The JIT compiler did not restore the control verb head in case of *THEN control verbs.

This commit is contained in:
Zoltán Herczeg 2015-08-08 05:45:17 +00:00
parent 537f8b1a3d
commit c214c54ca0
4 changed files with 17 additions and 0 deletions

View File

@ -108,6 +108,9 @@ character.
28. If pcre2grep was given the -q option with -c or -l, or when handling a 28. If pcre2grep was given the -q option with -c or -l, or when handling a
binary file, it incorrectly wrote output to stdout. binary file, it incorrectly wrote output to stdout.
29. The JIT compiler did not restore the control verb head in case of *THEN
control verbs. This issue was found by Karl Skomski with a custom LLVM fuzzer.
Version 10.20 30-June-2015 Version 10.20 30-June-2015
-------------------------- --------------------------

View File

@ -1472,6 +1472,13 @@ while (cc < ccend)
cc += 1 + LINK_SIZE + IMM2_SIZE; cc += 1 + LINK_SIZE + IMM2_SIZE;
break; break;
case OP_THEN:
stack_restore = TRUE;
if (common->control_head_ptr != 0)
*needs_control_head = TRUE;
cc ++;
break;
default: default:
stack_restore = TRUE; stack_restore = TRUE;
/* Fall through. */ /* Fall through. */

3
testdata/testinput2 vendored
View File

@ -4412,4 +4412,7 @@ a random value. /Ix
/((?(R8000000000)))/ /((?(R8000000000)))/
/0(?0)|(1)(*THEN)(*SKIP:0)(*FAIL)/
01
# End of testinput2 # End of testinput2

View File

@ -14667,4 +14667,8 @@ Failed: error 161 at offset 13: number is too big
/((?(R8000000000)))/ /((?(R8000000000)))/
Failed: error 161 at offset 16: number is too big Failed: error 161 at offset 16: number is too big
/0(?0)|(1)(*THEN)(*SKIP:0)(*FAIL)/
01
No match
# End of testinput2 # End of testinput2