diff options
| author | Paul Eggert <eggert@cs.ucla.edu> | 2020-08-26 00:07:08 -0700 |
|---|---|---|
| committer | Paul Eggert <eggert@cs.ucla.edu> | 2020-08-26 00:20:31 -0700 |
| commit | 4c0a9754ace421461d648b911da6d5eec49e9a62 (patch) | |
| tree | 67d88e4f5509a074dd1ef95109fdd37476147bc9 /src/regex-emacs.c | |
| parent | 82c089f532ede12c5811daacae5f824703ff8a7e (diff) | |
| download | emacs-4c0a9754ace421461d648b911da6d5eec49e9a62.tar.gz | |
regex-emacs: subscript-check register numbers
* src/regex-emacs.c (PUSH_FAILURE_REG, POP_FAILURE_REG_OR_COUNT)
(re_match_2_internal): Add some easserts for subscript checking.
Diffstat (limited to 'src/regex-emacs.c')
| -rw-r--r-- | src/regex-emacs.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/src/regex-emacs.c b/src/regex-emacs.c index b9c157d21fb..5d1bb094d53 100644 --- a/src/regex-emacs.c +++ b/src/regex-emacs.c @@ -979,10 +979,11 @@ while (REMAINING_AVAIL_SLOTS <= space) { \ do { \ char *destination; \ intptr_t n = num; \ + eassert (0 < n && n < num_regs); \ + eassert (REG_UNSET (regstart[n]) <= REG_UNSET (regend[n])); \ ENSURE_FAIL_STACK(3); \ DEBUG_PRINT (" Push reg %"PRIdPTR" (spanning %p -> %p)\n", \ n, regstart[n], regend[n]); \ - eassert (REG_UNSET (regstart[n]) <= REG_UNSET (regend[n])); \ PUSH_FAILURE_POINTER (regstart[n]); \ PUSH_FAILURE_POINTER (regend[n]); \ PUSH_FAILURE_INT (n); \ @@ -1018,6 +1019,7 @@ do { \ } \ else \ { \ + eassert (0 < pfreg && pfreg < num_regs); \ regend[pfreg] = POP_FAILURE_POINTER (); \ regstart[pfreg] = POP_FAILURE_POINTER (); \ eassert (REG_UNSET (regstart[pfreg]) <= REG_UNSET (regend[pfreg])); \ @@ -4375,6 +4377,7 @@ re_match_2_internal (struct re_pattern_buffer *bufp, registers data structure) under the register number. */ case start_memory: DEBUG_PRINT ("EXECUTING start_memory %d:\n", *p); + eassert (0 < *p && *p < num_regs); /* In case we need to undo this operation (via backtracking). */ PUSH_FAILURE_REG (*p); @@ -4392,6 +4395,7 @@ re_match_2_internal (struct re_pattern_buffer *bufp, case stop_memory: DEBUG_PRINT ("EXECUTING stop_memory %d:\n", *p); + eassert (0 < *p && *p < num_regs); eassert (!REG_UNSET (regstart[*p])); /* Strictly speaking, there should be code such as: @@ -4424,6 +4428,7 @@ re_match_2_internal (struct re_pattern_buffer *bufp, DEBUG_PRINT ("EXECUTING duplicate %d.\n", regno); /* Can't back reference a group which we've never matched. */ + eassert (0 < regno && regno < num_regs); eassert (REG_UNSET (regstart[regno]) <= REG_UNSET (regend[regno])); if (REG_UNSET (regend[regno])) goto fail; |