/[pcre]/code/trunk/pcre_compile.c
ViewVC logotype

Contents of /code/trunk/pcre_compile.c

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1266 - (show annotations)
Sun Mar 3 11:14:26 2013 UTC (6 years, 9 months ago) by ph10
File MIME type: text/plain
File size: 276420 byte(s)
Allow callout before assertion condition in a conditional group.
1 /*************************************************
2 * Perl-Compatible Regular Expressions *
3 *************************************************/
4
5 /* PCRE is a library of functions to support regular expressions whose syntax
6 and semantics are as close as possible to those of the Perl 5 language.
7
8 Written by Philip Hazel
9 Copyright (c) 1997-2012 University of Cambridge
10
11 -----------------------------------------------------------------------------
12 Redistribution and use in source and binary forms, with or without
13 modification, are permitted provided that the following conditions are met:
14
15 * Redistributions of source code must retain the above copyright notice,
16 this list of conditions and the following disclaimer.
17
18 * Redistributions in binary form must reproduce the above copyright
19 notice, this list of conditions and the following disclaimer in the
20 documentation and/or other materials provided with the distribution.
21
22 * Neither the name of the University of Cambridge nor the names of its
23 contributors may be used to endorse or promote products derived from
24 this software without specific prior written permission.
25
26 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
27 AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
30 LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
31 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
32 SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
33 INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
34 CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
35 ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
36 POSSIBILITY OF SUCH DAMAGE.
37 -----------------------------------------------------------------------------
38 */
39
40
41 /* This module contains the external function pcre_compile(), along with
42 supporting internal functions that are not used by other modules. */
43
44
45 #ifdef HAVE_CONFIG_H
46 #include "config.h"
47 #endif
48
49 #define NLBLOCK cd /* Block containing newline information */
50 #define PSSTART start_pattern /* Field containing processed string start */
51 #define PSEND end_pattern /* Field containing processed string end */
52
53 #include "pcre_internal.h"
54
55
56 /* When PCRE_DEBUG is defined, we need the pcre(16|32)_printint() function, which
57 is also used by pcretest. PCRE_DEBUG is not defined when building a production
58 library. We do not need to select pcre16_printint.c specially, because the
59 COMPILE_PCREx macro will already be appropriately set. */
60
61 #ifdef PCRE_DEBUG
62 /* pcre_printint.c should not include any headers */
63 #define PCRE_INCLUDED
64 #include "pcre_printint.c"
65 #undef PCRE_INCLUDED
66 #endif
67
68
69 /* Macro for setting individual bits in class bitmaps. */
70
71 #define SETBIT(a,b) a[(b)/8] |= (1 << ((b)&7))
72
73 /* Maximum length value to check against when making sure that the integer that
74 holds the compiled pattern length does not overflow. We make it a bit less than
75 INT_MAX to allow for adding in group terminating bytes, so that we don't have
76 to check them every time. */
77
78 #define OFLOW_MAX (INT_MAX - 20)
79
80 /* Definitions to allow mutual recursion */
81
82 static int
83 add_list_to_class(pcre_uint8 *, pcre_uchar **, int, compile_data *,
84 const pcre_uint32 *, unsigned int);
85
86 static BOOL
87 compile_regex(int, pcre_uchar **, const pcre_uchar **, int *, BOOL, BOOL, int, int,
88 pcre_uint32 *, pcre_int32 *, pcre_uint32 *, pcre_int32 *, branch_chain *,
89 compile_data *, int *);
90
91
92
93 /*************************************************
94 * Code parameters and static tables *
95 *************************************************/
96
97 /* This value specifies the size of stack workspace that is used during the
98 first pre-compile phase that determines how much memory is required. The regex
99 is partly compiled into this space, but the compiled parts are discarded as
100 soon as they can be, so that hopefully there will never be an overrun. The code
101 does, however, check for an overrun. The largest amount I've seen used is 218,
102 so this number is very generous.
103
104 The same workspace is used during the second, actual compile phase for
105 remembering forward references to groups so that they can be filled in at the
106 end. Each entry in this list occupies LINK_SIZE bytes, so even when LINK_SIZE
107 is 4 there is plenty of room for most patterns. However, the memory can get
108 filled up by repetitions of forward references, for example patterns like
109 /(?1){0,1999}(b)/, and one user did hit the limit. The code has been changed so
110 that the workspace is expanded using malloc() in this situation. The value
111 below is therefore a minimum, and we put a maximum on it for safety. The
112 minimum is now also defined in terms of LINK_SIZE so that the use of malloc()
113 kicks in at the same number of forward references in all cases. */
114
115 #define COMPILE_WORK_SIZE (2048*LINK_SIZE)
116 #define COMPILE_WORK_SIZE_MAX (100*COMPILE_WORK_SIZE)
117
118 /* The overrun tests check for a slightly smaller size so that they detect the
119 overrun before it actually does run off the end of the data block. */
120
121 #define WORK_SIZE_SAFETY_MARGIN (100)
122
123 /* Private flags added to firstchar and reqchar. */
124
125 #define REQ_CASELESS (1 << 0) /* Indicates caselessness */
126 #define REQ_VARY (1 << 1) /* Reqchar followed non-literal item */
127 /* Negative values for the firstchar and reqchar flags */
128 #define REQ_UNSET (-2)
129 #define REQ_NONE (-1)
130
131 /* Repeated character flags. */
132
133 #define UTF_LENGTH 0x10000000l /* The char contains its length. */
134
135 /* Table for handling escaped characters in the range '0'-'z'. Positive returns
136 are simple data values; negative values are for special things like \d and so
137 on. Zero means further processing is needed (for things like \x), or the escape
138 is invalid. */
139
140 #ifndef EBCDIC
141
142 /* This is the "normal" table for ASCII systems or for EBCDIC systems running
143 in UTF-8 mode. */
144
145 static const short int escapes[] = {
146 0, 0,
147 0, 0,
148 0, 0,
149 0, 0,
150 0, 0,
151 CHAR_COLON, CHAR_SEMICOLON,
152 CHAR_LESS_THAN_SIGN, CHAR_EQUALS_SIGN,
153 CHAR_GREATER_THAN_SIGN, CHAR_QUESTION_MARK,
154 CHAR_COMMERCIAL_AT, -ESC_A,
155 -ESC_B, -ESC_C,
156 -ESC_D, -ESC_E,
157 0, -ESC_G,
158 -ESC_H, 0,
159 0, -ESC_K,
160 0, 0,
161 -ESC_N, 0,
162 -ESC_P, -ESC_Q,
163 -ESC_R, -ESC_S,
164 0, 0,
165 -ESC_V, -ESC_W,
166 -ESC_X, 0,
167 -ESC_Z, CHAR_LEFT_SQUARE_BRACKET,
168 CHAR_BACKSLASH, CHAR_RIGHT_SQUARE_BRACKET,
169 CHAR_CIRCUMFLEX_ACCENT, CHAR_UNDERSCORE,
170 CHAR_GRAVE_ACCENT, 7,
171 -ESC_b, 0,
172 -ESC_d, ESC_e,
173 ESC_f, 0,
174 -ESC_h, 0,
175 0, -ESC_k,
176 0, 0,
177 ESC_n, 0,
178 -ESC_p, 0,
179 ESC_r, -ESC_s,
180 ESC_tee, 0,
181 -ESC_v, -ESC_w,
182 0, 0,
183 -ESC_z
184 };
185
186 #else
187
188 /* This is the "abnormal" table for EBCDIC systems without UTF-8 support. */
189
190 static const short int escapes[] = {
191 /* 48 */ 0, 0, 0, '.', '<', '(', '+', '|',
192 /* 50 */ '&', 0, 0, 0, 0, 0, 0, 0,
193 /* 58 */ 0, 0, '!', '$', '*', ')', ';', '~',
194 /* 60 */ '-', '/', 0, 0, 0, 0, 0, 0,
195 /* 68 */ 0, 0, '|', ',', '%', '_', '>', '?',
196 /* 70 */ 0, 0, 0, 0, 0, 0, 0, 0,
197 /* 78 */ 0, '`', ':', '#', '@', '\'', '=', '"',
198 /* 80 */ 0, 7, -ESC_b, 0, -ESC_d, ESC_e, ESC_f, 0,
199 /* 88 */-ESC_h, 0, 0, '{', 0, 0, 0, 0,
200 /* 90 */ 0, 0, -ESC_k, 'l', 0, ESC_n, 0, -ESC_p,
201 /* 98 */ 0, ESC_r, 0, '}', 0, 0, 0, 0,
202 /* A0 */ 0, '~', -ESC_s, ESC_tee, 0,-ESC_v, -ESC_w, 0,
203 /* A8 */ 0,-ESC_z, 0, 0, 0, '[', 0, 0,
204 /* B0 */ 0, 0, 0, 0, 0, 0, 0, 0,
205 /* B8 */ 0, 0, 0, 0, 0, ']', '=', '-',
206 /* C0 */ '{',-ESC_A, -ESC_B, -ESC_C, -ESC_D,-ESC_E, 0, -ESC_G,
207 /* C8 */-ESC_H, 0, 0, 0, 0, 0, 0, 0,
208 /* D0 */ '}', 0, -ESC_K, 0, 0,-ESC_N, 0, -ESC_P,
209 /* D8 */-ESC_Q,-ESC_R, 0, 0, 0, 0, 0, 0,
210 /* E0 */ '\\', 0, -ESC_S, 0, 0,-ESC_V, -ESC_W, -ESC_X,
211 /* E8 */ 0,-ESC_Z, 0, 0, 0, 0, 0, 0,
212 /* F0 */ 0, 0, 0, 0, 0, 0, 0, 0,
213 /* F8 */ 0, 0, 0, 0, 0, 0, 0, 0
214 };
215 #endif
216
217
218 /* Table of special "verbs" like (*PRUNE). This is a short table, so it is
219 searched linearly. Put all the names into a single string, in order to reduce
220 the number of relocations when a shared library is dynamically linked. The
221 string is built from string macros so that it works in UTF-8 mode on EBCDIC
222 platforms. */
223
224 typedef struct verbitem {
225 int len; /* Length of verb name */
226 int op; /* Op when no arg, or -1 if arg mandatory */
227 int op_arg; /* Op when arg present, or -1 if not allowed */
228 } verbitem;
229
230 static const char verbnames[] =
231 "\0" /* Empty name is a shorthand for MARK */
232 STRING_MARK0
233 STRING_ACCEPT0
234 STRING_COMMIT0
235 STRING_F0
236 STRING_FAIL0
237 STRING_PRUNE0
238 STRING_SKIP0
239 STRING_THEN;
240
241 static const verbitem verbs[] = {
242 { 0, -1, OP_MARK },
243 { 4, -1, OP_MARK },
244 { 6, OP_ACCEPT, -1 },
245 { 6, OP_COMMIT, -1 },
246 { 1, OP_FAIL, -1 },
247 { 4, OP_FAIL, -1 },
248 { 5, OP_PRUNE, OP_PRUNE_ARG },
249 { 4, OP_SKIP, OP_SKIP_ARG },
250 { 4, OP_THEN, OP_THEN_ARG }
251 };
252
253 static const int verbcount = sizeof(verbs)/sizeof(verbitem);
254
255
256 /* Tables of names of POSIX character classes and their lengths. The names are
257 now all in a single string, to reduce the number of relocations when a shared
258 library is dynamically loaded. The list of lengths is terminated by a zero
259 length entry. The first three must be alpha, lower, upper, as this is assumed
260 for handling case independence. */
261
262 static const char posix_names[] =
263 STRING_alpha0 STRING_lower0 STRING_upper0 STRING_alnum0
264 STRING_ascii0 STRING_blank0 STRING_cntrl0 STRING_digit0
265 STRING_graph0 STRING_print0 STRING_punct0 STRING_space0
266 STRING_word0 STRING_xdigit;
267
268 static const pcre_uint8 posix_name_lengths[] = {
269 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };
270
271 /* Table of class bit maps for each POSIX class. Each class is formed from a
272 base map, with an optional addition or removal of another map. Then, for some
273 classes, there is some additional tweaking: for [:blank:] the vertical space
274 characters are removed, and for [:alpha:] and [:alnum:] the underscore
275 character is removed. The triples in the table consist of the base map offset,
276 second map offset or -1 if no second map, and a non-negative value for map
277 addition or a negative value for map subtraction (if there are two maps). The
278 absolute value of the third field has these meanings: 0 => no tweaking, 1 =>
279 remove vertical space characters, 2 => remove underscore. */
280
281 static const int posix_class_maps[] = {
282 cbit_word, cbit_digit, -2, /* alpha */
283 cbit_lower, -1, 0, /* lower */
284 cbit_upper, -1, 0, /* upper */
285 cbit_word, -1, 2, /* alnum - word without underscore */
286 cbit_print, cbit_cntrl, 0, /* ascii */
287 cbit_space, -1, 1, /* blank - a GNU extension */
288 cbit_cntrl, -1, 0, /* cntrl */
289 cbit_digit, -1, 0, /* digit */
290 cbit_graph, -1, 0, /* graph */
291 cbit_print, -1, 0, /* print */
292 cbit_punct, -1, 0, /* punct */
293 cbit_space, -1, 0, /* space */
294 cbit_word, -1, 0, /* word - a Perl extension */
295 cbit_xdigit,-1, 0 /* xdigit */
296 };
297
298 /* Table of substitutes for \d etc when PCRE_UCP is set. The POSIX class
299 substitutes must be in the order of the names, defined above, and there are
300 both positive and negative cases. NULL means no substitute. */
301
302 #ifdef SUPPORT_UCP
303 static const pcre_uchar string_PNd[] = {
304 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
305 CHAR_N, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
306 static const pcre_uchar string_pNd[] = {
307 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
308 CHAR_N, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
309 static const pcre_uchar string_PXsp[] = {
310 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
311 CHAR_X, CHAR_s, CHAR_p, CHAR_RIGHT_CURLY_BRACKET, '\0' };
312 static const pcre_uchar string_pXsp[] = {
313 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
314 CHAR_X, CHAR_s, CHAR_p, CHAR_RIGHT_CURLY_BRACKET, '\0' };
315 static const pcre_uchar string_PXwd[] = {
316 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
317 CHAR_X, CHAR_w, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
318 static const pcre_uchar string_pXwd[] = {
319 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
320 CHAR_X, CHAR_w, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
321
322 static const pcre_uchar *substitutes[] = {
323 string_PNd, /* \D */
324 string_pNd, /* \d */
325 string_PXsp, /* \S */ /* NOTE: Xsp is Perl space */
326 string_pXsp, /* \s */
327 string_PXwd, /* \W */
328 string_pXwd /* \w */
329 };
330
331 static const pcre_uchar string_pL[] = {
332 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
333 CHAR_L, CHAR_RIGHT_CURLY_BRACKET, '\0' };
334 static const pcre_uchar string_pLl[] = {
335 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
336 CHAR_L, CHAR_l, CHAR_RIGHT_CURLY_BRACKET, '\0' };
337 static const pcre_uchar string_pLu[] = {
338 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
339 CHAR_L, CHAR_u, CHAR_RIGHT_CURLY_BRACKET, '\0' };
340 static const pcre_uchar string_pXan[] = {
341 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
342 CHAR_X, CHAR_a, CHAR_n, CHAR_RIGHT_CURLY_BRACKET, '\0' };
343 static const pcre_uchar string_h[] = {
344 CHAR_BACKSLASH, CHAR_h, '\0' };
345 static const pcre_uchar string_pXps[] = {
346 CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
347 CHAR_X, CHAR_p, CHAR_s, CHAR_RIGHT_CURLY_BRACKET, '\0' };
348 static const pcre_uchar string_PL[] = {
349 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
350 CHAR_L, CHAR_RIGHT_CURLY_BRACKET, '\0' };
351 static const pcre_uchar string_PLl[] = {
352 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
353 CHAR_L, CHAR_l, CHAR_RIGHT_CURLY_BRACKET, '\0' };
354 static const pcre_uchar string_PLu[] = {
355 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
356 CHAR_L, CHAR_u, CHAR_RIGHT_CURLY_BRACKET, '\0' };
357 static const pcre_uchar string_PXan[] = {
358 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
359 CHAR_X, CHAR_a, CHAR_n, CHAR_RIGHT_CURLY_BRACKET, '\0' };
360 static const pcre_uchar string_H[] = {
361 CHAR_BACKSLASH, CHAR_H, '\0' };
362 static const pcre_uchar string_PXps[] = {
363 CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
364 CHAR_X, CHAR_p, CHAR_s, CHAR_RIGHT_CURLY_BRACKET, '\0' };
365
366 static const pcre_uchar *posix_substitutes[] = {
367 string_pL, /* alpha */
368 string_pLl, /* lower */
369 string_pLu, /* upper */
370 string_pXan, /* alnum */
371 NULL, /* ascii */
372 string_h, /* blank */
373 NULL, /* cntrl */
374 string_pNd, /* digit */
375 NULL, /* graph */
376 NULL, /* print */
377 NULL, /* punct */
378 string_pXps, /* space */ /* NOTE: Xps is POSIX space */
379 string_pXwd, /* word */
380 NULL, /* xdigit */
381 /* Negated cases */
382 string_PL, /* ^alpha */
383 string_PLl, /* ^lower */
384 string_PLu, /* ^upper */
385 string_PXan, /* ^alnum */
386 NULL, /* ^ascii */
387 string_H, /* ^blank */
388 NULL, /* ^cntrl */
389 string_PNd, /* ^digit */
390 NULL, /* ^graph */
391 NULL, /* ^print */
392 NULL, /* ^punct */
393 string_PXps, /* ^space */ /* NOTE: Xps is POSIX space */
394 string_PXwd, /* ^word */
395 NULL /* ^xdigit */
396 };
397 #define POSIX_SUBSIZE (sizeof(posix_substitutes) / sizeof(pcre_uchar *))
398 #endif
399
400 #define STRING(a) # a
401 #define XSTRING(s) STRING(s)
402
403 /* The texts of compile-time error messages. These are "char *" because they
404 are passed to the outside world. Do not ever re-use any error number, because
405 they are documented. Always add a new error instead. Messages marked DEAD below
406 are no longer used. This used to be a table of strings, but in order to reduce
407 the number of relocations needed when a shared library is loaded dynamically,
408 it is now one long string. We cannot use a table of offsets, because the
409 lengths of inserts such as XSTRING(MAX_NAME_SIZE) are not known. Instead, we
410 simply count through to the one we want - this isn't a performance issue
411 because these strings are used only when there is a compilation error.
412
413 Each substring ends with \0 to insert a null character. This includes the final
414 substring, so that the whole string ends with \0\0, which can be detected when
415 counting through. */
416
417 static const char error_texts[] =
418 "no error\0"
419 "\\ at end of pattern\0"
420 "\\c at end of pattern\0"
421 "unrecognized character follows \\\0"
422 "numbers out of order in {} quantifier\0"
423 /* 5 */
424 "number too big in {} quantifier\0"
425 "missing terminating ] for character class\0"
426 "invalid escape sequence in character class\0"
427 "range out of order in character class\0"
428 "nothing to repeat\0"
429 /* 10 */
430 "operand of unlimited repeat could match the empty string\0" /** DEAD **/
431 "internal error: unexpected repeat\0"
432 "unrecognized character after (? or (?-\0"
433 "POSIX named classes are supported only within a class\0"
434 "missing )\0"
435 /* 15 */
436 "reference to non-existent subpattern\0"
437 "erroffset passed as NULL\0"
438 "unknown option bit(s) set\0"
439 "missing ) after comment\0"
440 "parentheses nested too deeply\0" /** DEAD **/
441 /* 20 */
442 "regular expression is too large\0"
443 "failed to get memory\0"
444 "unmatched parentheses\0"
445 "internal error: code overflow\0"
446 "unrecognized character after (?<\0"
447 /* 25 */
448 "lookbehind assertion is not fixed length\0"
449 "malformed number or name after (?(\0"
450 "conditional group contains more than two branches\0"
451 "assertion expected after (?(\0"
452 "(?R or (?[+-]digits must be followed by )\0"
453 /* 30 */
454 "unknown POSIX class name\0"
455 "POSIX collating elements are not supported\0"
456 "this version of PCRE is compiled without UTF support\0"
457 "spare error\0" /** DEAD **/
458 "character value in \\x{...} sequence is too large\0"
459 /* 35 */
460 "invalid condition (?(0)\0"
461 "\\C not allowed in lookbehind assertion\0"
462 "PCRE does not support \\L, \\l, \\N{name}, \\U, or \\u\0"
463 "number after (?C is > 255\0"
464 "closing ) for (?C expected\0"
465 /* 40 */
466 "recursive call could loop indefinitely\0"
467 "unrecognized character after (?P\0"
468 "syntax error in subpattern name (missing terminator)\0"
469 "two named subpatterns have the same name\0"
470 "invalid UTF-8 string\0"
471 /* 45 */
472 "support for \\P, \\p, and \\X has not been compiled\0"
473 "malformed \\P or \\p sequence\0"
474 "unknown property name after \\P or \\p\0"
475 "subpattern name is too long (maximum " XSTRING(MAX_NAME_SIZE) " characters)\0"
476 "too many named subpatterns (maximum " XSTRING(MAX_NAME_COUNT) ")\0"
477 /* 50 */
478 "repeated subpattern is too long\0" /** DEAD **/
479 "octal value is greater than \\377 in 8-bit non-UTF-8 mode\0"
480 "internal error: overran compiling workspace\0"
481 "internal error: previously-checked referenced subpattern not found\0"
482 "DEFINE group contains more than one branch\0"
483 /* 55 */
484 "repeating a DEFINE group is not allowed\0" /** DEAD **/
485 "inconsistent NEWLINE options\0"
486 "\\g is not followed by a braced, angle-bracketed, or quoted name/number or by a plain number\0"
487 "a numbered reference must not be zero\0"
488 "an argument is not allowed for (*ACCEPT), (*FAIL), or (*COMMIT)\0"
489 /* 60 */
490 "(*VERB) not recognized\0"
491 "number is too big\0"
492 "subpattern name expected\0"
493 "digit expected after (?+\0"
494 "] is an invalid data character in JavaScript compatibility mode\0"
495 /* 65 */
496 "different names for subpatterns of the same number are not allowed\0"
497 "(*MARK) must have an argument\0"
498 "this version of PCRE is not compiled with Unicode property support\0"
499 "\\c must be followed by an ASCII character\0"
500 "\\k is not followed by a braced, angle-bracketed, or quoted name\0"
501 /* 70 */
502 "internal error: unknown opcode in find_fixedlength()\0"
503 "\\N is not supported in a class\0"
504 "too many forward references\0"
505 "disallowed Unicode code point (>= 0xd800 && <= 0xdfff)\0"
506 "invalid UTF-16 string\0"
507 /* 75 */
508 "name is too long in (*MARK), (*PRUNE), (*SKIP), or (*THEN)\0"
509 "character value in \\u.... sequence is too large\0"
510 "invalid UTF-32 string\0"
511 ;
512
513 /* Table to identify digits and hex digits. This is used when compiling
514 patterns. Note that the tables in chartables are dependent on the locale, and
515 may mark arbitrary characters as digits - but the PCRE compiling code expects
516 to handle only 0-9, a-z, and A-Z as digits when compiling. That is why we have
517 a private table here. It costs 256 bytes, but it is a lot faster than doing
518 character value tests (at least in some simple cases I timed), and in some
519 applications one wants PCRE to compile efficiently as well as match
520 efficiently.
521
522 For convenience, we use the same bit definitions as in chartables:
523
524 0x04 decimal digit
525 0x08 hexadecimal digit
526
527 Then we can use ctype_digit and ctype_xdigit in the code. */
528
529 /* Using a simple comparison for decimal numbers rather than a memory read
530 is much faster, and the resulting code is simpler (the compiler turns it
531 into a subtraction and unsigned comparison). */
532
533 #define IS_DIGIT(x) ((x) >= CHAR_0 && (x) <= CHAR_9)
534
535 #ifndef EBCDIC
536
537 /* This is the "normal" case, for ASCII systems, and EBCDIC systems running in
538 UTF-8 mode. */
539
540 static const pcre_uint8 digitab[] =
541 {
542 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 0- 7 */
543 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 8- 15 */
544 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 16- 23 */
545 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */
546 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - ' */
547 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ( - / */
548 0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c, /* 0 - 7 */
549 0x0c,0x0c,0x00,0x00,0x00,0x00,0x00,0x00, /* 8 - ? */
550 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* @ - G */
551 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* H - O */
552 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* P - W */
553 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* X - _ */
554 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* ` - g */
555 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* h - o */
556 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* p - w */
557 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* x -127 */
558 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 128-135 */
559 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 136-143 */
560 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 144-151 */
561 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 152-159 */
562 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 160-167 */
563 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 168-175 */
564 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 176-183 */
565 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
566 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 192-199 */
567 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 200-207 */
568 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 208-215 */
569 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 216-223 */
570 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 224-231 */
571 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 232-239 */
572 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 240-247 */
573 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};/* 248-255 */
574
575 #else
576
577 /* This is the "abnormal" case, for EBCDIC systems not running in UTF-8 mode. */
578
579 static const pcre_uint8 digitab[] =
580 {
581 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 0- 7 0 */
582 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 8- 15 */
583 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 16- 23 10 */
584 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */
585 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 32- 39 20 */
586 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 40- 47 */
587 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 48- 55 30 */
588 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 56- 63 */
589 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - 71 40 */
590 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 72- | */
591 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* & - 87 50 */
592 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 88- 95 */
593 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - -103 60 */
594 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 104- ? */
595 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 70 */
596 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 120- " */
597 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* 128- g 80 */
598 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* h -143 */
599 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 144- p 90 */
600 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* q -159 */
601 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 160- x A0 */
602 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* y -175 */
603 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ^ -183 B0 */
604 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
605 0x00,0x08,0x08,0x08,0x08,0x08,0x08,0x00, /* { - G C0 */
606 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* H -207 */
607 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* } - P D0 */
608 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* Q -223 */
609 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* \ - X E0 */
610 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* Y -239 */
611 0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c, /* 0 - 7 F0 */
612 0x0c,0x0c,0x00,0x00,0x00,0x00,0x00,0x00};/* 8 -255 */
613
614 static const pcre_uint8 ebcdic_chartab[] = { /* chartable partial dup */
615 0x80,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /* 0- 7 */
616 0x00,0x00,0x00,0x00,0x01,0x01,0x00,0x00, /* 8- 15 */
617 0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /* 16- 23 */
618 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */
619 0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /* 32- 39 */
620 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 40- 47 */
621 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 48- 55 */
622 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 56- 63 */
623 0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - 71 */
624 0x00,0x00,0x00,0x80,0x00,0x80,0x80,0x80, /* 72- | */
625 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* & - 87 */
626 0x00,0x00,0x00,0x80,0x80,0x80,0x00,0x00, /* 88- 95 */
627 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - -103 */
628 0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x80, /* 104- ? */
629 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 */
630 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 120- " */
631 0x00,0x1a,0x1a,0x1a,0x1a,0x1a,0x1a,0x12, /* 128- g */
632 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* h -143 */
633 0x00,0x12,0x12,0x12,0x12,0x12,0x12,0x12, /* 144- p */
634 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* q -159 */
635 0x00,0x00,0x12,0x12,0x12,0x12,0x12,0x12, /* 160- x */
636 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* y -175 */
637 0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ^ -183 */
638 0x00,0x00,0x80,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
639 0x80,0x1a,0x1a,0x1a,0x1a,0x1a,0x1a,0x12, /* { - G */
640 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* H -207 */
641 0x00,0x12,0x12,0x12,0x12,0x12,0x12,0x12, /* } - P */
642 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* Q -223 */
643 0x00,0x00,0x12,0x12,0x12,0x12,0x12,0x12, /* \ - X */
644 0x12,0x12,0x00,0x00,0x00,0x00,0x00,0x00, /* Y -239 */
645 0x1c,0x1c,0x1c,0x1c,0x1c,0x1c,0x1c,0x1c, /* 0 - 7 */
646 0x1c,0x1c,0x00,0x00,0x00,0x00,0x00,0x00};/* 8 -255 */
647 #endif
648
649
650
651 /*************************************************
652 * Find an error text *
653 *************************************************/
654
655 /* The error texts are now all in one long string, to save on relocations. As
656 some of the text is of unknown length, we can't use a table of offsets.
657 Instead, just count through the strings. This is not a performance issue
658 because it happens only when there has been a compilation error.
659
660 Argument: the error number
661 Returns: pointer to the error string
662 */
663
664 static const char *
665 find_error_text(int n)
666 {
667 const char *s = error_texts;
668 for (; n > 0; n--)
669 {
670 while (*s++ != CHAR_NULL) {};
671 if (*s == CHAR_NULL) return "Error text not found (please report)";
672 }
673 return s;
674 }
675
676
677 /*************************************************
678 * Expand the workspace *
679 *************************************************/
680
681 /* This function is called during the second compiling phase, if the number of
682 forward references fills the existing workspace, which is originally a block on
683 the stack. A larger block is obtained from malloc() unless the ultimate limit
684 has been reached or the increase will be rather small.
685
686 Argument: pointer to the compile data block
687 Returns: 0 if all went well, else an error number
688 */
689
690 static int
691 expand_workspace(compile_data *cd)
692 {
693 pcre_uchar *newspace;
694 int newsize = cd->workspace_size * 2;
695
696 if (newsize > COMPILE_WORK_SIZE_MAX) newsize = COMPILE_WORK_SIZE_MAX;
697 if (cd->workspace_size >= COMPILE_WORK_SIZE_MAX ||
698 newsize - cd->workspace_size < WORK_SIZE_SAFETY_MARGIN)
699 return ERR72;
700
701 newspace = (PUBL(malloc))(IN_UCHARS(newsize));
702 if (newspace == NULL) return ERR21;
703 memcpy(newspace, cd->start_workspace, cd->workspace_size * sizeof(pcre_uchar));
704 cd->hwm = (pcre_uchar *)newspace + (cd->hwm - cd->start_workspace);
705 if (cd->workspace_size > COMPILE_WORK_SIZE)
706 (PUBL(free))((void *)cd->start_workspace);
707 cd->start_workspace = newspace;
708 cd->workspace_size = newsize;
709 return 0;
710 }
711
712
713
714 /*************************************************
715 * Check for counted repeat *
716 *************************************************/
717
718 /* This function is called when a '{' is encountered in a place where it might
719 start a quantifier. It looks ahead to see if it really is a quantifier or not.
720 It is only a quantifier if it is one of the forms {ddd} {ddd,} or {ddd,ddd}
721 where the ddds are digits.
