Fossil SCM
Further reduce divergence between the SQLite and Fossil implementations of regexp.c. Fix compiler warnings for MSVC.
Commit
a18dab4184501635bcf038e5370c060a09800aa1bb0848c5e37188f5df39235c
Parent
702a56d116a3d3b…
4 files changed
+25
-36
+4
-4
+2
-2
+79
-84
+25
-36
| --- extsrc/shell.c | ||
| +++ extsrc/shell.c | ||
| @@ -7026,22 +7026,17 @@ | ||
| 7026 | 7026 | ** exhibits exponential behavior. Note that the X{p,q} operator expands |
| 7027 | 7027 | ** to p copies of X following by q-p copies of X? and that the size of the |
| 7028 | 7028 | ** regular expression in the O(N*M) performance bound is computed after |
| 7029 | 7029 | ** this expansion. |
| 7030 | 7030 | ** |
| 7031 | -** To help prevent DoS attacks, the size of the NFA is limit to | |
| 7032 | -** SQLITE_MAX_REGEXP states, default 9999. | |
| 7031 | +** To help prevent DoS attacks, the maximum size of the NFA is restricted. | |
| 7033 | 7032 | */ |
| 7034 | 7033 | #include <string.h> |
| 7035 | 7034 | #include <stdlib.h> |
| 7036 | 7035 | /* #include "sqlite3ext.h" */ |
| 7037 | 7036 | SQLITE_EXTENSION_INIT1 |
| 7038 | 7037 | |
| 7039 | -#ifndef SQLITE_MAX_REGEXP | |
| 7040 | -# define SQLITE_MAX_REGEXP 9999 | |
| 7041 | -#endif | |
| 7042 | - | |
| 7043 | 7038 | /* |
| 7044 | 7039 | ** The following #defines change the names of some functions implemented in |
| 7045 | 7040 | ** this file to prevent name collisions with C-library functions of the |
| 7046 | 7041 | ** same name. |
| 7047 | 7042 | */ |
| @@ -7072,36 +7067,10 @@ | ||
| 7072 | 7067 | #define RE_OP_NOTDIGIT 14 /* Not a digit */ |
| 7073 | 7068 | #define RE_OP_SPACE 15 /* space: [ \t\n\r\v\f] */ |
| 7074 | 7069 | #define RE_OP_NOTSPACE 16 /* Not a digit */ |
| 7075 | 7070 | #define RE_OP_BOUNDARY 17 /* Boundary between word and non-word */ |
| 7076 | 7071 | #define RE_OP_ATSTART 18 /* Currently at the start of the string */ |
| 7077 | - | |
| 7078 | -#if defined(SQLITE_DEBUG) | |
| 7079 | -/* Opcode names used for symbolic debugging */ | |
| 7080 | -static const char *ReOpName[] = { | |
| 7081 | - "EOF", | |
| 7082 | - "MATCH", | |
| 7083 | - "ANY", | |
| 7084 | - "ANYSTAR", | |
| 7085 | - "FORK", | |
| 7086 | - "GOTO", | |
| 7087 | - "ACCEPT", | |
| 7088 | - "CC_INC", | |
| 7089 | - "CC_EXC", | |
| 7090 | - "CC_VALUE", | |
| 7091 | - "CC_RANGE", | |
| 7092 | - "WORD", | |
| 7093 | - "NOTWORD", | |
| 7094 | - "DIGIT", | |
| 7095 | - "NOTDIGIT", | |
| 7096 | - "SPACE", | |
| 7097 | - "NOTSPACE", | |
| 7098 | - "BOUNDARY", | |
| 7099 | - "ATSTART", | |
| 7100 | -}; | |
| 7101 | -#endif /* SQLITE_DEBUG */ | |
| 7102 | - | |
| 7103 | 7072 | |
| 7104 | 7073 | /* Each opcode is a "state" in the NFA */ |
| 7105 | 7074 | typedef unsigned short ReStateNumber; |
| 7106 | 7075 | |
| 7107 | 7076 | /* Because this is an NFA and not a DFA, multiple states can be active at |
| @@ -7350,11 +7319,11 @@ | ||
| 7350 | 7319 | return rc; |
| 7351 | 7320 | } |
| 7352 | 7321 | |
| 7353 | 7322 | /* Resize the opcode and argument arrays for an RE under construction. |
| 7354 | 7323 | */ |
| 7355 | -static int re_resize(ReCompiled *p, int N){ | |
| 7324 | +static int re_resize(ReCompiled *p, unsigned int N){ | |
| 7356 | 7325 | char *aOp; |
| 7357 | 7326 | int *aArg; |
| 7358 | 7327 | if( N>p->mxAlloc ){ p->zErr = "REGEXP pattern too big"; return 1; } |
| 7359 | 7328 | aOp = sqlite3_realloc64(p->aOp, N*sizeof(p->aOp[0])); |
| 7360 | 7329 | if( aOp==0 ){ p->zErr = "out of memory"; return 1; } |
| @@ -7389,11 +7358,11 @@ | ||
| 7389 | 7358 | } |
| 7390 | 7359 | |
| 7391 | 7360 | /* Make a copy of N opcodes starting at iStart onto the end of the RE |
| 7392 | 7361 | ** under construction. |
| 7393 | 7362 | */ |
| 7394 | -static void re_copy(ReCompiled *p, int iStart, int N){ | |
| 7363 | +static void re_copy(ReCompiled *p, int iStart, unsigned int N){ | |
| 7395 | 7364 | if( p->nState+N>=p->nAlloc && re_resize(p, p->nAlloc*2+N) ) return; |
