487 completely handled in the code just above. For them, possessive_quantifier
5488 is always FALSE at this stage.
5489
5490 Note that the repeated item starts at tempcode, not at previous, which
5491 might be the first part of a string whose (former) last char we repeated.
5492
5493 Possessifying an 'exact' quantifier has no effect, so we can ignore it. But
5494 an 'upto' may follow. We skip over an 'exact' item, and then test the
5495 length of what remains before proceeding. */
5496
5497 if (possessive_quantifier)
5498 {
5499 int len;
5500
5501 if (*tempcode == OP_TYPEEXACT)
5502 tempcode += PRIV(OP_lengths)[*tempcode] +
5503 ((tempcode[1 + IMM2_SIZE] == OP_PROP
5504 || tempcode[1 + IMM2_SIZE] == OP_NOTPROP)? 2 : 0);
5505
5506 else if (*tempcode == OP_EXACT || *tempcode == OP_NOTEXACT)
5507 {
5508 tempcode += PRIV(OP_lengths)[*tempcode];
5509 #ifdef SUPPORT_UTF
5510 if (utf && HAS_EXTRALEN(tempcode[-1]))
5511 tempcode += GET_EXTRALEN(tempcode[-1]);
5512 #endif
5513 }
5514
5515 len = (int)(code - tempcode);
5516 if (len > 0) switch (*tempcode)
5517 {
5518 case OP_STAR: *tempcode = OP_POSSTAR; break;
5519 case OP_PLUS: *tempcode = OP_POSPLUS; break;
5520 case OP_QUERY: *tempcode = OP_POSQUERY; break;
5521 case OP_UPTO: *tempcode = OP_POSUPTO; break;
5522
5523 case OP_STARI: *tempcode = OP_POSSTARI; break;
5524 case OP_PLUSI: *tempcode = OP_POSPLUSI; break;
5525 case OP_QUERYI: *tempcode = OP_POSQUERYI; break;
5526 case OP_UPTOI: *tempcode = OP_POSUPTOI; break;
5527
5528 case OP_NOTSTAR: *tempcode = OP_NOTPOSSTAR; break;
5529 case OP_NOTPLUS: *tempcode = OP_NOTPOSPLUS; break;
5530 case OP_NOTQUERY: *tempcode = OP_NOTPOSQUERY; break;
5531 case OP_NOTUPTO: *tempcode = OP_NOTPOSUPTO; break;
5532
5533 case OP_NOTSTARI: *tempcode = OP_NOTPOSSTARI; break;
5534 case OP_NOTPLUSI: *tempcode = OP_NOTPOSPLUSI; break;
5535 case OP_NOTQUERYI: *tempcode = OP_NOTPOSQUERYI; break;
5536 case OP_NOTUPTOI: *tempcode = OP_NOTPOSUPTOI; break;
5537
5538 case OP_TYPESTAR: *tempcode = OP_TYPEPOSSTAR; break;
5539 case OP_TYPEPLUS: *tempcode = OP_TYPEPOSPLUS; break;
5540 case OP_TYPEQUERY: *tempcode = OP_TYPEPOSQUERY; break;
5541 case OP_TYPEUPTO: *tempcode = OP_TYPEPOSUPTO; break;
5542
5543 /* Because we are moving code along, we must ensure that any
5544 pending recursive references are updated. */
5545
5546 default:
5547 *code = OP_END;
5548 adjust_recurse(tempcode, 1 + LINK_SIZE, utf, cd, save_hwm);
5549 memmove(tempcode + 1 + LINK_SIZE, tempcode, IN_UCHARS(len));
5550 code += 1 + LINK_SIZE;
5551 len += 1 + LINK_SIZE;
5552 tempcode[0] = OP_ONCE;
5553 *code++ = OP_KET;
5554 PUTINC(code, 0, len);
5555 PUT(tempcode, 1, len);
5556 break;
5557 }
5558 }
5559
5560 /* In all case we no longer have a previous item. We also set the
5561 "follows varying string" flag for subsequently encountered reqchars if
5562 it isn't already set and we have just passed a varying length item. */
5563
5564 END_REPEAT:
5565 previous = NULL;
5566 cd->req_varyopt |= reqvary;
5567 break;
5568
5569
5570 /* ===================================================================*/
5571 /* Start of nested parenthesized sub-expression, or comment or lookahead or
5572 lookbehind or option setting or condition or all the other extended
5573 parenthesis forms. */
5574
5575 case CHAR_LEFT_PARENTHESIS:
5576 newoptions = options;
5577 skipbytes = 0;
5578 bravalue = OP_CBRA;
5579 save_hwm = cd->hwm;
5580 reset_bracount = FALSE;
5581
5582 /* First deal with various "verbs" that can be introduced by '*'. */
5583
5584 ptr++;
5585 if (ptr[0] == CHAR_ASTERISK && (ptr[1] == ':'
5586 || (MAX_255(ptr[1]) && ((cd->ctypes[ptr[1]] & ctype_letter) != 0))))
5587 {
5588 int i, namelen;
5589 int arglen = 0;
5590 const char *vn = verbnames;
5591 const pcre_uchar *name = ptr + 1;
5592 const pcre_uchar *arg = NULL;
5593 previous = NULL;
5594 ptr++;
5595 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_letter) != 0) ptr++;
5596 namelen = (int)(ptr - name);
5597
5598 /* It appears that Perl allows any characters whatsoever, other than
5599 a closing parenthesis, to appear in arguments, so we no longer insist on
