/[pcre]/code/trunk/pcre_compile.c
ViewVC logotype

Diff of /code/trunk/pcre_compile.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 87 by nigel, Sat Feb 24 21:41:21 2007 UTC revision 964 by ph10, Fri May 4 13:03:39 2012 UTC
# Line 6  Line 6 
6  and semantics are as close as possible to those of the Perl 5 language.  and semantics are as close as possible to those of the Perl 5 language.
7    
8                         Written by Philip Hazel                         Written by Philip Hazel
9             Copyright (c) 1997-2006 University of Cambridge             Copyright (c) 1997-2012 University of Cambridge
10    
11  -----------------------------------------------------------------------------  -----------------------------------------------------------------------------
12  Redistribution and use in source and binary forms, with or without  Redistribution and use in source and binary forms, with or without
# Line 42  POSSIBILITY OF SUCH DAMAGE. Line 42  POSSIBILITY OF SUCH DAMAGE.
42  supporting internal functions that are not used by other modules. */  supporting internal functions that are not used by other modules. */
43    
44    
45    #ifdef HAVE_CONFIG_H
46    #include "config.h"
47    #endif
48    
49    #define NLBLOCK cd             /* Block containing newline information */
50    #define PSSTART start_pattern  /* Field containing processed string start */
51    #define PSEND   end_pattern    /* Field containing processed string end */
52    
53  #include "pcre_internal.h"  #include "pcre_internal.h"
54    
55    
56  /* When DEBUG is defined, we need the pcre_printint() function, which is also  /* When PCRE_DEBUG is defined, we need the pcre(16)_printint() function, which
57  used by pcretest. DEBUG is not defined when building a production library. */  is also used by pcretest. PCRE_DEBUG is not defined when building a production
58    library. We do not need to select pcre16_printint.c specially, because the
59    COMPILE_PCREx macro will already be appropriately set. */
60    
61  #ifdef DEBUG  #ifdef PCRE_DEBUG
62  #include "pcre_printint.src"  /* pcre_printint.c should not include any headers */
63    #define PCRE_INCLUDED
64    #include "pcre_printint.c"
65    #undef PCRE_INCLUDED
66  #endif  #endif
67    
68    
69    /* Macro for setting individual bits in class bitmaps. */
70    
71    #define SETBIT(a,b) a[b/8] |= (1 << (b%8))
72    
73    /* Maximum length value to check against when making sure that the integer that
74    holds the compiled pattern length does not overflow. We make it a bit less than
75    INT_MAX to allow for adding in group terminating bytes, so that we don't have
76    to check them every time. */
77    
78    #define OFLOW_MAX (INT_MAX - 20)
79    
80    
81  /*************************************************  /*************************************************
82  *      Code parameters and static tables         *  *      Code parameters and static tables         *
83  *************************************************/  *************************************************/
84    
85  /* Maximum number of items on the nested bracket stacks at compile time. This  /* This value specifies the size of stack workspace that is used during the
86  applies to the nesting of all kinds of parentheses. It does not limit  first pre-compile phase that determines how much memory is required. The regex
87  un-nested, non-capturing parentheses. This number can be made bigger if  is partly compiled into this space, but the compiled parts are discarded as
88  necessary - it is used to dimension one int and one unsigned char vector at  soon as they can be, so that hopefully there will never be an overrun. The code
89  compile time. */  does, however, check for an overrun. The largest amount I've seen used is 218,
90    so this number is very generous.
91    
92    The same workspace is used during the second, actual compile phase for
93    remembering forward references to groups so that they can be filled in at the
94    end. Each entry in this list occupies LINK_SIZE bytes, so even when LINK_SIZE
95    is 4 there is plenty of room for most patterns. However, the memory can get
96    filled up by repetitions of forward references, for example patterns like
97    /(?1){0,1999}(b)/, and one user did hit the limit. The code has been changed so
98    that the workspace is expanded using malloc() in this situation. The value
99    below is therefore a minimum, and we put a maximum on it for safety. The
100    minimum is now also defined in terms of LINK_SIZE so that the use of malloc()
101    kicks in at the same number of forward references in all cases. */
102    
103    #define COMPILE_WORK_SIZE (2048*LINK_SIZE)
104    #define COMPILE_WORK_SIZE_MAX (100*COMPILE_WORK_SIZE)
105    
106    /* The overrun tests check for a slightly smaller size so that they detect the
107    overrun before it actually does run off the end of the data block. */
108    
109    #define WORK_SIZE_SAFETY_MARGIN (100)
110    
111    /* Private flags added to firstchar and reqchar. */
112    
113  #define BRASTACK_SIZE 200  #define REQ_CASELESS   0x10000000l      /* Indicates caselessness */
114    #define REQ_VARY       0x20000000l      /* Reqchar followed non-literal item */
115    
116    /* Repeated character flags. */
117    
118    #define UTF_LENGTH     0x10000000l      /* The char contains its length. */
119    
120  /* Table for handling escaped characters in the range '0'-'z'. Positive returns  /* Table for handling escaped characters in the range '0'-'z'. Positive returns
121  are simple data values; negative values are for special things like \d and so  are simple data values; negative values are for special things like \d and so
122  on. Zero means further processing is needed (for things like \x), or the escape  on. Zero means further processing is needed (for things like \x), or the escape
123  is invalid. */  is invalid. */
124    
125  #if !EBCDIC   /* This is the "normal" table for ASCII systems */  #ifndef EBCDIC
126    
127    /* This is the "normal" table for ASCII systems or for EBCDIC systems running
128    in UTF-8 mode. */
129    
130  static const short int escapes[] = {  static const short int escapes[] = {
131       0,      0,      0,      0,      0,      0,      0,      0,   /* 0 - 7 */       0,                       0,
132       0,      0,    ':',    ';',    '<',    '=',    '>',    '?',   /* 8 - ? */       0,                       0,
133     '@', -ESC_A, -ESC_B, -ESC_C, -ESC_D, -ESC_E,      0, -ESC_G,   /* @ - G */       0,                       0,
134       0,      0,      0,      0,      0,      0,      0,      0,   /* H - O */       0,                       0,
135  -ESC_P, -ESC_Q,      0, -ESC_S,      0,      0,      0, -ESC_W,   /* P - W */       0,                       0,
136  -ESC_X,      0, -ESC_Z,    '[',   '\\',    ']',    '^',    '_',   /* X - _ */       CHAR_COLON,              CHAR_SEMICOLON,
137     '`',      7, -ESC_b,      0, -ESC_d,  ESC_e,  ESC_f,      0,   /* ` - g */       CHAR_LESS_THAN_SIGN,     CHAR_EQUALS_SIGN,
138       0,      0,      0,      0,      0,      0,  ESC_n,      0,   /* h - o */       CHAR_GREATER_THAN_SIGN,  CHAR_QUESTION_MARK,
139  -ESC_p,      0,  ESC_r, -ESC_s,  ESC_tee,    0,      0, -ESC_w,   /* p - w */       CHAR_COMMERCIAL_AT,      -ESC_A,
140       0,      0, -ESC_z                                            /* x - z */       -ESC_B,                  -ESC_C,
141         -ESC_D,                  -ESC_E,
142         0,                       -ESC_G,
143         -ESC_H,                  0,
144         0,                       -ESC_K,
145         0,                       0,
146         -ESC_N,                  0,
147         -ESC_P,                  -ESC_Q,
148         -ESC_R,                  -ESC_S,
149         0,                       0,
150         -ESC_V,                  -ESC_W,
151         -ESC_X,                  0,
152         -ESC_Z,                  CHAR_LEFT_SQUARE_BRACKET,
153         CHAR_BACKSLASH,          CHAR_RIGHT_SQUARE_BRACKET,
154         CHAR_CIRCUMFLEX_ACCENT,  CHAR_UNDERSCORE,
155         CHAR_GRAVE_ACCENT,       7,
156         -ESC_b,                  0,
157         -ESC_d,                  ESC_e,
158         ESC_f,                   0,
159         -ESC_h,                  0,
160         0,                       -ESC_k,
161         0,                       0,
162         ESC_n,                   0,
163         -ESC_p,                  0,
164         ESC_r,                   -ESC_s,
165         ESC_tee,                 0,
166         -ESC_v,                  -ESC_w,
167         0,                       0,
168         -ESC_z
169  };  };
170    
171  #else         /* This is the "abnormal" table for EBCDIC systems */  #else
172    
173    /* This is the "abnormal" table for EBCDIC systems without UTF-8 support. */
174    
175  static const short int escapes[] = {  static const short int escapes[] = {
176  /*  48 */     0,     0,      0,     '.',    '<',   '(',    '+',    '|',  /*  48 */     0,     0,      0,     '.',    '<',   '(',    '+',    '|',
177  /*  50 */   '&',     0,      0,       0,      0,     0,      0,      0,  /*  50 */   '&',     0,      0,       0,      0,     0,      0,      0,
# Line 96  static const short int escapes[] = { Line 181  static const short int escapes[] = {
181  /*  70 */     0,     0,      0,       0,      0,     0,      0,      0,  /*  70 */     0,     0,      0,       0,      0,     0,      0,      0,
182  /*  78 */     0,   '`',    ':',     '#',    '@',  '\'',    '=',    '"',  /*  78 */     0,   '`',    ':',     '#',    '@',  '\'',    '=',    '"',
183  /*  80 */     0,     7, -ESC_b,       0, -ESC_d, ESC_e,  ESC_f,      0,  /*  80 */     0,     7, -ESC_b,       0, -ESC_d, ESC_e,  ESC_f,      0,
184  /*  88 */     0,     0,      0,     '{',      0,     0,      0,      0,  /*  88 */-ESC_h,     0,      0,     '{',      0,     0,      0,      0,
185  /*  90 */     0,     0,      0,     'l',      0, ESC_n,      0, -ESC_p,  /*  90 */     0,     0, -ESC_k,     'l',      0, ESC_n,      0, -ESC_p,
186  /*  98 */     0, ESC_r,      0,     '}',      0,     0,      0,      0,  /*  98 */     0, ESC_r,      0,     '}',      0,     0,      0,      0,
187  /*  A0 */     0,   '~', -ESC_s, ESC_tee,      0,     0, -ESC_w,      0,  /*  A0 */     0,   '~', -ESC_s, ESC_tee,      0,-ESC_v, -ESC_w,      0,
188  /*  A8 */     0,-ESC_z,      0,       0,      0,   '[',      0,      0,  /*  A8 */     0,-ESC_z,      0,       0,      0,   '[',      0,      0,
189  /*  B0 */     0,     0,      0,       0,      0,     0,      0,      0,  /*  B0 */     0,     0,      0,       0,      0,     0,      0,      0,
190  /*  B8 */     0,     0,      0,       0,      0,   ']',    '=',    '-',  /*  B8 */     0,     0,      0,       0,      0,   ']',    '=',    '-',
191  /*  C0 */   '{',-ESC_A, -ESC_B,  -ESC_C, -ESC_D,-ESC_E,      0, -ESC_G,  /*  C0 */   '{',-ESC_A, -ESC_B,  -ESC_C, -ESC_D,-ESC_E,      0, -ESC_G,
192  /*  C8 */     0,     0,      0,       0,      0,     0,      0,      0,  /*  C8 */-ESC_H,     0,      0,       0,      0,     0,      0,      0,
193  /*  D0 */   '}',     0,      0,       0,      0,     0,      0, -ESC_P,  /*  D0 */   '}',     0, -ESC_K,       0,      0,-ESC_N,      0, -ESC_P,
194  /*  D8 */-ESC_Q,     0,      0,       0,      0,     0,      0,      0,  /*  D8 */-ESC_Q,-ESC_R,      0,       0,      0,     0,      0,      0,
195  /*  E0 */  '\\',     0, -ESC_S,       0,      0,     0, -ESC_W, -ESC_X,  /*  E0 */  '\\',     0, -ESC_S,       0,      0,-ESC_V, -ESC_W, -ESC_X,
196  /*  E8 */     0,-ESC_Z,      0,       0,      0,     0,      0,      0,  /*  E8 */     0,-ESC_Z,      0,       0,      0,     0,      0,      0,
197  /*  F0 */     0,     0,      0,       0,      0,     0,      0,      0,  /*  F0 */     0,     0,      0,       0,      0,     0,      0,      0,
198  /*  F8 */     0,     0,      0,       0,      0,     0,      0,      0  /*  F8 */     0,     0,      0,       0,      0,     0,      0,      0
# Line 115  static const short int escapes[] = { Line 200  static const short int escapes[] = {
200  #endif  #endif
201    
202    
203  /* Tables of names of POSIX character classes and their lengths. The list is  /* Table of special "verbs" like (*PRUNE). This is a short table, so it is
204  terminated by a zero length entry. The first three must be alpha, lower, upper,  searched linearly. Put all the names into a single string, in order to reduce
205  as this is assumed for handling case independence. */  the number of relocations when a shared library is dynamically linked. The
206    string is built from string macros so that it works in UTF-8 mode on EBCDIC
207  static const char *const posix_names[] = {  platforms. */
208    "alpha", "lower", "upper",  
209    "alnum", "ascii", "blank", "cntrl", "digit", "graph",  typedef struct verbitem {
210    "print", "punct", "space", "word",  "xdigit" };    int   len;                 /* Length of verb name */
211      int   op;                  /* Op when no arg, or -1 if arg mandatory */
212      int   op_arg;              /* Op when arg present, or -1 if not allowed */
213    } verbitem;
214    
215    static const char verbnames[] =
216      "\0"                       /* Empty name is a shorthand for MARK */
217      STRING_MARK0
218      STRING_ACCEPT0
219      STRING_COMMIT0
220      STRING_F0
221      STRING_FAIL0
222      STRING_PRUNE0
223      STRING_SKIP0
224      STRING_THEN;
225    
226    static const verbitem verbs[] = {
227      { 0, -1,        OP_MARK },
228      { 4, -1,        OP_MARK },
229      { 6, OP_ACCEPT, -1 },
230      { 6, OP_COMMIT, -1 },
231      { 1, OP_FAIL,   -1 },
232      { 4, OP_FAIL,   -1 },
233      { 5, OP_PRUNE,  OP_PRUNE_ARG },
234      { 4, OP_SKIP,   OP_SKIP_ARG  },
235      { 4, OP_THEN,   OP_THEN_ARG  }
236    };
237    
238    static const int verbcount = sizeof(verbs)/sizeof(verbitem);
239    
240    
241    /* Tables of names of POSIX character classes and their lengths. The names are
242    now all in a single string, to reduce the number of relocations when a shared
243    library is dynamically loaded. The list of lengths is terminated by a zero
244    length entry. The first three must be alpha, lower, upper, as this is assumed
245    for handling case independence. */
246    
247    static const char posix_names[] =
248      STRING_alpha0 STRING_lower0 STRING_upper0 STRING_alnum0
249      STRING_ascii0 STRING_blank0 STRING_cntrl0 STRING_digit0
250      STRING_graph0 STRING_print0 STRING_punct0 STRING_space0
251      STRING_word0  STRING_xdigit;
252    
253  static const uschar posix_name_lengths[] = {  static const pcre_uint8 posix_name_lengths[] = {
254    5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };    5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };
255    
256  /* Table of class bit maps for each POSIX class. Each class is formed from a  /* Table of class bit maps for each POSIX class. Each class is formed from a
# Line 154  static const int posix_class_maps[] = { Line 280  static const int posix_class_maps[] = {
280    cbit_xdigit,-1,          0              /* xdigit */    cbit_xdigit,-1,          0              /* xdigit */
281  };  };
282    
283    /* Table of substitutes for \d etc when PCRE_UCP is set. The POSIX class
284    substitutes must be in the order of the names, defined above, and there are
285    both positive and negative cases. NULL means no substitute. */
286    
287  /* The texts of compile-time error messages. These are "char *" because they  #ifdef SUPPORT_UCP
288  are passed to the outside world. */  static const pcre_uchar string_PNd[]  = {
289      CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
290      CHAR_N, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
291    static const pcre_uchar string_pNd[]  = {
292      CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
293      CHAR_N, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
294    static const pcre_uchar string_PXsp[] = {
295      CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
296      CHAR_X, CHAR_s, CHAR_p, CHAR_RIGHT_CURLY_BRACKET, '\0' };
297    static const pcre_uchar string_pXsp[] = {
298      CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
299      CHAR_X, CHAR_s, CHAR_p, CHAR_RIGHT_CURLY_BRACKET, '\0' };
300    static const pcre_uchar string_PXwd[] = {
301      CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
302      CHAR_X, CHAR_w, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
303    static const pcre_uchar string_pXwd[] = {
304      CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
305      CHAR_X, CHAR_w, CHAR_d, CHAR_RIGHT_CURLY_BRACKET, '\0' };
306    
307    static const pcre_uchar *substitutes[] = {
308      string_PNd,           /* \D */
309      string_pNd,           /* \d */
310      string_PXsp,          /* \S */       /* NOTE: Xsp is Perl space */
311      string_pXsp,          /* \s */
312      string_PXwd,          /* \W */
313      string_pXwd           /* \w */
314    };
315    
316    static const pcre_uchar string_pL[] =   {
317      CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
318      CHAR_L, CHAR_RIGHT_CURLY_BRACKET, '\0' };
319    static const pcre_uchar string_pLl[] =  {
320      CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
321      CHAR_L, CHAR_l, CHAR_RIGHT_CURLY_BRACKET, '\0' };
322    static const pcre_uchar string_pLu[] =  {
323      CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
324      CHAR_L, CHAR_u, CHAR_RIGHT_CURLY_BRACKET, '\0' };
325    static const pcre_uchar string_pXan[] = {
326      CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
327      CHAR_X, CHAR_a, CHAR_n, CHAR_RIGHT_CURLY_BRACKET, '\0' };
328    static const pcre_uchar string_h[] =    {
329      CHAR_BACKSLASH, CHAR_h, '\0' };
330    static const pcre_uchar string_pXps[] = {
331      CHAR_BACKSLASH, CHAR_p, CHAR_LEFT_CURLY_BRACKET,
332      CHAR_X, CHAR_p, CHAR_s, CHAR_RIGHT_CURLY_BRACKET, '\0' };
333    static const pcre_uchar string_PL[] =   {
334      CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
335      CHAR_L, CHAR_RIGHT_CURLY_BRACKET, '\0' };
336    static const pcre_uchar string_PLl[] =  {
337      CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
338      CHAR_L, CHAR_l, CHAR_RIGHT_CURLY_BRACKET, '\0' };
339    static const pcre_uchar string_PLu[] =  {
340      CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
341      CHAR_L, CHAR_u, CHAR_RIGHT_CURLY_BRACKET, '\0' };
342    static const pcre_uchar string_PXan[] = {
343      CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
344      CHAR_X, CHAR_a, CHAR_n, CHAR_RIGHT_CURLY_BRACKET, '\0' };
345    static const pcre_uchar string_H[] =    {
346      CHAR_BACKSLASH, CHAR_H, '\0' };
347    static const pcre_uchar string_PXps[] = {
348      CHAR_BACKSLASH, CHAR_P, CHAR_LEFT_CURLY_BRACKET,
349      CHAR_X, CHAR_p, CHAR_s, CHAR_RIGHT_CURLY_BRACKET, '\0' };
350    
351    static const pcre_uchar *posix_substitutes[] = {
352      string_pL,            /* alpha */
353      string_pLl,           /* lower */
354      string_pLu,           /* upper */
355      string_pXan,          /* alnum */
356      NULL,                 /* ascii */
357      string_h,             /* blank */
358      NULL,                 /* cntrl */
359      string_pNd,           /* digit */
360      NULL,                 /* graph */
361      NULL,                 /* print */
362      NULL,                 /* punct */
363      string_pXps,          /* space */    /* NOTE: Xps is POSIX space */
364      string_pXwd,          /* word */
365      NULL,                 /* xdigit */
366      /* Negated cases */
367      string_PL,            /* ^alpha */
368      string_PLl,           /* ^lower */
369      string_PLu,           /* ^upper */
370      string_PXan,          /* ^alnum */
371      NULL,                 /* ^ascii */
372      string_H,             /* ^blank */
373      NULL,                 /* ^cntrl */
374      string_PNd,           /* ^digit */
375      NULL,                 /* ^graph */
376      NULL,                 /* ^print */
377      NULL,                 /* ^punct */
378      string_PXps,          /* ^space */   /* NOTE: Xps is POSIX space */
379      string_PXwd,          /* ^word */
380      NULL                  /* ^xdigit */
381    };
382    #define POSIX_SUBSIZE (sizeof(posix_substitutes) / sizeof(pcre_uchar *))
383    #endif
384    
385  static const char *error_texts[] = {  #define STRING(a)  # a
386    "no error",  #define XSTRING(s) STRING(s)
387    "\\ at end of pattern",  
388    "\\c at end of pattern",  /* The texts of compile-time error messages. These are "char *" because they
389    "unrecognized character follows \\",  are passed to the outside world. Do not ever re-use any error number, because
390    "numbers out of order in {} quantifier",  they are documented. Always add a new error instead. Messages marked DEAD below
391    are no longer used. This used to be a table of strings, but in order to reduce
392    the number of relocations needed when a shared library is loaded dynamically,
393    it is now one long string. We cannot use a table of offsets, because the
394    lengths of inserts such as XSTRING(MAX_NAME_SIZE) are not known. Instead, we
395    simply count through to the one we want - this isn't a performance issue
396    because these strings are used only when there is a compilation error.
