pcre2_string_utils: avoid segfault with strlen(NULL)
pcre2(?:_dfa)?_match should return PCRE2_ERROR_NULL if the subject is NULL, but the order that is done is incorrect, leading to crashes. Workaround the issue by allowing strlen(NULL) to return a value of 0, so it wouldn't segfault while trying to access a NULL subject and therefore allowing the current check to be reached even if it is done after the length of the subject is evaluated because it was provided as PCRE2_ZERO_TERMINATED. As a side effect, this also prevents crashes in pcre2_substitute when the subject or the replacement string were NULL and the length was provided as PCRE2_ZERO_TERMINATED and that would come out handy if we want to be able to allow a NULL subject as valid when a length of 0 was also provided.
This commit is contained in:
parent
eb42305f07
commit
ec551097ec
|
@ -53,7 +53,7 @@ changed to the length of the new string, excluding the trailing zero that is
|
|||
automatically added.
|
||||
.P
|
||||
The subject and replacement lengths can be given as PCRE2_ZERO_TERMINATED for
|
||||
zero-terminated strings. The options are:
|
||||
zero-terminated strings. if used with a replacement string of NULL, then it is assumed to be equivalent to the behaviour expected from a replacement string of NULL and a length of 0. The options are:
|
||||
.sp
|
||||
PCRE2_ANCHORED Match only at the first position
|
||||
PCRE2_ENDANCHORED Pattern can match only at end of subject
|
||||
|
|
|
@ -209,6 +209,7 @@ PCRE2_SIZE
|
|||
PRIV(strlen)(PCRE2_SPTR str)
|
||||
{
|
||||
PCRE2_SIZE c = 0;
|
||||
if (str == NULL) return 0;
|
||||
while (*str++ != 0) c++;
|
||||
return c;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue