Fix capturing in conditional negative assertions ended with (*ACCEPT).

2017-04-03 18:02:07 +00:00 · 2017-04-03 18:02:07 +00:00 · fcd0c39b26
parent 7c32d955a1
commit fcd0c39b26
4 changed files with 43 additions and 11 deletions
--- a/5
+++ b/5
@ -29,7 +29,10 @@ bugs were never in fully released code, but are noted here for the record.
      vector on the stack is not big enough to handle at least 10 frames. 
      Fixes oss-fuzz issue 783. 
      
-  (c) Handling of (*VERB)s in recursions was wrong in some cases. 
+  (c) Handling of (*VERB)s in recursions was wrong in some cases.
+  
+  (d) Captures in negative assertions that were used as conditions were not
+      happening if the assertion matched via (*ACCEPT).   
      
 2. Now that pcre2_match() no longer uses recursive function calls (see above),
 the "match limit recursion" value seems misnamed. It still exists, and limits 
--- a/src/pcre2_match.c
+++ b/src/pcre2_match.c
@ -5332,17 +5332,14 @@ fprintf(stderr, "++ op=%d\n", *Fecode);

        switch(rrc)
          {
-          case MATCH_ACCEPT:
-          if (Lpositive)      /* Save captures if a positive assertion */
-            {
-            memcpy(Fovector,
-                  (char *)assert_accept_frame + offsetof(heapframe, ovector),
-                  assert_accept_frame->offset_top * sizeof(PCRE2_SIZE));
-            Foffset_top = assert_accept_frame->offset_top;
-            }
+          case MATCH_ACCEPT:  /* Save captures */
+          memcpy(Fovector,
+                (char *)assert_accept_frame + offsetof(heapframe, ovector),
+                assert_accept_frame->offset_top * sizeof(PCRE2_SIZE));
+          Foffset_top = assert_accept_frame->offset_top;

-          /* Fall through. In the case of a match for a positive assertion, the
-          captures have already been put into the current frame. */
+          /* Fall through. In the case of a match, the captures have already
+          been put into the current frame. */

          case MATCH_MATCH:
          condition = Lpositive;   /* TRUE for positive assertion */
--- a/testdata/testinput1
+++ b/testdata/testinput1
@ -5905,4 +5905,16 @@ ef) x/x,mark
 /^(.|(.)(?1)?\2)$/
    abcba
    
+/^(?(?=(a))abc|def)/
+    abc
+
+/^(?(?!(a))def|abc)/
+    abc
+
+/^(?(?=(a)(*ACCEPT))abc|def)/
+    abc
+
+/^(?(?!(a)(*ACCEPT))def|abc)/
+    abc
+
 # End of testinput1 
--- a/testdata/testoutput1
+++ b/testdata/testoutput1
@ -9467,4 +9467,24 @@ No match
 1: abcba
 2: a
    
+/^(?(?=(a))abc|def)/
+    abc
+ 0: abc
+ 1: a
+
+/^(?(?!(a))def|abc)/
+    abc
+ 0: abc
+ 1: a
+
+/^(?(?=(a)(*ACCEPT))abc|def)/
+    abc
+ 0: abc
+ 1: a
+
+/^(?(?!(a)(*ACCEPT))def|abc)/
+    abc
+ 0: abc
+ 1: a
+
 # End of testinput1