• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1Change Log for PCRE2
2--------------------
3
4Version 10.36-RC1 04-December-2020
5----------------------------------
6
71. Add CET_CFLAGS so that when Intel CET is enabled, pass -mshstk to
8compiler. This fixes https://bugs.exim.org/show_bug.cgi?id=2578. Patch for
9Makefile.am and configure.ac by H.J. Lu. Equivalent patch for CMakeLists.txt
10invented by PH.
11
122. Fix inifinite loop when a single byte newline is searched in JIT when
13invalid utf8 mode is enabled.
14
153. Updated CMakeLists.txt with patch from Wolfgang Stöggl (Bugzilla #2584):
16
17  - Include GNUInstallDirs and use ${CMAKE_INSTALL_LIBDIR} instead of hardcoded
18    lib. This allows differentiation between lib and lib64.
19    CMAKE_INSTALL_LIBDIR is used for installation of libraries and also for
20    pkgconfig file generation.
21
22  - Add the version of PCRE2 to the configuration summary like ./configure
23    does.
24
25  - Fix typo: MACTHED_STRING->MATCHED_STRING
26
274. Updated CMakeLists.txt with another patch from Wolfgang Stöggl (Bugzilla
28#2588):
29
30  - Add escaped double quotes around include directory in CMakeLists.txt to
31    allow spaces in directory names.
32
33  - This fixes a cmake error, if the path of the pcre2 source contains a space.
34
355. Updated CMakeLists.txt with a patch from B. Scott Michel: CMake's
36documentation suggests using CHECK_SYMBOL_EXISTS over CHECK_FUNCTION_EXIST.
37Moreover, these functions come from specific header files, which need to be
38specified (and, thankfully, are the same on both the Linux and WinXX
39platforms.)
40
416. Added a (uint32_t) cast to prevent a compiler warning in pcre2_compile.c.
42
437. Applied a patch from Wolfgang Stöggl (Bugzilla #2600) to fix postfix for
44debug Windows builds using CMake. This also updated configure so that it
45generates *.pc files and pcre2-config with the same content, as in the past.
46
478. If a pattern ended with (?(VERSION=n.d where n is any number but d is just a
48single digit, the code unit beyond d was being read (i.e. there was a read
49buffer overflow). Fixes ClusterFuzz 23779.
50
519. After the rework in r1235, certain character ranges were incorrectly
52handled by an optimization in JIT. Furthermore a wrong offset was used to
53read a value from a buffer which could lead to memory overread.
54
5510. Unnoticed for many years was the fact that delimiters other than / in the
56testinput1 and testinput4 files could cause incorrect behaviour when these
57files were processed by perltest.sh. There were several tests that used quotes
58as delimiters, and it was just luck that they didn't go wrong with perltest.sh.
59All the patterns in testinput1 and testinput4 now use / as their delimiter.
60This fixes Bugzilla #2641.
61
6211. Perl has started to give an error for \K within lookarounds (though there
63are cases where it doesn't). PCRE2 still allows this, so the tests that include
64this case have been moved from test 1 to test 2.
65
6612. Further to 10 above, pcre2test has been updated to detect and grumble if a
67delimiter other than / is used after #perltest.
68
6913. Fixed a bug with PCRE2_MATCH_INVALID_UTF in 8-bit mode when PCRE2_CASELESS
70was set and PCRE2_NO_START_OPTIMIZE was not set. The optimization for finding
71the start of a match was not resetting correctly after a failed match on the
72first valid fragment of the subject, possibly causing incorrect "no match"
73returns on subsequent fragments. For example, the pattern /A/ failed to match
74the subject \xe5A. Fixes Bugzilla #2642.
75
7614. Fixed a bug in character set matching when JIT is enabled and both unicode
77scripts and unicode classes are present at the same time.
78
7915. Added GNU grep's -m (aka --max-count) option to pcre2grep.
80
8116. Refactored substitution processing in pcre2grep strings, both for the -O
82option and when dealing with callouts. There is now a single function that
83handles $ expansion in all cases (instead of multiple copies of almost
84identical code). This means that the same escape sequences are available
85everywhere, which was not previously the case. At the same time, the escape
86sequences $x{...} and $o{...} have been introduced, to allow for characters
87whose code points are greater than 255 in Unicode mode.
88
8917. Applied the patch from Bugzilla #2628 to RunGrepTest. This does an explicit
90test for a version of sed that can handle binary zero, instead of assuming that
91any Linux version will work. Later: replaced $(...) by `...` because not all
92shells recognize the former.
93
9418. Fixed a word boundary check bug in JIT when partial matching is enabled.
95
9619. Fix ARM64 compilation warning in JIT. Patch by Carlo.
97
9820. A bug in the RunTest script meant that if the first part of test 2 failed,
99the failure was not reported.
100
10121. Test 2 was failing when run from a directory other than the source
102directory. This failure was previously missed in RunTest because of 20 above.
103Fixes added to both RunTest and RunTest.bat.
104
10522. Patch to CMakeLists.txt from Daniel to fix problem with testing under
106Windows.
107
108
109Version 10.35 09-May-2020
110---------------------------
111
1121. Use PCRE2_MATCH_EMPTY flag to detect empty matches in JIT.
113
1142. Fix ARMv5 JIT improper handling of labels right after a constant pool.
115
1163. A JIT bug is fixed which allowed to read the fields of the compiled
117pattern before its existence is checked.
118
1194. Back in the PCRE1 day, capturing groups that contained recursive back
120references to themselves were made atomic (version 8.01, change 18) because
121after the end a repeated group, the captured substrings had their values from
122the final repetition, not from an earlier repetition that might be the
123destination of a backtrack. This feature was documented, and was carried over
124into PCRE2. However, it has now been realized that the major refactoring that
125was done for 10.30 has made this atomicizing unnecessary, and it is confusing
126when users are unaware of it, making some patterns appear not to be working as
127expected. Capture values of recursive back references in repeated groups are
128now correctly backtracked, so this unnecessary restriction has been removed.
129
1305. Added PCRE2_SUBSTITUTE_LITERAL.
131
1326. Avoid some VS compiler warnings.
133
1347. Added PCRE2_SUBSTITUTE_MATCHED.
135
1368. Added (?* and (?<* as synonms for (*napla: and (*naplb: to match another
137regex engine. The Perl regex folks are aware of this usage and have made a note
138about it.
139
1409. When an assertion is repeated, PCRE2 used to limit the maximum repetition to
1411, believing that repeating an assertion is pointless. However, if a positive
142assertion contains capturing groups, repetition can be useful. In any case, an
143assertion could always be wrapped in a repeated group. The only restriction
144that is now imposed is that an unlimited maximum is changed to one more than
145the minimum.
146
14710. Fix *THEN verbs in lookahead assertions in JIT.
148
14911. Added PCRE2_SUBSTITUTE_REPLACEMENT_ONLY.
150
15112. The JIT stack should be freed when the low-level stack allocation fails.
152
15313. In pcre2grep, if the final line in a scanned file is output but does not
154end with a newline sequence, add a newline according to the --newline setting.
155
15614. (?(DEFINE)...) groups were not being handled correctly when checking for
157the fixed length of a lookbehind assertion. Such a group within a lookbehind
158should be skipped, as it does not contribute to the length of the group.
159Instead, the (DEFINE) group was being processed, and if at the end of the
160lookbehind, that end was not correctly recognized. Errors such as "lookbehind
161assertion is not fixed length" and also "internal error: bad code value in
162parsed_skip()" could result.
163
16415. Put a limit of 1000 on recursive calls in pcre2_study() when searching
165nested groups for starting code units, in order to avoid stack overflow issues.
166If the limit is reached, it just gives up trying for this optimization.
167
16816. The control verb chain list must always be restored when exiting from a
169recurse function in JIT.
170
17117. Fix a crash which occurs when the character type of an invalid UTF
172character is decoded in JIT.
173
17418. Changes in many areas of the code so that when Unicode is supported and
175PCRE2_UCP is set without PCRE2_UTF, Unicode character properties are used for
176upper/lower case computations on characters whose code points are greater than
177127.
178
17919. The function for checking UTF-16 validity was returning an incorrect offset
180for the start of the error when a high surrogate was not followed by a valid
181low surrogate. This caused incorrect behaviour, for example when
182PCRE2_MATCH_INVALID_UTF was set and a match started immediately following the
183invalid high surrogate, such as /aa/ matching "\x{d800}aa".
184
18520. If a DEFINE group immediately preceded a lookbehind assertion, the pattern
186could be mis-compiled and therefore not match correctly. This is the example
187that found this: /(?(DEFINE)(?<foo>bar))(?<![-a-z0-9])word/ which failed to
188match "word" because the "move back" value was set to zero.
189
19021. Following a request from a user, some extensions and tidies to the
191character tables handling have been done:
192
193  (a) The dftables auxiliary program is renamed pcre2_dftables, but it is still
194  not installed for public use.
195
196  (b) There is now a -b option for pcre2_dftables, which causes the tables to
197  be written in binary. There is also a -help option.
198
199  (c) PCRE2_CONFIG_TABLES_LENGTH is added to pcre2_config() so that an
200  application that wants to save tables in binary knows how long they are.
201
20222. Changed setting of CMAKE_MODULE_PATH in CMakeLists.txt from SET to
203LIST(APPEND...) to allow a setting from the command line to be included.
204
20523. Updated to Unicode 13.0.0.
206
20724. CMake build now checks for secure_getenv() and strerror(). Patch by Carlo.
208
20925. Avoid using [-1] as a suffix in pcre2test because it can provoke a compiler
210warning.
211
21226. Added tests for __attribute__((uninitialized)) to both the configure and
213CMake build files, and then applied this attribute to the variable called
214stack_frames_vector[] in pcre2_match(). When implemented, this disables
215automatic initialization (a facility in clang), which can take time on big
216variables.
217
21827. Updated CMakeLists.txt (patches by Uwe Korn) to add support for
219pcre2-config, the libpcre*.pc files, SOVERSION, VERSION and the
220MACHO_*_VERSIONS settings for CMake builds.
221
22228. Another patch to CMakeLists.txt to check for mkostemp (configure already
223does). Patch by Carlo Marcelo Arenas Belon.
224
22529. Check for the existence of memfd_create in both CMake and configure
226configurations. Patch by Carlo Marcelo Arenas Belon.
227
22830. Restrict the configuration setting for the SELinux compatible execmem
229allocator (change 10.30/44) to Linux and NetBSD.
230
231
232Version 10.34 21-November-2019
233------------------------------
234
2351. The maximum number of capturing subpatterns is 65535 (documented), but no
236check on this was ever implemented. This omission has been rectified; it fixes
237ClusterFuzz 14376.
238
2392. Improved the invalid utf32 support of the JIT compiler. Now it correctly
240detects invalid characters in the 0xd800-0xdfff range.
241
2423. Fix minor typo bug in JIT compile when \X is used in a non-UTF string.
243
2444. Add support for matching in invalid UTF strings to the pcre2_match()
245interpreter, and integrate with the existing JIT support via the new
246PCRE2_MATCH_INVALID_UTF compile-time option.
247
2485. Give more error detail for invalid UTF-8 when detected in pcre2grep.
249
2506. Add support for invalid UTF-8 to pcre2grep.
251
2527. Adjust the limit for "must have" code unit searching, in particular,
253increase it substantially for non-anchored patterns.
254
2558. Allow (*ACCEPT) to be quantified, because an ungreedy quantifier with a zero
256minimum is potentially useful.
257
2589. Some changes to the way the minimum subject length is handled:
259
260   * When PCRE2_NO_START_OPTIMIZE is set, no minimum length is computed;
261     pcre2test now omits this item instead of showing a value of zero.
262
263   * An incorrect minimum length could be calculated for a pattern that
264     contained (*ACCEPT) inside a qualified group whose minimum repetition was
265     zero, for example /A(?:(*ACCEPT))?B/, which incorrectly computed a minimum
266     of 2. The minimum length scan no longer happens for a pattern that
267     contains (*ACCEPT).
268
269   * When no minimum length is set by the normal scan, but a first and/or last
270     code unit is recorded, set the minimum to 1 or 2 as appropriate.
271
272   * When a pattern contains multiple groups with the same number, a back
273     reference cannot know which one to scan for a minimum length. This used to
274     cause the minimum length finder to give up with no result. Now it treats
275     such references as not adding to the minimum length (which it should have
276     done all along).
277
278   * Furthermore, the above action now happens only if the back reference is to
279     a group that exists more than once in a pattern instead of any back
280     reference in a pattern with duplicate numbers.
281
28210. A (*MARK) value inside a successful condition was not being returned by the
283interpretive matcher (it was returned by JIT). This bug has been mended.
284
28511. A bug in pcre2grep meant that -o without an argument (or -o0) didn't work
286if the pattern had more than 32 capturing parentheses. This is fixed. In
287addition (a) the default limit for groups requested by -o<n> has been raised to
28850, (b) the new --om-capture option changes the limit, (c) an error is raised
289if -o asks for a group that is above the limit.
290
29112. The quantifier {1} was always being ignored, but this is incorrect when it
292is made possessive and applied to an item in parentheses, because a
293parenthesized item may contain multiple branches or other backtracking points,
294for example /(a|ab){1}+c/ or /(a+){1}+a/.
295
29613. For partial matches, pcre2test was always showing the maximum lookbehind
297characters, flagged with "<", which is misleading when the lookbehind didn't
298actually look behind the start (because it was later in the pattern). Showing
299all consulted preceding characters for partial matches is now controlled by the
300existing "allusedtext" modifier and, as for complete matches, this facility is
301available only for non-JIT matching, because JIT does not maintain the first
302and last consulted characters.
303
30414. DFA matching (using pcre2_dfa_match()) was not recognising a partial match
305if the end of the subject was encountered in a lookahead (conditional or
306otherwise), an atomic group, or a recursion.
307
30815. Give error if pcre2test -t, -T, -tm or -TM is given an argument of zero.
309
31016. Check for integer overflow when computing lookbehind lengths. Fixes
311Clusterfuzz issue 15636.
312
31317. Implemented non-atomic positive lookaround assertions.
314
31518. If a lookbehind contained a lookahead that contained another lookbehind
316within it, the nested lookbehind was not correctly processed. For example, if
317/(?<=(?=(?<=a)))b/ was matched to "ab" it gave no match instead of matching
318"b".
