Summary:
Original oss-fuzz report:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3727#c2
The minimized test case that causes this failure:
5b 5b 5b 3d 47 53 00 5b 3d 5d 5b 5d 0a [[[=GS.[=][].
Note the string "=GS\x00". The failure happens because the code is
searching the string against an array of known collated names. "GS\x00"
is a hit, but since len takes into account an extra NUL byte, indexing
into cp->name[len] goes one byte past it's allocated memory. Fix this to
use a strlen(cp->name) comparison to account for NUL bytes in the input.
Reviewers: pcc
Reviewed By: pcc
Subscribers: hctim, kcc
Differential Revision: https://reviews.llvm.org/D39380
llvm-svn: 316786
Crash was possible if match() method
was called on object that was moved or object
created with empty constructor.
Testcases updated.
DIfferential revision: https://reviews.llvm.org/D24123
llvm-svn: 280473
This is useful when need to defer the construction,
e.g. using Regex as a member of class.
Differential revision: https://reviews.llvm.org/D24101
llvm-svn: 280339
The old AddFixedStringToRegEx() it was based on got away with this for the
longest time, but the problem became easy to spot after the cleanup in r197096.
Also add a quick unit test to cover regex escaping.
llvm-svn: 197121
This will be used to implement an optimisation for literal entries
in special case lists.
Differential Revision: http://llvm-reviews.chandlerc.com/D1278
llvm-svn: 187731
appropriate unit tests. This change in itself is not expected to
affect any functionality at this point, but it will serve as a
stepping stone to improve FileCheck's variable matching capabilities.
Luckily, our regex implementation already supports backreferences,
although a bit of hacking is required to enable it. It supports both
Basic Regular Expressions (BREs) and Extended Regular Expressions
(EREs), without supporting backrefs for EREs, following POSIX strictly
in this respect. And EREs is what we actually use (rightly). This is
contrary to many implementations (including the default on Linux) of
POSIX regexes, that do allow backrefs in EREs.
Adding backref support to our EREs is a very simple change in the
regcomp parsing code. I fail to think of significant cases where it
would clash with existing things, and can bring more versatility to
the regexes we write. There's always the danger of a backref in a
specially crafted regex causing exponential matching times, but since
we mainly use them for testing purposes I don't think it's a big
problem. [it can also be placed behind a flag specific to FileCheck,
if needed].
For more details, see:
* http://lists.cs.uiuc.edu/pipermail/llvmdev/2012-November/055840.html
* http://lists.cs.uiuc.edu/pipermail/llvm-commits/Week-of-Mon-20121126/156878.html
llvm-svn: 168802