| 7396 | 7365 | memcpy(&p->aOp[p->nState], &p->aOp[iStart], N*sizeof(p->aOp[0])); |
| 7397 | 7366 | memcpy(&p->aArg[p->nState], &p->aArg[iStart], N*sizeof(p->aArg[0])); |
| 7398 | 7367 | p->nState += N; |
| 7399 | 7368 | } |
| @@ -7643,12 +7612,11 @@ | ||
| 7643 | 7612 | |
| 7644 | 7613 | /* Free and reclaim all the memory used by a previously compiled |
| 7645 | 7614 | ** regular expression. Applications should invoke this routine once |
| 7646 | 7615 | ** for every call to re_compile() to avoid memory leaks. |
| 7647 | 7616 | */ |
| 7648 | -static void re_free(void *p){ | |
| 7649 | - ReCompiled *pRe = (ReCompiled*)p; | |
| 7617 | +static void re_free(ReCompiled *pRe){ | |
| 7650 | 7618 | if( pRe ){ |
| 7651 | 7619 | sqlite3_free(pRe->aOp); |
| 7652 | 7620 | sqlite3_free(pRe->aArg); |
| 7653 | 7621 | sqlite3_free(pRe); |
| 7654 | 7622 | } |
| @@ -7808,10 +7776,31 @@ | ||
| 7808 | 7776 | sqlite3_str *pStr; |
| 7809 | 7777 | int i; |
| 7810 | 7778 | int n; |
| 7811 | 7779 | char *z; |
| 7812 | 7780 | (void)argc; |
| 7781 | + static const char *ReOpName[] = { | |
| 7782 | + "EOF", | |
| 7783 | + "MATCH", | |
| 7784 | + "ANY", | |
| 7785 | + "ANYSTAR", | |
| 7786 | + "FORK", | |
| 7787 | + "GOTO", | |
| 7788 | + "ACCEPT", | |
| 7789 | + "CC_INC", | |
| 7790 | + "CC_EXC", | |
| 7791 | + "CC_VALUE", | |
| 7792 | + "CC_RANGE", | |
| 7793 | + "WORD", | |
| 7794 | + "NOTWORD", | |
| 7795 | + "DIGIT", | |
| 7796 | + "NOTDIGIT", | |
| 7797 | + "SPACE", | |
| 7798 | + "NOTSPACE", | |
| 7799 | + "BOUNDARY", | |
| 7800 | + "ATSTART", | |
| 7801 | + }; | |
| 7813 | 7802 | |
| 7814 | 7803 | zPattern = (const char*)sqlite3_value_text(argv[0]); |
| 7815 | 7804 | if( zPattern==0 ) return; |
| 7816 | 7805 | zErr = re_compile(&pRe, zPattern, re_maxlen(context), |
| 7817 | 7806 | sqlite3_user_data(context)!=0); |
| 7818 | 7807 |
| --- extsrc/shell.c | |
| +++ extsrc/shell.c | |
| @@ -7026,22 +7026,17 @@ | |
| 7026 | ** exhibits exponential behavior. Note that the X{p,q} operator expands |
| 7027 | ** to p copies of X following by q-p copies of X? and that the size of the |
| 7028 | ** regular expression in the O(N*M) performance bound is computed after |
| 7029 | ** this expansion. |
| 7030 | ** |
| 7031 | ** To help prevent DoS attacks, the size of the NFA is limit to |
| 7032 | ** SQLITE_MAX_REGEXP states, default 9999. |
| 7033 | */ |
| 7034 | #include <string.h> |
| 7035 | #include <stdlib.h> |
| 7036 | /* #include "sqlite3ext.h" */ |
| 7037 | SQLITE_EXTENSION_INIT1 |
| 7038 | |
| 7039 | #ifndef SQLITE_MAX_REGEXP |
| 7040 | # define SQLITE_MAX_REGEXP 9999 |
| 7041 | #endif |
| 7042 | |
| 7043 | /* |
| 7044 | ** The following #defines change the names of some functions implemented in |
| 7045 | ** this file to prevent name collisions with C-library functions of the |
| 7046 | ** same name. |
| 7047 | */ |
| @@ -7072,36 +7067,10 @@ | |
| 7072 | #define RE_OP_NOTDIGIT 14 /* Not a digit */ |
| 7073 | #define RE_OP_SPACE 15 /* space: [ \t\n\r\v\f] */ |
| 7074 | #define RE_OP_NOTSPACE 16 /* Not a digit */ |
| 7075 | #define RE_OP_BOUNDARY 17 /* Boundary between word and non-word */ |
| 7076 | #define RE_OP_ATSTART 18 /* Currently at the start of the string */ |
| 7077 | |
| 7078 | #if defined(SQLITE_DEBUG) |
| 7079 | /* Opcode names used for symbolic debugging */ |
| 7080 | static const char *ReOpName[] = { |
| 7081 | "EOF", |
| 7082 | "MATCH", |
| 7083 | "ANY", |
| 7084 | "ANYSTAR", |
| 7085 | "FORK", |
| 7086 | "GOTO", |
| 7087 | "ACCEPT", |
| 7088 | "CC_INC", |
| 7089 | "CC_EXC", |
| 7090 | "CC_VALUE", |
| 7091 | "CC_RANGE", |
| 7092 | "WORD", |
| 7093 | "NOTWORD", |
| 7094 | "DIGIT", |
| 7095 | "NOTDIGIT", |
| 7096 | "SPACE", |
| 7097 | "NOTSPACE", |
| 7098 | "BOUNDARY", |
| 7099 | "ATSTART", |
| 7100 | }; |
| 7101 | #endif /* SQLITE_DEBUG */ |
| 7102 | |
| 7103 | |
| 7104 | /* Each opcode is a "state" in the NFA */ |
| 7105 | typedef unsigned short ReStateNumber; |