319
32019. Implemented pcre2_get_match_data_size().
321
32220. Two alterations to partial matching:
323
324    (a) The definition of a partial match is slightly changed: if a pattern
325    contains any lookbehinds, an empty partial match may be given, because this
326    is another situation where adding characters to the current subject can
327    lead to a full match. Example: /c*+(?<=[bc])/ with subject "ab".
328
329    (b) Similarly, if a pattern could match an empty string, an empty partial
330    match may be given. Example: /(?![ab]).*/ with subject "ab". This case
331    applies only to PCRE2_PARTIAL_HARD.
332
333    (c) An empty string partial hard match can be returned for \z and \Z as it
334    is documented that they shouldn't match.
335
33621. A branch that started with (*ACCEPT) was not being recognized as one that
337could match an empty string.
338
33922. Corrected pcre2_set_character_tables() tables data type: was const unsigned
340char * instead of const uint8_t *, as generated by pcre2_maketables().
341
34223. Upgraded to Unicode 12.1.0.
343
34424. Add -jitfast command line option to pcre2test (to make all the jit options
345available directly).
346
34725. Make pcre2test -C show if libreadline or libedit is supported.
348
34926. If the length of one branch of a group exceeded 65535 (the maximum value
350that is remembered as a minimum length), the whole group's length was
351incorrectly recorded as 65535, leading to incorrect "no match" when start-up
352optimizations were in force.
353
35427. The "rightmost consulted character" value was not always correct; in
355particular, if a pattern ended with a negative lookahead, characters that were
356inspected in that lookahead were not included.
357
35828. Add the pcre2_maketables_free() function.
359
36029. The start-up optimization that looks for a unique initial matching
361code unit in the interpretive engines uses memchr() in 8-bit mode. When the
362search is caseless, it was doing so inefficiently, which ended up slowing down
363the match drastically when the subject was very long. The revised code (a)
364remembers if one case is not found, so it never repeats the search for that
365case after a bumpalong and (b) when one case has been found, it searches only
366up to that position for an earlier occurrence of the other case. This fix
367applies to both interpretive pcre2_match() and to pcre2_dfa_match().
368
36930. While scanning to find the minimum length of a group, if any branch has
370minimum length zero, there is no need to scan any subsequent branches (a small
371compile-time performance improvement).
372
37331. Installed a .gitignore file on a user's suggestion. When using the svn
374repository with git (through git svn) this helps keep it tidy.
375
37632. Add underflow check in JIT which may occur when the value of subject
377string pointer is close to 0.
378
37933. Arrange for classes such as [Aa] which contain just the two cases of the
380same character, to be treated as a single caseless character. This causes the
381first and required code unit optimizations to kick in where relevant.
382
38334. Improve the bitmap of starting bytes for positive classes that include wide
384characters, but no property types, in UTF-8 mode. Previously, on encountering
385such a class, the bits for all bytes greater than \xc4 were set, thus
386specifying any character with codepoint >= 0x100. Now the only bits that are
387set are for the relevant bytes that start the wide characters. This can give a
388noticeable performance improvement.
389
39035. If the bitmap of starting code units contains only 1 or 2 bits, replace it
391with a single starting code unit (1 bit) or a caseless single starting code
392unit if the two relevant characters are case-partners. This is particularly
393relevant to the 8-bit library, though it applies to all. It can give a
394performance boost for patterns such as [Ww]ord and (word|WORD). However, this
395optimization doesn't happen if there is a "required" code unit of the same
396value (because the search for a "required" code unit starts at the match start
397for non-unique first code unit patterns, but after a unique first code unit,
398and patterns such as a*a need the former action).
399
40036. Small patch to pcre2posix.c to set the erroroffset field to -1 immediately
401after a successful compile, instead of at the start of matching to avoid a
402sanitizer complaint (regexec is supposed to be thread safe).
403
40437. Add NEON vectorization to JIT to speed up matching of first character and
405pairs of characters on ARM64 CPUs.
406
40738. If a non-ASCII character was the first in a starting assertion in a
408caseless match, the "first code unit" optimization did not get the casing
409right, and the assertion failed to match a character in the other case if it
410did not start with the same code unit.
411
41239. Fixed the incorrect computation of jump sizes on x86 CPUs in JIT. A masking
413operation was incorrectly removed in r1136. Reported by Ralf Junker.
414
415
416Version 10.33 16-April-2019
417---------------------------
418
4191. Added "allvector" to pcre2test to make it easy to check the part of the
420ovector that shouldn't be changed, in particular after substitute and failed or
421partial matches.
422
4232. Fix subject buffer overread in JIT when UTF is disabled and \X or \R has
424a greater than 1 fixed quantifier. This issue was found by Yunho Kim.
425
4263. Added support for callouts from pcre2_substitute(). After 10.33-RC1, but
427prior to release, fixed a bug that caused a crash if pcre2_substitute() was
428called with a NULL match context.
429
4304. The POSIX functions are now all called pcre2_regcomp() etc., with wrapper
431functions that use the standard POSIX names. However, in pcre2posix.h the POSIX
432names are defined as macros. This should help avoid linking with the wrong
433library in some environments while still exporting the POSIX names for
434pre-existing programs that use them. (The Debian alternative names are also
435defined as macros, but not documented.)
436
4375. Fix an xclass matching issue in JIT.
438
4396. Implement PCRE2_EXTRA_ESCAPED_CR_IS_LF (see Bugzilla 2315).
440
4417. Implement the Perl 5.28 experimental alphabetic names for atomic groups and
442lookaround assertions, for example, (*pla:...) and (*atomic:...). These are
443characterized by a lower case letter following (* and to simplify coding for
444this, the character tables created by pcre2_maketables() were updated to add a
445new "is lower case letter" bit. At the same time, the now unused "is
446hexadecimal digit" bit was removed. The default tables in
447src/pcre2_chartables.c.dist are updated.
448
4498. Implement the new Perl "script run" features (*script_run:...) and
450(*atomic_script_run:...) aka (*sr:...) and (*asr:...).
451
4529. Fixed two typos in change 22 for 10.21, which added special handling for
453ranges such as a-z in EBCDIC environments. The original code probably never
454worked, though there were no bug reports.
455
45610. Implement PCRE2_COPY_MATCHED_SUBJECT for pcre2_match() (including JIT via
457pcre2_match()) and pcre2_dfa_match(), but *not* the pcre2_jit_match() fast
458path. Also, when a match fails, set the subject field in the match data to NULL
459for tidiness - none of the substring extractors should reference this after
460match failure.
461
46211. If a pattern started with a subroutine call that had a quantifier with a
463minimum of zero, an incorrect "match must start with this character" could be
464recorded. Example: /(?&xxx)*ABC(?<xxx>XYZ)/ would (incorrectly) expect 'A' to
465be the first character of a match.
466
46712. The heap limit checking code in pcre2_dfa_match() could suffer from
468overflow if the heap limit was set very large. This could cause incorrect "heap
469limit exceeded" errors.
470
47113. Add "kibibytes" to the heap limit output from pcre2test -C to make the
472units clear.
473
47414. Add a call to pcre2_jit_free_unused_memory() in pcre2grep, for tidiness.
475
47615. Updated the VMS-specific code in pcre2test on the advice of a VMS user.
477
47816. Removed the unnecessary inclusion of stdint.h (or inttypes.h) from
479pcre2_internal.h as it is now included by pcre2.h. Also, change 17 for 10.32
480below was unnecessarily complicated, as inttypes.h is a Standard C header,
481which is defined to be a superset of stdint.h. Instead of conditionally
482including stdint.h or inttypes.h, pcre2.h now unconditionally includes
483inttypes.h. This supports environments that do not have stdint.h but do have
484inttypes.h, which are known to exist. A note in the autotools documentation
485says (November 2018) that there are none known that are the other way round.
486
48717. Added --disable-percent-zt to "configure" (and equivalent to CMake) to
488forcibly disable the use of %zu and %td in formatting strings because there is
489at least one version of VMS that claims to be C99 but does not support these
490modifiers.
491
49218. Added --disable-pcre2grep-callout-fork, which restricts the callout support
493in pcre2grep to the inbuilt echo facility. This may be useful in environments
494that do not support fork().
495
49619. Fix two instances of <= 0 being applied to unsigned integers (the VMS
497compiler complains).
498
49920. Added "fork" support for VMS to pcre2grep, for running an external program
500via a string callout.
501
50221. Improve MAP_JIT flag usage on MacOS. Patch by Rich Siegel.
503
50422. If a pattern started with (*MARK), (*COMMIT), (*PRUNE), (*SKIP), or (*THEN)
505followed by ^ it was not recognized as anchored.
506
50723. The RunGrepTest script used to cut out the test of NUL characters for
508Solaris and MacOS as printf and sed can't handle them. It seems that the *BSD
509systems can't either. I've inverted the test so that only those OS that are
510known to work (currently only Linux) try to run this test.
511
51224. Some tests in RunGrepTest appended to testtrygrep from two different file
513descriptors instead of redirecting stderr to stdout. This worked on Linux, but
514it was reported not to on other systems, causing the tests to fail.
515
51625. In the RunTest script, make the test for stack setting use the same value
517for the stack as it needs for -bigstack.
518
51926. Insert a cast in pcre2_dfa_match.c to suppress a compiler warning.
520
52126. With PCRE2_EXTRA_BAD_ESCAPE_IS_LITERAL set, escape sequences such as \s
522which are valid in character classes, but not as the end of ranges, were being
523treated as literals. An example is [_-\s] (but not [\s-_] because that gave an
524error at the *start* of a range). Now an "invalid range" error is given
525independently of PCRE2_EXTRA_BAD_ESCAPE_IS_LITERAL.
526
52727. Related to 26 above, PCRE2_BAD_ESCAPE_IS_LITERAL was affecting known escape
528sequences such as \eX when they appeared invalidly in a character class. Now
529the option applies only to unrecognized or malformed escape sequences.
530
53128. Fix word boundary in JIT compiler. Patch by Mike Munday.
532
53329. The pcre2_dfa_match() function was incorrectly handling conditional version
534tests such as (?(VERSION>=0)...) when the version test was true. Incorrect
535processing or a crash could result.
536
53730. When PCRE2_UTF is set, allow non-ASCII letters and decimal digits in group
538names, as Perl does. There was a small bug in this new code, found by
539ClusterFuzz 12950, fixed before release.
540
54131. Implemented PCRE2_EXTRA_ALT_BSUX to support ECMAScript 6's \u{hhh}
542construct.
543
54432. Compile \p{Any} to be the same as . in DOTALL mode, so that it benefits
545from auto-anchoring if \p{Any}* starts a pattern.
546
54733. Compile invalid UTF check in JIT test when only pcre32 is enabled.
548
54934. For some time now, CMake has been warning about the setting of policy
550CMP0026 to "OLD" in CmakeLists.txt, and hinting that the feature might be
551removed in a future version. A request for CMake expertise on the list produced
552no result, so I have now hacked CMakeLists.txt along the lines of some changes
553I found on the Internet. The new code no longer needs the policy setting, and
554it appears to work fine on Linux.
555
55635. Setting --enable-jit=auto for an out-of-tree build failed because the
557source directory wasn't in the search path for AC_TRY_COMPILE always. Patch
558from Ross Burton.
559
56036. Disable SSE2 JIT optimizations in x86 CPUs when SSE2 is not available.
561Patch by Guillem Jover.
562
56337. Changed expressions such as 1<<10 to 1u<<10 in many places because compiler
564warnings were reported.
565
56638. Using the clang compiler with sanitizing options causes runtime complaints
567about truncation for statments such as x = ~x when x is an 8-bit value; it
568seems to compute ~x as a 32-bit value. Changing such statements to x = 255 ^ x
569gets rid of the warnings. There were also two missing casts in pcre2test.
570
571
572Version 10.32 10-September-2018
573-------------------------------
574
5751. When matching using the the REG_STARTEND feature of the POSIX API with a
576non-zero starting offset, unset capturing groups with lower numbers than a
577group that did capture something were not being correctly returned as "unset"
578(that is, with offset values of -1).
579
5802. When matching using the POSIX API, pcre2test used to omit listing unset
581groups altogether. Now it shows those that come before any actual captures as
582"<unset>", as happens for non-POSIX matching.
583
5843. Running "pcre2test -C" always stated "\R matches CR, LF, or CRLF only",
585whatever the build configuration was. It now correctly says "\R matches all
586Unicode newlines" in the default case when --enable-bsr-anycrlf has not been
587specified. Similarly, running "pcre2test -C bsr" never produced the result
588ANY.
589
5904. Matching the pattern /(*UTF)\C[^\v]+\x80/ against an 8-bit string containing
591multi-code-unit characters caused bad behaviour and possibly a crash. This
592issue was fixed for other kinds of repeat in release 10.20 by change 19, but
593repeating character classes were overlooked.
594
5955. pcre2grep now supports the inclusion of binary zeros in patterns that are
596read from files via the -f option.
597
5986. A small fix to pcre2grep to avoid compiler warnings for -Wformat-overflow=2.
599
6007. Added --enable-jit=auto support to configure.ac.
601
6028. Added some dummy variables to the heapframe structure in 16-bit and 32-bit
603modes for the benefit of m68k, where pointers can be 16-bit aligned. The
604dummies force 32-bit alignment and this ensures that the structure is a
605multiple of PCRE2_SIZE, a requirement that is tested at compile time. In other
606architectures, alignment requirements take care of this automatically.
607
6089. When returning an error from pcre2_pattern_convert(), ensure the error
609offset is set zero for early errors.
610
61110. A number of patches for Windows support from Daniel Richard G:
612
613  (a) List of error numbers in Runtest.bat corrected (it was not the same as in
614      Runtest).
615
616  (b) pcre2grep snprintf() workaround as used elsewhere in the tree.
617
618  (c) Support for non-C99 snprintf() that returns -1 in the overflow case.
619
62011. Minor tidy of pcre2_dfa_match() code.
621
62212. Refactored pcre2_dfa_match() so that the internal recursive calls no longer
623use the stack for local workspace and local ovectors. Instead, an initial block
624of stack is reserved, but if this is insufficient, heap memory is used. The
625heap limit parameter now applies to pcre2_dfa_match().
