vre: Don't count on the capture of the 0th group
Using groups[0].e turns out to be unreliable to print the suffix of the subject string for a regsub operation. On Debian buster, with the help of ASAN we can observe uninitialized memory through the remains of ASAN's 0xbe pattern that leads later to a complaint about an invalid pointer: runtime error: pointer index expression with base 0x6310000a0816 overflowed to 0xbebf21cebec8c6d4 With a simple subtraction we can confirm the offset added to the base address: 0xbebf21cebec8c6d4 - 0x6310000a0816 = 0xbebebebebebebebe To work around the possibility of an uninitialized ovector depending on the pcre2 version, we initialize all offsets to PCRE2_UNSET and when we encounter that value we capture a safe empty token. This means that at the end of VRE_sub() we can no longer count on the capture of the 0th group and revert back to using the offset.
Showing
Please register or sign in to comment