Front page | perl.perl5.porters |
Postings from February 2014
# New Ticket Created by yves orton
# Please include the string: [perl #121321]
# in the subject line of all future correspondence about this issue.
# <URL: https://rt.perl.org/Ticket/Display.html?id=121321 >
The following code infinite loops:
./perl -Mre=Debug,ALL -Ilib -E'qr/(a)(b)(c)(d)(e)(f)(g)(h)(i)\10/'
The problem is a fencepost error in backslash parsing. The regex
compiler has two pieces of code for handling numeric style escapes
like "\2". One is used for resolving such an escape as a
*back-reference*, and one is used for resolving such an escape as an
escaped literal.
Backreference:
num = S_backref_value(RExC_parse);
/* bare \NNN might be backref or octal */
if (num == I32_MAX || (num > 9 && num >= RExC_npar
&& *RExC_parse != '8' && *RExC_parse != '9'))
/* Probably a character specified in octal, e.g. \35 */
goto defchar;
Escaped literal:
if ( !isDIGIT(p[1]) || S_backref_value(p) <= RExC_npar)
{ /* Not to be treated as an octal constant, go
find backref */
--p;
goto loopdone;
}
The problem is the comparison to RExC_npar in both includes the ==
case, which means that when the number is the same as RExC_npar and
the number is larger than 9 then we go into an infinite loop.
RExC_npar is defined as being one more than the number of parsed
buffers. Thus the second case should be < RExC_npar and not <=
RExC_npar.
A patch to fix this will follow shortly.
Yves
--
perl -Mre=debug -e "/just|another|perl|hacker/"
Thread Next