722
723 Arguments:
724 p pointer to the first char after '{'
725
726 Returns: TRUE or FALSE
727 */
728
729 static BOOL
730 is_counted_repeat(const pcre_uchar *p)
731 {
732 if (!IS_DIGIT(*p)) return FALSE;
733 p++;
734 while (IS_DIGIT(*p)) p++;
735 if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
736
737 if (*p++ != CHAR_COMMA) return FALSE;
738 if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
739
740 if (!IS_DIGIT(*p)) return FALSE;
741 p++;
742 while (IS_DIGIT(*p)) p++;
743
744 return (*p == CHAR_RIGHT_CURLY_BRACKET);
745 }
746
747
748
749 /*************************************************
750 * Handle escapes *
751 *************************************************/
752
753 /* This function is called when a \ has been encountered. It either returns a
754 positive value for a simple escape such as \n, or 0 for a data character
755 which will be placed in chptr. A backreference to group n is returned as
756 negative n. When UTF-8 is enabled, a positive value greater than 255 may
757 be returned in chptr.
758 On entry,ptr is pointing at the \. On exit, it is on the final character of the
759 escape sequence.
760
761 Arguments:
762 ptrptr points to the pattern position pointer
763 chptr points to the data character
764 errorcodeptr points to the errorcode variable
765 bracount number of previous extracting brackets
766 options the options bits
767 isclass TRUE if inside a character class
768
769 Returns: zero => a data character
770 positive => a special escape sequence
771 negative => a back reference
772 on error, errorcodeptr is set
773 */
774
775 static int
776 check_escape(const pcre_uchar **ptrptr, pcre_uint32 *chptr, int *errorcodeptr,
777 int bracount, int options, BOOL isclass)
778 {
779 /* PCRE_UTF16 has the same value as PCRE_UTF8. */
780 BOOL utf = (options & PCRE_UTF8) != 0;
781 const pcre_uchar *ptr = *ptrptr + 1;
782 pcre_uint32 c;
783 int escape = 0;
784 int i;
785
786 GETCHARINCTEST(c, ptr); /* Get character value, increment pointer */
787 ptr--; /* Set pointer back to the last byte */
788
789 /* If backslash is at the end of the pattern, it's an error. */
790
791 if (c == CHAR_NULL) *errorcodeptr = ERR1;
792
793 /* Non-alphanumerics are literals. For digits or letters, do an initial lookup
794 in a table. A non-zero result is something that can be returned immediately.
795 Otherwise further processing may be required. */
796
797 #ifndef EBCDIC /* ASCII/UTF-8 coding */
798 /* Not alphanumeric */
799 else if (c < CHAR_0 || c > CHAR_z) {}
800 else if ((i = escapes[c - CHAR_0]) != 0)
801 { if (i > 0) c = (pcre_uint32)i; else escape = -i; }
802
803 #else /* EBCDIC coding */
804 /* Not alphanumeric */
805 else if (c < CHAR_a || (!MAX_255(c) || (ebcdic_chartab[c] & 0x0E) == 0)) {}
806 else if ((i = escapes[c - 0x48]) != 0) { if (i > 0) c = (pcre_uint32)i; else escape = -i; }
807 #endif
808
809 /* Escapes that need further processing, or are illegal. */
810
811 else
812 {
813 const pcre_uchar *oldptr;
814 BOOL braced, negated, overflow;
815 int s;
816
817 switch (c)
818 {
819 /* A number of Perl escapes are not handled by PCRE. We give an explicit
820 error. */
821
822 case CHAR_l:
823 case CHAR_L:
824 *errorcodeptr = ERR37;
825 break;
826
827 case CHAR_u:
828 if ((options & PCRE_JAVASCRIPT_COMPAT) != 0)
829 {
830 /* In JavaScript, \u must be followed by four hexadecimal numbers.
831 Otherwise it is a lowercase u letter. */
832 if (MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0
833 && MAX_255(ptr[2]) && (digitab[ptr[2]] & ctype_xdigit) != 0
834 && MAX_255(ptr[3]) && (digitab[ptr[3]] & ctype_xdigit) != 0
835 && MAX_255(ptr[4]) && (digitab[ptr[4]] & ctype_xdigit) != 0)
836 {
837 c = 0;
838 for (i = 0; i < 4; ++i)
839 {
840 register pcre_uint32 cc = *(++ptr);
841 #ifndef EBCDIC /* ASCII/UTF-8 coding */
842 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
843 c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
844 #else /* EBCDIC coding */
845 if (cc >= CHAR_a && cc <= CHAR_z) cc += 64; /* Convert to upper case */
846 c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
847 #endif
848 }
849
850 #if defined COMPILE_PCRE8
851 if (c > (utf ? 0x10ffffU : 0xffU))
852 #elif defined COMPILE_PCRE16
853 if (c > (utf ? 0x10ffffU : 0xffffU))
854 #elif defined COMPILE_PCRE32
855 if (utf && c > 0x10ffffU)
856 #endif
857 {
858 *errorcodeptr = ERR76;
859 }
860 else if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;
861 }
862 }
863 else
864 *errorcodeptr = ERR37;
865 break;
866
867 case CHAR_U:
868 /* In JavaScript, \U is an uppercase U letter. */
869 if ((options & PCRE_JAVASCRIPT_COMPAT) == 0) *errorcodeptr = ERR37;
870 break;
871
872 /* In a character class, \g is just a literal "g". Outside a character
873 class, \g must be followed by one of a number of specific things:
874
875 (1) A number, either plain or braced. If positive, it is an absolute
876 backreference. If negative, it is a relative backreference. This is a Perl
877 5.10 feature.
878
879 (2) Perl 5.10 also supports \g{name} as a reference to a named group. This
880 is part of Perl's movement towards a unified syntax for back references. As
881 this is synonymous with \k{name}, we fudge it up by pretending it really
882 was \k.
883
884 (3) For Oniguruma compatibility we also support \g followed by a name or a
885 number either in angle brackets or in single quotes. However, these are
886 (possibly recursive) subroutine calls, _not_ backreferences. Just return
887 the ESC_g code (cf \k). */
888
889 case CHAR_g:
890 if (isclass) break;
891 if (ptr[1] == CHAR_LESS_THAN_SIGN || ptr[1] == CHAR_APOSTROPHE)
892 {
893 escape = ESC_g;
894 break;
895 }
896
897 /* Handle the Perl-compatible cases */
898
899 if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
900 {
901 const pcre_uchar *p;
902 for (p = ptr+2; *p != CHAR_NULL && *p != CHAR_RIGHT_CURLY_BRACKET; p++)
903 if (*p != CHAR_MINUS && !IS_DIGIT(*p)) break;
904 if (*p != CHAR_NULL && *p != CHAR_RIGHT_CURLY_BRACKET)
905 {
906 escape = ESC_k;
907 break;
908 }
909 braced = TRUE;
910 ptr++;
911 }
912 else braced = FALSE;
913
914 if (ptr[1] == CHAR_MINUS)
915 {
916 negated = TRUE;
917 ptr++;
918 }
919 else negated = FALSE;
920
921 /* The integer range is limited by the machine's int representation. */
922 s = 0;
923 overflow = FALSE;
924 while (IS_DIGIT(ptr[1]))
925 {
926 if (s > INT_MAX / 10 - 1) /* Integer overflow */
927 {
928 overflow = TRUE;
929 break;
930 }
931 s = s * 10 + (int)(*(++ptr) - CHAR_0);
932 }
933 if (overflow) /* Integer overflow */
934 {
935 while (IS_DIGIT(ptr[1]))
936 ptr++;
937 *errorcodeptr = ERR61;
938 break;
939 }
940
941 if (braced && *(++ptr) != CHAR_RIGHT_CURLY_BRACKET)
942 {
943 *errorcodeptr = ERR57;
944 break;
945 }
946
947 if (s == 0)
948 {
949 *errorcodeptr = ERR58;
950 break;
951 }
952
953 if (negated)
954 {
955 if (s > bracount)
956 {
957 *errorcodeptr = ERR15;
958 break;
959 }
960 s = bracount - (s - 1);
961 }
962
963 escape = -s;
964 break;
965
966 /* The handling of escape sequences consisting of a string of digits
967 starting with one that is not zero is not straightforward. By experiment,
968 the way Perl works seems to be as follows:
969
970 Outside a character class, the digits are read as a decimal number. If the
971 number is less than 10, or if there are that many previous extracting
972 left brackets, then it is a back reference. Otherwise, up to three octal
973 digits are read to form an escaped byte. Thus \123 is likely to be octal
974 123 (cf \0123, which is octal 012 followed by the literal 3). If the octal
975 value is greater than 377, the least significant 8 bits are taken. Inside a
976 character class, \ followed by a digit is always an octal number. */
977
978 case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4: case CHAR_5:
979 case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
980
981 if (!isclass)
982 {
983 oldptr = ptr;
984 /* The integer range is limited by the machine's int representation. */
985 s = (int)(c -CHAR_0);
986 overflow = FALSE;
987 while (IS_DIGIT(ptr[1]))
988 {
989 if (s > INT_MAX / 10 - 1) /* Integer overflow */
990 {
991 overflow = TRUE;
992 break;
993 }
994 s = s * 10 + (int)(*(++ptr) - CHAR_0);
995 }
996 if (overflow) /* Integer overflow */
997 {
998 while (IS_DIGIT(ptr[1]))
999 ptr++;
1000 *errorcodeptr = ERR61;
1001 break;
1002 }
1003 if (s < 10 || s <= bracount)
1004 {
1005 escape = -s;
1006 break;
1007 }
1008 ptr = oldptr; /* Put the pointer back and fall through */
1009 }
1010
1011 /* Handle an octal number following \. If the first digit is 8 or 9, Perl
1012 generates a binary zero byte and treats the digit as a following literal.
1013 Thus we have to pull back the pointer by one. */
1014
1015 if ((c = *ptr) >= CHAR_8)
1016 {
1017 ptr--;
1018 c = 0;
1019 break;
1020 }
1021
1022 /* \0 always starts an octal number, but we may drop through to here with a
1023 larger first octal digit. The original code used just to take the least
1024 significant 8 bits of octal numbers (I think this is what early Perls used
1025 to do). Nowadays we allow for larger numbers in UTF-8 mode and 16-bit mode,
1026 but no more than 3 octal digits. */
1027
1028 case CHAR_0:
1029 c -= CHAR_0;
1030 while(i++ < 2 && ptr[1] >= CHAR_0 && ptr[1] <= CHAR_7)
1031 c = c * 8 + *(++ptr) - CHAR_0;
1032 #ifdef COMPILE_PCRE8
1033 if (!utf && c > 0xff) *errorcodeptr = ERR51;
1034 #endif
1035 break;
1036
1037 /* \x is complicated. \x{ddd} is a character number which can be greater
1038 than 0xff in utf or non-8bit mode, but only if the ddd are hex digits.
1039 If not, { is treated as a data character. */
1040
1041 case CHAR_x:
1042 if ((options & PCRE_JAVASCRIPT_COMPAT) != 0)
1043 {
1044 /* In JavaScript, \x must be followed by two hexadecimal numbers.
1045 Otherwise it is a lowercase x letter. */
1046 if (MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0
1047 && MAX_255(ptr[2]) && (digitab[ptr[2]] & ctype_xdigit) != 0)
1048 {
1049 c = 0;
1050 for (i = 0; i < 2; ++i)
1051 {
1052 register pcre_uint32 cc = *(++ptr);
1053 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1054 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
1055 c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1056 #else /* EBCDIC coding */
1057 if (cc >= CHAR_a && cc <= CHAR_z) cc += 64; /* Convert to upper case */
1058 c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1059 #endif
1060 }
1061 }
1062 break;
1063 }
1064
1065 if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
1066 {
1067 const pcre_uchar *pt = ptr + 2;
1068
1069 c = 0;
1070 overflow = FALSE;
1071 while (MAX_255(*pt) && (digitab[*pt] & ctype_xdigit) != 0)
1072 {
1073 register pcre_uint32 cc = *pt++;
1074 if (c == 0 && cc == CHAR_0) continue; /* Leading zeroes */
1075
1076 #ifdef COMPILE_PCRE32
1077 if (c >= 0x10000000l) { overflow = TRUE; break; }
1078 #endif
1079
1080 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1081 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
1082 c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1083 #else /* EBCDIC coding */
1084 if (cc >= CHAR_a && cc <= CHAR_z) cc += 64; /* Convert to upper case */
1085 c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1086 #endif
1087
1088 #if defined COMPILE_PCRE8
1089 if (c > (utf ? 0x10ffffU : 0xffU)) { overflow = TRUE; break; }
1090 #elif defined COMPILE_PCRE16
1091 if (c > (utf ? 0x10ffffU : 0xffffU)) { overflow = TRUE; break; }
1092 #elif defined COMPILE_PCRE32
1093 if (utf && c > 0x10ffffU) { overflow = TRUE; break; }
1094 #endif
1095 }
1096
1097 if (overflow)
1098 {
1099 while (MAX_255(*pt) && (digitab[*pt] & ctype_xdigit) != 0) pt++;
1100 *errorcodeptr = ERR34;
1101 }
1102
1103 if (*pt == CHAR_RIGHT_CURLY_BRACKET)
1104 {
1105 if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;
1106 ptr = pt;
1107 break;
1108 }
1109
1110 /* If the sequence of hex digits does not end with '}', then we don't
1111 recognize this construct; fall through to the normal \x handling. */
1112 }
1113
1114 /* Read just a single-byte hex-defined char */
1115
1116 c = 0;
1117 while (i++ < 2 && MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0)
1118 {
1119 pcre_uint32 cc; /* Some compilers don't like */
1120 cc = *(++ptr); /* ++ in initializers */
1121 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1122 if (cc >= CHAR_a) cc -= 32; /* Convert to upper case */
1123 c = c * 16 + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1124 #else /* EBCDIC coding */
1125 if (cc <= CHAR_z) cc += 64; /* Convert to upper case */
1126 c = c * 16 + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1127 #endif
1128 }
1129 break;
1130
1131 /* For \c, a following letter is upper-cased; then the 0x40 bit is flipped.
1132 An error is given if the byte following \c is not an ASCII character. This
1133 coding is ASCII-specific, but then the whole concept of \cx is
1134 ASCII-specific. (However, an EBCDIC equivalent has now been added.) */
1135
1136 case CHAR_c:
1137 c = *(++ptr);
1138 if (c == CHAR_NULL)
1139 {
1140 *errorcodeptr = ERR2;
1141 break;
1142 }
1143 #ifndef EBCDIC /* ASCII/UTF-8 coding */
1144 if (c > 127) /* Excludes all non-ASCII in either mode */
1145 {
1146 *errorcodeptr = ERR68;
1147 break;
1148 }
1149 if (c >= CHAR_a && c <= CHAR_z) c -= 32;
1150 c ^= 0x40;
1151 #else /* EBCDIC coding */
1152 if (c >= CHAR_a && c <= CHAR_z) c += 64;
1153 c ^= 0xC0;
1154 #endif
1155 break;
1156
1157 /* PCRE_EXTRA enables extensions to Perl in the matter of escapes. Any
1158 other alphanumeric following \ is an error if PCRE_EXTRA was set;
1159 otherwise, for Perl compatibility, it is a literal. This code looks a bit
1160 odd, but there used to be some cases other than the default, and there may
1161 be again in future, so I haven't "optimized" it. */
1162
1163 default:
1164 if ((options & PCRE_EXTRA) != 0) switch(c)
1165 {
1166 default:
1167 *errorcodeptr = ERR3;
1168 break;
1169 }
1170 break;
1171 }
1172 }
1173
1174 /* Perl supports \N{name} for character names, as well as plain \N for "not
1175 newline". PCRE does not support \N{name}. However, it does support
1176 quantification such as \N{2,3}. */
1177
1178 if (escape == ESC_N && ptr[1] == CHAR_LEFT_CURLY_BRACKET &&
1179 !is_counted_repeat(ptr+2))
1180 *errorcodeptr = ERR37;
1181
1182 /* If PCRE_UCP is set, we change the values for \d etc. */
1183
1184 if ((options & PCRE_UCP) != 0 && escape >= ESC_D && escape <= ESC_w)
1185 escape += (ESC_DU - ESC_D);
1186
1187 /* Set the pointer to the final character before returning. */
1188
1189 *ptrptr = ptr;
1190 *chptr = c;
1191 return escape;
1192 }
1193
1194 #ifdef SUPPORT_UCP
1195 /*************************************************
1196 * Handle \P and \p *
1197 *************************************************/
1198
1199 /* This function is called after \P or \p has been encountered, provided that
1200 PCRE is compiled with support for Unicode properties. On entry, ptrptr is
1201 pointing at the P or p. On exit, it is pointing at the final character of the
1202 escape sequence.
1203
1204 Argument:
1205 ptrptr points to the pattern position pointer
1206 negptr points to a boolean that is set TRUE for negation else FALSE
1207 ptypeptr points to an unsigned int that is set to the type value
1208 pdataptr points to an unsigned int that is set to the detailed property value
1209 errorcodeptr points to the error code variable
1210
1211 Returns: TRUE if the type value was found, or FALSE for an invalid type
1212 */
1213
1214 static BOOL
1215 get_ucp(const pcre_uchar **ptrptr, BOOL *negptr, unsigned int *ptypeptr,
1216 unsigned int *pdataptr, int *errorcodeptr)
1217 {
1218 pcre_uchar c;
1219 int i, bot, top;
1220 const pcre_uchar *ptr = *ptrptr;
1221 pcre_uchar name[32];
1222
1223 c = *(++ptr);
1224 if (c == CHAR_NULL) goto ERROR_RETURN;
1225
1226 *negptr = FALSE;
1227
1228 /* \P or \p can be followed by a name in {}, optionally preceded by ^ for
1229 negation. */
1230
1231 if (c == CHAR_LEFT_CURLY_BRACKET)
1232 {
1233 if (ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
1234 {
1235 *negptr = TRUE;
1236 ptr++;
1237 }
1238 for (i = 0; i < (int)(sizeof(name) / sizeof(pcre_uchar)) - 1; i++)
1239 {
1240 c = *(++ptr);
1241 if (c == CHAR_NULL) goto ERROR_RETURN;
1242 if (c == CHAR_RIGHT_CURLY_BRACKET) break;
1243 name[i] = c;
1244 }
1245 if (c != CHAR_RIGHT_CURLY_BRACKET) goto ERROR_RETURN;
1246 name[i] = 0;
1247 }
1248
1249 /* Otherwise there is just one following character */
1250
1251 else
1252 {
1253 name[0] = c;
1254 name[1] = 0;
1255 }
1256
1257 *ptrptr = ptr;
1258
1259 /* Search for a recognized property name using binary chop */
1260
1261 bot = 0;
1262 top = PRIV(utt_size);
1263
1264 while (bot < top)
1265 {
1266 int r;
1267 i = (bot + top) >> 1;
1268 r = STRCMP_UC_C8(name, PRIV(utt_names) + PRIV(utt)[i].name_offset);
1269 if (r == 0)
1270 {
1271 *ptypeptr = PRIV(utt)[i].type;
1272 *pdataptr = PRIV(utt)[i].value;
1273 return TRUE;
1274 }
1275 if (r > 0) bot = i + 1; else top = i;
1276 }
1277
1278 *errorcodeptr = ERR47;
1279 *ptrptr = ptr;
1280 return FALSE;
1281
1282 ERROR_RETURN:
1283 *errorcodeptr = ERR46;
1284 *ptrptr = ptr;
1285 return FALSE;
1286 }
1287 #endif
1288
1289
1290
1291
1292 /*************************************************
1293 * Read repeat counts *
1294 *************************************************/
1295
1296 /* Read an item of the form {n,m} and return the values. This is called only
1297 after is_counted_repeat() has confirmed that a repeat-count quantifier exists,
1298 so the syntax is guaranteed to be correct, but we need to check the values.
1299
1300 Arguments:
1301 p pointer to first char after '{'
1302 minp pointer to int for min
1303 maxp pointer to int for max
1304 returned as -1 if no max
1305 errorcodeptr points to error code variable
1306
1307 Returns: pointer to '}' on success;
1308 current ptr on error, with errorcodeptr set non-zero
1309 */
1310
1311 static const pcre_uchar *
1312 read_repeat_counts(const pcre_uchar *p, int *minp, int *maxp, int *errorcodeptr)
1313 {
1314 int min = 0;
1315 int max = -1;
1316
1317 /* Read the minimum value and do a paranoid check: a negative value indicates
1318 an integer overflow. */
1319
1320 while (IS_DIGIT(*p)) min = min * 10 + (int)(*p++ - CHAR_0);
1321 if (min < 0 || min > 65535)
1322 {
1323 *errorcodeptr = ERR5;
1324 return p;
1325 }
1326
1327 /* Read the maximum value if there is one, and again do a paranoid on its size.
1328 Also, max must not be less than min. */
1329
1330 if (*p == CHAR_RIGHT_CURLY_BRACKET) max = min; else
1331 {
1332 if (*(++p) != CHAR_RIGHT_CURLY_BRACKET)
1333 {
1334 max = 0;
1335 while(IS_DIGIT(*p)) max = max * 10 + (int)(*p++ - CHAR_0);
1336 if (max < 0 || max > 65535)
1337 {
1338 *errorcodeptr = ERR5;
1339 return p;
1340 }
1341 if (max < min)
1342 {
1343 *errorcodeptr = ERR4;
1344 return p;
1345 }
1346 }
1347 }
1348
1349 /* Fill in the required variables, and pass back the pointer to the terminating
1350 '}'. */
1351
1352 *minp = min;
1353 *maxp = max;
1354 return p;
1355 }
1356
1357
1358
1359 /*************************************************
1360 * Subroutine for finding forward reference *
1361 *************************************************/
1362
1363 /* This recursive function is called only from find_parens() below. The
1364 top-level call starts at the beginning of the pattern. All other calls must
1365 start at a parenthesis. It scans along a pattern's text looking for capturing
1366 subpatterns, and counting them. If it finds a named pattern that matches the
1367 name it is given, it returns its number. Alternatively, if the name is NULL, it
1368 returns when it reaches a given numbered subpattern. Recursion is used to keep
1369 track of subpatterns that reset the capturing group numbers - the (?| feature.
1370
1371 This function was originally called only from the second pass, in which we know
1372 that if (?< or (?' or (?P< is encountered, the name will be correctly
1373 terminated because that is checked in the first pass. There is now one call to
1374 this function in the first pass, to check for a recursive back reference by
1375 name (so that we can make the whole group atomic). In this case, we need check
1376 only up to the current position in the pattern, and that is still OK because
1377 and previous occurrences will have been checked. To make this work, the test
1378 for "end of pattern" is a check against cd->end_pattern in the main loop,
1379 instead of looking for a binary zero. This means that the special first-pass
1380 call can adjust cd->end_pattern temporarily. (Checks for binary zero while
1381 processing items within the loop are OK, because afterwards the main loop will
1382 terminate.)
1383
1384 Arguments:
1385 ptrptr address of the current character pointer (updated)
1386 cd compile background data
1387 name name to seek, or NULL if seeking a numbered subpattern
1388 lorn name length, or subpattern number if name is NULL
1389 xmode TRUE if we are in /x mode
1390 utf TRUE if we are in UTF-8 / UTF-16 / UTF-32 mode
1391 count pointer to the current capturing subpattern number (updated)
1392
1393 Returns: the number of the named subpattern, or -1 if not found
1394 */
1395
1396 static int
1397 find_parens_sub(pcre_uchar **ptrptr, compile_data *cd, const pcre_uchar *name, int lorn,
1398 BOOL xmode, BOOL utf, int *count)
1399 {
1400 pcre_uchar *ptr = *ptrptr;
1401 int start_count = *count;
1402 int hwm_count = start_count;
1403 BOOL dup_parens = FALSE;
1404
1405 /* If the first character is a parenthesis, check on the type of group we are
1406 dealing with. The very first call may not start with a parenthesis. */
1407
1408 if (ptr[0] == CHAR_LEFT_PARENTHESIS)
1409 {
1410 /* Handle specials such as (*SKIP) or (*UTF8) etc. */
1411
1412 if (ptr[1] == CHAR_ASTERISK) ptr += 2;
1413
1414 /* Handle a normal, unnamed capturing parenthesis. */
1415
1416 else if (ptr[1] != CHAR_QUESTION_MARK)
1417 {
1418 *count += 1;
1419 if (name == NULL && *count == lorn) return *count;
1420 ptr++;
1421 }
1422
1423 /* All cases now have (? at the start. Remember when we are in a group
1424 where the parenthesis numbers are duplicated. */
1425
1426 else if (ptr[2] == CHAR_VERTICAL_LINE)
1427 {
1428 ptr += 3;
1429 dup_parens = TRUE;
1430 }
1431
1432 /* Handle comments; all characters are allowed until a ket is reached. */
1433
1434 else if (ptr[2] == CHAR_NUMBER_SIGN)
1435 {
1436 for (ptr += 3; *ptr != CHAR_NULL; ptr++)
1437 if (*ptr == CHAR_RIGHT_PARENTHESIS) break;
1438 goto FAIL_EXIT;
1439 }
1440
1441 /* Handle a condition. If it is an assertion, just carry on so that it
1442 is processed as normal. If not, skip to the closing parenthesis of the
1443 condition (there can't be any nested parens). */
1444
1445 else if (ptr[2] == CHAR_LEFT_PARENTHESIS)
1446 {
1447 ptr += 2;
1448 if (ptr[1] != CHAR_QUESTION_MARK)
1449 {
1450 while (*ptr != CHAR_NULL && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
1451 if (*ptr != CHAR_NULL) ptr++;
1452 }
1453 }
1454
1455 /* Start with (? but not a condition. */
1456
1457 else
1458 {
1459 ptr += 2;
1460 if (*ptr == CHAR_P) ptr++; /* Allow optional P */
1461
1462 /* We have to disambiguate (?<! and (?<= from (?<name> for named groups */
1463
1464 if ((*ptr == CHAR_LESS_THAN_SIGN && ptr[1] != CHAR_EXCLAMATION_MARK &&
1465 ptr[1] != CHAR_EQUALS_SIGN) || *ptr == CHAR_APOSTROPHE)
1466 {
1467 pcre_uchar term;
1468 const pcre_uchar *thisname;
1469 *count += 1;
1470 if (name == NULL && *count == lorn) return *count;
1471 term = *ptr++;
1472 if (term == CHAR_LESS_THAN_SIGN) term = CHAR_GREATER_THAN_SIGN;
1473 thisname = ptr;
1474 while (*ptr != term) ptr++;
1475 if (name != NULL && lorn == (int)(ptr - thisname) &&
1476 STRNCMP_UC_UC(name, thisname, (unsigned int)lorn) == 0)
1477 return *count;
1478 term++;
1479 }
1480 }
1481 }
1482
1483 /* Past any initial parenthesis handling, scan for parentheses or vertical
1484 bars. Stop if we get to cd->end_pattern. Note that this is important for the
1485 first-pass call when this value is temporarily adjusted to stop at the current
1486 position. So DO NOT change this to a test for binary zero. */
1487
1488 for (; ptr < cd->end_pattern; ptr++)
1489 {
1490 /* Skip over backslashed characters and also entire \Q...\E */
1491
1492 if (*ptr == CHAR_BACKSLASH)
1493 {
1494 if (*(++ptr) == CHAR_NULL) goto FAIL_EXIT;
1495 if (*ptr == CHAR_Q) for (;;)
1496 {
1497 while (*(++ptr) != CHAR_NULL && *ptr != CHAR_BACKSLASH) {};
1498 if (*ptr == CHAR_NULL) goto FAIL_EXIT;
1499 if (*(++ptr) == CHAR_E) break;
1500 }
1501 continue;
1502 }
1503
1504 /* Skip over character classes; this logic must be similar to the way they
1505 are handled for real. If the first character is '^', skip it. Also, if the
1506 first few characters (either before or after ^) are \Q\E or \E we skip them
1507 too. This makes for compatibility with Perl. Note the use of STR macros to
1508 encode "Q\\E" so that it works in UTF-8 on EBCDIC platforms. */
1509
1510 if (*ptr == CHAR_LEFT_SQUARE_BRACKET)
1511 {
1512 BOOL negate_class = FALSE;
1513 for (;;)
1514 {
1515 if (ptr[1] == CHAR_BACKSLASH)
1516 {
1517 if (ptr[2] == CHAR_E)
1518 ptr+= 2;
1519 else if (STRNCMP_UC_C8(ptr + 2,
1520 STR_Q STR_BACKSLASH STR_E, 3) == 0)
1521 ptr += 4;
1522 else
1523 break;
1524 }
1525 else if (!negate_class && ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
1526 {
1527 negate_class = TRUE;
1528 ptr++;
1529 }
1530 else break;
1531 }
1532
1533 /* If the next character is ']', it is a data character that must be
1534 skipped, except in JavaScript compatibility mode. */
1535
1536 if (ptr[1] == CHAR_RIGHT_SQUARE_BRACKET &&
1537 (cd->external_options & PCRE_JAVASCRIPT_COMPAT) == 0)
1538 ptr++;
1539
1540 while (*(++ptr) != CHAR_RIGHT_SQUARE_BRACKET)
1541 {
1542 if (*ptr == CHAR_NULL) return -1;
1543 if (*ptr == CHAR_BACKSLASH)
1544 {
1545 if (*(++ptr) == CHAR_NULL) goto FAIL_EXIT;
1546 if (*ptr == CHAR_Q) for (;;)
1547 {
1548 while (*(++ptr) != CHAR_NULL && *ptr != CHAR_BACKSLASH) {};
1549 if (*ptr == CHAR_NULL) goto FAIL_EXIT;
1550 if (*(++ptr) == CHAR_E) break;
1551 }
1552 continue;
1553 }
1554 }
1555 continue;
1556 }
1557
1558 /* Skip comments in /x mode */
1559
1560 if (xmode && *ptr == CHAR_NUMBER_SIGN)
1561 {
1562 ptr++;
1563 while (*ptr != CHAR_NULL)
1564 {
1565 if (IS_NEWLINE(ptr)) { ptr += cd->nllen - 1; break; }
1566 ptr++;
1567 #ifdef SUPPORT_UTF
1568 if (utf) FORWARDCHAR(ptr);
1569 #endif
1570 }
1571 if (*ptr == CHAR_NULL) goto FAIL_EXIT;
1572 continue;
1573 }
1574
1575 /* Check for the special metacharacters */
1576
1577 if (*ptr == CHAR_LEFT_PARENTHESIS)
1578 {
1579 int rc = find_parens_sub(&ptr, cd, name, lorn, xmode, utf, count);
1580 if (rc > 0) return rc;
1581 if (*ptr == CHAR_NULL) goto FAIL_EXIT;
1582 }
1583
1584 else if (*ptr == CHAR_RIGHT_PARENTHESIS)
1585 {
1586 if (dup_parens && *count < hwm_count) *count = hwm_count;
1587 goto FAIL_EXIT;
1588 }
1589
1590 else if (*ptr == CHAR_VERTICAL_LINE && dup_parens)
1591 {
1592 if (*count > hwm_count) hwm_count = *count;
1593 *count = start_count;
1594 }
1595 }
1596
1597 FAIL_EXIT:
1598 *ptrptr = ptr;
1599 return -1;
1600 }
1601
1602
1603
1604
1605 /*************************************************
1606 * Find forward referenced subpattern *
1607 *************************************************/
1608
1609 /* This function scans along a pattern's text looking for capturing
1610 subpatterns, and counting them. If it finds a named pattern that matches the
1611 name it is given, it returns its number. Alternatively, if the name is NULL, it
1612 returns when it reaches a given numbered subpattern. This is used for forward
1613 references to subpatterns. We used to be able to start this scan from the
1614 current compiling point, using the current count value from cd->bracount, and
1615 do it all in a single loop, but the addition of the possibility of duplicate
1616 subpattern numbers means that we have to scan from the very start, in order to
1617 take account of such duplicates, and to use a recursive function to keep track
1618 of the different types of group.
1619
1620 Arguments:
1621 cd compile background data
1622 name name to seek, or NULL if seeking a numbered subpattern
1623 lorn name length, or subpattern number if name is NULL
1624 xmode TRUE if we are in /x mode
1625 utf TRUE if we are in UTF-8 / UTF-16 / UTF-32 mode
1626
1627 Returns: the number of the found subpattern, or -1 if not found
1628 */
1629
1630 static int
1631 find_parens(compile_data *cd, const pcre_uchar *name, int lorn, BOOL xmode,
1632 BOOL utf)
1633 {
1634 pcre_uchar *ptr = (pcre_uchar *)cd->start_pattern;
1635 int count = 0;
1636 int rc;
1637
1638 /* If the pattern does not start with an opening parenthesis, the first call
1639 to find_parens_sub() will scan right to the end (if necessary). However, if it
1640 does start with a parenthesis, find_parens_sub() will return when it hits the
1641 matching closing parens. That is why we have to have a loop. */
1642
1643 for (;;)
1644 {
1645 rc = find_parens_sub(&ptr, cd, name, lorn, xmode, utf, &count);
1646 if (rc > 0 || *ptr++ == CHAR_NULL) break;
1647 }
1648
1649 return rc;
1650 }
1651
1652
1653
1654
1655 /*************************************************
1656 * Find first significant op code *
1657 *************************************************/
1658
1659 /* This is called by several functions that scan a compiled expression looking
1660 for a fixed first character, or an anchoring op code etc. It skips over things
1661 that do not influence this. For some calls, it makes sense to skip negative
1662 forward and all backward assertions, and also the \b assertion; for others it
1663 does not.
1664
1665 Arguments:
1666 code pointer to the start of the group
1667 skipassert TRUE if certain assertions are to be skipped
1668
1669 Returns: pointer to the first significant opcode
1670 */
1671
1672 static const pcre_uchar*
1673 first_significant_code(const pcre_uchar *code, BOOL skipassert)
1674 {
1675 for (;;)
1676 {
1677 switch ((int)*code)
1678 {
1679 case OP_ASSERT_NOT:
1680 case OP_ASSERTBACK:
1681 case OP_ASSERTBACK_NOT:
1682 if (!skipassert) return code;
1683 do code += GET(code, 1); while (*code == OP_ALT);
1684 code += PRIV(OP_lengths)[*code];
1685 break;
1686
1687 case OP_WORD_BOUNDARY:
1688 case OP_NOT_WORD_BOUNDARY:
1689 if (!skipassert) return code;
1690 /* Fall through */
1691
1692 case OP_CALLOUT:
1693 case OP_CREF:
1694 case OP_NCREF:
1695 case OP_RREF:
1696 case OP_NRREF:
1697 case OP_DEF:
1698 code += PRIV(OP_lengths)[*code];
1699 break;
1700
1701 default:
1702 return code;
1703 }
1704 }
1705 /* Control never reaches here */
1706 }
1707
1708
1709
1710
1711 /*************************************************
1712 * Find the fixed length of a branch *
1713 *************************************************/
1714
1715 /* Scan a branch and compute the fixed length of subject that will match it,
1716 if the length is fixed. This is needed for dealing with backward assertions.
1717 In UTF8 mode, the result is in characters rather than bytes. The branch is
1718 temporarily terminated with OP_END when this function is called.
1719
1720 This function is called when a backward assertion is encountered, so that if it
1721 fails, the error message can point to the correct place in the pattern.
1722 However, we cannot do this when the assertion contains subroutine calls,
1723 because they can be forward references. We solve this by remembering this case
1724 and doing the check at the end; a flag specifies which mode we are running in.
1725
1726 Arguments:
1727 code points to the start of the pattern (the bracket)
1728 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
1729 atend TRUE if called when the pattern is complete
1730 cd the "compile data" structure
1731
1732 Returns: the fixed length,
1733 or -1 if there is no fixed length,
1734 or -2 if \C was encountered (in UTF-8 mode only)
1735 or -3 if an OP_RECURSE item was encountered and atend is FALSE
1736 or -4 if an unknown opcode was encountered (internal error)
1737 */
1738
1739 static int
1740 find_fixedlength(pcre_uchar *code, BOOL utf, BOOL atend, compile_data *cd)
1741 {
1742 int length = -1;
1743
1744 register int branchlength = 0;
1745 register pcre_uchar *cc = code + 1 + LINK_SIZE;
1746
1747 /* Scan along the opcodes for this branch. If we get to the end of the
1748 branch, check the length against that of the other branches. */
1749
1750 for (;;)
1751 {
1752 int d;
1753 pcre_uchar *ce, *cs;
1754 register pcre_uchar op = *cc;
1755
1756 switch (op)
1757 {
1758 /* We only need to continue for OP_CBRA (normal capturing bracket) and
1759 OP_BRA (normal non-capturing bracket) because the other variants of these
1760 opcodes are all concerned with unlimited repeated groups, which of course
1761 are not of fixed length. */
1762
1763 case OP_CBRA:
1764 case OP_BRA:
1765 case OP_ONCE:
1766 case OP_ONCE_NC:
1767 case OP_COND:
1768 d = find_fixedlength(cc + ((op == OP_CBRA)? IMM2_SIZE : 0), utf, atend, cd);
1769 if (d < 0) return d;
1770 branchlength += d;
1771 do cc += GET(cc, 1); while (*cc == OP_ALT);
1772 cc += 1 + LINK_SIZE;
1773 break;
1774
1775 /* Reached end of a branch; if it's a ket it is the end of a nested call.
1776 If it's ALT it is an alternation in a nested call. An ACCEPT is effectively
1777 an ALT. If it is END it's the end of the outer call. All can be handled by
1778 the same code. Note that we must not include the OP_KETRxxx opcodes here,
1779 because they all imply an unlimited repeat. */
1780
1781 case OP_ALT:
1782 case OP_KET:
1783 case OP_END:
1784 case OP_ACCEPT:
1785 case OP_ASSERT_ACCEPT:
1786 if (length < 0) length = branchlength;
1787 else if (length != branchlength) return -1;
1788 if (*cc != OP_ALT) return length;
1789 cc += 1 + LINK_SIZE;
1790 branchlength = 0;
1791 break;
1792
1793 /* A true recursion implies not fixed length, but a subroutine call may
1794 be OK. If the subroutine is a forward reference, we can't deal with
1795 it until the end of the pattern, so return -3. */
1796
1797 case OP_RECURSE:
1798 if (!atend) return -3;
1799 cs = ce = (pcre_uchar *)cd->start_code + GET(cc, 1); /* Start subpattern */
1800 do ce += GET(ce, 1); while (*ce == OP_ALT); /* End subpattern */
1801 if (cc > cs && cc < ce) return -1; /* Recursion */
1802 d = find_fixedlength(cs + IMM2_SIZE, utf, atend, cd);
1803 if (d < 0) return d;
1804 branchlength += d;
1805 cc += 1 + LINK_SIZE;
1806 break;
1807
1808 /* Skip over assertive subpatterns */
1809
1810 case OP_ASSERT:
1811 case OP_ASSERT_NOT:
1812 case OP_ASSERTBACK:
1813 case OP_ASSERTBACK_NOT:
1814 do cc += GET(cc, 1); while (*cc == OP_ALT);
1815 cc += PRIV(OP_lengths)[*cc];
1816 break;
1817
1818 /* Skip over things that don't match chars */
1819
1820 case OP_MARK:
1821 case OP_PRUNE_ARG:
1822 case OP_SKIP_ARG:
1823 case OP_THEN_ARG:
1824 cc += cc[1] + PRIV(OP_lengths)[*cc];
1825 break;
1826
1827 case OP_CALLOUT:
1828 case OP_CIRC:
1829 case OP_CIRCM:
1830 case OP_CLOSE:
1831 case OP_COMMIT:
1832 case OP_CREF:
1833 case OP_DEF:
1834 case OP_DOLL:
1835 case OP_DOLLM:
1836 case OP_EOD:
1837 case OP_EODN:
1838 case OP_FAIL:
1839 case OP_NCREF:
1840 case OP_NRREF:
1841 case OP_NOT_WORD_BOUNDARY:
1842 case OP_PRUNE:
1843 case OP_REVERSE:
1844 case OP_RREF:
1845 case OP_SET_SOM:
1846 case OP_SKIP:
1847 case OP_SOD:
1848 case OP_SOM:
1849 case OP_THEN:
1850 case OP_WORD_BOUNDARY:
1851 cc += PRIV(OP_lengths)[*cc];
1852 break;
1853
1854 /* Handle literal characters */
1855
1856 case OP_CHAR:
1857 case OP_CHARI:
1858 case OP_NOT:
1859 case OP_NOTI:
1860 branchlength++;
1861 cc += 2;
1862 #ifdef SUPPORT_UTF
1863 if (utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]);
1864 #endif
1865 break;
1866
1867 /* Handle exact repetitions. The count is already in characters, but we
1868 need to skip over a multibyte character in UTF8 mode. */
1869
1870 case OP_EXACT:
1871 case OP_EXACTI:
1872 case OP_NOTEXACT:
1873 case OP_NOTEXACTI:
1874 branchlength += (int)GET2(cc,1);
1875 cc += 2 + IMM2_SIZE;
1876 #ifdef SUPPORT_UTF
1877 if (utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]);
1878 #endif
1879 break;
1880
1881 case OP_TYPEEXACT:
1882 branchlength += GET2(cc,1);
1883 if (cc[1 + IMM2_SIZE] == OP_PROP || cc[1 + IMM2_SIZE] == OP_NOTPROP)
1884 cc += 2;
1885 cc += 1 + IMM2_SIZE + 1;
1886 break;
1887
1888 /* Handle single-char matchers */
1889
1890 case OP_PROP:
1891 case OP_NOTPROP:
1892 cc += 2;
1893 /* Fall through */
1894
1895 case OP_HSPACE:
1896 case OP_VSPACE:
1897 case OP_NOT_HSPACE:
1898 case OP_NOT_VSPACE:
1899 case OP_NOT_DIGIT:
1900 case OP_DIGIT:
1901 case OP_NOT_WHITESPACE:
1902 case OP_WHITESPACE:
1903 case OP_NOT_WORDCHAR:
1904 case OP_WORDCHAR:
1905 case OP_ANY:
1906 case OP_ALLANY:
1907 branchlength++;
1908 cc++;
1909 break;
1910
1911 /* The single-byte matcher isn't allowed. This only happens in UTF-8 mode;
1912 otherwise \C is coded as OP_ALLANY. */
1913
1914 case OP_ANYBYTE:
1915 return -2;
1916
1917 /* Check a class for variable quantification */
1918
1919 case OP_CLASS:
1920 case OP_NCLASS:
1921 #if defined SUPPORT_UTF || defined COMPILE_PCRE16 || defined COMPILE_PCRE32
1922 case OP_XCLASS:
1923 /* The original code caused an unsigned overflow in 64 bit systems,
1924 so now we use a conditional statement. */
1925 if (op == OP_XCLASS)
1926 cc += GET(cc, 1);
1927 else
1928 cc += PRIV(OP_lengths)[OP_CLASS];
1929 #else
1930 cc += PRIV(OP_lengths)[OP_CLASS];
1931 #endif
1932
1933 switch (*cc)
1934 {
1935 case OP_CRPLUS:
1936 case OP_CRMINPLUS:
1937 case OP_CRSTAR:
1938 case OP_CRMINSTAR:
1939 case OP_CRQUERY:
1940 case OP_CRMINQUERY:
1941 return -1;
1942
1943 case OP_CRRANGE:
1944 case OP_CRMINRANGE:
1945 if (GET2(cc,1) != GET2(cc,1+IMM2_SIZE)) return -1;
1946 branchlength += (int)GET2(cc,1);
1947 cc += 1 + 2 * IMM2_SIZE;
1948 break;
1949
1950 default:
1951 branchlength++;
1952 }
1953 break;
1954
1955 /* Anything else is variable length */
1956
1957 case OP_ANYNL:
1958 case OP_BRAMINZERO:
1959 case OP_BRAPOS:
1960 case OP_BRAPOSZERO:
1961 case OP_BRAZERO:
1962 case OP_CBRAPOS:
1963 case OP_EXTUNI:
1964 case OP_KETRMAX:
1965 case OP_KETRMIN:
1966 case OP_KETRPOS:
1967 case OP_MINPLUS:
1968 case OP_MINPLUSI:
1969 case OP_MINQUERY:
1970 case OP_MINQUERYI:
1971 case OP_MINSTAR:
1972 case OP_MINSTARI:
1973 case OP_MINUPTO:
1974 case OP_MINUPTOI:
1975 case OP_NOTMINPLUS:
1976 case OP_NOTMINPLUSI:
1977 case OP_NOTMINQUERY:
1978 case OP_NOTMINQUERYI:
1979 case OP_NOTMINSTAR:
1980 case OP_NOTMINSTARI:
1981 case OP_NOTMINUPTO:
1982 case OP_NOTMINUPTOI:
1983 case OP_NOTPLUS:
1984 case OP_NOTPLUSI:
1985 case OP_NOTPOSPLUS:
1986 case OP_NOTPOSPLUSI:
1987 case OP_NOTPOSQUERY:
1988 case OP_NOTPOSQUERYI:
1989 case OP_NOTPOSSTAR:
1990 case OP_NOTPOSSTARI:
1991 case OP_NOTPOSUPTO:
1992 case OP_NOTPOSUPTOI:
1993 case OP_NOTQUERY:
1994 case OP_NOTQUERYI:
1995 case OP_NOTSTAR:
1996 case OP_NOTSTARI:
1997 case OP_NOTUPTO:
1998 case OP_NOTUPTOI:
1999 case OP_PLUS:
2000 case OP_PLUSI:
2001 case OP_POSPLUS:
2002 case OP_POSPLUSI:
2003 case OP_POSQUERY:
2004 case OP_POSQUERYI:
2005 case OP_POSSTAR:
2006 case OP_POSSTARI:
2007 case OP_POSUPTO:
2008 case OP_POSUPTOI:
2009 case OP_QUERY:
2010 case OP_QUERYI:
2011 case OP_REF:
2012 case OP_REFI:
2013 case OP_SBRA:
2014 case OP_SBRAPOS:
2015 case OP_SCBRA:
2016 case OP_SCBRAPOS:
2017 case OP_SCOND:
2018 case OP_SKIPZERO:
2019 case OP_STAR:
2020 case OP_STARI:
2021 case OP_TYPEMINPLUS:
2022 case OP_TYPEMINQUERY:
2023 case OP_TYPEMINSTAR:
2024 case OP_TYPEMINUPTO:
2025 case OP_TYPEPLUS:
2026 case OP_TYPEPOSPLUS:
2027 case OP_TYPEPOSQUERY:
2028 case OP_TYPEPOSSTAR:
2029 case OP_TYPEPOSUPTO:
2030 case OP_TYPEQUERY:
2031 case OP_TYPESTAR:
2032 case OP_TYPEUPTO:
2033 case OP_UPTO:
2034 case OP_UPTOI:
2035 return -1;
2036
2037 /* Catch unrecognized opcodes so that when new ones are added they
2038 are not forgotten, as has happened in the past. */
2039
2040 default:
2041 return -4;
2042 }
2043 }
2044 /* Control never gets here */
2045 }
2046
2047
2048
2049
2050 /*************************************************
2051 * Scan compiled regex for specific bracket *
2052 *************************************************/
2053
2054 /* This little function scans through a compiled pattern until it finds a
2055 capturing bracket with the given number, or, if the number is negative, an
2056 instance of OP_REVERSE for a lookbehind. The function is global in the C sense
2057 so that it can be called from pcre_study() when finding the minimum matching
2058 length.
2059
2060 Arguments:
2061 code points to start of expression
2062 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
2063 number the required bracket number or negative to find a lookbehind
2064
2065 Returns: pointer to the opcode for the bracket, or NULL if not found
2066 */
2067
2068 const pcre_uchar *
2069 PRIV(find_bracket)(const pcre_uchar *code, BOOL utf, int number)
2070 {
2071 for (;;)
2072 {
2073 register pcre_uchar c = *code;
2074
2075 if (c == OP_END) return NULL;
2076
2077 /* XCLASS is used for classes that cannot be represented just by a bit
2078 map. This includes negated single high-valued characters. The length in
2079 the table is zero; the actual length is stored in the compiled code. */
2080
2081 if (c == OP_XCLASS) code += GET(code, 1);
2082
2083 /* Handle recursion */
2084
2085 else if (c == OP_REVERSE)
2086 {
2087 if (number < 0) return (pcre_uchar *)code;
2088 code += PRIV(OP_lengths)[c];
2089 }
2090
2091 /* Handle capturing bracket */
2092
2093 else if (c == OP_CBRA || c == OP_SCBRA ||
2094 c == OP_CBRAPOS || c == OP_SCBRAPOS)
2095 {
2096 int n = (int)GET2(code, 1+LINK_SIZE);
2097 if (n == number) return (pcre_uchar *)code;
2098 code += PRIV(OP_lengths)[c];
2099 }
2100
2101 /* Otherwise, we can get the item's length from the table, except that for
2102 repeated character types, we have to test for \p and \P, which have an extra
2103 two bytes of parameters, and for MARK/PRUNE/SKIP/THEN with an argument, we
2104 must add in its length. */
2105
2106 else
2107 {
2108 switch(c)
2109 {
2110 case OP_TYPESTAR:
2111 case OP_TYPEMINSTAR:
2112 case OP_TYPEPLUS:
2113 case OP_TYPEMINPLUS:
2114 case OP_TYPEQUERY:
2115 case OP_TYPEMINQUERY:
2116 case OP_TYPEPOSSTAR:
2117 case OP_TYPEPOSPLUS:
2118 case OP_TYPEPOSQUERY:
2119 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2120 break;
2121
2122 case OP_TYPEUPTO:
2123 case OP_TYPEMINUPTO:
2124 case OP_TYPEEXACT:
2125 case OP_TYPEPOSUPTO:
2126 if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2127 code += 2;
2128 break;
2129
2130 case OP_MARK:
2131 case OP_PRUNE_ARG:
2132 case OP_SKIP_ARG:
2133 code += code[1];
2134 break;
2135
2136 case OP_THEN_ARG:
2137 code += code[1];
2138 break;
2139 }
2140
2141 /* Add in the fixed length from the table */
2142
2143 code += PRIV(OP_lengths)[c];
2144
2145 /* In UTF-8 mode, opcodes that are followed by a character may be followed by
2146 a multi-byte character. The length in the table is a minimum, so we have to
2147 arrange to skip the extra bytes. */
2148
2149 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2150 if (utf) switch(c)
2151 {
2152 case OP_CHAR:
2153 case OP_CHARI:
2154 case OP_EXACT:
2155 case OP_EXACTI:
2156 case OP_UPTO:
2157 case OP_UPTOI:
2158 case OP_MINUPTO:
2159 case OP_MINUPTOI:
2160 case OP_POSUPTO:
2161 case OP_POSUPTOI:
2162 case OP_STAR:
2163 case OP_STARI:
2164 case OP_MINSTAR:
2165 case OP_MINSTARI:
2166 case OP_POSSTAR:
2167 case OP_POSSTARI:
2168 case OP_PLUS:
2169 case OP_PLUSI:
2170 case OP_MINPLUS:
2171 case OP_MINPLUSI:
2172 case OP_POSPLUS:
2173 case OP_POSPLUSI:
2174 case OP_QUERY:
2175 case OP_QUERYI:
2176 case OP_MINQUERY:
2177 case OP_MINQUERYI:
2178 case OP_POSQUERY:
2179 case OP_POSQUERYI:
2180 if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);
2181 break;
2182 }
2183 #else
2184 (void)(utf); /* Keep compiler happy by referencing function argument */
2185 #endif
2186 }
2187 }
2188 }
2189
2190
2191
2192 /*************************************************
2193 * Scan compiled regex for recursion reference *
2194 *************************************************/
2195
2196 /* This little function scans through a compiled pattern until it finds an
2197 instance of OP_RECURSE.
2198
2199 Arguments:
2200 code points to start of expression
2201 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
2202
2203 Returns: pointer to the opcode for OP_RECURSE, or NULL if not found
2204 */
2205
2206 static const pcre_uchar *
2207 find_recurse(const pcre_uchar *code, BOOL utf)
2208 {
2209 for (;;)
2210 {
2211 register pcre_uchar c = *code;
2212 if (c == OP_END) return NULL;
2213 if (c == OP_RECURSE) return code;
2214
2215 /* XCLASS is used for classes that cannot be represented just by a bit
2216 map. This includes negated single high-valued characters. The length in
2217 the table is zero; the actual length is stored in the compiled code. */
2218
2219 if (c == OP_XCLASS) code += GET(code, 1);
2220
2221 /* Otherwise, we can get the item's length from the table, except that for
2222 repeated character types, we have to test for \p and \P, which have an extra
2223 two bytes of parameters, and for MARK/PRUNE/SKIP/THEN with an argument, we
2224 must add in its length. */
2225
2226 else
2227 {
2228 switch(c)
2229 {
2230 case OP_TYPESTAR:
2231 case OP_TYPEMINSTAR:
2232 case OP_TYPEPLUS:
2233 case OP_TYPEMINPLUS:
2234 case OP_TYPEQUERY:
2235 case OP_TYPEMINQUERY:
2236 case OP_TYPEPOSSTAR:
2237 case OP_TYPEPOSPLUS:
2238 case OP_TYPEPOSQUERY:
2239 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2240 break;
2241
2242 case OP_TYPEPOSUPTO:
2243 case OP_TYPEUPTO:
2244 case OP_TYPEMINUPTO:
2245 case OP_TYPEEXACT:
2246 if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2247 code += 2;
2248 break;
2249
2250 case OP_MARK:
2251 case OP_PRUNE_ARG:
2252 case OP_SKIP_ARG:
2253 code += code[1];
2254 break;
2255
2256 case OP_THEN_ARG:
2257 code += code[1];
2258 break;
2259 }
2260
2261 /* Add in the fixed length from the table */
2262
2263 code += PRIV(OP_lengths)[c];
2264
2265 /* In UTF-8 mode, opcodes that are followed by a character may be followed
2266 by a multi-byte character. The length in the table is a minimum, so we have
2267 to arrange to skip the extra bytes. */
2268
2269 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2270 if (utf) switch(c)
2271 {
2272 case OP_CHAR:
2273 case OP_CHARI:
2274 case OP_NOT:
2275 case OP_NOTI:
2276 case OP_EXACT:
2277 case OP_EXACTI:
2278 case OP_NOTEXACT:
2279 case OP_NOTEXACTI:
2280 case OP_UPTO:
2281 case OP_UPTOI:
2282 case OP_NOTUPTO:
2283 case OP_NOTUPTOI:
2284 case OP_MINUPTO:
2285 case OP_MINUPTOI:
2286 case OP_NOTMINUPTO:
2287 case OP_NOTMINUPTOI:
2288 case OP_POSUPTO:
2289 case OP_POSUPTOI:
2290 case OP_NOTPOSUPTO:
2291 case OP_NOTPOSUPTOI:
2292 case OP_STAR:
2293 case OP_STARI:
2294 case OP_NOTSTAR:
2295 case OP_NOTSTARI:
2296 case OP_MINSTAR:
2297 case OP_MINSTARI:
2298 case OP_NOTMINSTAR:
2299 case OP_NOTMINSTARI:
2300 case OP_POSSTAR:
2301 case OP_POSSTARI:
2302 case OP_NOTPOSSTAR:
2303 case OP_NOTPOSSTARI:
2304 case OP_PLUS:
2305 case OP_PLUSI:
2306 case OP_NOTPLUS:
2307 case OP_NOTPLUSI:
2308 case OP_MINPLUS:
2309 case OP_MINPLUSI:
2310 case OP_NOTMINPLUS:
2311 case OP_NOTMINPLUSI:
2312 case OP_POSPLUS:
2313 case OP_POSPLUSI:
2314 case OP_NOTPOSPLUS:
2315 case OP_NOTPOSPLUSI:
2316 case OP_QUERY:
2317 case OP_QUERYI:
2318 case OP_NOTQUERY:
2319 case OP_NOTQUERYI:
2320 case OP_MINQUERY:
2321 case OP_MINQUERYI:
2322 case OP_NOTMINQUERY:
2323 case OP_NOTMINQUERYI:
2324 case OP_POSQUERY:
2325 case OP_POSQUERYI:
2326 case OP_NOTPOSQUERY:
2327 case OP_NOTPOSQUERYI:
2328 if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);
2329 break;
2330 }
2331 #else
2332 (void)(utf); /* Keep compiler happy by referencing function argument */
2333 #endif
2334 }
2335 }
2336 }
2337
2338
2339
2340 /*************************************************
2341 * Scan compiled branch for non-emptiness *
2342 *************************************************/
2343
2344 /* This function scans through a branch of a compiled pattern to see whether it
2345 can match the empty string or not. It is called from could_be_empty()
2346 below and from compile_branch() when checking for an unlimited repeat of a
2347 group that can match nothing. Note that first_significant_code() skips over
2348 backward and negative forward assertions when its final argument is TRUE. If we
2349 hit an unclosed bracket, we return "empty" - this means we've struck an inner
2350 bracket whose current branch will already have been scanned.
2351
2352 Arguments:
2353 code points to start of search
2354 endcode points to where to stop
2355 utf TRUE if in UTF-8 / UTF-16 / UTF-32 mode
2356 cd contains pointers to tables etc.
2357
2358 Returns: TRUE if what is matched could be empty
2359 */
2360
2361 static BOOL
2362 could_be_empty_branch(const pcre_uchar *code, const pcre_uchar *endcode,
2363 BOOL utf, compile_data *cd)
2364 {
2365 register pcre_uchar c;
2366 for (code = first_significant_code(code + PRIV(OP_lengths)[*code], TRUE);
2367 code < endcode;
2368 code = first_significant_code(code + PRIV(OP_lengths)[c], TRUE))
2369 {
2370 const pcre_uchar *ccode;
2371
2372 c = *code;
2373
2374 /* Skip over forward assertions; the other assertions are skipped by
2375 first_significant_code() with a TRUE final argument. */
2376
2377 if (c == OP_ASSERT)
2378 {
2379 do code += GET(code, 1); while (*code == OP_ALT);
2380 c = *code;
2381 continue;
2382 }
2383
2384 /* For a recursion/subroutine call, if its end has been reached, which
2385 implies a backward reference subroutine call, we can scan it. If it's a
2386 forward reference subroutine call, we can't. To detect forward reference
2387 we have to scan up the list that is kept in the workspace. This function is
2388 called only when doing the real compile, not during the pre-compile that
2389 measures the size of the compiled pattern. */
2390
2391 if (c == OP_RECURSE)
2392 {
2393 const pcre_uchar *scode;
2394 BOOL empty_branch;
2395
2396 /* Test for forward reference */
2397
2398 for (scode = cd->start_workspace; scode < cd->hwm; scode += LINK_SIZE)
2399 if ((int)GET(scode, 0) == (int)(code + 1 - cd->start_code)) return TRUE;
2400
2401 /* Not a forward reference, test for completed backward reference */
2402
2403 empty_branch = FALSE;
2404 scode = cd->start_code + GET(code, 1);
2405 if (GET(scode, 1) == 0) return TRUE; /* Unclosed */
2406
2407 /* Completed backwards reference */
2408
2409 do
2410 {
2411 if (could_be_empty_branch(scode, endcode, utf, cd))
2412 {
2413 empty_branch = TRUE;
2414 break;
2415 }
2416 scode += GET(scode, 1);
2417 }
2418 while (*scode == OP_ALT);
2419
2420 if (!empty_branch) return FALSE; /* All branches are non-empty */
2421 continue;
2422 }
2423
2424 /* Groups with zero repeats can of course be empty; skip them. */
2425
2426 if (c == OP_BRAZERO || c == OP_BRAMINZERO || c == OP_SKIPZERO ||
2427 c == OP_BRAPOSZERO)
2428 {
2429 code += PRIV(OP_lengths)[c];
2430 do code += GET(code, 1); while (*code == OP_ALT);
2431 c = *code;
2432 continue;
2433 }
2434
2435 /* A nested group that is already marked as "could be empty" can just be
2436 skipped. */
2437
2438 if (c == OP_SBRA || c == OP_SBRAPOS ||
2439 c == OP_SCBRA || c == OP_SCBRAPOS)
2440 {
2441 do code += GET(code, 1); while (*code == OP_ALT);
2442 c = *code;
2443 continue;
2444 }
2445
2446 /* For other groups, scan the branches. */
2447
2448 if (c == OP_BRA || c == OP_BRAPOS ||
2449 c == OP_CBRA || c == OP_CBRAPOS ||
2450 c == OP_ONCE || c == OP_ONCE_NC ||
2451 c == OP_COND)
2452 {
2453 BOOL empty_branch;
2454 if (GET(code, 1) == 0) return TRUE; /* Hit unclosed bracket */
2455
2456 /* If a conditional group has only one branch, there is a second, implied,
2457 empty branch, so just skip over the conditional, because it could be empty.