626
62713. If a "find limits" test of DFA matching in pcre2test resulted in too many
628matches for the ovector, no matches were displayed.
629
63014. Removed an occurrence of ctrl/Z from test 6 because Windows treats it as
631EOF. The test looks to have come from a fuzzer.
632
63315. If PCRE2 was built with a default match limit a lot greater than the
634default default of 10 000 000, some JIT tests of the match limit no longer
635failed. All such tests now set 10 000 000 as the upper limit.
636
63716. Another Windows related patch for pcregrep to ensure that WIN32 is
638undefined under Cygwin.
639
64017. Test for the presence of stdint.h and inttypes.h in configure and CMake and
641include whichever exists (stdint preferred) instead of unconditionally
642including stdint. This makes life easier for old and non-standard systems.
643
64418. Further changes to improve portability, especially to old and or non-
645standard systems:
646
647  (a) Put all printf arguments in RunGrepTest into single, not double, quotes,
648      and use \0 not \x00 for binary zero.
649
650  (b) Avoid the use of C++ (i.e. BCPL) // comments.
651
652  (c) Parameterize the use of %zu in pcre2test to make it like %td. For both of
653      these now, if using MSVC or a standard C before C99, %lu is used with a
654      cast if necessary.
655
65619. Applied a contributed patch to CMakeLists.txt to increase the stack size
657when linking pcre2test with MSVC. This gets rid of a stack overflow error in
658the standard set of tests.
659
66020. Output a warning in pcre2test when ignoring the "altglobal" modifier when
661it is given with the "replace" modifier.
662
66321. In both pcre2test and pcre2_substitute(), with global matching, a pattern
664that matched an empty string, but never at the starting match offset, was not
665handled in a Perl-compatible way. The pattern /(<?=\G.)/ is an example of such
666a pattern. Because \G is in a lookbehind assertion, there has to be a
667"bumpalong" before there can be a match. The automatic "advance by one
668character after an empty string match" rule is therefore inappropriate. A more
669complicated algorithm has now been implemented.
670
67122. When checking to see if a lookbehind is of fixed length, lookaheads were
672correctly ignored, but qualifiers on lookaheads were not being ignored, leading
673to an incorrect "lookbehind assertion is not fixed length" error.
674
67523. The VERSION condition test was reading fractional PCRE2 version numbers
676such as the 04 in 10.04 incorrectly and hence giving wrong results.
677
67824. Updated to Unicode version 11.0.0. As well as the usual addition of new
679scripts and characters, this involved re-jigging the grapheme break property
680algorithm because Unicode has changed the way emojis are handled.
681
68225. Fixed an obscure bug that struck when there were two atomic groups not
683separated by something with a backtracking point. There could be an incorrect
684backtrack into the first of the atomic groups. A complicated example is
685/(?>a(*:1))(?>b)(*SKIP:1)x|.*/ matched against "abc", where the *SKIP
686shouldn't find a MARK (because is in an atomic group), but it did.
687
68826. Upgraded the perltest.sh script: (1) #pattern lines can now be used to set
689a list of modifiers for all subsequent patterns - only those that the script
690recognizes are meaningful; (2) #subject lines can be used to set or unset a
691default "mark" modifier; (3) Unsupported #command lines give a warning when
692they are ignored; (4) Mark data is output only if the "mark" modifier is
693present.
694
69527. (*ACCEPT:ARG), (*FAIL:ARG), and (*COMMIT:ARG) are now supported.
696
69728. A (*MARK) name was not being passed back for positive assertions that were
698terminated by (*ACCEPT).
699
70029. Add support for \N{U+dddd}, but only in Unicode mode.
701
70230. Add support for (?^) for unsetting all imnsx options.
703
70431. The PCRE2_EXTENDED (/x) option only ever discarded space characters whose
705code point was less than 256 and that were recognized by the lookup table
706generated by pcre2_maketables(), which uses isspace() to identify white space.
707Now, when Unicode support is compiled, PCRE2_EXTENDED also discards U+0085,
708U+200E, U+200F, U+2028, and U+2029, which are additional characters defined by
709Unicode as "Pattern White Space". This makes PCRE2 compatible with Perl.
710
71132. In certain circumstances, option settings within patterns were not being
712correctly processed. For example, the pattern /((?i)A)(?m)B/ incorrectly
713matched "ab". (The (?m) setting lost the fact that (?i) should be reset at the
714end of its group during the parse process, but without another setting such as
715(?m) the compile phase got it right.) This bug was introduced by the
716refactoring in release 10.23.
717
71833. PCRE2 uses bcopy() if available when memmove() is not, and it used just to
719define memmove() as function call to bcopy(). This hasn't been tested for a
720long time because in pcre2test the result of memmove() was being used, whereas
721bcopy() doesn't return a result. This feature is now refactored always to call
722an emulation function when there is no memmove(). The emulation makes use of
723bcopy() when available.
724
72534. When serializing a pattern, set the memctl, executable_jit, and tables
726fields (that is, all the fields that contain pointers) to zeros so that the
727result of serializing is always the same. These fields are re-set when the
728pattern is deserialized.
729
73035. In a pattern such as /[^\x{100}-\x{ffff}]*[\x80-\xff]/ which has a repeated
731negative class with no characters less than 0x100 followed by a positive class
732with only characters less than 0x100, the first class was incorrectly being
733auto-possessified, causing incorrect match failures.
734
73536. Removed the character type bit ctype_meta, which dates from PCRE1 and is
736not used in PCRE2.
737
73837. Tidied up unnecessarily complicated macros used in the escapes table.
739
74038. Since 10.21, the new testoutput8-16-4 file has accidentally been omitted
741from distribution tarballs, owing to a typo in Makefile.am which had
742testoutput8-16-3 twice. Now fixed.
743
74439. If the only branch in a conditional subpattern was anchored, the whole
745subpattern was treated as anchored, when it should not have been, since the
746assumed empty second branch cannot be anchored. Demonstrated by test patterns
747such as /(?(1)^())b/ or /(?(?=^))b/.
748
74940. A repeated conditional subpattern that could match an empty string was
750always assumed to be unanchored. Now it it checked just like any other
751repeated conditional subpattern, and can be found to be anchored if the minimum
752quantifier is one or more. I can't see much use for a repeated anchored
753pattern, but the behaviour is now consistent.
754
75541. Minor addition to pcre2_jit_compile.c to avoid static analyzer complaint
756(for an event that could never occur but you had to have external information
757to know that).
758
75942. If before the first match in a file that was being searched by pcre2grep
760there was a line that was sufficiently long to cause the input buffer to be
761expanded, the variable holding the location of the end of the previous match
762was being adjusted incorrectly, and could cause an overflow warning from a code
763sanitizer. However, as the value is used only to print pending "after" lines
764when the next match is reached (and there are no such lines in this case) this
765bug could do no damage.
766
767
768Version 10.31 12-February-2018
769------------------------------
770
7711. Fix typo (missing ]) in VMS code in pcre2test.c.
772
7732. Replace the replicated code for matching extended Unicode grapheme sequences
774(which got a lot more complicated by change 10.30/49) by a single subroutine
775that is called by both pcre2_match() and pcre2_dfa_match().
776
7773. Add idempotent guard to pcre2_internal.h.
778
7794. Add new pcre2_config() options: PCRE2_CONFIG_NEVER_BACKSLASH_C and
780PCRE2_CONFIG_COMPILED_WIDTHS.
781
7825. Cut out \C tests in the JIT regression tests when NEVER_BACKSLASH_C is
783defined (e.g. by --enable-never-backslash-C).
784
7856. Defined public names for all the pcre2_compile() error numbers, and used
786the public names in pcre2_convert.c.
787
7887. Fixed a small memory leak in pcre2test (convert contexts).
789
7908. Added two casts to compile.c and one to match.c to avoid compiler warnings.
791
7929. Added code to pcre2grep when compiled under VMS to set the symbol
793PCRE2GREP_RC to the exit status, because VMS does not distinguish between
794exit(0) and exit(1).
795
79610. Added the -LM (list modifiers) option to pcre2test. Also made -C complain
797about a bad option only if the following argument item does not start with a
798hyphen.
799
80011. pcre2grep was truncating components of file names to 128 characters when
801processing files with the -r option, and also (some very odd code) truncating
802path names to 512 characters. There is now a check on the absolute length of
803full path file names, which may be up to 2047 characters long.
804
80512. When an assertion contained (*ACCEPT) it caused all open capturing groups
806to be closed (as for a non-assertion ACCEPT), which was wrong and could lead to
807misbehaviour for subsequent references to groups that started outside the
808assertion. ACCEPT in an assertion now closes only those groups that were
809started within that assertion. Fixes oss-fuzz issues 3852 and 3891.
810
81113. Multiline matching in pcre2grep was misbehaving if the pattern matched
812within a line, and then matched again at the end of the line and over into
813subsequent lines. Behaviour was different with and without colouring, and
814sometimes context lines were incorrectly printed and/or line endings were lost.
815All these issues should now be fixed.
816
81714. If --line-buffered was specified for pcre2grep when input was from a
818compressed file (.gz or .bz2) a segfault occurred. (Line buffering should be
819ignored for compressed files.)
820
82115. Although pcre2_jit_match checks whether the pattern is compiled
822in a given mode, it was also expected that at least one mode is available.
823This is fixed and pcre2_jit_match returns with PCRE2_ERROR_JIT_BADOPTION
824when the pattern is not optimized by JIT at all.
825
82616. The line number and related variables such as match counts in pcre2grep
827were all int variables, causing overflow when files with more than 2147483647
828lines were processed (assuming 32-bit ints). They have all been changed to
829unsigned long ints.
830
83117. If a backreference with a minimum repeat count of zero was first in a
832pattern, apart from assertions, an incorrect first matching character could be
833recorded. For example, for the pattern /(?=(a))\1?b/, "b" was incorrectly set
834as the first character of a match.
835
83618. Characters in a leading positive assertion are considered for recording a
837first character of a match when the rest of the pattern does not provide one.
838However, a character in a non-assertive group within a leading assertion such
839as in the pattern /(?=(a))\1?b/ caused this process to fail. This was an
840infelicity rather than an outright bug, because it did not affect the result of
841a match, just its speed. (In fact, in this case, the starting 'a' was
842subsequently picked up in the study.)
843
84419. A minor tidy in pcre2_match(): making all PCRE2_ERROR_ returns use "return"
845instead of "RRETURN" saves unwinding the backtracks in these cases (only one
846didn't).
847
84820. Allocate a single callout block on the stack at the start of pcre2_match()
849and set its never-changing fields once only. Do the same for pcre2_dfa_match().
850
85121. Save the extra compile options (set in the compile context) with the
852compiled pattern (they were not previously saved), add PCRE2_INFO_EXTRAOPTIONS
853to retrieve them, and update pcre2test to show them.
854
85522. Added PCRE2_CALLOUT_STARTMATCH and PCRE2_CALLOUT_BACKTRACK bits to a new
856field callout_flags in callout blocks. The bits are set by pcre2_match(), but
857not by JIT or pcre2_dfa_match(). Their settings are shown in pcre2test callouts
858if the callout_extra subject modifier is set. These bits are provided to help
859with tracking how a backtracking match is proceeding.
860
86123. Updated the pcre2demo.c demonstration program, which was missing the extra
862code for -g that handles the case when \K in an assertion causes the match to
863end at the original start point. Also arranged for it to detect when \K causes
864the end of a match to be before its start.
865
86624. Similar to 23 above, strange things (including loops) could happen in
867pcre2grep when \K was used in an assertion when --colour was used or in
868multiline mode. The "end at original start point" bug is fixed, and if the end
869point is found to be before the start point, they are swapped.
870
87125. When PCRE2_FIRSTLINE without PCRE2_NO_START_OPTIMIZE was used in non-JIT
872matching (both pcre2_match() and pcre2_dfa_match()) and the matched string
873started with the first code unit of a newline sequence, matching failed because
874it was not tried at the newline.
875
87626. Code for giving up a non-partial match after failing to find a starting
877code unit anywhere in the subject was missing when searching for one of a
878number of code units (the bitmap case) in both pcre2_match() and
879pcre2_dfa_match(). This was a missing optimization rather than a bug.
880
88127. Tidied up the ACROSSCHAR macro to be like FORWARDCHAR and BACKCHAR, using a
882pointer argument rather than a code unit value. This should not have affected
883the generated code.
884
88528. The JIT compiler has been updated.
886
88729. Avoid pointer overflow for unset captures in pcre2_substring_list_get().
888This could not actually cause a crash because it was always used in a memcpy()
889call with zero length.
890
89130. Some internal structures have a variable-length ovector[] as their last
892element. Their actual memory is obtained dynamically, giving an ovector of
893appropriate length. However, they are defined in the structure as
894ovector[NUMBER], where NUMBER is large so that array bound checkers don't
895grumble. The value of NUMBER was 10000, but a fuzzer exceeded 5000 capturing
896groups, making the ovector larger than this. The number has been increased to
897131072, which allows for the maximum number of captures (65535) plus the
898overall match. This fixes oss-fuzz issue 5415.
899
90031. Auto-possessification at the end of a capturing group was dependent on what
901follows the group (e.g. /(a+)b/ would auto-possessify the a+) but this caused
902incorrect behaviour when the group was called recursively from elsewhere in the
903pattern where something different might follow. This bug is an unforseen
904consequence of change #1 for 10.30 - the implementation of backtracking into
905recursions. Iterators at the ends of capturing groups are no longer considered
906for auto-possessification if the pattern contains any recursions. Fixes
907Bugzilla #2232.
908
909
910Version 10.30 14-August-2017
911----------------------------
912
9131. The main interpreter, pcre2_match(), has been refactored into a new version
914that does not use recursive function calls (and therefore the stack) for
915remembering backtracking positions. This makes --disable-stack-for-recursion a
916NOOP. The new implementation allows backtracking into recursive group calls in
917patterns, making it more compatible with Perl, and also fixes some other
918hard-to-do issues such as #1887 in Bugzilla. The code is also cleaner because
919the old code had a number of fudges to try to reduce stack usage. It seems to
920run no slower than the old code.
