[webkit-changes] cvs commit: JavaScriptCore/pcre pcre_exec.c
Eric
eseidel at opensource.apple.com
Thu Sep 29 15:05:13 PDT 2005
eseidel 05/09/29 15:05:12
Modified: . ChangeLog
pcre pcre_exec.c
Log:
Bug #: 5176
Submitted by: Mitz Pettel <opendarwin.org at mitzpettel.com>
Reviewed by: darin
Fix JSC memory smasher in TOT.
http://bugzilla.opendarwin.org/show_bug.cgi?id=5176
* pcre/pcre_exec.c:
(match):
Revision Changes Path
1.847 +11 -0 JavaScriptCore/ChangeLog
Index: ChangeLog
===================================================================
RCS file: /cvs/root/JavaScriptCore/ChangeLog,v
retrieving revision 1.846
retrieving revision 1.847
diff -u -r1.846 -r1.847
--- ChangeLog 29 Sep 2005 07:24:15 -0000 1.846
+++ ChangeLog 29 Sep 2005 22:05:10 -0000 1.847
@@ -1,6 +1,17 @@
2005-09-29 Eric Seidel <eseidel at apple.com>
Fix from Mitz Pettel <opendarwin.org at mitzpettel.com>
+ Reviewed by darin.
+
+ Fix JSC memory smasher in TOT.
+ http://bugzilla.opendarwin.org/show_bug.cgi?id=5176
+
+ * pcre/pcre_exec.c:
+ (match):
+
+2005-09-29 Eric Seidel <eseidel at apple.com>
+ Fix from Mitz Pettel <opendarwin.org at mitzpettel.com>
+
Reviewed by mjs.
* JavaScriptCore.xcodeproj/project.pbxproj:
1.4 +23 -3 JavaScriptCore/pcre/pcre_exec.c
Index: pcre_exec.c
===================================================================
RCS file: /cvs/root/JavaScriptCore/pcre/pcre_exec.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- pcre_exec.c 9 Sep 2005 00:51:06 -0000 1.3
+++ pcre_exec.c 29 Sep 2005 22:05:12 -0000 1.4
@@ -1809,7 +1809,18 @@
#if PCRE_UTF16
int dc;
ecode += length;
- GETCHARINC(dc, eptr);
+ switch (md->end_subject - eptr)
+ {
+ case 0:
+ RRETURN(MATCH_NOMATCH);
+ case 1:
+ dc = *eptr++;
+ if (IS_LEADING_SURROGATE(dc))
+ RRETURN(MATCH_NOMATCH);
+ break;
+ default:
+ GETCHARINC(dc, eptr);
+ }
if (fc != dc) RRETURN(MATCH_NOMATCH);
#else
if (length > md->end_subject - eptr) RRETURN(MATCH_NOMATCH);
@@ -1837,7 +1848,9 @@
ecode++;
GETUTF8CHARLEN(fc, ecode, length);
-#if !PCRE_UTF16
+#if PCRE_UTF16
+ if (md->end_subject - eptr == 0) RRETURN(MATCH_NOMATCH);
+#else
if (length > md->end_subject - eptr) RRETURN(MATCH_NOMATCH);
#endif
@@ -1861,7 +1874,14 @@
else
{
int dc;
- GETCHARINC(dc, eptr);
+#if PCRE_UTF16
+ if (md->end_subject - eptr == 1) {
+ dc = *eptr++;
+ if (IS_LEADING_SURROGATE(dc))
+ RRETURN(MATCH_NOMATCH);
+ } else
+#endif
+ GETCHARINC(dc, eptr);
ecode += length;
/* If we have Unicode property support, we can use it to test the other
More information about the webkit-changes
mailing list