Fix 32-bit error buffer size bug in pcre2test (Bugzilla 2079).

2017-03-21 17:46:21 +00:00 · 2017-03-21 17:46:21 +00:00 · cde5f12cee
parent 338a37e9e0
commit cde5f12cee
6 changed files with 19 additions and 9 deletions
--- a/4
+++ b/4
@ -76,6 +76,10 @@ or deserialization (the "load" or "save" commands).
 12. Fix potential NULL dereference in pcre2_callout_enumerate() if called with 
 a NULL pattern pointer when Unicode support is available.
 13. When the 32-bit library was being tested by pcre2test, error messages that 
 were longer than 64 code units could cause a buffer overflow. This was a bug in 
 pcre2test.
 Version 10.23 14-February-2017
 ------------------------------
--- a/doc/pcre2api.3
+++ b/doc/pcre2api.3
@ -1,4 +1,4 @@
-.TH PCRE2API 3 "24 December 2016" "PCRE2 10.23"
+.TH PCRE2API 3 "21 March 2017" "PCRE2 10.30"
 .SH NAME
 PCRE2 - Perl-compatible regular expressions (revised API)
 .sp
@ -2633,8 +2633,8 @@ The internal recursion limit was reached.
 A text message for an error code from any PCRE2 function (compile, match, or
 auxiliary) can be obtained by calling \fBpcre2_get_error_message()\fP. The code
 is passed as the first argument, with the remaining two arguments specifying a
-code unit buffer and its length, into which the text message is placed. Note
+code unit buffer and its length in code units, into which the text message is
-that the message is returned in code units of the appropriate width for the
+placed. The message is returned in code units of the appropriate width for the
 library that is being used.
 .P
 The returned message is terminated with a trailing zero, and the function
@ -3321,6 +3321,6 @@ Cambridge, England.
 .rs
 .sp
 .nf
-Last updated: 23 December 2016
+Last updated: 21 March 2017
-Copyright (c) 1997-2016 University of Cambridge.
+Copyright (c) 1997-2017 University of Cambridge.
 .fi
--- a/src/pcre2_error.c
+++ b/src/pcre2_error.c
@ -271,7 +271,7 @@ distinct.
 Arguments:
  enumber       error number
  buffer        where to put the message (zero terminated)
-  size          size of the buffer
+  size          size of the buffer in code units
 Returns:        length of message if all is well
                negative on error
--- a/src/pcre2test.c
+++ b/src/pcre2test.c
@ -2889,7 +2889,7 @@ if (pbuffer32_size < 4*len + 4)
  {
  if (pbuffer32 != NULL) free(pbuffer32);
  pbuffer32_size = 4*len + 4;
-  if (pbuffer32_size < 256) pbuffer32_size = 256;
+  if (pbuffer32_size < 512) pbuffer32_size = 512;
  pbuffer32 = (uint32_t *)malloc(pbuffer32_size);
  if (pbuffer32 == NULL)
    {
@ -7600,7 +7600,8 @@ if (arg_error != NULL)
  int errcode;
  char *endptr;
-/* Ensure the relevant non-8-bit buffer is available. */
+/* Ensure the relevant non-8-bit buffer is available. Ensure that it is at 
 least 128 code units, because it is used for retrieving error messages. */
 #ifdef SUPPORT_PCRE2_16
  if (test_mode == PCRE16_MODE)
@ -7620,7 +7621,7 @@ if (arg_error != NULL)
 #ifdef SUPPORT_PCRE2_32
  if (test_mode == PCRE32_MODE)
    {
-    pbuffer32_size = 256;
+    pbuffer32_size = 512;
    pbuffer32 = (uint32_t *)malloc(pbuffer32_size);
    if (pbuffer32 == NULL)
      {
--- a/testdata/testinput2
+++ b/testdata/testinput2
@ -5017,4 +5017,6 @@ a)"xI
 /(?<!\1((?U)1((?U))))(*F)/never_backslash_c,alt_bsux,anchored,extended
 /\g{3/
 # End of testinput2 
--- a/testdata/testoutput2
+++ b/testdata/testoutput2
@ -15570,6 +15570,9 @@ No match
 /(?<!\1((?U)1((?U))))(*F)/never_backslash_c,alt_bsux,anchored,extended
 /\g{3/
 Failed: error 157 at offset 2: \g is not followed by a braced, angle-bracketed, or quoted name/number or by a plain number
 # End of testinput2 
 Error -63: PCRE2_ERROR_BADDATA (unknown error number)
 Error -62: bad serialized data