Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
L
libvmod-pcre2
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
3
Issues
3
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
uplex-varnish
libvmod-pcre2
Commits
2c4e4804
Commit
2c4e4804
authored
Feb 24, 2017
by
Geoff Simmons
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
implement range checking on compile option parens_nest_limit, and test it
parent
0d1c9014
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
47 additions
and
1 deletion
+47
-1
compile_opts.vtc
src/tests/compile_opts.vtc
+40
-0
vmod_pcre2.c
src/vmod_pcre2.c
+7
-1
No files found.
src/tests/compile_opts.vtc
View file @
2c4e4804
...
...
@@ -19,6 +19,9 @@ varnishtest "compile options"
# - how to test never_backslash_c? pcre2 testdata only mentions it in
# one test, and vtc can't parse the pattern, since it has more {'s
# than }'s.
# - test for no_auto_capture requires backrefs
# - test for no_auto_possess, no_dotstar_anchor and no_start_optimize
# require callouts and/or pattern_info
# allow_empty_class
varnish v1 -vcl {
...
...
@@ -737,3 +740,40 @@ client c1 {
expect resp.http.r7-2 == "false"
expect resp.http.r7-3 == "false"
} -run
# parens_nest_limit
varnish v1 -vcl {
import pcre2 from "${vmod_topbuild}/src/.libs/libvmod_pcre2.so";
backend b { .host = "${bad_ip}"; }
sub vcl_init {
new r = pcre2.regex("(((((a)))))", parens_nest_limit=5);
}
}
varnish v1 -errvcl {vmod pcre2 error: Cannot compile '(((((a)))))' in r constructor: parentheses are too deeply nested at offset 3} {
import pcre2 from "${vmod_topbuild}/src/.libs/libvmod_pcre2.so";
backend b { .host = "${bad_ip}"; }
sub vcl_init {
new r = pcre2.regex("(((((a)))))", parens_nest_limit=2);
}
}
varnish v1 -errvcl {vmod pcre2 error: parens_nest_limit (-1) out of range in r constructor (must be >= 0 and <= 4294967295)} {
import pcre2 from "${vmod_topbuild}/src/.libs/libvmod_pcre2.so";
backend b { .host = "${bad_ip}"; }
sub vcl_init {
new r = pcre2.regex("a", parens_nest_limit=-1);
}
}
varnish v1 -errvcl {vmod pcre2 error: parens_nest_limit (4294967296) out of range in r constructor (must be >= 0 and <= 4294967295)} {
import pcre2 from "${vmod_topbuild}/src/.libs/libvmod_pcre2.so";
backend b { .host = "${bad_ip}"; }
sub vcl_init {
new r = pcre2.regex("a", parens_nest_limit=4294967296);
}
}
src/vmod_pcre2.c
View file @
2c4e4804
...
...
@@ -28,6 +28,7 @@
#include "config.h"
#include <stdint.h>
#include <inttypes.h>
#include <string.h>
#include <locale.h>
...
...
@@ -194,8 +195,13 @@ vmod_regex__init(VRT_CTX, struct vmod_pcre2_regex **regexp,
"constructor"
,
(
long
long
)
max_pattern_len
,
vcl_name
);
return
;
}
if
(
parens_nest_limit
<
0
||
parens_nest_limit
>
UINT32_MAX
)
{
VERR
(
ctx
,
"parens_nest_limit (%lld) out of range in %s "
"constructor (must be >= 0 and <= %"
PRIu32
")"
,
(
long
long
)
parens_nest_limit
,
vcl_name
,
UINT32_MAX
);
return
;
}
/* XXX check that parens_nest_limit >= 0 and <= UINT32_MAX */
/* XXX check illegal combinations such as never_ucp && ucp ... ? */
if
(
anchored
)
options
|=
PCRE2_ANCHORED
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment