Description: Apply upstream revision 1631 (Closes: #815921)
 This is an upstream patch to fix workspace overflow for (*ACCEPT) with
 deeply nested parentheses
Author: Matthew Vernon <matthew@debian.org>
X-Dgit-Generated: 2:8.38-2 50aa7778a6bb8b81a9e03e8744f797362183772e

---

Index: pcre3-8.35/pcreposix.c
===================================================================
--- pcre3-8.35.orig/pcreposix.c	2016-03-24 11:19:44.968012262 -0400
+++ pcre3-8.35/pcreposix.c	2016-03-24 11:21:31.153438073 -0400
@@ -6,7 +6,7 @@
 and semantics are as close as possible to those of the Perl 5 language.
 
                        Written by Philip Hazel
-           Copyright (c) 1997-2014 University of Cambridge
+           Copyright (c) 1997-2016 University of Cambridge
 
 -----------------------------------------------------------------------------
 Redistribution and use in source and binary forms, with or without
@@ -172,7 +172,9 @@
   REG_BADPAT,  /* invalid range in character class */
   REG_BADPAT,  /* group name must start with a non-digit */
   /* 85 */
-  REG_BADPAT   /* parentheses too deeply nested (stack check) */
+  REG_BADPAT,  /* parentheses too deeply nested (stack check) */
+  REG_BADPAT,  /* missing digits in \x{} or \o{} */
+  REG_BADPAT   /* pattern too complicated */
 };
 
 /* Table of texts corresponding to POSIX error codes */
Index: pcre3-8.35/pcre_compile.c
===================================================================
--- pcre3-8.35.orig/pcre_compile.c	2016-03-24 11:19:44.968012262 -0400
+++ pcre3-8.35/pcre_compile.c	2016-03-24 11:19:44.960012156 -0400
@@ -6,7 +6,7 @@
 and semantics are as close as possible to those of the Perl 5 language.
 
                        Written by Philip Hazel
-           Copyright (c) 1997-2014 University of Cambridge
+           Copyright (c) 1997-2016 University of Cambridge
 
 -----------------------------------------------------------------------------
 Redistribution and use in source and binary forms, with or without
@@ -550,6 +550,7 @@
   /* 85 */
   "parentheses are too deeply nested (stack check)\0"
   "digits missing in \\x{} or \\o{}\0"
+  "regular expression is too complicated\0"
   ;
 
 /* Table to identify digits and hex digits. This is used when compiling
@@ -4504,7 +4505,8 @@
     if (code > cd->start_workspace + cd->workspace_size -
         WORK_SIZE_SAFETY_MARGIN)                       /* Check for overrun */
       {
-      *errorcodeptr = ERR52;
+      *errorcodeptr = (code >= cd->start_workspace + cd->workspace_size)?
+        ERR52 : ERR87;
       goto FAILED;
       }
 
@@ -6467,8 +6469,21 @@
             cd->had_accept = TRUE;
             for (oc = cd->open_caps; oc != NULL; oc = oc->next)
               {
-              *code++ = OP_CLOSE;
-              PUT2INC(code, 0, oc->number);
+              if (lengthptr != NULL)
+                {
+#ifdef COMPILE_PCRE8
+                *lengthptr += 1 + IMM2_SIZE;
+#elif defined COMPILE_PCRE16
+                *lengthptr += 2 + IMM2_SIZE;
+#elif defined COMPILE_PCRE32
+                *lengthptr += 4 + IMM2_SIZE;
+#endif
+                }
+              else
+                {
+                *code++ = OP_CLOSE;
+                PUT2INC(code, 0, oc->number);
+                }
               }
             setverb = *code++ =
               (cd->assert_depth > 0)? OP_ASSERT_ACCEPT : OP_ACCEPT;
Index: pcre3-8.35/pcre_internal.h
===================================================================
--- pcre3-8.35.orig/pcre_internal.h	2016-03-24 11:19:44.968012262 -0400
+++ pcre3-8.35/pcre_internal.h	2016-03-24 11:21:12.617187799 -0400
@@ -7,7 +7,7 @@
 and semantics are as close as possible to those of the Perl 5 language.
 
                        Written by Philip Hazel
-           Copyright (c) 1997-2014 University of Cambridge
+           Copyright (c) 1997-2016 University of Cambridge
 
 -----------------------------------------------------------------------------
 Redistribution and use in source and binary forms, with or without
@@ -2281,7 +2281,7 @@
        ERR50, ERR51, ERR52, ERR53, ERR54, ERR55, ERR56, ERR57, ERR58, ERR59,
        ERR60, ERR61, ERR62, ERR63, ERR64, ERR65, ERR66, ERR67, ERR68, ERR69,
        ERR70, ERR71, ERR72, ERR73, ERR74, ERR75, ERR76, ERR77, ERR78, ERR79,
-       ERR80, ERR81, ERR82, ERR83, ERR84, ERR85, ERRCOUNT };
+       ERR80, ERR81, ERR82, ERR83, ERR84, ERR85, ERR86, ERR87, ERRCOUNT };
 
 /* JIT compiling modes. The function list is indexed by them. */
 
Index: pcre3-8.35/testdata/testoutput11-8
===================================================================
--- pcre3-8.35.orig/testdata/testoutput11-8	2016-03-24 11:19:44.968012262 -0400
+++ pcre3-8.35/testdata/testoutput11-8	2016-03-24 11:19:44.964012209 -0400
@@ -748,4 +748,7 @@
  34     End
 ------------------------------------------------------------------
 
+/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/
+Failed: missing ) at offset 509
+
 /-- End of testinput11 --/
Index: pcre3-8.35/testdata/testoutput11-16
===================================================================
--- pcre3-8.35.orig/testdata/testoutput11-16	2016-03-24 11:19:44.968012262 -0400
+++ pcre3-8.35/testdata/testoutput11-16	2016-03-24 11:19:44.964012209 -0400
@@ -748,4 +748,7 @@
  22     End
 ------------------------------------------------------------------
 
+/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/
+Failed: regular expression is too complicated at offset 490
+
 /-- End of testinput11 --/
Index: pcre3-8.35/testdata/testinput11
===================================================================
--- pcre3-8.35.orig/testdata/testinput11	2016-03-24 11:19:44.968012262 -0400
+++ pcre3-8.35/testdata/testinput11	2016-03-24 11:19:44.964012209 -0400
@@ -136,4 +136,6 @@
 
 /((?+1)(\1))/B
 
+/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/
+
 /-- End of testinput11 --/
Index: pcre3-8.35/testdata/testoutput11-32
===================================================================
--- pcre3-8.35.orig/testdata/testoutput11-32	2016-03-24 11:19:44.968012262 -0400
+++ pcre3-8.35/testdata/testoutput11-32	2016-03-24 11:19:44.964012209 -0400
@@ -748,4 +748,7 @@
  22     End
 ------------------------------------------------------------------
 
+/([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00]([00](*ACCEPT)/
+Failed: missing ) at offset 509
+
 /-- End of testinput11 --/