5600 letters, digits, and underscores. */
5601
5602 if (*ptr == CHAR_COLON)
5603 {
5604 arg = ++ptr;
5605 while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
5606 arglen = (int)(ptr - arg);
5607 if ((unsigned int)arglen > MAX_MARK)
5608 {
5609 *errorcodeptr = ERR75;
5610 goto FAILED;
5611 }
5612 }
5613
5614 if (*ptr != CHAR_RIGHT_PARENTHESIS)
5615 {
5616 *errorcodeptr = ERR60;
5617 goto FAILED;
5618 }
5619
5620 /* Scan the table of verb names */
5621
5622 for (i = 0; i < verbcount; i++)
5623 {
5624 if (namelen == verbs[i].len &&
5625 STRNCMP_UC_C8(name, vn, namelen) == 0)
5626 {
5627 int setverb;
5628
5629 /* Check for open captures before ACCEPT and convert it to
5630 ASSERT_ACCEPT if in an assertion. */
5631
5632 if (verbs[i].op == OP_ACCEPT)
5633 {
5634 open_capitem *oc;
5635 if (arglen != 0)
5636 {
5637 *errorcodeptr = ERR59;
5638 goto FAILED;
5639 }
5640 cd->had_accept = TRUE;
5641 for (oc = cd->open_caps; oc != NULL; oc = oc->next)
5642 {
5643 *code++ = OP_CLOSE;
5644 PUT2INC(code, 0, oc->number);
5645 }
5646 setverb = *code++ =
5647 (cd->assert_depth > 0)? OP_ASSERT_ACCEPT : OP_ACCEPT;
5648
5649 /* Do not set firstchar after *ACCEPT */
5650 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
5651 }
5652
5653 /* Handle other cases with/without an argument */
5654
5655 else if (arglen == 0)
5656 {
5657 if (verbs[i].op < 0) /* Argument is mandatory */
5658 {
5659 *errorcodeptr = ERR66;
5660 goto FAILED;
5661 }
5662 setverb = *code++ = verbs[i].op;
5663 }
5664
5665 else
5666 {
5667 if (verbs[i].op_arg < 0) /* Argument is forbidden */
5668 {
5669 *errorcodeptr = ERR59;
5670 goto FAILED;
5671 }
5672 setverb = *code++ = verbs[i].op_arg;
5673 *code++ = arglen;
5674 memcpy(code, arg, IN_UCHARS(arglen));
5675 code += arglen;
5676 *code++ = 0;
5677 }
5678
5679 switch (setverb)
5680 {
5681 case OP_THEN:
5682 case OP_THEN_ARG:
5683 cd->external_flags |= PCRE_HASTHEN;
5684 break;
5685
5686 case OP_PRUNE:
5687 case OP_PRUNE_ARG:
5688 case OP_SKIP:
5689 case OP_SKIP_ARG:
5690 cd->had_pruneorskip = TRUE;
5691 break;
5692 }
5693
5694 break; /* Found verb, exit loop */
5695 }
5696
5697 vn += verbs[i].len + 1;
5698 }
5699
5700 if (i < verbcount) continue; /* Successfully handled a verb */
5701 *errorcodeptr = ERR60; /* Verb not recognized */
5702 goto FAILED;
5703 }
5704
5705 /* Deal with the extended parentheses; all are introduced by '?', and the
5706 appearance of any of them means that this is not a capturing group. */
5707
5708 else if (*ptr == CHAR_QUESTION_MARK)
5709 {
5710 int i, set, unset, namelen;
5711 int *optset;
5712 const pcre_uchar *name;
5713 pcre_uchar *slot;
5714
5715 switch (*(++ptr))
5716 {
5717 case CHAR_NUMBER_SIGN: /* Comment; skip to ket */
5718 ptr++;
5719 while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
5720 if (*ptr == 0)
5721 {
5722 *errorcodeptr = ERR18;
5723 goto FAILED;
5724 }
5725 continue;
5726
5727
5728 /* ------------------------------------------------------------ */
5729 case CHAR_VERTICAL_LINE: /* Reset capture count for each branch */
5730 reset_bracount = TRUE;
5731 /* Fall through */
5732
5733 /* ------------------------------------------------------------ */
5734 case CHAR_COLON: /* Non-capturing bracket */
5735 bravalue = OP_BRA;
5736 ptr++;
5737 break;
5738
5739
5740 /* ------------------------------------------------------------ */
5741 case CHAR_LEFT_PARENTHESIS:
5742 bravalue = OP_COND; /* Conditional group */
5743
5744 /* A condition can be an assertion, a number (referring to a numbered
5745 group), a name (referring to a named group), or 'R', referring to
5746 recursion. R<digits> and R&name are also permitted for recursion tests.
5747
5748 There are several syntaxes for testing a named group: (?(name)) is used
5749 by Python; Perl 5.10 onwards uses (?(<name>) or (?('name')).
5750
5751 There are two unfortunate ambiguities, caused by history. (a) 'R' can
5752 be the recursive thing or the name 'R' (and similarly for 'R' followed
5753 by digits), and (b) a number could be a name that consists of digits.