| 7106 | |
| 7107 | /* Because this is an NFA and not a DFA, multiple states can be active at |
| @@ -7350,11 +7319,11 @@ | |
| 7350 | return rc; |
| 7351 | } |
| 7352 | |
| 7353 | /* Resize the opcode and argument arrays for an RE under construction. |
| 7354 | */ |
| 7355 | static int re_resize(ReCompiled *p, int N){ |
| 7356 | char *aOp; |
| 7357 | int *aArg; |
| 7358 | if( N>p->mxAlloc ){ p->zErr = "REGEXP pattern too big"; return 1; } |
| 7359 | aOp = sqlite3_realloc64(p->aOp, N*sizeof(p->aOp[0])); |
| 7360 | if( aOp==0 ){ p->zErr = "out of memory"; return 1; } |
| @@ -7389,11 +7358,11 @@ | |
| 7389 | } |
| 7390 | |
| 7391 | /* Make a copy of N opcodes starting at iStart onto the end of the RE |
| 7392 | ** under construction. |
| 7393 | */ |
| 7394 | static void re_copy(ReCompiled *p, int iStart, int N){ |
| 7395 | if( p->nState+N>=p->nAlloc && re_resize(p, p->nAlloc*2+N) ) return; |
| 7396 | memcpy(&p->aOp[p->nState], &p->aOp[iStart], N*sizeof(p->aOp[0])); |
| 7397 | memcpy(&p->aArg[p->nState], &p->aArg[iStart], N*sizeof(p->aArg[0])); |
| 7398 | p->nState += N; |
| 7399 | } |
| @@ -7643,12 +7612,11 @@ | |
| 7643 | |
| 7644 | /* Free and reclaim all the memory used by a previously compiled |
| 7645 | ** regular expression. Applications should invoke this routine once |
| 7646 | ** for every call to re_compile() to avoid memory leaks. |
| 7647 | */ |
| 7648 | static void re_free(void *p){ |
| 7649 | ReCompiled *pRe = (ReCompiled*)p; |
| 7650 | if( pRe ){ |
| 7651 | sqlite3_free(pRe->aOp); |
| 7652 | sqlite3_free(pRe->aArg); |
| 7653 | sqlite3_free(pRe); |
| 7654 | } |
| @@ -7808,10 +7776,31 @@ | |
| 7808 | sqlite3_str *pStr; |
| 7809 | int i; |
| 7810 | int n; |
| 7811 | char *z; |
| 7812 | (void)argc; |
| 7813 | |
| 7814 | zPattern = (const char*)sqlite3_value_text(argv[0]); |
| 7815 | if( zPattern==0 ) return; |
| 7816 | zErr = re_compile(&pRe, zPattern, re_maxlen(context), |
| 7817 | sqlite3_user_data(context)!=0); |
| 7818 |
| --- extsrc/shell.c | |
| +++ extsrc/shell.c | |
| @@ -7026,22 +7026,17 @@ | |
| 7026 | ** exhibits exponential behavior. Note that the X{p,q} operator expands |
| 7027 | ** to p copies of X following by q-p copies of X? and that the size of the |
| 7028 | ** regular expression in the O(N*M) performance bound is computed after |
| 7029 | ** this expansion. |
| 7030 | ** |
| 7031 | ** To help prevent DoS attacks, the maximum size of the NFA is restricted. |
| 7032 | */ |
| 7033 | #include <string.h> |
| 7034 | #include <stdlib.h> |
| 7035 | /* #include "sqlite3ext.h" */ |
| 7036 | SQLITE_EXTENSION_INIT1 |
| 7037 | |
| 7038 | /* |
| 7039 | ** The following #defines change the names of some functions implemented in |
| 7040 | ** this file to prevent name collisions with C-library functions of the |
| 7041 | ** same name. |
| 7042 | */ |
| @@ -7072,36 +7067,10 @@ | |
| 7067 | #define RE_OP_NOTDIGIT 14 /* Not a digit */ |
| 7068 | #define RE_OP_SPACE 15 /* space: [ \t\n\r\v\f] */ |
| 7069 | #define RE_OP_NOTSPACE 16 /* Not a digit */ |
| 7070 | #define RE_OP_BOUNDARY 17 /* Boundary between word and non-word */ |
| 7071 | #define RE_OP_ATSTART 18 /* Currently at the start of the string */ |
| 7072 | |
| 7073 | /* Each opcode is a "state" in the NFA */ |
| 7074 | typedef unsigned short ReStateNumber; |
| 7075 | |
| 7076 | /* Because this is an NFA and not a DFA, multiple states can be active at |
| @@ -7350,11 +7319,11 @@ | |
| 7319 | return rc; |
| 7320 | } |
| 7321 | |
| 7322 | /* Resize the opcode and argument arrays for an RE under construction. |
| 7323 | */ |
| 7324 | static int re_resize(ReCompiled *p, unsigned int N){ |
| 7325 | char *aOp; |
| 7326 | int *aArg; |
| 7327 | if( N>p->mxAlloc ){ p->zErr = "REGEXP pattern too big"; return 1; } |
| 7328 | aOp = sqlite3_realloc64(p->aOp, N*sizeof(p->aOp[0])); |
| 7329 | if( aOp==0 ){ p->zErr = "out of memory"; return 1; } |
| @@ -7389,11 +7358,11 @@ | |