921
922A number of bugs in the refactored code were subsequently fixed during testing
923before release, but after the code was made available in the repository. These
924bugs were never in fully released code, but are noted here for the record.
925
926  (a) If a pattern had fewer capturing parentheses than the ovector supplied in
927      the match data block, a memory error (detectable by ASAN) occurred after
928      a match, because the external block was being set from non-existent
929      internal ovector fields. Fixes oss-fuzz issue 781.
930
931  (b) A pattern with very many capturing parentheses (when the internal frame
932      size was greater than the initial frame vector on the stack) caused a
933      crash. A vector on the heap is now set up at the start of matching if the
934      vector on the stack is not big enough to handle at least 10 frames.
935      Fixes oss-fuzz issue 783.
936
937  (c) Handling of (*VERB)s in recursions was wrong in some cases.
938
939  (d) Captures in negative assertions that were used as conditions were not
940      happening if the assertion matched via (*ACCEPT).
941
942  (e) Mark values were not being passed out of recursions.
943
944  (f) Refactor some code in do_callout() to avoid picky compiler warnings about
945      negative indices. Fixes oss-fuzz issue 1454.
946
947  (g) Similarly refactor the way the variable length ovector is addressed for
948      similar reasons. Fixes oss-fuzz issue 1465.
949
9502. Now that pcre2_match() no longer uses recursive function calls (see above),
951the "match limit recursion" value seems misnamed. It still exists, and limits
952the depth of tree that is searched. To avoid future confusion, it has been
953renamed as "depth limit" in all relevant places (--with-depth-limit,
954(*LIMIT_DEPTH), pcre2_set_depth_limit(), etc) but the old names are still
955available for backwards compatibility.
956
9573. Hardened pcre2test so as to reduce the number of bugs reported by fuzzers:
958
959  (a) Check for malloc failures when getting memory for the ovector (POSIX) or
960      the match data block (non-POSIX).
961
9624. In the 32-bit library in non-UTF mode, an attempt to find a Unicode property
963for a character with a code point greater than 0x10ffff (the Unicode maximum)
964caused a crash.
965
9665. If a lookbehind assertion that contained a back reference to a group
967appearing later in the pattern was compiled with the PCRE2_ANCHORED option,
968undefined actions (often a segmentation fault) could occur, depending on what
969other options were set. An example assertion is (?<!\1(abc)) where the
970reference \1 precedes the group (abc). This fixes oss-fuzz issue 865.
971
9726. Added the PCRE2_INFO_FRAMESIZE item to pcre2_pattern_info() and arranged for
973pcre2test to use it to output the frame size when the "framesize" modifier is
974given.
975
9767. Reworked the recursive pattern matching in the JIT compiler to follow the
977interpreter changes.
978
9798. When the zero_terminate modifier was specified on a pcre2test subject line
980for global matching, unpredictable things could happen. For example, in UTF-8
981mode, the pattern //g,zero_terminate read random memory when matched against an
982empty string with zero_terminate. This was a bug in pcre2test, not the library.
983
9849. Moved some Windows-specific code in pcre2grep (introduced in 10.23/13) out
985of the section that is compiled when Unix-style directory scanning is
986available, and into a new section that is always compiled for Windows.
987
98810. In pcre2test, explicitly close the file after an error during serialization
989or deserialization (the "load" or "save" commands).
990
99111. Fix memory leak in pcre2_serialize_decode() when the input is invalid.
992
99312. Fix potential NULL dereference in pcre2_callout_enumerate() if called with
994a NULL pattern pointer when Unicode support is available.
995
99613. When the 32-bit library was being tested by pcre2test, error messages that
997were longer than 64 code units could cause a buffer overflow. This was a bug in
998pcre2test.
999
100014. The alternative matching function, pcre2_dfa_match() misbehaved if it
1001encountered a character class with a possessive repeat, for example [a-f]{3}+.
1002
100315. The depth (formerly recursion) limit now applies to DFA matching (as
1004of 10.23/36); pcre2test has been upgraded so that \=find_limits works with DFA
1005matching to find the minimum value for this limit.
1006
100716. Since 10.21, if pcre2_match() was called with a null context, default
1008memory allocation functions were used instead of whatever was used when the
1009pattern was compiled.
1010
101117. Changes to the pcre2test "memory" modifier on a subject line. These apply
1012only to pcre2_match():
1013
1014  (a) Warn if null_context is set on both pattern and subject, because the
1015      memory details cannot then be shown.
1016
1017  (b) Remember (up to a certain number of) memory allocations and their
1018      lengths, and list only the lengths, so as to be system-independent.
1019      (In practice, the new interpreter never has more than 2 blocks allocated
1020      simultaneously.)
1021
102218. Make pcre2test detect an error return from pcre2_get_error_message(), give
1023a message, and abandon the run (this would have detected #13 above).
1024
102519. Implemented PCRE2_ENDANCHORED.
1026
102720. Applied Jason Hood's patches (slightly modified) to pcre2grep, to implement
1028the --output=text (-O) option and the inbuilt callout echo.
1029
103021. Extend auto-anchoring etc. to ignore groups with a zero qualifier and
1031single-branch conditions with a false condition (e.g. DEFINE) at the start of a
1032branch. For example, /(?(DEFINE)...)^A/ and /(...){0}^B/ are now flagged as
1033anchored.
1034
103522. Added an explicit limit on the amount of heap used by pcre2_match(), set by
1036pcre2_set_heap_limit() or (*LIMIT_HEAP=xxx). Upgraded pcre2test to show the
1037heap limit along with other pattern information, and to find the minimum when
1038the find_limits modifier is set.
1039
104023. Write to the last 8 bytes of the pcre2_real_code structure when a compiled
1041pattern is set up so as to initialize any padding the compiler might have
1042included. This avoids valgrind warnings when a compiled pattern is copied, in
1043particular when it is serialized.
1044
104524. Remove a redundant line of code left in accidentally a long time ago.
1046
104725. Remove a duplication typo in pcre2_tables.c
1048
104926. Correct an incorrect cast in pcre2_valid_utf.c
1050
105127. Update pcre2test, remove some unused code in pcre2_match(), and upgrade the
1052tests to improve coverage.
1053
105428. Some fixes/tidies as a result of looking at Coverity Scan output:
1055
1056    (a) Typo: ">" should be ">=" in opcode check in pcre2_auto_possess.c.
1057    (b) Added some casts to avoid "suspicious implicit sign extension".
1058    (c) Resource leaks in pcre2test in rare error cases.
1059    (d) Avoid warning for never-use case OP_TABLE_LENGTH which is just a fudge
1060        for checking at compile time that tables are the right size.
1061    (e) Add missing "fall through" comment.
1062
106329. Implemented PCRE2_EXTENDED_MORE and related /xx and (?xx) features.
1064
106530. Implement (?n: for PCRE2_NO_AUTO_CAPTURE, because Perl now has this.
1066
106731. If more than one of "push", "pushcopy", or "pushtablescopy" were set in
1068pcre2test, a crash could occur.
1069
107032. Make -bigstack in RunTest allocate a 64MiB stack (instead of 16MiB) so
1071that all the tests can run with clang's sanitizing options.
1072
107333. Implement extra compile options in the compile context and add the first
1074one: PCRE2_EXTRA_ALLOW_SURROGATE_ESCAPES.
1075
107634. Implement newline type PCRE2_NEWLINE_NUL.
1077
107835. A lookbehind assertion that had a zero-length branch caused undefined
1079behaviour when processed by pcre2_dfa_match(). This is oss-fuzz issue 1859.
1080
108136. The match limit value now also applies to pcre2_dfa_match() as there are
1082patterns that can use up a lot of resources without necessarily recursing very
1083deeply. (Compare item 10.23/36.) This should fix oss-fuzz #1761.
1084
108537. Implement PCRE2_EXTRA_BAD_ESCAPE_IS_LITERAL.
1086
108738. Fix returned offsets from regexec() when REG_STARTEND is used with a
1088starting offset greater than zero.
1089
109039. Implement REG_PEND (GNU extension) for the POSIX wrapper.
1091
109240. Implement the subject_literal modifier in pcre2test, and allow jitstack on
1093pattern lines.
1094
109541. Implement PCRE2_LITERAL and use it to support REG_NOSPEC.
1096
109742. Implement PCRE2_EXTRA_MATCH_LINE and PCRE2_EXTRA_MATCH_WORD for the benefit
1098of pcre2grep.
1099
110043. Re-implement pcre2grep's -F, -w, and -x options using PCRE2_LITERAL,
1101PCRE2_EXTRA_MATCH_WORD, and PCRE2_EXTRA_MATCH_LINE. This fixes two bugs:
1102
1103    (a) The -F option did not work for fixed strings containing \E.
1104    (b) The -w option did not work for patterns with multiple branches.
1105
110644. Added configuration options for the SELinux compatible execmem allocator in
1107JIT.
1108
110945. Increased the limit for searching for a "must be present" code unit in
1110subjects from 1000 to 2000 for 8-bit searches, since they use memchr() and are
1111much faster.
1112
111346. Arrange for anchored patterns to record and use "first code unit" data,
1114because this can give a fast "no match" without searching for a "required code
1115unit". Previously only non-anchored patterns did this.
1116
111747. Upgraded the Unicode tables from Unicode 8.0.0 to Unicode 10.0.0.
1118
111948. Add the callout_no_where modifier to pcre2test.
1120
112149. Update extended grapheme breaking rules to the latest set that are in
1122Unicode Standard Annex #29.
1123
112450. Added experimental foreign pattern conversion facilities
1125(pcre2_pattern_convert() and friends).
1126
112751. Change the macro FWRITE, used in pcre2grep, to FWRITE_IGNORE because FWRITE
1128is defined in a system header in cygwin. Also modified some of the #ifdefs in
1129pcre2grep related to Windows and Cygwin support.
1130
113152. Change 3(g) for 10.23 was a bit too zealous. If a hyphen that follows a
1132character class is the last character in the class, Perl does not give a
1133warning. PCRE2 now also treats this as a literal.
1134
113553. Related to 52, though PCRE2 was throwing an error for [[:digit:]-X] it was
1136not doing so for [\d-X] (and similar escapes), as is documented.
1137
113854. Fixed a MIPS issue in the JIT compiler reported by Joshua Kinard.
1139
114055. Fixed a "maybe uninitialized" warning for class_uchardata in \p handling in
1141pcre2_compile() which could never actually trigger (code should have been cut
1142out when Unicode support is disabled).
1143
1144
1145Version 10.23 14-February-2017
1146------------------------------
1147
11481. Extended pcre2test with the utf8_input modifier so that it is able to
1149generate all possible 16-bit and 32-bit code unit values in non-UTF modes.
1150
11512. In any wide-character mode (8-bit UTF or any 16-bit or 32-bit mode), without
1152PCRE2_UCP set, a negative character type such as \D in a positive class should
1153cause all characters greater than 255 to match, whatever else is in the class.
1154There was a bug that caused this not to happen if a Unicode property item was
1155added to such a class, for example [\D\P{Nd}] or [\W\pL].
1156
11573. There has been a major re-factoring of the pcre2_compile.c file. Most syntax
1158checking is now done in the pre-pass that identifies capturing groups. This has
1159reduced the amount of duplication and made the code tidier. While doing this,
1160some minor bugs and Perl incompatibilities were fixed, including:
1161
1162  (a) \Q\E in the middle of a quantifier such as A+\Q\E+ is now ignored instead
1163      of giving an invalid quantifier error.
1164
1165  (b) {0} can now be used after a group in a lookbehind assertion; previously
1166      this caused an "assertion is not fixed length" error.
1167
1168  (c) Perl always treats (?(DEFINE) as a "define" group, even if a group with
1169      the name "DEFINE" exists. PCRE2 now does likewise.
1170
1171  (d) A recursion condition test such as (?(R2)...) must now refer to an
1172      existing subpattern.
1173
1174  (e) A conditional recursion test such as (?(R)...) misbehaved if there was a
1175      group whose name began with "R".
1176
1177  (f) When testing zero-terminated patterns under valgrind, the terminating
1178      zero is now marked "no access". This catches bugs that would otherwise
1179      show up only with non-zero-terminated patterns.
1180
1181  (g) A hyphen appearing immediately after a POSIX character class (for example
1182      /[[:ascii:]-z]/) now generates an error. Perl does accept this as a
1183      literal, but gives a warning, so it seems best to fail it in PCRE.
1184
1185  (h) An empty \Q\E sequence may appear after a callout that precedes an
1186      assertion condition (it is, of course, ignored).
1187
1188One effect of the refactoring is that some error numbers and messages have
1189changed, and the pattern offset given for compiling errors is not always the
1190right-most character that has been read. In particular, for a variable-length
1191lookbehind assertion it now points to the start of the assertion. Another
1192change is that when a callout appears before a group, the "length of next
1193pattern item" that is passed now just gives the length of the opening
1194parenthesis item, not the length of the whole group. A length of zero is now
1195given only for a callout at the end of the pattern. Automatic callouts are no
1196longer inserted before and after explicit callouts in the pattern.
1197
1198A number of bugs in the refactored code were subsequently fixed during testing
1199before release, but after the code was made available in the repository. Many
1200of the bugs were discovered by fuzzing testing. Several of them were related to
1201the change from assuming a zero-terminated pattern (which previously had
1202required non-zero terminated strings to be copied). These bugs were never in
1203fully released code, but are noted here for the record.
1204
1205  (a) An overall recursion such as (?0) inside a lookbehind assertion was not
1206      being diagnosed as an error.
1207
1208  (b) In utf mode, the length of a *MARK (or other verb) name was being checked
1209      in characters instead of code units, which could lead to bad code being
1210      compiled, leading to unpredictable behaviour.
1211
1212  (c) In extended /x mode, characters whose code was greater than 255 caused
1213      a lookup outside one of the global tables. A similar bug existed for wide
1214      characters in *VERB names.
1215
1216  (d) The amount of memory needed for a compiled pattern was miscalculated if a
1217      lookbehind contained more than one toplevel branch and the first branch
1218      was of length zero.