5754 In both cases, we look for a name first; if not found, we try the other
5755 cases. */
5756
5757 /* For conditions that are assertions, check the syntax, and then exit
5758 the switch. This will take control down to where bracketed groups,
5759 including assertions, are processed. */
5760
5761 if (ptr[1] == CHAR_QUESTION_MARK && (ptr[2] == CHAR_EQUALS_SIGN ||
5762 ptr[2] == CHAR_EXCLAMATION_MARK || ptr[2] == CHAR_LESS_THAN_SIGN))
5763 break;
5764
5765 /* Most other conditions use OP_CREF (a couple change to OP_RREF
5766 below), and all need to skip 1+IMM2_SIZE bytes at the start of the group. */
5767
5768 code[1+LINK_SIZE] = OP_CREF;
5769 skipbytes = 1+IMM2_SIZE;
5770 refsign = -1;
5771
5772 /* Check for a test for recursion in a named group. */
5773
5774 if (ptr[1] == CHAR_R && ptr[2] == CHAR_AMPERSAND)
5775 {
5776 terminator = -1;
5777 ptr += 2;
5778 code[1+LINK_SIZE] = OP_RREF; /* Change the type of test */
5779 }
5780
5781 /* Check for a test for a named group's having been set, using the Perl
5782 syntax (?(<name>) or (?('name') */
5783
5784 else if (ptr[1] == CHAR_LESS_THAN_SIGN)
5785 {
5786 terminator = CHAR_GREATER_THAN_SIGN;
5787 ptr++;
5788 }
5789 else if (ptr[1] == CHAR_APOSTROPHE)
5790 {
5791 terminator = CHAR_APOSTROPHE;
5792 ptr++;
5793 }
5794 else
5795 {
5796 terminator = 0;
5797 if (ptr[1] == CHAR_MINUS || ptr[1] == CHAR_PLUS) refsign = *(++ptr);
5798 }
5799
5800 /* We now expect to read a name; any thing else is an error */
5801
5802 if (!MAX_255(ptr[1]) || (cd->ctypes[ptr[1]] & ctype_word) == 0)
5803 {
5804 ptr += 1; /* To get the right offset */
5805 *errorcodeptr = ERR28;
5806 goto FAILED;
5807 }
5808
5809 /* Read the name, but also get it as a number if it's all digits */
5810
5811 recno = 0;
5812 name = ++ptr;
5813 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_word) != 0)
5814 {
5815 if (recno >= 0)
5816 recno = (IS_DIGIT(*ptr))? recno * 10 + (int)(*ptr - CHAR_0) : -1;
5817 ptr++;
5818 }
5819 namelen = (int)(ptr - name);
5820
5821 if ((terminator > 0 && *ptr++ != terminator) ||
5822 *ptr++ != CHAR_RIGHT_PARENTHESIS)
5823 {
5824 ptr--; /* Error offset */
5825 *errorcodeptr = ERR26;
5826 goto FAILED;
5827 }
5828
5829 /* Do no further checking in the pre-compile phase. */
5830
5831 if (lengthptr != NULL) break;
5832
5833 /* In the real compile we do the work of looking for the actual
5834 reference. If the string started with "+" or "-" we require the rest to
5835 be digits, in which case recno will be set. */
5836
5837 if (refsign > 0)
5838 {
5839 if (recno <= 0)
5840 {
5841 *errorcodeptr = ERR58;
5842 goto FAILED;
5843 }
5844 recno = (refsign == CHAR_MINUS)?
5845 cd->bracount - recno + 1 : recno +cd->bracount;
5846 if (recno <= 0 || recno > cd->final_bracount)
5847 {
5848 *errorcodeptr = ERR15;
5849 goto FAILED;
5850 }
5851 PUT2(code, 2+LINK_SIZE, recno);
5852 break;
5853 }
5854
5855 /* Otherwise (did not start with "+" or "-"), start by looking for the
5856 name. If we find a name, add one to the opcode to change OP_CREF or
5857 OP_RREF into OP_NCREF or OP_NRREF. These behave exactly the same,
5858 except they record that the reference was originally to a name. The
5859 information is used to check duplicate names. */
5860
5861 slot = cd->name_table;
5862 for (i = 0; i < cd->names_found; i++)
5863 {
5864 if (STRNCMP_UC_UC(name, slot+IMM2_SIZE, namelen) == 0) break;
5865 slot += cd->name_entry_size;
5866 }
5867
5868 /* Found a previous named subpattern */
5869
5870 if (i < cd->names_found)
5871 {
5872 recno = GET2(slot, 0);
5873 PUT2(code, 2+LINK_SIZE, recno);
5874 code[1+LINK_SIZE]++;
5875 }
5876
5877 /* Search the pattern for a forward reference */
5878
5879 else if ((i = find_parens(cd, name, namelen,
5880 (options & PCRE_EXTENDED) != 0, utf)) > 0)
5881 {
5882 PUT2(code, 2+LINK_SIZE, i);
5883 code[1+LINK_SIZE]++;
5884 }
5885
5886 /* If terminator == 0 it means that the name followed directly after
5887 the opening parenthesis [e.g. (?(abc)...] and in this case there are
5888 some further alternatives to try. For the cases where terminator != 0
5889 [things like (?(<name>... or (?('name')... or (?(R&name)... ] we have
5890 now checked all the possibilities, so give an error. */
5891
5892 else if (terminator != 0)
5893 {
5894 *errorcodeptr = ERR15;