| 7358 | } |
| 7359 | |
| 7360 | /* Make a copy of N opcodes starting at iStart onto the end of the RE |
| 7361 | ** under construction. |
| 7362 | */ |
| 7363 | static void re_copy(ReCompiled *p, int iStart, unsigned int N){ |
| 7364 | if( p->nState+N>=p->nAlloc && re_resize(p, p->nAlloc*2+N) ) return; |
| 7365 | memcpy(&p->aOp[p->nState], &p->aOp[iStart], N*sizeof(p->aOp[0])); |
| 7366 | memcpy(&p->aArg[p->nState], &p->aArg[iStart], N*sizeof(p->aArg[0])); |
| 7367 | p->nState += N; |
| 7368 | } |
| @@ -7643,12 +7612,11 @@ | |
| 7612 | |
| 7613 | /* Free and reclaim all the memory used by a previously compiled |
| 7614 | ** regular expression. Applications should invoke this routine once |
| 7615 | ** for every call to re_compile() to avoid memory leaks. |
| 7616 | */ |
| 7617 | static void re_free(ReCompiled *pRe){ |
| 7618 | if( pRe ){ |
| 7619 | sqlite3_free(pRe->aOp); |
| 7620 | sqlite3_free(pRe->aArg); |
| 7621 | sqlite3_free(pRe); |
| 7622 | } |
| @@ -7808,10 +7776,31 @@ | |
| 7776 | sqlite3_str *pStr; |
| 7777 | int i; |
| 7778 | int n; |
| 7779 | char *z; |
| 7780 | (void)argc; |
| 7781 | static const char *ReOpName[] = { |
| 7782 | "EOF", |
| 7783 | "MATCH", |
| 7784 | "ANY", |
| 7785 | "ANYSTAR", |
| 7786 | "FORK", |
| 7787 | "GOTO", |
| 7788 | "ACCEPT", |
| 7789 | "CC_INC", |
| 7790 | "CC_EXC", |
| 7791 | "CC_VALUE", |
| 7792 | "CC_RANGE", |
| 7793 | "WORD", |
| 7794 | "NOTWORD", |
| 7795 | "DIGIT", |
| 7796 | "NOTDIGIT", |
| 7797 | "SPACE", |
| 7798 | "NOTSPACE", |
| 7799 | "BOUNDARY", |
| 7800 | "ATSTART", |
| 7801 | }; |
| 7802 | |
| 7803 | zPattern = (const char*)sqlite3_value_text(argv[0]); |
| 7804 | if( zPattern==0 ) return; |
| 7805 | zErr = re_compile(&pRe, zPattern, re_maxlen(context), |
| 7806 | sqlite3_user_data(context)!=0); |
| 7807 |
+4
-4
| --- extsrc/sqlite3.c | ||
| +++ extsrc/sqlite3.c | ||
| @@ -16,11 +16,11 @@ | ||
| 16 | 16 | ** if you want a wrapper to interface SQLite with your choice of programming |
| 17 | 17 | ** language. The code for the "sqlite3" command-line shell is also in a |
| 18 | 18 | ** separate file. This file contains only code for the core SQLite library. |
| 19 | 19 | ** |
| 20 | 20 | ** The content in this amalgamation comes from Fossil check-in |
| 21 | -** 869c968569b09d05a5b7d587d8fddb3b4611 with changes in files: | |
| 21 | +** 2b34b750b5528b6dda195bc1a3895dc3fe46 with changes in files: | |
| 22 | 22 | ** |
| 23 | 23 | ** |
| 24 | 24 | */ |
| 25 | 25 | #ifndef SQLITE_AMALGAMATION |
| 26 | 26 | #define SQLITE_CORE 1 |
| @@ -467,14 +467,14 @@ | ||
| 467 | 467 | ** [sqlite3_libversion_number()], [sqlite3_sourceid()], |
| 468 | 468 | ** [sqlite_version()] and [sqlite_source_id()]. |
| 469 | 469 | */ |
| 470 | 470 | #define SQLITE_VERSION "3.51.0" |
| 471 | 471 | #define SQLITE_VERSION_NUMBER 3051000 |
| 472 | -#define SQLITE_SOURCE_ID "2025-09-26 15:38:52 869c968569b09d05a5b7d587d8fddb3b4611daf7467dc157701e5dc6c960alt1" | |
| 472 | +#define SQLITE_SOURCE_ID "2025-09-27 11:54:49 2b34b750b5528b6dda195bc1a3895dc3fe46e70cbf992a78111316e2726c1ade" | |
| 473 | 473 | #define SQLITE_SCM_BRANCH "trunk" |
| 474 | 474 | #define SQLITE_SCM_TAGS "" |
| 475 | -#define SQLITE_SCM_DATETIME "2025-09-26T15:38:52.279Z" | |
| 475 | +#define SQLITE_SCM_DATETIME "2025-09-27T11:54:49.147Z" | |
| 476 | 476 | |
| 477 | 477 | /* |
| 478 | 478 | ** CAPI3REF: Run-Time Library Version Numbers |
| 479 | 479 | ** KEYWORDS: sqlite3_version sqlite3_sourceid |
| 480 | 480 | ** |
| @@ -258706,11 +258706,11 @@ | ||
| 258706 | 258706 | int nArg, /* Number of args */ |
| 258707 | 258707 | sqlite3_value **apUnused /* Function arguments */ |
| 258708 | 258708 | ){ |
| 258709 | 258709 | assert( nArg==0 ); |
| 258710 | 258710 | UNUSED_PARAM2(nArg, apUnused); |
| 258711 | - sqlite3_result_text(pCtx, "fts5: 2025-09-26 11:47:13 d022ee167b90a7c32049a93d476e869270018017f60551185024409730d77640", -1, SQLITE_TRANSIENT); | |
