Fix minor oversight in previous patch. Fixes clusterfuzz 15199.

2019-06-11 07:37:29 +00:00 · 2019-06-11 07:37:29 +00:00 · f0c06ee212
parent 306f2b9c57
commit f0c06ee212
3 changed files with 14 additions and 6 deletions
--- a/src/pcre2_compile.c
+++ b/src/pcre2_compile.c
@ -2448,7 +2448,7 @@ must be last. */
 enum { RANGE_NO, RANGE_STARTED, RANGE_OK_ESCAPED, RANGE_OK_LITERAL };

 /* Only in 32-bit mode can there be literals > META_END. A macro encapsulates
-the storing of literal values in the main parsed pattern, where they can always 
+the storing of literal values in the main parsed pattern, where they can always
 be quantified. */

 #if PCRE2_CODE_UNIT_WIDTH == 32
@ -2642,10 +2642,10 @@ while (ptr < ptrend)
      default:                     /* Don't use PARSED_LITERAL() because it */
 #if PCRE2_CODE_UNIT_WIDTH == 32    /* sets okquantifier. */
      if (c >= META_END) *parsed_pattern++ = META_BIGVALUE;
-#endif       
+#endif
      *parsed_pattern++ = c;
      break;
-      
+
      case CHAR_RIGHT_PARENTHESIS:
      inverbname = FALSE;
      /* This is the length in characters */
@ -2681,8 +2681,11 @@ while (ptr < ptrend)

      switch(escape)
        {
-        case 0:
-        PARSED_LITERAL(c, parsed_pattern);
+        case 0:                    /* Don't use PARSED_LITERAL() because it */
+#if PCRE2_CODE_UNIT_WIDTH == 32    /* sets okquantifier. */
+        if (c >= META_END) *parsed_pattern++ = META_BIGVALUE;
+#endif
+        *parsed_pattern++ = c;
        break;

        case ESC_Q:
@ -3793,7 +3796,7 @@ while (ptr < ptrend)

        /* Remember where this verb, possibly with a preceding (*MARK), starts,
        for handling quantified (*ACCEPT). */
-        
+
        verbstartptr = parsed_pattern;
        okquantifier = (verbs[i].meta == META_ACCEPT);

--- a/testdata/testinput2
+++ b/testdata/testinput2
@ -5603,4 +5603,6 @@ a)"xI
    abc
    axy

+/(*:\)?/
+
 # End of testinput2
--- a/testdata/testoutput2
+++ b/testdata/testoutput2
@ -16959,6 +16959,9 @@ Failed: error 197 at offset 131075: too many capturing groups (maximum 65535)
 0: a
 MK: XX

+/(*:\)?/
+Failed: error 109 at offset 5: quantifier does not follow a repeatable item
+
 # End of testinput2
 Error -70: PCRE2_ERROR_BADDATA (unknown error number)
 Error -62: bad serialized data