From f2e1cea2884e93a0f27473c4e3db18936abed039 Mon Sep 17 00:00:00 2001
From: "Philip.Hazel" <Philip.Hazel@gmail.com>
Date: Wed, 13 Feb 2019 16:48:30 +0000
Subject: [PATCH] Fix overflow bug in new /u code. Fixes ClusterFuzz 13073.

---
 src/pcre2_compile.c  | 1 +
 testdata/testinput5  | 3 +++
 testdata/testoutput5 | 4 ++++
 3 files changed, 8 insertions(+)

diff --git a/src/pcre2_compile.c b/src/pcre2_compile.c
index 1edcf1a..5a6f88c 100644
--- a/src/pcre2_compile.c
+++ b/src/pcre2_compile.c
@@ -1596,6 +1596,7 @@ else
       {
       uint32_t xc;
       
+      if (ptr >= ptrend) break;
       if (*ptr == CHAR_LEFT_CURLY_BRACKET && 
           (extra_options & PCRE2_EXTRA_ALT_BSUX) != 0)
         {
diff --git a/testdata/testinput5 b/testdata/testinput5
index b48d27a..2c4e847 100644
--- a/testdata/testinput5
+++ b/testdata/testinput5
@@ -817,6 +817,9 @@
 /^\u{0000000000010ffff}/utf,extra_alt_bsux
     \x{10ffff}
 
+/\u/utf,alt_bsux
+    \\u
+
 /^a+[a\x{200}]/B,utf
     aa
 
diff --git a/testdata/testoutput5 b/testdata/testoutput5
index 2bcb39f..23438dd 100644
--- a/testdata/testoutput5
+++ b/testdata/testoutput5
@@ -1738,6 +1738,10 @@ Failed: error 173 at offset 6: disallowed Unicode code point (>= 0xd800 && <= 0x
     \x{10ffff}
  0: \x{10ffff}
 
+/\u/utf,alt_bsux
+    \\u
+ 0: u
+
 /^a+[a\x{200}]/B,utf
 ------------------------------------------------------------------
         Bra