2458 Otherwise, scan the individual branches of the group. */
2459
2460 if (c == OP_COND && code[GET(code, 1)] != OP_ALT)
2461 code += GET(code, 1);
2462 else
2463 {
2464 empty_branch = FALSE;
2465 do
2466 {
2467 if (!empty_branch && could_be_empty_branch(code, endcode, utf, cd))
2468 empty_branch = TRUE;
2469 code += GET(code, 1);
2470 }
2471 while (*code == OP_ALT);
2472 if (!empty_branch) return FALSE; /* All branches are non-empty */
2473 }
2474
2475 c = *code;
2476 continue;
2477 }
2478
2479 /* Handle the other opcodes */
2480
2481 switch (c)
2482 {
2483 /* Check for quantifiers after a class. XCLASS is used for classes that
2484 cannot be represented just by a bit map. This includes negated single
2485 high-valued characters. The length in PRIV(OP_lengths)[] is zero; the
2486 actual length is stored in the compiled code, so we must update "code"
2487 here. */
2488
2489 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
2490 case OP_XCLASS:
2491 ccode = code += GET(code, 1);
2492 goto CHECK_CLASS_REPEAT;
2493 #endif
2494
2495 case OP_CLASS:
2496 case OP_NCLASS:
2497 ccode = code + PRIV(OP_lengths)[OP_CLASS];
2498
2499 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
2500 CHECK_CLASS_REPEAT:
2501 #endif
2502
2503 switch (*ccode)
2504 {
2505 case OP_CRSTAR: /* These could be empty; continue */
2506 case OP_CRMINSTAR:
2507 case OP_CRQUERY:
2508 case OP_CRMINQUERY:
2509 break;
2510
2511 default: /* Non-repeat => class must match */
2512 case OP_CRPLUS: /* These repeats aren't empty */
2513 case OP_CRMINPLUS:
2514 return FALSE;
2515
2516 case OP_CRRANGE:
2517 case OP_CRMINRANGE:
2518 if (GET2(ccode, 1) > 0) return FALSE; /* Minimum > 0 */
2519 break;
2520 }
2521 break;
2522
2523 /* Opcodes that must match a character */
2524
2525 case OP_PROP:
2526 case OP_NOTPROP:
2527 case OP_EXTUNI:
2528 case OP_NOT_DIGIT:
2529 case OP_DIGIT:
2530 case OP_NOT_WHITESPACE:
2531 case OP_WHITESPACE:
2532 case OP_NOT_WORDCHAR:
2533 case OP_WORDCHAR:
2534 case OP_ANY:
2535 case OP_ALLANY:
2536 case OP_ANYBYTE:
2537 case OP_CHAR:
2538 case OP_CHARI:
2539 case OP_NOT:
2540 case OP_NOTI:
2541 case OP_PLUS:
2542 case OP_MINPLUS:
2543 case OP_POSPLUS:
2544 case OP_EXACT:
2545 case OP_NOTPLUS:
2546 case OP_NOTMINPLUS:
2547 case OP_NOTPOSPLUS:
2548 case OP_NOTEXACT:
2549 case OP_TYPEPLUS:
2550 case OP_TYPEMINPLUS:
2551 case OP_TYPEPOSPLUS:
2552 case OP_TYPEEXACT:
2553 return FALSE;
2554
2555 /* These are going to continue, as they may be empty, but we have to
2556 fudge the length for the \p and \P cases. */
2557
2558 case OP_TYPESTAR:
2559 case OP_TYPEMINSTAR:
2560 case OP_TYPEPOSSTAR:
2561 case OP_TYPEQUERY:
2562 case OP_TYPEMINQUERY:
2563 case OP_TYPEPOSQUERY:
2564 if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2565 break;
2566
2567 /* Same for these */
2568
2569 case OP_TYPEUPTO:
2570 case OP_TYPEMINUPTO:
2571 case OP_TYPEPOSUPTO:
2572 if (code[1 + IMM2_SIZE] == OP_PROP || code[1 + IMM2_SIZE] == OP_NOTPROP)
2573 code += 2;
2574 break;
2575
2576 /* End of branch */
2577
2578 case OP_KET:
2579 case OP_KETRMAX:
2580 case OP_KETRMIN:
2581 case OP_KETRPOS:
2582 case OP_ALT:
2583 return TRUE;
2584
2585 /* In UTF-8 mode, STAR, MINSTAR, POSSTAR, QUERY, MINQUERY, POSQUERY, UPTO,
2586 MINUPTO, and POSUPTO may be followed by a multibyte character */
2587
2588 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
2589 case OP_STAR:
2590 case OP_STARI:
2591 case OP_MINSTAR:
2592 case OP_MINSTARI:
2593 case OP_POSSTAR:
2594 case OP_POSSTARI:
2595 case OP_QUERY:
2596 case OP_QUERYI:
2597 case OP_MINQUERY:
2598 case OP_MINQUERYI:
2599 case OP_POSQUERY:
2600 case OP_POSQUERYI:
2601 if (utf && HAS_EXTRALEN(code[1])) code += GET_EXTRALEN(code[1]);
2602 break;
2603
2604 case OP_UPTO:
2605 case OP_UPTOI:
2606 case OP_MINUPTO:
2607 case OP_MINUPTOI:
2608 case OP_POSUPTO:
2609 case OP_POSUPTOI:
2610 if (utf && HAS_EXTRALEN(code[1 + IMM2_SIZE])) code += GET_EXTRALEN(code[1 + IMM2_SIZE]);
2611 break;
2612 #endif
2613
2614 /* MARK, and PRUNE/SKIP/THEN with an argument must skip over the argument
2615 string. */
2616
2617 case OP_MARK:
2618 case OP_PRUNE_ARG:
2619 case OP_SKIP_ARG:
2620 code += code[1];
2621 break;
2622
2623 case OP_THEN_ARG:
2624 code += code[1];
2625 break;
2626
2627 /* None of the remaining opcodes are required to match a character. */
2628
2629 default:
2630 break;
2631 }
2632 }
2633
2634 return TRUE;
2635 }
2636
2637
2638
2639 /*************************************************
2640 * Scan compiled regex for non-emptiness *
2641 *************************************************/
2642
2643 /* This function is called to check for left recursive calls. We want to check
2644 the current branch of the current pattern to see if it could match the empty
2645 string. If it could, we must look outwards for branches at other levels,
2646 stopping when we pass beyond the bracket which is the subject of the recursion.
2647 This function is called only during the real compile, not during the
2648 pre-compile.
2649
2650 Arguments:
2651 code points to start of the recursion
2652 endcode points to where to stop (current RECURSE item)
2653 bcptr points to the chain of current (unclosed) branch starts
2654 utf TRUE if in UTF-8 / UTF-16 / UTF-32 mode
2655 cd pointers to tables etc
2656
2657 Returns: TRUE if what is matched could be empty
2658 */
2659
2660 static BOOL
2661 could_be_empty(const pcre_uchar *code, const pcre_uchar *endcode,
2662 branch_chain *bcptr, BOOL utf, compile_data *cd)
2663 {
2664 while (bcptr != NULL && bcptr->current_branch >= code)
2665 {
2666 if (!could_be_empty_branch(bcptr->current_branch, endcode, utf, cd))
2667 return FALSE;
2668 bcptr = bcptr->outer;
2669 }
2670 return TRUE;
2671 }
2672
2673
2674
2675 /*************************************************
2676 * Check for POSIX class syntax *
2677 *************************************************/
2678
2679 /* This function is called when the sequence "[:" or "[." or "[=" is
2680 encountered in a character class. It checks whether this is followed by a
2681 sequence of characters terminated by a matching ":]" or ".]" or "=]". If we
2682 reach an unescaped ']' without the special preceding character, return FALSE.
2683
2684 Originally, this function only recognized a sequence of letters between the
2685 terminators, but it seems that Perl recognizes any sequence of characters,
2686 though of course unknown POSIX names are subsequently rejected. Perl gives an
2687 "Unknown POSIX class" error for [:f\oo:] for example, where previously PCRE
2688 didn't consider this to be a POSIX class. Likewise for [:1234:].
2689
2690 The problem in trying to be exactly like Perl is in the handling of escapes. We
2691 have to be sure that [abc[:x\]pqr] is *not* treated as containing a POSIX
2692 class, but [abc[:x\]pqr:]] is (so that an error can be generated). The code
2693 below handles the special case of \], but does not try to do any other escape
2694 processing. This makes it different from Perl for cases such as [:l\ower:]
2695 where Perl recognizes it as the POSIX class "lower" but PCRE does not recognize
2696 "l\ower". This is a lesser evil that not diagnosing bad classes when Perl does,
2697 I think.
2698
2699 A user pointed out that PCRE was rejecting [:a[:digit:]] whereas Perl was not.
2700 It seems that the appearance of a nested POSIX class supersedes an apparent
2701 external class. For example, [:a[:digit:]b:] matches "a", "b", ":", or
2702 a digit.
2703
2704 In Perl, unescaped square brackets may also appear as part of class names. For
2705 example, [:a[:abc]b:] gives unknown POSIX class "[:abc]b:]". However, for
2706 [:a[:abc]b][b:] it gives unknown POSIX class "[:abc]b][b:]", which does not
2707 seem right at all. PCRE does not allow closing square brackets in POSIX class
2708 names.
2709
2710 Arguments:
2711 ptr pointer to the initial [
2712 endptr where to return the end pointer
2713
2714 Returns: TRUE or FALSE
2715 */
2716
2717 static BOOL
2718 check_posix_syntax(const pcre_uchar *ptr, const pcre_uchar **endptr)
2719 {
2720 pcre_uchar terminator; /* Don't combine these lines; the Solaris cc */
2721 terminator = *(++ptr); /* compiler warns about "non-constant" initializer. */
2722 for (++ptr; *ptr != CHAR_NULL; ptr++)
2723 {
2724 if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
2725 ptr++;
2726 else if (*ptr == CHAR_RIGHT_SQUARE_BRACKET) return FALSE;
2727 else
2728 {
2729 if (*ptr == terminator && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
2730 {
2731 *endptr = ptr;
2732 return TRUE;
2733 }
2734 if (*ptr == CHAR_LEFT_SQUARE_BRACKET &&
2735 (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
2736 ptr[1] == CHAR_EQUALS_SIGN) &&
2737 check_posix_syntax(ptr, endptr))
2738 return FALSE;
2739 }
2740 }
2741 return FALSE;
2742 }
2743
2744
2745
2746
2747 /*************************************************
2748 * Check POSIX class name *
2749 *************************************************/
2750
2751 /* This function is called to check the name given in a POSIX-style class entry
2752 such as [:alnum:].
2753
2754 Arguments:
2755 ptr points to the first letter
2756 len the length of the name
2757
2758 Returns: a value representing the name, or -1 if unknown
2759 */
2760
2761 static int
2762 check_posix_name(const pcre_uchar *ptr, int len)
2763 {
2764 const char *pn = posix_names;
2765 register int yield = 0;
2766 while (posix_name_lengths[yield] != 0)
2767 {
2768 if (len == posix_name_lengths[yield] &&
2769 STRNCMP_UC_C8(ptr, pn, (unsigned int)len) == 0) return yield;
2770 pn += posix_name_lengths[yield] + 1;
2771 yield++;
2772 }
2773 return -1;
2774 }
2775
2776
2777 /*************************************************
2778 * Adjust OP_RECURSE items in repeated group *
2779 *************************************************/
2780
2781 /* OP_RECURSE items contain an offset from the start of the regex to the group
2782 that is referenced. This means that groups can be replicated for fixed
2783 repetition simply by copying (because the recursion is allowed to refer to
2784 earlier groups that are outside the current group). However, when a group is
2785 optional (i.e. the minimum quantifier is zero), OP_BRAZERO or OP_SKIPZERO is
2786 inserted before it, after it has been compiled. This means that any OP_RECURSE
2787 items within it that refer to the group itself or any contained groups have to
2788 have their offsets adjusted. That one of the jobs of this function. Before it
2789 is called, the partially compiled regex must be temporarily terminated with
2790 OP_END.
2791
2792 This function has been extended with the possibility of forward references for
2793 recursions and subroutine calls. It must also check the list of such references
2794 for the group we are dealing with. If it finds that one of the recursions in
2795 the current group is on this list, it adjusts the offset in the list, not the
2796 value in the reference (which is a group number).
2797
2798 Arguments:
2799 group points to the start of the group
2800 adjust the amount by which the group is to be moved
2801 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
2802 cd contains pointers to tables etc.
2803 save_hwm the hwm forward reference pointer at the start of the group
2804
2805 Returns: nothing
2806 */
2807
2808 static void
2809 adjust_recurse(pcre_uchar *group, int adjust, BOOL utf, compile_data *cd,
2810 pcre_uchar *save_hwm)
2811 {
2812 pcre_uchar *ptr = group;
2813
2814 while ((ptr = (pcre_uchar *)find_recurse(ptr, utf)) != NULL)
2815 {
2816 int offset;
2817 pcre_uchar *hc;
2818
2819 /* See if this recursion is on the forward reference list. If so, adjust the
2820 reference. */
2821
2822 for (hc = save_hwm; hc < cd->hwm; hc += LINK_SIZE)
2823 {
2824 offset = (int)GET(hc, 0);
2825 if (cd->start_code + offset == ptr + 1)
2826 {
2827 PUT(hc, 0, offset + adjust);
2828 break;
2829 }
2830 }
2831
2832 /* Otherwise, adjust the recursion offset if it's after the start of this
2833 group. */
2834
2835 if (hc >= cd->hwm)
2836 {
2837 offset = (int)GET(ptr, 1);
2838 if (cd->start_code + offset >= group) PUT(ptr, 1, offset + adjust);
2839 }
2840
2841 ptr += 1 + LINK_SIZE;
2842 }
2843 }
2844
2845
2846
2847 /*************************************************
2848 * Insert an automatic callout point *
2849 *************************************************/
2850
2851 /* This function is called when the PCRE_AUTO_CALLOUT option is set, to insert
2852 callout points before each pattern item.
2853
2854 Arguments:
2855 code current code pointer
2856 ptr current pattern pointer
2857 cd pointers to tables etc
2858
2859 Returns: new code pointer
2860 */
2861
2862 static pcre_uchar *
2863 auto_callout(pcre_uchar *code, const pcre_uchar *ptr, compile_data *cd)
2864 {
2865 *code++ = OP_CALLOUT;
2866 *code++ = 255;
2867 PUT(code, 0, (int)(ptr - cd->start_pattern)); /* Pattern offset */
2868 PUT(code, LINK_SIZE, 0); /* Default length */
2869 return code + 2 * LINK_SIZE;
2870 }
2871
2872
2873
2874 /*************************************************
2875 * Complete a callout item *
2876 *************************************************/
2877
2878 /* A callout item contains the length of the next item in the pattern, which
2879 we can't fill in till after we have reached the relevant point. This is used
2880 for both automatic and manual callouts.
2881
2882 Arguments:
2883 previous_callout points to previous callout item
2884 ptr current pattern pointer
2885 cd pointers to tables etc
2886
2887 Returns: nothing
2888 */
2889
2890 static void
2891 complete_callout(pcre_uchar *previous_callout, const pcre_uchar *ptr, compile_data *cd)
2892 {
2893 int length = (int)(ptr - cd->start_pattern - GET(previous_callout, 2));
2894 PUT(previous_callout, 2 + LINK_SIZE, length);
2895 }
2896
2897
2898
2899 #ifdef SUPPORT_UCP
2900 /*************************************************
2901 * Get othercase range *
2902 *************************************************/
2903
2904 /* This function is passed the start and end of a class range, in UTF-8 mode
2905 with UCP support. It searches up the characters, looking for ranges of
2906 characters in the "other" case. Each call returns the next one, updating the
2907 start address. A character with multiple other cases is returned on its own
2908 with a special return value.
2909
2910 Arguments:
2911 cptr points to starting character value; updated
2912 d end value
2913 ocptr where to put start of othercase range
2914 odptr where to put end of othercase range
2915
2916 Yield: -1 when no more
2917 0 when a range is returned
2918 >0 the CASESET offset for char with multiple other cases
2919 in this case, ocptr contains the original
2920 */
2921
2922 static int
2923 get_othercase_range(pcre_uint32 *cptr, pcre_uint32 d, pcre_uint32 *ocptr,
2924 pcre_uint32 *odptr)
2925 {
2926 pcre_uint32 c, othercase, next;
2927 unsigned int co;
2928
2929 /* Find the first character that has an other case. If it has multiple other
2930 cases, return its case offset value. */
2931
2932 for (c = *cptr; c <= d; c++)
2933 {
2934 if ((co = UCD_CASESET(c)) != 0)
2935 {
2936 *ocptr = c++; /* Character that has the set */
2937 *cptr = c; /* Rest of input range */
2938 return (int)co;
2939 }
2940 if ((othercase = UCD_OTHERCASE(c)) != c) break;
2941 }
2942
2943 if (c > d) return -1; /* Reached end of range */
2944
2945 *ocptr = othercase;
2946 next = othercase + 1;
2947
2948 for (++c; c <= d; c++)
2949 {
2950 if (UCD_OTHERCASE(c) != next) break;
2951 next++;
2952 }
2953
2954 *odptr = next - 1; /* End of othercase range */
2955 *cptr = c; /* Rest of input range */
2956 return 0;
2957 }
2958
2959
2960
2961 /*************************************************
2962 * Check a character and a property *
2963 *************************************************/
2964
2965 /* This function is called by check_auto_possessive() when a property item
2966 is adjacent to a fixed character.
2967
2968 Arguments:
2969 c the character
2970 ptype the property type
2971 pdata the data for the type
2972 negated TRUE if it's a negated property (\P or \p{^)
2973
2974 Returns: TRUE if auto-possessifying is OK
2975 */
2976
2977 static BOOL
2978 check_char_prop(pcre_uint32 c, unsigned int ptype, unsigned int pdata, BOOL negated)
2979 {
2980 #ifdef SUPPORT_UCP
2981 const pcre_uint32 *p;
2982 #endif
2983
2984 const ucd_record *prop = GET_UCD(c);
2985
2986 switch(ptype)
2987 {
2988 case PT_LAMP:
2989 return (prop->chartype == ucp_Lu ||
2990 prop->chartype == ucp_Ll ||
2991 prop->chartype == ucp_Lt) == negated;
2992
2993 case PT_GC:
2994 return (pdata == PRIV(ucp_gentype)[prop->chartype]) == negated;
2995
2996 case PT_PC:
2997 return (pdata == prop->chartype) == negated;
2998
2999 case PT_SC:
3000 return (pdata == prop->script) == negated;
3001
3002 /* These are specials */
3003
3004 case PT_ALNUM:
3005 return (PRIV(ucp_gentype)[prop->chartype] == ucp_L ||
3006 PRIV(ucp_gentype)[prop->chartype] == ucp_N) == negated;
3007
3008 case PT_SPACE: /* Perl space */
3009 return (PRIV(ucp_gentype)[prop->chartype] == ucp_Z ||
3010 c == CHAR_HT || c == CHAR_NL || c == CHAR_FF || c == CHAR_CR)
3011 == negated;
3012
3013 case PT_PXSPACE: /* POSIX space */
3014 return (PRIV(ucp_gentype)[prop->chartype] == ucp_Z ||
3015 c == CHAR_HT || c == CHAR_NL || c == CHAR_VT ||
3016 c == CHAR_FF || c == CHAR_CR)
3017 == negated;
3018
3019 case PT_WORD:
3020 return (PRIV(ucp_gentype)[prop->chartype] == ucp_L ||
3021 PRIV(ucp_gentype)[prop->chartype] == ucp_N ||
3022 c == CHAR_UNDERSCORE) == negated;
3023
3024 #ifdef SUPPORT_UCP
3025 case PT_CLIST:
3026 p = PRIV(ucd_caseless_sets) + prop->caseset;
3027 for (;;)
3028 {
3029 if (c < *p) return !negated;
3030 if (c == *p++) return negated;
3031 }
3032 break; /* Control never reaches here */
3033 #endif
3034 }
3035
3036 return FALSE;
3037 }
3038 #endif /* SUPPORT_UCP */
3039
3040
3041
3042 /*************************************************
3043 * Check if auto-possessifying is possible *
3044 *************************************************/
3045
3046 /* This function is called for unlimited repeats of certain items, to see
3047 whether the next thing could possibly match the repeated item. If not, it makes
3048 sense to automatically possessify the repeated item.
3049
3050 Arguments:
3051 previous pointer to the repeated opcode
3052 utf TRUE in UTF-8 / UTF-16 / UTF-32 mode
3053 ptr next character in pattern
3054 options options bits
3055 cd contains pointers to tables etc.
3056
3057 Returns: TRUE if possessifying is wanted
3058 */
3059
3060 static BOOL
3061 check_auto_possessive(const pcre_uchar *previous, BOOL utf,
3062 const pcre_uchar *ptr, int options, compile_data *cd)
3063 {
3064 pcre_uint32 c = NOTACHAR;
3065 pcre_uint32 next;
3066 int escape;
3067 pcre_uchar op_code = *previous++;
3068
3069 /* Skip whitespace and comments in extended mode */
3070
3071 if ((options & PCRE_EXTENDED) != 0)
3072 {
3073 for (;;)
3074 {
3075 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_space) != 0) ptr++;
3076 if (*ptr == CHAR_NUMBER_SIGN)
3077 {
3078 ptr++;
3079 while (*ptr != CHAR_NULL)
3080 {
3081 if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }
3082 ptr++;
3083 #ifdef SUPPORT_UTF
3084 if (utf) FORWARDCHAR(ptr);
3085 #endif
3086 }
3087 }
3088 else break;
3089 }
3090 }
3091
3092 /* If the next item is one that we can handle, get its value. A non-negative
3093 value is a character, a negative value is an escape value. */
3094
3095 if (*ptr == CHAR_BACKSLASH)
3096 {
3097 int temperrorcode = 0;
3098 escape = check_escape(&ptr, &next, &temperrorcode, cd->bracount, options,
3099 FALSE);
3100 if (temperrorcode != 0) return FALSE;
3101 ptr++; /* Point after the escape sequence */
3102 }
3103 else if (!MAX_255(*ptr) || (cd->ctypes[*ptr] & ctype_meta) == 0)
3104 {
3105 escape = 0;
3106 #ifdef SUPPORT_UTF
3107 if (utf) { GETCHARINC(next, ptr); } else
3108 #endif
3109 next = *ptr++;
3110 }
3111 else return FALSE;
3112
3113 /* Skip whitespace and comments in extended mode */
3114
3115 if ((options & PCRE_EXTENDED) != 0)
3116 {
3117 for (;;)
3118 {
3119 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_space) != 0) ptr++;
3120 if (*ptr == CHAR_NUMBER_SIGN)
3121 {
3122 ptr++;
3123 while (*ptr != CHAR_NULL)
3124 {
3125 if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }
3126 ptr++;
3127 #ifdef SUPPORT_UTF
3128 if (utf) FORWARDCHAR(ptr);
3129 #endif
3130 }
3131 }
3132 else break;
3133 }
3134 }
3135
3136 /* If the next thing is itself optional, we have to give up. */
3137
3138 if (*ptr == CHAR_ASTERISK || *ptr == CHAR_QUESTION_MARK ||
3139 STRNCMP_UC_C8(ptr, STR_LEFT_CURLY_BRACKET STR_0 STR_COMMA, 3) == 0)
3140 return FALSE;
3141
3142 /* If the previous item is a character, get its value. */
3143
3144 if (op_code == OP_CHAR || op_code == OP_CHARI ||
3145 op_code == OP_NOT || op_code == OP_NOTI)
3146 {
3147 #ifdef SUPPORT_UTF
3148 GETCHARTEST(c, previous);
3149 #else
3150 c = *previous;
3151 #endif
3152 }
3153
3154 /* Now compare the next item with the previous opcode. First, handle cases when
3155 the next item is a character. */
3156
3157 if (escape == 0)
3158 {
3159 /* For a caseless UTF match, the next character may have more than one other
3160 case, which maps to the special PT_CLIST property. Check this first. */
3161
3162 #ifdef SUPPORT_UCP
3163 if (utf && c != NOTACHAR && (options & PCRE_CASELESS) != 0)
3164 {
3165 unsigned int ocs = UCD_CASESET(next);
3166 if (ocs > 0) return check_char_prop(c, PT_CLIST, ocs, op_code >= OP_NOT);
3167 }
3168 #endif
3169
3170 switch(op_code)
3171 {
3172 case OP_CHAR:
3173 return c != next;
3174
3175 /* For CHARI (caseless character) we must check the other case. If we have
3176 Unicode property support, we can use it to test the other case of
3177 high-valued characters. We know that next can have only one other case,
3178 because multi-other-case characters are dealt with above. */
3179
3180 case OP_CHARI:
3181 if (c == next) return FALSE;
3182 #ifdef SUPPORT_UTF
3183 if (utf)
3184 {
3185 pcre_uint32 othercase;
3186 if (next < 128) othercase = cd->fcc[next]; else
3187 #ifdef SUPPORT_UCP
3188 othercase = UCD_OTHERCASE(next);
3189 #else
3190 othercase = NOTACHAR;
3191 #endif
3192 return c != othercase;
3193 }
3194 else
3195 #endif /* SUPPORT_UTF */
3196 return (c != TABLE_GET(next, cd->fcc, next)); /* Not UTF */
3197
3198 case OP_NOT:
3199 return c == next;
3200
3201 case OP_NOTI:
3202 if (c == next) return TRUE;
3203 #ifdef SUPPORT_UTF
3204 if (utf)
3205 {
3206 pcre_uint32 othercase;
3207 if (next < 128) othercase = cd->fcc[next]; else
3208 #ifdef SUPPORT_UCP
3209 othercase = UCD_OTHERCASE(next);
3210 #else
3211 othercase = NOTACHAR;
3212 #endif
3213 return c == othercase;
3214 }
3215 else
3216 #endif /* SUPPORT_UTF */
3217 return (c == TABLE_GET(next, cd->fcc, next)); /* Not UTF */
3218
3219 /* Note that OP_DIGIT etc. are generated only when PCRE_UCP is *not* set.
3220 When it is set, \d etc. are converted into OP_(NOT_)PROP codes. */
3221
3222 case OP_DIGIT:
3223 return next > 255 || (cd->ctypes[next] & ctype_digit) == 0;
3224
3225 case OP_NOT_DIGIT:
3226 return next <= 255 && (cd->ctypes[next] & ctype_digit) != 0;
3227
3228 case OP_WHITESPACE:
3229 return next > 255 || (cd->ctypes[next] & ctype_space) == 0;
3230
3231 case OP_NOT_WHITESPACE:
3232 return next <= 255 && (cd->ctypes[next] & ctype_space) != 0;
3233
3234 case OP_WORDCHAR:
3235 return next > 255 || (cd->ctypes[next] & ctype_word) == 0;
3236
3237 case OP_NOT_WORDCHAR:
3238 return next <= 255 && (cd->ctypes[next] & ctype_word) != 0;
3239
3240 case OP_HSPACE:
3241 case OP_NOT_HSPACE:
3242 switch(next)
3243 {
3244 HSPACE_CASES:
3245 return op_code == OP_NOT_HSPACE;
3246
3247 default:
3248 return op_code != OP_NOT_HSPACE;
3249 }
3250
3251 case OP_ANYNL:
3252 case OP_VSPACE:
3253 case OP_NOT_VSPACE:
3254 switch(next)
3255 {
3256 VSPACE_CASES:
3257 return op_code == OP_NOT_VSPACE;
3258
3259 default:
3260 return op_code != OP_NOT_VSPACE;
3261 }
3262
3263 #ifdef SUPPORT_UCP
3264 case OP_PROP:
3265 return check_char_prop(next, previous[0], previous[1], FALSE);
3266
3267 case OP_NOTPROP:
3268 return check_char_prop(next, previous[0], previous[1], TRUE);
3269 #endif
3270
3271 default:
3272 return FALSE;
3273 }
3274 }
3275
3276 /* Handle the case when the next item is \d, \s, etc. Note that when PCRE_UCP
3277 is set, \d turns into ESC_du rather than ESC_d, etc., so ESC_d etc. are
3278 generated only when PCRE_UCP is *not* set, that is, when only ASCII
3279 characteristics are recognized. Similarly, the opcodes OP_DIGIT etc. are
3280 replaced by OP_PROP codes when PCRE_UCP is set. */
3281
3282 switch(op_code)
3283 {
3284 case OP_CHAR:
3285 case OP_CHARI:
3286 switch(escape)
3287 {
3288 case ESC_d:
3289 return c > 255 || (cd->ctypes[c] & ctype_digit) == 0;
3290
3291 case ESC_D:
3292 return c <= 255 && (cd->ctypes[c] & ctype_digit) != 0;
3293
3294 case ESC_s:
3295 return c > 255 || (cd->ctypes[c] & ctype_space) == 0;
3296
3297 case ESC_S:
3298 return c <= 255 && (cd->ctypes[c] & ctype_space) != 0;
3299
3300 case ESC_w:
3301 return c > 255 || (cd->ctypes[c] & ctype_word) == 0;
3302
3303 case ESC_W:
3304 return c <= 255 && (cd->ctypes[c] & ctype_word) != 0;
3305
3306 case ESC_h:
3307 case ESC_H:
3308 switch(c)
3309 {
3310 HSPACE_CASES:
3311 return escape != ESC_h;
3312
3313 default:
3314 return escape == ESC_h;
3315 }
3316
3317 case ESC_v:
3318 case ESC_V:
3319 switch(c)
3320 {
3321 VSPACE_CASES:
3322 return escape != ESC_v;
3323
3324 default:
3325 return escape == ESC_v;
3326 }
3327
3328 /* When PCRE_UCP is set, these values get generated for \d etc. Find
3329 their substitutions and process them. The result will always be either
3330 ESC_p or ESC_P. Then fall through to process those values. */
3331
3332 #ifdef SUPPORT_UCP
3333 case ESC_du:
3334 case ESC_DU:
3335 case ESC_wu:
3336 case ESC_WU:
3337 case ESC_su:
3338 case ESC_SU:
3339 {
3340 int temperrorcode = 0;
3341 ptr = substitutes[escape - ESC_DU];
3342 escape = check_escape(&ptr, &next, &temperrorcode, 0, options, FALSE);
3343 if (temperrorcode != 0) return FALSE;
3344 ptr++; /* For compatibility */
3345 }
3346 /* Fall through */
3347
3348 case ESC_p:
3349 case ESC_P:
3350 {
3351 unsigned int ptype = 0, pdata = 0;
3352 int errorcodeptr;
3353 BOOL negated;
3354
3355 ptr--; /* Make ptr point at the p or P */
3356 if (!get_ucp(&ptr, &negated, &ptype, &pdata, &errorcodeptr))
3357 return FALSE;
3358 ptr++; /* Point past the final curly ket */
3359
3360 /* If the property item is optional, we have to give up. (When generated
3361 from \d etc by PCRE_UCP, this test will have been applied much earlier,
3362 to the original \d etc. At this point, ptr will point to a zero byte. */
3363
3364 if (*ptr == CHAR_ASTERISK || *ptr == CHAR_QUESTION_MARK ||
3365 STRNCMP_UC_C8(ptr, STR_LEFT_CURLY_BRACKET STR_0 STR_COMMA, 3) == 0)
3366 return FALSE;
3367
3368 /* Do the property check. */
3369
3370 return check_char_prop(c, ptype, pdata, (escape == ESC_P) != negated);
3371 }
3372 #endif
3373
3374 default:
3375 return FALSE;
3376 }
3377
3378 /* In principle, support for Unicode properties should be integrated here as
3379 well. It means re-organizing the above code so as to get hold of the property
3380 values before switching on the op-code. However, I wonder how many patterns
3381 combine ASCII \d etc with Unicode properties? (Note that if PCRE_UCP is set,
3382 these op-codes are never generated.) */
3383
3384 case OP_DIGIT:
3385 return escape == ESC_D || escape == ESC_s || escape == ESC_W ||
3386 escape == ESC_h || escape == ESC_v || escape == ESC_R;
3387
3388 case OP_NOT_DIGIT:
3389 return escape == ESC_d;
3390
3391 case OP_WHITESPACE:
3392 return escape == ESC_S || escape == ESC_d || escape == ESC_w;
3393
3394 case OP_NOT_WHITESPACE:
3395 return escape == ESC_s || escape == ESC_h || escape == ESC_v || escape == ESC_R;
3396
3397 case OP_HSPACE:
3398 return escape == ESC_S || escape == ESC_H || escape == ESC_d ||
3399 escape == ESC_w || escape == ESC_v || escape == ESC_R;
3400
3401 case OP_NOT_HSPACE:
3402 return escape == ESC_h;
3403
3404 /* Can't have \S in here because VT matches \S (Perl anomaly) */
3405 case OP_ANYNL:
3406 case OP_VSPACE:
3407 return escape == ESC_V || escape == ESC_d || escape == ESC_w;
3408
3409 case OP_NOT_VSPACE:
3410 return escape == ESC_v || escape == ESC_R;
3411
3412 case OP_WORDCHAR:
3413 return escape == ESC_W || escape == ESC_s || escape == ESC_h ||
3414 escape == ESC_v || escape == ESC_R;
3415
3416 case OP_NOT_WORDCHAR:
3417 return escape == ESC_w || escape == ESC_d;
3418
3419 default:
3420 return FALSE;
3421 }
3422
3423 /* Control does not reach here */
3424 }
3425
3426
3427
3428 /*************************************************
3429 * Add a character or range to a class *
3430 *************************************************/
3431
3432 /* This function packages up the logic of adding a character or range of
3433 characters to a class. The character values in the arguments will be within the
3434 valid values for the current mode (8-bit, 16-bit, UTF, etc). This function is
3435 mutually recursive with the function immediately below.