397    
398    Each substring ends with \0 to insert a null character. This includes the final
399    substring, so that the whole string ends with \0\0, which can be detected when
400    counting through. */
401    
402    static const char error_texts[] =
403      "no error\0"
404      "\\ at end of pattern\0"
405      "\\c at end of pattern\0"
406      "unrecognized character follows \\\0"
407      "numbers out of order in {} quantifier\0"
408    /* 5 */    /* 5 */
409    "number too big in {} quantifier",    "number too big in {} quantifier\0"
410    "missing terminating ] for character class",    "missing terminating ] for character class\0"
411    "invalid escape sequence in character class",    "invalid escape sequence in character class\0"
412    "range out of order in character class",    "range out of order in character class\0"
413    "nothing to repeat",    "nothing to repeat\0"
414    /* 10 */    /* 10 */
415    "operand of unlimited repeat could match the empty string",    "operand of unlimited repeat could match the empty string\0"  /** DEAD **/
416    "internal error: unexpected repeat",    "internal error: unexpected repeat\0"
417    "unrecognized character after (?",    "unrecognized character after (? or (?-\0"
418    "POSIX named classes are supported only within a class",    "POSIX named classes are supported only within a class\0"
419    "missing )",    "missing )\0"
420    /* 15 */    /* 15 */
421    "reference to non-existent subpattern",    "reference to non-existent subpattern\0"
422    "erroffset passed as NULL",    "erroffset passed as NULL\0"
423    "unknown option bit(s) set",    "unknown option bit(s) set\0"
424    "missing ) after comment",    "missing ) after comment\0"
425    "parentheses nested too deeply",    "parentheses nested too deeply\0"  /** DEAD **/
426    /* 20 */    /* 20 */
427    "regular expression too large",    "regular expression is too large\0"
428    "failed to get memory",    "failed to get memory\0"
429    "unmatched parentheses",    "unmatched parentheses\0"
430    "internal error: code overflow",    "internal error: code overflow\0"
431    "unrecognized character after (?<",    "unrecognized character after (?<\0"
432    /* 25 */    /* 25 */
433    "lookbehind assertion is not fixed length",    "lookbehind assertion is not fixed length\0"
434    "malformed number after (?(",    "malformed number or name after (?(\0"
435    "conditional group contains more than two branches",    "conditional group contains more than two branches\0"
436    "assertion expected after (?(",    "assertion expected after (?(\0"
437    "(?R or (?digits must be followed by )",    "(?R or (?[+-]digits must be followed by )\0"
438    /* 30 */    /* 30 */
439    "unknown POSIX class name",    "unknown POSIX class name\0"
440    "POSIX collating elements are not supported",    "POSIX collating elements are not supported\0"
441    "this version of PCRE is not compiled with PCRE_UTF8 support",    "this version of PCRE is compiled without UTF support\0"
442    "spare error",    "spare error\0"  /** DEAD **/
443    "character value in \\x{...} sequence is too large",    "character value in \\x{...} sequence is too large\0"
444    /* 35 */    /* 35 */
445    "invalid condition (?(0)",    "invalid condition (?(0)\0"
446    "\\C not allowed in lookbehind assertion",    "\\C not allowed in lookbehind assertion\0"
447    "PCRE does not support \\L, \\l, \\N, \\U, or \\u",    "PCRE does not support \\L, \\l, \\N{name}, \\U, or \\u\0"
448    "number after (?C is > 255",    "number after (?C is > 255\0"
449    "closing ) for (?C expected",    "closing ) for (?C expected\0"
450    /* 40 */    /* 40 */
451    "recursive call could loop indefinitely",    "recursive call could loop indefinitely\0"
452    "unrecognized character after (?P",    "unrecognized character after (?P\0"
453    "syntax error after (?P",    "syntax error in subpattern name (missing terminator)\0"
454    "two named groups have the same name",    "two named subpatterns have the same name\0"
455    "invalid UTF-8 string",    "invalid UTF-8 string\0"
456    /* 45 */    /* 45 */
457    "support for \\P, \\p, and \\X has not been compiled",    "support for \\P, \\p, and \\X has not been compiled\0"
458    "malformed \\P or \\p sequence",    "malformed \\P or \\p sequence\0"
459    "unknown property name after \\P or \\p"    "unknown property name after \\P or \\p\0"
460  };    "subpattern name is too long (maximum " XSTRING(MAX_NAME_SIZE) " characters)\0"
461      "too many named subpatterns (maximum " XSTRING(MAX_NAME_COUNT) ")\0"
462      /* 50 */
463      "repeated subpattern is too long\0"    /** DEAD **/
464      "octal value is greater than \\377 in 8-bit non-UTF-8 mode\0"
465      "internal error: overran compiling workspace\0"
466      "internal error: previously-checked referenced subpattern not found\0"
467      "DEFINE group contains more than one branch\0"
468      /* 55 */
469      "repeating a DEFINE group is not allowed\0"  /** DEAD **/
470      "inconsistent NEWLINE options\0"
471      "\\g is not followed by a braced, angle-bracketed, or quoted name/number or by a plain number\0"
472      "a numbered reference must not be zero\0"
473      "an argument is not allowed for (*ACCEPT), (*FAIL), or (*COMMIT)\0"
474      /* 60 */
475      "(*VERB) not recognized\0"
476      "number is too big\0"
477      "subpattern name expected\0"
478      "digit expected after (?+\0"
479      "] is an invalid data character in JavaScript compatibility mode\0"
480      /* 65 */
481      "different names for subpatterns of the same number are not allowed\0"
482      "(*MARK) must have an argument\0"
483      "this version of PCRE is not compiled with Unicode property support\0"
484      "\\c must be followed by an ASCII character\0"
485      "\\k is not followed by a braced, angle-bracketed, or quoted name\0"
486      /* 70 */
487      "internal error: unknown opcode in find_fixedlength()\0"
488      "\\N is not supported in a class\0"
489      "too many forward references\0"
490      "disallowed Unicode code point (>= 0xd800 && <= 0xdfff)\0"
491      "invalid UTF-16 string\0"
492      /* 75 */
493      "name is too long in (*MARK), (*PRUNE), (*SKIP), or (*THEN)\0"
494      ;
495    
496  /* Table to identify digits and hex digits. This is used when compiling  /* Table to identify digits and hex digits. This is used when compiling
497  patterns. Note that the tables in chartables are dependent on the locale, and  patterns. Note that the tables in chartables are dependent on the locale, and
# Line 235  For convenience, we use the same bit def Line 509  For convenience, we use the same bit def
509    
510  Then we can use ctype_digit and ctype_xdigit in the code. */  Then we can use ctype_digit and ctype_xdigit in the code. */
511    
512  #if !EBCDIC    /* This is the "normal" case, for ASCII systems */  /* Using a simple comparison for decimal numbers rather than a memory read
513  static const unsigned char digitab[] =  is much faster, and the resulting code is simpler (the compiler turns it
514    into a subtraction and unsigned comparison). */
515    
516    #define IS_DIGIT(x) ((x) >= CHAR_0 && (x) <= CHAR_9)
517    
518    #ifndef EBCDIC
519    
520    /* This is the "normal" case, for ASCII systems, and EBCDIC systems running in
521    UTF-8 mode. */
522    
523    static const pcre_uint8 digitab[] =
524    {    {
525    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7 */
526    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   8- 15 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   8- 15 */
# Line 271  static const unsigned char digitab[] = Line 555  static const unsigned char digitab[] =
555    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 240-247 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 240-247 */
556    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};/* 248-255 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};/* 248-255 */
557    
558  #else          /* This is the "abnormal" case, for EBCDIC systems */  #else
559  static const unsigned char digitab[] =  
560    /* This is the "abnormal" case, for EBCDIC systems not running in UTF-8 mode. */
561    
562    static const pcre_uint8 digitab[] =
563    {    {
564    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7  0 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7  0 */
565    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   8- 15    */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   8- 15    */
# Line 285  static const unsigned char digitab[] = Line 572  static const unsigned char digitab[] =
572    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*    - 71 40 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*    - 71 40 */
573    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  72- |     */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  72- |     */
574    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  & - 87 50 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  & - 87 50 */
575    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  88-     */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  88- 95    */
576    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  - -103 60 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  - -103 60 */
577    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 104- ?     */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 104- ?     */
578    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 70 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 70 */
# Line 307  static const unsigned char digitab[] = Line 594  static const unsigned char digitab[] =
594    0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c, /*  0 - 7  F0 */    0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c, /*  0 - 7  F0 */
595    0x0c,0x0c,0x00,0x00,0x00,0x00,0x00,0x00};/*  8 -255    */    0x0c,0x0c,0x00,0x00,0x00,0x00,0x00,0x00};/*  8 -255    */
596    
597  static const unsigned char ebcdic_chartab[] = { /* chartable partial dup */  static const pcre_uint8 ebcdic_chartab[] = { /* chartable partial dup */
598    0x80,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /*   0-  7 */    0x80,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /*   0-  7 */
599    0x00,0x00,0x00,0x00,0x01,0x01,0x00,0x00, /*   8- 15 */    0x00,0x00,0x00,0x00,0x01,0x01,0x00,0x00, /*   8- 15 */
600    0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /*  16- 23 */    0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00, /*  16- 23 */
# Line 319  static const unsigned char ebcdic_charta Line 606  static const unsigned char ebcdic_charta
606    0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*    - 71 */    0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*    - 71 */
607    0x00,0x00,0x00,0x80,0x00,0x80,0x80,0x80, /*  72- |  */    0x00,0x00,0x00,0x80,0x00,0x80,0x80,0x80, /*  72- |  */
608    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  & - 87 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  & - 87 */
609    0x00,0x00,0x00,0x80,0x80,0x80,0x00,0x00, /*  88-  */    0x00,0x00,0x00,0x80,0x80,0x80,0x00,0x00, /*  88- 95 */
610    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  - -103 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  - -103 */
611    0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x80, /* 104- ?  */    0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x80, /* 104- ?  */
612    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 */    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 */
# Line 346  static const unsigned char ebcdic_charta Line 633  static const unsigned char ebcdic_charta
633  /* Definition to allow mutual recursion */  /* Definition to allow mutual recursion */
634    
635  static BOOL  static BOOL
636    compile_regex(int, int, int *, uschar **, const uschar **, int *, BOOL, int,    compile_regex(int, pcre_uchar **, const pcre_uchar **, int *, BOOL, BOOL, int, int,
637      int *, int *, branch_chain *, compile_data *);      int *, int *, branch_chain *, compile_data *, int *);
638    
639    
640    
641    /*************************************************
642    *            Find an error text                  *
643    *************************************************/
644    
645    /* The error texts are now all in one long string, to save on relocations. As
646    some of the text is of unknown length, we can't use a table of offsets.
647    Instead, just count through the strings. This is not a performance issue
648    because it happens only when there has been a compilation error.
649    
650    Argument:   the error number
651    Returns:    pointer to the error string
652    */
653    
654    static const char *
655    find_error_text(int n)
656    {
657    const char *s = error_texts;
658    for (; n > 0; n--)
659      {
660      while (*s++ != 0) {};
661      if (*s == 0) return "Error text not found (please report)";
662      }
663    return s;
664    }
665    
666    
667    /*************************************************
668    *           Expand the workspace                 *
669    *************************************************/
670    
671    /* This function is called during the second compiling phase, if the number of
672    forward references fills the existing workspace, which is originally a block on
673    the stack. A larger block is obtained from malloc() unless the ultimate limit
674    has been reached or the increase will be rather small.
675    
676    Argument: pointer to the compile data block
677    Returns:  0 if all went well, else an error number
678    */
679    
680    static int
681    expand_workspace(compile_data *cd)
682    {
683    pcre_uchar *newspace;
684    int newsize = cd->workspace_size * 2;
685    
686    if (newsize > COMPILE_WORK_SIZE_MAX) newsize = COMPILE_WORK_SIZE_MAX;
687    if (cd->workspace_size >= COMPILE_WORK_SIZE_MAX ||
688        newsize - cd->workspace_size < WORK_SIZE_SAFETY_MARGIN)
689     return ERR72;
690    
691    newspace = (PUBL(malloc))(IN_UCHARS(newsize));
692    if (newspace == NULL) return ERR21;
693    memcpy(newspace, cd->start_workspace, cd->workspace_size * sizeof(pcre_uchar));
694    cd->hwm = (pcre_uchar *)newspace + (cd->hwm - cd->start_workspace);
695    if (cd->workspace_size > COMPILE_WORK_SIZE)
696      (PUBL(free))((void *)cd->start_workspace);
697    cd->start_workspace = newspace;
698    cd->workspace_size = newsize;
699    return 0;
700    }
701    
702    
703    
704    /*************************************************
705    *            Check for counted repeat            *
706    *************************************************/
707    
708    /* This function is called when a '{' is encountered in a place where it might
709    start a quantifier. It looks ahead to see if it really is a quantifier or not.
710    It is only a quantifier if it is one of the forms {ddd} {ddd,} or {ddd,ddd}
711    where the ddds are digits.
712    
713    Arguments:
714      p         pointer to the first char after '{'
715    
716    Returns:    TRUE or FALSE
717    */
718    
719    static BOOL
720    is_counted_repeat(const pcre_uchar *p)
721    {
722    if (!IS_DIGIT(*p)) return FALSE;
723    p++;
724    while (IS_DIGIT(*p)) p++;
725    if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
726    
727    if (*p++ != CHAR_COMMA) return FALSE;
728    if (*p == CHAR_RIGHT_CURLY_BRACKET) return TRUE;
729    
730    if (!IS_DIGIT(*p)) return FALSE;
731    p++;
732    while (IS_DIGIT(*p)) p++;
733    
734    return (*p == CHAR_RIGHT_CURLY_BRACKET);
735    }
736    
737    
738    
# Line 357  static BOOL Line 742  static BOOL
742    
743  /* This function is called when a \ has been encountered. It either returns a  /* This function is called when a \ has been encountered. It either returns a
744  positive value for a simple escape such as \n, or a negative value which  positive value for a simple escape such as \n, or a negative value which
745  encodes one of the more complicated things such as \d. When UTF-8 is enabled,  encodes one of the more complicated things such as \d. A backreference to group
746  a positive value greater than 255 may be returned. On entry, ptr is pointing at  n is returned as -(ESC_REF + n); ESC_REF is the highest ESC_xxx macro. When
747  the \. On exit, it is on the final character of the escape sequence.  UTF-8 is enabled, a positive value greater than 255 may be returned. On entry,
748    ptr is pointing at the \. On exit, it is on the final character of the escape
749    sequence.
750    
751  Arguments:  Arguments:
752    ptrptr         points to the pattern position pointer    ptrptr         points to the pattern position pointer
# Line 370  Arguments: Line 757  Arguments:
757    
758  Returns:         zero or positive => a data character  Returns:         zero or positive => a data character
759                   negative => a special escape sequence                   negative => a special escape sequence
760                   on error, errorptr is set                   on error, errorcodeptr is set
761  */  */
762    
763  static int  static int
764  check_escape(const uschar **ptrptr, int *errorcodeptr, int bracount,  check_escape(const pcre_uchar **ptrptr, int *errorcodeptr, int bracount,
765    int options, BOOL isclass)    int options, BOOL isclass)
766  {  {
767  BOOL utf8 = (options & PCRE_UTF8) != 0;  /* PCRE_UTF16 has the same value as PCRE_UTF8. */
768  const uschar *ptr = *ptrptr + 1;  BOOL utf = (options & PCRE_UTF8) != 0;
769  int c, i;  const pcre_uchar *ptr = *ptrptr + 1;
770    pcre_int32 c;
771    int i;
772    
773  GETCHARINCTEST(c, ptr);           /* Get character value, increment pointer */  GETCHARINCTEST(c, ptr);           /* Get character value, increment pointer */
774  ptr--;                            /* Set pointer back to the last byte */  ptr--;                            /* Set pointer back to the last byte */
# Line 388  ptr--;                            /* Set Line 777  ptr--;                            /* Set
777    
778  if (c == 0) *errorcodeptr = ERR1;  if (c == 0) *errorcodeptr = ERR1;
779    
780  /* Non-alphamerics are literals. For digits or letters, do an initial lookup in  /* Non-alphanumerics are literals. For digits or letters, do an initial lookup
781  a table. A non-zero result is something that can be returned immediately.  in a table. A non-zero result is something that can be returned immediately.
782  Otherwise further processing may be required. */  Otherwise further processing may be required. */
783    
784  #if !EBCDIC    /* ASCII coding */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
785  else if (c < '0' || c > 'z') {}                           /* Not alphameric */  /* Not alphanumeric */
786  else if ((i = escapes[c - '0']) != 0) c = i;  else if (c < CHAR_0 || c > CHAR_z) {}
787    else if ((i = escapes[c - CHAR_0]) != 0) c = i;
788  #else          /* EBCDIC coding */  
789  else if (c < 'a' || (ebcdic_chartab[c] & 0x0E) == 0) {}   /* Not alphameric */  #else           /* EBCDIC coding */
790    /* Not alphanumeric */
791    else if (c < 'a' || (!MAX_255(c) || (ebcdic_chartab[c] & 0x0E) == 0)) {}
792  else if ((i = escapes[c - 0x48]) != 0)  c = i;  else if ((i = escapes[c - 0x48]) != 0)  c = i;
793  #endif  #endif
794    
# Line 405  else if ((i = escapes[c - 0x48]) != 0) Line 796  else if ((i = escapes[c - 0x48]) != 0)
796    
797  else  else
798    {    {
799    const uschar *oldptr;    const pcre_uchar *oldptr;
800      BOOL braced, negated;
801    
802    switch (c)    switch (c)
803      {      {
804      /* A number of Perl escapes are not handled by PCRE. We give an explicit      /* A number of Perl escapes are not handled by PCRE. We give an explicit
805      error. */      error. */
806    
807      case 'l':      case CHAR_l:
808      case 'L':      case CHAR_L:
     case 'N':  
     case 'u':  
     case 'U':  
809      *errorcodeptr = ERR37;      *errorcodeptr = ERR37;
810      break;      break;
811    
812        case CHAR_u:
813        if ((options & PCRE_JAVASCRIPT_COMPAT) != 0)
814          {
815          /* In JavaScript, \u must be followed by four hexadecimal numbers.
816          Otherwise it is a lowercase u letter. */
817          if (MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0
818            && MAX_255(ptr[2]) && (digitab[ptr[2]] & ctype_xdigit) != 0
819            && MAX_255(ptr[3]) && (digitab[ptr[3]] & ctype_xdigit) != 0
820            && MAX_255(ptr[4]) && (digitab[ptr[4]] & ctype_xdigit) != 0)
821            {
822            c = 0;
823            for (i = 0; i < 4; ++i)
824              {
825              register int cc = *(++ptr);
826    #ifndef EBCDIC  /* ASCII/UTF-8 coding */
827              if (cc >= CHAR_a) cc -= 32;               /* Convert to upper case */
828              c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
829    #else           /* EBCDIC coding */
830              if (cc >= CHAR_a && cc <= CHAR_z) cc += 64;  /* Convert to upper case */
831              c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
832    #endif
833              }
834            }
835          }
836        else
837          *errorcodeptr = ERR37;
838        break;
839    
840        case CHAR_U:
841        /* In JavaScript, \U is an uppercase U letter. */
842        if ((options & PCRE_JAVASCRIPT_COMPAT) == 0) *errorcodeptr = ERR37;
843        break;
844    
845        /* In a character class, \g is just a literal "g". Outside a character
846        class, \g must be followed by one of a number of specific things:
847    
848        (1) A number, either plain or braced. If positive, it is an absolute
849        backreference. If negative, it is a relative backreference. This is a Perl
850        5.10 feature.
851    
852        (2) Perl 5.10 also supports \g{name} as a reference to a named group. This
853        is part of Perl's movement towards a unified syntax for back references. As
854        this is synonymous with \k{name}, we fudge it up by pretending it really
855        was \k.
856    
857        (3) For Oniguruma compatibility we also support \g followed by a name or a
858        number either in angle brackets or in single quotes. However, these are
859        (possibly recursive) subroutine calls, _not_ backreferences. Just return
860        the -ESC_g code (cf \k). */
861    
862        case CHAR_g:
863        if (isclass) break;
864        if (ptr[1] == CHAR_LESS_THAN_SIGN || ptr[1] == CHAR_APOSTROPHE)
865          {
866          c = -ESC_g;
867          break;
868          }
869    
870        /* Handle the Perl-compatible cases */
871    
872        if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
873          {
874          const pcre_uchar *p;
875          for (p = ptr+2; *p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET; p++)
876            if (*p != CHAR_MINUS && !IS_DIGIT(*p)) break;
877          if (*p != 0 && *p != CHAR_RIGHT_CURLY_BRACKET)
878            {
879            c = -ESC_k;
880            break;
881            }
882          braced = TRUE;
883          ptr++;
884          }
885        else braced = FALSE;
886    
887        if (ptr[1] == CHAR_MINUS)
888          {
889          negated = TRUE;
890          ptr++;
891          }
892        else negated = FALSE;
893    
894        /* The integer range is limited by the machine's int representation. */
895        c = 0;
896        while (IS_DIGIT(ptr[1]))
897          {
898          if (((unsigned int)c) > INT_MAX / 10) /* Integer overflow */
899            {
900            c = -1;
901            break;
902            }
903          c = c * 10 + *(++ptr) - CHAR_0;
904          }
905        if (((unsigned int)c) > INT_MAX) /* Integer overflow */
906          {
907          while (IS_DIGIT(ptr[1]))
908            ptr++;
909          *errorcodeptr = ERR61;
910          break;
911          }
912    
913        if (braced && *(++ptr) != CHAR_RIGHT_CURLY_BRACKET)
914          {
915          *errorcodeptr = ERR57;
916          break;
917          }
918    
919        if (c == 0)
920          {
921          *errorcodeptr = ERR58;
922          break;
923          }
924    
925        if (negated)
926          {
927          if (c > bracount)
928            {
929            *errorcodeptr = ERR15;
930            break;
931            }
932          c = bracount - (c - 1);
933          }
934    
935        c = -(ESC_REF + c);
936        break;
937    
938      /* The handling of escape sequences consisting of a string of digits      /* The handling of escape sequences consisting of a string of digits
939      starting with one that is not zero is not straightforward. By experiment,      starting with one that is not zero is not straightforward. By experiment,
940      the way Perl works seems to be as follows:      the way Perl works seems to be as follows:
# Line 431  else Line 947  else
947      value is greater than 377, the least significant 8 bits are taken. Inside a      value is greater than 377, the least significant 8 bits are taken. Inside a
948      character class, \ followed by a digit is always an octal number. */      character class, \ followed by a digit is always an octal number. */
949    
950      case '1': case '2': case '3': case '4': case '5':      case CHAR_1: case CHAR_2: case CHAR_3: case CHAR_4: case CHAR_5:
951      case '6': case '7': case '8': case '9':      case CHAR_6: case CHAR_7: case CHAR_8: case CHAR_9:
952    
953      if (!isclass)      if (!isclass)
954        {        {
955        oldptr = ptr;        oldptr = ptr;
956        c -= '0';        /* The integer range is limited by the machine's int representation. */
957        while ((digitab[ptr[1]] & ctype_digit) != 0)        c -= CHAR_0;
958          c = c * 10 + *(++ptr) - '0';        while (IS_DIGIT(ptr[1]))
959            {
960            if (((unsigned int)c) > INT_MAX / 10) /* Integer overflow */
961              {
962              c = -1;
963              break;
964              }
965            c = c * 10 + *(++ptr) - CHAR_0;
966            }
967          if (((unsigned int)c) > INT_MAX) /* Integer overflow */
968            {
969            while (IS_DIGIT(ptr[1]))
970              ptr++;
971            *errorcodeptr = ERR61;
972            break;
973            }
974        if (c < 10 || c <= bracount)        if (c < 10 || c <= bracount)
975          {          {
976          c = -(ESC_REF + c);          c = -(ESC_REF + c);
# Line 452  else Line 983  else
983      generates a binary zero byte and treats the digit as a following literal.      generates a binary zero byte and treats the digit as a following literal.
984      Thus we have to pull back the pointer by one. */      Thus we have to pull back the pointer by one. */
985    
986      if ((c = *ptr) >= '8')      if ((c = *ptr) >= CHAR_8)
987        {        {
988        ptr--;        ptr--;
989        c = 0;        c = 0;
# Line 460  else Line 991  else
991        }        }
992    
993      /* \0 always starts an octal number, but we may drop through to here with a      /* \0 always starts an octal number, but we may drop through to here with a
994      larger first octal digit. */      larger first octal digit. The original code used just to take the least
995        significant 8 bits of octal numbers (I think this is what early Perls used
996      case '0':      to do). Nowadays we allow for larger numbers in UTF-8 mode and 16-bit mode,
997      c -= '0';      but no more than 3 octal digits. */
998      while(i++ < 2 && ptr[1] >= '0' && ptr[1] <= '7')  
999          c = c * 8 + *(++ptr) - '0';      case CHAR_0:
1000      c &= 255;     /* Take least significant 8 bits */      c -= CHAR_0;
1001        while(i++ < 2 && ptr[1] >= CHAR_0 && ptr[1] <= CHAR_7)
1002            c = c * 8 + *(++ptr) - CHAR_0;
1003    #ifdef COMPILE_PCRE8
1004        if (!utf && c > 0xff) *errorcodeptr = ERR51;
1005    #endif
1006      break;      break;
1007    
1008      /* \x is complicated. \x{ddd} is a character number which can be greater      /* \x is complicated. \x{ddd} is a character number which can be greater
1009      than 0xff in utf8 mode, but only if the ddd are hex digits. If not, { is      than 0xff in utf or non-8bit mode, but only if the ddd are hex digits.
1010      treated as a data character. */      If not, { is treated as a data character. */
1011    
1012        case CHAR_x:
1013        if ((options & PCRE_JAVASCRIPT_COMPAT) != 0)
1014          {
1015          /* In JavaScript, \x must be followed by two hexadecimal numbers.
1016          Otherwise it is a lowercase x letter. */
1017          if (MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0
1018            && MAX_255(ptr[2]) && (digitab[ptr[2]] & ctype_xdigit) != 0)
1019            {
1020            c = 0;
1021            for (i = 0; i < 2; ++i)
1022              {
1023              register int cc = *(++ptr);
1024    #ifndef EBCDIC  /* ASCII/UTF-8 coding */
1025              if (cc >= CHAR_a) cc -= 32;               /* Convert to upper case */
1026              c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1027    #else           /* EBCDIC coding */
1028              if (cc >= CHAR_a && cc <= CHAR_z) cc += 64;  /* Convert to upper case */
1029              c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1030    #endif
1031              }
1032            }
1033          break;
1034          }
1035    
1036      case 'x':      if (ptr[1] == CHAR_LEFT_CURLY_BRACKET)
     if (ptr[1] == '{')  
1037        {        {
1038        const uschar *pt = ptr + 2;        const pcre_uchar *pt = ptr + 2;
       int count = 0;  
1039    
1040        c = 0;        c = 0;
1041        while ((digitab[*pt] & ctype_xdigit) != 0)        while (MAX_255(*pt) && (digitab[*pt] & ctype_xdigit) != 0)
1042          {          {
1043          register int cc = *pt++;          register int cc = *pt++;
1044          if (c == 0 && cc == '0') continue;     /* Leading zeroes */          if (c == 0 && cc == CHAR_0) continue;     /* Leading zeroes */
1045          count++;  
1046    #ifndef EBCDIC  /* ASCII/UTF-8 coding */
1047            if (cc >= CHAR_a) cc -= 32;               /* Convert to upper case */
1048            c = (c << 4) + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1049    #else           /* EBCDIC coding */
1050            if (cc >= CHAR_a && cc <= CHAR_z) cc += 64;  /* Convert to upper case */
1051            c = (c << 4) + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1052    #endif
1053    
1054  #if !EBCDIC    /* ASCII coding */  #ifdef COMPILE_PCRE8
1055          if (cc >= 'a') cc -= 32;               /* Convert to upper case */          if (c > (utf ? 0x10ffff : 0xff)) { c = -1; break; }
1056          c = (c << 4) + cc - ((cc < 'A')? '0' : ('A' - 10));  #else
1057  #else          /* EBCDIC coding */  #ifdef COMPILE_PCRE16
1058          if (cc >= 'a' && cc <= 'z') cc += 64;  /* Convert to upper case */          if (c > (utf ? 0x10ffff : 0xffff)) { c = -1; break; }
         c = (c << 4) + cc - ((cc >= '0')? '0' : ('A' - 10));  
1059  #endif  #endif
1060    #endif
1061            }
1062    
1063          if (c < 0)
1064            {
1065            while (MAX_255(*pt) && (digitab[*pt] & ctype_xdigit) != 0) pt++;
1066            *errorcodeptr = ERR34;
1067          }          }
1068    
1069        if (*pt == '}')        if (*pt == CHAR_RIGHT_CURLY_BRACKET)
1070          {          {
1071          if (c < 0 || count > (utf8? 8 : 2)) *errorcodeptr = ERR34;          if (utf && c >= 0xd800 && c <= 0xdfff) *errorcodeptr = ERR73;
1072          ptr = pt;          ptr = pt;
1073          break;          break;
1074          }          }
# Line 509  else Line 1080  else
1080      /* Read just a single-byte hex-defined char */      /* Read just a single-byte hex-defined char */
1081    
1082      c = 0;      c = 0;
1083      while (i++ < 2 && (digitab[ptr[1]] & ctype_xdigit) != 0)      while (i++ < 2 && MAX_255(ptr[1]) && (digitab[ptr[1]] & ctype_xdigit) != 0)
1084        {        {
1085        int cc;                               /* Some compilers don't like ++ */        int cc;                                  /* Some compilers don't like */
1086        cc = *(++ptr);                        /* in initializers */        cc = *(++ptr);                           /* ++ in initializers */
1087  #if !EBCDIC    /* ASCII coding */  #ifndef EBCDIC  /* ASCII/UTF-8 coding */
1088        if (cc >= 'a') cc -= 32;              /* Convert to upper case */        if (cc >= CHAR_a) cc -= 32;              /* Convert to upper case */
1089        c = c * 16 + cc - ((cc < 'A')? '0' : ('A' - 10));        c = c * 16 + cc - ((cc < CHAR_A)? CHAR_0 : (CHAR_A - 10));
1090  #else          /* EBCDIC coding */  #else           /* EBCDIC coding */
1091        if (cc <= 'z') cc += 64;              /* Convert to upper case */        if (cc <= CHAR_z) cc += 64;              /* Convert to upper case */
1092        c = c * 16 + cc - ((cc >= '0')? '0' : ('A' - 10));        c = c * 16 + cc - ((cc >= CHAR_0)? CHAR_0 : (CHAR_A - 10));
1093  #endif  #endif
1094        }        }
1095      break;      break;
1096    
1097      /* Other special escapes not starting with a digit are straightforward */      /* For \c, a following letter is upper-cased; then the 0x40 bit is flipped.
1098        An error is given if the byte following \c is not an ASCII character. This
1099        coding is ASCII-specific, but then the whole concept of \cx is
1100        ASCII-specific. (However, an EBCDIC equivalent has now been added.) */
1101    
1102      case 'c':      case CHAR_c:
1103      c = *(++ptr);      c = *(++ptr);
1104      if (c == 0)      if (c == 0)
1105        {        {
1106        *errorcodeptr = ERR2;        *errorcodeptr = ERR2;
1107        return 0;        break;
1108        }        }
1109    #ifndef EBCDIC    /* ASCII/UTF-8 coding */
1110      /* A letter is upper-cased; then the 0x40 bit is flipped. This coding      if (c > 127)  /* Excludes all non-ASCII in either mode */
1111      is ASCII-specific, but then the whole concept of \cx is ASCII-specific.        {
1112      (However, an EBCDIC equivalent has now been added.) */        *errorcodeptr = ERR68;
1113          break;
1114  #if !EBCDIC    /* ASCII coding */        }
1115      if (c >= 'a' && c <= 'z') c -= 32;      if (c >= CHAR_a && c <= CHAR_z) c -= 32;
1116      c ^= 0x40;      c ^= 0x40;
1117  #else          /* EBCDIC coding */  #else             /* EBCDIC coding */
1118      if (c >= 'a' && c <= 'z') c += 64;      if (c >= CHAR_a && c <= CHAR_z) c += 64;
1119      c ^= 0xC0;      c ^= 0xC0;
1120  #endif  #endif
1121      break;      break;
1122    
1123      /* PCRE_EXTRA enables extensions to Perl in the matter of escapes. Any      /* PCRE_EXTRA enables extensions to Perl in the matter of escapes. Any
1124      other alphameric following \ is an error if PCRE_EXTRA was set; otherwise,      other alphanumeric following \ is an error if PCRE_EXTRA was set;
1125      for Perl compatibility, it is a literal. This code looks a bit odd, but      otherwise, for Perl compatibility, it is a literal. This code looks a bit
1126      there used to be some cases other than the default, and there may be again      odd, but there used to be some cases other than the default, and there may
1127      in future, so I haven't "optimized" it. */      be again in future, so I haven't "optimized" it. */
1128    
1129      default:      default:
1130      if ((options & PCRE_EXTRA) != 0) switch(c)      if ((options & PCRE_EXTRA) != 0) switch(c)
# Line 563  else Line 1137  else
1137      }      }
1138    }    }
1139    
1140    /* Perl supports \N{name} for character names, as well as plain \N for "not
1141    newline". PCRE does not support \N{name}. However, it does support
1142    quantification such as \N{2,3}. */
1143    
1144    if (c == -ESC_N && ptr[1] == CHAR_LEFT_CURLY_BRACKET &&
1145         !is_counted_repeat(ptr+2))
1146      *errorcodeptr = ERR37;
1147    
1148    /* If PCRE_UCP is set, we change the values for \d etc. */
1149    
1150    if ((options & PCRE_UCP) != 0 && c <= -ESC_D && c >= -ESC_w)
1151      c -= (ESC_DU - ESC_D);
1152    
1153    /* Set the pointer to the final character before returning. */
1154    
1155  *ptrptr = ptr;  *ptrptr = ptr;
1156  return c;  return c;
1157  }  }
# Line 589  Returns:         type value from ucp_typ Line 1178  Returns:         type value from ucp_typ
1178  */  */
1179    
1180  static int  static int
1181  get_ucp(const uschar **ptrptr, BOOL *negptr, int *dptr, int *errorcodeptr)  get_ucp(const pcre_uchar **ptrptr, BOOL *negptr, int *dptr, int *errorcodeptr)
1182  {  {
1183  int c, i, bot, top;  int c, i, bot, top;
1184  const uschar *ptr = *ptrptr;  const pcre_uchar *ptr = *ptrptr;
1185  char name[32];  pcre_uchar name[32];
1186    
1187  c = *(++ptr);  c = *(++ptr);
1188  if (c == 0) goto ERROR_RETURN;  if (c == 0) goto ERROR_RETURN;
# Line 603  if (c == 0) goto ERROR_RETURN; Line 1192  if (c == 0) goto ERROR_RETURN;
1192  /* \P or \p can be followed by a name in {}, optionally preceded by ^ for  /* \P or \p can be followed by a name in {}, optionally preceded by ^ for
1193  negation. */  negation. */
1194    
1195  if (c == '{')  if (c == CHAR_LEFT_CURLY_BRACKET)
1196    {    {
1197    if (ptr[1] == '^')    if (ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
1198      {      {
1199      *negptr = TRUE;      *negptr = TRUE;
1200      ptr++;      ptr++;
1201      }      }
1202    for (i = 0; i < sizeof(name) - 1; i++)    for (i = 0; i < (int)(sizeof(name) / sizeof(pcre_uchar)) - 1; i++)
1203      {      {
1204      c = *(++ptr);      c = *(++ptr);
1205      if (c == 0) goto ERROR_RETURN;      if (c == 0) goto ERROR_RETURN;
1206      if (c == '}') break;      if (c == CHAR_RIGHT_CURLY_BRACKET) break;
1207      name[i] = c;      name[i] = c;
1208      }      }
1209    if (c !='}') goto ERROR_RETURN;    if (c != CHAR_RIGHT_CURLY_BRACKET) goto ERROR_RETURN;
1210    name[i] = 0;    name[i] = 0;
1211    }    }
1212    
# Line 634  else Line 1223  else
1223  /* Search for a recognized property name using binary chop */  /* Search for a recognized property name using binary chop */
1224    
1225  bot = 0;  bot = 0;
1226  top = _pcre_utt_size;  top = PRIV(utt_size);
1227    
1228  while (bot < top)  while (bot < top)
1229    {    {
1230    i = (bot + top) >> 1;    i = (bot + top) >> 1;
1231    c = strcmp(name, _pcre_utt[i].name);    c = STRCMP_UC_C8(name, PRIV(utt_names) + PRIV(utt)[i].name_offset);
1232    if (c == 0)    if (c == 0)
1233      {      {
1234      *dptr = _pcre_utt[i].value;      *dptr = PRIV(utt)[i].value;
1235      return _pcre_utt[i].type;      return PRIV(utt)[i].type;
1236      }      }
1237    if (c > 0) bot = i + 1; else top = i;    if (c > 0) bot = i + 1; else top = i;
1238    }    }
# Line 663  return -1; Line 1252  return -1;
1252    
1253    
1254  /*************************************************  /*************************************************
 *            Check for counted repeat            *  
 *************************************************/  
   
 /* This function is called when a '{' is encountered in a place where it might  
 start a quantifier. It looks ahead to see if it really is a quantifier or not.  
 It is only a quantifier if it is one of the forms {ddd} {ddd,} or {ddd,ddd}  
 where the ddds are digits.  
   
 Arguments:  
   p         pointer to the first char after '{'  
   
 Returns:    TRUE or FALSE  
 */  
   
 static BOOL  
 is_counted_repeat(const uschar *p)  
 {  
 if ((digitab[*p++] & ctype_digit) == 0) return FALSE;  
 while ((digitab[*p] & ctype_digit) != 0) p++;  
 if (*p == '}') return TRUE;  
   
 if (*p++ != ',') return FALSE;  
 if (*p == '}') return TRUE;  
   
 if ((digitab[*p++] & ctype_digit) == 0) return FALSE;  
 while ((digitab[*p] & ctype_digit) != 0) p++;  
   
 return (*p == '}');  
 }  
   
   
   
 /*************************************************  
1255  *         Read repeat counts                     *  *         Read repeat counts                     *
1256  *************************************************/  *************************************************/
1257    
# Line 714  Returns:         pointer to '}' on succe Line 1270  Returns:         pointer to '}' on succe
1270                   current ptr on error, with errorcodeptr set non-zero                   current ptr on error, with errorcodeptr set non-zero
1271  */  */
1272    
1273  static const uschar *  static const pcre_uchar *
1274  read_repeat_counts(const uschar *p, int *minp, int *maxp, int *errorcodeptr)  read_repeat_counts(const pcre_uchar *p, int *minp, int *maxp, int *errorcodeptr)
1275  {  {
1276  int min = 0;  int min = 0;
1277  int max = -1;  int max = -1;
# Line 723  int max = -1; Line 1279  int max = -1;
1279  /* Read the minimum value and do a paranoid check: a negative value indicates  /* Read the minimum value and do a paranoid check: a negative value indicates
1280  an integer overflow. */  an integer overflow. */
1281    
1282  while ((digitab[*p] & ctype_digit) != 0) min = min * 10 + *p++ - '0';  while (IS_DIGIT(*p)) min = min * 10 + *p++ - CHAR_0;
1283  if (min < 0 || min > 65535)  if (min < 0 || min > 65535)
1284    {    {
1285    *errorcodeptr = ERR5;    *errorcodeptr = ERR5;
# Line 733  if (min < 0 || min > 65535) Line 1289  if (min < 0 || min > 65535)
1289  /* Read the maximum value if there is one, and again do a paranoid on its size.  /* Read the maximum value if there is one, and again do a paranoid on its size.
1290  Also, max must not be less than min. */  Also, max must not be less than min. */
1291    
1292  if (*p == '}') max = min; else  if (*p == CHAR_RIGHT_CURLY_BRACKET) max = min; else
1293    {    {
1294    if (*(++p) != '}')    if (*(++p) != CHAR_RIGHT_CURLY_BRACKET)
1295      {      {
1296      max = 0;      max = 0;
1297      while((digitab[*p] & ctype_digit) != 0) max = max * 10 + *p++ - '0';      while(IS_DIGIT(*p)) max = max * 10 + *p++ - CHAR_0;
1298      if (max < 0 || max > 65535)      if (max < 0 || max > 65535)
1299        {        {
1300        *errorcodeptr = ERR5;        *errorcodeptr = ERR5;
# Line 763  return p; Line 1319  return p;
1319    
1320    
1321  /*************************************************  /*************************************************
1322  *      Find first significant op code            *  *  Subroutine for finding forward reference      *
1323  *************************************************/  *************************************************/
1324    
1325  /* This is called by several functions that scan a compiled expression looking  /* This recursive function is called only from find_parens() below. The
1326  for a fixed first character, or an anchoring op code etc. It skips over things  top-level call starts at the beginning of the pattern. All other calls must
1327  that do not influence this. For some calls, a change of option is important.  start at a parenthesis. It scans along a pattern's text looking for capturing
1328  For some calls, it makes sense to skip negative forward and all backward  subpatterns, and counting them. If it finds a named pattern that matches the
1329  assertions, and also the \b assertion; for others it does not.  name it is given, it returns its number. Alternatively, if the name is NULL, it
1330    returns when it reaches a given numbered subpattern. Recursion is used to keep
1331    track of subpatterns that reset the capturing group numbers - the (?| feature.