1219
1220  (e) In UTF-8 or UTF-16 modes with PCRE2_EXTENDED (/x) set and a non-zero-
1221      terminated pattern, if a # comment ran on to the end of the pattern, one
1222      or more code units past the end were being read.
1223
1224  (f) An unterminated repeat at the end of a non-zero-terminated pattern (e.g.
1225      "{2,2") could cause reading beyond the pattern.
1226
1227  (g) When reading a callout string, if the end delimiter was at the end of the
1228      pattern one further code unit was read.
1229
1230  (h) An unterminated number after \g' could cause reading beyond the pattern.
1231
1232  (i) An insufficient memory size was being computed for compiling with
1233      PCRE2_AUTO_CALLOUT.
1234
1235  (j) A conditional group with an assertion condition used more memory than was
1236      allowed for it during parsing, so too many of them could therefore
1237      overrun a buffer.
1238
1239  (k) If parsing a pattern exactly filled the buffer, the internal test for
1240      overrun did not check when the final META_END item was added.
1241
1242  (l) If a lookbehind contained a subroutine call, and the called group
1243      contained an option setting such as (?s), and the PCRE2_ANCHORED option
1244      was set, unpredictable behaviour could occur. The underlying bug was
1245      incorrect code and insufficient checking while searching for the end of
1246      the called subroutine in the parsed pattern.
1247
1248  (m) Quantifiers following (*VERB)s were not being diagnosed as errors.
1249
1250  (n) The use of \Q...\E in a (*VERB) name when PCRE2_ALT_VERBNAMES and
1251      PCRE2_AUTO_CALLOUT were both specified caused undetermined behaviour.
1252
1253  (o) If \Q was preceded by a quantified item, and the following \E was
1254      followed by '?' or '+', and there was at least one literal character
1255      between them, an internal error "unexpected repeat" occurred (example:
1256      /.+\QX\E+/).
1257
1258  (p) A buffer overflow could occur while sorting the names in the group name
1259      list (depending on the order in which the names were seen).
1260
1261  (q) A conditional group that started with a callout was not doing the right
1262      check for a following assertion, leading to compiling bad code. Example:
1263      /(?(C'XX))?!XX/
1264
1265  (r) If a character whose code point was greater than 0xffff appeared within
1266      a lookbehind that was within another lookbehind, the calculation of the
1267      lookbehind length went wrong and could provoke an internal error.
1268
1269  (t) The sequence \E- or \Q\E- after a POSIX class in a character class caused
1270      an internal error. Now the hyphen is treated as a literal.
1271
12724. Back references are now permitted in lookbehind assertions when there are
1273no duplicated group numbers (that is, (?| has not been used), and, if the
1274reference is by name, there is only one group of that name. The referenced
1275group must, of course be of fixed length.
1276
12775. pcre2test has been upgraded so that, when run under valgrind with valgrind
1278support enabled, reading past the end of the pattern is detected, both when
1279compiling and during callout processing.
1280
12816. \g{+<number>} (e.g. \g{+2} ) is now supported. It is a "forward back
1282reference" and can be useful in repetitions (compare \g{-<number>} ). Perl does
1283not recognize this syntax.
1284
12857. Automatic callouts are no longer generated before and after callouts in the
1286pattern.
1287
12888. When pcre2test was outputing information from a callout, the caret indicator
1289for the current position in the subject line was incorrect if it was after an
1290escape sequence for a character whose code point was greater than \x{ff}.
1291
12929. Change 19 for 10.22 had a typo (PCRE_STATIC_RUNTIME should be
1293PCRE2_STATIC_RUNTIME). Fix from David Gaussmann.
1294
129510. Added --max-buffer-size to pcre2grep, to allow for automatic buffer
1296expansion when long lines are encountered. Original patch by Dmitry
1297Cherniachenko.
1298
129911. If pcre2grep was compiled with JIT support, but the library was compiled
1300without it (something that neither ./configure nor CMake allow, but it can be
1301done by editing config.h), pcre2grep was giving a JIT error. Now it detects
1302this situation and does not try to use JIT.
1303
130412. Added some "const" qualifiers to variables in pcre2grep.
1305
130613. Added Dmitry Cherniachenko's patch for colouring output in Windows
1307(untested by me). Also, look for GREP_COLOUR or GREP_COLOR if the environment
1308variables PCRE2GREP_COLOUR and PCRE2GREP_COLOR are not found.
1309
131014. Add the -t (grand total) option to pcre2grep.
1311
131215. A number of bugs have been mended relating to match start-up optimizations
1313when the first thing in a pattern is a positive lookahead. These all applied
1314only when PCRE2_NO_START_OPTIMIZE was *not* set:
1315
1316    (a) A pattern such as (?=.*X)X$ was incorrectly optimized as if it needed
1317        both an initial 'X' and a following 'X'.
1318    (b) Some patterns starting with an assertion that started with .* were
1319        incorrectly optimized as having to match at the start of the subject or
1320        after a newline. There are cases where this is not true, for example,
1321        (?=.*[A-Z])(?=.{8,16})(?!.*[\s]) matches after the start in lines that
1322        start with spaces. Starting .* in an assertion is no longer taken as an
1323        indication of matching at the start (or after a newline).
1324
132516. The "offset" modifier in pcre2test was not being ignored (as documented)
1326when the POSIX API was in use.
1327
132817. Added --enable-fuzz-support to "configure", causing an non-installed
1329library containing a test function that can be called by fuzzers to be
1330compiled. A non-installed  binary to run the test function locally, called
1331pcre2fuzzcheck is also compiled.
1332
133318. A pattern with PCRE2_DOTALL (/s) set but not PCRE2_NO_DOTSTAR_ANCHOR, and
1334which started with .* inside a positive lookahead was incorrectly being
1335compiled as implicitly anchored.
1336
133719. Removed all instances of "register" declarations, as they are considered
1338obsolete these days and in any case had become very haphazard.
1339
134020. Add strerror() to pcre2test for failed file opening.
1341
134221. Make pcre2test -C list valgrind support when it is enabled.
1343
134422. Add the use_length modifier to pcre2test.
1345
134623. Fix an off-by-one bug in pcre2test for the list of names for 'get' and
1347'copy' modifiers.
1348
134924. Add PCRE2_CALL_CONVENTION into the prototype declarations in pcre2.h as it
1350is apparently needed there as well as in the function definitions. (Why did
1351nobody ask for this in PCRE1?)
1352
135325. Change the _PCRE2_H and _PCRE2_UCP_H guard macros in the header files to
1354PCRE2_H_IDEMPOTENT_GUARD and PCRE2_UCP_H_IDEMPOTENT_GUARD to be more standard
1355compliant and unique.
1356
135726. pcre2-config --libs-posix was listing -lpcre2posix instead of
1358-lpcre2-posix. Also, the CMake build process was building the library with the
1359wrong name.
1360
136127. In pcre2test, give some offset information for errors in hex patterns.
1362This uses the C99 formatting sequence %td, except for MSVC which doesn't
1363support it - %lu is used instead.
1364
136528. Implemented pcre2_code_copy_with_tables(), and added pushtablescopy to
1366pcre2test for testing it.
1367
136829. Fix small memory leak in pcre2test.
1369
137030. Fix out-of-bounds read for partial matching of /./ against an empty string
1371when the newline type is CRLF.
1372
137331. Fix a bug in pcre2test that caused a crash when a locale was set either in
1374the current pattern or a previous one and a wide character was matched.
1375
137632. The appearance of \p, \P, or \X in a substitution string when
1377PCRE2_SUBSTITUTE_EXTENDED was set caused a segmentation fault (NULL
1378dereference).
1379
138033. If the starting offset was specified as greater than the subject length in
1381a call to pcre2_substitute() an out-of-bounds memory reference could occur.
1382
138334. When PCRE2 was compiled to use the heap instead of the stack for recursive
1384calls to match(), a repeated minimizing caseless back reference, or a
1385maximizing one where the two cases had different numbers of code units,
1386followed by a caseful back reference, could lose the caselessness of the first
1387repeated back reference (example: /(Z)(a)\2{1,2}?(?-i)\1X/i should match ZaAAZX
1388but didn't).
1389
139035. When a pattern is too complicated, PCRE2 gives up trying to find a minimum
1391matching length and just records zero. Typically this happens when there are
1392too many nested or recursive back references. If the limit was reached in
1393certain recursive cases it failed to be triggered and an internal error could
1394be the result.
1395
139636. The pcre2_dfa_match() function now takes note of the recursion limit for
1397the internal recursive calls that are used for lookrounds and recursions within
1398the pattern.
1399
140037. More refactoring has got rid of the internal could_be_empty_branch()
1401function (around 400 lines of code, including comments) by keeping track of
1402could-be-emptiness as the pattern is compiled instead of scanning compiled
1403groups. (This would have been much harder before the refactoring of #3 above.)
1404This lifts a restriction on the number of branches in a group (more than about
14051100 would give "pattern is too complicated").
1406
140738. Add the "-ac" command line option to pcre2test as a synonym for "-pattern
1408auto_callout".
1409
141039. In a library with Unicode support, incorrect data was compiled for a
1411pattern with PCRE2_UCP set without PCRE2_UTF if a class required all wide
1412characters to match (for example, /[\s[:^ascii:]]/).
1413
141440. The callout_error modifier has been added to pcre2test to make it possible
1415to return PCRE2_ERROR_CALLOUT from a callout.
1416
141741. A minor change to pcre2grep: colour reset is now "<esc>[0m" instead of
1418"<esc>[00m".
1419
142042. The limit in the auto-possessification code that was intended to catch
1421overly-complicated patterns and not spend too much time auto-possessifying was
1422being reset too often, resulting in very long compile times for some patterns.
1423Now such patterns are no longer completely auto-possessified.
1424
142543. Applied Jason Hood's revised patch for RunTest.bat.
1426
142744. Added a new Windows script RunGrepTest.bat, courtesy of Jason Hood.
1428
142945. Minor cosmetic fix to pcre2test: move a variable that is not used under
1430Windows into the "not Windows" code.
1431
143246. Applied Jason Hood's patches to upgrade pcre2grep under Windows and tidy
1433some of the code:
1434
1435  * normalised the Windows condition by ensuring WIN32 is defined;
1436  * enables the callout feature under Windows;
1437  * adds globbing (Microsoft's implementation expands quoted args),
1438    using a tweaked opendirectory;
1439  * implements the is_*_tty functions for Windows;
1440  * --color=always will write the ANSI sequences to file;
1441  * add sequences 4 (underline works on Win10) and 5 (blink as bright
1442    background, relatively standard on DOS/Win);
1443  * remove the (char *) casts for the now-const strings;
1444  * remove GREP_COLOUR (grep's command line allowed the 'u', but not
1445    the environment), parsing GREP_COLORS instead;
1446  * uses the current colour if not set, rather than black;
1447  * add print_match for the undefined case;
1448  * fixes a typo.
1449
1450In addition, colour settings containing anything other than digits and
1451semicolon are ignored, and the colour controls are no longer output for empty
1452strings.
1453
145447. Detecting patterns that are too large inside the length-measuring loop
1455saves processing ridiculously long patterns to their end.
1456
145748. Ignore PCRE2_CASELESS when processing \h, \H, \v, and \V in classes as it
1458just wastes time. In the UTF case it can also produce redundant entries in
1459XCLASS lists caused by characters with multiple other cases and pairs of
1460characters in the same "not-x" sublists.
1461
146249. A pattern such as /(?=(a\K))/ can report the end of the match being before
1463its start; pcre2test was not handling this correctly when using the POSIX
1464interface (it was OK with the native interface).
1465
146650. In pcre2grep, ignore all JIT compile errors. This means that pcre2grep will
1467continue to work, falling back to interpretation if anything goes wrong with
1468JIT.
1469
147051. Applied patches from Christian Persch to configure.ac to make use of the
1471AC_USE_SYSTEM_EXTENSIONS macro and to test for functions used by the JIT
1472modules.
1473
147452. Minor fixes to pcre2grep from Jason Hood:
1475    * fixed some spacing;
1476    * Windows doesn't usually use single quotes, so I've added a define
1477      to use appropriate quotes [in an example];
1478    * LC_ALL was displayed as "LCC_ALL";
1479    * numbers 11, 12 & 13 should end in "th";
1480    * use double quotes in usage message.
1481
148253. When autopossessifying, skip empty branches without recursion, to reduce
1483stack usage for the benefit of clang with -fsanitize-address, which uses huge
1484stack frames. Example pattern: /X?(R||){3335}/. Fixes oss-fuzz issue 553.
1485
148654. A pattern with very many explicit back references to a group that is a long
1487way from the start of the pattern could take a long time to compile because
1488searching for the referenced group in order to find the minimum length was
1489being done repeatedly. Now up to 128 group minimum lengths are cached and the
1490attempt to find a minimum length is abandoned if there is a back reference to a
1491group whose number is greater than 128. (In that case, the pattern is so
1492complicated that this optimization probably isn't worth it.) This fixes
1493oss-fuzz issue 557.
1494
149555. Issue 32 for 10.22 below was not correctly fixed. If pcre2grep in multiline
1496mode with --only-matching matched several lines, it restarted scanning at the
1497next line instead of moving on to the end of the matched string, which can be
1498several lines after the start.
1499
150056. Applied Jason Hood's new patch for RunGrepTest.bat that updates it in line
1501with updates to the non-Windows version.
1502
1503
1504
1505Version 10.22 29-July-2016
1506--------------------------
1507
15081. Applied Jason Hood's patches to RunTest.bat and testdata/wintestoutput3
1509to fix problems with running the tests under Windows.
1510
15112. Implemented a facility for quoting literal characters within hexadecimal
1512patterns in pcre2test, to make it easier to create patterns with just a few
1513non-printing characters.
1514
15153. Binary zeros are not supported in pcre2test input files. It now detects them
1516and gives an error.
1517
15184. Updated the valgrind parameters in RunTest: (a) changed smc-check=all to
1519smc-check=all-non-file; (b) changed obj:* in the suppression file to obj:??? so
1520that it matches only unknown objects.
1521
15225. Updated the maintenance script maint/ManyConfigTests to make it easier to
1523select individual groups of tests.