| 258711 | + sqlite3_result_text(pCtx, "fts5: 2025-09-27 11:54:49 2b34b750b5528b6dda195bc1a3895dc3fe46e70cbf992a78111316e2726c1ade", -1, SQLITE_TRANSIENT); | |
| 258712 | 258712 | } |
| 258713 | 258713 | |
| 258714 | 258714 | /* |
| 258715 | 258715 | ** Implementation of fts5_locale(LOCALE, TEXT) function. |
| 258716 | 258716 | ** |
| 258717 | 258717 |
| --- extsrc/sqlite3.c | |
| +++ extsrc/sqlite3.c | |
| @@ -16,11 +16,11 @@ | |
| 16 | ** if you want a wrapper to interface SQLite with your choice of programming |
| 17 | ** language. The code for the "sqlite3" command-line shell is also in a |
| 18 | ** separate file. This file contains only code for the core SQLite library. |
| 19 | ** |
| 20 | ** The content in this amalgamation comes from Fossil check-in |
| 21 | ** 869c968569b09d05a5b7d587d8fddb3b4611 with changes in files: |
| 22 | ** |
| 23 | ** |
| 24 | */ |
| 25 | #ifndef SQLITE_AMALGAMATION |
| 26 | #define SQLITE_CORE 1 |
| @@ -467,14 +467,14 @@ | |
| 467 | ** [sqlite3_libversion_number()], [sqlite3_sourceid()], |
| 468 | ** [sqlite_version()] and [sqlite_source_id()]. |
| 469 | */ |
| 470 | #define SQLITE_VERSION "3.51.0" |
| 471 | #define SQLITE_VERSION_NUMBER 3051000 |
| 472 | #define SQLITE_SOURCE_ID "2025-09-26 15:38:52 869c968569b09d05a5b7d587d8fddb3b4611daf7467dc157701e5dc6c960alt1" |
| 473 | #define SQLITE_SCM_BRANCH "trunk" |
| 474 | #define SQLITE_SCM_TAGS "" |
| 475 | #define SQLITE_SCM_DATETIME "2025-09-26T15:38:52.279Z" |
| 476 | |
| 477 | /* |
| 478 | ** CAPI3REF: Run-Time Library Version Numbers |
| 479 | ** KEYWORDS: sqlite3_version sqlite3_sourceid |
| 480 | ** |
| @@ -258706,11 +258706,11 @@ | |
| 258706 | int nArg, /* Number of args */ |
| 258707 | sqlite3_value **apUnused /* Function arguments */ |
| 258708 | ){ |
| 258709 | assert( nArg==0 ); |
| 258710 | UNUSED_PARAM2(nArg, apUnused); |
| 258711 | sqlite3_result_text(pCtx, "fts5: 2025-09-26 11:47:13 d022ee167b90a7c32049a93d476e869270018017f60551185024409730d77640", -1, SQLITE_TRANSIENT); |
| 258712 | } |
| 258713 | |
| 258714 | /* |
| 258715 | ** Implementation of fts5_locale(LOCALE, TEXT) function. |
| 258716 | ** |
| 258717 |
| --- extsrc/sqlite3.c | |
| +++ extsrc/sqlite3.c | |
| @@ -16,11 +16,11 @@ | |
| 16 | ** if you want a wrapper to interface SQLite with your choice of programming |
| 17 | ** language. The code for the "sqlite3" command-line shell is also in a |
| 18 | ** separate file. This file contains only code for the core SQLite library. |
| 19 | ** |
| 20 | ** The content in this amalgamation comes from Fossil check-in |
| 21 | ** 2b34b750b5528b6dda195bc1a3895dc3fe46 with changes in files: |
| 22 | ** |
| 23 | ** |
| 24 | */ |
| 25 | #ifndef SQLITE_AMALGAMATION |
| 26 | #define SQLITE_CORE 1 |
| @@ -467,14 +467,14 @@ | |
| 467 | ** [sqlite3_libversion_number()], [sqlite3_sourceid()], |
| 468 | ** [sqlite_version()] and [sqlite_source_id()]. |
| 469 | */ |
| 470 | #define SQLITE_VERSION "3.51.0" |
| 471 | #define SQLITE_VERSION_NUMBER 3051000 |
| 472 | #define SQLITE_SOURCE_ID "2025-09-27 11:54:49 2b34b750b5528b6dda195bc1a3895dc3fe46e70cbf992a78111316e2726c1ade" |
| 473 | #define SQLITE_SCM_BRANCH "trunk" |
| 474 | #define SQLITE_SCM_TAGS "" |
| 475 | #define SQLITE_SCM_DATETIME "2025-09-27T11:54:49.147Z" |
| 476 | |
| 477 | /* |
| 478 | ** CAPI3REF: Run-Time Library Version Numbers |
| 479 | ** KEYWORDS: sqlite3_version sqlite3_sourceid |
| 480 | ** |
| @@ -258706,11 +258706,11 @@ | |
| 258706 | int nArg, /* Number of args */ |
| 258707 | sqlite3_value **apUnused /* Function arguments */ |
| 258708 | ){ |
| 258709 | assert( nArg==0 ); |
| 258710 | UNUSED_PARAM2(nArg, apUnused); |
| 258711 | sqlite3_result_text(pCtx, "fts5: 2025-09-27 11:54:49 2b34b750b5528b6dda195bc1a3895dc3fe46e70cbf992a78111316e2726c1ade", -1, SQLITE_TRANSIENT); |
| 258712 | } |
| 258713 | |
| 258714 | /* |
| 258715 | ** Implementation of fts5_locale(LOCALE, TEXT) function. |
| 258716 | ** |