1332    
1333    This function was originally called only from the second pass, in which we know
1334    that if (?< or (?' or (?P< is encountered, the name will be correctly
1335    terminated because that is checked in the first pass. There is now one call to
1336    this function in the first pass, to check for a recursive back reference by
1337    name (so that we can make the whole group atomic). In this case, we need check
1338    only up to the current position in the pattern, and that is still OK because
1339    and previous occurrences will have been checked. To make this work, the test
1340    for "end of pattern" is a check against cd->end_pattern in the main loop,
1341    instead of looking for a binary zero. This means that the special first-pass
1342    call can adjust cd->end_pattern temporarily. (Checks for binary zero while
1343    processing items within the loop are OK, because afterwards the main loop will
1344    terminate.)
1345    
1346  Arguments:  Arguments:
1347    code         pointer to the start of the group    ptrptr       address of the current character pointer (updated)
1348    options      pointer to external options    cd           compile background data
1349    optbit       the option bit whose changing is significant, or    name         name to seek, or NULL if seeking a numbered subpattern
1350                   zero if none are    lorn         name length, or subpattern number if name is NULL
1351    skipassert   TRUE if certain assertions are to be skipped    xmode        TRUE if we are in /x mode
1352      utf          TRUE if we are in UTF-8 / UTF-16 mode
1353      count        pointer to the current capturing subpattern number (updated)
1354    
1355  Returns:       pointer to the first significant opcode  Returns:       the number of the named subpattern, or -1 if not found
1356  */  */
1357    
1358  static const uschar*  static int
1359  first_significant_code(const uschar *code, int *options, int optbit,  find_parens_sub(pcre_uchar **ptrptr, compile_data *cd, const pcre_uchar *name, int lorn,
1360    BOOL skipassert)    BOOL xmode, BOOL utf, int *count)
1361  {  {
1362  for (;;)  pcre_uchar *ptr = *ptrptr;
1363    {  int start_count = *count;
1364    switch ((int)*code)  int hwm_count = start_count;
1365      {  BOOL dup_parens = FALSE;
     case OP_OPT:  
     if (optbit > 0 && ((int)code[1] & optbit) != (*options & optbit))  
       *options = (int)code[1];  
     code += 2;  
     break;  
1366    
1367      case OP_ASSERT_NOT:  /* If the first character is a parenthesis, check on the type of group we are
1368      case OP_ASSERTBACK:  dealing with. The very first call may not start with a parenthesis. */
     case OP_ASSERTBACK_NOT:  
     if (!skipassert) return code;  
     do code += GET(code, 1); while (*code == OP_ALT);  
     code += _pcre_OP_lengths[*code];  
     break;  
1369    
1370      case OP_WORD_BOUNDARY:  if (ptr[0] == CHAR_LEFT_PARENTHESIS)
1371      case OP_NOT_WORD_BOUNDARY:    {
1372      if (!skipassert) return code;    /* Handle specials such as (*SKIP) or (*UTF8) etc. */
     /* Fall through */  
1373    
1374      case OP_CALLOUT:    if (ptr[1] == CHAR_ASTERISK) ptr += 2;
     case OP_CREF:  
     case OP_BRANUMBER:  
     code += _pcre_OP_lengths[*code];  
     break;  
1375    
1376      default:    /* Handle a normal, unnamed capturing parenthesis. */
     return code;  
     }  
   }  
 /* Control never reaches here */  
 }  
1377    
1378      else if (ptr[1] != CHAR_QUESTION_MARK)
1379        {
1380        *count += 1;
1381        if (name == NULL && *count == lorn) return *count;
1382        ptr++;
1383        }
1384    
1385      /* All cases now have (? at the start. Remember when we are in a group
1386      where the parenthesis numbers are duplicated. */
1387    
1388      else if (ptr[2] == CHAR_VERTICAL_LINE)
1389        {
1390        ptr += 3;
1391        dup_parens = TRUE;
1392        }
1393    
1394  /*************************************************    /* Handle comments; all characters are allowed until a ket is reached. */
 *        Find the fixed length of a pattern      *  
 *************************************************/  
1395    
1396  /* Scan a pattern and compute the fixed length of subject that will match it,    else if (ptr[2] == CHAR_NUMBER_SIGN)
1397  if the length is fixed. This is needed for dealing with backward assertions.      {
1398  In UTF8 mode, the result is in characters rather than bytes.      for (ptr += 3; *ptr != 0; ptr++) if (*ptr == CHAR_RIGHT_PARENTHESIS) break;
1399        goto FAIL_EXIT;
1400        }
1401    
1402  Arguments:    /* Handle a condition. If it is an assertion, just carry on so that it
1403    code     points to the start of the pattern (the bracket)    is processed as normal. If not, skip to the closing parenthesis of the
1404    options  the compiling options    condition (there can't be any nested parens). */
1405    
1406  Returns:   the fixed length, or -1 if there is no fixed length,    else if (ptr[2] == CHAR_LEFT_PARENTHESIS)
1407               or -2 if \C was encountered      {
1408  */      ptr += 2;
1409        if (ptr[1] != CHAR_QUESTION_MARK)
1410          {
1411          while (*ptr != 0 && *ptr != CHAR_RIGHT_PARENTHESIS) ptr++;
1412          if (*ptr != 0) ptr++;
1413          }
1414        }
1415    
1416  static int    /* Start with (? but not a condition. */
 find_fixedlength(uschar *code, int options)  
 {  
 int length = -1;  
1417    
1418  register int branchlength = 0;    else
1419  register uschar *cc = code + 1 + LINK_SIZE;      {
1420        ptr += 2;
1421        if (*ptr == CHAR_P) ptr++;                      /* Allow optional P */
1422    
1423  /* Scan along the opcodes for this branch. If we get to the end of the      /* We have to disambiguate (?<! and (?<= from (?<name> for named groups */
1424  branch, check the length against that of the other branches. */  
1425        if ((*ptr == CHAR_LESS_THAN_SIGN && ptr[1] != CHAR_EXCLAMATION_MARK &&
1426            ptr[1] != CHAR_EQUALS_SIGN) || *ptr == CHAR_APOSTROPHE)
1427          {
1428          int term;
1429          const pcre_uchar *thisname;
1430          *count += 1;
1431          if (name == NULL && *count == lorn) return *count;
1432          term = *ptr++;
1433          if (term == CHAR_LESS_THAN_SIGN) term = CHAR_GREATER_THAN_SIGN;
1434          thisname = ptr;
1435          while (*ptr != term) ptr++;
1436          if (name != NULL && lorn == ptr - thisname &&
1437              STRNCMP_UC_UC(name, thisname, lorn) == 0)
1438            return *count;
1439          term++;
1440          }
1441        }
1442      }
1443    
1444    /* Past any initial parenthesis handling, scan for parentheses or vertical
1445    bars. Stop if we get to cd->end_pattern. Note that this is important for the
1446    first-pass call when this value is temporarily adjusted to stop at the current
1447    position. So DO NOT change this to a test for binary zero. */
1448    
1449    for (; ptr < cd->end_pattern; ptr++)
1450      {
1451      /* Skip over backslashed characters and also entire \Q...\E */
1452    
1453      if (*ptr == CHAR_BACKSLASH)
1454        {
1455        if (*(++ptr) == 0) goto FAIL_EXIT;
1456        if (*ptr == CHAR_Q) for (;;)
1457          {
1458          while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};
1459          if (*ptr == 0) goto FAIL_EXIT;
1460          if (*(++ptr) == CHAR_E) break;
1461          }
1462        continue;
1463        }
1464    
1465      /* Skip over character classes; this logic must be similar to the way they
1466      are handled for real. If the first character is '^', skip it. Also, if the
1467      first few characters (either before or after ^) are \Q\E or \E we skip them
1468      too. This makes for compatibility with Perl. Note the use of STR macros to
1469      encode "Q\\E" so that it works in UTF-8 on EBCDIC platforms. */
1470    
1471      if (*ptr == CHAR_LEFT_SQUARE_BRACKET)
1472        {
1473        BOOL negate_class = FALSE;
1474        for (;;)
1475          {
1476          if (ptr[1] == CHAR_BACKSLASH)
1477            {
1478            if (ptr[2] == CHAR_E)
1479              ptr+= 2;
1480            else if (STRNCMP_UC_C8(ptr + 2,
1481                     STR_Q STR_BACKSLASH STR_E, 3) == 0)
1482              ptr += 4;
1483            else
1484              break;
1485            }
1486          else if (!negate_class && ptr[1] == CHAR_CIRCUMFLEX_ACCENT)
1487            {
1488            negate_class = TRUE;
1489            ptr++;
1490            }
1491          else break;
1492          }
1493    
1494        /* If the next character is ']', it is a data character that must be
1495        skipped, except in JavaScript compatibility mode. */
1496    
1497        if (ptr[1] == CHAR_RIGHT_SQUARE_BRACKET &&
1498            (cd->external_options & PCRE_JAVASCRIPT_COMPAT) == 0)
1499          ptr++;
1500    
1501        while (*(++ptr) != CHAR_RIGHT_SQUARE_BRACKET)
1502          {
1503          if (*ptr == 0) return -1;
1504          if (*ptr == CHAR_BACKSLASH)
1505            {
1506            if (*(++ptr) == 0) goto FAIL_EXIT;
1507            if (*ptr == CHAR_Q) for (;;)
1508              {
1509              while (*(++ptr) != 0 && *ptr != CHAR_BACKSLASH) {};
1510              if (*ptr == 0) goto FAIL_EXIT;
1511              if (*(++ptr) == CHAR_E) break;
1512              }
1513            continue;
1514            }
1515          }
1516        continue;
1517        }
1518    
1519      /* Skip comments in /x mode */
1520    
1521      if (xmode && *ptr == CHAR_NUMBER_SIGN)
1522        {
1523        ptr++;
1524        while (*ptr != 0)
1525          {
1526          if (IS_NEWLINE(ptr)) { ptr += cd->nllen - 1; break; }
1527          ptr++;
1528    #ifdef SUPPORT_UTF
1529          if (utf) FORWARDCHAR(ptr);
1530    #endif
1531          }
1532        if (*ptr == 0) goto FAIL_EXIT;
1533        continue;
1534        }
1535    
1536      /* Check for the special metacharacters */
1537    
1538      if (*ptr == CHAR_LEFT_PARENTHESIS)
1539        {
1540        int rc = find_parens_sub(&ptr, cd, name, lorn, xmode, utf, count);
1541        if (rc > 0) return rc;
1542        if (*ptr == 0) goto FAIL_EXIT;
1543        }
1544    
1545      else if (*ptr == CHAR_RIGHT_PARENTHESIS)
1546        {
1547        if (dup_parens && *count < hwm_count) *count = hwm_count;
1548        goto FAIL_EXIT;
1549        }
1550    
1551      else if (*ptr == CHAR_VERTICAL_LINE && dup_parens)
1552        {
1553        if (*count > hwm_count) hwm_count = *count;
1554        *count = start_count;
1555        }
1556      }
1557    
1558    FAIL_EXIT:
1559    *ptrptr = ptr;
1560    return -1;
1561    }
1562    
1563    
1564    
1565    
1566    /*************************************************
1567    *       Find forward referenced subpattern       *
1568    *************************************************/
1569    
1570    /* This function scans along a pattern's text looking for capturing
1571    subpatterns, and counting them. If it finds a named pattern that matches the
1572    name it is given, it returns its number. Alternatively, if the name is NULL, it
1573    returns when it reaches a given numbered subpattern. This is used for forward
1574    references to subpatterns. We used to be able to start this scan from the
1575    current compiling point, using the current count value from cd->bracount, and
1576    do it all in a single loop, but the addition of the possibility of duplicate
1577    subpattern numbers means that we have to scan from the very start, in order to
1578    take account of such duplicates, and to use a recursive function to keep track
1579    of the different types of group.
1580    
1581    Arguments:
1582      cd           compile background data
1583      name         name to seek, or NULL if seeking a numbered subpattern
1584      lorn         name length, or subpattern number if name is NULL
1585      xmode        TRUE if we are in /x mode
1586      utf          TRUE if we are in UTF-8 / UTF-16 mode
1587    
1588    Returns:       the number of the found subpattern, or -1 if not found
1589    */
1590    
1591    static int
1592    find_parens(compile_data *cd, const pcre_uchar *name, int lorn, BOOL xmode,
1593      BOOL utf)
1594    {
1595    pcre_uchar *ptr = (pcre_uchar *)cd->start_pattern;
1596    int count = 0;
1597    int rc;
1598    
1599    /* If the pattern does not start with an opening parenthesis, the first call
1600    to find_parens_sub() will scan right to the end (if necessary). However, if it
1601    does start with a parenthesis, find_parens_sub() will return when it hits the
1602    matching closing parens. That is why we have to have a loop. */
1603    
1604    for (;;)
1605      {
1606      rc = find_parens_sub(&ptr, cd, name, lorn, xmode, utf, &count);
1607      if (rc > 0 || *ptr++ == 0) break;
1608      }
1609    
1610    return rc;
1611    }
1612    
1613    
1614    
1615    
1616    /*************************************************
1617    *      Find first significant op code            *
1618    *************************************************/
1619    
1620    /* This is called by several functions that scan a compiled expression looking
1621    for a fixed first character, or an anchoring op code etc. It skips over things
1622    that do not influence this. For some calls, it makes sense to skip negative
1623    forward and all backward assertions, and also the \b assertion; for others it
1624    does not.
1625    
1626    Arguments:
1627      code         pointer to the start of the group
1628      skipassert   TRUE if certain assertions are to be skipped
1629    
1630    Returns:       pointer to the first significant opcode
1631    */
1632    
1633    static const pcre_uchar*
1634    first_significant_code(const pcre_uchar *code, BOOL skipassert)
1635    {
1636    for (;;)
1637      {
1638      switch ((int)*code)
1639        {
1640        case OP_ASSERT_NOT:
1641        case OP_ASSERTBACK:
1642        case OP_ASSERTBACK_NOT:
1643        if (!skipassert) return code;
1644        do code += GET(code, 1); while (*code == OP_ALT);
1645        code += PRIV(OP_lengths)[*code];
1646        break;
1647    
1648        case OP_WORD_BOUNDARY:
1649        case OP_NOT_WORD_BOUNDARY:
1650        if (!skipassert) return code;
1651        /* Fall through */
1652    
1653        case OP_CALLOUT:
1654        case OP_CREF:
1655        case OP_NCREF:
1656        case OP_RREF:
1657        case OP_NRREF:
1658        case OP_DEF:
1659        code += PRIV(OP_lengths)[*code];
1660        break;
1661    
1662        default:
1663        return code;
1664        }
1665      }
1666    /* Control never reaches here */
1667    }
1668    
1669    
1670    
1671    
1672    /*************************************************
1673    *        Find the fixed length of a branch       *
1674    *************************************************/
1675    
1676    /* Scan a branch and compute the fixed length of subject that will match it,
1677    if the length is fixed. This is needed for dealing with backward assertions.
1678    In UTF8 mode, the result is in characters rather than bytes. The branch is
1679    temporarily terminated with OP_END when this function is called.
1680    
1681    This function is called when a backward assertion is encountered, so that if it
1682    fails, the error message can point to the correct place in the pattern.
1683    However, we cannot do this when the assertion contains subroutine calls,
1684    because they can be forward references. We solve this by remembering this case
1685    and doing the check at the end; a flag specifies which mode we are running in.
1686    
1687    Arguments:
1688      code     points to the start of the pattern (the bracket)
1689      utf      TRUE in UTF-8 / UTF-16 mode
1690      atend    TRUE if called when the pattern is complete
1691      cd       the "compile data" structure
1692    
1693    Returns:   the fixed length,
1694                 or -1 if there is no fixed length,
1695                 or -2 if \C was encountered (in UTF-8 mode only)
1696                 or -3 if an OP_RECURSE item was encountered and atend is FALSE
1697                 or -4 if an unknown opcode was encountered (internal error)
1698    */
1699    
1700    static int
1701    find_fixedlength(pcre_uchar *code, BOOL utf, BOOL atend, compile_data *cd)
1702    {
1703    int length = -1;
1704    
1705    register int branchlength = 0;
1706    register pcre_uchar *cc = code + 1 + LINK_SIZE;
1707    
1708    /* Scan along the opcodes for this branch. If we get to the end of the
1709    branch, check the length against that of the other branches. */
1710    
1711  for (;;)  for (;;)
1712    {    {
1713    int d;    int d;
1714      pcre_uchar *ce, *cs;
1715    register int op = *cc;    register int op = *cc;
   if (op >= OP_BRA) op = OP_BRA;  
1716    
1717    switch (op)    switch (op)
1718      {      {
1719        /* We only need to continue for OP_CBRA (normal capturing bracket) and
1720        OP_BRA (normal non-capturing bracket) because the other variants of these
1721        opcodes are all concerned with unlimited repeated groups, which of course
1722        are not of fixed length. */
1723    
1724        case OP_CBRA:
1725      case OP_BRA:      case OP_BRA:
1726      case OP_ONCE:      case OP_ONCE:
1727        case OP_ONCE_NC:
1728      case OP_COND:      case OP_COND:
1729      d = find_fixedlength(cc, options);      d = find_fixedlength(cc + ((op == OP_CBRA)? IMM2_SIZE : 0), utf, atend, cd);
1730      if (d < 0) return d;      if (d < 0) return d;
1731      branchlength += d;      branchlength += d;
1732      do cc += GET(cc, 1); while (*cc == OP_ALT);      do cc += GET(cc, 1); while (*cc == OP_ALT);
1733      cc += 1 + LINK_SIZE;      cc += 1 + LINK_SIZE;
1734      break;      break;
1735    
1736      /* Reached end of a branch; if it's a ket it is the end of a nested      /* Reached end of a branch; if it's a ket it is the end of a nested call.
1737      call. If it's ALT it is an alternation in a nested call. If it is      If it's ALT it is an alternation in a nested call. An ACCEPT is effectively
1738      END it's the end of the outer call. All can be handled by the same code. */      an ALT. If it is END it's the end of the outer call. All can be handled by
1739        the same code. Note that we must not include the OP_KETRxxx opcodes here,
1740        because they all imply an unlimited repeat. */
1741    
1742      case OP_ALT:      case OP_ALT:
1743      case OP_KET:      case OP_KET:
     case OP_KETRMAX:  
     case OP_KETRMIN:  
1744      case OP_END:      case OP_END:
1745        case OP_ACCEPT:
1746        case OP_ASSERT_ACCEPT:
1747      if (length < 0) length = branchlength;      if (length < 0) length = branchlength;
1748        else if (length != branchlength) return -1;        else if (length != branchlength) return -1;
1749      if (*cc != OP_ALT) return length;      if (*cc != OP_ALT) return length;
# Line 886  for (;;) Line 1751  for (;;)
1751      branchlength = 0;      branchlength = 0;
1752      break;      break;
1753    
1754        /* A true recursion implies not fixed length, but a subroutine call may
1755        be OK. If the subroutine is a forward reference, we can't deal with
1756        it until the end of the pattern, so return -3. */
1757    
1758        case OP_RECURSE:
1759        if (!atend) return -3;
1760        cs = ce = (pcre_uchar *)cd->start_code + GET(cc, 1);  /* Start subpattern */
1761        do ce += GET(ce, 1); while (*ce == OP_ALT);           /* End subpattern */
1762        if (cc > cs && cc < ce) return -1;                    /* Recursion */
1763        d = find_fixedlength(cs + IMM2_SIZE, utf, atend, cd);
1764        if (d < 0) return d;
1765        branchlength += d;
1766        cc += 1 + LINK_SIZE;
1767        break;
1768    
1769      /* Skip over assertive subpatterns */      /* Skip over assertive subpatterns */
1770    
1771      case OP_ASSERT:      case OP_ASSERT:
# Line 893  for (;;) Line 1773  for (;;)
1773      case OP_ASSERTBACK:      case OP_ASSERTBACK:
1774      case OP_ASSERTBACK_NOT:      case OP_ASSERTBACK_NOT:
1775      do cc += GET(cc, 1); while (*cc == OP_ALT);      do cc += GET(cc, 1); while (*cc == OP_ALT);
1776      /* Fall through */      cc += PRIV(OP_lengths)[*cc];
1777        break;
1778    
1779      /* Skip over things that don't match chars */      /* Skip over things that don't match chars */
1780    
1781      case OP_REVERSE:      case OP_MARK:
1782      case OP_BRANUMBER:      case OP_PRUNE_ARG:
1783      case OP_CREF:      case OP_SKIP_ARG:
1784      case OP_OPT:      case OP_THEN_ARG:
1785        cc += cc[1] + PRIV(OP_lengths)[*cc];
1786        break;
1787    
1788      case OP_CALLOUT:      case OP_CALLOUT:
     case OP_SOD:  
     case OP_SOM:  
     case OP_EOD:  
     case OP_EODN:  
1789      case OP_CIRC:      case OP_CIRC:
1790        case OP_CIRCM:
1791        case OP_CLOSE:
1792        case OP_COMMIT:
1793        case OP_CREF:
1794        case OP_DEF:
1795      case OP_DOLL:      case OP_DOLL:
1796        case OP_DOLLM:
1797        case OP_EOD:
1798        case OP_EODN:
1799        case OP_FAIL:
1800        case OP_NCREF:
1801        case OP_NRREF:
1802      case OP_NOT_WORD_BOUNDARY:      case OP_NOT_WORD_BOUNDARY:
1803        case OP_PRUNE:
1804        case OP_REVERSE:
1805        case OP_RREF:
1806        case OP_SET_SOM:
1807        case OP_SKIP:
1808        case OP_SOD:
1809        case OP_SOM:
1810        case OP_THEN:
1811      case OP_WORD_BOUNDARY:      case OP_WORD_BOUNDARY:
1812      cc += _pcre_OP_lengths[*cc];      cc += PRIV(OP_lengths)[*cc];
1813      break;      break;
1814    
1815      /* Handle literal characters */      /* Handle literal characters */
1816    
1817      case OP_CHAR:      case OP_CHAR:
1818      case OP_CHARNC:      case OP_CHARI:
1819        case OP_NOT:
1820        case OP_NOTI:
1821      branchlength++;      branchlength++;
1822      cc += 2;      cc += 2;
1823  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF
1824      if ((options & PCRE_UTF8) != 0)      if (utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]);
       {  
       while ((*cc & 0xc0) == 0x80) cc++;  
       }  
1825  #endif  #endif
1826      break;      break;
1827    
# Line 931  for (;;) Line 1829  for (;;)
1829      need to skip over a multibyte character in UTF8 mode.  */      need to skip over a multibyte character in UTF8 mode.  */
1830    
1831      case OP_EXACT:      case OP_EXACT:
1832        case OP_EXACTI:
1833        case OP_NOTEXACT:
1834        case OP_NOTEXACTI:
1835      branchlength += GET2(cc,1);      branchlength += GET2(cc,1);
1836      cc += 4;      cc += 2 + IMM2_SIZE;
1837  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF
1838      if ((options & PCRE_UTF8) != 0)      if (utf && HAS_EXTRALEN(cc[-1])) cc += GET_EXTRALEN(cc[-1]);
       {  
       while((*cc & 0x80) == 0x80) cc++;  
       }  
1839  #endif  #endif
1840      break;      break;
1841    
1842      case OP_TYPEEXACT:      case OP_TYPEEXACT:
1843      branchlength += GET2(cc,1);      branchlength += GET2(cc,1);
1844      cc += 4;      if (cc[1 + IMM2_SIZE] == OP_PROP || cc[1 + IMM2_SIZE] == OP_NOTPROP) cc += 2;
1845        cc += 1 + IMM2_SIZE + 1;
1846      break;      break;
1847    
1848      /* Handle single-char matchers */      /* Handle single-char matchers */
# Line 953  for (;;) Line 1852  for (;;)
1852      cc += 2;      cc += 2;
1853      /* Fall through */      /* Fall through */
1854    
1855        case OP_HSPACE:
1856        case OP_VSPACE:
1857        case OP_NOT_HSPACE:
1858        case OP_NOT_VSPACE:
1859      case OP_NOT_DIGIT:      case OP_NOT_DIGIT:
1860      case OP_DIGIT:      case OP_DIGIT:
1861      case OP_NOT_WHITESPACE:      case OP_NOT_WHITESPACE:
# Line 960  for (;;) Line 1863  for (;;)
1863      case OP_NOT_WORDCHAR:      case OP_NOT_WORDCHAR:
1864      case OP_WORDCHAR:      case OP_WORDCHAR:
1865      case OP_ANY:      case OP_ANY:
1866        case OP_ALLANY:
1867      branchlength++;      branchlength++;
1868      cc++;      cc++;
1869      break;      break;
1870    
1871      /* The single-byte matcher isn't allowed */      /* The single-byte matcher isn't allowed. This only happens in UTF-8 mode;
1872        otherwise \C is coded as OP_ALLANY. */
1873    
1874      case OP_ANYBYTE:      case OP_ANYBYTE:
1875      return -2;      return -2;
1876    
1877      /* Check a class for variable quantification */      /* Check a class for variable quantification */
1878    
1879  #ifdef SUPPORT_UTF8  #if defined SUPPORT_UTF || defined COMPILE_PCRE16
1880      case OP_XCLASS:      case OP_XCLASS:
1881      cc += GET(cc, 1) - 33;      cc += GET(cc, 1) - PRIV(OP_lengths)[OP_CLASS];
1882      /* Fall through */      /* Fall through */
1883  #endif  #endif
1884    
1885      case OP_CLASS:      case OP_CLASS:
1886      case OP_NCLASS:      case OP_NCLASS:
1887      cc += 33;      cc += PRIV(OP_lengths)[OP_CLASS];
1888    
1889      switch (*cc)      switch (*cc)
1890        {        {
1891          case OP_CRPLUS:
1892          case OP_CRMINPLUS:
1893        case OP_CRSTAR:        case OP_CRSTAR:
1894        case OP_CRMINSTAR:        case OP_CRMINSTAR:
1895        case OP_CRQUERY:        case OP_CRQUERY:
# Line 991  for (;;) Line 1898  for (;;)
1898    
1899        case OP_CRRANGE:        case OP_CRRANGE:
1900        case OP_CRMINRANGE:        case OP_CRMINRANGE:
1901        if (GET2(cc,1) != GET2(cc,3)) return -1;        if (GET2(cc,1) != GET2(cc,1+IMM2_SIZE)) return -1;
1902        branchlength += GET2(cc,1);        branchlength += GET2(cc,1);
1903        cc += 5;        cc += 1 + 2 * IMM2_SIZE;
1904        break;        break;
1905    
1906        default:        default:
# Line 1003  for (;;) Line 1910  for (;;)
1910    
1911      /* Anything else is variable length */      /* Anything else is variable length */
1912    
1913      default:      case OP_ANYNL:
1914        case OP_BRAMINZERO:
1915        case OP_BRAPOS:
1916        case OP_BRAPOSZERO:
1917        case OP_BRAZERO:
1918        case OP_CBRAPOS:
1919        case OP_EXTUNI:
1920        case OP_KETRMAX:
1921        case OP_KETRMIN:
1922        case OP_KETRPOS:
1923        case OP_MINPLUS:
1924        case OP_MINPLUSI:
1925        case OP_MINQUERY:
1926        case OP_MINQUERYI:
1927        case OP_MINSTAR:
1928        case OP_MINSTARI:
1929        case OP_MINUPTO:
1930        case OP_MINUPTOI:
1931        case OP_NOTMINPLUS:
1932        case OP_NOTMINPLUSI:
1933        case OP_NOTMINQUERY:
1934        case OP_NOTMINQUERYI:
1935        case OP_NOTMINSTAR:
1936        case OP_NOTMINSTARI:
1937        case OP_NOTMINUPTO:
1938        case OP_NOTMINUPTOI:
1939        case OP_NOTPLUS:
1940        case OP_NOTPLUSI:
1941        case OP_NOTPOSPLUS:
1942        case OP_NOTPOSPLUSI:
1943        case OP_NOTPOSQUERY:
1944        case OP_NOTPOSQUERYI:
1945        case OP_NOTPOSSTAR:
1946        case OP_NOTPOSSTARI:
1947        case OP_NOTPOSUPTO:
1948        case OP_NOTPOSUPTOI:
1949        case OP_NOTQUERY:
1950        case OP_NOTQUERYI:
1951        case OP_NOTSTAR:
1952        case OP_NOTSTARI:
1953        case OP_NOTUPTO:
1954        case OP_NOTUPTOI:
1955        case OP_PLUS:
1956        case OP_PLUSI:
1957        case OP_POSPLUS:
1958        case OP_POSPLUSI:
1959        case OP_POSQUERY:
1960        case OP_POSQUERYI:
1961        case OP_POSSTAR:
1962        case OP_POSSTARI:
1963        case OP_POSUPTO:
1964        case OP_POSUPTOI:
1965        case OP_QUERY:
1966        case OP_QUERYI:
1967        case OP_REF:
1968        case OP_REFI:
1969        case OP_SBRA:
1970        case OP_SBRAPOS:
1971        case OP_SCBRA:
1972        case OP_SCBRAPOS:
1973        case OP_SCOND:
1974        case OP_SKIPZERO:
1975        case OP_STAR:
1976        case OP_STARI:
1977        case OP_TYPEMINPLUS:
1978        case OP_TYPEMINQUERY:
1979        case OP_TYPEMINSTAR:
1980        case OP_TYPEMINUPTO:
1981        case OP_TYPEPLUS:
1982        case OP_TYPEPOSPLUS:
1983        case OP_TYPEPOSQUERY:
1984        case OP_TYPEPOSSTAR:
1985        case OP_TYPEPOSUPTO:
1986        case OP_TYPEQUERY:
1987        case OP_TYPESTAR:
1988        case OP_TYPEUPTO:
1989        case OP_UPTO:
1990        case OP_UPTOI:
1991      return -1;      return -1;
1992    
1993        /* Catch unrecognized opcodes so that when new ones are added they
1994        are not forgotten, as has happened in the past. */
1995    
1996        default:
1997        return -4;
1998      }      }
1999    }    }
2000  /* Control never gets here */  /* Control never gets here */
# Line 1014  for (;;) Line 2004  for (;;)
2004    
2005    
2006  /*************************************************  /*************************************************
2007  *    Scan compiled regex for numbered bracket    *  *    Scan compiled regex for specific bracket    *
2008  *************************************************/  *************************************************/
2009    
2010  /* This little function scans through a compiled pattern until it finds a  /* This little function scans through a compiled pattern until it finds a
2011  capturing bracket with the given number.  capturing bracket with the given number, or, if the number is negative, an
2012    instance of OP_REVERSE for a lookbehind. The function is global in the C sense
2013    so that it can be called from pcre_study() when finding the minimum matching
2014    length.
2015    
2016  Arguments:  Arguments:
2017    code        points to start of expression    code        points to start of expression
2018    utf8        TRUE in UTF-8 mode    utf         TRUE in UTF-8 / UTF-16 mode
2019    number      the required bracket number    number      the required bracket number or negative to find a lookbehind
2020    
2021  Returns:      pointer to the opcode for the bracket, or NULL if not found  Returns:      pointer to the opcode for the bracket, or NULL if not found
2022  */  */
2023    
2024  static const uschar *  const pcre_uchar *
2025  find_bracket(const uschar *code, BOOL utf8, int number)  PRIV(find_bracket)(const pcre_uchar *code, BOOL utf, int number)
2026  {  {
 #ifndef SUPPORT_UTF8  
 utf8 = utf8;               /* Stop pedantic compilers complaining */  
 #endif  
   
2027  for (;;)  for (;;)
2028    {    {
2029    register int c = *code;    register int c = *code;
2030    
2031    if (c == OP_END) return NULL;    if (c == OP_END) return NULL;
2032    else if (c > OP_BRA)  
2033      /* XCLASS is used for classes that cannot be represented just by a bit
2034      map. This includes negated single high-valued characters. The length in
2035      the table is zero; the actual length is stored in the compiled code. */
2036    
2037      if (c == OP_XCLASS) code += GET(code, 1);
2038    
2039      /* Handle recursion */
2040    
2041      else if (c == OP_REVERSE)
2042        {
2043        if (number < 0) return (pcre_uchar *)code;
2044        code += PRIV(OP_lengths)[c];
2045        }
2046    
2047      /* Handle capturing bracket */
2048    
2049      else if (c == OP_CBRA || c == OP_SCBRA ||
2050               c == OP_CBRAPOS || c == OP_SCBRAPOS)
2051      {      {
2052      int n = c - OP_BRA;      int n = GET2(code, 1+LINK_SIZE);
2053      if (n > EXTRACT_BASIC_MAX) n = GET2(code, 2+LINK_SIZE);      if (n == number) return (pcre_uchar *)code;
2054      if (n == number) return (uschar *)code;      code += PRIV(OP_lengths)[c];
     code += _pcre_OP_lengths[OP_BRA];  
2055      }      }
2056    
2057      /* Otherwise, we can get the item's length from the table, except that for
2058      repeated character types, we have to test for \p and \P, which have an extra
2059      two bytes of parameters, and for MARK/PRUNE/SKIP/THEN with an argument, we
2060      must add in its length. */
2061    
2062    else    else
2063      {      {
2064      code += _pcre_OP_lengths[c];      switch(c)
2065          {
2066          case OP_TYPESTAR:
2067          case OP_TYPEMINSTAR:
2068          case OP_TYPEPLUS:
2069          case OP_TYPEMINPLUS:
2070          case OP_TYPEQUERY:
2071          case OP_TYPEMINQUERY:
2072          case OP_TYPEPOSSTAR:
2073          case OP_TYPEPOSPLUS:
2074          case OP_TYPEPOSQUERY:
2075          if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2076          break;
2077    
2078  #ifdef SUPPORT_UTF8        case OP_TYPEUPTO:
2079          case OP_TYPEMINUPTO:
2080          case OP_TYPEEXACT:
2081          case OP_TYPEPOSUPTO:
2082          if (code[1 + IMM2_SIZE] == OP_PROP
2083            || code[1 + IMM2_SIZE] == OP_NOTPROP) code += 2;
2084          break;
2085    
2086      /* In UTF-8 mode, opcodes that are followed by a character may be followed        case OP_MARK:
2087      by a multi-byte character. The length in the table is a minimum, so we have        case OP_PRUNE_ARG:
2088      to scan along to skip the extra bytes. All opcodes are less than 128, so we        case OP_SKIP_ARG:
2089      can use relatively efficient code. */        code += code[1];
2090          break;
2091    
2092          case OP_THEN_ARG:
2093          code += code[1];
2094          break;
2095          }
2096    
2097      if (utf8) switch(c)      /* Add in the fixed length from the table */
2098    
2099        code += PRIV(OP_lengths)[c];
2100    
2101      /* In UTF-8 mode, opcodes that are followed by a character may be followed by
2102      a multi-byte character. The length in the table is a minimum, so we have to
2103      arrange to skip the extra bytes. */
2104    
2105    #ifdef SUPPORT_UTF
2106        if (utf) switch(c)
2107        {        {
2108        case OP_CHAR:        case OP_CHAR:
2109        case OP_CHARNC:        case OP_CHARI:
2110        case OP_EXACT:        case OP_EXACT:
2111          case OP_EXACTI:
2112        case OP_UPTO:        case OP_UPTO:
2113          case OP_UPTOI:
2114        case OP_MINUPTO:        case OP_MINUPTO:
2115          case OP_MINUPTOI:
2116          case OP_POSUPTO:
2117          case OP_POSUPTOI:
2118        case OP_STAR:        case OP_STAR:
2119          case OP_STARI:
2120        case OP_MINSTAR:        case OP_MINSTAR:
2121          case OP_MINSTARI:
2122          case OP_POSSTAR:
2123          case OP_POSSTARI:
2124        case OP_PLUS:        case OP_PLUS:
2125          case OP_PLUSI:
2126        case OP_MINPLUS:        case OP_MINPLUS:
2127          case OP_MINPLUSI:
2128          case OP_POSPLUS:
2129          case OP_POSPLUSI:
2130        case OP_QUERY:        case OP_QUERY:
2131          case OP_QUERYI:
2132        case OP_MINQUERY:        case OP_MINQUERY:
2133        while ((*code & 0xc0) == 0x80) code++;        case OP_MINQUERYI:
2134        break;        case OP_POSQUERY:
2135          case OP_POSQUERYI:
2136        /* XCLASS is used for classes that cannot be represented just by a bit        if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);
       map. This includes negated single high-valued characters. The length in  
       the table is zero; the actual length is stored in the compiled code. */  
   
       case OP_XCLASS:  
       code += GET(code, 1) + 1;  
2137        break;        break;
2138        }        }
2139    #else
2140        (void)(utf);  /* Keep compiler happy by referencing function argument */
2141  #endif  #endif
2142      }      }
2143    }    }
# Line 1097  instance of OP_RECURSE. Line 2154  instance of OP_RECURSE.
2154    
2155  Arguments:  Arguments:
2156    code        points to start of expression    code        points to start of expression
2157    utf8        TRUE in UTF-8 mode    utf         TRUE in UTF-8 / UTF-16 mode
2158    
2159  Returns:      pointer to the opcode for OP_RECURSE, or NULL if not found  Returns:      pointer to the opcode for OP_RECURSE, or NULL if not found
2160  */  */
2161    
2162  static const uschar *  static const pcre_uchar *
2163  find_recurse(const uschar *code, BOOL utf8)  find_recurse(const pcre_uchar *code, BOOL utf)
2164  {  {
 #ifndef SUPPORT_UTF8  
 utf8 = utf8;               /* Stop pedantic compilers complaining */  
 #endif  
   
2165  for (;;)  for (;;)
2166    {    {
2167    register int c = *code;    register int c = *code;
2168    if (c == OP_END) return NULL;    if (c == OP_END) return NULL;
2169    else if (c == OP_RECURSE) return code;    if (c == OP_RECURSE) return code;
2170    else if (c > OP_BRA)  
2171      {    /* XCLASS is used for classes that cannot be represented just by a bit
2172      code += _pcre_OP_lengths[OP_BRA];    map. This includes negated single high-valued characters. The length in
2173      }    the table is zero; the actual length is stored in the compiled code. */
2174    
2175      if (c == OP_XCLASS) code += GET(code, 1);
2176    
2177      /* Otherwise, we can get the item's length from the table, except that for
2178      repeated character types, we have to test for \p and \P, which have an extra
2179      two bytes of parameters, and for MARK/PRUNE/SKIP/THEN with an argument, we
2180      must add in its length. */
2181    
2182    else    else
2183      {      {
2184      code += _pcre_OP_lengths[c];      switch(c)
2185          {
2186          case OP_TYPESTAR:
2187          case OP_TYPEMINSTAR:
2188          case OP_TYPEPLUS:
2189          case OP_TYPEMINPLUS:
2190          case OP_TYPEQUERY:
2191          case OP_TYPEMINQUERY:
2192          case OP_TYPEPOSSTAR:
2193          case OP_TYPEPOSPLUS:
2194          case OP_TYPEPOSQUERY:
2195          if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2196          break;
2197    
2198          case OP_TYPEPOSUPTO:
2199          case OP_TYPEUPTO:
2200          case OP_TYPEMINUPTO:
2201          case OP_TYPEEXACT:
2202          if (code[1 + IMM2_SIZE] == OP_PROP
2203            || code[1 + IMM2_SIZE] == OP_NOTPROP) code += 2;
2204          break;
2205    
2206          case OP_MARK:
2207          case OP_PRUNE_ARG:
2208          case OP_SKIP_ARG:
2209          code += code[1];
2210          break;
2211    
2212          case OP_THEN_ARG:
2213          code += code[1];
2214          break;
2215          }
2216    
2217  #ifdef SUPPORT_UTF8      /* Add in the fixed length from the table */
2218    
2219        code += PRIV(OP_lengths)[c];
2220    
2221      /* In UTF-8 mode, opcodes that are followed by a character may be followed      /* In UTF-8 mode, opcodes that are followed by a character may be followed
2222      by a multi-byte character. The length in the table is a minimum, so we have      by a multi-byte character. The length in the table is a minimum, so we have
2223      to scan along to skip the extra bytes. All opcodes are less than 128, so we      to arrange to skip the extra bytes. */
     can use relatively efficient code. */  
2224    
2225      if (utf8) switch(c)  #ifdef SUPPORT_UTF
2226        if (utf) switch(c)
2227        {        {
2228        case OP_CHAR:        case OP_CHAR:
2229        case OP_CHARNC:        case OP_CHARI:
2230          case OP_NOT:
2231          case OP_NOTI:
2232        case OP_EXACT:        case OP_EXACT:
2233          case OP_EXACTI:
2234          case OP_NOTEXACT:
2235          case OP_NOTEXACTI:
2236        case OP_UPTO:        case OP_UPTO:
2237          case OP_UPTOI:
2238          case OP_NOTUPTO:
2239          case OP_NOTUPTOI:
2240        case OP_MINUPTO:        case OP_MINUPTO:
2241          case OP_MINUPTOI:
2242          case OP_NOTMINUPTO:
2243          case OP_NOTMINUPTOI:
2244          case OP_POSUPTO:
2245          case OP_POSUPTOI:
2246          case OP_NOTPOSUPTO:
2247          case OP_NOTPOSUPTOI:
2248        case OP_STAR:        case OP_STAR:
2249          case OP_STARI:
2250          case OP_NOTSTAR:
2251          case OP_NOTSTARI:
2252        case OP_MINSTAR:        case OP_MINSTAR:
2253          case OP_MINSTARI:
2254          case OP_NOTMINSTAR:
2255          case OP_NOTMINSTARI:
2256          case OP_POSSTAR:
2257          case OP_POSSTARI:
2258          case OP_NOTPOSSTAR:
2259          case OP_NOTPOSSTARI:
2260        case OP_PLUS:        case OP_PLUS:
2261          case OP_PLUSI:
2262          case OP_NOTPLUS:
2263          case OP_NOTPLUSI:
2264        case OP_MINPLUS:        case OP_MINPLUS:
2265          case OP_MINPLUSI:
2266          case OP_NOTMINPLUS:
2267          case OP_NOTMINPLUSI:
2268          case OP_POSPLUS:
2269          case OP_POSPLUSI:
2270          case OP_NOTPOSPLUS:
2271          case OP_NOTPOSPLUSI:
2272        case OP_QUERY:        case OP_QUERY:
2273          case OP_QUERYI:
2274          case OP_NOTQUERY:
2275          case OP_NOTQUERYI:
2276        case OP_MINQUERY:        case OP_MINQUERY:
2277        while ((*code & 0xc0) == 0x80) code++;        case OP_MINQUERYI:
2278        break;        case OP_NOTMINQUERY:
2279          case OP_NOTMINQUERYI:
2280        /* XCLASS is used for classes that cannot be represented just by a bit        case OP_POSQUERY:
2281        map. This includes negated single high-valued characters. The length in        case OP_POSQUERYI:
2282        the table is zero; the actual length is stored in the compiled code. */        case OP_NOTPOSQUERY:
2283          case OP_NOTPOSQUERYI:
2284        case OP_XCLASS:        if (HAS_EXTRALEN(code[-1])) code += GET_EXTRALEN(code[-1]);
       code += GET(code, 1) + 1;  
2285        break;        break;
2286        }        }
2287    #else
2288        (void)(utf);  /* Keep compiler happy by referencing function argument */
2289  #endif  #endif
2290      }      }
2291    }    }
# Line 1165  for (;;) Line 2298  for (;;)
2298  *************************************************/  *************************************************/
2299    
2300  /* This function scans through a branch of a compiled pattern to see whether it  /* This function scans through a branch of a compiled pattern to see whether it
2301  can match the empty string or not. It is called only from could_be_empty()  can match the empty string or not. It is called from could_be_empty()
2302  below. Note that first_significant_code() skips over assertions. If we hit an  below and from compile_branch() when checking for an unlimited repeat of a
2303  unclosed bracket, we return "empty" - this means we've struck an inner bracket  group that can match nothing. Note that first_significant_code() skips over
2304  whose current branch will already have been scanned.  backward and negative forward assertions when its final argument is TRUE. If we
2305    hit an unclosed bracket, we return "empty" - this means we've struck an inner
2306    bracket whose current branch will already have been scanned.
