Fix overflow bug in new /u code. Fixes ClusterFuzz 13073.

2019-02-13 16:48:30 +00:00 · 2019-02-13 16:48:30 +00:00 · f2e1cea288
parent 8c8deae8eb
commit f2e1cea288
3 changed files with 8 additions and 0 deletions
--- a/src/pcre2_compile.c
+++ b/src/pcre2_compile.c
@ -1596,6 +1596,7 @@ else
      {
      uint32_t xc;
      
+      if (ptr >= ptrend) break;
      if (*ptr == CHAR_LEFT_CURLY_BRACKET && 
          (extra_options & PCRE2_EXTRA_ALT_BSUX) != 0)
        {
--- a/testdata/testinput5
+++ b/testdata/testinput5
@ -817,6 +817,9 @@
 /^\u{0000000000010ffff}/utf,extra_alt_bsux
    \x{10ffff}

+/\u/utf,alt_bsux
+    \\u
+
 /^a+[a\x{200}]/B,utf
    aa

--- a/testdata/testoutput5
+++ b/testdata/testoutput5
@ -1738,6 +1738,10 @@ Failed: error 173 at offset 6: disallowed Unicode code point (>= 0xd800 && <= 0x
    \x{10ffff}
 0: \x{10ffff}

+/\u/utf,alt_bsux
+    \\u
+ 0: u
+
 /^a+[a\x{200}]/B,utf
 ------------------------------------------------------------------
        Bra