1524
15256. When the POSIX wrapper function regcomp() is called, the REG_NOSUB option
1526used to set PCRE2_NO_AUTO_CAPTURE when calling pcre2_compile(). However, this
1527disables the use of back references (and subroutine calls), which are supported
1528by other implementations of regcomp() with RE_NOSUB. Therefore, REG_NOSUB no
1529longer causes PCRE2_NO_AUTO_CAPTURE to be set, though it still ignores nmatch
1530and pmatch when regexec() is called.
1531
15327. Because of 6 above, pcre2test has been modified with a new modifier called
1533posix_nosub, to call regcomp() with REG_NOSUB. Previously the no_auto_capture
1534modifier had this effect. That option is now ignored when the POSIX API is in
1535use.
1536
15378. Minor tidies to the pcre2demo.c sample program, including more comments
1538about its 8-bit-ness.
1539
15409. Detect unmatched closing parentheses and give the error in the pre-scan
1541instead of later. Previously the pre-scan carried on and could give a
1542misleading incorrect error message. For example, /(?J)(?'a'))(?'a')/ gave a
1543message about invalid duplicate group names.
1544
154510. It has happened that pcre2test was accidentally linked with another POSIX
1546regex library instead of libpcre2-posix. In this situation, a call to regcomp()
1547(in the other library) may succeed, returning zero, but of course putting its
1548own data into the regex_t block. In one example the re_pcre2_code field was
1549left as NULL, which made pcre2test think it had not got a compiled POSIX regex,
1550so it treated the next line as another pattern line, resulting in a confusing
1551error message. A check has been added to pcre2test to see if the data returned
1552from a successful call of regcomp() are valid for PCRE2's regcomp(). If they
1553are not, an error message is output and the pcre2test run is abandoned. The
1554message points out the possibility of a mis-linking. Hopefully this will avoid
1555some head-scratching the next time this happens.
1556
155711. A pattern such as /(?<=((?C)0))/, which has a callout inside a lookbehind
1558assertion, caused pcre2test to output a very large number of spaces when the
1559callout was taken, making the program appearing to loop.
1560
156112. A pattern that included (*ACCEPT) in the middle of a sufficiently deeply
1562nested set of parentheses of sufficient size caused an overflow of the
1563compiling workspace (which was diagnosed, but of course is not desirable).
1564
156513. Detect missing closing parentheses during the pre-pass for group
1566identification.
1567
156814. Changed some integer variable types and put in a number of casts, following
1569a report of compiler warnings from Visual Studio 2013 and a few tests with
1570gcc's -Wconversion (which still throws up a lot).
1571
157215. Implemented pcre2_code_copy(), and added pushcopy and #popcopy to pcre2test
1573for testing it.
1574
157516. Change 66 for 10.21 introduced the use of snprintf() in PCRE2's version of
1576regerror(). When the error buffer is too small, my version of snprintf() puts a
1577binary zero in the final byte. Bug #1801 seems to show that other versions do
1578not do this, leading to bad output from pcre2test when it was checking for
1579buffer overflow. It no longer assumes a binary zero at the end of a too-small
1580regerror() buffer.
1581
158217. Fixed typo ("&&" for "&") in pcre2_study(). Fortunately, this could not
1583actually affect anything, by sheer luck.
1584
158518. Two minor fixes for MSVC compilation: (a) removal of apparently incorrect
1586"const" qualifiers in pcre2test and (b) defining snprintf as _snprintf for
1587older MSVC compilers. This has been done both in src/pcre2_internal.h for most
1588of the library, and also in src/pcre2posix.c, which no longer includes
1589pcre2_internal.h (see 24 below).
1590
159119. Applied Chris Wilson's patch (Bugzilla #1681) to CMakeLists.txt for MSVC
1592static compilation. Subsequently applied Chris Wilson's second patch, putting
1593the first patch under a new option instead of being unconditional when
1594PCRE_STATIC is set.
1595
159620. Updated pcre2grep to set stdout as binary when run under Windows, so as not
1597to convert \r\n at the ends of reflected lines into \r\r\n. This required
1598ensuring that other output that is written to stdout (e.g. file names) uses the
1599appropriate line terminator: \r\n for Windows, \n otherwise.
1600
160121. When a line is too long for pcre2grep's internal buffer, show the maximum
1602length in the error message.
1603
160422. Added support for string callouts to pcre2grep (Zoltan's patch with PH
1605additions).
1606
160723. RunTest.bat was missing a "set type" line for test 22.
1608
160924. The pcre2posix.c file was including pcre2_internal.h, and using some
1610"private" knowledge of the data structures. This is unnecessary; the code has
1611been re-factored and no longer includes pcre2_internal.h.
1612
161325. A racing condition is fixed in JIT reported by Mozilla.
1614
161526. Minor code refactor to avoid "array subscript is below array bounds"
1616compiler warning.
1617
161827. Minor code refactor to avoid "left shift of negative number" warning.
1619
162028. Add a bit more sanity checking to pcre2_serialize_decode() and document
1621that it expects trusted data.
1622
162329. Fix typo in pcre2_jit_test.c
1624
162530. Due to an oversight, pcre2grep was not making use of JIT when available.
1626This is now fixed.
1627
162831. The RunGrepTest script is updated to use the valgrind suppressions file
1629when testing with JIT under valgrind (compare 10.21/51 below). The suppressions
1630file is updated so that is now the same as for PCRE1: it suppresses the
1631Memcheck warnings Addr16 and Cond in unknown objects (that is, JIT-compiled
1632code). Also changed smc-check=all to smc-check=all-non-file as was done for
1633RunTest (see 4 above).
1634
163532. Implemented the PCRE2_NO_JIT option for pcre2_match().
1636
163733. Fix typo that gave a compiler error when JIT not supported.
1638
163934. Fix comment describing the returns from find_fixedlength().
1640
164135. Fix potential negative index in pcre2test.
1642
164336. Calls to pcre2_get_error_message() with error numbers that are never
1644returned by PCRE2 functions were returning empty strings. Now the error code
1645PCRE2_ERROR_BADDATA is returned. A facility has been added to pcre2test to
1646show the texts for given error numbers (i.e. to call pcre2_get_error_message()
1647and display what it returns) and a few representative error codes are now
1648checked in RunTest.
1649
165037. Added "&& !defined(__INTEL_COMPILER)" to the test for __GNUC__ in
1651pcre2_match.c, in anticipation that this is needed for the same reason it was
1652recently added to pcrecpp.cc in PCRE1.
1653
165438. Using -o with -M in pcre2grep could cause unnecessary repeated output when
1655the match extended over a line boundary, as it tried to find more matches "on
1656the same line" - but it was already over the end.
1657
165839. Allow \C in lookbehinds and DFA matching in UTF-32 mode (by converting it
1659to the same code as '.' when PCRE2_DOTALL is set).
1660
166140. Fix two clang compiler warnings in pcre2test when only one code unit width
1662is supported.
1663
166441. Upgrade RunTest to automatically re-run test 2 with a large (64MiB) stack
1665if it fails when running the interpreter with a 16MiB stack (and if changing
1666the stack size via pcre2test is possible). This avoids having to manually set a
1667large stack size when testing with clang.
1668
166942. Fix register overwite in JIT when SSE2 acceleration is enabled.
1670
167143. Detect integer overflow in pcre2test pattern and data repetition counts.
1672
167344. In pcre2test, ignore "allcaptures" after DFA matching.
1674
167545. Fix unaligned accesses on x86. Patch by Marc Mutz.
1676
167746. Fix some more clang compiler warnings.
1678
1679
1680Version 10.21 12-January-2016
1681-----------------------------
1682
16831. Improve matching speed of patterns starting with + or * in JIT.
1684
16852. Use memchr() to find the first character in an unanchored match in 8-bit
1686mode in the interpreter. This gives a significant speed improvement.
1687
16883. Removed a redundant copy of the opcode_possessify table in the
1689pcre2_auto_possessify.c source.
1690
16914. Fix typos in dftables.c for z/OS.
1692
16935. Change 36 for 10.20 broke the handling of [[:>:]] and [[:<:]] in that
1694processing them could involve a buffer overflow if the following character was
1695an opening parenthesis.
1696
16976. Change 36 for 10.20 also introduced a bug in processing this pattern:
1698/((?x)(*:0))#(?'/. Specifically: if a setting of (?x) was followed by a (*MARK)
1699setting (which (*:0) is), then (?x) did not get unset at the end of its group
1700during the scan for named groups, and hence the external # was incorrectly
1701treated as a comment and the invalid (?' at the end of the pattern was not
1702diagnosed. This caused a buffer overflow during the real compile. This bug was
1703discovered by Karl Skomski with the LLVM fuzzer.
1704
17057. Moved the pcre2_find_bracket() function from src/pcre2_compile.c into its
1706own source module to avoid a circular dependency between src/pcre2_compile.c
1707and src/pcre2_study.c
1708
17098. A callout with a string argument containing an opening square bracket, for
1710example /(?C$[$)(?<]/, was incorrectly processed and could provoke a buffer
1711overflow. This bug was discovered by Karl Skomski with the LLVM fuzzer.
1712
17139. The handling of callouts during the pre-pass for named group identification
1714has been tightened up.
1715
171610. The quantifier {1} can be ignored, whether greedy, non-greedy, or
1717possessive. This is a very minor optimization.
1718
171911. A possessively repeated conditional group that could match an empty string,
1720for example, /(?(R))*+/, was incorrectly compiled.
1721
172212. The Unicode tables have been updated to Unicode 8.0.0 (thanks to Christian
1723Persch).
1724
172513. An empty comment (?#) in a pattern was incorrectly processed and could
1726provoke a buffer overflow. This bug was discovered by Karl Skomski with the
1727LLVM fuzzer.
1728
172914. Fix infinite recursion in the JIT compiler when certain patterns such as
1730/(?:|a|){100}x/ are analysed.
1731
173215. Some patterns with character classes involving [: and \\ were incorrectly
1733compiled and could cause reading from uninitialized memory or an incorrect
1734error diagnosis. Examples are: /[[:\\](?<[::]/ and /[[:\\](?'abc')[a:]. The
1735first of these bugs was discovered by Karl Skomski with the LLVM fuzzer.
1736
173716. Pathological patterns containing many nested occurrences of [: caused
1738pcre2_compile() to run for a very long time. This bug was found by the LLVM
1739fuzzer.
1740
174117. A missing closing parenthesis for a callout with a string argument was not
1742being diagnosed, possibly leading to a buffer overflow. This bug was found by
1743the LLVM fuzzer.
1744
174518. A conditional group with only one branch has an implicit empty alternative
1746branch and must therefore be treated as potentially matching an empty string.
1747
174819. If (?R was followed by - or + incorrect behaviour happened instead of a
1749diagnostic. This bug was discovered by Karl Skomski with the LLVM fuzzer.
1750
175120. Another bug that was introduced by change 36 for 10.20: conditional groups
1752whose condition was an assertion preceded by an explicit callout with a string
1753argument might be incorrectly processed, especially if the string contained \Q.
1754This bug was discovered by Karl Skomski with the LLVM fuzzer.
1755
175621. Compiling PCRE2 with the sanitize options of clang showed up a number of
1757very pedantic coding infelicities and a buffer overflow while checking a UTF-8
1758string if the final multi-byte UTF-8 character was truncated.
1759
176022. For Perl compatibility in EBCDIC environments, ranges such as a-z in a
1761class, where both values are literal letters in the same case, omit the
1762non-letter EBCDIC code points within the range.
1763
176423. Finding the minimum matching length of complex patterns with back
1765references and/or recursions can take a long time. There is now a cut-off that
1766gives up trying to find a minimum length when things get too complex.
1767
176824. An optimization has been added that speeds up finding the minimum matching
1769length for patterns containing repeated capturing groups or recursions.
1770
177125. If a pattern contained a back reference to a group whose number was
1772duplicated as a result of appearing in a (?|...) group, the computation of the
1773minimum matching length gave a wrong result, which could cause incorrect "no
1774match" errors. For such patterns, a minimum matching length cannot at present
1775be computed.
1776
177726. Added a check for integer overflow in conditions (?(<digits>) and
1778(?(R<digits>). This omission was discovered by Karl Skomski with the LLVM
1779fuzzer.
1780
178127. Fixed an issue when \p{Any} inside an xclass did not read the current
1782character.
1783
178428. If pcre2grep was given the -q option with -c or -l, or when handling a
1785binary file, it incorrectly wrote output to stdout.
1786
178729. The JIT compiler did not restore the control verb head in case of *THEN
1788control verbs. This issue was found by Karl Skomski with a custom LLVM fuzzer.
1789
179030. The way recursive references such as (?3) are compiled has been re-written
1791because the old way was the cause of many issues. Now, conversion of the group
1792number into a pattern offset does not happen until the pattern has been
1793completely compiled. This does mean that detection of all infinitely looping
1794recursions is postponed till match time. In the past, some easy ones were
1795detected at compile time. This re-writing was done in response to yet another
1796bug found by the LLVM fuzzer.
1797
179831. A test for a back reference to a non-existent group was missing for items
1799such as \987. This caused incorrect code to be compiled. This issue was found
1800by Karl Skomski with a custom LLVM fuzzer.
1801
180232. Error messages for syntax errors following \g and \k were giving inaccurate
1803offsets in the pattern.
1804
180533. Improve the performance of starting single character repetitions in JIT.
1806
180734. (*LIMIT_MATCH=) now gives an error instead of setting the value to 0.
1808
180935. Error messages for syntax errors in *LIMIT_MATCH and *LIMIT_RECURSION now
1810give the right offset instead of zero.
1811
181236. The JIT compiler should not check repeats after a {0,1} repeat byte code.
1813This issue was found by Karl Skomski with a custom LLVM fuzzer.
1814
181537. The JIT compiler should restore the control chain for empty possessive
1816repeats. This issue was found by Karl Skomski with a custom LLVM fuzzer.
1817
181838. A bug which was introduced by the single character repetition optimization
1819was fixed.
1820
182139. Match limit check added to recursion. This issue was found by Karl Skomski
1822with a custom LLVM fuzzer.
1823
182440. Arrange for the UTF check in pcre2_match() and pcre2_dfa_match() to look
1825only at the part of the subject that is relevant when the starting offset is
1826non-zero.