5895 goto FAILED;
5896 }
5897
5898 /* Check for (?(R) for recursion. Allow digits after R to specify a
5899 specific group number. */
5900
5901 else if (*name == CHAR_R)
5902 {
5903 recno = 0;
5904 for (i = 1; i < namelen; i++)
5905 {
5906 if (!IS_DIGIT(name[i]))
5907 {
5908 *errorcodeptr = ERR15;
5909 goto FAILED;
5910 }
5911 recno = recno * 10 + name[i] - CHAR_0;
5912 }
5913 if (recno == 0) recno = RREF_ANY;
5914 code[1+LINK_SIZE] = OP_RREF; /* Change test type */
5915 PUT2(code, 2+LINK_SIZE, recno);
5916 }
5917
5918 /* Similarly, check for the (?(DEFINE) "condition", which is always
5919 false. */
5920
5921 else if (namelen == 6 && STRNCMP_UC_C8(name, STRING_DEFINE, 6) == 0)
5922 {
5923 code[1+LINK_SIZE] = OP_DEF;
5924 skipbytes = 1;
5925 }
5926
5927 /* Check for the "name" actually being a subpattern number. We are
5928 in the second pass here, so final_bracount is set. */
5929
5930 else if (recno > 0 && recno <= cd->final_bracount)
5931 {
5932 PUT2(code, 2+LINK_SIZE, recno);
5933 }
5934
5935 /* Either an unidentified subpattern, or a reference to (?(0) */
5936
5937 else
5938 {
5939 *errorcodeptr = (recno == 0)? ERR35: ERR15;
5940 goto FAILED;
5941 }
5942 break;
5943
5944
5945 /* ------------------------------------------------------------ */
5946 case CHAR_EQUALS_SIGN: /* Positive lookahead */
5947 bravalue = OP_ASSERT;
5948 cd->assert_depth += 1;
5949 ptr++;
5950 break;
5951
5952
5953 /* ------------------------------------------------------------ */
5954 case CHAR_EXCLAMATION_MARK: /* Negative lookahead */
5955 ptr++;
5956 if (*ptr == CHAR_RIGHT_PARENTHESIS) /* Optimize (?!) */
5957 {
5958 *code++ = OP_FAIL;
5959 previous = NULL;
5960 continue;
5961 }
5962 bravalue = OP_ASSERT_NOT;
5963 cd->assert_depth += 1;
5964 break;
5965
5966
5967 /* ------------------------------------------------------------ */
5968 case CHAR_LESS_THAN_SIGN: /* Lookbehind or named define */
5969 switch (ptr[1])
5970 {
5971 case CHAR_EQUALS_SIGN: /* Positive lookbehind */
5972 bravalue = OP_ASSERTBACK;
5973 cd->assert_depth += 1;
5974 ptr += 2;
5975 break;
5976
5977 case CHAR_EXCLAMATION_MARK: /* Negative lookbehind */
5978 bravalue = OP_ASSERTBACK_NOT;
5979 cd->assert_depth += 1;
5980 ptr += 2;
5981 break;
5982
5983 default: /* Could be name define, else bad */
5984 if (MAX_255(ptr[1]) && (cd->ctypes[ptr[1]] & ctype_word) != 0)
5985 goto DEFINE_NAME;
5986 ptr++; /* Correct offset for error */
5987 *errorcodeptr = ERR24;
5988 goto FAILED;
5989 }
5990 break;
5991
5992
5993 /* ------------------------------------------------------------ */
5994 case CHAR_GREATER_THAN_SIGN: /* One-time brackets */
5995 bravalue = OP_ONCE;
5996 ptr++;
5997 break;
5998
5999
6000 /* ------------------------------------------------------------ */
6001 case CHAR_C: /* Callout - may be followed by digits; */
6002 previous_callout = code; /* Save for later completion */
6003 after_manual_callout = 1; /* Skip one item before completing */
6004 *code++ = OP_CALLOUT;
6005 {
6006 int n = 0;
6007 ptr++;
6008 while(IS_DIGIT(*ptr))
6009 n = n * 10 + *ptr++ - CHAR_0;
6010 if (*ptr != CHAR_RIGHT_PARENTHESIS)
6011 {
6012 *errorcodeptr = ERR39;
6013 goto FAILED;
6014 }
6015 if (n > 255)
6016 {
6017 *errorcodeptr = ERR38;
6018 goto FAILED;
6019 }
6020 *code++ = n;
6021 PUT(code, 0, (int)(ptr - cd->start_pattern + 1)); /* Pattern offset */
6022 PUT(code, LINK_SIZE, 0); /* Default length */
6023 code += 2 * LINK_SIZE;
6024 }
6025 previous = NULL;
6026 continue;
6027
6028
6029 /* ------------------------------------------------------------ */
6030 case CHAR_P: /* Python-style named subpattern handling */
6031 if (*(++ptr) == CHAR_EQUALS_SIGN ||
6032 *ptr == CHAR_GREATER_THAN_SIGN) /* Reference or recursion */
6033 {
6034 is_recurse = *ptr == CHAR_GREATER_THAN_SIGN;
6035 terminator = CHAR_RIGHT_PARENTHESIS;
6036 goto NAMED_REF_OR_RECURSE;
6037 }
6038 else if (*ptr != CHAR_LESS_THAN_SIGN) /* Test for Python-style defn */
6039 {
6040 *errorcodeptr = ERR41;
6041 goto FAILED;
6042 }
6043 /* Fall through to handle (?P< as (?< is handled */
6044
6045
6046 /* ------------------------------------------------------------ */
6047 DEFINE_NAME: /* Come here from (?< handling */
6048 case CHAR_APOSTROPHE:
6049 {
6050 terminator = (*ptr == CHAR_LESS_THAN_SIGN)?