| 258717 |
+2
-2
| --- extsrc/sqlite3.h | ||
| +++ extsrc/sqlite3.h | ||
| @@ -146,14 +146,14 @@ | ||
| 146 | 146 | ** [sqlite3_libversion_number()], [sqlite3_sourceid()], |
| 147 | 147 | ** [sqlite_version()] and [sqlite_source_id()]. |
| 148 | 148 | */ |
| 149 | 149 | #define SQLITE_VERSION "3.51.0" |
| 150 | 150 | #define SQLITE_VERSION_NUMBER 3051000 |
| 151 | -#define SQLITE_SOURCE_ID "2025-09-26 15:38:52 869c968569b09d05a5b7d587d8fddb3b4611daf7467dc157701e5dc6c960alt1" | |
| 151 | +#define SQLITE_SOURCE_ID "2025-09-27 11:54:49 2b34b750b5528b6dda195bc1a3895dc3fe46e70cbf992a78111316e2726c1ade" | |
| 152 | 152 | #define SQLITE_SCM_BRANCH "trunk" |
| 153 | 153 | #define SQLITE_SCM_TAGS "" |
| 154 | -#define SQLITE_SCM_DATETIME "2025-09-26T15:38:52.279Z" | |
| 154 | +#define SQLITE_SCM_DATETIME "2025-09-27T11:54:49.147Z" | |
| 155 | 155 | |
| 156 | 156 | /* |
| 157 | 157 | ** CAPI3REF: Run-Time Library Version Numbers |
| 158 | 158 | ** KEYWORDS: sqlite3_version sqlite3_sourceid |
| 159 | 159 | ** |
| 160 | 160 |
| --- extsrc/sqlite3.h | |
| +++ extsrc/sqlite3.h | |
| @@ -146,14 +146,14 @@ | |
| 146 | ** [sqlite3_libversion_number()], [sqlite3_sourceid()], |
| 147 | ** [sqlite_version()] and [sqlite_source_id()]. |
| 148 | */ |
| 149 | #define SQLITE_VERSION "3.51.0" |
| 150 | #define SQLITE_VERSION_NUMBER 3051000 |
| 151 | #define SQLITE_SOURCE_ID "2025-09-26 15:38:52 869c968569b09d05a5b7d587d8fddb3b4611daf7467dc157701e5dc6c960alt1" |
| 152 | #define SQLITE_SCM_BRANCH "trunk" |
| 153 | #define SQLITE_SCM_TAGS "" |
| 154 | #define SQLITE_SCM_DATETIME "2025-09-26T15:38:52.279Z" |
| 155 | |
| 156 | /* |
| 157 | ** CAPI3REF: Run-Time Library Version Numbers |
| 158 | ** KEYWORDS: sqlite3_version sqlite3_sourceid |
| 159 | ** |
| 160 |
| --- extsrc/sqlite3.h | |
| +++ extsrc/sqlite3.h | |
| @@ -146,14 +146,14 @@ | |
| 146 | ** [sqlite3_libversion_number()], [sqlite3_sourceid()], |
| 147 | ** [sqlite_version()] and [sqlite_source_id()]. |
| 148 | */ |
| 149 | #define SQLITE_VERSION "3.51.0" |
| 150 | #define SQLITE_VERSION_NUMBER 3051000 |
| 151 | #define SQLITE_SOURCE_ID "2025-09-27 11:54:49 2b34b750b5528b6dda195bc1a3895dc3fe46e70cbf992a78111316e2726c1ade" |
| 152 | #define SQLITE_SCM_BRANCH "trunk" |
| 153 | #define SQLITE_SCM_TAGS "" |
| 154 | #define SQLITE_SCM_DATETIME "2025-09-27T11:54:49.147Z" |
| 155 | |
| 156 | /* |
| 157 | ** CAPI3REF: Run-Time Library Version Numbers |
| 158 | ** KEYWORDS: sqlite3_version sqlite3_sourceid |
| 159 | ** |
| 160 |
+79
-84
| --- src/regexp.c | ||
| +++ src/regexp.c | ||
| @@ -53,18 +53,16 @@ | ||
| 53 | 53 | ** expression and M is the size of the input string. The matcher never |
| 54 | 54 | ** exhibits exponential behavior. Note that the X{p,q} operator expands |
| 55 | 55 | ** to p copies of X following by q-p copies of X? and that the size of the |
| 56 | 56 | ** regular expression in the O(N*M) performance bound is computed after |
| 57 | 57 | ** this expansion. |
| 58 | +** | |
| 59 | +** To help prevent DoS attacks, the maximum size of the NFA is restricted. | |
| 58 | 60 | */ |
| 59 | 61 | #include "config.h" |
| 60 | 62 | #include "regexp.h" |
| 61 | 63 | |
| 62 | -#ifndef SQLITE_MAX_REGEXP_REPEAT | |
| 63 | -# define SQLITE_MAX_REGEXP_REPEAT 999 | |
| 64 | -#endif | |
| 65 | - | |
| 66 | 64 | /* The end-of-input character */ |
| 67 | 65 | #define RE_EOF 0 /* End of input */ |
| 68 | 66 | #define RE_START 0xfffffff /* Start of input - larger than an UTF-8 */ |
| 69 | 67 | |
| 70 | 68 | /* The NFA is implemented as sequence of opcodes taken from the following |
| @@ -119,11 +117,11 @@ | ||
| 119 | 117 | const char *zErr; /* Error message to return */ |
| 120 | 118 | char *aOp; /* Operators for the virtual machine */ |
| 121 | 119 | int *aArg; /* Arguments to each operator */ |
| 122 | 120 | unsigned (*xNextChar)(ReInput*); /* Next character function */ |
| 123 | 121 | unsigned char zInit[12]; /* Initial text to match */ |
