Fix incorrect class character matches in JIT

PCRE2Project · Dec 27, 2023 · 542cb11 · 542cb11
1 parent 92d56a1
commit 542cb11
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 1 deletion.
diff --git a/ChangeLog b/ChangeLog
@@ -195,6 +195,8 @@ lookahead assertions are now ignored if the immediately following item is one
 that sets a mandatory starting character. For example, /a?(?=bc|)d/ used to set
 all of a, b, and d as possible starting code units; now it sets only a and d.
 
+54. Fix incorrect class character matches in JIT.
+
 
 Version 10.42 11-December-2022
 ------------------------------

diff --git a/src/pcre2_jit_compile.c b/src/pcre2_jit_compile.c
@@ -8252,6 +8252,7 @@ while (*cc != XCL_END)
       OP2U(SLJIT_AND | SLJIT_SET_Z, typereg, 0, SLJIT_IMM, UCPCAT(ucp_Cf));
       jump = JUMP(SLJIT_ZERO);
 
+      c = charoffset;
       /* In case of ucp_Cf, we overwrite the result. */
       SET_CHAR_OFFSET(0x2066);
       OP2U(SLJIT_SUB | SLJIT_SET_LESS_EQUAL, TMP1, 0, SLJIT_IMM, 0x2069 - 0x2066);
@@ -8263,6 +8264,9 @@ while (*cc != XCL_END)
       OP2U(SLJIT_SUB | SLJIT_SET_Z, TMP1, 0, SLJIT_IMM, 0x180e - 0x2066);
       OP_FLAGS(SLJIT_OR, TMP2, 0, SLJIT_EQUAL);
 
+      /* Restore charoffset. */
+      SET_CHAR_OFFSET(c);
+
       JUMPHERE(jump);
       jump = CMP(SLJIT_ZERO ^ invertcmp, TMP2, 0, SLJIT_IMM, 0);
       break;
@@ -8274,6 +8278,7 @@ while (*cc != XCL_END)
       OP2U(SLJIT_AND | SLJIT_SET_Z, typereg, 0, SLJIT_IMM, UCPCAT(ucp_Cf));
       jump = JUMP(SLJIT_ZERO);
 
+      c = charoffset;
       /* In case of ucp_Cf, we overwrite the result. */
       SET_CHAR_OFFSET(0x2066);
       OP2U(SLJIT_SUB | SLJIT_SET_LESS_EQUAL, TMP1, 0, SLJIT_IMM, 0x2069 - 0x2066);
@@ -8282,6 +8287,9 @@ while (*cc != XCL_END)
       OP2U(SLJIT_SUB | SLJIT_SET_Z, TMP1, 0, SLJIT_IMM, 0x061c - 0x2066);
       OP_FLAGS(SLJIT_OR, TMP2, 0, SLJIT_EQUAL);
 
+      /* Restore charoffset. */
+      SET_CHAR_OFFSET(c);
+
       JUMPHERE(jump);
       jump = CMP(SLJIT_ZERO ^ invertcmp, TMP2, 0, SLJIT_IMM, 0);
       break;
@@ -8326,7 +8334,7 @@ while (*cc != XCL_END)
       OP2U(SLJIT_SUB | SLJIT_SET_LESS_EQUAL, TMP1, 0, SLJIT_IMM, 0xff46 - 0xff41);
       OP_FLAGS(SLJIT_OR, TMP2, 0, SLJIT_LESS_EQUAL);
 
-      SET_CHAR_OFFSET(CHAR_a);
+      SET_CHAR_OFFSET(0xff10);
 
       JUMPHERE(jump);
       OP2U(SLJIT_SUB | SLJIT_SET_Z, TMP2, 0, SLJIT_IMM, 0);

diff --git a/src/pcre2_jit_test.c b/src/pcre2_jit_test.c
@@ -421,6 +421,8 @@ static struct regression_test_case regression_test_cases[] = {
 	{ MUP, 0, 0, 0, "[\\p{Lu}\\P{Latin}]+", "c\xEA\xA4\xAE,A,b" },
 	{ MUP, 0, 0, 0, "[\\x{a92e}\\p{Lu}\\P{Latin}]+", "c\xEA\xA4\xAE,A,b" },
 	{ CMUP, 0, 0, 0, "[^S]\\B", "\xe2\x80\x8a" },
+	{ MUP, 0, 0, 0 | F_NOMATCH, "[^[:print:]\\x{f6f6}]", "\xef\x9b\xb6" },
+	{ MUP, 0, 0, 0, "[[:xdigit:]\\x{6500}]#", "\xe6\x94\x80#" },
 
 	/* Possible empty brackets. */
 	{ MU, A, 0, 0, "(?:|ab||bc|a)+d", "abcxabcabd" },