break;
case CHR('u'):
c = lexdigits(v, 16, 4, 4);
- if (ISERR())
+ if (ISERR() || c < CHR_MIN || c > CHR_MAX)
FAILW(REG_EESCAPE);
RETV(PLAIN, c);
break;
case CHR('U'):
c = lexdigits(v, 16, 8, 8);
- if (ISERR())
+ if (ISERR() || c < CHR_MIN || c > CHR_MAX)
FAILW(REG_EESCAPE);
RETV(PLAIN, c);
break;
case CHR('x'):
NOTE(REG_UUNPORT);
c = lexdigits(v, 16, 1, 255); /* REs >255 long outside spec */
- if (ISERR())
+ if (ISERR() || c < CHR_MIN || c > CHR_MAX)
FAILW(REG_EESCAPE);
RETV(PLAIN, c);
break;
/*
* lexdigits - slurp up digits and return chr value
+ *
+ * This does not account for overflow; callers should range-check the result
+ * if maxlen is large enough to make that possible.
*/
static chr /* chr value; errors signalled via ERR */
lexdigits(struct vars * v,
int nchrs;
struct cvec *cv;
celt c,
- lc,
- uc;
+ cc;
if (a != b && !before(a, b))
{
/*
* When case-independent, it's hard to decide when cvec ranges are usable,
- * so for now at least, we won't try. We allocate enough space for two
- * case variants plus a little extra for the two title case variants.
+ * so for now at least, we won't try. We use a range for the originally
+ * specified chrs and then add on any case-equivalents that are outside
+ * that range as individual chrs.
+ *
+ * To ensure sane behavior if someone specifies a very large range, limit
+ * the allocation size to 100000 chrs (arbitrary) and check for overrun
+ * inside the loop below.
*/
+ nchrs = b - a + 1;
+ if (nchrs <= 0 || nchrs > 100000)
+ nchrs = 100000;
- nchrs = (b - a + 1) * 2 + 4;
-
- cv = getcvec(v, nchrs, 0);
+ cv = getcvec(v, nchrs, 1);
NOERRN();
+ addrange(cv, a, b);
for (c = a; c <= b; c++)
{
- addchr(cv, c);
- lc = pg_wc_tolower((chr) c);
- if (c != lc)
- addchr(cv, lc);
- uc = pg_wc_toupper((chr) c);
- if (c != uc)
- addchr(cv, uc);
+ cc = pg_wc_tolower((chr) c);
+ if (cc != c &&
+ (before(cc, a) || before(b, cc)))
+ {
+ if (cv->nchrs >= cv->chrspace)
+ {
+ ERR(REG_ETOOBIG);
+ return NULL;
+ }
+ addchr(cv, cc);
+ }
+ cc = pg_wc_toupper((chr) c);
+ if (cc != c &&
+ (before(cc, a) || before(b, cc)))
+ {
+ if (cv->nchrs >= cv->chrspace)
+ {
+ ERR(REG_ETOOBIG);
+ return NULL;
+ }
+ addchr(cv, cc);
+ }
+ if (CANCEL_REQUESTED(v->re))
+ {
+ ERR(REG_CANCEL);
+ return NULL;
+ }
}
return cv;
{
ch = *p;
newarc(v->nfa, PLAIN, subcolor(v->cm, ch), lp, rp);
+ NOERR();
}
/* and the ranges */
to = *(p + 1);
if (from <= to)
subrange(v, from, to, lp, rp);
+ NOERR();
}
}
#define DIGITVAL(c) ((c)-'0') /* turn chr digit into its value */
#define CHRBITS 32 /* bits in a chr; must not use sizeof */
#define CHR_MIN 0x00000000 /* smallest and largest chr; the value */
-#define CHR_MAX 0xfffffffe /* CHR_MAX-CHR_MIN+1 should fit in uchr */
+#define CHR_MAX 0x7ffffffe /* CHR_MAX-CHR_MIN+1 must fit in an int, and
+ * CHR_MAX+1 must fit in both chr and celt */
/* functions operating on chr */
#define iscalnum(x) pg_wc_isalnum(x)
ERROR: invalid regular expression: invalid backreference number
select 'xyz' ~ 'x(\w)(?=(\1))';
ERROR: invalid regular expression: invalid backreference number
+select 'a' ~ '\x7fffffff'; -- invalid chr code
+ERROR: invalid regular expression: invalid escape \ sequence
-- Error conditions
select 'xyz' ~ 'x(\w)(?=\1)'; -- no backrefs in LACONs
select 'xyz' ~ 'x(\w)(?=(\1))';
+select 'a' ~ '\x7fffffff'; -- invalid chr code
projects / postgresql.git / commitdiff