6051 CHAR_GREATER_THAN_SIGN : CHAR_APOSTROPHE;
6052 name = ++ptr;
6053
6054 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_word) != 0) ptr++;
6055 namelen = (int)(ptr - name);
6056
6057 /* In the pre-compile phase, just do a syntax check. */
6058
6059 if (lengthptr != NULL)
6060 {
6061 if (*ptr != terminator)
6062 {
6063 *errorcodeptr = ERR42;
6064 goto FAILED;
6065 }
6066 if (cd->names_found >= MAX_NAME_COUNT)
6067 {
6068 *errorcodeptr = ERR49;
6069 goto FAILED;
6070 }
6071 if (namelen + IMM2_SIZE + 1 > cd->name_entry_size)
6072 {
6073 cd->name_entry_size = namelen + IMM2_SIZE + 1;
6074 if (namelen > MAX_NAME_SIZE)
6075 {
6076 *errorcodeptr = ERR48;
6077 goto FAILED;
6078 }
6079 }
6080 }
6081
6082 /* In the real compile, create the entry in the table, maintaining
6083 alphabetical order. Duplicate names for different numbers are
6084 permitted only if PCRE_DUPNAMES is set. Duplicate names for the same
6085 number are always OK. (An existing number can be re-used if (?|
6086 appears in the pattern.) In either event, a duplicate name results in
6087 a duplicate entry in the table, even if the number is the same. This
6088 is because the number of names, and hence the table size, is computed
6089 in the pre-compile, and it affects various numbers and pointers which
6090 would all have to be modified, and the compiled code moved down, if
6091 duplicates with the same number were omitted from the table. This
6092 doesn't seem worth the hassle. However, *different* names for the
6093 same number are not permitted. */
6094
6095 else
6096 {
6097 BOOL dupname = FALSE;
6098 slot = cd->name_table;
6099
6100 for (i = 0; i < cd->names_found; i++)
6101 {
6102 int crc = memcmp(name, slot+IMM2_SIZE, IN_UCHARS(namelen));
6103 if (crc == 0)
6104 {
6105 if (slot[IMM2_SIZE+namelen] == 0)
6106 {
6107 if (GET2(slot, 0) != cd->bracount + 1 &&
6108 (options & PCRE_DUPNAMES) == 0)
6109 {
6110 *errorcodeptr = ERR43;
6111 goto FAILED;
6112 }
6113 else dupname = TRUE;
6114 }
6115 else crc = -1; /* Current name is a substring */
6116 }
6117
6118 /* Make space in the table and break the loop for an earlier
6119 name. For a duplicate or later name, carry on. We do this for
6120 duplicates so that in the simple case (when ?(| is not used) they
6121 are in order of their numbers. */
6122
6123 if (crc < 0)
6124 {
6125 memmove(slot + cd->name_entry_size, slot,
6126 IN_UCHARS((cd->names_found - i) * cd->name_entry_size));
6127 break;
6128 }
6129
6130 /* Continue the loop for a later or duplicate name */
6131
6132 slot += cd->name_entry_size;
6133 }
6134
6135 /* For non-duplicate names, check for a duplicate number before
6136 adding the new name. */
6137
6138 if (!dupname)
6139 {
6140 pcre_uchar *cslot = cd->name_table;
6141 for (i = 0; i < cd->names_found; i++)
6142 {
6143 if (cslot != slot)
6144 {
6145 if (GET2(cslot, 0) == cd->bracount + 1)
6146 {
6147 *errorcodeptr = ERR65;
6148 goto FAILED;
6149 }
6150 }
6151 else i--;
6152 cslot += cd->name_entry_size;
6153 }
6154 }
6155
6156 PUT2(slot, 0, cd->bracount + 1);
6157 memcpy(slot + IMM2_SIZE, name, IN_UCHARS(namelen));
6158 slot[IMM2_SIZE + namelen] = 0;
6159 }
6160 }
6161
6162 /* In both pre-compile and compile, count the number of names we've
6163 encountered. */
6164
6165 cd->names_found++;
6166 ptr++; /* Move past > or ' */
6167 goto NUMBERED_GROUP;
6168
6169
6170 /* ------------------------------------------------------------ */
6171 case CHAR_AMPERSAND: /* Perl recursion/subroutine syntax */
6172 terminator = CHAR_RIGHT_PARENTHESIS;
6173 is_recurse = TRUE;
6174 /* Fall through */
6175
6176 /* We come here from the Python syntax above that handles both
6177 references (?P=name) and recursion (?P>name), as well as falling
6178 through from the Perl recursion syntax (?&name). We also come here from
6179 the Perl \k<name> or \k'name' back reference syntax and the \k{name}
6180 .NET syntax, and the Oniguruma \g<...> and \g'...' subroutine syntax. */
6181
6182 NAMED_REF_OR_RECURSE:
6183 name = ++ptr;
6184 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_word) != 0) ptr++;
6185 namelen = (int)(ptr - name);
6186
6187 /* In the pre-compile phase, do a syntax check. We used to just set
6188 a dummy reference number, because it was not used in the first pass.