2307    
2308  Arguments:  Arguments:
2309    code        points to start of search    code        points to start of search
2310    endcode     points to where to stop    endcode     points to where to stop
2311    utf8        TRUE if in UTF8 mode    utf         TRUE if in UTF-8 / UTF-16 mode
2312      cd          contains pointers to tables etc.
2313    
2314  Returns:      TRUE if what is matched could be empty  Returns:      TRUE if what is matched could be empty
2315  */  */
2316    
2317  static BOOL  static BOOL
2318  could_be_empty_branch(const uschar *code, const uschar *endcode, BOOL utf8)  could_be_empty_branch(const pcre_uchar *code, const pcre_uchar *endcode,
2319      BOOL utf, compile_data *cd)
2320  {  {
2321  register int c;  register int c;
2322  for (code = first_significant_code(code + 1 + LINK_SIZE, NULL, 0, TRUE);  for (code = first_significant_code(code + PRIV(OP_lengths)[*code], TRUE);
2323       code < endcode;       code < endcode;
2324       code = first_significant_code(code + _pcre_OP_lengths[c], NULL, 0, TRUE))       code = first_significant_code(code + PRIV(OP_lengths)[c], TRUE))
2325    {    {
2326    const uschar *ccode;    const pcre_uchar *ccode;
2327    
2328    c = *code;    c = *code;
2329    
2330    if (c >= OP_BRA)    /* Skip over forward assertions; the other assertions are skipped by
2331      {    first_significant_code() with a TRUE final argument. */
2332      BOOL empty_branch;  
2333      if (GET(code, 1) == 0) return TRUE;    /* Hit unclosed bracket */    if (c == OP_ASSERT)
2334        {
2335      /* Scan a closed bracket */      do code += GET(code, 1); while (*code == OP_ALT);
2336        c = *code;
2337        continue;
2338        }
2339    
2340      /* For a recursion/subroutine call, if its end has been reached, which
2341      implies a backward reference subroutine call, we can scan it. If it's a
2342      forward reference subroutine call, we can't. To detect forward reference
2343      we have to scan up the list that is kept in the workspace. This function is
2344      called only when doing the real compile, not during the pre-compile that
2345      measures the size of the compiled pattern. */
2346    
2347      if (c == OP_RECURSE)
2348        {
2349        const pcre_uchar *scode;
2350        BOOL empty_branch;
2351    
2352        /* Test for forward reference */
2353    
2354        for (scode = cd->start_workspace; scode < cd->hwm; scode += LINK_SIZE)
2355          if (GET(scode, 0) == code + 1 - cd->start_code) return TRUE;
2356    
2357        /* Not a forward reference, test for completed backward reference */
2358    
2359        empty_branch = FALSE;
2360        scode = cd->start_code + GET(code, 1);
2361        if (GET(scode, 1) == 0) return TRUE;    /* Unclosed */
2362    
2363        /* Completed backwards reference */
2364    
     empty_branch = FALSE;  
2365      do      do
2366        {        {
2367        if (!empty_branch && could_be_empty_branch(code, endcode, utf8))        if (could_be_empty_branch(scode, endcode, utf, cd))
2368            {
2369          empty_branch = TRUE;          empty_branch = TRUE;
2370            break;
2371            }
2372          scode += GET(scode, 1);
2373          }
2374        while (*scode == OP_ALT);
2375    
2376        if (!empty_branch) return FALSE;  /* All branches are non-empty */
2377        continue;
2378        }
2379    
2380      /* Groups with zero repeats can of course be empty; skip them. */
2381    
2382      if (c == OP_BRAZERO || c == OP_BRAMINZERO || c == OP_SKIPZERO ||
2383          c == OP_BRAPOSZERO)
2384        {
2385        code += PRIV(OP_lengths)[c];
2386        do code += GET(code, 1); while (*code == OP_ALT);
2387        c = *code;
2388        continue;
2389        }
2390    
2391      /* A nested group that is already marked as "could be empty" can just be
2392      skipped. */
2393    
2394      if (c == OP_SBRA  || c == OP_SBRAPOS ||
2395          c == OP_SCBRA || c == OP_SCBRAPOS)
2396        {
2397        do code += GET(code, 1); while (*code == OP_ALT);
2398        c = *code;
2399        continue;
2400        }
2401    
2402      /* For other groups, scan the branches. */
2403    
2404      if (c == OP_BRA  || c == OP_BRAPOS ||
2405          c == OP_CBRA || c == OP_CBRAPOS ||
2406          c == OP_ONCE || c == OP_ONCE_NC ||
2407          c == OP_COND)
2408        {
2409        BOOL empty_branch;
2410        if (GET(code, 1) == 0) return TRUE;    /* Hit unclosed bracket */
2411    
2412        /* If a conditional group has only one branch, there is a second, implied,
2413        empty branch, so just skip over the conditional, because it could be empty.
2414        Otherwise, scan the individual branches of the group. */
2415    
2416        if (c == OP_COND && code[GET(code, 1)] != OP_ALT)
2417        code += GET(code, 1);        code += GET(code, 1);
2418        else
2419          {
2420          empty_branch = FALSE;
2421          do
2422            {
2423            if (!empty_branch && could_be_empty_branch(code, endcode, utf, cd))
2424              empty_branch = TRUE;
2425            code += GET(code, 1);
2426            }
2427          while (*code == OP_ALT);
2428          if (!empty_branch) return FALSE;   /* All branches are non-empty */
2429        }        }
2430      while (*code == OP_ALT);  
     if (!empty_branch) return FALSE;   /* All branches are non-empty */  
     code += 1 + LINK_SIZE;  
2431      c = *code;      c = *code;
2432        continue;
2433      }      }
2434    
2435    else switch (c)    /* Handle the other opcodes */
2436    
2437      switch (c)
2438      {      {
2439      /* Check for quantifiers after a class */      /* Check for quantifiers after a class. XCLASS is used for classes that
2440        cannot be represented just by a bit map. This includes negated single
2441        high-valued characters. The length in PRIV(OP_lengths)[] is zero; the
2442        actual length is stored in the compiled code, so we must update "code"
2443        here. */
2444    
2445  #ifdef SUPPORT_UTF8  #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
2446      case OP_XCLASS:      case OP_XCLASS:
2447      ccode = code + GET(code, 1);      ccode = code += GET(code, 1);
2448      goto CHECK_CLASS_REPEAT;      goto CHECK_CLASS_REPEAT;
2449  #endif  #endif
2450    
2451      case OP_CLASS:      case OP_CLASS:
2452      case OP_NCLASS:      case OP_NCLASS:
2453      ccode = code + 33;      ccode = code + PRIV(OP_lengths)[OP_CLASS];
2454    
2455  #ifdef SUPPORT_UTF8  #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
2456      CHECK_CLASS_REPEAT:      CHECK_CLASS_REPEAT:
2457  #endif  #endif
2458    
# Line 1260  for (code = first_significant_code(code Line 2488  for (code = first_significant_code(code
2488      case OP_NOT_WORDCHAR:      case OP_NOT_WORDCHAR:
2489      case OP_WORDCHAR:      case OP_WORDCHAR:
2490      case OP_ANY:      case OP_ANY:
2491        case OP_ALLANY:
2492      case OP_ANYBYTE:      case OP_ANYBYTE:
2493      case OP_CHAR:      case OP_CHAR:
2494      case OP_CHARNC:      case OP_CHARI:
2495      case OP_NOT:      case OP_NOT:
2496        case OP_NOTI:
2497      case OP_PLUS:      case OP_PLUS:
2498      case OP_MINPLUS:      case OP_MINPLUS:
2499        case OP_POSPLUS:
2500      case OP_EXACT:      case OP_EXACT:
2501      case OP_NOTPLUS:      case OP_NOTPLUS:
2502      case OP_NOTMINPLUS:      case OP_NOTMINPLUS:
2503        case OP_NOTPOSPLUS:
2504      case OP_NOTEXACT:      case OP_NOTEXACT:
2505      case OP_TYPEPLUS:      case OP_TYPEPLUS:
2506      case OP_TYPEMINPLUS:      case OP_TYPEMINPLUS:
2507        case OP_TYPEPOSPLUS:
2508      case OP_TYPEEXACT:      case OP_TYPEEXACT:
2509      return FALSE;      return FALSE;
2510    
2511        /* These are going to continue, as they may be empty, but we have to
2512        fudge the length for the \p and \P cases. */
2513    
2514        case OP_TYPESTAR:
2515        case OP_TYPEMINSTAR:
2516        case OP_TYPEPOSSTAR:
2517        case OP_TYPEQUERY:
2518        case OP_TYPEMINQUERY:
2519        case OP_TYPEPOSQUERY:
2520        if (code[1] == OP_PROP || code[1] == OP_NOTPROP) code += 2;
2521        break;
2522    
2523        /* Same for these */
2524    
2525        case OP_TYPEUPTO:
2526        case OP_TYPEMINUPTO:
2527        case OP_TYPEPOSUPTO:
2528        if (code[1 + IMM2_SIZE] == OP_PROP
2529          || code[1 + IMM2_SIZE] == OP_NOTPROP) code += 2;
2530        break;
2531    
2532      /* End of branch */      /* End of branch */
2533    
2534      case OP_KET:      case OP_KET:
2535      case OP_KETRMAX:      case OP_KETRMAX:
2536      case OP_KETRMIN:      case OP_KETRMIN:
2537        case OP_KETRPOS:
2538      case OP_ALT:      case OP_ALT:
2539      return TRUE;      return TRUE;
2540    
2541      /* In UTF-8 mode, STAR, MINSTAR, QUERY, MINQUERY, UPTO, and MINUPTO  may be      /* In UTF-8 mode, STAR, MINSTAR, POSSTAR, QUERY, MINQUERY, POSQUERY, UPTO,
2542      followed by a multibyte character */      MINUPTO, and POSUPTO may be followed by a multibyte character */
2543    
2544  #ifdef SUPPORT_UTF8  #ifdef SUPPORT_UTF
2545      case OP_STAR:      case OP_STAR:
2546        case OP_STARI:
2547      case OP_MINSTAR:      case OP_MINSTAR:
2548        case OP_MINSTARI:
2549        case OP_POSSTAR:
2550        case OP_POSSTARI:
2551      case OP_QUERY:      case OP_QUERY:
2552        case OP_QUERYI:
2553      case OP_MINQUERY:      case OP_MINQUERY:
2554        case OP_MINQUERYI:
2555        case OP_POSQUERY:
2556        case OP_POSQUERYI:
2557        if (utf && HAS_EXTRALEN(code[1])) code += GET_EXTRALEN(code[1]);
2558        break;
2559    
2560      case OP_UPTO:      case OP_UPTO:
2561        case OP_UPTOI:
2562      case OP_MINUPTO:      case OP_MINUPTO:
2563      if (utf8) while ((code[2] & 0xc0) == 0x80) code++;      case OP_MINUPTOI:
2564        case OP_POSUPTO:
2565        case OP_POSUPTOI:
2566        if (utf && HAS_EXTRALEN(code[1 + IMM2_SIZE])) code += GET_EXTRALEN(code[1 + IMM2_SIZE]);
2567      break;      break;
2568  #endif  #endif
2569    
2570        /* MARK, and PRUNE/SKIP/THEN with an argument must skip over the argument
2571        string. */
2572    
2573        case OP_MARK:
2574        case OP_PRUNE_ARG:
2575        case OP_SKIP_ARG:
2576        code += code[1];
2577        break;
2578    
2579        case OP_THEN_ARG:
2580        code += code[1];
2581        break;
2582    
2583        /* None of the remaining opcodes are required to match a character. */
2584    
2585        default:
2586        break;
2587      }      }
2588    }    }
2589    
# Line 1312  return TRUE; Line 2600  return TRUE;
2600  the current branch of the current pattern to see if it could match the empty  the current branch of the current pattern to see if it could match the empty
2601  string. If it could, we must look outwards for branches at other levels,  string. If it could, we must look outwards for branches at other levels,
2602  stopping when we pass beyond the bracket which is the subject of the recursion.  stopping when we pass beyond the bracket which is the subject of the recursion.
2603    This function is called only during the real compile, not during the
2604    pre-compile.
2605    
2606  Arguments:  Arguments:
2607    code        points to start of the recursion    code        points to start of the recursion
2608    endcode     points to where to stop (current RECURSE item)    endcode     points to where to stop (current RECURSE item)
2609    bcptr       points to the chain of current (unclosed) branch starts    bcptr       points to the chain of current (unclosed) branch starts
2610    utf8        TRUE if in UTF-8 mode    utf         TRUE if in UTF-8 / UTF-16 mode
2611      cd          pointers to tables etc
2612    
2613  Returns:      TRUE if what is matched could be empty  Returns:      TRUE if what is matched could be empty
2614  */  */
2615    
2616  static BOOL  static BOOL
2617  could_be_empty(const uschar *code, const uschar *endcode, branch_chain *bcptr,  could_be_empty(const pcre_uchar *code, const pcre_uchar *endcode,
2618    BOOL utf8)    branch_chain *bcptr, BOOL utf, compile_data *cd)
2619  {  {
2620  while (bcptr != NULL && bcptr->current >= code)  while (bcptr != NULL && bcptr->current_branch >= code)
2621    {    {
2622    if (!could_be_empty_branch(bcptr->current, endcode, utf8)) return FALSE;    if (!could_be_empty_branch(bcptr->current_branch, endcode, utf, cd))
2623        return FALSE;
2624    bcptr = bcptr->outer;    bcptr = bcptr->outer;
2625    }    }
2626  return TRUE;  return TRUE;
# Line 1341  return TRUE; Line 2633  return TRUE;
2633  *************************************************/  *************************************************/
2634    
2635  /* This function is called when the sequence "[:" or "[." or "[=" is  /* This function is called when the sequence "[:" or "[." or "[=" is
2636  encountered in a character class. It checks whether this is followed by an  encountered in a character class. It checks whether this is followed by a
2637  optional ^ and then a sequence of letters, terminated by a matching ":]" or  sequence of characters terminated by a matching ":]" or ".]" or "=]". If we
2638  ".]" or "=]".  reach an unescaped ']' without the special preceding character, return FALSE.
2639    
2640    Originally, this function only recognized a sequence of letters between the
2641    terminators, but it seems that Perl recognizes any sequence of characters,
2642    though of course unknown POSIX names are subsequently rejected. Perl gives an
2643    "Unknown POSIX class" error for [:f\oo:] for example, where previously PCRE
2644    didn't consider this to be a POSIX class. Likewise for [:1234:].
2645    
2646    The problem in trying to be exactly like Perl is in the handling of escapes. We
2647    have to be sure that [abc[:x\]pqr] is *not* treated as containing a POSIX
2648    class, but [abc[:x\]pqr:]] is (so that an error can be generated). The code
2649    below handles the special case of \], but does not try to do any other escape
2650    processing. This makes it different from Perl for cases such as [:l\ower:]
2651    where Perl recognizes it as the POSIX class "lower" but PCRE does not recognize
2652    "l\ower". This is a lesser evil that not diagnosing bad classes when Perl does,
2653    I think.
2654    
2655    A user pointed out that PCRE was rejecting [:a[:digit:]] whereas Perl was not.
2656    It seems that the appearance of a nested POSIX class supersedes an apparent
2657    external class. For example, [:a[:digit:]b:] matches "a", "b", ":", or
2658    a digit.
2659    
2660    In Perl, unescaped square brackets may also appear as part of class names. For
2661    example, [:a[:abc]b:] gives unknown POSIX class "[:abc]b:]". However, for
2662    [:a[:abc]b][b:] it gives unknown POSIX class "[:abc]b][b:]", which does not
2663    seem right at all. PCRE does not allow closing square brackets in POSIX class
2664    names.
