Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(173)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: source/i18n/rematch.cpp

Issue 7891051: Fix for bug 81753, do not read past the end of unicode strings (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/icu46/
Patch Set: '' Created 9 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « patches/rematch.patch ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 ************************************************************************** 2 **************************************************************************
3 * Copyright (C) 2002-2010 International Business Machines Corporation * 3 * Copyright (C) 2002-2010 International Business Machines Corporation *
4 * and others. All rights reserved. * 4 * and others. All rights reserved. *
5 ************************************************************************** 5 **************************************************************************
6 */ 6 */
7 // 7 //
8 // file: rematch.cpp 8 // file: rematch.cpp
9 // 9 //
10 // Contains the implementation of class RegexMatcher, 10 // Contains the implementation of class RegexMatcher,
(...skipping 5580 matching lines...) Expand 10 before | Expand all | Expand 10 after
5591 opValue = URX_VAL(op); 5591 opValue = URX_VAL(op);
5592 U_ASSERT(opType == URX_STRING_LEN); 5592 U_ASSERT(opType == URX_STRING_LEN);
5593 stringLen = opValue; 5593 stringLen = opValue;
5594 5594
5595 const UChar *patternChars = litText+stringStartIdx; 5595 const UChar *patternChars = litText+stringStartIdx;
5596 const UChar *patternEnd = patternChars+stringLen; 5596 const UChar *patternEnd = patternChars+stringLen;
5597 5597
5598 const UChar *foldChars = NULL; 5598 const UChar *foldChars = NULL;
5599 int32_t foldOffset, foldLength; 5599 int32_t foldOffset, foldLength;
5600 UChar32 c; 5600 UChar32 c;
5601 UBool c_is_valid = FALSE;
5601 5602
5602 #ifdef REGEX_SMART_BACKTRACKING 5603 #ifdef REGEX_SMART_BACKTRACKING
5603 int32_t originalInputIdx = fp->fInputIdx; 5604 int32_t originalInputIdx = fp->fInputIdx;
5604 #endif 5605 #endif
5605 UBool success = TRUE; 5606 UBool success = TRUE;
5606 5607
5607 foldOffset = foldLength = 0; 5608 foldOffset = foldLength = 0;
5608 5609
5609 while (patternChars < patternEnd && success) { 5610 while (patternChars < patternEnd && success) {
5610 if(foldOffset < foldLength) { 5611 if (fp->fInputIdx < fActiveLimit) { // don't read past end of string
5611 U16_NEXT_UNSAFE(foldChars, foldOffset, c); 5612 if(foldOffset < foldLength) {
5612 } else { 5613 U16_NEXT_UNSAFE(foldChars, foldOffset, c);
5613 U16_NEXT(inputBuf, fp->fInputIdx, fActiveLimit, c); 5614 c_is_valid = TRUE;
5614 foldLength = ucase_toFullFolding(csp, c, &foldChars, U_FOLD_CASE_DEFAULT); 5615 } else {
5615 if(foldLength >= 0) { 5616 // test pre-condition of U16_NEXT: i < length
5616 if(foldLength <= UCASE_MAX_STRING_LENGTH) { // !!!: Does not correctly handle chars that fold to 0-length strings 5617 U_ASSERT(fp->fInputIdx < fActiveLimit);
5617 foldOffset = 0; 5618 U16_NEXT(inputBuf, fp->fInputIdx, fActiveLimit, c);
5618 U16_NEXT_UNSAFE(foldChars, foldOffset, c); 5619 c_is_valid = TRUE;
5619 } else { 5620 foldLength = ucase_toFullFolding(csp, c, &foldCh ars, U_FOLD_CASE_DEFAULT);
5620 c = foldLength; 5621 if(foldLength >= 0) {
5621 foldLength = foldOffset; // to avoid reading chars from the folding buffer 5622 if(foldLength <= UCASE_MAX_STRING_LENGTH) { // !!!: Does not correctly handle chars that fold to 0-length strings
5623 foldOffset = 0;
5624 U16_NEXT_UNSAFE(foldChars, foldOffset, c );
5625 } else {
5626 c = foldLength;
5627 foldLength = foldOffset; // to avoid rea ding chars from the folding buffer
5628 }
5622 } 5629 }
5623 } 5630 }
5624 } 5631 }
5625 5632
5626 if (fp->fInputIdx <= fActiveLimit) { 5633 if (fp->fInputIdx <= fActiveLimit && c_is_valid) {
5627 if (U_IS_BMP(c)) { 5634 if (U_IS_BMP(c)) {
5628 success = (*patternChars == c); 5635 success = (*patternChars == c);
5629 patternChars += 1; 5636 patternChars += 1;
5630 } else if (patternChars+1 < patternEnd) { 5637 } else if (patternChars+1 < patternEnd) {
5631 success = (*patternChars == U16_LEAD(c) && *(pat ternChars+1) == U16_TRAIL(c)); 5638 success = (*patternChars == U16_LEAD(c) && *(pat ternChars+1) == U16_TRAIL(c));
5632 patternChars += 2; 5639 patternChars += 2;
5633 } 5640 }
5634 } else { 5641 } else {
5635 success = FALSE; 5642 success = FALSE;
5636 fHitEnd = TRUE; // TODO: See ticket 6074 5643 fHitEnd = TRUE; // TODO: See ticket 6074
(...skipping 426 matching lines...) Expand 10 before | Expand all | Expand 10 after
6063 6070
6064 return; 6071 return;
6065 } 6072 }
6066 6073
6067 6074
6068 UOBJECT_DEFINE_RTTI_IMPLEMENTATION(RegexMatcher) 6075 UOBJECT_DEFINE_RTTI_IMPLEMENTATION(RegexMatcher)
6069 6076
6070 U_NAMESPACE_END 6077 U_NAMESPACE_END
6071 6078
6072 #endif // !UCONFIG_NO_REGULAR_EXPRESSIONS 6079 #endif // !UCONFIG_NO_REGULAR_EXPRESSIONS
6073
OLDNEW
« no previous file with comments | « patches/rematch.patch ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698