6189 However, with the change of recursive back references to be atomic,
6190 we have to look for the number so that this state can be identified, as
6191 otherwise the incorrect length is computed. If it's not a backwards
6192 reference, the dummy number will do. */
6193
6194 if (lengthptr != NULL)
6195 {
6196 const pcre_uchar *temp;
6197
6198 if (namelen == 0)
6199 {
6200 *errorcodeptr = ERR62;
6201 goto FAILED;
6202 }
6203 if (*ptr != terminator)
6204 {
6205 *errorcodeptr = ERR42;
6206 goto FAILED;
6207 }
6208 if (namelen > MAX_NAME_SIZE)
6209 {
6210 *errorcodeptr = ERR48;
6211 goto FAILED;
6212 }
6213
6214 /* The name table does not exist in the first pass, so we cannot
6215 do a simple search as in the code below. Instead, we have to scan the
6216 pattern to find the number. It is important that we scan it only as
6217 far as we have got because the syntax of named subpatterns has not
6218 been checked for the rest of the pattern, and find_parens() assumes
6219 correct syntax. In any case, it's a waste of resources to scan
6220 further. We stop the scan at the current point by temporarily
6221 adjusting the value of cd->endpattern. */
6222
6223 temp = cd->end_pattern;
6224 cd->end_pattern = ptr;
6225 recno = find_parens(cd, name, namelen,
6226 (options & PCRE_EXTENDED) != 0, utf);
6227 cd->end_pattern = temp;
6228 if (recno < 0) recno = 0; /* Forward ref; set dummy number */
6229 }
6230
6231 /* In the real compile, seek the name in the table. We check the name
6232 first, and then check that we have reached the end of the name in the
6233 table. That way, if the name that is longer than any in the table,
6234 the comparison will fail without reading beyond the table entry. */
6235
6236 else
6237 {
6238 slot = cd->name_table;
6239 for (i = 0; i < cd->names_found; i++)
6240 {
6241 if (STRNCMP_UC_UC(name, slot+IMM2_SIZE, namelen) == 0 &&
6242 slot[IMM2_SIZE+namelen] == 0)
6243 break;
6244 slot += cd->name_entry_size;
6245 }
6246
6247 if (i < cd->names_found) /* Back reference */
6248 {
6249 recno = GET2(slot, 0);
6250 }
6251 else if ((recno = /* Forward back reference */
6252 find_parens(cd, name, namelen,
6253 (options & PCRE_EXTENDED) != 0, utf)) <= 0)
6254 {
6255 *errorcodeptr = ERR15;
6256 goto FAILED;
6257 }
6258 }
6259
6260 /* In both phases, we can now go to the code than handles numerical
6261 recursion or backreferences. */
6262
6263 if (is_recurse) goto HANDLE_RECURSION;
6264 else goto HANDLE_REFERENCE;
6265
6266
6267 /* ------------------------------------------------------------ */
6268 case CHAR_R: /* Recursion */
6269 ptr++; /* Same as (?0) */
6270 /* Fall through */
6271
6272
6273 /* ------------------------------------------------------------ */
6274 case CHAR_MINUS: case CHAR_PLUS: /* Recursion or subroutine */
6275 case CHAR_0: case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4:
6276 case CHAR_5: case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
6277 {
6278 const pcre_uchar *called;
6279 terminator = CHAR_RIGHT_PARENTHESIS;
6280
6281 /* Come here from the \g<...> and \g'...' code (Oniguruma
6282 compatibility). However, the syntax has been checked to ensure that
6283 the ... are a (signed) number, so that neither ERR63 nor ERR29 will
6284 be called on this path, nor with the jump to OTHER_CHAR_AFTER_QUERY
6285 ever be taken. */
6286
6287 HANDLE_NUMERICAL_RECURSION:
6288
6289 if ((refsign = *ptr) == CHAR_PLUS)
6290 {
6291 ptr++;
6292 if (!IS_DIGIT(*ptr))
6293 {
6294 *errorcodeptr = ERR63;
6295 goto FAILED;
6296 }
6297 }
6298 else if (refsign == CHAR_MINUS)
6299 {
6300 if (!IS_DIGIT(ptr[1]))
6301 goto OTHER_CHAR_AFTER_QUERY;
6302 ptr++;
6303 }
6304
6305 recno = 0;
6306 while(IS_DIGIT(*ptr))
6307 recno = recno * 10 + *ptr++ - CHAR_0;
6308
6309 if (*ptr != terminator)
6310 {
6311 *errorcodeptr = ERR29;
6312 goto FAILED;
6313 }
6314
6315 if (refsign == CHAR_MINUS)
6316 {
6317 if (recno == 0)
6318 {
6319 *errorcodeptr = ERR58;
6320 goto FAILED;
6321 }
6322 recno = cd->bracount - recno + 1;
6323 if (recno <= 0)
6324 {
6325 *errorcodeptr = ERR15;
6326 goto FAILED;
6327 }
6328 }
6329 else if (refsign == CHAR_PLUS)
6330 {
6331 if (recno == 0)
6332 {
6333 *errorcodeptr = ERR58;
6334 goto FAILED;
6335 }
6336 recno += cd->bracount;
6337 }
6338
6339 /* Come here from code above that handles a named recursion */
6340
6341 HANDLE_RECURSION:
6342
6343 previous = code;
6344 called = cd->start_code;
6345
6346 /* When we are actually compiling, find the bracket that is being
6347 referenced. Temporarily end the regex in case it doesn't exist before
6348 this point. If we end up with a forward reference, first check that
6349 the bracket does occur later so we can give the error (and position)
6350 now. Then remember this forward reference in the workspace so it can
6351 be filled in at the end. */
6352
6353 if (lengthptr == NULL)
6354 {
6355 *code = OP_END;
6356 if (recno != 0)
6357 called = PRIV(find_bracket)(cd->start_code, utf, recno);
6358
6359 /* Forward reference */
6360
6361 if (called == NULL)
6362 {
6363 if (find_parens(cd, NULL, recno,
6364 (options & PCRE_EXTENDED) != 0, utf) < 0)
6365 {
6366 *errorcodeptr = ERR15;
6367 goto FAILED;
6368 }
6369
6370 /* Fudge the value of "called" so that when it is inserted as an
6371 offset below, what it actually inserted is the reference number
6372 of the group. Then remember the forward reference. */
6373
6374 called = cd->start_code + recno;
6375 if (cd->hwm >= cd->start_workspace + cd->workspace_size -
6376 WORK_SIZE_SAFETY_MARGIN)
6377 {
6378 *errorcodeptr = expand_workspace(cd);
6379 if (*errorcodeptr != 0) goto FAILED;
6380 }
6381 PUTINC(cd->hwm, 0, (int)(code + 1 - cd->start_code));
6382 }
6383
6384 /* If not a forward reference, and the subpattern is still open,
6385 this is a recursive call. We check to see if this is a left
6386 recursion that could loop for ever, and diagnose that case. We
6387 must not, however, do this check if we are in a conditional
6388 subpattern because the condition might be testing for recursion in
6389 a pattern such as /(?(R)a+|(?R)b)/, which is perfectly valid.
