implement range checking for compile option max_pattern_len, and test it

src/tests/compile_opts.vtc

-# -*-mode: vcl -*-
+# -*-mode: vcl; coding: raw-text -*-
 
 # Those instructions tell emacs to use utf-8 encoding for this source;
 # you might want to set up your editor similarly.
@@ -494,7 +494,7 @@ varnish v1 -vcl {
 		set resp.http.r1 = r1.match("aBc 0 x x !   x AbCx");
 		set resp.http.r2 = r2.match("a1 bb ~~");
 		set resp.http.r3 = r3.match({" 	_
 123456789"});
-		set resp.http.r4 = r4.match({"ab12!"§$%&/ xyz !"§$%&/"});
+		set resp.http.r4 = r4.match({"ab12!"$%&/ xyz !"$%&/"});
 		set resp.http.r5 = r5.match({" 	_ABCXYZ _abcXYZ987"});
 		set resp.http.r6 = r6.match("0123456789abcdef");
 	}
@@ -549,3 +549,42 @@ client c1 {
 	expect resp.http.r1 == "true"
 	expect resp.http.r2 == "false"
 } -run
+
+# max_pattern_len
+# Just check if compiles succeed.
+varnish v1 -vcl {
+	import pcre2 from "${vmod_topbuild}/src/.libs/libvmod_pcre2.so";
+	backend b { .host = "${bad_ip}"; }
+
+	sub vcl_init {
+		new r1 = pcre2.regex("abc", max_pattern_len=3);
+		new r2 = pcre2.regex("", max_pattern_len=3);
+	}
+}
+
+varnish v1 -errvcl {vmod pcre2 error: Cannot compile 'abcd' in r constructor: pattern string is longer than the limit set by the application at offset 0} {
+	import pcre2 from "${vmod_topbuild}/src/.libs/libvmod_pcre2.so";
+	backend b { .host = "${bad_ip}"; }
+
+	sub vcl_init {
+		new r = pcre2.regex("abcd", max_pattern_len=3);
+	}
+}
+
+varnish v1 -errvcl {vmod pcre2 error: Cannot compile } {
+	import pcre2 from "${vmod_topbuild}/src/.libs/libvmod_pcre2.so";
+	backend b { .host = "${bad_ip}"; }
+
+	sub vcl_init {
+		new r = pcre2.regex("", max_pattern_len=3);
+	}
+}
+
+varnish v1 -errvcl {vmod pcre2 error: max_pattern_len (-1) must be >= 0 in r constructor} {
+	import pcre2 from "${vmod_topbuild}/src/.libs/libvmod_pcre2.so";
+	backend b { .host = "${bad_ip}"; }
+
+	sub vcl_init {
+		new r = pcre2.regex("", max_pattern_len=-1);
+	}
+}

src/vmod_pcre2.c

@@ -184,9 +184,18 @@ vmod_regex__init(VRT_CTX, struct vmod_pcre2_regex **regexp,
 		     vcl_name);
 		return;
 	}
+	/*
+	 * assert that a VCL_INT can never be larger than PCRE2_SIZE_MAX,
+	 * to assume that max_pattern_len can never be too large.
+	 */
+	assert(sizeof(VCL_INT) <= sizeof(PCRE2_SIZE));
+	if (max_pattern_len < 0) {
+		VERR(ctx, "max_pattern_len (%lld) must be >= 0 in %s "
+		     "constructor", (long long) max_pattern_len, vcl_name);
+		return;
+	}
 
-	/* XXX check that max_pattern_len and parens_nest_limit >= 0
-	       and <= UINT32_MAX */
+	/* XXX check that parens_nest_limit >= 0 and <= UINT32_MAX */
 	/* XXX check illegal combinations such as never_ucp && ucp ... ? */
 	if (anchored)
 		options |= PCRE2_ANCHORED;