3436
3437 Arguments:
3438 classbits the bit map for characters < 256
3439 uchardptr points to the pointer for extra data
3440 options the options word
3441 cd contains pointers to tables etc.
3442 start start of range character
3443 end end of range character
3444
3445 Returns: the number of < 256 characters added
3446 the pointer to extra data is updated
3447 */
3448
3449 static int
3450 add_to_class(pcre_uint8 *classbits, pcre_uchar **uchardptr, int options,
3451 compile_data *cd, pcre_uint32 start, pcre_uint32 end)
3452 {
3453 pcre_uint32 c;
3454 int n8 = 0;
3455
3456 /* If caseless matching is required, scan the range and process alternate
3457 cases. In Unicode, there are 8-bit characters that have alternate cases that
3458 are greater than 255 and vice-versa. Sometimes we can just extend the original
3459 range. */
3460
3461 if ((options & PCRE_CASELESS) != 0)
3462 {
3463 #ifdef SUPPORT_UCP
3464 if ((options & PCRE_UTF8) != 0)
3465 {
3466 int rc;
3467 pcre_uint32 oc, od;
3468
3469 options &= ~PCRE_CASELESS; /* Remove for recursive calls */
3470 c = start;
3471
3472 while ((rc = get_othercase_range(&c, end, &oc, &od)) >= 0)
3473 {
3474 /* Handle a single character that has more than one other case. */
3475
3476 if (rc > 0) n8 += add_list_to_class(classbits, uchardptr, options, cd,
3477 PRIV(ucd_caseless_sets) + rc, oc);
3478
3479 /* Do nothing if the other case range is within the original range. */
3480
3481 else if (oc >= start && od <= end) continue;
3482
3483 /* Extend the original range if there is overlap, noting that if oc < c, we
3484 can't have od > end because a subrange is always shorter than the basic
3485 range. Otherwise, use a recursive call to add the additional range. */
3486
3487 else if (oc < start && od >= start - 1) start = oc; /* Extend downwards */
3488 else if (od > end && oc <= end + 1) end = od; /* Extend upwards */
3489 else n8 += add_to_class(classbits, uchardptr, options, cd, oc, od);
3490 }
3491 }
3492 else
3493 #endif /* SUPPORT_UCP */
3494
3495 /* Not UTF-mode, or no UCP */
3496
3497 for (c = start; c <= end && c < 256; c++)
3498 {
3499 SETBIT(classbits, cd->fcc[c]);
3500 n8++;
3501 }
3502 }
3503
3504 /* Now handle the original range. Adjust the final value according to the bit
3505 length - this means that the same lists of (e.g.) horizontal spaces can be used
3506 in all cases. */
3507
3508 #if defined COMPILE_PCRE8
3509 #ifdef SUPPORT_UTF
3510 if ((options & PCRE_UTF8) == 0)
3511 #endif
3512 if (end > 0xff) end = 0xff;
3513
3514 #elif defined COMPILE_PCRE16
3515 #ifdef SUPPORT_UTF
3516 if ((options & PCRE_UTF16) == 0)
3517 #endif
3518 if (end > 0xffff) end = 0xffff;
3519
3520 #endif /* COMPILE_PCRE[8|16] */
3521
3522 /* If all characters are less than 256, use the bit map. Otherwise use extra
3523 data. */
3524
3525 if (end < 0x100)
3526 {
3527 for (c = start; c <= end; c++)
3528 {
3529 n8++;
3530 SETBIT(classbits, c);
3531 }
3532 }
3533
3534 else
3535 {
3536 pcre_uchar *uchardata = *uchardptr;
3537
3538 #ifdef SUPPORT_UTF
3539 if ((options & PCRE_UTF8) != 0) /* All UTFs use the same flag bit */
3540 {
3541 if (start < end)
3542 {
3543 *uchardata++ = XCL_RANGE;
3544 uchardata += PRIV(ord2utf)(start, uchardata);
3545 uchardata += PRIV(ord2utf)(end, uchardata);
3546 }
3547 else if (start == end)
3548 {
3549 *uchardata++ = XCL_SINGLE;
3550 uchardata += PRIV(ord2utf)(start, uchardata);
3551 }
3552 }
3553 else
3554 #endif /* SUPPORT_UTF */
3555
3556 /* Without UTF support, character values are constrained by the bit length,
3557 and can only be > 256 for 16-bit and 32-bit libraries. */
3558
3559 #ifdef COMPILE_PCRE8
3560 {}
3561 #else
3562 if (start < end)
3563 {
3564 *uchardata++ = XCL_RANGE;
3565 *uchardata++ = start;
3566 *uchardata++ = end;
3567 }
3568 else if (start == end)
3569 {
3570 *uchardata++ = XCL_SINGLE;
3571 *uchardata++ = start;
3572 }
3573 #endif
3574
3575 *uchardptr = uchardata; /* Updata extra data pointer */
3576 }
3577
3578 return n8; /* Number of 8-bit characters */
3579 }
3580
3581
3582
3583
3584 /*************************************************
3585 * Add a list of characters to a class *
3586 *************************************************/
3587
3588 /* This function is used for adding a list of case-equivalent characters to a
3589 class, and also for adding a list of horizontal or vertical whitespace. If the
3590 list is in order (which it should be), ranges of characters are detected and
3591 handled appropriately. This function is mutually recursive with the function
3592 above.
3593
3594 Arguments:
3595 classbits the bit map for characters < 256
3596 uchardptr points to the pointer for extra data
3597 options the options word
3598 cd contains pointers to tables etc.
3599 p points to row of 32-bit values, terminated by NOTACHAR
3600 except character to omit; this is used when adding lists of
3601 case-equivalent characters to avoid including the one we
3602 already know about
3603
3604 Returns: the number of < 256 characters added
3605 the pointer to extra data is updated
3606 */
3607
3608 static int
3609 add_list_to_class(pcre_uint8 *classbits, pcre_uchar **uchardptr, int options,
3610 compile_data *cd, const pcre_uint32 *p, unsigned int except)
3611 {
3612 int n8 = 0;
3613 while (p[0] < NOTACHAR)
3614 {
3615 int n = 0;
3616 if (p[0] != except)
3617 {
3618 while(p[n+1] == p[0] + n + 1) n++;
3619 n8 += add_to_class(classbits, uchardptr, options, cd, p[0], p[n]);
3620 }
3621 p += n + 1;
3622 }
3623 return n8;
3624 }
3625
3626
3627
3628 /*************************************************
3629 * Add characters not in a list to a class *
3630 *************************************************/
3631
3632 /* This function is used for adding the complement of a list of horizontal or
3633 vertical whitespace to a class. The list must be in order.
3634
3635 Arguments:
3636 classbits the bit map for characters < 256
3637 uchardptr points to the pointer for extra data
3638 options the options word
3639 cd contains pointers to tables etc.
3640 p points to row of 32-bit values, terminated by NOTACHAR
3641
3642 Returns: the number of < 256 characters added
3643 the pointer to extra data is updated
3644 */
3645
3646 static int
3647 add_not_list_to_class(pcre_uint8 *classbits, pcre_uchar **uchardptr,
3648 int options, compile_data *cd, const pcre_uint32 *p)
3649 {
3650 BOOL utf = (options & PCRE_UTF8) != 0;
3651 int n8 = 0;
3652 if (p[0] > 0)
3653 n8 += add_to_class(classbits, uchardptr, options, cd, 0, p[0] - 1);
3654 while (p[0] < NOTACHAR)
3655 {
3656 while (p[1] == p[0] + 1) p++;
3657 n8 += add_to_class(classbits, uchardptr, options, cd, p[0] + 1,
3658 (p[1] == NOTACHAR) ? (utf ? 0x10ffffu : 0xffffffffu) : p[1] - 1);
3659 p++;
3660 }
3661 return n8;
3662 }
3663
3664
3665
3666 /*************************************************
3667 * Compile one branch *
3668 *************************************************/
3669
3670 /* Scan the pattern, compiling it into the a vector. If the options are
3671 changed during the branch, the pointer is used to change the external options
3672 bits. This function is used during the pre-compile phase when we are trying
3673 to find out the amount of memory needed, as well as during the real compile
3674 phase. The value of lengthptr distinguishes the two phases.
3675
3676 Arguments:
3677 optionsptr pointer to the option bits
3678 codeptr points to the pointer to the current code point
3679 ptrptr points to the current pattern pointer
3680 errorcodeptr points to error code variable
3681 firstcharptr place to put the first required character
3682 firstcharflagsptr place to put the first character flags, or a negative number
3683 reqcharptr place to put the last required character
3684 reqcharflagsptr place to put the last required character flags, or a negative number
3685 bcptr points to current branch chain
3686 cond_depth conditional nesting depth
3687 cd contains pointers to tables etc.
3688 lengthptr NULL during the real compile phase
3689 points to length accumulator during pre-compile phase
3690
3691 Returns: TRUE on success
3692 FALSE, with *errorcodeptr set non-zero on error
3693 */
3694
3695 static BOOL
3696 compile_branch(int *optionsptr, pcre_uchar **codeptr,
3697 const pcre_uchar **ptrptr, int *errorcodeptr,
3698 pcre_uint32 *firstcharptr, pcre_int32 *firstcharflagsptr,
3699 pcre_uint32 *reqcharptr, pcre_int32 *reqcharflagsptr,
3700 branch_chain *bcptr, int cond_depth,
3701 compile_data *cd, int *lengthptr)
3702 {
3703 int repeat_type, op_type;
3704 int repeat_min = 0, repeat_max = 0; /* To please picky compilers */
3705 int bravalue = 0;
3706 int greedy_default, greedy_non_default;
3707 pcre_uint32 firstchar, reqchar;
3708 pcre_int32 firstcharflags, reqcharflags;
3709 pcre_uint32 zeroreqchar, zerofirstchar;
3710 pcre_int32 zeroreqcharflags, zerofirstcharflags;
3711 pcre_int32 req_caseopt, reqvary, tempreqvary;
3712 int options = *optionsptr; /* May change dynamically */
3713 int after_manual_callout = 0;
3714 int length_prevgroup = 0;
3715 register pcre_uint32 c;
3716 int escape;
3717 register pcre_uchar *code = *codeptr;
3718 pcre_uchar *last_code = code;
3719 pcre_uchar *orig_code = code;
3720 pcre_uchar *tempcode;
3721 BOOL inescq = FALSE;
3722 BOOL groupsetfirstchar = FALSE;
3723 const pcre_uchar *ptr = *ptrptr;
3724 const pcre_uchar *tempptr;
3725 const pcre_uchar *nestptr = NULL;
3726 pcre_uchar *previous = NULL;
3727 pcre_uchar *previous_callout = NULL;
3728 pcre_uchar *save_hwm = NULL;
3729 pcre_uint8 classbits[32];
3730
3731 /* We can fish out the UTF-8 setting once and for all into a BOOL, but we
3732 must not do this for other options (e.g. PCRE_EXTENDED) because they may change
3733 dynamically as we process the pattern. */
3734
3735 #ifdef SUPPORT_UTF
3736 /* PCRE_UTF[16|32] have the same value as PCRE_UTF8. */
3737 BOOL utf = (options & PCRE_UTF8) != 0;
3738 #ifndef COMPILE_PCRE32
3739 pcre_uchar utf_chars[6];
3740 #endif
3741 #else
3742 BOOL utf = FALSE;
3743 #endif
3744
3745 /* Helper variables for OP_XCLASS opcode (for characters > 255). We define
3746 class_uchardata always so that it can be passed to add_to_class() always,
3747 though it will not be used in non-UTF 8-bit cases. This avoids having to supply
3748 alternative calls for the different cases. */
3749
3750 pcre_uchar *class_uchardata;
3751 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3752 BOOL xclass;
3753 pcre_uchar *class_uchardata_base;
3754 #endif
3755
3756 #ifdef PCRE_DEBUG
3757 if (lengthptr != NULL) DPRINTF((">> start branch\n"));
3758 #endif
3759
3760 /* Set up the default and non-default settings for greediness */
3761
3762 greedy_default = ((options & PCRE_UNGREEDY) != 0);
3763 greedy_non_default = greedy_default ^ 1;
3764
3765 /* Initialize no first byte, no required byte. REQ_UNSET means "no char
3766 matching encountered yet". It gets changed to REQ_NONE if we hit something that
3767 matches a non-fixed char first char; reqchar just remains unset if we never
3768 find one.
3769
3770 When we hit a repeat whose minimum is zero, we may have to adjust these values
3771 to take the zero repeat into account. This is implemented by setting them to
3772 zerofirstbyte and zeroreqchar when such a repeat is encountered. The individual
3773 item types that can be repeated set these backoff variables appropriately. */
3774
3775 firstchar = reqchar = zerofirstchar = zeroreqchar = 0;
3776 firstcharflags = reqcharflags = zerofirstcharflags = zeroreqcharflags = REQ_UNSET;
3777
3778 /* The variable req_caseopt contains either the REQ_CASELESS value
3779 or zero, according to the current setting of the caseless flag. The
3780 REQ_CASELESS leaves the lower 28 bit empty. It is added into the
3781 firstchar or reqchar variables to record the case status of the
3782 value. This is used only for ASCII characters. */
3783
3784 req_caseopt = ((options & PCRE_CASELESS) != 0)? REQ_CASELESS:0;
3785
3786 /* Switch on next character until the end of the branch */
3787
3788 for (;; ptr++)
3789 {
3790 BOOL negate_class;
3791 BOOL should_flip_negation;
3792 BOOL possessive_quantifier;
3793 BOOL is_quantifier;
3794 BOOL is_recurse;
3795 BOOL reset_bracount;
3796 int class_has_8bitchar;
3797 int class_one_char;
3798 int newoptions;
3799 int recno;
3800 int refsign;
3801 int skipbytes;
3802 pcre_uint32 subreqchar, subfirstchar;
3803 pcre_int32 subreqcharflags, subfirstcharflags;
3804 int terminator;
3805 unsigned int mclength;
3806 unsigned int tempbracount;
3807 pcre_uint32 ec;
3808 pcre_uchar mcbuffer[8];
3809
3810 /* Get next character in the pattern */
3811
3812 c = *ptr;
3813
3814 /* If we are at the end of a nested substitution, revert to the outer level
3815 string. Nesting only happens one level deep. */
3816
3817 if (c == CHAR_NULL && nestptr != NULL)
3818 {
3819 ptr = nestptr;
3820 nestptr = NULL;
3821 c = *ptr;
3822 }
3823
3824 /* If we are in the pre-compile phase, accumulate the length used for the
3825 previous cycle of this loop. */
3826
3827 if (lengthptr != NULL)
3828 {
3829 #ifdef PCRE_DEBUG
3830 if (code > cd->hwm) cd->hwm = code; /* High water info */
3831 #endif
3832 if (code > cd->start_workspace + cd->workspace_size -
3833 WORK_SIZE_SAFETY_MARGIN) /* Check for overrun */
3834 {
3835 *errorcodeptr = ERR52;
3836 goto FAILED;
3837 }
3838
3839 /* There is at least one situation where code goes backwards: this is the
3840 case of a zero quantifier after a class (e.g. [ab]{0}). At compile time,
3841 the class is simply eliminated. However, it is created first, so we have to
3842 allow memory for it. Therefore, don't ever reduce the length at this point.
3843 */
3844
3845 if (code < last_code) code = last_code;
3846
3847 /* Paranoid check for integer overflow */
3848
3849 if (OFLOW_MAX - *lengthptr < code - last_code)
3850 {
3851 *errorcodeptr = ERR20;
3852 goto FAILED;
3853 }
3854
3855 *lengthptr += (int)(code - last_code);
3856 DPRINTF(("length=%d added %d c=%c (0x%x)\n", *lengthptr,
3857 (int)(code - last_code), c, c));
3858
3859 /* If "previous" is set and it is not at the start of the work space, move
3860 it back to there, in order to avoid filling up the work space. Otherwise,
3861 if "previous" is NULL, reset the current code pointer to the start. */
3862
3863 if (previous != NULL)
3864 {
3865 if (previous > orig_code)
3866 {
3867 memmove(orig_code, previous, IN_UCHARS(code - previous));
3868 code -= previous - orig_code;
3869 previous = orig_code;
3870 }
3871 }
3872 else code = orig_code;
3873
3874 /* Remember where this code item starts so we can pick up the length
3875 next time round. */
3876
3877 last_code = code;
3878 }
3879
3880 /* In the real compile phase, just check the workspace used by the forward
3881 reference list. */
3882
3883 else if (cd->hwm > cd->start_workspace + cd->workspace_size -
3884 WORK_SIZE_SAFETY_MARGIN)
3885 {
3886 *errorcodeptr = ERR52;
3887 goto FAILED;
3888 }
3889
3890 /* If in \Q...\E, check for the end; if not, we have a literal */
3891
3892 if (inescq && c != CHAR_NULL)
3893 {
3894 if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E)
3895 {
3896 inescq = FALSE;
3897 ptr++;
3898 continue;
3899 }
3900 else
3901 {
3902 if (previous_callout != NULL)
3903 {
3904 if (lengthptr == NULL) /* Don't attempt in pre-compile phase */
3905 complete_callout(previous_callout, ptr, cd);
3906 previous_callout = NULL;
3907 }
3908 if ((options & PCRE_AUTO_CALLOUT) != 0)
3909 {
3910 previous_callout = code;
3911 code = auto_callout(code, ptr, cd);
3912 }
3913 goto NORMAL_CHAR;
3914 }
3915 }
3916
3917 /* Fill in length of a previous callout, except when the next thing is
3918 a quantifier. */
3919
3920 is_quantifier =
3921 c == CHAR_ASTERISK || c == CHAR_PLUS || c == CHAR_QUESTION_MARK ||
3922 (c == CHAR_LEFT_CURLY_BRACKET && is_counted_repeat(ptr+1));
3923
3924 if (!is_quantifier && previous_callout != NULL &&
3925 after_manual_callout-- <= 0)
3926 {
3927 if (lengthptr == NULL) /* Don't attempt in pre-compile phase */
3928 complete_callout(previous_callout, ptr, cd);
3929 previous_callout = NULL;
3930 }
3931
3932 /* In extended mode, skip white space and comments. */
3933
3934 if ((options & PCRE_EXTENDED) != 0)
3935 {
3936 if (MAX_255(*ptr) && (cd->ctypes[c] & ctype_space) != 0) continue;
3937 if (c == CHAR_NUMBER_SIGN)
3938 {
3939 ptr++;
3940 while (*ptr != CHAR_NULL)
3941 {
3942 if (IS_NEWLINE(ptr)) { ptr += cd->nllen - 1; break; }
3943 ptr++;
3944 #ifdef SUPPORT_UTF
3945 if (utf) FORWARDCHAR(ptr);
3946 #endif
3947 }
3948 if (*ptr != CHAR_NULL) continue;
3949
3950 /* Else fall through to handle end of string */
3951 c = 0;
3952 }
3953 }
3954
3955 /* No auto callout for quantifiers. */
3956
3957 if ((options & PCRE_AUTO_CALLOUT) != 0 && !is_quantifier)
3958 {
3959 previous_callout = code;
3960 code = auto_callout(code, ptr, cd);
3961 }
3962
3963 switch(c)
3964 {
3965 /* ===================================================================*/
3966 case 0: /* The branch terminates at string end */
3967 case CHAR_VERTICAL_LINE: /* or | or ) */
3968 case CHAR_RIGHT_PARENTHESIS:
3969 *firstcharptr = firstchar;
3970 *firstcharflagsptr = firstcharflags;
3971 *reqcharptr = reqchar;
3972 *reqcharflagsptr = reqcharflags;
3973 *codeptr = code;
3974 *ptrptr = ptr;
3975 if (lengthptr != NULL)
3976 {
3977 if (OFLOW_MAX - *lengthptr < code - last_code)
3978 {
3979 *errorcodeptr = ERR20;
3980 goto FAILED;
3981 }
3982 *lengthptr += (int)(code - last_code); /* To include callout length */
3983 DPRINTF((">> end branch\n"));
3984 }
3985 return TRUE;
3986
3987
3988 /* ===================================================================*/
3989 /* Handle single-character metacharacters. In multiline mode, ^ disables
3990 the setting of any following char as a first character. */
3991
3992 case CHAR_CIRCUMFLEX_ACCENT:
3993 previous = NULL;
3994 if ((options & PCRE_MULTILINE) != 0)
3995 {
3996 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
3997 *code++ = OP_CIRCM;
3998 }
3999 else *code++ = OP_CIRC;
4000 break;
4001
4002 case CHAR_DOLLAR_SIGN:
4003 previous = NULL;
4004 *code++ = ((options & PCRE_MULTILINE) != 0)? OP_DOLLM : OP_DOLL;
4005 break;
4006
4007 /* There can never be a first char if '.' is first, whatever happens about
4008 repeats. The value of reqchar doesn't change either. */
4009
4010 case CHAR_DOT:
4011 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
4012 zerofirstchar = firstchar;
4013 zerofirstcharflags = firstcharflags;
4014 zeroreqchar = reqchar;
4015 zeroreqcharflags = reqcharflags;
4016 previous = code;
4017 *code++ = ((options & PCRE_DOTALL) != 0)? OP_ALLANY: OP_ANY;
4018 break;
4019
4020
4021 /* ===================================================================*/
4022 /* Character classes. If the included characters are all < 256, we build a
4023 32-byte bitmap of the permitted characters, except in the special case
4024 where there is only one such character. For negated classes, we build the
4025 map as usual, then invert it at the end. However, we use a different opcode
4026 so that data characters > 255 can be handled correctly.
4027
4028 If the class contains characters outside the 0-255 range, a different
4029 opcode is compiled. It may optionally have a bit map for characters < 256,
4030 but those above are are explicitly listed afterwards. A flag byte tells
4031 whether the bitmap is present, and whether this is a negated class or not.
4032
4033 In JavaScript compatibility mode, an isolated ']' causes an error. In
4034 default (Perl) mode, it is treated as a data character. */
4035
4036 case CHAR_RIGHT_SQUARE_BRACKET:
4037 if ((cd->external_options & PCRE_JAVASCRIPT_COMPAT) != 0)
4038 {
4039 *errorcodeptr = ERR64;
4040 goto FAILED;
4041 }
4042 goto NORMAL_CHAR;
4043
4044 case CHAR_LEFT_SQUARE_BRACKET:
4045 previous = code;
4046
4047 /* PCRE supports POSIX class stuff inside a class. Perl gives an error if
4048 they are encountered at the top level, so we'll do that too. */
4049
4050 if ((ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
4051 ptr[1] == CHAR_EQUALS_SIGN) &&
4052 check_posix_syntax(ptr, &tempptr))
4053 {
4054 *errorcodeptr = (ptr[1] == CHAR_COLON)? ERR13 : ERR31;
4055 goto FAILED;
4056 }
4057
4058 /* If the first character is '^', set the negation flag and skip it. Also,
4059 if the first few characters (either before or after ^) are \Q\E or \E we
4060 skip them too. This makes for compatibility with Perl. */
4061
4062 negate_class = FALSE;
4063 for (;;)
4064 {
4065 c = *(++ptr);
4066 if (c == CHAR_BACKSLASH)
4067 {
4068 if (ptr[1] == CHAR_E)
4069 ptr++;
4070 else if (STRNCMP_UC_C8(ptr + 1, STR_Q STR_BACKSLASH STR_E, 3) == 0)
4071 ptr += 3;
4072 else
4073 break;
4074 }
4075 else if (!negate_class && c == CHAR_CIRCUMFLEX_ACCENT)
4076 negate_class = TRUE;
4077 else break;
4078 }
4079
4080 /* Empty classes are allowed in JavaScript compatibility mode. Otherwise,
4081 an initial ']' is taken as a data character -- the code below handles
4082 that. In JS mode, [] must always fail, so generate OP_FAIL, whereas
4083 [^] must match any character, so generate OP_ALLANY. */
4084
4085 if (c == CHAR_RIGHT_SQUARE_BRACKET &&
4086 (cd->external_options & PCRE_JAVASCRIPT_COMPAT) != 0)
4087 {
4088 *code++ = negate_class? OP_ALLANY : OP_FAIL;
4089 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
4090 zerofirstchar = firstchar;
4091 zerofirstcharflags = firstcharflags;
4092 break;
4093 }
4094
4095 /* If a class contains a negative special such as \S, we need to flip the
4096 negation flag at the end, so that support for characters > 255 works
4097 correctly (they are all included in the class). */
4098
4099 should_flip_negation = FALSE;
4100
4101 /* For optimization purposes, we track some properties of the class:
4102 class_has_8bitchar will be non-zero if the class contains at least one <
4103 256 character; class_one_char will be 1 if the class contains just one
4104 character. */
4105
4106 class_has_8bitchar = 0;
4107 class_one_char = 0;
4108
4109 /* Initialize the 32-char bit map to all zeros. We build the map in a
4110 temporary bit of memory, in case the class contains fewer than two
4111 8-bit characters because in that case the compiled code doesn't use the bit
4112 map. */
4113
4114 memset(classbits, 0, 32 * sizeof(pcre_uint8));
4115
4116 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4117 xclass = FALSE;
4118 class_uchardata = code + LINK_SIZE + 2; /* For XCLASS items */
4119 class_uchardata_base = class_uchardata; /* Save the start */
4120 #endif
4121
4122 /* Process characters until ] is reached. By writing this as a "do" it
4123 means that an initial ] is taken as a data character. At the start of the
4124 loop, c contains the first byte of the character. */
4125
4126 if (c != CHAR_NULL) do
4127 {
4128 const pcre_uchar *oldptr;
4129
4130 #ifdef SUPPORT_UTF
4131 if (utf && HAS_EXTRALEN(c))
4132 { /* Braces are required because the */
4133 GETCHARLEN(c, ptr, ptr); /* macro generates multiple statements */
4134 }
4135 #endif
4136
4137 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4138 /* In the pre-compile phase, accumulate the length of any extra
4139 data and reset the pointer. This is so that very large classes that
4140 contain a zillion > 255 characters no longer overwrite the work space
4141 (which is on the stack). We have to remember that there was XCLASS data,
4142 however. */
4143
4144 if (lengthptr != NULL && class_uchardata > class_uchardata_base)
4145 {
4146 xclass = TRUE;
4147 *lengthptr += class_uchardata - class_uchardata_base;
4148 class_uchardata = class_uchardata_base;
4149 }
4150 #endif
4151
4152 /* Inside \Q...\E everything is literal except \E */
4153
4154 if (inescq)
4155 {
4156 if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E) /* If we are at \E */
4157 {
4158 inescq = FALSE; /* Reset literal state */
4159 ptr++; /* Skip the 'E' */
4160 continue; /* Carry on with next */
4161 }
4162 goto CHECK_RANGE; /* Could be range if \E follows */
4163 }
4164
4165 /* Handle POSIX class names. Perl allows a negation extension of the
4166 form [:^name:]. A square bracket that doesn't match the syntax is
4167 treated as a literal. We also recognize the POSIX constructions
4168 [.ch.] and [=ch=] ("collating elements") and fault them, as Perl
4169 5.6 and 5.8 do. */
4170
4171 if (c == CHAR_LEFT_SQUARE_BRACKET &&
4172 (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
4173 ptr[1] == CHAR_EQUALS_SIGN) && check_posix_syntax(ptr, &tempptr))
4174 {
4175 BOOL local_negate = FALSE;
4176 int posix_class, taboffset, tabopt;
4177 register const pcre_uint8 *cbits = cd->cbits;
4178 pcre_uint8 pbits[32];
4179
4180 if (ptr[1] != CHAR_COLON)
4181 {
4182 *errorcodeptr = ERR31;
4183 goto FAILED;
4184 }
4185
4186 ptr += 2;
4187 if (*ptr == CHAR_CIRCUMFLEX_ACCENT)
4188 {
4189 local_negate = TRUE;
4190 should_flip_negation = TRUE; /* Note negative special */
4191 ptr++;
4192 }
4193
4194 posix_class = check_posix_name(ptr, (int)(tempptr - ptr));
4195 if (posix_class < 0)
4196 {
4197 *errorcodeptr = ERR30;
4198 goto FAILED;
4199 }
4200
4201 /* If matching is caseless, upper and lower are converted to
4202 alpha. This relies on the fact that the class table starts with
4203 alpha, lower, upper as the first 3 entries. */
4204
4205 if ((options & PCRE_CASELESS) != 0 && posix_class <= 2)
4206 posix_class = 0;
4207
4208 /* When PCRE_UCP is set, some of the POSIX classes are converted to
4209 different escape sequences that use Unicode properties. */
4210
4211 #ifdef SUPPORT_UCP
4212 if ((options & PCRE_UCP) != 0)
4213 {
4214 int pc = posix_class + ((local_negate)? POSIX_SUBSIZE/2 : 0);
4215 if (posix_substitutes[pc] != NULL)
4216 {
4217 nestptr = tempptr + 1;
4218 ptr = posix_substitutes[pc] - 1;
4219 continue;
4220 }
4221 }
4222 #endif
4223 /* In the non-UCP case, we build the bit map for the POSIX class in a
4224 chunk of local store because we may be adding and subtracting from it,
4225 and we don't want to subtract bits that may be in the main map already.
4226 At the end we or the result into the bit map that is being built. */
4227
4228 posix_class *= 3;
4229
4230 /* Copy in the first table (always present) */
4231
4232 memcpy(pbits, cbits + posix_class_maps[posix_class],
4233 32 * sizeof(pcre_uint8));
4234
4235 /* If there is a second table, add or remove it as required. */
4236
4237 taboffset = posix_class_maps[posix_class + 1];
4238 tabopt = posix_class_maps[posix_class + 2];
4239
4240 if (taboffset >= 0)
4241 {
4242 if (tabopt >= 0)
4243 for (c = 0; c < 32; c++) pbits[c] |= cbits[c + taboffset];
4244 else
4245 for (c = 0; c < 32; c++) pbits[c] &= ~cbits[c + taboffset];
4246 }
4247
4248 /* Now see if we need to remove any special characters. An option
4249 value of 1 removes vertical space and 2 removes underscore. */
4250
4251 if (tabopt < 0) tabopt = -tabopt;
4252 if (tabopt == 1) pbits[1] &= ~0x3c;
4253 else if (tabopt == 2) pbits[11] &= 0x7f;
4254
4255 /* Add the POSIX table or its complement into the main table that is
4256 being built and we are done. */
4257
4258 if (local_negate)
4259 for (c = 0; c < 32; c++) classbits[c] |= ~pbits[c];
4260 else
4261 for (c = 0; c < 32; c++) classbits[c] |= pbits[c];
4262
4263 ptr = tempptr + 1;
4264 /* Every class contains at least one < 256 character. */
4265 class_has_8bitchar = 1;
4266 /* Every class contains at least two characters. */
4267 class_one_char = 2;
4268 continue; /* End of POSIX syntax handling */
4269 }
4270
4271 /* Backslash may introduce a single character, or it may introduce one
4272 of the specials, which just set a flag. The sequence \b is a special
4273 case. Inside a class (and only there) it is treated as backspace. We
4274 assume that other escapes have more than one character in them, so
4275 speculatively set both class_has_8bitchar and class_one_char bigger
4276 than one. Unrecognized escapes fall through and are either treated
4277 as literal characters (by default), or are faulted if
4278 PCRE_EXTRA is set. */
4279
4280 if (c == CHAR_BACKSLASH)
4281 {
4282 escape = check_escape(&ptr, &ec, errorcodeptr, cd->bracount, options,
4283 TRUE);
4284 if (*errorcodeptr != 0) goto FAILED;
4285 if (escape == 0) c = ec;
4286 else if (escape == ESC_b) c = CHAR_BS; /* \b is backspace in a class */
4287 else if (escape == ESC_N) /* \N is not supported in a class */
4288 {
4289 *errorcodeptr = ERR71;
4290 goto FAILED;
4291 }
4292 else if (escape == ESC_Q) /* Handle start of quoted string */
4293 {
4294 if (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
4295 {
4296 ptr += 2; /* avoid empty string */
4297 }
4298 else inescq = TRUE;
4299 continue;
4300 }
4301 else if (escape == ESC_E) continue; /* Ignore orphan \E */
4302
4303 else
4304 {
4305 register const pcre_uint8 *cbits = cd->cbits;
4306 /* Every class contains at least two < 256 characters. */
4307 class_has_8bitchar++;
4308 /* Every class contains at least two characters. */
4309 class_one_char += 2;
4310
4311 switch (escape)
4312 {
4313 #ifdef SUPPORT_UCP
4314 case ESC_du: /* These are the values given for \d etc */
4315 case ESC_DU: /* when PCRE_UCP is set. We replace the */
4316 case ESC_wu: /* escape sequence with an appropriate \p */
4317 case ESC_WU: /* or \P to test Unicode properties instead */
4318 case ESC_su: /* of the default ASCII testing. */
4319 case ESC_SU:
4320 nestptr = ptr;
4321 ptr = substitutes[escape - ESC_DU] - 1; /* Just before substitute */
4322 class_has_8bitchar--; /* Undo! */
4323 continue;
4324 #endif
4325 case ESC_d:
4326 for (c = 0; c < 32; c++) classbits[c] |= cbits[c+cbit_digit];
4327 continue;
4328
4329 case ESC_D:
4330 should_flip_negation = TRUE;
4331 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_digit];
4332 continue;
4333
4334 case ESC_w:
4335 for (c = 0; c < 32; c++) classbits[c] |= cbits[c+cbit_word];
4336 continue;
4337
4338 case ESC_W:
4339 should_flip_negation = TRUE;
4340 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_word];
4341 continue;
4342
4343 /* Perl 5.004 onwards omits VT from \s, but we must preserve it
4344 if it was previously set by something earlier in the character
4345 class. Luckily, the value of CHAR_VT is 0x0b in both ASCII and
4346 EBCDIC, so we lazily just adjust the appropriate bit. */
4347
4348 case ESC_s:
4349 classbits[0] |= cbits[cbit_space];
4350 classbits[1] |= cbits[cbit_space+1] & ~0x08;
4351 for (c = 2; c < 32; c++) classbits[c] |= cbits[c+cbit_space];
4352 continue;
4353
4354 case ESC_S:
4355 should_flip_negation = TRUE;
4356 for (c = 0; c < 32; c++) classbits[c] |= ~cbits[c+cbit_space];
4357 classbits[1] |= 0x08; /* Perl 5.004 onwards omits VT from \s */
4358 continue;
4359
4360 /* The rest apply in both UCP and non-UCP cases. */
4361
4362 case ESC_h:
4363 (void)add_list_to_class(classbits, &class_uchardata, options, cd,
4364 PRIV(hspace_list), NOTACHAR);
4365 continue;
4366
4367 case ESC_H:
4368 (void)add_not_list_to_class(classbits, &class_uchardata, options,
4369 cd, PRIV(hspace_list));
4370 continue;
4371
4372 case ESC_v:
4373 (void)add_list_to_class(classbits, &class_uchardata, options, cd,
4374 PRIV(vspace_list), NOTACHAR);
4375 continue;
4376
4377 case ESC_V:
4378 (void)add_not_list_to_class(classbits, &class_uchardata, options,
4379 cd, PRIV(vspace_list));
4380 continue;
4381
4382 #ifdef SUPPORT_UCP
4383 case ESC_p:
4384 case ESC_P:
4385 {
4386 BOOL negated;
4387 unsigned int ptype = 0, pdata = 0;
4388 if (!get_ucp(&ptr, &negated, &ptype, &pdata, errorcodeptr))
4389 goto FAILED;
4390 *class_uchardata++ = ((escape == ESC_p) != negated)?
4391 XCL_PROP : XCL_NOTPROP;
4392 *class_uchardata++ = ptype;
4393 *class_uchardata++ = pdata;
4394 class_has_8bitchar--; /* Undo! */
4395 continue;
4396 }
4397 #endif
4398 /* Unrecognized escapes are faulted if PCRE is running in its
4399 strict mode. By default, for compatibility with Perl, they are
4400 treated as literals. */
4401
4402 default:
4403 if ((options & PCRE_EXTRA) != 0)
4404 {
4405 *errorcodeptr = ERR7;
4406 goto FAILED;
4407 }
4408 class_has_8bitchar--; /* Undo the speculative increase. */
4409 class_one_char -= 2; /* Undo the speculative increase. */
4410 c = *ptr; /* Get the final character and fall through */
4411 break;
4412 }
4413 }
4414
4415 /* Fall through if the escape just defined a single character (c >= 0).
4416 This may be greater than 256. */
4417
4418 escape = 0;
4419
4420 } /* End of backslash handling */
4421
4422 /* A character may be followed by '-' to form a range. However, Perl does
4423 not permit ']' to be the end of the range. A '-' character at the end is
4424 treated as a literal. Perl ignores orphaned \E sequences entirely. The
4425 code for handling \Q and \E is messy. */
4426
4427 CHECK_RANGE:
4428 while (ptr[1] == CHAR_BACKSLASH && ptr[2] == CHAR_E)
4429 {
4430 inescq = FALSE;
4431 ptr += 2;
4432 }
4433 oldptr = ptr;
4434
4435 /* Remember if \r or \n were explicitly used */
4436
4437 if (c == CHAR_CR || c == CHAR_NL) cd->external_flags |= PCRE_HASCRORLF;
4438
4439 /* Check for range */
4440
4441 if (!inescq && ptr[1] == CHAR_MINUS)
4442 {
4443 pcre_uint32 d;
4444 ptr += 2;
4445 while (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_E) ptr += 2;
4446
4447 /* If we hit \Q (not followed by \E) at this point, go into escaped
4448 mode. */
4449
4450 while (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_Q)
4451 {
4452 ptr += 2;
4453 if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_E)
4454 { ptr += 2; continue; }
4455 inescq = TRUE;
4456 break;
4457 }
4458
4459 /* Minus (hyphen) at the end of a class is treated as a literal, so put
4460 back the pointer and jump to handle the character that preceded it. */
4461
4462 if (*ptr == CHAR_NULL || (!inescq && *ptr == CHAR_RIGHT_SQUARE_BRACKET))
4463 {
4464 ptr = oldptr;
4465 goto CLASS_SINGLE_CHARACTER;
4466 }
4467
4468 /* Otherwise, we have a potential range; pick up the next character */
4469
4470 #ifdef SUPPORT_UTF
4471 if (utf)
4472 { /* Braces are required because the */
4473 GETCHARLEN(d, ptr, ptr); /* macro generates multiple statements */
4474 }
4475 else
4476 #endif
4477 d = *ptr; /* Not UTF-8 mode */
4478
4479 /* The second part of a range can be a single-character escape, but
4480 not any of the other escapes. Perl 5.6 treats a hyphen as a literal
4481 in such circumstances. */
4482
4483 if (!inescq && d == CHAR_BACKSLASH)
4484 {
4485 int descape;
4486 descape = check_escape(&ptr, &d, errorcodeptr, cd->bracount, options, TRUE);
4487 if (*errorcodeptr != 0) goto FAILED;
4488
4489 /* \b is backspace; any other special means the '-' was literal. */
4490
4491 if (descape != 0)
4492 {
4493 if (descape == ESC_b) d = CHAR_BS; else
4494 {
4495 ptr = oldptr;
4496 goto CLASS_SINGLE_CHARACTER; /* A few lines below */
4497 }
4498 }
4499 }
4500
4501 /* Check that the two values are in the correct order. Optimize
4502 one-character ranges. */
4503
4504 if (d < c)
4505 {
4506 *errorcodeptr = ERR8;
4507 goto FAILED;
4508 }
4509 if (d == c) goto CLASS_SINGLE_CHARACTER; /* A few lines below */
4510
4511 /* We have found a character range, so single character optimizations
4512 cannot be done anymore. Any value greater than 1 indicates that there
4513 is more than one character. */
4514
4515 class_one_char = 2;
4516
4517 /* Remember an explicit \r or \n, and add the range to the class. */
4518
4519 if (d == CHAR_CR || d == CHAR_NL) cd->external_flags |= PCRE_HASCRORLF;
4520
4521 class_has_8bitchar +=
4522 add_to_class(classbits, &class_uchardata, options, cd, c, d);
4523
4524 continue; /* Go get the next char in the class */
4525 }
4526
4527 /* Handle a single character - we can get here for a normal non-escape
4528 char, or after \ that introduces a single character or for an apparent
4529 range that isn't. Only the value 1 matters for class_one_char, so don't
4530 increase it if it is already 2 or more ... just in case there's a class
4531 with a zillion characters in it. */
4532
4533 CLASS_SINGLE_CHARACTER:
4534 if (class_one_char < 2) class_one_char++;
4535
4536 /* If class_one_char is 1, we have the first single character in the
4537 class, and there have been no prior ranges, or XCLASS items generated by
4538 escapes. If this is the final character in the class, we can optimize by
4539 turning the item into a 1-character OP_CHAR[I] if it's positive, or
4540 OP_NOT[I] if it's negative. In the positive case, it can cause firstchar
4541 to be set. Otherwise, there can be no first char if this item is first,
4542 whatever repeat count may follow. In the case of reqchar, save the
4543 previous value for reinstating. */
4544
4545 if (class_one_char == 1 && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
4546 {
4547 ptr++;
4548 zeroreqchar = reqchar;
4549 zeroreqcharflags = reqcharflags;
4550
4551 if (negate_class)
4552 {
4553 #ifdef SUPPORT_UCP
4554 int d;
4555 #endif
4556 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
4557 zerofirstchar = firstchar;
4558 zerofirstcharflags = firstcharflags;
4559
4560 /* For caseless UTF-8 mode when UCP support is available, check
4561 whether this character has more than one other case. If so, generate
4562 a special OP_NOTPROP item instead of OP_NOTI. */
4563
4564 #ifdef SUPPORT_UCP
4565 if (utf && (options & PCRE_CASELESS) != 0 &&
4566 (d = UCD_CASESET(c)) != 0)
4567 {
4568 *code++ = OP_NOTPROP;
4569 *code++ = PT_CLIST;
4570 *code++ = d;
4571 }
4572 else
4573 #endif
4574 /* Char has only one other case, or UCP not available */
4575
4576 {
4577 *code++ = ((options & PCRE_CASELESS) != 0)? OP_NOTI: OP_NOT;
4578 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4579 if (utf && c > MAX_VALUE_FOR_SINGLE_CHAR)
4580 code += PRIV(ord2utf)(c, code);
4581 else
4582 #endif
4583 *code++ = c;
4584 }
4585
4586 /* We are finished with this character class */
4587
4588 goto END_CLASS;
4589 }
4590
4591 /* For a single, positive character, get the value into mcbuffer, and
4592 then we can handle this with the normal one-character code. */
4593
4594 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4595 if (utf && c > MAX_VALUE_FOR_SINGLE_CHAR)
4596 mclength = PRIV(ord2utf)(c, mcbuffer);
4597 else
4598 #endif
4599 {
4600 mcbuffer[0] = c;
4601 mclength = 1;
4602 }
4603 goto ONE_CHAR;
4604 } /* End of 1-char optimization */
4605
4606 /* There is more than one character in the class, or an XCLASS item
4607 has been generated. Add this character to the class. */
4608
4609 class_has_8bitchar +=
4610 add_to_class(classbits, &class_uchardata, options, cd, c, c);
4611 }
4612
4613 /* Loop until ']' reached. This "while" is the end of the "do" far above.
4614 If we are at the end of an internal nested string, revert to the outer
4615 string. */
4616
4617 while (((c = *(++ptr)) != CHAR_NULL ||
4618 (nestptr != NULL &&
4619 (ptr = nestptr, nestptr = NULL, c = *(++ptr)) != CHAR_NULL)) &&
4620 (c != CHAR_RIGHT_SQUARE_BRACKET || inescq));
4621
4622 /* Check for missing terminating ']' */
4623
4624 if (c == CHAR_NULL)
4625 {
4626 *errorcodeptr = ERR6;
4627 goto FAILED;
4628 }
4629
4630 /* We will need an XCLASS if data has been placed in class_uchardata. In
4631 the second phase this is a sufficient test. However, in the pre-compile
4632 phase, class_uchardata gets emptied to prevent workspace overflow, so it
4633 only if the very last character in the class needs XCLASS will it contain
4634 anything at this point. For this reason, xclass gets set TRUE above when
4635 uchar_classdata is emptied, and that's why this code is the way it is here
4636 instead of just doing a test on class_uchardata below. */
4637
4638 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4639 if (class_uchardata > class_uchardata_base) xclass = TRUE;
4640 #endif
4641
4642 /* If this is the first thing in the branch, there can be no first char
4643 setting, whatever the repeat count. Any reqchar setting must remain
4644 unchanged after any kind of repeat. */
4645
4646 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
4647 zerofirstchar = firstchar;
4648 zerofirstcharflags = firstcharflags;
4649 zeroreqchar = reqchar;
4650 zeroreqcharflags = reqcharflags;
4651
4652 /* If there are characters with values > 255, we have to compile an
4653 extended class, with its own opcode, unless there was a negated special
4654 such as \S in the class, and PCRE_UCP is not set, because in that case all
4655 characters > 255 are in the class, so any that were explicitly given as
4656 well can be ignored. If (when there are explicit characters > 255 that must
4657 be listed) there are no characters < 256, we can omit the bitmap in the
4658 actual compiled code. */
4659
4660 #ifdef SUPPORT_UTF
4661 if (xclass && (!should_flip_negation || (options & PCRE_UCP) != 0))
4662 #elif !defined COMPILE_PCRE8
4663 if (xclass && !should_flip_negation)
4664 #endif
4665 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
4666 {
4667 *class_uchardata++ = XCL_END; /* Marks the end of extra data */
4668 *code++ = OP_XCLASS;
4669 code += LINK_SIZE;
4670 *code = negate_class? XCL_NOT:0;
4671
4672 /* If the map is required, move up the extra data to make room for it;
4673 otherwise just move the code pointer to the end of the extra data. */
4674
4675 if (class_has_8bitchar > 0)
4676 {
4677 *code++ |= XCL_MAP;
4678 memmove(code + (32 / sizeof(pcre_uchar)), code,
4679 IN_UCHARS(class_uchardata - code));
4680 memcpy(code, classbits, 32);
4681 code = class_uchardata + (32 / sizeof(pcre_uchar));
4682 }
4683 else code = class_uchardata;
4684
4685 /* Now fill in the complete length of the item */
4686
4687 PUT(previous, 1, (int)(code - previous));
4688 break; /* End of class handling */
4689 }
4690 #endif
4691
4692 /* If there are no characters > 255, or they are all to be included or
4693 excluded, set the opcode to OP_CLASS or OP_NCLASS, depending on whether the
4694 whole class was negated and whether there were negative specials such as \S
4695 (non-UCP) in the class. Then copy the 32-byte map into the code vector,
4696 negating it if necessary. */
4697
4698 *code++ = (negate_class == should_flip_negation) ? OP_CLASS : OP_NCLASS;
4699 if (lengthptr == NULL) /* Save time in the pre-compile phase */
4700 {
4701 if (negate_class)
4702 for (c = 0; c < 32; c++) classbits[c] = ~classbits[c];
4703 memcpy(code, classbits, 32);
4704 }
4705 code += 32 / sizeof(pcre_uchar);
4706
4707 END_CLASS:
4708 break;
4709
4710
4711 /* ===================================================================*/
4712 /* Various kinds of repeat; '{' is not necessarily a quantifier, but this
4713 has been tested above. */
4714
4715 case CHAR_LEFT_CURLY_BRACKET:
4716 if (!is_quantifier) goto NORMAL_CHAR;
4717 ptr = read_repeat_counts(ptr+1, &repeat_min, &repeat_max, errorcodeptr);
4718 if (*errorcodeptr != 0) goto FAILED;
4719 goto REPEAT;
4720
4721 case CHAR_ASTERISK:
4722 repeat_min = 0;
4723 repeat_max = -1;
4724 goto REPEAT;
4725
4726 case CHAR_PLUS:
4727 repeat_min = 1;
4728 repeat_max = -1;
4729 goto REPEAT;
4730
4731 case CHAR_QUESTION_MARK:
4732 repeat_min = 0;
4733 repeat_max = 1;
4734
4735 REPEAT:
4736 if (previous == NULL)
4737 {
4738 *errorcodeptr = ERR9;
4739 goto FAILED;
4740 }
4741
4742 if (repeat_min == 0)
4743 {
4744 firstchar = zerofirstchar; /* Adjust for zero repeat */
4745 firstcharflags = zerofirstcharflags;
4746 reqchar = zeroreqchar; /* Ditto */
4747 reqcharflags = zeroreqcharflags;
4748 }
4749
4750 /* Remember whether this is a variable length repeat */
4751
4752 reqvary = (repeat_min == repeat_max)? 0 : REQ_VARY;
4753
4754 op_type = 0; /* Default single-char op codes */
4755 possessive_quantifier = FALSE; /* Default not possessive quantifier */
4756
4757 /* Save start of previous item, in case we have to move it up in order to
4758 insert something before it. */
4759
4760 tempcode = previous;
4761
4762 /* If the next character is '+', we have a possessive quantifier. This
4763 implies greediness, whatever the setting of the PCRE_UNGREEDY option.
4764 If the next character is '?' this is a minimizing repeat, by default,
4765 but if PCRE_UNGREEDY is set, it works the other way round. We change the
4766 repeat type to the non-default. */
4767
4768 if (ptr[1] == CHAR_PLUS)
4769 {
4770 repeat_type = 0; /* Force greedy */
4771 possessive_quantifier = TRUE;
4772 ptr++;
4773 }
4774 else if (ptr[1] == CHAR_QUESTION_MARK)
4775 {
4776 repeat_type = greedy_non_default;
4777 ptr++;
4778 }
4779 else repeat_type = greedy_default;
4780
4781 /* If previous was a recursion call, wrap it in atomic brackets so that
4782 previous becomes the atomic group. All recursions were so wrapped in the
4783 past, but it no longer happens for non-repeated recursions. In fact, the
4784 repeated ones could be re-implemented independently so as not to need this,
4785 but for the moment we rely on the code for repeating groups. */
4786
4787 if (*previous == OP_RECURSE)
4788 {
4789 memmove(previous + 1 + LINK_SIZE, previous, IN_UCHARS(1 + LINK_SIZE));
4790 *previous = OP_ONCE;
4791 PUT(previous, 1, 2 + 2*LINK_SIZE);
4792 previous[2 + 2*LINK_SIZE] = OP_KET;
4793 PUT(previous, 3 + 2*LINK_SIZE, 2 + 2*LINK_SIZE);
4794 code += 2 + 2 * LINK_SIZE;
4795 length_prevgroup = 3 + 3*LINK_SIZE;
4796
4797 /* When actually compiling, we need to check whether this was a forward
4798 reference, and if so, adjust the offset. */
4799
4800 if (lengthptr == NULL && cd->hwm >= cd->start_workspace + LINK_SIZE)
4801 {
4802 int offset = GET(cd->hwm, -LINK_SIZE);
4803 if (offset == previous + 1 - cd->start_code)
4804 PUT(cd->hwm, -LINK_SIZE, offset + 1 + LINK_SIZE);
4805 }
4806 }
4807
4808 /* Now handle repetition for the different types of item. */
4809
4810 /* If previous was a character or negated character match, abolish the item
4811 and generate a repeat item instead. If a char item has a minimum of more
4812 than one, ensure that it is set in reqchar - it might not be if a sequence
4813 such as x{3} is the first thing in a branch because the x will have gone
4814 into firstchar instead. */
4815
4816 if (*previous == OP_CHAR || *previous == OP_CHARI
4817 || *previous == OP_NOT || *previous == OP_NOTI)
4818 {
4819 switch (*previous)
4820 {
4821 default: /* Make compiler happy. */
4822 case OP_CHAR: op_type = OP_STAR - OP_STAR; break;
4823 case OP_CHARI: op_type = OP_STARI - OP_STAR; break;
4824 case OP_NOT: op_type = OP_NOTSTAR - OP_STAR; break;
4825 case OP_NOTI: op_type = OP_NOTSTARI - OP_STAR; break;
4826 }
4827
4828 /* Deal with UTF characters that take up more than one character. It's
4829 easier to write this out separately than try to macrify it. Use c to
4830 hold the length of the character in bytes, plus UTF_LENGTH to flag that
4831 it's a length rather than a small character. */
4832
4833 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4834 if (utf && NOT_FIRSTCHAR(code[-1]))
4835 {
4836 pcre_uchar *lastchar = code - 1;
4837 BACKCHAR(lastchar);
4838 c = (int)(code - lastchar); /* Length of UTF-8 character */
4839 memcpy(utf_chars, lastchar, IN_UCHARS(c)); /* Save the char */
4840 c |= UTF_LENGTH; /* Flag c as a length */
4841 }
4842 else
4843 #endif /* SUPPORT_UTF */
4844
4845 /* Handle the case of a single charater - either with no UTF support, or
4846 with UTF disabled, or for a single character UTF character. */
4847 {
4848 c = code[-1];
4849 if (*previous <= OP_CHARI && repeat_min > 1)
4850 {
4851 reqchar = c;
4852 reqcharflags = req_caseopt | cd->req_varyopt;
4853 }
4854 }
4855
4856 /* If the repetition is unlimited, it pays to see if the next thing on
4857 the line is something that cannot possibly match this character. If so,
4858 automatically possessifying this item gains some performance in the case
4859 where the match fails. */
4860
4861 if (!possessive_quantifier &&
4862 repeat_max < 0 &&
4863 check_auto_possessive(previous, utf, ptr + 1, options, cd))
4864 {
4865 repeat_type = 0; /* Force greedy */
4866 possessive_quantifier = TRUE;
4867 }
4868
4869 goto OUTPUT_SINGLE_REPEAT; /* Code shared with single character types */
4870 }
4871
4872 /* If previous was a character type match (\d or similar), abolish it and
4873 create a suitable repeat item. The code is shared with single-character
4874 repeats by setting op_type to add a suitable offset into repeat_type. Note
4875 the the Unicode property types will be present only when SUPPORT_UCP is
4876 defined, but we don't wrap the little bits of code here because it just
4877 makes it horribly messy. */
4878
4879 else if (*previous < OP_EODN)
4880 {
4881 pcre_uchar *oldcode;
4882 int prop_type, prop_value;
4883 op_type = OP_TYPESTAR - OP_STAR; /* Use type opcodes */
4884 c = *previous;
4885
4886 if (!possessive_quantifier &&
4887 repeat_max < 0 &&
4888 check_auto_possessive(previous, utf, ptr + 1, options, cd))
4889 {
4890 repeat_type = 0; /* Force greedy */
4891 possessive_quantifier = TRUE;
4892 }
4893
4894 OUTPUT_SINGLE_REPEAT:
4895 if (*previous == OP_PROP || *previous == OP_NOTPROP)
4896 {
4897 prop_type = previous[1];
4898 prop_value = previous[2];
4899 }
4900 else prop_type = prop_value = -1;
4901
4902 oldcode = code;
4903 code = previous; /* Usually overwrite previous item */
4904
4905 /* If the maximum is zero then the minimum must also be zero; Perl allows
4906 this case, so we do too - by simply omitting the item altogether. */
4907
4908 if (repeat_max == 0) goto END_REPEAT;
4909
4910 /* Combine the op_type with the repeat_type */
4911
4912 repeat_type += op_type;
4913
4914 /* A minimum of zero is handled either as the special case * or ?, or as
4915 an UPTO, with the maximum given. */
4916
4917 if (repeat_min == 0)
4918 {
4919 if (repeat_max == -1) *code++ = OP_STAR + repeat_type;
4920 else if (repeat_max == 1) *code++ = OP_QUERY + repeat_type;
4921 else
4922 {
4923 *code++ = OP_UPTO + repeat_type;
4924 PUT2INC(code, 0, repeat_max);
4925 }
4926 }
4927
4928 /* A repeat minimum of 1 is optimized into some special cases. If the
4929 maximum is unlimited, we use OP_PLUS. Otherwise, the original item is
4930 left in place and, if the maximum is greater than 1, we use OP_UPTO with
4931 one less than the maximum. */
4932
4933 else if (repeat_min == 1)
4934 {
4935 if (repeat_max == -1)
4936 *code++ = OP_PLUS + repeat_type;
4937 else
4938 {
4939 code = oldcode; /* leave previous item in place */
4940 if (repeat_max == 1) goto END_REPEAT;
4941 *code++ = OP_UPTO + repeat_type;
4942 PUT2INC(code, 0, repeat_max - 1);
4943 }
4944 }
4945
4946 /* The case {n,n} is just an EXACT, while the general case {n,m} is
4947 handled as an EXACT followed by an UPTO. */
4948
4949 else
4950 {
4951 *code++ = OP_EXACT + op_type; /* NB EXACT doesn't have repeat_type */
4952 PUT2INC(code, 0, repeat_min);
4953
4954 /* If the maximum is unlimited, insert an OP_STAR. Before doing so,
4955 we have to insert the character for the previous code. For a repeated
4956 Unicode property match, there are two extra bytes that define the
4957 required property. In UTF-8 mode, long characters have their length in
4958 c, with the UTF_LENGTH bit as a flag. */
4959
4960 if (repeat_max < 0)
4961 {
4962 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4963 if (utf && (c & UTF_LENGTH) != 0)
4964 {
4965 memcpy(code, utf_chars, IN_UCHARS(c & 7));
4966 code += c & 7;
4967 }
4968 else
4969 #endif
4970 {
4971 *code++ = c;
4972 if (prop_type >= 0)
4973 {
4974 *code++ = prop_type;
4975 *code++ = prop_value;
4976 }
4977 }
4978 *code++ = OP_STAR + repeat_type;
4979 }
4980
4981 /* Else insert an UPTO if the max is greater than the min, again
4982 preceded by the character, for the previously inserted code. If the
4983 UPTO is just for 1 instance, we can use QUERY instead. */
4984
4985 else if (repeat_max != repeat_min)
4986 {
4987 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
4988 if (utf && (c & UTF_LENGTH) != 0)
4989 {
4990 memcpy(code, utf_chars, IN_UCHARS(c & 7));
4991 code += c & 7;
4992 }
4993 else
4994 #endif
4995 *code++ = c;
4996 if (prop_type >= 0)
4997 {
4998 *code++ = prop_type;
4999 *code++ = prop_value;
5000 }
5001 repeat_max -= repeat_min;
5002
5003 if (repeat_max == 1)
5004 {
5005 *code++ = OP_QUERY + repeat_type;
5006 }
5007 else
5008 {
5009 *code++ = OP_UPTO + repeat_type;
5010 PUT2INC(code, 0, repeat_max);
5011 }
5012 }
5013 }
5014
5015 /* The character or character type itself comes last in all cases. */
5016
5017 #if defined SUPPORT_UTF && !defined COMPILE_PCRE32
5018 if (utf && (c & UTF_LENGTH) != 0)
5019 {
5020 memcpy(code, utf_chars, IN_UCHARS(c & 7));
5021 code += c & 7;
5022 }
5023 else
5024 #endif
5025 *code++ = c;
5026
5027 /* For a repeated Unicode property match, there are two extra bytes that
5028 define the required property. */
5029
5030 #ifdef SUPPORT_UCP
5031 if (prop_type >= 0)
5032 {
5033 *code++ = prop_type;
5034 *code++ = prop_value;
5035 }
5036 #endif
5037 }
5038
5039 /* If previous was a character class or a back reference, we put the repeat
5040 stuff after it, but just skip the item if the repeat was {0,0}. */
5041
5042 else if (*previous == OP_CLASS ||
5043 *previous == OP_NCLASS ||
5044 #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
5045 *previous == OP_XCLASS ||
5046 #endif
5047 *previous == OP_REF ||
5048 *previous == OP_REFI)
5049 {
5050 if (repeat_max == 0)
5051 {
5052 code = previous;
5053 goto END_REPEAT;
5054 }
5055
5056 if (repeat_min == 0 && repeat_max == -1)
5057 *code++ = OP_CRSTAR + repeat_type;
5058 else if (repeat_min == 1 && repeat_max == -1)
5059 *code++ = OP_CRPLUS + repeat_type;
5060 else if (repeat_min == 0 && repeat_max == 1)
5061 *code++ = OP_CRQUERY + repeat_type;
5062 else
5063 {
5064 *code++ = OP_CRRANGE + repeat_type;
5065 PUT2INC(code, 0, repeat_min);
5066 if (repeat_max == -1) repeat_max = 0; /* 2-byte encoding for max */
5067 PUT2INC(code, 0, repeat_max);
5068 }
5069 }
5070
5071 /* If previous was a bracket group, we may have to replicate it in certain
5072 cases. Note that at this point we can encounter only the "basic" bracket
5073 opcodes such as BRA and CBRA, as this is the place where they get converted
5074 into the more special varieties such as BRAPOS and SBRA. A test for >=
5075 OP_ASSERT and <= OP_COND includes ASSERT, ASSERT_NOT, ASSERTBACK,
5076 ASSERTBACK_NOT, ONCE, BRA, CBRA, and COND. Originally, PCRE did not allow
5077 repetition of assertions, but now it does, for Perl compatibility. */
5078
5079 else if (*previous >= OP_ASSERT && *previous <= OP_COND)
5080 {
5081 register int i;
5082 int len = (int)(code - previous);
5083 pcre_uchar *bralink = NULL;
5084 pcre_uchar *brazeroptr = NULL;
5085
5086 /* Repeating a DEFINE group is pointless, but Perl allows the syntax, so
5087 we just ignore the repeat. */
5088
5089 if (*previous == OP_COND && previous[LINK_SIZE+1] == OP_DEF)
5090 goto END_REPEAT;
5091
5092 /* There is no sense in actually repeating assertions. The only potential
5093 use of repetition is in cases when the assertion is optional. Therefore,
5094 if the minimum is greater than zero, just ignore the repeat. If the
5095 maximum is not not zero or one, set it to 1. */
5096
5097 if (*previous < OP_ONCE) /* Assertion */
5098 {
5099 if (repeat_min > 0) goto END_REPEAT;
5100 if (repeat_max < 0 || repeat_max > 1) repeat_max = 1;
5101 }
5102
5103 /* The case of a zero minimum is special because of the need to stick
5104 OP_BRAZERO in front of it, and because the group appears once in the
5105 data, whereas in other cases it appears the minimum number of times. For
5106 this reason, it is simplest to treat this case separately, as otherwise
5107 the code gets far too messy. There are several special subcases when the
5108 minimum is zero. */
5109
5110 if (repeat_min == 0)
5111 {
5112 /* If the maximum is also zero, we used to just omit the group from the
5113 output altogether, like this:
5114
5115 ** if (repeat_max == 0)
5116 ** {
5117 ** code = previous;
5118 ** goto END_REPEAT;
5119 ** }
5120
5121 However, that fails when a group or a subgroup within it is referenced
5122 as a subroutine from elsewhere in the pattern, so now we stick in
5123 OP_SKIPZERO in front of it so that it is skipped on execution. As we
5124 don't have a list of which groups are referenced, we cannot do this
5125 selectively.