2665    
2666  Argument:  Arguments:
2667    ptr      pointer to the initial [    ptr      pointer to the initial [
2668    endptr   where to return the end pointer    endptr   where to return the end pointer
   cd       pointer to compile data  
2669    
2670  Returns:   TRUE or FALSE  Returns:   TRUE or FALSE
2671  */  */
2672    
2673  static BOOL  static BOOL
2674  check_posix_syntax(const uschar *ptr, const uschar **endptr, compile_data *cd)  check_posix_syntax(const pcre_uchar *ptr, const pcre_uchar **endptr)
2675  {  {
2676  int terminator;          /* Don't combine these lines; the Solaris cc */  int terminator;          /* Don't combine these lines; the Solaris cc */
2677  terminator = *(++ptr);   /* compiler warns about "non-constant" initializer. */  terminator = *(++ptr);   /* compiler warns about "non-constant" initializer. */
2678  if (*(++ptr) == '^') ptr++;  for (++ptr; *ptr != 0; ptr++)
 while ((cd->ctypes[*ptr] & ctype_letter) != 0) ptr++;  
 if (*ptr == terminator && ptr[1] == ']')  
2679    {    {
2680    *endptr = ptr;    if (*ptr == CHAR_BACKSLASH && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
2681    return TRUE;      ptr++;
2682      else if (*ptr == CHAR_RIGHT_SQUARE_BRACKET) return FALSE;
2683      else
2684        {
2685        if (*ptr == terminator && ptr[1] == CHAR_RIGHT_SQUARE_BRACKET)
2686          {
2687          *endptr = ptr;
2688          return TRUE;
2689          }
2690        if (*ptr == CHAR_LEFT_SQUARE_BRACKET &&
2691             (ptr[1] == CHAR_COLON || ptr[1] == CHAR_DOT ||
2692              ptr[1] == CHAR_EQUALS_SIGN) &&
2693            check_posix_syntax(ptr, endptr))
2694          return FALSE;
2695        }
2696    }    }
2697  return FALSE;  return FALSE;
2698  }  }
# Line 1386  Returns:     a value representing the na Line 2715  Returns:     a value representing the na
2715  */  */
2716    
2717  static int  static int
2718  check_posix_name(const uschar *ptr, int len)  check_posix_name(const pcre_uchar *ptr, int len)
2719  {  {
2720    const char *pn = posix_names;
2721  register int yield = 0;  register int yield = 0;
2722  while (posix_name_lengths[yield] != 0)  while (posix_name_lengths[yield] != 0)
2723    {    {
2724    if (len == posix_name_lengths[yield] &&    if (len == posix_name_lengths[yield] &&
2725      strncmp((const char *)ptr, posix_names[yield], len) == 0) return yield;      STRNCMP_UC_C8(ptr, pn, len) == 0) return yield;
2726      pn += posix_name_lengths[yield] + 1;
2727    yield++;    yield++;
2728    }    }
2729  return -1;  return -1;
# Line 1407  return -1; Line 2738  return -1;
2738  that is referenced. This means that groups can be replicated for fixed  that is referenced. This means that groups can be replicated for fixed
2739  repetition simply by copying (because the recursion is allowed to refer to  repetition simply by copying (because the recursion is allowed to refer to
2740  earlier groups that are outside the current group). However, when a group is  earlier groups that are outside the current group). However, when a group is
2741  optional (i.e. the minimum quantifier is zero), OP_BRAZERO is inserted before  optional (i.e. the minimum quantifier is zero), OP_BRAZERO or OP_SKIPZERO is
2742  it, after it has been compiled. This means that any OP_RECURSE items within it  inserted before it, after it has been compiled. This means that any OP_RECURSE
2743  that refer to the group itself or any contained groups have to have their  items within it that refer to the group itself or any contained groups have to
2744  offsets adjusted. That is the job of this function. Before it is called, the  have their offsets adjusted. That one of the jobs of this function. Before it
2745  partially compiled regex must be temporarily terminated with OP_END.  is called, the partially compiled regex must be temporarily terminated with
2746    OP_END.
2747    
2748    This function has been extended with the possibility of forward references for
2749    recursions and subroutine calls. It must also check the list of such references
2750    for the group we are dealing with. If it finds that one of the recursions in
2751    the current group is on this list, it adjusts the offset in the list, not the
2752    value in the reference (which is a group number).
2753    
2754  Arguments:  Arguments:
2755    group      points to the start of the group    group      points to the start of the group
2756    adjust     the amount by which the group is to be moved    adjust     the amount by which the group is to be moved
2757    utf8       TRUE in UTF-8 mode    utf        TRUE in UTF-8 / UTF-16 mode
2758    cd         contains pointers to tables etc.    cd         contains pointers to tables etc.
2759      save_hwm   the hwm forward reference pointer at the start of the group
2760    
2761  Returns:     nothing  Returns:     nothing
2762  */  */
2763    
2764  static void  static void
2765  adjust_recurse(uschar *group, int adjust, BOOL utf8, compile_data *cd)  adjust_recurse(pcre_uchar *group, int adjust, BOOL utf, compile_data *cd,
2766      pcre_uchar *save_hwm)
2767  {  {
2768  uschar *ptr = group;  pcre_uchar *ptr = group;
2769  while ((ptr = (uschar *)find_recurse(ptr, utf8)) != NULL)  
2770    while ((ptr = (pcre_uchar *)find_recurse(ptr, utf)) != NULL)
2771    {    {
2772    int offset = GET(ptr, 1);    int offset;
2773    if (cd->start_code + offset >= group) PUT(ptr, 1, offset + adjust);    pcre_uchar *hc;
2774    
2775      /* See if this recursion is on the forward reference list. If so, adjust the
2776      reference. */
2777    
2778      for (hc = save_hwm; hc < cd->hwm; hc += LINK_SIZE)
2779        {
2780        offset = GET(hc, 0);
2781        if (cd->start_code + offset == ptr + 1)
2782          {
2783          PUT(hc, 0, offset + adjust);
2784          break;
2785          }
2786        }
2787    
2788      /* Otherwise, adjust the recursion offset if it's after the start of this
2789      group. */
2790    
2791      if (hc >= cd->hwm)
2792        {
2793        offset = GET(ptr, 1);
2794        if (cd->start_code + offset >= group) PUT(ptr, 1, offset + adjust);
2795        }
2796    
2797    ptr += 1 + LINK_SIZE;    ptr += 1 + LINK_SIZE;
2798    }    }
2799  }  }
# Line 1451  Arguments: Line 2815  Arguments:
2815  Returns:         new code pointer  Returns:         new code pointer
2816  */  */
2817    
2818  static uschar *  static pcre_uchar *
2819  auto_callout(uschar *code, const uschar *ptr, compile_data *cd)  auto_callout(pcre_uchar *code, const pcre_uchar *ptr, compile_data *cd)
2820  {  {
2821  *code++ = OP_CALLOUT;  *code++ = OP_CALLOUT;
2822  *code++ = 255;  *code++ = 255;
2823  PUT(code, 0, ptr - cd->start_pattern);  /* Pattern offset */  PUT(code, 0, (int)(ptr - cd->start_pattern));  /* Pattern offset */
2824  PUT(code, LINK_SIZE, 0);                /* Default length */  PUT(code, LINK_SIZE, 0);                       /* Default length */
2825  return code + 2*LINK_SIZE;  return code + 2 * LINK_SIZE;
2826  }  }
2827    
2828    
# Line 1480  Returns:             nothing Line 2844  Returns:             nothing
2844  */  */
2845    
2846  static void  static void
2847  complete_callout(uschar *previous_callout, const uschar *ptr, compile_data *cd)  complete_callout(pcre_uchar *previous_callout, const pcre_uchar *ptr, compile_data *cd)
2848  {  {
2849  int length = ptr - cd->start_pattern - GET(previous_callout, 2);  int length = (int)(ptr - cd->start_pattern - GET(previous_callout, 2));
2850  PUT(previous_callout, 2 + LINK_SIZE, length);  PUT(previous_callout, 2 + LINK_SIZE, length);
2851  }  }
2852    
# Line 1508  Yield:        TRUE when range returned; Line 2872  Yield:        TRUE when range returned;
2872  */  */
2873    
2874  static BOOL  static BOOL
2875  get_othercase_range(int *cptr, int d, int *ocptr, int *odptr)  get_othercase_range(unsigned int *cptr, unsigned int d, unsigned int *ocptr,
2876      unsigned int *odptr)
2877  {  {
2878  int c, othercase, next;  unsigned int c, othercase, next;
2879    
2880  for (c = *cptr; c <= d; c++)  for (c = *cptr; c <= d; c++)
2881    { if ((othercase = _pcre_ucp_othercase(c)) >= 0) break; }    { if ((othercase = UCD_OTHERCASE(c)) != c) break; }
2882    
2883  if (c > d) return FALSE;  if (c > d) return FALSE;
2884    
# Line 1522  next = othercase + 1; Line 2887  next = othercase + 1;
2887    
2888  for (++c; c <= d; c++)  for (++c; c <= d; c++)
2889    {    {
2890    if (_pcre_ucp_othercase(c) != next) break;    if (UCD_OTHERCASE(c) != next) break;
2891    next++;    next++;
2892    }    }
2893    
# Line 1531  for (++c; c <= d; c++) Line 2896  for (++c; c <= d; c++)
2896    
2897  return TRUE;  return TRUE;
2898  }  }
2899  #endif  /* SUPPORT_UCP */  
2900    
2901    
2902  /*************************************************  /*************************************************
2903  *           Compile one branch                   *  *        Check a character and a property        *
2904  *************************************************/  *************************************************/
2905    
2906  /* Scan the pattern, compiling it into the code vector. If the options are  /* This function is called by check_auto_possessive() when a property item
2907  changed during the branch, the pointer is used to change the external options  is adjacent to a fixed character.
 bits.  
2908    
2909  Arguments:  Arguments:
2910    optionsptr     pointer to the option bits    c            the character
2911    brackets       points to number of extracting brackets used    ptype        the property type
2912    codeptr        points to the pointer to the current code point    pdata        the data for the type
2913    ptrptr         points to the current pattern pointer    negated      TRUE if it's a negated property (\P or \p{^)
   errorcodeptr   points to error code variable  
   firstbyteptr   set to initial literal character, or < 0 (REQ_UNSET, REQ_NONE)  
   reqbyteptr     set to the last literal character required, else < 0  
   bcptr          points to current branch chain  
   cd             contains pointers to tables etc.  
2914    
2915  Returns:         TRUE on success  Returns:       TRUE if auto-possessifying is OK
                  FALSE, with *errorcodeptr set non-zero on error  
2916  */  */
2917    
2918  static BOOL  static BOOL
2919  compile_branch(int *optionsptr, int *brackets, uschar **codeptr,  check_char_prop(int c, int ptype, int pdata, BOOL negated)
   const uschar **ptrptr, int *errorcodeptr, int *firstbyteptr,  
   int *reqbyteptr, branch_chain *bcptr, compile_data *cd)  
2920  {  {
2921  int repeat_type, op_type;  const ucd_record *prop = GET_UCD(c);
2922  int repeat_min = 0, repeat_max = 0;      /* To please picky compilers */  switch(ptype)
2923  int bravalue = 0;    {
2924  int greedy_default, greedy_non_default;    case PT_LAMP:
2925  int firstbyte, reqbyte;    return (prop->chartype == ucp_Lu ||
2926  int zeroreqbyte, zerofirstbyte;            prop->chartype == ucp_Ll ||
2927  int req_caseopt, reqvary, tempreqvary;            prop->chartype == ucp_Lt) == negated;
2928  int condcount = 0;  
2929  int options = *optionsptr;    case PT_GC:
2930  int after_manual_callout = 0;    return (pdata == PRIV(ucp_gentype)[prop->chartype]) == negated;
2931  register int c;  
2932  register uschar *code = *codeptr;    case PT_PC:
2933  uschar *tempcode;    return (pdata == prop->chartype) == negated;
2934  BOOL inescq = FALSE;  
2935  BOOL groupsetfirstbyte = FALSE;    case PT_SC:
2936  const uschar *ptr = *ptrptr;    return (pdata == prop->script) == negated;
2937  const uschar *tempptr;  
2938  uschar *previous = NULL;    /* These are specials */
2939  uschar *previous_callout = NULL;  
2940  uschar classbits[32];    case PT_ALNUM:
2941      return (PRIV(ucp_gentype)[prop->chartype] == ucp_L ||
2942  #ifdef SUPPORT_UTF8            PRIV(ucp_gentype)[prop->chartype] == ucp_N) == negated;
2943  BOOL class_utf8;  
2944  BOOL utf8 = (options & PCRE_UTF8) != 0;    case PT_SPACE:    /* Perl space */
2945  uschar *class_utf8data;    return (PRIV(ucp_gentype)[prop->chartype] == ucp_Z ||
2946  uschar utf8_char[6];            c == CHAR_HT || c == CHAR_NL || c == CHAR_FF || c == CHAR_CR)
2947  #else            == negated;
2948  BOOL utf8 = FALSE;  
2949  #endif    case PT_PXSPACE:  /* POSIX space */
2950      return (PRIV(ucp_gentype)[prop->chartype] == ucp_Z ||
2951              c == CHAR_HT || c == CHAR_NL || c == CHAR_VT ||
2952              c == CHAR_FF || c == CHAR_CR)
2953              == negated;
2954    
2955      case PT_WORD:
2956      return (PRIV(ucp_gentype)[prop->chartype] == ucp_L ||
2957              PRIV(ucp_gentype)[prop->chartype] == ucp_N ||
2958              c == CHAR_UNDERSCORE) == negated;
2959      }
2960    return FALSE;
2961    }
2962    #endif  /* SUPPORT_UCP */
2963    
 /* Set up the default and non-default settings for greediness */  
2964    
 greedy_default = ((options & PCRE_UNGREEDY) != 0);  
 greedy_non_default = greedy_default ^ 1;  
2965    
2966  /* Initialize no first byte, no required byte. REQ_UNSET means "no char  /*************************************************
2967  matching encountered yet". It gets changed to REQ_NONE if we hit something that  *     Check if auto-possessifying is possible    *
2968  matches a non-fixed char first char; reqbyte just remains unset if we never  *************************************************/
 find one.  
2969    
2970  When we hit a repeat whose minimum is zero, we may have to adjust these values  /* This function is called for unlimited repeats of certain items, to see
2971  to take the zero repeat into account. This is implemented by setting them to  whether the next thing could possibly match the repeated item. If not, it makes
2972  zerofirstbyte and zeroreqbyte when such a repeat is encountered. The individual  sense to automatically possessify the repeated item.
 item types that can be repeated set these backoff variables appropriately. */  
2973    
2974  firstbyte = reqbyte = zerofirstbyte = zeroreqbyte = REQ_UNSET;  Arguments:
2975      previous      pointer to the repeated opcode
2976      utf           TRUE in UTF-8 / UTF-16 mode
2977      ptr           next character in pattern
2978      options       options bits
2979      cd            contains pointers to tables etc.
2980    
2981  /* The variable req_caseopt contains either the REQ_CASELESS value or zero,  Returns:        TRUE if possessifying is wanted
2982  according to the current setting of the caseless flag. REQ_CASELESS is a bit  */
 value > 255. It is added into the firstbyte or reqbyte variables to record the  
 case status of the value. This is used only for ASCII characters. */  
2983    
2984  req_caseopt = ((options & PCRE_CASELESS) != 0)? REQ_CASELESS : 0;  static BOOL
2985    check_auto_possessive(const pcre_uchar *previous, BOOL utf,
2986      const pcre_uchar *ptr, int options, compile_data *cd)
2987    {
2988    pcre_int32 c, next;
2989    int op_code = *previous++;
2990    
2991  /* Switch on next character until the end of the branch */  /* Skip whitespace and comments in extended mode */
2992    
2993  for (;; ptr++)  if ((options & PCRE_EXTENDED) != 0)
2994    {    {
2995    BOOL negate_class;    for (;;)
2996    BOOL possessive_quantifier;      {
2997    BOOL is_quantifier;      while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_space) != 0) ptr++;
2998    int class_charcount;      if (*ptr == CHAR_NUMBER_SIGN)
2999    int class_lastchar;        {
3000    int newoptions;        ptr++;
3001    int recno;        while (*ptr != 0)
3002    int skipbytes;          {
3003    int subreqbyte;          if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }
3004    int subfirstbyte;          ptr++;
3005    int mclength;  #ifdef SUPPORT_UTF
3006    uschar mcbuffer[8];          if (utf) FORWARDCHAR(ptr);
3007    #endif
3008            }
3009          }
3010        else break;
3011        }
3012      }
3013    
3014    /* Next byte in the pattern */  /* If the next item is one that we can handle, get its value. A non-negative
3015    value is a character, a negative value is an escape value. */
3016    
3017    c = *ptr;  if (*ptr == CHAR_BACKSLASH)
3018      {
3019      int temperrorcode = 0;
3020      next = check_escape(&ptr, &temperrorcode, cd->bracount, options, FALSE);
3021      if (temperrorcode != 0) return FALSE;
3022      ptr++;    /* Point after the escape sequence */
3023      }
3024    else if (!MAX_255(*ptr) || (cd->ctypes[*ptr] & ctype_meta) == 0)
3025      {
3026    #ifdef SUPPORT_UTF
3027      if (utf) { GETCHARINC(next, ptr); } else
3028    #endif
3029      next = *ptr++;
3030      }
3031    else return FALSE;
3032    
3033    /* If in \Q...\E, check for the end; if not, we have a literal */  /* Skip whitespace and comments in extended mode */
3034    
3035    if (inescq && c != 0)  if ((options & PCRE_EXTENDED) != 0)
3036      {
3037      for (;;)
3038      {      {
3039      if (c == '\\' && ptr[1] == 'E')      while (MAX_255(*ptr) && (cd->ctypes[*ptr] & ctype_space) != 0) ptr++;
3040        if (*ptr == CHAR_NUMBER_SIGN)
3041        {        {
       inescq = FALSE;  
3042        ptr++;        ptr++;
3043        continue;        while (*ptr != 0)
       }  
     else  
       {  
       if (previous_callout != NULL)  
3044          {          {
3045          complete_callout(previous_callout, ptr, cd);          if (IS_NEWLINE(ptr)) { ptr += cd->nllen; break; }
3046          previous_callout = NULL;          ptr++;
3047          }  #ifdef SUPPORT_UTF
3048        if ((options & PCRE_AUTO_CALLOUT) != 0)          if (utf) FORWARDCHAR(ptr);
3049          {  #endif
         previous_callout = code;  
         code = auto_callout(code, ptr, cd);  
3050          }          }
       goto NORMAL_CHAR;  
3051        }        }
3052        else break;
3053      }      }
3054      }
3055    
3056    /* Fill in length of a previous callout, except when the next thing is  /* If the next thing is itself optional, we have to give up. */
   a quantifier. */  
3057    
3058    is_quantifier = c == '*' || c == '+' || c == '?' ||  if (*ptr == CHAR_ASTERISK || *ptr == CHAR_QUESTION_MARK ||
3059      (c == '{' && is_counted_repeat(ptr+1));    STRNCMP_UC_C8(ptr, STR_LEFT_CURLY_BRACKET STR_0 STR_COMMA, 3) == 0)
3060        return FALSE;
3061    
3062    if (!is_quantifier && previous_callout != NULL &&  /* Now compare the next item with the previous opcode. First, handle cases when
3063         after_manual_callout-- <= 0)  the next item is a character. */
3064      {  
3065      complete_callout(previous_callout, ptr, cd);  if (next >= 0) switch(op_code)
3066      previous_callout = NULL;    {
3067      }    case OP_CHAR:
3068    #ifdef SUPPORT_UTF
3069      GETCHARTEST(c, previous);
3070    #else
3071      c = *previous;
3072    #endif
3073      return c != next;
3074    
3075    /* In extended mode, skip white space and comments */    /* For CHARI (caseless character) we must check the other case. If we have
3076      Unicode property support, we can use it to test the other case of
3077      high-valued characters. */
3078    
3079    if ((options & PCRE_EXTENDED) != 0)    case OP_CHARI:
3080    #ifdef SUPPORT_UTF
3081      GETCHARTEST(c, previous);
3082    #else
3083      c = *previous;
3084    #endif
3085      if (c == next) return FALSE;
3086    #ifdef SUPPORT_UTF
3087      if (utf)
3088      {      {
3089      if ((cd->ctypes[c] & ctype_space) != 0) continue;      unsigned int othercase;
3090      if (c == '#')      if (next < 128) othercase = cd->fcc[next]; else
3091        {  #ifdef SUPPORT_UCP
3092        /* The space before the ; is to avoid a warning on a silly compiler      othercase = UCD_OTHERCASE((unsigned int)next);
3093        on the Macintosh. */  #else
3094        while ((c = *(++ptr)) != 0 && c != NEWLINE) ;      othercase = NOTACHAR;
3095        if (c != 0) continue;   /* Else fall through to handle end of string */  #endif
3096        }      return (unsigned int)c != othercase;
3097      }      }
3098      else
3099    #endif  /* SUPPORT_UTF */
3100      return (c != TABLE_GET((unsigned int)next, cd->fcc, next));  /* Non-UTF-8 mode */
3101    
3102    /* No auto callout for quantifiers. */    case OP_NOT:
3103    #ifdef SUPPORT_UTF
3104      GETCHARTEST(c, previous);
3105    #else
3106      c = *previous;
3107    #endif
3108      return c == next;
3109    
3110    if ((options & PCRE_AUTO_CALLOUT) != 0 && !is_quantifier)    case OP_NOTI:
3111    #ifdef SUPPORT_UTF
3112      GETCHARTEST(c, previous);
3113    #else
3114      c = *previous;
3115    #endif
3116      if (c == next) return TRUE;
3117    #ifdef SUPPORT_UTF
3118      if (utf)
3119      {      {
3120      previous_callout = code;      unsigned int othercase;
3121      code = auto_callout(code, ptr, cd);      if (next < 128) othercase = cd->fcc[next]; else
3122    #ifdef SUPPORT_UCP
3123        othercase = UCD_OTHERCASE((unsigned int)next);
3124    #else
3125        othercase = NOTACHAR;
3126    #endif
3127        return (unsigned int)c == othercase;
3128      }      }
3129      else
3130    #endif  /* SUPPORT_UTF */
3131      return (c == TABLE_GET((unsigned int)next, cd->fcc, next));  /* Non-UTF-8 mode */
3132    
3133    switch(c)    /* Note that OP_DIGIT etc. are generated only when PCRE_UCP is *not* set.