1827
182841. Improve first character match in JIT with SSE2 on x86.
1829
183042. Fix two assertion fails in JIT. These issues were found by Karl Skomski
1831with a custom LLVM fuzzer.
1832
183343. Correct the setting of CMAKE_C_FLAGS in CMakeLists.txt (patch from Roy Ivy
1834III).
1835
183644. Fix bug in RunTest.bat for new test 14, and adjust the script for the added
1837test (there are now 20 in total).
1838
183945. Fixed a corner case of range optimization in JIT.
1840
184146. Add the ${*MARK} facility to pcre2_substitute().
1842
184347. Modifier lists in pcre2test were splitting at spaces without the required
1844commas.
1845
184648. Implemented PCRE2_ALT_VERBNAMES.
1847
184849. Fixed two issues in JIT. These were found by Karl Skomski with a custom
1849LLVM fuzzer.
1850
185150. The pcre2test program has been extended by adding the #newline_default
1852command. This has made it possible to run the standard tests when PCRE2 is
1853compiled with either CR or CRLF as the default newline convention. As part of
1854this work, the new command was added to several test files and the testing
1855scripts were modified. The pcre2grep tests can now also be run when there is no
1856LF in the default newline convention.
1857
185851. The RunTest script has been modified so that, when JIT is used and valgrind
1859is specified, a valgrind suppressions file is set up to ignore "Invalid read of
1860size 16" errors because these are false positives when the hardware supports
1861the SSE2 instruction set.
1862
186352. It is now possible to have comment lines amid the subject strings in
1864pcre2test (and perltest.sh) input.
1865
186653. Implemented PCRE2_USE_OFFSET_LIMIT and pcre2_set_offset_limit().
1867
186854. Add the null_context modifier to pcre2test so that calling pcre2_compile()
1869and the matching functions with NULL contexts can be tested.
1870
187155. Implemented PCRE2_SUBSTITUTE_EXTENDED.
1872
187356. In a character class such as [\W\p{Any}] where both a negative-type escape
1874("not a word character") and a property escape were present, the property
1875escape was being ignored.
1876
187757. Fixed integer overflow for patterns whose minimum matching length is very,
1878very large.
1879
188058. Implemented --never-backslash-C.
1881
188259. Change 55 above introduced a bug by which certain patterns provoked the
1883erroneous error "\ at end of pattern".
1884
188560. The special sequences [[:<:]] and [[:>:]] gave rise to incorrect compiling
1886errors or other strange effects if compiled in UCP mode. Found with libFuzzer
1887and AddressSanitizer.
1888
188961. Whitespace at the end of a pcre2test pattern line caused a spurious error
1890message if there were only single-character modifiers. It should be ignored.
1891
189262. The use of PCRE2_NO_AUTO_CAPTURE could cause incorrect compilation results
1893or segmentation errors for some patterns. Found with libFuzzer and
1894AddressSanitizer.
1895
189663. Very long names in (*MARK) or (*THEN) etc. items could provoke a buffer
1897overflow.
1898
189964. Improve error message for overly-complicated patterns.
1900
190165. Implemented an optional replication feature for patterns in pcre2test, to
1902make it easier to test long repetitive patterns. The tests for 63 above are
1903converted to use the new feature.
1904
190566. In the POSIX wrapper, if regerror() was given too small a buffer, it could
1906misbehave.
1907
190867. In pcre2_substitute() in UTF mode, the UTF validity check on the
1909replacement string was happening before the length setting when the replacement
1910string was zero-terminated.
1911
191268. In pcre2_substitute() in UTF mode, PCRE2_NO_UTF_CHECK can be set for the
1913second and subsequent calls to pcre2_match().
1914
191569. There was no check for integer overflow for a replacement group number in
1916pcre2_substitute(). An added check for a number greater than the largest group
1917number in the pattern means this is not now needed.
1918
191970. The PCRE2-specific VERSION condition didn't work correctly if only one
1920digit was given after the decimal point, or if more than two digits were given.
1921It now works with one or two digits, and gives a compile time error if more are
1922given.
1923
192471. In pcre2_substitute() there was the possibility of reading one code unit
1925beyond the end of the replacement string.
1926
192772. The code for checking a subject's UTF-32 validity for a pattern with a
1928lookbehind involved an out-of-bounds pointer, which could potentially cause
1929trouble in some environments.
1930
193173. The maximum lookbehind length was incorrectly calculated for patterns such
1932as /(?<=(a)(?-1))x/ which have a recursion within a backreference.
1933
193474. Give an error if a lookbehind assertion is longer than 65535 code units.
1935
193675. Give an error in pcre2_substitute() if a match ends before it starts (as a
1937result of the use of \K).
1938
193976. Check the length of subpattern names and the names in (*MARK:xx) etc.
1940dynamically to avoid the possibility of integer overflow.
1941
194277. Implement pcre2_set_max_pattern_length() so that programs can restrict the
1943size of patterns that they are prepared to handle.
1944
194578. (*NO_AUTO_POSSESS) was not working.
1946
194779. Adding group information caching improves the speed of compiling when
1948checking whether a group has a fixed length and/or could match an empty string,
1949especially when recursion or subroutine calls are involved. However, this
1950cannot be used when (?| is present in the pattern because the same number may
1951be used for groups of different sizes. To catch runaway patterns in this
1952situation, counts have been introduced to the functions that scan for empty
1953branches or compute fixed lengths.
1954
195580. Allow for the possibility of the size of the nest_save structure not being
1956a factor of the size of the compiling workspace (it currently is).
1957
195881. Check for integer overflow in minimum length calculation and cap it at
195965535.
1960
196182. Small optimizations in code for finding the minimum matching length.
1962
196383. Lock out configuring for EBCDIC with non-8-bit libraries.
1964
196584. Test for error code <= 0 in regerror().
1966
196785. Check for too many replacements (more than INT_MAX) in pcre2_substitute().
1968
196986. Avoid the possibility of computing with an out-of-bounds pointer (though
1970not dereferencing it) while handling lookbehind assertions.
1971
197287. Failure to get memory for the match data in regcomp() is now given as a
1973regcomp() error instead of waiting for regexec() to pick it up.
1974
197588. In pcre2_substitute(), ensure that CRLF is not split when it is a valid
1976newline sequence.
1977
197889. Paranoid check in regcomp() for bad error code from pcre2_compile().
1979
198090. Run test 8 (internal offsets and code sizes) for link sizes 3 and 4 as well
1981as for link size 2.
1982
198391. Document that JIT has a limit on pattern size, and give more information
1984about JIT compile failures in pcre2test.
1985
198692. Implement PCRE2_INFO_HASBACKSLASHC.
1987
198893. Re-arrange valgrind support code in pcre2test to avoid spurious reports
1989with JIT (possibly caused by SSE2?).
1990
199194. Support offset_limit in JIT.
1992
199395. A sequence such as [[:punct:]b] that is, a POSIX character class followed
1994by a single ASCII character in a class item, was incorrectly compiled in UCP
1995mode. The POSIX class got lost, but only if the single character followed it.
1996
199796. [:punct:] in UCP mode was matching some characters in the range 128-255
1998that should not have been matched.
1999
200097. If [:^ascii:] or [:^xdigit:] are present in a non-negated class, all
2001characters with code points greater than 255 are in the class. When a Unicode
2002property was also in the class (if PCRE2_UCP is set, escapes such as \w are
2003turned into Unicode properties), wide characters were not correctly handled,
2004and could fail to match.
2005
200698. In pcre2test, make the "startoffset" modifier a synonym of "offset",
2007because it sets the "startoffset" parameter for pcre2_match().
2008
200999. If PCRE2_AUTO_CALLOUT was set on a pattern that had a (?# comment between
2010an item and its qualifier (for example, A(?#comment)?B) pcre2_compile()
2011misbehaved. This bug was found by the LLVM fuzzer.
2012
2013100. The error for an invalid UTF pattern string always gave the code unit
2014offset as zero instead of where the invalidity was found.
2015
2016101. Further to 97 above, negated classes such as [^[:^ascii:]\d] were also not
2017working correctly in UCP mode.
2018
2019102. Similar to 99 above, if an isolated \E was present between an item and its
2020qualifier when PCRE2_AUTO_CALLOUT was set, pcre2_compile() misbehaved. This bug
2021was found by the LLVM fuzzer.
2022
2023103. The POSIX wrapper function regexec() crashed if the option REG_STARTEND
2024was set when the pmatch argument was NULL. It now returns REG_INVARG.
2025
2026104. Allow for up to 32-bit numbers in the ordin() function in pcre2grep.
2027
2028105. An empty \Q\E sequence between an item and its qualifier caused
2029pcre2_compile() to misbehave when auto callouts were enabled. This bug
2030was found by the LLVM fuzzer.
2031
2032106. If both PCRE2_ALT_VERBNAMES and PCRE2_EXTENDED were set, and a (*MARK) or
2033other verb "name" ended with whitespace immediately before the closing
2034parenthesis, pcre2_compile() misbehaved. Example: /(*:abc )/, but only when
2035both those options were set.
2036
2037107. In a number of places pcre2_compile() was not handling NULL characters
2038correctly, and pcre2test with the "bincode" modifier was not always correctly
2039displaying fields containing NULLS:
2040
2041   (a) Within /x extended #-comments
2042   (b) Within the "name" part of (*MARK) and other *verbs
2043   (c) Within the text argument of a callout
2044
2045108. If a pattern that was compiled with PCRE2_EXTENDED started with white
2046space or a #-type comment that was followed by (?-x), which turns off
2047PCRE2_EXTENDED, and there was no subsequent (?x) to turn it on again,
2048pcre2_compile() assumed that (?-x) applied to the whole pattern and
2049consequently mis-compiled it. This bug was found by the LLVM fuzzer. The fix
2050for this bug means that a setting of any of the (?imsxJU) options at the start
2051of a pattern is no longer transferred to the options that are returned by
2052PCRE2_INFO_ALLOPTIONS. In fact, this was an anachronism that should have
2053changed when the effects of those options were all moved to compile time.
2054
2055109. An escaped closing parenthesis in the "name" part of a (*verb) when
2056PCRE2_ALT_VERBNAMES was set caused pcre2_compile() to malfunction. This bug
2057was found by the LLVM fuzzer.
2058
2059110. Implemented PCRE2_SUBSTITUTE_UNSET_EMPTY, and updated pcre2test to make it
2060possible to test it.
2061
2062111. "Harden" pcre2test against ridiculously large values in modifiers and
2063command line arguments.
2064
2065112. Implemented PCRE2_SUBSTITUTE_UNKNOWN_UNSET and PCRE2_SUBSTITUTE_OVERFLOW_
2066LENGTH.
2067
2068113. Fix printing of *MARK names that contain binary zeroes in pcre2test.
2069
2070
2071Version 10.20 30-June-2015
2072--------------------------
2073
20741. Callouts with string arguments have been added.
2075
20762. Assertion code generator in JIT has been optimized.
2077
20783. The invalid pattern (?(?C) has a missing assertion condition at the end. The
2079pcre2_compile() function read past the end of the input before diagnosing an
2080error. This bug was discovered by the LLVM fuzzer.
2081
20824. Implemented pcre2_callout_enumerate().
2083
20845. Fix JIT compilation of conditional blocks whose assertion is converted to
2085(*FAIL). E.g: /(?(?!))/.
2086
20876. The pattern /(?(?!)^)/ caused references to random memory. This bug was
2088discovered by the LLVM fuzzer.
2089
20907. The assertion (?!) is optimized to (*FAIL). This was not handled correctly
2091when this assertion was used as a condition, for example (?(?!)a|b). In
2092pcre2_match() it worked by luck; in pcre2_dfa_match() it gave an incorrect
2093error about an unsupported item.
2094
20958. For some types of pattern, for example /Z*(|d*){216}/, the auto-
2096possessification code could take exponential time to complete. A recursion
2097depth limit of 1000 has been imposed to limit the resources used by this
2098optimization. This infelicity was discovered by the LLVM fuzzer.
2099
21009. A pattern such as /(*UTF)[\S\V\H]/, which contains a negated special class
2101such as \S in non-UCP mode, explicit wide characters (> 255) can be ignored
2102because \S ensures they are all in the class. The code for doing this was
2103interacting badly with the code for computing the amount of space needed to
2104compile the pattern, leading to a buffer overflow. This bug was discovered by
2105the LLVM fuzzer.
2106
210710. A pattern such as /((?2)+)((?1))/ which has mutual recursion nested inside
2108other kinds of group caused stack overflow at compile time. This bug was
2109discovered by the LLVM fuzzer.
2110
211111. A pattern such as /(?1)(?#?'){8}(a)/ which had a parenthesized comment
2112between a subroutine call and its quantifier was incorrectly compiled, leading
2113to buffer overflow or other errors. This bug was discovered by the LLVM fuzzer.
2114
211512. The illegal pattern /(?(?<E>.*!.*)?)/ was not being diagnosed as missing an
2116assertion after (?(. The code was failing to check the character after (?(?<
2117for the ! or = that would indicate a lookbehind assertion. This bug was
2118discovered by the LLVM fuzzer.
2119
212013. A pattern such as /X((?2)()*+){2}+/ which has a possessive quantifier with
2121a fixed maximum following a group that contains a subroutine reference was
2122incorrectly compiled and could trigger buffer overflow. This bug was discovered
2123by the LLVM fuzzer.
2124
212514. Negative relative recursive references such as (?-7) to non-existent
2126subpatterns were not being diagnosed and could lead to unpredictable behaviour.
2127This bug was discovered by the LLVM fuzzer.
2128
212915. The bug fixed in 14 was due to an integer variable that was unsigned when
2130it should have been signed. Some other "int" variables, having been checked,
2131have either been changed to uint32_t or commented as "must be signed".
2132
213316. A mutual recursion within a lookbehind assertion such as (?<=((?2))((?1)))
2134caused a stack overflow instead of the diagnosis of a non-fixed length
2135lookbehind assertion. This bug was discovered by the LLVM fuzzer.
2136
213717. The use of \K in a positive lookbehind assertion in a non-anchored pattern
2138(e.g. /(?<=\Ka)/) could make pcre2grep loop.
2139
214018. There was a similar problem to 17 in pcre2test for global matches, though
2141the code there did catch the loop.
