Give error for regexec with pmatch=NULL and REG_STARTEND set.

ChangeLog

@@ -344,6 +344,9 @@ working correctly in UCP mode.
 qualifier when PCRE2_AUTO_CALLOUT was set, pcre2_compile() misbehaved. This bug
 was found by the LLVM fuzzer.
 
+103. The POSIX wrapper function regexec() crashed if the option REG_STARTEND 
+was set when the pmatch argument was NULL. It now returns REG_INVARG.
+
 
 Version 10.20 30-June-2015
 --------------------------

doc/pcre2posix.3

@@ -1,4 +1,4 @@
-.TH PCRE2POSIX 3 "30 October 2015" "PCRE2 10.21"
+.TH PCRE2POSIX 3 "29 November 2015" "PCRE2 10.21"
 .SH NAME
 PCRE2 - Perl-compatible regular expressions (revised API)
 .SH "SYNOPSIS"
@@ -211,7 +211,8 @@ to have a terminating NUL located at \fIstring\fP + \fIpmatch[0].rm_eo\fP
 IEEE Standard 1003.2 (POSIX.2), and should be used with caution in software
 intended to be portable to other systems. Note that a non-zero \fIrm_so\fP does
 not imply REG_NOTBOL; REG_STARTEND affects only the location of the string, not
-how it is matched.
+how it is matched. Setting REG_STARTEND and passing \fIpmatch\fP as NULL are 
+mutually exclusive; the error REG_INVARG is returned.
 .P
 If the pattern was compiled with the REG_NOSUB flag, no data about any matched
 strings is returned. The \fInmatch\fP and \fIpmatch\fP arguments of
@@ -269,6 +270,6 @@ Cambridge, England.
 .rs
 .sp
 .nf
-Last updated: 30 October 2015
+Last updated: 29 November 2015
 Copyright (c) 1997-2015 University of Cambridge.
 .fi

src/pcre2posix.c

@@ -285,6 +285,7 @@ start location rather than being passed as a PCRE2 "starting offset". */
 
 if ((eflags & REG_STARTEND) != 0)
   {
+  if (pmatch == NULL) return REG_INVARG; 
   so = pmatch[0].rm_so;
   eo = pmatch[0].rm_eo;
   }