5126
5127 If the maximum is 1 or unlimited, we just have to stick in the BRAZERO
5128 and do no more at this point. However, we do need to adjust any
5129 OP_RECURSE calls inside the group that refer to the group itself or any
5130 internal or forward referenced group, because the offset is from the
5131 start of the whole regex. Temporarily terminate the pattern while doing
5132 this. */
5133
5134 if (repeat_max <= 1) /* Covers 0, 1, and unlimited */
5135 {
5136 *code = OP_END;
5137 adjust_recurse(previous, 1, utf, cd, save_hwm);
5138 memmove(previous + 1, previous, IN_UCHARS(len));
5139 code++;
5140 if (repeat_max == 0)
5141 {
5142 *previous++ = OP_SKIPZERO;
5143 goto END_REPEAT;
5144 }
5145 brazeroptr = previous; /* Save for possessive optimizing */
5146 *previous++ = OP_BRAZERO + repeat_type;
5147 }
5148
5149 /* If the maximum is greater than 1 and limited, we have to replicate
5150 in a nested fashion, sticking OP_BRAZERO before each set of brackets.
5151 The first one has to be handled carefully because it's the original
5152 copy, which has to be moved up. The remainder can be handled by code
5153 that is common with the non-zero minimum case below. We have to
5154 adjust the value or repeat_max, since one less copy is required. Once
5155 again, we may have to adjust any OP_RECURSE calls inside the group. */
5156
5157 else
5158 {
5159 int offset;
5160 *code = OP_END;
5161 adjust_recurse(previous, 2 + LINK_SIZE, utf, cd, save_hwm);
5162 memmove(previous + 2 + LINK_SIZE, previous, IN_UCHARS(len));
5163 code += 2 + LINK_SIZE;
5164 *previous++ = OP_BRAZERO + repeat_type;
5165 *previous++ = OP_BRA;
5166
5167 /* We chain together the bracket offset fields that have to be
5168 filled in later when the ends of the brackets are reached. */
5169
5170 offset = (bralink == NULL)? 0 : (int)(previous - bralink);
5171 bralink = previous;
5172 PUTINC(previous, 0, offset);
5173 }
5174
5175 repeat_max--;
5176 }
5177
5178 /* If the minimum is greater than zero, replicate the group as many
5179 times as necessary, and adjust the maximum to the number of subsequent
5180 copies that we need. If we set a first char from the group, and didn't
5181 set a required char, copy the latter from the former. If there are any
5182 forward reference subroutine calls in the group, there will be entries on
5183 the workspace list; replicate these with an appropriate increment. */
5184
5185 else
5186 {
5187 if (repeat_min > 1)
5188 {
5189 /* In the pre-compile phase, we don't actually do the replication. We
5190 just adjust the length as if we had. Do some paranoid checks for
5191 potential integer overflow. The INT64_OR_DOUBLE type is a 64-bit
5192 integer type when available, otherwise double. */
5193
5194 if (lengthptr != NULL)
5195 {
5196 int delta = (repeat_min - 1)*length_prevgroup;
5197 if ((INT64_OR_DOUBLE)(repeat_min - 1)*
5198 (INT64_OR_DOUBLE)length_prevgroup >
5199 (INT64_OR_DOUBLE)INT_MAX ||
5200 OFLOW_MAX - *lengthptr < delta)
5201 {
5202 *errorcodeptr = ERR20;
5203 goto FAILED;
5204 }
5205 *lengthptr += delta;
5206 }
5207
5208 /* This is compiling for real. If there is a set first byte for
5209 the group, and we have not yet set a "required byte", set it. Make
5210 sure there is enough workspace for copying forward references before
5211 doing the copy. */
5212
5213 else
5214 {
5215 if (groupsetfirstchar && reqcharflags < 0)
5216 {
5217 reqchar = firstchar;
5218 reqcharflags = firstcharflags;
5219 }
5220
5221 for (i = 1; i < repeat_min; i++)
5222 {
5223 pcre_uchar *hc;
5224 pcre_uchar *this_hwm = cd->hwm;
5225 memcpy(code, previous, IN_UCHARS(len));
5226
5227 while (cd->hwm > cd->start_workspace + cd->workspace_size -
5228 WORK_SIZE_SAFETY_MARGIN - (this_hwm - save_hwm))
5229 {
5230 int save_offset = save_hwm - cd->start_workspace;
5231 int this_offset = this_hwm - cd->start_workspace;
5232 *errorcodeptr = expand_workspace(cd);
5233 if (*errorcodeptr != 0) goto FAILED;
5234 save_hwm = (pcre_uchar *)cd->start_workspace + save_offset;
5235 this_hwm = (pcre_uchar *)cd->start_workspace + this_offset;
5236 }
5237
5238 for (hc = save_hwm; hc < this_hwm; hc += LINK_SIZE)
5239 {
5240 PUT(cd->hwm, 0, GET(hc, 0) + len);
5241 cd->hwm += LINK_SIZE;
5242 }
5243 save_hwm = this_hwm;
5244 code += len;
5245 }
5246 }
5247 }
5248
5249 if (repeat_max > 0) repeat_max -= repeat_min;
5250 }
5251
5252 /* This code is common to both the zero and non-zero minimum cases. If
5253 the maximum is limited, it replicates the group in a nested fashion,
5254 remembering the bracket starts on a stack. In the case of a zero minimum,
5255 the first one was set up above. In all cases the repeat_max now specifies
5256 the number of additional copies needed. Again, we must remember to
5257 replicate entries on the forward reference list. */
5258
5259 if (repeat_max >= 0)
5260 {
5261 /* In the pre-compile phase, we don't actually do the replication. We
5262 just adjust the length as if we had. For each repetition we must add 1
5263 to the length for BRAZERO and for all but the last repetition we must
5264 add 2 + 2*LINKSIZE to allow for the nesting that occurs. Do some
5265 paranoid checks to avoid integer overflow. The INT64_OR_DOUBLE type is
5266 a 64-bit integer type when available, otherwise double. */
5267
5268 if (lengthptr != NULL && repeat_max > 0)
5269 {
5270 int delta = repeat_max * (length_prevgroup + 1 + 2 + 2*LINK_SIZE) -
5271 2 - 2*LINK_SIZE; /* Last one doesn't nest */
5272 if ((INT64_OR_DOUBLE)repeat_max *
5273 (INT64_OR_DOUBLE)(length_prevgroup + 1 + 2 + 2*LINK_SIZE)
5274 > (INT64_OR_DOUBLE)INT_MAX ||
5275 OFLOW_MAX - *lengthptr < delta)
5276 {
5277 *errorcodeptr = ERR20;
5278 goto FAILED;
5279 }
5280 *lengthptr += delta;
5281 }
5282
5283 /* This is compiling for real */
5284
5285 else for (i = repeat_max - 1; i >= 0; i--)
5286 {
5287 pcre_uchar *hc;
5288 pcre_uchar *this_hwm = cd->hwm;
5289
5290 *code++ = OP_BRAZERO + repeat_type;
5291
5292 /* All but the final copy start a new nesting, maintaining the
5293 chain of brackets outstanding. */
5294
5295 if (i != 0)
5296 {
5297 int offset;
5298 *code++ = OP_BRA;
5299 offset = (bralink == NULL)? 0 : (int)(code - bralink);
5300 bralink = code;
5301 PUTINC(code, 0, offset);
5302 }
5303
5304 memcpy(code, previous, IN_UCHARS(len));
5305
5306 /* Ensure there is enough workspace for forward references before
5307 copying them. */
5308
5309 while (cd->hwm > cd->start_workspace + cd->workspace_size -
5310 WORK_SIZE_SAFETY_MARGIN - (this_hwm - save_hwm))
5311 {
5312 int save_offset = save_hwm - cd->start_workspace;
5313 int this_offset = this_hwm - cd->start_workspace;
5314 *errorcodeptr = expand_workspace(cd);
5315 if (*errorcodeptr != 0) goto FAILED;
5316 save_hwm = (pcre_uchar *)cd->start_workspace + save_offset;
5317 this_hwm = (pcre_uchar *)cd->start_workspace + this_offset;
5318 }
5319
5320 for (hc = save_hwm; hc < this_hwm; hc += LINK_SIZE)
5321 {
5322 PUT(cd->hwm, 0, GET(hc, 0) + len + ((i != 0)? 2+LINK_SIZE : 1));
5323 cd->hwm += LINK_SIZE;
5324 }
5325 save_hwm = this_hwm;
5326 code += len;
5327 }
5328
5329 /* Now chain through the pending brackets, and fill in their length
5330 fields (which are holding the chain links pro tem). */
5331
5332 while (bralink != NULL)
5333 {
5334 int oldlinkoffset;
5335 int offset = (int)(code - bralink + 1);
5336 pcre_uchar *bra = code - offset;
5337 oldlinkoffset = GET(bra, 1);
5338 bralink = (oldlinkoffset == 0)? NULL : bralink - oldlinkoffset;
5339 *code++ = OP_KET;
5340 PUTINC(code, 0, offset);
5341 PUT(bra, 1, offset);
5342 }
5343 }
5344
5345 /* If the maximum is unlimited, set a repeater in the final copy. For
5346 ONCE brackets, that's all we need to do. However, possessively repeated
5347 ONCE brackets can be converted into non-capturing brackets, as the
5348 behaviour of (?:xx)++ is the same as (?>xx)++ and this saves having to
5349 deal with possessive ONCEs specially.
5350
5351 Otherwise, when we are doing the actual compile phase, check to see
5352 whether this group is one that could match an empty string. If so,
5353 convert the initial operator to the S form (e.g. OP_BRA -> OP_SBRA) so
5354 that runtime checking can be done. [This check is also applied to ONCE
5355 groups at runtime, but in a different way.]
5356
5357 Then, if the quantifier was possessive and the bracket is not a
5358 conditional, we convert the BRA code to the POS form, and the KET code to
5359 KETRPOS. (It turns out to be convenient at runtime to detect this kind of
5360 subpattern at both the start and at the end.) The use of special opcodes
5361 makes it possible to reduce greatly the stack usage in pcre_exec(). If
5362 the group is preceded by OP_BRAZERO, convert this to OP_BRAPOSZERO.
5363
5364 Then, if the minimum number of matches is 1 or 0, cancel the possessive
5365 flag so that the default action below, of wrapping everything inside
5366 atomic brackets, does not happen. When the minimum is greater than 1,
5367 there will be earlier copies of the group, and so we still have to wrap
5368 the whole thing. */
5369
5370 else
5371 {
5372 pcre_uchar *ketcode = code - 1 - LINK_SIZE;
5373 pcre_uchar *bracode = ketcode - GET(ketcode, 1);
5374
5375 /* Convert possessive ONCE brackets to non-capturing */
5376
5377 if ((*bracode == OP_ONCE || *bracode == OP_ONCE_NC) &&
5378 possessive_quantifier) *bracode = OP_BRA;
5379
5380 /* For non-possessive ONCE brackets, all we need to do is to
5381 set the KET. */
5382
5383 if (*bracode == OP_ONCE || *bracode == OP_ONCE_NC)
5384 *ketcode = OP_KETRMAX + repeat_type;
5385
5386 /* Handle non-ONCE brackets and possessive ONCEs (which have been
5387 converted to non-capturing above). */
5388
5389 else
5390 {
5391 /* In the compile phase, check for empty string matching. */
5392
5393 if (lengthptr == NULL)
5394 {
5395 pcre_uchar *scode = bracode;
5396 do
5397 {
5398 if (could_be_empty_branch(scode, ketcode, utf, cd))
5399 {
5400 *bracode += OP_SBRA - OP_BRA;
5401 break;
5402 }
5403 scode += GET(scode, 1);
5404 }
5405 while (*scode == OP_ALT);
5406 }
5407
5408 /* Handle possessive quantifiers. */
5409
5410 if (possessive_quantifier)
5411 {
5412 /* For COND brackets, we wrap the whole thing in a possessively
5413 repeated non-capturing bracket, because we have not invented POS
5414 versions of the COND opcodes. Because we are moving code along, we
5415 must ensure that any pending recursive references are updated. */
5416
5417 if (*bracode == OP_COND || *bracode == OP_SCOND)
5418 {
5419 int nlen = (int)(code - bracode);
5420 *code = OP_END;
5421 adjust_recurse(bracode, 1 + LINK_SIZE, utf, cd, save_hwm);
5422 memmove(bracode + 1 + LINK_SIZE, bracode, IN_UCHARS(nlen));
5423 code += 1 + LINK_SIZE;
5424 nlen += 1 + LINK_SIZE;
5425 *bracode = OP_BRAPOS;
5426 *code++ = OP_KETRPOS;
5427 PUTINC(code, 0, nlen);
5428 PUT(bracode, 1, nlen);
5429 }
5430
5431 /* For non-COND brackets, we modify the BRA code and use KETRPOS. */
5432
5433 else
5434 {
5435 *bracode += 1; /* Switch to xxxPOS opcodes */
5436 *ketcode = OP_KETRPOS;
5437 }
5438
5439 /* If the minimum is zero, mark it as possessive, then unset the
5440 possessive flag when the minimum is 0 or 1. */
5441
5442 if (brazeroptr != NULL) *brazeroptr = OP_BRAPOSZERO;
5443 if (repeat_min < 2) possessive_quantifier = FALSE;
5444 }
5445
5446 /* Non-possessive quantifier */
5447
5448 else *ketcode = OP_KETRMAX + repeat_type;
5449 }
5450 }
5451 }
5452
5453 /* If previous is OP_FAIL, it was generated by an empty class [] in
5454 JavaScript mode. The other ways in which OP_FAIL can be generated, that is
5455 by (*FAIL) or (?!) set previous to NULL, which gives a "nothing to repeat"
5456 error above. We can just ignore the repeat in JS case. */
5457
5458 else if (*previous == OP_FAIL) goto END_REPEAT;
5459
5460 /* Else there's some kind of shambles */
5461
5462 else
5463 {
5464 *errorcodeptr = ERR11;
5465 goto FAILED;
5466 }
5467
5468 /* If the character following a repeat is '+', or if certain optimization
5469 tests above succeeded, possessive_quantifier is TRUE. For some opcodes,
5470 there are special alternative opcodes for this case. For anything else, we
5471 wrap the entire repeated item inside OP_ONCE brackets. Logically, the '+'
5472 notation is just syntactic sugar, taken from Sun's Java package, but the
5473 special opcodes can optimize it.
5474
5475 Some (but not all) possessively repeated subpatterns have already been
5476 completely handled in the code just above. For them, possessive_quantifier
5477 is always FALSE at this stage.
5478
5479 Note that the repeated item starts at tempcode, not at previous, which
5480 might be the first part of a string whose (former) last char we repeated.
5481
5482 Possessifying an 'exact' quantifier has no effect, so we can ignore it. But
5483 an 'upto' may follow. We skip over an 'exact' item, and then test the
5484 length of what remains before proceeding. */
5485
5486 if (possessive_quantifier)
5487 {
5488 int len;
5489
5490 if (*tempcode == OP_TYPEEXACT)
5491 tempcode += PRIV(OP_lengths)[*tempcode] +
5492 ((tempcode[1 + IMM2_SIZE] == OP_PROP
5493 || tempcode[1 + IMM2_SIZE] == OP_NOTPROP)? 2 : 0);
5494
5495 else if (*tempcode == OP_EXACT || *tempcode == OP_NOTEXACT)
5496 {
5497 tempcode += PRIV(OP_lengths)[*tempcode];
5498 #ifdef SUPPORT_UTF
5499 if (utf && HAS_EXTRALEN(tempcode[-1]))
5500 tempcode += GET_EXTRALEN(tempcode[-1]);
5501 #endif
5502 }
5503
5504 len = (int)(code - tempcode);
5505 if (len > 0) switch (*tempcode)
5506 {
5507 case OP_STAR: *tempcode = OP_POSSTAR; break;
5508 case OP_PLUS: *tempcode = OP_POSPLUS; break;
5509 case OP_QUERY: *tempcode = OP_POSQUERY; break;
5510 case OP_UPTO: *tempcode = OP_POSUPTO; break;
5511
5512 case OP_STARI: *tempcode = OP_POSSTARI; break;
5513 case OP_PLUSI: *tempcode = OP_POSPLUSI; break;
5514 case OP_QUERYI: *tempcode = OP_POSQUERYI; break;
5515 case OP_UPTOI: *tempcode = OP_POSUPTOI; break;
5516
5517 case OP_NOTSTAR: *tempcode = OP_NOTPOSSTAR; break;
5518 case OP_NOTPLUS: *tempcode = OP_NOTPOSPLUS; break;
5519 case OP_NOTQUERY: *tempcode = OP_NOTPOSQUERY; break;
5520 case OP_NOTUPTO: *tempcode = OP_NOTPOSUPTO; break;
5521
5522 case OP_NOTSTARI: *tempcode = OP_NOTPOSSTARI; break;
5523 case OP_NOTPLUSI: *tempcode = OP_NOTPOSPLUSI; break;
5524 case OP_NOTQUERYI: *tempcode = OP_NOTPOSQUERYI; break;
5525 case OP_NOTUPTOI: *tempcode = OP_NOTPOSUPTOI; break;
5526
5527 case OP_TYPESTAR: *tempcode = OP_TYPEPOSSTAR; break;
5528 case OP_TYPEPLUS: *tempcode = OP_TYPEPOSPLUS; break;
5529 case OP_TYPEQUERY: *tempcode = OP_TYPEPOSQUERY; break;
5530 case OP_TYPEUPTO: *tempcode = OP_TYPEPOSUPTO; break;
5531
5532 /* Because we are moving code along, we must ensure that any
5533 pending recursive references are updated. */
5534
5535 default:
5536 *code = OP_END;
5537 adjust_recurse(tempcode, 1 + LINK_SIZE, utf, cd, save_hwm);
5538 memmove(tempcode + 1 + LINK_SIZE, tempcode, IN_UCHARS(len));
5539 code += 1 + LINK_SIZE;
5540 len += 1 + LINK_SIZE;
5541 tempcode[0] = OP_ONCE;
5542 *code++ = OP_KET;
5543 PUTINC(code, 0, len);
5544 PUT(tempcode, 1, len);
5545 break;
5546 }
5547 }
5548
5549 /* In all case we no longer have a previous item. We also set the
5550 "follows varying string" flag for subsequently encountered reqchars if
5551 it isn't already set and we have just passed a varying length item. */
5552
5553 END_REPEAT:
5554 previous = NULL;
5555 cd->req_varyopt |= reqvary;
5556 break;
5557
5558
5559 /* ===================================================================*/
5560 /* Start of nested parenthesized sub-expression, or comment or lookahead or
5561 lookbehind or option setting or condition or all the other extended
5562 parenthesis forms. */
5563
5564 case CHAR_LEFT_PARENTHESIS:
5565 newoptions = options;
5566 skipbytes = 0;
5567 bravalue = OP_CBRA;
5568 save_hwm = cd->hwm;
5569 reset_bracount = FALSE;
5570
5571 /* First deal with various "verbs" that can be introduced by '*'. */
5572
5573 ptr++;
5574 if (ptr[0] == CHAR_ASTERISK && (ptr[1] == ':'
5575 || (MAX_255(ptr[1]) && ((cd->ctypes[ptr[1]] & ctype_letter) != 0))))
5576 {
5577 int i, namelen;
5578 int arglen = 0;
5579 const char *vn = verbnames;
5580 const pcre_uchar *name = ptr + 1;
5581 const pcre_uchar *arg = NULL;
5582 previous = NULL;
5583 ptr++;
5584 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_letter) != 0) ptr++;
5585 namelen = (int)(ptr - name);
5586
5587 /* It appears that Perl allows any characters whatsoever, other than
5588 a closing parenthesis, to appear in arguments, so we no longer insist on
5589 letters, digits, and underscores. */
5590
5591 if (*ptr == CHAR_COLON)
5592 {
5593 arg = ++ptr;
5594 while (*ptr != CHAR_NULL && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
5595 arglen = (int)(ptr - arg);
5596 if ((unsigned int)arglen > MAX_MARK)
5597 {
5598 *errorcodeptr = ERR75;
5599 goto FAILED;
5600 }
5601 }
5602
5603 if (*ptr != CHAR_RIGHT_PARENTHESIS)
5604 {
5605 *errorcodeptr = ERR60;
5606 goto FAILED;
5607 }
5608
5609 /* Scan the table of verb names */
5610
5611 for (i = 0; i < verbcount; i++)
5612 {
5613 if (namelen == verbs[i].len &&
5614 STRNCMP_UC_C8(name, vn, namelen) == 0)
5615 {
5616 int setverb;
5617
5618 /* Check for open captures before ACCEPT and convert it to
5619 ASSERT_ACCEPT if in an assertion. */
5620
5621 if (verbs[i].op == OP_ACCEPT)
5622 {
5623 open_capitem *oc;
5624 if (arglen != 0)
5625 {
5626 *errorcodeptr = ERR59;
5627 goto FAILED;
5628 }
5629 cd->had_accept = TRUE;
5630 for (oc = cd->open_caps; oc != NULL; oc = oc->next)
5631 {
5632 *code++ = OP_CLOSE;
5633 PUT2INC(code, 0, oc->number);
5634 }
5635 setverb = *code++ =
5636 (cd->assert_depth > 0)? OP_ASSERT_ACCEPT : OP_ACCEPT;
5637
5638 /* Do not set firstchar after *ACCEPT */
5639 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
5640 }
5641
5642 /* Handle other cases with/without an argument */
5643
5644 else if (arglen == 0)
5645 {
5646 if (verbs[i].op < 0) /* Argument is mandatory */
5647 {
5648 *errorcodeptr = ERR66;
5649 goto FAILED;
5650 }
5651 setverb = *code++ = verbs[i].op;
5652 }
5653
5654 else
5655 {
5656 if (verbs[i].op_arg < 0) /* Argument is forbidden */
5657 {
5658 *errorcodeptr = ERR59;
5659 goto FAILED;
5660 }
5661 setverb = *code++ = verbs[i].op_arg;
5662 *code++ = arglen;
5663 memcpy(code, arg, IN_UCHARS(arglen));
5664 code += arglen;
5665 *code++ = 0;
5666 }
5667
5668 switch (setverb)
5669 {
5670 case OP_THEN:
5671 case OP_THEN_ARG:
5672 cd->external_flags |= PCRE_HASTHEN;
5673 break;
5674
5675 case OP_PRUNE:
5676 case OP_PRUNE_ARG:
5677 case OP_SKIP:
5678 case OP_SKIP_ARG:
5679 cd->had_pruneorskip = TRUE;
5680 break;
5681 }
5682
5683 break; /* Found verb, exit loop */
5684 }
5685
5686 vn += verbs[i].len + 1;
5687 }
5688
5689 if (i < verbcount) continue; /* Successfully handled a verb */
5690 *errorcodeptr = ERR60; /* Verb not recognized */
5691 goto FAILED;
5692 }
5693
5694 /* Deal with the extended parentheses; all are introduced by '?', and the
5695 appearance of any of them means that this is not a capturing group. */
5696
5697 else if (*ptr == CHAR_QUESTION_MARK)
5698 {
5699 int i, set, unset, namelen;
5700 int *optset;
5701 const pcre_uchar *name;
5702 pcre_uchar *slot;
5703
5704 switch (*(++ptr))
5705 {
5706 case CHAR_NUMBER_SIGN: /* Comment; skip to ket */
5707 ptr++;
5708 while (*ptr != CHAR_NULL && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
5709 if (*ptr == CHAR_NULL)
5710 {
5711 *errorcodeptr = ERR18;
5712 goto FAILED;
5713 }
5714 continue;
5715
5716
5717 /* ------------------------------------------------------------ */
5718 case CHAR_VERTICAL_LINE: /* Reset capture count for each branch */
5719 reset_bracount = TRUE;
5720 /* Fall through */
5721
5722 /* ------------------------------------------------------------ */
5723 case CHAR_COLON: /* Non-capturing bracket */
5724 bravalue = OP_BRA;
5725 ptr++;
5726 break;
5727
5728
5729 /* ------------------------------------------------------------ */
5730 case CHAR_LEFT_PARENTHESIS:
5731 bravalue = OP_COND; /* Conditional group */
5732 tempptr = ptr;
5733
5734 /* A condition can be an assertion, a number (referring to a numbered
5735 group), a name (referring to a named group), or 'R', referring to
5736 recursion. R<digits> and R&name are also permitted for recursion tests.
5737
5738 There are several syntaxes for testing a named group: (?(name)) is used
5739 by Python; Perl 5.10 onwards uses (?(<name>) or (?('name')).
5740
5741 There are two unfortunate ambiguities, caused by history. (a) 'R' can
5742 be the recursive thing or the name 'R' (and similarly for 'R' followed
5743 by digits), and (b) a number could be a name that consists of digits.
5744 In both cases, we look for a name first; if not found, we try the other
5745 cases.
5746
5747 For compatibility with auto-callouts, we allow a callout to be
5748 specified before a condition that is an assertion. First, check for the
5749 syntax of a callout; if found, adjust the temporary pointer that is
5750 used to check for an assertion condition. That's all that is needed! */
5751
5752 if (ptr[1] == CHAR_QUESTION_MARK && ptr[2] == CHAR_C)
5753 {
5754 for (i = 3;; i++) if (!IS_DIGIT(ptr[i])) break;
5755 if (ptr[i] == CHAR_RIGHT_PARENTHESIS)
5756 tempptr += i + 1;
5757 }
5758
5759 /* For conditions that are assertions, check the syntax, and then exit
5760 the switch. This will take control down to where bracketed groups,
5761 including assertions, are processed. */
5762
5763 if (tempptr[1] == CHAR_QUESTION_MARK &&
5764 (tempptr[2] == CHAR_EQUALS_SIGN ||
5765 tempptr[2] == CHAR_EXCLAMATION_MARK ||
5766 tempptr[2] == CHAR_LESS_THAN_SIGN))
5767 break;
5768
5769 /* Most other conditions use OP_CREF (a couple change to OP_RREF
5770 below), and all need to skip 1+IMM2_SIZE bytes at the start of the group. */
5771
5772 code[1+LINK_SIZE] = OP_CREF;
5773 skipbytes = 1+IMM2_SIZE;
5774 refsign = -1;
5775
5776 /* Check for a test for recursion in a named group. */
5777
5778 if (ptr[1] == CHAR_R && ptr[2] == CHAR_AMPERSAND)
5779 {
5780 terminator = -1;
5781 ptr += 2;
5782 code[1+LINK_SIZE] = OP_RREF; /* Change the type of test */
5783 }
5784
5785 /* Check for a test for a named group's having been set, using the Perl
5786 syntax (?(<name>) or (?('name') */
5787
5788 else if (ptr[1] == CHAR_LESS_THAN_SIGN)
5789 {
5790 terminator = CHAR_GREATER_THAN_SIGN;
5791 ptr++;
5792 }
5793 else if (ptr[1] == CHAR_APOSTROPHE)
5794 {
5795 terminator = CHAR_APOSTROPHE;
5796 ptr++;
5797 }
5798 else
5799 {
5800 terminator = CHAR_NULL;
5801 if (ptr[1] == CHAR_MINUS || ptr[1] == CHAR_PLUS) refsign = *(++ptr);
5802 }
5803
5804 /* We now expect to read a name; any thing else is an error */
5805
5806 if (!MAX_255(ptr[1]) || (cd->ctypes[ptr[1]] & ctype_word) == 0)
5807 {
5808 ptr += 1; /* To get the right offset */
5809 *errorcodeptr = ERR28;
5810 goto FAILED;
5811 }
5812
5813 /* Read the name, but also get it as a number if it's all digits */
5814
5815 recno = 0;
5816 name = ++ptr;
5817 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_word) != 0)
5818 {
5819 if (recno >= 0)
5820 recno = (IS_DIGIT(*ptr))? recno * 10 + (int)(*ptr - CHAR_0) : -1;
5821 ptr++;
5822 }
5823 namelen = (int)(ptr - name);
5824
5825 if ((terminator > 0 && *ptr++ != (pcre_uchar)terminator) ||
5826 *ptr++ != CHAR_RIGHT_PARENTHESIS)
5827 {
5828 ptr--; /* Error offset */
5829 *errorcodeptr = ERR26;
5830 goto FAILED;
5831 }
5832
5833 /* Do no further checking in the pre-compile phase. */
5834
5835 if (lengthptr != NULL) break;
5836
5837 /* In the real compile we do the work of looking for the actual
5838 reference. If the string started with "+" or "-" we require the rest to
5839 be digits, in which case recno will be set. */
5840
5841 if (refsign > 0)
5842 {
5843 if (recno <= 0)
5844 {
5845 *errorcodeptr = ERR58;
5846 goto FAILED;
5847 }
5848 recno = (refsign == CHAR_MINUS)?