2142
214319. If a greedy quantified \X was preceded by \C in UTF mode (e.g. \C\X*),
2144and a subsequent item in the pattern caused a non-match, backtracking over the
2145repeated \X did not stop, but carried on past the start of the subject, causing
2146reference to random memory and/or a segfault. There were also some other cases
2147where backtracking after \C could crash. This set of bugs was discovered by the
2148LLVM fuzzer.
2149
215020. The function for finding the minimum length of a matching string could take
2151a very long time if mutual recursion was present many times in a pattern, for
2152example, /((?2){73}(?2))((?1))/. A better mutual recursion detection method has
2153been implemented. This infelicity was discovered by the LLVM fuzzer.
2154
215521. Implemented PCRE2_NEVER_BACKSLASH_C.
2156
215722. The feature for string replication in pcre2test could read from freed
2158memory if the replication required a buffer to be extended, and it was not
2159working properly in 16-bit and 32-bit modes. This issue was discovered by a
2160fuzzer: see http://lcamtuf.coredump.cx/afl/.
2161
216223. Added the PCRE2_ALT_CIRCUMFLEX option.
2163
216424. Adjust the treatment of \8 and \9 to be the same as the current Perl
2165behaviour.
2166
216725. Static linking against the PCRE2 library using the pkg-config module was
2168failing on missing pthread symbols.
2169
217026. If a group that contained a recursive back reference also contained a
2171forward reference subroutine call followed by a non-forward-reference
2172subroutine call, for example /.((?2)(?R)\1)()/, pcre2_compile() failed to
2173compile correct code, leading to undefined behaviour or an internally detected
2174error. This bug was discovered by the LLVM fuzzer.
2175
217627. Quantification of certain items (e.g. atomic back references) could cause
2177incorrect code to be compiled when recursive forward references were involved.
2178For example, in this pattern: /(?1)()((((((\1++))\x85)+)|))/. This bug was
2179discovered by the LLVM fuzzer.
2180
218128. A repeated conditional group whose condition was a reference by name caused
2182a buffer overflow if there was more than one group with the given name. This
2183bug was discovered by the LLVM fuzzer.
2184
218529. A recursive back reference by name within a group that had the same name as
2186another group caused a buffer overflow. For example: /(?J)(?'d'(?'d'\g{d}))/.
2187This bug was discovered by the LLVM fuzzer.
2188
218930. A forward reference by name to a group whose number is the same as the
2190current group, for example in this pattern: /(?|(\k'Pm')|(?'Pm'))/, caused a
2191buffer overflow at compile time. This bug was discovered by the LLVM fuzzer.
2192
219331. Fix -fsanitize=undefined warnings for left shifts of 1 by 31 (it treats 1
2194as an int; fixed by writing it as 1u).
2195
219632. Fix pcre2grep compile when -std=c99 is used with gcc, though it still gives
2197a warning for "fileno" unless -std=gnu99 us used.
2198
219933. A lookbehind assertion within a set of mutually recursive subpatterns could
2200provoke a buffer overflow. This bug was discovered by the LLVM fuzzer.
2201
220234. Give an error for an empty subpattern name such as (?'').
2203
220435. Make pcre2test give an error if a pattern that follows #forbud_utf contains
2205\P, \p, or \X.
2206
220736. The way named subpatterns are handled has been refactored. There is now a
2208pre-pass over the regex which does nothing other than identify named
2209subpatterns and count the total captures. This means that information about
2210named patterns is known before the rest of the compile. In particular, it means
2211that forward references can be checked as they are encountered. Previously, the
2212code for handling forward references was contorted and led to several errors in
2213computing the memory requirements for some patterns, leading to buffer
2214overflows.
2215
221637. There was no check for integer overflow in subroutine calls such as (?123).
2217
221838. The table entry for \l in EBCDIC environments was incorrect, leading to its
2219being treated as a literal 'l' instead of causing an error.
2220
222139. If a non-capturing group containing a conditional group that could match
2222an empty string was repeated, it was not identified as matching an empty string
2223itself. For example: /^(?:(?(1)x|)+)+$()/.
2224
222540. In an EBCDIC environment, pcretest was mishandling the escape sequences
2226\a and \e in test subject lines.
2227
222841. In an EBCDIC environment, \a in a pattern was converted to the ASCII
2229instead of the EBCDIC value.
2230
223142. The handling of \c in an EBCDIC environment has been revised so that it is
2232now compatible with the specification in Perl's perlebcdic page.
2233
223443. Single character repetition in JIT has been improved. 20-30% speedup
2235was achieved on certain patterns.
2236
223744. The EBCDIC character 0x41 is a non-breaking space, equivalent to 0xa0 in
2238ASCII/Unicode. This has now been added to the list of characters that are
2239recognized as white space in EBCDIC.
2240
224145. When PCRE2 was compiled without Unicode support, the use of \p and \P gave
2242an error (correctly) when used outside a class, but did not give an error
2243within a class.
2244
224546. \h within a class was incorrectly compiled in EBCDIC environments.
2246
224747. JIT should return with error when the compiled pattern requires
2248more stack space than the maximum.
2249
225048. Fixed a memory leak in pcre2grep when a locale is set.
2251
2252
2253Version 10.10 06-March-2015
2254---------------------------
2255
22561. When a pattern is compiled, it remembers the highest back reference so that
2257when matching, if the ovector is too small, extra memory can be obtained to
2258use instead. A conditional subpattern whose condition is a check on a capture
2259having happened, such as, for example in the pattern /^(?:(a)|b)(?(1)A|B)/, is
2260another kind of back reference, but it was not setting the highest
2261backreference number. This mattered only if pcre2_match() was called with an
2262ovector that was too small to hold the capture, and there was no other kind of
2263back reference (a situation which is probably quite rare). The effect of the
2264bug was that the condition was always treated as FALSE when the capture could
2265not be consulted, leading to a incorrect behaviour by pcre2_match(). This bug
2266has been fixed.
2267
22682. Functions for serialization and deserialization of sets of compiled patterns
2269have been added.
2270
22713. The value that is returned by PCRE2_INFO_SIZE has been corrected to remove
2272excess code units at the end of the data block that may occasionally occur if
2273the code for calculating the size over-estimates. This change stops the
2274serialization code copying uninitialized data, to which valgrind objects. The
2275documentation of PCRE2_INFO_SIZE was incorrect in stating that the size did not
2276include the general overhead. This has been corrected.
2277
22784. All code units in every slot in the table of group names are now set, again
2279in order to avoid accessing uninitialized data when serializing.
2280
22815. The (*NO_JIT) feature is implemented.
2282
22836. If a bug that caused pcre2_compile() to use more memory than allocated was
2284triggered when using valgrind, the code in (3) above passed a stupidly large
2285value to valgrind. This caused a crash instead of an "internal error" return.
2286
22877. A reference to a duplicated named group (either a back reference or a test
2288for being set in a conditional) that occurred in a part of the pattern where
2289PCRE2_DUPNAMES was not set caused the amount of memory needed for the pattern
2290to be incorrectly calculated, leading to overwriting.
2291
22928. A mutually recursive set of back references such as (\2)(\1) caused a
2293segfault at compile time (while trying to find the minimum matching length).
2294The infinite loop is now broken (with the minimum length unset, that is, zero).
2295
22969. If an assertion that was used as a condition was quantified with a minimum
2297of zero, matching went wrong. In particular, if the whole group had unlimited
2298repetition and could match an empty string, a segfault was likely. The pattern
2299(?(?=0)?)+ is an example that caused this. Perl allows assertions to be
2300quantified, but not if they are being used as conditions, so the above pattern
2301is faulted by Perl. PCRE2 has now been changed so that it also rejects such
2302patterns.
2303
230410. The error message for an invalid quantifier has been changed from "nothing
2305to repeat" to "quantifier does not follow a repeatable item".
2306
230711. If a bad UTF string is compiled with NO_UTF_CHECK, it may succeed, but
2308scanning the compiled pattern in subsequent auto-possessification can get out
2309of step and lead to an unknown opcode. Previously this could have caused an
2310infinite loop. Now it generates an "internal error" error. This is a tidyup,
2311not a bug fix; passing bad UTF with NO_UTF_CHECK is documented as having an
2312undefined outcome.
2313
231412. A UTF pattern containing a "not" match of a non-ASCII character and a
2315subroutine reference could loop at compile time. Example: /[^\xff]((?1))/.
2316
231713. The locale test (RunTest 3) has been upgraded. It now checks that a locale
2318that is found in the output of "locale -a" can actually be set by pcre2test
2319before it is accepted. Previously, in an environment where a locale was listed
2320but would not set (an example does exist), the test would "pass" without
2321actually doing anything. Also the fr_CA locale has been added to the list of
2322locales that can be used.
2323
232414. Fixed a bug in pcre2_substitute(). If a replacement string ended in a
2325capturing group number without parentheses, the last character was incorrectly
2326literally included at the end of the replacement string.
2327
232815. A possessive capturing group such as (a)*+ with a minimum repeat of zero
2329failed to allow the zero-repeat case if pcre2_match() was called with an
2330ovector too small to capture the group.
2331
233216. Improved error message in pcre2test when setting the stack size (-S) fails.
2333
233417. Fixed two bugs in CMakeLists.txt: (1) Some lines had got lost in the
2335transfer from PCRE1, meaning that CMake configuration failed if "build tests"
2336was selected. (2) The file src/pcre2_serialize.c had not been added to the list
2337of PCRE2 sources, which caused a failure to build pcre2test.
2338
233918. Fixed typo in pcre2_serialize.c (DECL instead of DEFN) that causes problems
2340only on Windows.
2341
234219. Use binary input when reading back saved serialized patterns in pcre2test.
2343
234420. Added RunTest.bat for running the tests under Windows.
2345
234621. "make distclean" was not removing config.h, a file that may be created for
2347use with CMake.
2348
234922. A pattern such as "((?2){0,1999}())?", which has a group containing a
2350forward reference repeated a large (but limited) number of times within a
2351repeated outer group that has a zero minimum quantifier, caused incorrect code
2352to be compiled, leading to the error "internal error: previously-checked
2353referenced subpattern not found" when an incorrect memory address was read.
2354This bug was reported as "heap overflow", discovered by Kai Lu of Fortinet's
2355FortiGuard Labs. (Added 24-March-2015: CVE-2015-2325 was given to this.)
2356
235723. A pattern such as "((?+1)(\1))/" containing a forward reference subroutine
2358call within a group that also contained a recursive back reference caused
2359incorrect code to be compiled. This bug was reported as "heap overflow",
2360discovered by Kai Lu of Fortinet's FortiGuard Labs. (Added 24-March-2015:
2361CVE-2015-2326 was given to this.)
2362
236324. Computing the size of the JIT read-only data in advance has been a source
2364of various issues, and new ones are still appear unfortunately. To fix
2365existing and future issues, size computation is eliminated from the code,
2366and replaced by on-demand memory allocation.
2367
236825. A pattern such as /(?i)[A-`]/, where characters in the other case are
2369adjacent to the end of the range, and the range contained characters with more
2370than one other case, caused incorrect behaviour when compiled in UTF mode. In
2371that example, the range a-j was left out of the class.
2372
2373
2374Version 10.00 05-January-2015
2375-----------------------------
2376
2377Version 10.00 is the first release of PCRE2, a revised API for the PCRE
2378library. Changes prior to 10.00 are logged in the ChangeLog file for the old
2379API, up to item 20 for release 8.36.
2380
2381The code of the library was heavily revised as part of the new API
2382implementation. Details of each and every modification were not individually
2383logged. In addition to the API changes, the following changes were made. They
2384are either new functionality, or bug fixes and other noticeable changes of
2385behaviour that were implemented after the code had been forked.
2386
23871. Including Unicode support at build time is now enabled by default, but it
2388can optionally be disabled. It is not enabled by default at run time (no
2389change).
2390
23912. The test program, now called pcre2test, was re-specified and almost
2392completely re-written. Its input is not compatible with input for pcretest.
2393
23943. Patterns may start with (*NOTEMPTY) or (*NOTEMPTY_ATSTART) to set the
2395PCRE2_NOTEMPTY or PCRE2_NOTEMPTY_ATSTART options for every subject line that is
2396matched by that pattern.
2397
23984. For the benefit of those who use PCRE2 via some other application, that is,
2399not writing the function calls themselves, it is possible to check the PCRE2
2400version by matching a pattern such as /(?(VERSION>=10)yes|no)/ against a
2401string such as "yesno".
2402
24035. There are case-equivalent Unicode characters whose encodings use different
2404numbers of code units in UTF-8. U+023A and U+2C65 are one example. (It is
2405theoretically possible for this to happen in UTF-16 too.) If a backreference to
2406a group containing one of these characters was greedily repeated, and during
2407the match a backtrack occurred, the subject might be backtracked by the wrong
2408number of code units. For example, if /^(\x{23a})\1*(.)/ is matched caselessly
2409(and in UTF-8 mode) against "\x{23a}\x{2c65}\x{2c65}\x{2c65}", group 2 should
2410capture the final character, which is the three bytes E2, B1, and A5 in UTF-8.
2411Incorrect backtracking meant that group 2 captured only the last two bytes.
2412This bug has been fixed; the new code is slower, but it is used only when the
2413strings matched by the repetition are not all the same length.
2414
24156. A pattern such as /()a/ was not setting the "first character must be 'a'"
2416information. This applied to any pattern with a group that matched no
2417characters, for example: /(?:(?=.)|(?<!x))a/.
2418
24197. When an (*ACCEPT) is triggered inside capturing parentheses, it arranges for
2420those parentheses to be closed with whatever has been captured so far. However,
2421it was failing to mark any other groups between the highest capture so far and
2422the currrent group as "unset". Thus, the ovector for those groups contained
2423whatever was previously there. An example is the pattern /(x)|((*ACCEPT))/ when
2424matched against "abcd".
2425
24268. The pcre2_substitute() function has been implemented.
2427
24289. If an assertion used as a condition was quantified with a minimum of zero
2429(an odd thing to do, but it happened), SIGSEGV or other misbehaviour could
2430occur.
2431
243210. The PCRE2_NO_DOTSTAR_ANCHOR option has been implemented.
2433
2434****
2435