6390 Forever loops are also detected at runtime, so those that occur in
6391 conditional subpatterns will be picked up then. */
6392
6393 else if (GET(called, 1) == 0 && cond_depth <= 0 &&
6394 could_be_empty(called, code, bcptr, utf, cd))
6395 {
6396 *errorcodeptr = ERR40;
6397 goto FAILED;
6398 }
6399 }
6400
6401 /* Insert the recursion/subroutine item. It does not have a set first
6402 character (relevant if it is repeated, because it will then be
6403 wrapped with ONCE brackets). */
6404
6405 *code = OP_RECURSE;
6406 PUT(code, 1, (int)(called - cd->start_code));
6407 code += 1 + LINK_SIZE;
6408 groupsetfirstchar = FALSE;
6409 }
6410
6411 /* Can't determine a first byte now */
6412
6413 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
6414 continue;
6415
6416
6417 /* ------------------------------------------------------------ */
6418 default: /* Other characters: check option setting */
6419 OTHER_CHAR_AFTER_QUERY:
6420 set = unset = 0;
6421 optset = &set;
6422
6423 while (*ptr != CHAR_RIGHT_PARENTHESIS && *ptr != CHAR_COLON)
6424 {
6425 switch (*ptr++)
6426 {
6427 case CHAR_MINUS: optset = &unset; break;
6428
6429 case CHAR_J: /* Record that it changed in the external options */
6430 *optset |= PCRE_DUPNAMES;
6431 cd->external_flags |= PCRE_JCHANGED;
6432 break;
6433
6434 case CHAR_i: *optset |= PCRE_CASELESS; break;
6435 case CHAR_m: *optset |= PCRE_MULTILINE; break;
6436 case CHAR_s: *optset |= PCRE_DOTALL; break;
6437 case CHAR_x: *optset |= PCRE_EXTENDED; break;
6438 case CHAR_U: *optset |= PCRE_UNGREEDY; break;
6439 case CHAR_X: *optset |= PCRE_EXTRA; break;
6440
6441 default: *errorcodeptr = ERR12;
6442 ptr--; /* Correct the offset */
6443 goto FAILED;
6444 }
6445 }
6446
6447 /* Set up the changed option bits, but don't change anything yet. */
6448
6449 newoptions = (options | set) & (~unset);
6450
6451 /* If the options ended with ')' this is not the start of a nested
6452 group with option changes, so the options change at this level. If this
6453 item is right at the start of the pattern, the options can be
6454 abstracted and made external in the pre-compile phase, and ignored in
6455 the compile phase. This can be helpful when matching -- for instance in
6456 caseless checking of required bytes.
6457
6458 If the code pointer is not (cd->start_code + 1 + LINK_SIZE), we are
6459 definitely *not* at the start of the pattern because something has been
6460 compiled. In the pre-compile phase, however, the code pointer can have
6461 that value after the start, because it gets reset as code is discarded
6462 during the pre-compile. However, this can happen only at top level - if
6463 we are within parentheses, the starting BRA will still be present. At
6464 any parenthesis level, the length value can be used to test if anything
6465 has been compiled at that level. Thus, a test for both these conditions
6466 is necessary to ensure we correctly detect the start of the pattern in
6467 both phases.
6468
6469 If we are not at the pattern start, reset the greedy defaults and the
6470 case value for firstchar and reqchar. */
6471
6472 if (*ptr == CHAR_RIGHT_PARENTHESIS)
6473 {
6474 if (code == cd->start_code + 1 + LINK_SIZE &&
6475 (lengthptr == NULL || *lengthptr == 2 + 2*LINK_SIZE))
6476 {
6477 cd->external_options = newoptions;
6478 }
6479 else
6480 {
6481 greedy_default = ((newoptions & PCRE_UNGREEDY) != 0);
6482 greedy_non_default = greedy_default ^ 1;
6483 req_caseopt = ((newoptions & PCRE_CASELESS) != 0)? REQ_CASELESS:0;
6484 }
6485
6486 /* Change options at this level, and pass them back for use
6487 in subsequent branches. */
6488
6489 *optionsptr = options = newoptions;
6490 previous = NULL; /* This item can't be repeated */
6491 continue; /* It is complete */
6492 }
6493
6494 /* If the options ended with ':' we are heading into a nested group
6495 with possible change of options. Such groups are non-capturing and are
6496 not assertions of any kind. All we need to do is skip over the ':';
6497 the newoptions value is handled below. */
6498
6499 bravalue = OP_BRA;
6500 ptr++;
6501 } /* End of switch for character following (? */
6502 } /* End of (? handling */
6503
6504 /* Opening parenthesis not followed by '*' or '?'. If PCRE_NO_AUTO_CAPTURE
6505 is set, all unadorned brackets become non-capturing and behave like (?:...)