5849 cd->bracount - recno + 1 : recno +cd->bracount;
5850 if (recno <= 0 || recno > cd->final_bracount)
5851 {
5852 *errorcodeptr = ERR15;
5853 goto FAILED;
5854 }
5855 PUT2(code, 2+LINK_SIZE, recno);
5856 break;
5857 }
5858
5859 /* Otherwise (did not start with "+" or "-"), start by looking for the
5860 name. If we find a name, add one to the opcode to change OP_CREF or
5861 OP_RREF into OP_NCREF or OP_NRREF. These behave exactly the same,
5862 except they record that the reference was originally to a name. The
5863 information is used to check duplicate names. */
5864
5865 slot = cd->name_table;
5866 for (i = 0; i < cd->names_found; i++)
5867 {
5868 if (STRNCMP_UC_UC(name, slot+IMM2_SIZE, namelen) == 0) break;
5869 slot += cd->name_entry_size;
5870 }
5871
5872 /* Found a previous named subpattern */
5873
5874 if (i < cd->names_found)
5875 {
5876 recno = GET2(slot, 0);
5877 PUT2(code, 2+LINK_SIZE, recno);
5878 code[1+LINK_SIZE]++;
5879 }
5880
5881 /* Search the pattern for a forward reference */
5882
5883 else if ((i = find_parens(cd, name, namelen,
5884 (options & PCRE_EXTENDED) != 0, utf)) > 0)
5885 {
5886 PUT2(code, 2+LINK_SIZE, i);
5887 code[1+LINK_SIZE]++;
5888 }
5889
5890 /* If terminator == CHAR_NULL it means that the name followed directly
5891 after the opening parenthesis [e.g. (?(abc)...] and in this case there
5892 are some further alternatives to try. For the cases where terminator !=
5893 0 [things like (?(<name>... or (?('name')... or (?(R&name)... ] we have
5894 now checked all the possibilities, so give an error. */
5895
5896 else if (terminator != CHAR_NULL)
5897 {
5898 *errorcodeptr = ERR15;
5899 goto FAILED;
5900 }
5901
5902 /* Check for (?(R) for recursion. Allow digits after R to specify a
5903 specific group number. */
5904
5905 else if (*name == CHAR_R)
5906 {
5907 recno = 0;
5908 for (i = 1; i < namelen; i++)
5909 {
5910 if (!IS_DIGIT(name[i]))
5911 {
5912 *errorcodeptr = ERR15;
5913 goto FAILED;
5914 }
5915 recno = recno * 10 + name[i] - CHAR_0;
5916 }
5917 if (recno == 0) recno = RREF_ANY;
5918 code[1+LINK_SIZE] = OP_RREF; /* Change test type */
5919 PUT2(code, 2+LINK_SIZE, recno);
5920 }
5921
5922 /* Similarly, check for the (?(DEFINE) "condition", which is always
5923 false. */
5924
5925 else if (namelen == 6 && STRNCMP_UC_C8(name, STRING_DEFINE, 6) == 0)
5926 {
5927 code[1+LINK_SIZE] = OP_DEF;
5928 skipbytes = 1;
5929 }
5930
5931 /* Check for the "name" actually being a subpattern number. We are
5932 in the second pass here, so final_bracount is set. */
5933
5934 else if (recno > 0 && recno <= cd->final_bracount)
5935 {
5936 PUT2(code, 2+LINK_SIZE, recno);
5937 }
5938
5939 /* Either an unidentified subpattern, or a reference to (?(0) */
5940
5941 else
5942 {
5943 *errorcodeptr = (recno == 0)? ERR35: ERR15;
5944 goto FAILED;
5945 }
5946 break;
5947
5948
5949 /* ------------------------------------------------------------ */
5950 case CHAR_EQUALS_SIGN: /* Positive lookahead */
5951 bravalue = OP_ASSERT;
5952 cd->assert_depth += 1;
5953 ptr++;
5954 break;
5955
5956
5957 /* ------------------------------------------------------------ */
5958 case CHAR_EXCLAMATION_MARK: /* Negative lookahead */
5959 ptr++;
5960 if (*ptr == CHAR_RIGHT_PARENTHESIS) /* Optimize (?!) */
5961 {
5962 *code++ = OP_FAIL;
5963 previous = NULL;
5964 continue;
5965 }
5966 bravalue = OP_ASSERT_NOT;
5967 cd->assert_depth += 1;
5968 break;
5969
5970
5971 /* ------------------------------------------------------------ */
5972 case CHAR_LESS_THAN_SIGN: /* Lookbehind or named define */
5973 switch (ptr[1])
5974 {
5975 case CHAR_EQUALS_SIGN: /* Positive lookbehind */
5976 bravalue = OP_ASSERTBACK;
5977 cd->assert_depth += 1;
5978 ptr += 2;
5979 break;
5980
5981 case CHAR_EXCLAMATION_MARK: /* Negative lookbehind */
5982 bravalue = OP_ASSERTBACK_NOT;
5983 cd->assert_depth += 1;
5984 ptr += 2;
5985 break;
5986
5987 default: /* Could be name define, else bad */
5988 if (MAX_255(ptr[1]) && (cd->ctypes[ptr[1]] & ctype_word) != 0)
5989 goto DEFINE_NAME;
5990 ptr++; /* Correct offset for error */
5991 *errorcodeptr = ERR24;
5992 goto FAILED;
5993 }
5994 break;
5995
5996
5997 /* ------------------------------------------------------------ */
5998 case CHAR_GREATER_THAN_SIGN: /* One-time brackets */
5999 bravalue = OP_ONCE;
6000 ptr++;
6001 break;
6002
6003
6004 /* ------------------------------------------------------------ */
6005 case CHAR_C: /* Callout - may be followed by digits; */
6006 previous_callout = code; /* Save for later completion */
6007 after_manual_callout = 1; /* Skip one item before completing */
6008 *code++ = OP_CALLOUT;
6009 {
6010 int n = 0;
6011 ptr++;
6012 while(IS_DIGIT(*ptr))
6013 n = n * 10 + *ptr++ - CHAR_0;
6014 if (*ptr != CHAR_RIGHT_PARENTHESIS)
6015 {
6016 *errorcodeptr = ERR39;
6017 goto FAILED;
6018 }
6019 if (n > 255)
6020 {
6021 *errorcodeptr = ERR38;
6022 goto FAILED;
6023 }
6024 *code++ = n;
6025 PUT(code, 0, (int)(ptr - cd->start_pattern + 1)); /* Pattern offset */
6026 PUT(code, LINK_SIZE, 0); /* Default length */
6027 code += 2 * LINK_SIZE;
6028 }
6029 previous = NULL;
6030 continue;
6031
6032
6033 /* ------------------------------------------------------------ */
6034 case CHAR_P: /* Python-style named subpattern handling */
6035 if (*(++ptr) == CHAR_EQUALS_SIGN ||
6036 *ptr == CHAR_GREATER_THAN_SIGN) /* Reference or recursion */
6037 {
6038 is_recurse = *ptr == CHAR_GREATER_THAN_SIGN;
6039 terminator = CHAR_RIGHT_PARENTHESIS;
6040 goto NAMED_REF_OR_RECURSE;
6041 }
6042 else if (*ptr != CHAR_LESS_THAN_SIGN) /* Test for Python-style defn */
6043 {
6044 *errorcodeptr = ERR41;
6045 goto FAILED;
6046 }
6047 /* Fall through to handle (?P< as (?< is handled */
6048
6049
6050 /* ------------------------------------------------------------ */
6051 DEFINE_NAME: /* Come here from (?< handling */
6052 case CHAR_APOSTROPHE:
6053 {
6054 terminator = (*ptr == CHAR_LESS_THAN_SIGN)?
6055 CHAR_GREATER_THAN_SIGN : CHAR_APOSTROPHE;
6056 name = ++ptr;
6057
6058 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_word) != 0) ptr++;
6059 namelen = (int)(ptr - name);
6060
6061 /* In the pre-compile phase, just do a syntax check. */
6062
6063 if (lengthptr != NULL)
6064 {
6065 if (*ptr != (pcre_uchar)terminator)
6066 {
6067 *errorcodeptr = ERR42;
6068 goto FAILED;
6069 }
6070 if (cd->names_found >= MAX_NAME_COUNT)
6071 {
6072 *errorcodeptr = ERR49;
6073 goto FAILED;
6074 }
6075 if (namelen + IMM2_SIZE + 1 > cd->name_entry_size)
6076 {
6077 cd->name_entry_size = namelen + IMM2_SIZE + 1;
6078 if (namelen > MAX_NAME_SIZE)
6079 {
6080 *errorcodeptr = ERR48;
6081 goto FAILED;
6082 }
6083 }
6084 }
6085
6086 /* In the real compile, create the entry in the table, maintaining
6087 alphabetical order. Duplicate names for different numbers are
6088 permitted only if PCRE_DUPNAMES is set. Duplicate names for the same
6089 number are always OK. (An existing number can be re-used if (?|
6090 appears in the pattern.) In either event, a duplicate name results in
6091 a duplicate entry in the table, even if the number is the same. This
6092 is because the number of names, and hence the table size, is computed
6093 in the pre-compile, and it affects various numbers and pointers which
6094 would all have to be modified, and the compiled code moved down, if
6095 duplicates with the same number were omitted from the table. This
6096 doesn't seem worth the hassle. However, *different* names for the
6097 same number are not permitted. */
6098
6099 else
6100 {
6101 BOOL dupname = FALSE;
6102 slot = cd->name_table;
6103
6104 for (i = 0; i < cd->names_found; i++)
6105 {
6106 int crc = memcmp(name, slot+IMM2_SIZE, IN_UCHARS(namelen));
6107 if (crc == 0)
6108 {
6109 if (slot[IMM2_SIZE+namelen] == 0)
6110 {
6111 if (GET2(slot, 0) != cd->bracount + 1 &&
6112 (options & PCRE_DUPNAMES) == 0)
6113 {
6114 *errorcodeptr = ERR43;
6115 goto FAILED;
6116 }
6117 else dupname = TRUE;
6118 }
6119 else crc = -1; /* Current name is a substring */
6120 }
6121
6122 /* Make space in the table and break the loop for an earlier
6123 name. For a duplicate or later name, carry on. We do this for
6124 duplicates so that in the simple case (when ?(| is not used) they
6125 are in order of their numbers. */
6126
6127 if (crc < 0)
6128 {
6129 memmove(slot + cd->name_entry_size, slot,
6130 IN_UCHARS((cd->names_found - i) * cd->name_entry_size));
6131 break;
6132 }
6133
6134 /* Continue the loop for a later or duplicate name */
6135
6136 slot += cd->name_entry_size;
6137 }
6138
6139 /* For non-duplicate names, check for a duplicate number before
6140 adding the new name. */
6141
6142 if (!dupname)
6143 {
6144 pcre_uchar *cslot = cd->name_table;
6145 for (i = 0; i < cd->names_found; i++)
6146 {
6147 if (cslot != slot)
6148 {
6149 if (GET2(cslot, 0) == cd->bracount + 1)
6150 {
6151 *errorcodeptr = ERR65;
6152 goto FAILED;
6153 }
6154 }
6155 else i--;
6156 cslot += cd->name_entry_size;
6157 }
6158 }
6159
6160 PUT2(slot, 0, cd->bracount + 1);
6161 memcpy(slot + IMM2_SIZE, name, IN_UCHARS(namelen));
6162 slot[IMM2_SIZE + namelen] = 0;
6163 }
6164 }
6165
6166 /* In both pre-compile and compile, count the number of names we've
6167 encountered. */
6168
6169 cd->names_found++;
6170 ptr++; /* Move past > or ' */
6171 goto NUMBERED_GROUP;
6172
6173
6174 /* ------------------------------------------------------------ */
6175 case CHAR_AMPERSAND: /* Perl recursion/subroutine syntax */
6176 terminator = CHAR_RIGHT_PARENTHESIS;
6177 is_recurse = TRUE;
6178 /* Fall through */
6179
6180 /* We come here from the Python syntax above that handles both
6181 references (?P=name) and recursion (?P>name), as well as falling
6182 through from the Perl recursion syntax (?&name). We also come here from
6183 the Perl \k<name> or \k'name' back reference syntax and the \k{name}
6184 .NET syntax, and the Oniguruma \g<...> and \g'...' subroutine syntax. */
6185
6186 NAMED_REF_OR_RECURSE:
6187 name = ++ptr;
6188 while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_word) != 0) ptr++;
6189 namelen = (int)(ptr - name);
6190
6191 /* In the pre-compile phase, do a syntax check. We used to just set
6192 a dummy reference number, because it was not used in the first pass.
6193 However, with the change of recursive back references to be atomic,
6194 we have to look for the number so that this state can be identified, as
6195 otherwise the incorrect length is computed. If it's not a backwards
6196 reference, the dummy number will do. */
6197
6198 if (lengthptr != NULL)
6199 {
6200 const pcre_uchar *temp;
6201
6202 if (namelen == 0)
6203 {
6204 *errorcodeptr = ERR62;
6205 goto FAILED;
6206 }
6207 if (*ptr != (pcre_uchar)terminator)
6208 {
6209 *errorcodeptr = ERR42;
6210 goto FAILED;
6211 }
6212 if (namelen > MAX_NAME_SIZE)
6213 {
6214 *errorcodeptr = ERR48;
6215 goto FAILED;
6216 }
6217
6218 /* The name table does not exist in the first pass, so we cannot
6219 do a simple search as in the code below. Instead, we have to scan the
6220 pattern to find the number. It is important that we scan it only as
6221 far as we have got because the syntax of named subpatterns has not
6222 been checked for the rest of the pattern, and find_parens() assumes
6223 correct syntax. In any case, it's a waste of resources to scan
6224 further. We stop the scan at the current point by temporarily
6225 adjusting the value of cd->endpattern. */
6226
6227 temp = cd->end_pattern;
6228 cd->end_pattern = ptr;
6229 recno = find_parens(cd, name, namelen,
6230 (options & PCRE_EXTENDED) != 0, utf);
6231 cd->end_pattern = temp;
6232 if (recno < 0) recno = 0; /* Forward ref; set dummy number */
6233 }
6234
6235 /* In the real compile, seek the name in the table. We check the name
6236 first, and then check that we have reached the end of the name in the
6237 table. That way, if the name that is longer than any in the table,
6238 the comparison will fail without reading beyond the table entry. */
6239
6240 else
6241 {
6242 slot = cd->name_table;
6243 for (i = 0; i < cd->names_found; i++)
6244 {
6245 if (STRNCMP_UC_UC(name, slot+IMM2_SIZE, namelen) == 0 &&
6246 slot[IMM2_SIZE+namelen] == 0)
6247 break;
6248 slot += cd->name_entry_size;
6249 }
6250
6251 if (i < cd->names_found) /* Back reference */
6252 {
6253 recno = GET2(slot, 0);
6254 }
6255 else if ((recno = /* Forward back reference */
6256 find_parens(cd, name, namelen,
6257 (options & PCRE_EXTENDED) != 0, utf)) <= 0)
6258 {
6259 *errorcodeptr = ERR15;
6260 goto FAILED;
6261 }
6262 }
6263
6264 /* In both phases, we can now go to the code than handles numerical
6265 recursion or backreferences. */
6266
6267 if (is_recurse) goto HANDLE_RECURSION;
6268 else goto HANDLE_REFERENCE;
6269
6270
6271 /* ------------------------------------------------------------ */
6272 case CHAR_R: /* Recursion */
6273 ptr++; /* Same as (?0) */
6274 /* Fall through */
6275
6276
6277 /* ------------------------------------------------------------ */
6278 case CHAR_MINUS: case CHAR_PLUS: /* Recursion or subroutine */
6279 case CHAR_0: case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4:
6280 case CHAR_5: case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
6281 {
6282 const pcre_uchar *called;
6283 terminator = CHAR_RIGHT_PARENTHESIS;
6284
6285 /* Come here from the \g<...> and \g'...' code (Oniguruma
6286 compatibility). However, the syntax has been checked to ensure that
6287 the ... are a (signed) number, so that neither ERR63 nor ERR29 will
6288 be called on this path, nor with the jump to OTHER_CHAR_AFTER_QUERY
6289 ever be taken. */
6290
6291 HANDLE_NUMERICAL_RECURSION:
6292
6293 if ((refsign = *ptr) == CHAR_PLUS)
6294 {
6295 ptr++;
6296 if (!IS_DIGIT(*ptr))
6297 {
6298 *errorcodeptr = ERR63;
6299 goto FAILED;
6300 }
6301 }
6302 else if (refsign == CHAR_MINUS)
6303 {
6304 if (!IS_DIGIT(ptr[1]))
6305 goto OTHER_CHAR_AFTER_QUERY;
6306 ptr++;
6307 }
6308
6309 recno = 0;
6310 while(IS_DIGIT(*ptr))
6311 recno = recno * 10 + *ptr++ - CHAR_0;
6312
6313 if (*ptr != (pcre_uchar)terminator)
6314 {
6315 *errorcodeptr = ERR29;
6316 goto FAILED;
6317 }
6318
6319 if (refsign == CHAR_MINUS)
6320 {
6321 if (recno == 0)
6322 {
6323 *errorcodeptr = ERR58;
6324 goto FAILED;
6325 }
6326 recno = cd->bracount - recno + 1;
6327 if (recno <= 0)
6328 {
6329 *errorcodeptr = ERR15;
6330 goto FAILED;
6331 }
6332 }
6333 else if (refsign == CHAR_PLUS)
6334 {
6335 if (recno == 0)
6336 {
6337 *errorcodeptr = ERR58;
6338 goto FAILED;
6339 }
6340 recno += cd->bracount;
6341 }
6342
6343 /* Come here from code above that handles a named recursion */
6344
6345 HANDLE_RECURSION:
6346
6347 previous = code;
6348 called = cd->start_code;
6349
6350 /* When we are actually compiling, find the bracket that is being
6351 referenced. Temporarily end the regex in case it doesn't exist before
6352 this point. If we end up with a forward reference, first check that
6353 the bracket does occur later so we can give the error (and position)
6354 now. Then remember this forward reference in the workspace so it can
6355 be filled in at the end. */
6356
6357 if (lengthptr == NULL)
6358 {
6359 *code = OP_END;
6360 if (recno != 0)
6361 called = PRIV(find_bracket)(cd->start_code, utf, recno);
6362
6363 /* Forward reference */
6364
6365 if (called == NULL)
6366 {
6367 if (find_parens(cd, NULL, recno,
6368 (options & PCRE_EXTENDED) != 0, utf) < 0)
6369 {
6370 *errorcodeptr = ERR15;
6371 goto FAILED;
6372 }
6373
6374 /* Fudge the value of "called" so that when it is inserted as an
6375 offset below, what it actually inserted is the reference number
6376 of the group. Then remember the forward reference. */
6377
6378 called = cd->start_code + recno;
6379 if (cd->hwm >= cd->start_workspace + cd->workspace_size -
6380 WORK_SIZE_SAFETY_MARGIN)
6381 {
6382 *errorcodeptr = expand_workspace(cd);
6383 if (*errorcodeptr != 0) goto FAILED;
6384 }
6385 PUTINC(cd->hwm, 0, (int)(code + 1 - cd->start_code));
6386 }
6387
6388 /* If not a forward reference, and the subpattern is still open,
6389 this is a recursive call. We check to see if this is a left
6390 recursion that could loop for ever, and diagnose that case. We
6391 must not, however, do this check if we are in a conditional
6392 subpattern because the condition might be testing for recursion in
6393 a pattern such as /(?(R)a+|(?R)b)/, which is perfectly valid.
6394 Forever loops are also detected at runtime, so those that occur in
6395 conditional subpatterns will be picked up then. */
6396
6397 else if (GET(called, 1) == 0 && cond_depth <= 0 &&
6398 could_be_empty(called, code, bcptr, utf, cd))
6399 {
6400 *errorcodeptr = ERR40;
6401 goto FAILED;
6402 }
6403 }
6404
6405 /* Insert the recursion/subroutine item. It does not have a set first
6406 character (relevant if it is repeated, because it will then be
6407 wrapped with ONCE brackets). */
6408
6409 *code = OP_RECURSE;
6410 PUT(code, 1, (int)(called - cd->start_code));
6411 code += 1 + LINK_SIZE;
6412 groupsetfirstchar = FALSE;
6413 }
6414
6415 /* Can't determine a first byte now */
6416
6417 if (firstcharflags == REQ_UNSET) firstcharflags = REQ_NONE;
6418 continue;
6419
6420
6421 /* ------------------------------------------------------------ */
6422 default: /* Other characters: check option setting */
6423 OTHER_CHAR_AFTER_QUERY:
6424 set = unset = 0;
6425 optset = &set;
6426
6427 while (*ptr != CHAR_RIGHT_PARENTHESIS && *ptr != CHAR_COLON)
6428 {
6429 switch (*ptr++)
6430 {
6431 case CHAR_MINUS: optset = &unset; break;
6432
6433 case CHAR_J: /* Record that it changed in the external options */
6434 *optset |= PCRE_DUPNAMES;
6435 cd->external_flags |= PCRE_JCHANGED;
6436 break;
6437
6438 case CHAR_i: *optset |= PCRE_CASELESS; break;
6439 case CHAR_m: *optset |= PCRE_MULTILINE; break;
6440 case CHAR_s: *optset |= PCRE_DOTALL; break;
6441 case CHAR_x: *optset |= PCRE_EXTENDED; break;
6442 case CHAR_U: *optset |= PCRE_UNGREEDY; break;
6443 case CHAR_X: *optset |= PCRE_EXTRA; break;
6444
6445 default: *errorcodeptr = ERR12;
6446 ptr--; /* Correct the offset */
6447 goto FAILED;
6448 }
6449 }
6450
6451 /* Set up the changed option bits, but don't change anything yet. */
6452
6453 newoptions = (options | set) & (~unset);
6454
6455 /* If the options ended with ')' this is not the start of a nested
6456 group with option changes, so the options change at this level. If this
6457 item is right at the start of the pattern, the options can be
6458 abstracted and made external in the pre-compile phase, and ignored in
6459 the compile phase. This can be helpful when matching -- for instance in
6460 caseless checking of required bytes.
6461
6462 If the code pointer is not (cd->start_code + 1 + LINK_SIZE), we are
6463 definitely *not* at the start of the pattern because something has been
6464 compiled. In the pre-compile phase, however, the code pointer can have
6465 that value after the start, because it gets reset as code is discarded
6466 during the pre-compile. However, this can happen only at top level - if
6467 we are within parentheses, the starting BRA will still be present. At
6468 any parenthesis level, the length value can be used to test if anything
6469 has been compiled at that level. Thus, a test for both these conditions
6470 is necessary to ensure we correctly detect the start of the pattern in
6471 both phases.
6472
6473 If we are not at the pattern start, reset the greedy defaults and the
6474 case value for firstchar and reqchar. */
6475
6476 if (*ptr == CHAR_RIGHT_PARENTHESIS)
6477 {
6478 if (code == cd->start_code + 1 + LINK_SIZE &&
6479 (lengthptr == NULL || *lengthptr == 2 + 2*LINK_SIZE))
6480 {
6481 cd->external_options = newoptions;
6482 }
6483 else
6484 {
6485 greedy_default = ((newoptions & PCRE_UNGREEDY) != 0);
6486 greedy_non_default = greedy_default ^ 1;
6487 req_caseopt = ((newoptions & PCRE_CASELESS) != 0)? REQ_CASELESS:0;
6488 }
6489
6490 /* Change options at this level, and pass them back for use
6491 in subsequent branches. */
6492
6493 *optionsptr = options = newoptions;
6494 previous = NULL; /* This item can't be repeated */
6495 continue; /* It is complete */
6496 }
6497
6498 /* If the options ended with ':' we are heading into a nested group
6499 with possible change of options. Such groups are non-capturing and are
6500 not assertions of any kind. All we need to do is skip over the ':';
6501 the newoptions value is handled below. */
6502
6503 bravalue = OP_BRA;
6504 ptr++;
6505 } /* End of switch for character following (? */
6506 } /* End of (? handling */
6507
6508 /* Opening parenthesis not followed by '*' or '?'. If PCRE_NO_AUTO_CAPTURE
6509 is set, all unadorned brackets become non-capturing and behave like (?:...)
6510 brackets. */
6511
6512 else if ((options & PCRE_NO_AUTO_CAPTURE) != 0)
6513 {
6514 bravalue = OP_BRA;
6515 }
6516
6517 /* Else we have a capturing group. */
6518
6519 else
6520 {
6521 NUMBERED_GROUP:
6522 cd->bracount += 1;
6523 PUT2(code, 1+LINK_SIZE, cd->bracount);
6524 skipbytes = IMM2_SIZE;
6525 }
6526
6527 /* Process nested bracketed regex. Assertions used not to be repeatable,
6528 but this was changed for Perl compatibility, so all kinds can now be
6529 repeated. We copy code into a non-register variable (tempcode) in order to
6530 be able to pass its address because some compilers complain otherwise. */
6531
6532 previous = code; /* For handling repetition */
6533 *code = bravalue;
6534 tempcode = code;
6535 tempreqvary = cd->req_varyopt; /* Save value before bracket */
6536 tempbracount = cd->bracount; /* Save value before bracket */
6537 length_prevgroup = 0; /* Initialize for pre-compile phase */
6538
6539 if (!compile_regex(
6540 newoptions, /* The complete new option state */
6541 &tempcode, /* Where to put code (updated) */
6542 &ptr, /* Input pointer (updated) */
6543 errorcodeptr, /* Where to put an error message */
6544 (bravalue == OP_ASSERTBACK ||
6545 bravalue == OP_ASSERTBACK_NOT), /* TRUE if back assert */
6546 reset_bracount, /* True if (?| group */
6547 skipbytes, /* Skip over bracket number */
6548 cond_depth +
6549 ((bravalue == OP_COND)?1:0), /* Depth of condition subpatterns */
6550 &subfirstchar, /* For possible first char */
6551 &subfirstcharflags,
6552 &subreqchar, /* For possible last char */
6553 &subreqcharflags,
6554 bcptr, /* Current branch chain */
6555 cd, /* Tables block */
6556 (lengthptr == NULL)? NULL : /* Actual compile phase */
6557 &length_prevgroup /* Pre-compile phase */
6558 ))
6559 goto FAILED;
6560
6561 /* If this was an atomic group and there are no capturing groups within it,
6562 generate OP_ONCE_NC instead of OP_ONCE. */
6563
6564 if (bravalue == OP_ONCE && cd->bracount <= tempbracount)
6565 *code = OP_ONCE_NC;
6566
6567 if (bravalue >= OP_ASSERT && bravalue <= OP_ASSERTBACK_NOT)
6568 cd->assert_depth -= 1;
6569
6570 /* At the end of compiling, code is still pointing to the start of the
6571 group, while tempcode has been updated to point past the end of the group.
6572 The pattern pointer (ptr) is on the bracket.
6573
6574 If this is a conditional bracket, check that there are no more than
6575 two branches in the group, or just one if it's a DEFINE group. We do this
6576 in the real compile phase, not in the pre-pass, where the whole group may
6577 not be available. */
6578
6579 if (bravalue == OP_COND && lengthptr == NULL)
6580 {
6581 pcre_uchar *tc = code;
6582 int condcount = 0;
6583
6584 do {
6585 condcount++;
6586 tc += GET(tc,1);
6587 }
6588 while (*tc != OP_KET);
6589
6590 /* A DEFINE group is never obeyed inline (the "condition" is always
6591 false). It must have only one branch. */
6592
6593 if (code[LINK_SIZE+1] == OP_DEF)
6594 {
6595 if (condcount > 1)
6596 {
6597 *errorcodeptr = ERR54;
6598 goto FAILED;
6599 }
6600 bravalue = OP_DEF; /* Just a flag to suppress char handling below */
6601 }
6602
6603 /* A "normal" conditional group. If there is just one branch, we must not
6604 make use of its firstchar or reqchar, because this is equivalent to an
6605 empty second branch. */
6606
6607 else
6608 {
6609 if (condcount > 2)
6610 {
6611 *errorcodeptr = ERR27;
6612 goto FAILED;
6613 }
6614 if (condcount == 1) subfirstcharflags = subreqcharflags = REQ_NONE;
6615 }
6616 }
6617
6618 /* Error if hit end of pattern */
6619
6620 if (*ptr != CHAR_RIGHT_PARENTHESIS)
6621 {
6622 *errorcodeptr = ERR14;
6623 goto FAILED;
6624 }
6625
6626 /* In the pre-compile phase, update the length by the length of the group,
6627 less the brackets at either end. Then reduce the compiled code to just a
6628 set of non-capturing brackets so that it doesn't use much memory if it is
6629 duplicated by a quantifier.*/
6630
6631 if (lengthptr != NULL)
6632 {
6633 if (OFLOW_MAX - *lengthptr < length_prevgroup - 2 - 2*LINK_SIZE)
6634 {
6635 *errorcodeptr = ERR20;
6636 goto FAILED;
6637 }
6638 *lengthptr += length_prevgroup - 2 - 2*LINK_SIZE;
6639 code++; /* This already contains bravalue */
6640 PUTINC(code, 0, 1 + LINK_SIZE);
6641 *code+