[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Octave-bug-tracker] [bug #51589] crash on regexp
|
From: |
Dan Sebald |
|
Subject: |
[Octave-bug-tracker] [bug #51589] crash on regexp |
|
Date: |
Thu, 27 Jul 2017 17:31:47 -0400 (EDT) |
|
User-agent: |
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0 |
Follow-up Comment #4, bug #51589 (project octave):
Regardless of the application, this certainly looks like a bug. And best I
can guess it is a PCRE bug. There are a few buffers constructed via
OCTAVE_LOCAL_BUFFER and then passed into the prce_exec() routine:
fprintf(stderr, "buffer length: %d\n", buffer.length());
//fprintf(stderr, "c_str: %s\n", buffer.c_str());
fprintf(stderr, "idx: %lu\n", idx);
int matches = pcre_exec (re, nullptr, buffer.c_str (),
buffer.length (), idx,
(idx ? PCRE_NOTBOL : 0),
ovector, (subpatterns+1)*3);
but none of them are large working buffers, just small ones which accept
returned offset values in the buffer.
Note some small variations on MM's example:
pattern = 'a+';
does not fail. And without the capture syntax (), the ovector size is one
triple less, i.e.,
pcre_fullinfo (re, nullptr, PCRE_INFO_CAPTURECOUNT, &subpatterns);
returns subpatters=0.
pattern = '(a)';
does not fail. It returns a very large number of cells, i.e., 'a', 'a', 'a',
etc., but doesn't crash. To me, this seems more memory intensive than pattern
'(a)+', which groups all the 'a's together in one string.
pattern = '(?:a)+'
surprisingly does fail. This is supposed to be non-remembering capture and is
suggested if the capturing version has too much of a performance hit.
Also, the call to pcre_exec() fails immediately, with no jump in system
memory.
MM's example fails at 8441 for the length of "aaaaa...a". That doesn't seem
particularly large.
So there seems like a bug in PCRE, due to large array size, but not related to
running out of memory.
Probably the best thing to do would be write a very short C program that
replicates this "aaaa...a" example and submit to PCRE as a bug report.
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/bugs/?51589>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
- [Octave-bug-tracker] [bug #51589] crash on regexp, anonymous, 2017/07/27
- [Octave-bug-tracker] [bug #51589] crash on regexp, Rik, 2017/07/27
- [Octave-bug-tracker] [bug #51589] crash on regexp, Mike Miller, 2017/07/27
- [Octave-bug-tracker] [bug #51589] crash on regexp, anonymous, 2017/07/27
- [Octave-bug-tracker] [bug #51589] crash on regexp,
Dan Sebald <=
- [Octave-bug-tracker] [bug #51589] crash on regexp, Mike Miller, 2017/07/27
- [Octave-bug-tracker] [bug #51589] crash on regexp, Rik, 2017/07/27
- [Octave-bug-tracker] [bug #51589] crash on regexp, Dan Sebald, 2017/07/27
- [Octave-bug-tracker] [bug #51589] crash on regexp, Dan Sebald, 2017/07/28
- [Octave-bug-tracker] [bug #51589] crash on regexp, Dan Sebald, 2017/07/28
- [Octave-bug-tracker] [bug #51589] crash on regexp, anonymous, 2017/07/28
- [Octave-bug-tracker] [bug #51589] crash on regexp, Rik, 2017/07/28
- [Octave-bug-tracker] [bug #51589] crash on regexp, Dan Sebald, 2017/07/28
- [Octave-bug-tracker] [bug #51589] crash on regexp, Rik, 2017/07/28
- [Octave-bug-tracker] [bug #51589] crash on regexp, Dan Sebald, 2017/07/28