3134      {    When it is set, \d etc. are converted into OP_(NOT_)PROP codes. */
     /* The branch terminates at end of string, |, or ). */  
3135    
3136      case 0:    case OP_DIGIT:
3137      case '|':    return next > 255 || (cd->ctypes[next] & ctype_digit) == 0;
     case ')':  
     *firstbyteptr = firstbyte;  
     *reqbyteptr = reqbyte;  
     *codeptr = code;  
     *ptrptr = ptr;  
     return TRUE;  
3138    
3139      /* Handle single-character metacharacters. In multiline mode, ^ disables    case OP_NOT_DIGIT:
3140      the setting of any following char as a first character. */    return next <= 255 && (cd->ctypes[next] & ctype_digit) != 0;
3141    
3142      case '^':    case OP_WHITESPACE:
3143      if ((options & PCRE_MULTILINE) != 0)    return next > 255 || (cd->ctypes[next] & ctype_space) == 0;
       {  
       if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;  
       }  
     previous = NULL;  
     *code++ = OP_CIRC;  
     break;  
3144    
3145      case '$':    case OP_NOT_WHITESPACE:
3146      previous = NULL;    return next <= 255 && (cd->ctypes[next] & ctype_space) != 0;
     *code++ = OP_DOLL;  
     break;  
3147    
3148      /* There can never be a first char if '.' is first, whatever happens about    case OP_WORDCHAR:
3149      repeats. The value of reqbyte doesn't change either. */    return next > 255 || (cd->ctypes[next] & ctype_word) == 0;
3150    
3151      case '.':    case OP_NOT_WORDCHAR:
3152      if (firstbyte == REQ_UNSET) firstbyte = REQ_NONE;    return next <= 255 && (cd->ctypes[next] & ctype_word) != 0;
     zerofirstbyte = firstbyte;  
     zeroreqbyte = reqbyte;  
     previous = code;  
     *code++ = OP_ANY;  
     break;  
3153    
3154      /* Character classes. If the included characters are all < 256, we build a    case OP_HSPACE:
3155      32-byte bitmap of the permitted characters, except in the special case    case OP_NOT_HSPACE:
3156      where there is only one such character. For negated classes, we build the    switch(next)
3157      map as usual, then invert it at the end. However, we use a different opcode      {
3158      so that data characters > 255 can be handled correctly.      case 0x09:
3159        case 0x20:
3160        case 0xa0:
3161        case 0x1680:
3162        case 0x180e:
3163        case 0x2000:
3164        case 0x2001:
3165        case 0x2002:
3166        case 0x2003:
3167        case 0x2004:
3168        case 0x2005:
3169        case 0x2006:
3170        case 0x2007:
3171        case 0x2008:
3172        case 0x2009:
3173        case 0x200A:
3174        case 0x202f:
3175        case 0x205f:
3176        case 0x3000:
3177        return op_code == OP_NOT_HSPACE;
3178        default:
3179        return op_code != OP_NOT_HSPACE;
3180        }
3181    
3182      If the class contains characters outside the 0-255 range, a different    case OP_ANYNL:
3183      opcode is compiled. It may optionally have a bit map for characters < 256,    case OP_VSPACE:
3184      but those above are are explicitly listed afterwards. A flag byte tells    case OP_NOT_VSPACE:
3185      whether the bitmap is present, and whether this is a negated class or not.    switch(next)
3186      */      {
3187        case 0x0a:
3188        case 0x0b:
3189        case 0x0c:
3190        case 0x0d:
3191        case 0x85:
3192        case 0x2028:
3193        case 0x2029:
3194        return op_code == OP_NOT_VSPACE;
3195        default:
3196        return op_code != OP_NOT_VSPACE;
3197        }
3198    
3199      case '[':  #ifdef SUPPORT_UCP
3200      previous = code;    case OP_PROP:
3201      return check_char_prop(next, previous[0], previous[1], FALSE);
3202    
3203      /* PCRE supports POSIX class stuff inside a class. Perl gives an error if    case OP_NOTPROP:
3204      they are encountered at the top level, so we'll do that too. */    return check_char_prop(next, previous[0], previous[1], TRUE);
3205    #endif
3206    
3207      if ((ptr[1] == ':' || ptr[1] == '.' || ptr[1] == '=') &&    default:
3208          check_posix_syntax(ptr, &tempptr, cd))    return FALSE;
3209        {    }
       *errorcodeptr = (ptr[1] == ':')? ERR13 : ERR31;  
       goto FAILED;  
       }  
3210    
     /* If the first character is '^', set the negation flag and skip it. */  
3211    
3212      if ((c = *(++ptr)) == '^')  /* Handle the case when the next item is \d, \s, etc. Note that when PCRE_UCP
3213        {  is set, \d turns into ESC_du rather than ESC_d, etc., so ESC_d etc. are
3214        negate_class = TRUE;  generated only when PCRE_UCP is *not* set, that is, when only ASCII
3215        c = *(++ptr);  characteristics are recognized. Similarly, the opcodes OP_DIGIT etc. are
3216        }  replaced by OP_PROP codes when PCRE_UCP is set. */
3217    
3218    switch(op_code)
3219      {
3220      case OP_CHAR:
3221      case OP_CHARI:
3222    #ifdef SUPPORT_UTF
3223      GETCHARTEST(c, previous);
3224    #else
3225      c = *previous;
3226    #endif
3227      switch(-next)
3228        {
3229        case ESC_d:
3230        return c > 255 || (cd->ctypes[c] & ctype_digit) == 0;
3231    
3232        case ESC_D:
3233        return c <= 255 && (cd->ctypes[c] & ctype_digit) != 0;
3234    
3235        case ESC_s:
3236        return c > 255 || (cd->ctypes[c] & ctype_space) == 0;
3237    
3238        case ESC_S:
3239        return c <= 255 && (cd->ctypes[c] & ctype_space) != 0;
3240    
3241        case ESC_w:
3242        return c > 255 || (cd->ctypes[c] & ctype_word) == 0;
3243    
3244        case ESC_W:
3245        return c <= 255 && (cd->ctypes[c] & ctype_word) != 0;
3246    
3247        case ESC_h:
3248        case ESC_H:
3249        switch(c)
3250          {
3251          case 0x09:
3252          case 0x20:
3253          case 0xa0:
3254          case 0x1680:
3255          case 0x180e:
3256          case 0x2000:
3257          case 0x2001:
3258          case 0x2002:
3259          case 0x2003:
3260          case 0x2004:
3261          case 0x2005:
3262          case 0x2006:
3263          case 0x2007:
3264          case 0x2008:
3265          case 0x2009:
3266          case 0x200A:
3267          case 0x202f:
3268          case 0x205f:
3269          case 0x3000:
3270          return -next != ESC_h;
3271          default:
3272          return -next == ESC_h;
3273          }
3274    
3275        case ESC_v:
3276        case ESC_V:
3277        switch(c)
3278          {
3279          case 0x0a:
3280          case 0x0b:
3281          case 0x0c:
3282          case 0x0d:
3283          case 0x85:
3284          case 0x2028:
3285          case 0x2029:
3286          return -next != ESC_v;
3287          default:
3288          return -next == ESC_v;
3289          }
3290    
3291        /* When PCRE_UCP is set, these values get generated for \d etc. Find
3292        their substitutions and process them. The result will always be either
3293        -ESC_p or -ESC_P. Then fall through to process those values. */
3294    
3295    #ifdef SUPPORT_UCP
3296        case ESC_du:
3297        case ESC_DU:
3298        case ESC_wu:
3299        case ESC_WU:
3300        case ESC_su:
3301        case ESC_SU:
3302          {
3303          int temperrorcode = 0;
3304          ptr = substitutes[-next - ESC_DU];
3305          next = check_escape(&ptr, &temperrorcode, 0, options, FALSE);
3306          if (temperrorcode != 0) return FALSE;
3307          ptr++;    /* For compatibility */
3308          }
3309        /* Fall through */
3310    
3311        case ESC_p:
3312        case ESC_P:
3313          {
3314          int ptype, pdata, errorcodeptr;
3315          BOOL negated;
3316    
3317          ptr--;      /* Make ptr point at the p or P */
3318          ptype = get_ucp(&ptr, &negated, &pdata, &errorcodeptr);
3319          if (ptype < 0) return FALSE;
3320          ptr++;      /* Point past the final curly ket */
3321    
3322          /* If the property item is optional, we have to give up. (When generated
3323          from \d etc by PCRE_UCP, this test will have been applied much earlier,
3324          to the original \d etc. At this point, ptr will point to a zero byte. */
3325    
3326          if (*ptr == CHAR_ASTERISK || *ptr == CHAR_QUESTION_MARK ||
3327            STRNCMP_UC_C8(ptr, STR_LEFT_CURLY_BRACKET STR_0 STR_COMMA, 3) == 0)
3328              return FALSE;
3329    
3330          /* Do the property check. */
3331    
3332          return check_char_prop(c, ptype, pdata, (next == -ESC_P) != negated);
3333          }
3334    #endif
3335    
3336        default:
3337        return FALSE;
3338        }
3339    
3340      /* In principle, support for Unicode properties should be integrated here as
3341      well. It means re-organizing the above code so as to get hold of the property
3342      values before switching on the op-code. However, I wonder how many patterns
3343      combine ASCII \d etc with Unicode properties? (Note that if PCRE_UCP is set,
3344      these op-codes are never generated.) */
3345    
3346      case OP_DIGIT:
3347      return next == -ESC_D || next == -ESC_s || next == -ESC_W ||
3348             next == -ESC_h || next == -ESC_v || next == -ESC_R;
3349    
3350      case OP_NOT_DIGIT:
3351      return next == -ESC_d;
3352    
3353      case OP_WHITESPACE:
3354      return next == -ESC_S || next == -ESC_d || next == -ESC_w;
3355    
3356      case OP_NOT_WHITESPACE:
3357      return next == -ESC_s || next == -ESC_h || next == -ESC_v || next == -ESC_R;
3358    
3359      case OP_HSPACE:
3360      return next == -ESC_S || next == -ESC_H || next == -ESC_d ||
3361             next == -ESC_w || next == -ESC_v || next == -ESC_R;
3362    
3363      case OP_NOT_HSPACE:
3364      return next == -ESC_h;
3365    
3366      /* Can't have \S in here because VT matches \S (Perl anomaly) */
3367      case OP_ANYNL:
3368      case OP_VSPACE:
3369      return next == -ESC_V || next == -ESC_d || next == -ESC_w;
3370    
3371      case OP_NOT_VSPACE:
3372      return next == -ESC_v || next == -ESC_R;
3373    
3374      case OP_WORDCHAR:
3375      return next == -ESC_W || next == -ESC_s || next == -ESC_h ||
3376             next == -ESC_v || next == -ESC_R;
3377    
3378      case OP_NOT_WORDCHAR:
3379      return next == -ESC_w || next == -ESC_d;
3380    
3381      default:
3382      return FALSE;
3383      }
3384    
3385    /* Control does not reach here */
3386    }
3387    
3388    
3389    
3390    /*************************************************
3391    *           Compile one branch                   *
3392    *************************************************/
3393    
3394    /* Scan the pattern, compiling it into the a vector. If the options are
3395    changed during the branch, the pointer is used to change the external options
3396    bits. This function is used during the pre-compile phase when we are trying
3397    to find out the amount of memory needed, as well as during the real compile
3398    phase. The value of lengthptr distinguishes the two phases.
3399    
3400    Arguments:
3401      optionsptr     pointer to the option bits
3402      codeptr        points to the pointer to the current code point
3403      ptrptr         points to the current pattern pointer
3404      errorcodeptr   points to error code variable
3405      firstcharptr   set to initial literal character, or < 0 (REQ_UNSET, REQ_NONE)
3406      reqcharptr     set to the last literal character required, else < 0
3407      bcptr          points to current branch chain
3408      cond_depth     conditional nesting depth
3409      cd             contains pointers to tables etc.
3410      lengthptr      NULL during the real compile phase
3411                     points to length accumulator during pre-compile phase
3412    
3413    Returns:         TRUE on success
3414                     FALSE, with *errorcodeptr set non-zero on error
3415    */
3416    
3417    static BOOL
3418    compile_branch(int *optionsptr, pcre_uchar **codeptr,
3419      const pcre_uchar **ptrptr, int *errorcodeptr, pcre_int32 *firstcharptr,
3420      pcre_int32 *reqcharptr, branch_chain *bcptr, int cond_depth,
3421      compile_data *cd, int *lengthptr)
3422    {
3423    int repeat_type, op_type;
3424    int repeat_min = 0, repeat_max = 0;      /* To please picky compilers */
3425    int bravalue = 0;
3426    int greedy_default, greedy_non_default;
3427    pcre_int32 firstchar, reqchar;
3428    pcre_int32 zeroreqchar, zerofirstchar;
3429    pcre_int32 req_caseopt, reqvary, tempreqvary;
3430    int options = *optionsptr;               /* May change dynamically */
3431    int after_manual_callout = 0;
3432    int length_prevgroup = 0;
3433    register int c;
3434    register pcre_uchar *code = *codeptr;
3435    pcre_uchar *last_code = code;
3436    pcre_uchar *orig_code = code;
3437    pcre_uchar *tempcode;
3438    BOOL inescq = FALSE;
3439    BOOL groupsetfirstchar = FALSE;
3440    const pcre_uchar *ptr = *ptrptr;
3441    const pcre_uchar *tempptr;
3442    const pcre_uchar *nestptr = NULL;
3443    pcre_uchar *previous = NULL;
3444    pcre_uchar *previous_callout = NULL;
3445    pcre_uchar *save_hwm = NULL;
3446    pcre_uint8 classbits[32];
3447    
3448    /* We can fish out the UTF-8 setting once and for all into a BOOL, but we
3449    must not do this for other options (e.g. PCRE_EXTENDED) because they may change
3450    dynamically as we process the pattern. */
3451    
3452    #ifdef SUPPORT_UTF
3453    /* PCRE_UTF16 has the same value as PCRE_UTF8. */
3454    BOOL utf = (options & PCRE_UTF8) != 0;
3455    pcre_uchar utf_chars[6];
3456    #else
3457    BOOL utf = FALSE;
3458    #endif
3459    
3460    /* Helper variables for OP_XCLASS opcode (for characters > 255). */
3461    
3462    #if defined SUPPORT_UTF || !defined COMPILE_PCRE8
3463    BOOL xclass;
3464    pcre_uchar *class_uchardata;
3465    pcre_uchar *class_uchardata_base;
3466    #endif
3467    
3468    #ifdef PCRE_DEBUG
3469    if (lengthptr != NULL) DPRINTF((">> start branch\n"));
3470    #endif
3471    
3472    /* Set up the default and non-default settings for greediness */
3473    
3474    greedy_default = ((options & PCRE_UNGREEDY) != 0);
3475    greedy_non_default = greedy_default ^ 1;
3476    
3477    /* Initialize no first byte, no required byte. REQ_UNSET means "no char
3478    matching encountered yet". It gets changed to REQ_NONE if we hit something that
3479    matches a non-fixed char first char; reqchar just remains unset if we never
3480    find one.
3481    
3482    When we hit a repeat whose minimum is zero, we may have to adjust these values
3483    to take the zero repeat into account. This is implemented by setting them to
3484    zerofirstbyte and zeroreqchar when such a repeat is encountered. The individual
3485    item types that can be repeated set these backoff variables appropriately. */
3486    
3487    firstchar = reqchar = zerofirstchar = zeroreqchar = REQ_UNSET;
3488    
3489    /* The variable req_caseopt contains either the REQ_CASELESS value
3490    or zero, according to the current setting of the caseless flag. The
3491    REQ_CASELESS leaves the lower 28 bit empty. It is added into the
3492    firstchar or reqchar variables to record the case status of the
3493    value. This is used only for ASCII characters. */
3494    
3495    req_caseopt = ((options & PCRE_CASELESS) != 0)? REQ_CASELESS:0;
3496    
3497    /* Switch on next character until the end of the branch */
3498    
3499    for (;; ptr++)
3500      {
3501      BOOL negate_class;
3502      BOOL should_flip_negation;
3503      BOOL possessive_quantifier;
3504      BOOL is_quantifier;
3505      BOOL is_recurse;
3506      BOOL reset_bracount;
3507      int class_has_8bitchar;
3508      int class_single_char;
3509      int newoptions;
3510      int recno;
3511      int refsign;
3512      int skipbytes;
3513      int subreqchar;
3514      int subfirstchar;
3515      int terminator;
3516      int mclength;
3517      int tempbracount;
3518      pcre_uchar mcbuffer[8];
3519    
3520      /* Get next character in the pattern */
3521    
3522      c = *ptr;
3523    
3524      /* If we are at the end of a nested substitution, revert to the outer level
3525      string. Nesting only happens one level deep. */
3526    
3527      if (c == 0 && nestptr != NULL)
3528        {
3529        ptr = nestptr;
3530        nestptr = NULL;
3531        c = *ptr;
3532        }
3533    
3534      /* If we are in the pre-compile phase, accumulate the length used for the
3535      previous cycle of this loop. */
3536    
3537      if (lengthptr != NULL)
3538        {
3539    #ifdef PCRE_DEBUG
3540        if (code > cd->hwm) cd->hwm = code;                 /* High water info */
3541    #endif
3542        if (code > cd->start_workspace + cd->workspace_size -
3543            WORK_SIZE_SAFETY_MARGIN)                       /* Check for overrun */
3544          {
3545          *errorcodeptr = ERR52;
3546          goto FAILED;
3547          }
3548    
3549        /* There is at least one situation where code goes backwards: this is the
3550        case of a zero quantifier after a class (e.g. [ab]{0}). At compile time,
3551        the class is simply eliminated. However, it is created first, so we have to
3552        allow memory for it. Therefore, don't ever reduce the length at this point.
3553        */
3554    
3555        if (code < last_code) code = last_code;
3556    
3557        /* Paranoid check for integer overflow */
3558    
3559        if (OFLOW_MAX - *lengthptr < code - last_code)
3560          {
3561          *errorcodeptr = ERR20;
3562          goto FAILED;
3563          }
3564    
3565        *lengthptr += (int)(code - last_code);
3566        DPRINTF(("length=%d added %d c=%c (0x%x)\n", *lengthptr,
3567          (int)(code - last_code), c, c));
3568    
3569        /* If "previous" is set and it is not at the start of the work space, move
3570        it back to there, in order to avoid filling up the work space. Otherwise,
3571        if "previous" is NULL, reset the current code pointer to the start. */
3572    
3573        if (previous != NULL)
3574          {
3575          if (previous > orig_code)
3576            {
3577            memmove(orig_code, previous, IN_UCHARS(code - previous));
3578            code -= previous - orig_code;
3579            previous = orig_code;
3580            }
3581          }
3582        else code = orig_code;
3583    
3584        /* Remember where this code item starts so we can pick up the length
3585        next time round. */
3586    
3587        last_code = code;
3588        }
3589    
3590      /* In the real compile phase, just check the workspace used by the forward
3591      reference list. */
3592    
3593      else if (cd->hwm > cd->start_workspace + cd->workspace_size -
3594               WORK_SIZE_SAFETY_MARGIN)
3595        {
3596        *errorcodeptr = ERR52;
3597        goto FAILED;
3598        }
3599    
3600      /* If in \Q...\E, check for the end; if not, we have a literal */
3601    
3602      if (inescq && c != 0)
3603        {
3604        if (c == CHAR_BACKSLASH && ptr[1] == CHAR_E)
3605          {
3606          inescq = FALSE;
3607          ptr++;
3608          continue;
3609          }
3610      else      else
3611        {        {
3612        negate_class = FALSE;        if (previous_callout != NULL)
3613            {
3614            if (lengthptr == NULL)  /* Don't attempt in pre-compile phase */
3615              complete_callout(previous_callout, ptr, cd);
3616            previous_callout = NULL;
3617            }
3618          if ((options & PCRE_AUTO_CALLOUT) != 0)
3619            {
3620            previous_callout = code;
3621            code = auto_callout(code, ptr, cd);
3622            }
3623          goto NORMAL_CHAR;
3624        }        }
3625        }
3626    
3627      /* Fill in length of a previous callout, except when the next thing is
3628      a quantifier. */
3629    
3630      /* Keep a count of chars with values < 256 so that we can optimize the case    is_quantifier =
3631      of just a single character (as long as it's < 256). For higher valued UTF-8      c == CHAR_ASTERISK || c == CHAR_PLUS || c == CHAR_QUESTION_MARK ||
3632      characters, we don't yet do any optimization. */      (c == CHAR_LEFT_CURLY_BRACKET && is_counted_repeat(ptr+1));
3633    
3634      class_charcount = 0;    if (!is_quantifier && previous_callout != NULL &&
3635      class_lastchar = -1;         after_manual_callout-- <= 0)
3636        {
3637        if (lengthptr == NULL)      /* Don't attempt in pre-compile phase */
3638          complete_callout(previous_callout, ptr, cd);
3639        previous_callout = NULL;
3640        }
3641    
3642      /* In extended mode, skip white space and comments. */
3643    
3644  #ifdef SUPPORT_UTF8    if ((options & PCRE_EXTENDED) != 0)
3645      class_utf8 = FALSE;                       /* No chars >= 256 */      {
3646      class_utf8data = code + LINK_SIZE + 34;   /* For UTF-8 items */      if (MAX_255(*ptr) &