| 124 | - int nInit; /* Number of characters in zInit */ | |
| 122 | + int nInit; /* Number of bytes in zInit */ | |
| 125 | 123 | unsigned nState; /* Number of entries in aOp[] and aArg[] */ |
| 126 | 124 | unsigned nAlloc; /* Slots allocated for aOp[] and aArg[] */ |
| 127 | 125 | unsigned mxAlloc; /* Complexity limit */ |
| 128 | 126 | }; |
| 129 | 127 | #endif |
| @@ -151,11 +149,11 @@ | ||
| 151 | 149 | }else if( (c&0xf0)==0xe0 && p->i+1<p->mx && (p->z[p->i]&0xc0)==0x80 |
| 152 | 150 | && (p->z[p->i+1]&0xc0)==0x80 ){ |
| 153 | 151 | c = (c&0x0f)<<12 | ((p->z[p->i]&0x3f)<<6) | (p->z[p->i+1]&0x3f); |
| 154 | 152 | p->i += 2; |
| 155 | 153 | if( c<=0x7ff || (c>=0xd800 && c<=0xdfff) ) c = 0xfffd; |
| 156 | - }else if( (c&0xf8)==0xf0 && p->i+3<p->mx && (p->z[p->i]&0xc0)==0x80 | |
| 154 | + }else if( (c&0xf8)==0xf0 && p->i+2<p->mx && (p->z[p->i]&0xc0)==0x80 | |
| 157 | 155 | && (p->z[p->i+1]&0xc0)==0x80 && (p->z[p->i+2]&0xc0)==0x80 ){ |
| 158 | 156 | c = (c&0x07)<<18 | ((p->z[p->i]&0x3f)<<12) | ((p->z[p->i+1]&0x3f)<<6) |
| 159 | 157 | | (p->z[p->i+2]&0x3f); |
| 160 | 158 | p->i += 3; |
| 161 | 159 | if( c<=0xffff || c>0x10ffff ) c = 0xfffd; |
| @@ -296,13 +294,13 @@ | ||
| 296 | 294 | rc = 1; |
| 297 | 295 | goto re_match_end; |
| 298 | 296 | } |
| 299 | 297 | case RE_OP_CC_EXC: { |
| 300 | 298 | if( c==0 ) break; |
| 301 | - /* fall-through */ | |
| 299 | + /* fall-through */ goto re_op_cc_inc; | |
| 302 | 300 | } |
| 303 | - case RE_OP_CC_INC: { | |
| 301 | + case RE_OP_CC_INC: re_op_cc_inc: { | |
| 304 | 302 | int j = 1; |
| 305 | 303 | int n = pRe->aArg[x]; |
| 306 | 304 | int hit = 0; |
| 307 | 305 | for(j=1; j>0 && j<n; j++){ |
| 308 | 306 | if( pRe->aOp[x+j]==RE_OP_CC_VALUE ){ |
| @@ -547,11 +545,11 @@ | ||
| 547 | 545 | if( n*2>p->mxAlloc ) return "REGEXP pattern too big"; |
| 548 | 546 | p->sIn.i++; |
| 549 | 547 | } |
| 550 | 548 | } |
| 551 | 549 | if( c!='}' ) return "unmatched '{'"; |
| 552 | - if( n>0 && n<m ) return "n less than m in '{m,n}'"; | |
| 550 | + if( n<m ) return "n less than m in '{m,n}'"; | |
| 553 | 551 | p->sIn.i++; |
| 554 | 552 | sz = p->nState - iPrev; |
| 555 | 553 | if( m==0 ){ |
| 556 | 554 | if( n==0 ) return "both m and n are zero in '{m,n}'"; |
| 557 | 555 | re_insert(p, iPrev, RE_OP_FORK, sz+1); |
| @@ -643,11 +641,11 @@ | ||
| 643 | 641 | ** Compile a textual regular expression in zIn[] into a compiled regular |
| 644 | 642 | ** expression suitable for us by re_match() and return a pointer to the |
| 645 | 643 | ** compiled regular expression in *ppRe. Return NULL on success or an |
| 646 | 644 | ** error message if something goes wrong. |
| 647 | 645 | */ |
| 648 | -const char *re_compile( | |
| 646 | +static const char *re_compile( | |
| 649 | 647 | ReCompiled **ppRe, /* OUT: write compiled NFA here */ |
| 650 | 648 | const char *zIn, /* Input regular expression */ |
| 651 | 649 | int mxRe, /* Complexity limit */ |
| 652 | 650 | int noCase /* True for caseless comparisons */ |
| 653 | 651 | ){ |
| @@ -716,10 +714,79 @@ | ||
| 716 | 714 | if( j>0 && pRe->zInit[j-1]==0 ) j--; |
| 717 | 715 | pRe->nInit = j; |
| 718 | 716 | } |
| 719 | 717 | return pRe->zErr; |
| 720 | 718 | } |
| 719 | + | |
| 720 | +/* | |
| 721 | +** Implementation of the regexp() SQL function. This function implements | |
| 722 | +** the build-in REGEXP operator. The first argument to the function is the | |
| 723 | +** pattern and the second argument is the string. So, the SQL statements: | |
| 724 | +** | |
| 725 | +** A REGEXP B | |
| 726 | +** | |
| 727 | +** is implemented as regexp(B,A). | |
| 728 | +*/ | |
| 729 | +static void re_sql_func( | |
| 730 | + sqlite3_context *context, | |
| 731 | + int argc, | |
| 732 | + sqlite3_value **argv | |
| 733 | +){ | |
| 734 | + ReCompiled *pRe; /* Compiled regular expression */ | |
| 735 | + const char *zPattern; /* The regular expression */ | |