6506 brackets. */
6507
6508 else if ((options & PCRE_NO_AUTO_CAPTURE) != 0)
6509 {
6510 bravalue = OP_BRA;
6511 }
6512
6513 /* Else we have a capturing group. */
6514
6515 else
6516 {
6517 NUMBERED_GROUP:
6518 cd->bracount += 1;
6519 PUT2(code, 1+LINK_SIZE, cd->bracount);
6520 skipbytes = IMM2_SIZE;
6521 }
6522
6523 /* Process nested bracketed regex. Assertions used not to be repeatable,
6524 but this was changed for Perl compatibility, so all kinds can now be
6525 repeated. We copy code into a non-register variable (tempcode) in order to
6526 be able to pass its address because some compilers complain otherwise. */
6527
6528 previous = code; /* For handling repetition */
6529 *code = bravalue;
6530 tempcode = code;
6531 tempreqvary = cd->req_varyopt; /* Save value before bracket */
6532 tempbracount = cd->bracount; /* Save value before bracket */
6533 length_prevgroup = 0; /* Initialize for pre-compile phase */
6534
6535 if (!compile_regex(
6536 newoptions, /* The complete new option state */
6537 &tempcode, /* Where to put code (updated) */
6538 &ptr, /* Input pointer (updated) */
6539 errorcodeptr, /* Where to put an error message */
6540 (bravalue == OP_ASSERTBACK ||
6541 bravalue == OP_ASSERTBACK_NOT), /* TRUE if back assert */
6542 reset_bracount, /* True if (?| group */
6543 skipbytes, /* Skip over bracket number */
6544 cond_depth +
6545 ((bravalue == OP_COND)?1:0), /* Depth of condition subpatterns */
6546 &subfirstchar, /* For possible first char */
6547 &subfirstcharflags,
6548 &subreqchar, /* For possible last char */
6549 &subreqcharflags,
6550 bcptr, /* Current branch chain */
6551 cd, /* Tables block */
6552 (lengthptr == NULL)? NULL : /* Actual compile phase */
6553 &length_prevgroup /* Pre-compile phase */
6554 ))
6555 goto FAILED;
6556
6557 /* If this was an atomic group and there are no capturing groups within it,
6558 generate OP_ONCE_NC instead of OP_ONCE. */
6559
6560 if (bravalue == OP_ONCE && cd->bracount <= tempbracount)
6561 *code = OP_ONCE_NC;
6562
6563 if (bravalue >= OP_ASSERT && bravalue <= OP_ASSERTBACK_NOT)
6564 cd->assert_depth -= 1;
6565
6566 /* At the end of compiling, code is still pointing to the start of the
6567 group, while tempcode has been updated to point past the end of the group.
6568 The pattern pointer (ptr) is on the bracket.
6569
6570 If this is a conditional bracket, check that there are no more than
6571 two branches in the group, or just one if it's a DEFINE group. We do this
6572 in the real compile phase, not in the pre-pass, where the whole group may
6573 not be available. */
6574
6575 if (bravalue == OP_COND && lengthptr == NULL)
6576 {
6577 pcre_uchar *tc = code;
6578 int condcount = 0;
6579
6580 do {
6581 condcount++;
6582 tc += GET(tc,1);
6583 }
6584 while (*tc != OP_KET);
6585
6586 /* A DEFINE group is never obeyed inline (the "condition" is always
6587 false). It must have only one branch. */
6588
6589 if (code[LINK_SIZE+1] == OP_DEF)
6590 {
6591 if (condcount > 1)
6592 {
6593 *errorcodeptr = ERR54;
6594 goto FAILED;
6595 }
6596 bravalue = OP_DEF; /* Just a flag to suppress char handling below */
6597 }
6598
6599 /* A "normal" conditional group. If there is just one branch, we must not
6600 make use of its firstchar or reqchar, because this is equivalent to an
6601 empty second branch. */
6602
6603 else
6604 {
6605 if (condcount > 2)
6606 {
6607 *errorcodeptr = ERR27;
6608 goto FAILED;
6609 }
6610 if (condcount == 1) subfirstcharflags = subreqcharflags = REQ_NONE;
6611 }
6612 }
6613
6614 /* Error if hit end of pattern */
6615
6616 if (*ptr != CHAR_RIGHT_PARENTHESIS)
6617 {
6618 *errorcodeptr = ERR14;
6619 goto FAILED;
6620 }
6621
6622 /* In the pre-compile phase, update the length by the length of the group,
6623 less the brackets at either end. Then reduce the compiled code to just a
6624 set of non-capturing brackets so that it doesn't use much memory if it is
6625 duplicated by a quantifier.*/
6626
6627 if (lengthptr != NULL)
6628 {
6629 if (OFLOW_MAX - *lengthptr < length_prevgroup - 2 - 2*LINK_SIZE)
6630 {
6631 *errorcodeptr = ERR20;
6632 goto FAILED;
6633 }
6634 *lengthptr += length_prevgroup - 2 - 2*LINK_SIZE;
6635 code++; /* This already contains bravalue */
6636 PUTINC(code, 0, 1 + LINK_SIZE);
6637 *code++ = OP_KET;
6638 PUTINC(code, 0, 1 + LINK_SIZE);
6639 break; /* No need to waste time with special character handling */
6640 }
6641
6642