| 736 | + const unsigned char *zStr;/* String being searched */ | |
| 737 | + const char *zErr; /* Compile error message */ | |
| 738 | + int setAux = 0; /* True to invoke sqlite3_set_auxdata() */ | |
| 739 | + | |
| 740 | + (void)argc; /* Unused */ | |
| 741 | + pRe = sqlite3_get_auxdata(context, 0); | |
| 742 | + if( pRe==0 ){ | |
| 743 | + zPattern = (const char*)sqlite3_value_text(argv[0]); | |
| 744 | + if( zPattern==0 ) return; | |
| 745 | + zErr = fossil_re_compile(&pRe, zPattern, sqlite3_user_data(context)!=0); | |
| 746 | + if( zErr ){ | |
| 747 | + re_free(pRe); | |
| 748 | + /* The original SQLite function from which this code was copied raises | |
| 749 | + ** an error if the REGEXP contained a syntax error. This variant | |
| 750 | + ** silently fails to match, as that works better for Fossil. | |
| 751 | + ** sqlite3_result_error(context, zErr, -1); */ | |
| 752 | + sqlite3_result_int(context, 0); | |
| 753 | + return; | |
| 754 | + } | |
| 755 | + if( pRe==0 ){ | |
| 756 | + sqlite3_result_error_nomem(context); | |
| 757 | + return; | |
| 758 | + } | |
| 759 | + setAux = 1; | |
| 760 | + } | |
| 761 | + zStr = (const unsigned char*)sqlite3_value_text(argv[1]); | |
| 762 | + if( zStr!=0 ){ | |
| 763 | + sqlite3_result_int(context, re_match(pRe, zStr, -1)); | |
| 764 | + } | |
| 765 | + if( setAux ){ | |
| 766 | + sqlite3_set_auxdata(context, 0, pRe, (void(*)(void*))re_free); | |
| 767 | + } | |
| 768 | +} | |
| 769 | + | |
| 770 | +/* | |
| 771 | +** Invoke this routine to register the regexp() function with the | |
| 772 | +** SQLite database connection. | |
| 773 | +*/ | |
| 774 | +int re_add_sql_func(sqlite3 *db){ | |
| 775 | + int rc; | |
| 776 | + rc = sqlite3_create_function(db, "regexp", 2, | |
| 777 | + SQLITE_UTF8|SQLITE_INNOCUOUS|SQLITE_DETERMINISTIC, | |
| 778 | + 0, re_sql_func, 0, 0); | |
| 779 | + if( rc==SQLITE_OK ){ | |
| 780 | + /* The regexpi(PATTERN,STRING) function is a case-insensitive version | |
| 781 | + ** of regexp(PATTERN,STRING). */ | |
| 782 | + rc = sqlite3_create_function(db, "regexpi", 2, | |
| 783 | + SQLITE_UTF8|SQLITE_INNOCUOUS|SQLITE_DETERMINISTIC, | |
| 784 | + (void*)db, re_sql_func, 0, 0); | |
| 785 | + } | |
| 786 | + return rc; | |
| 787 | +} | |
| 721 | 788 | |
| 722 | 789 | /* |
| 723 | 790 | ** The input zIn is a string that we want to match exactly as part of |
| 724 | 791 | ** a regular expression. Return a new string (in space obtained from |
| 725 | 792 | ** fossil_malloc() or the equivalent) that escapes all regexp syntax |
| @@ -764,92 +831,20 @@ | ||
| 764 | 831 | ** Limit the size of the bytecode used to implement a regular expression |
| 765 | 832 | ** to this many steps. It is important to limit this to avoid possible |
| 766 | 833 | ** DoS attacks. |
| 767 | 834 | */ |
| 768 | 835 | |
| 769 | -/* | |
| 770 | -** Compute a reasonable limit on the length of the REGEXP NFA. | |
| 771 | -*/ | |
| 772 | -int re_maxlen(void){ | |
| 773 | - return g.db ? db_get_int("regexp-limit", 1000) : 1000; | |
| 774 | -} | |
| 775 | - | |
| 776 | 836 | /* |
| 777 | 837 | ** Compile an RE using re_maxlen(). |
| 778 | 838 | */ |
| 779 | 839 | const char *fossil_re_compile( |
| 780 | 840 | ReCompiled **ppRe, /* OUT: write compiled NFA here */ |
| 781 | 841 | const char *zIn, /* Input regular expression */ |
| 782 | 842 | int noCase /* True for caseless comparisons */ |
| 783 | 843 | ){ |
| 784 | - return re_compile(ppRe, zIn, re_maxlen(), noCase); | |
| 785 | -} | |
| 786 | - | |
| 787 | -/* | |
| 788 | -** Implementation of the regexp() SQL function. This function implements | |
| 789 | -** the build-in REGEXP operator. The first argument to the function is the | |
| 790 | -** pattern and the second argument is the string. So, the SQL statements: | |
| 791 | -** | |
| 792 | -** A REGEXP B | |
| 793 | -** | |
| 794 | -** is implemented as regexp(B,A). | |
| 795 | -*/ | |
| 796 | -static void re_sql_func( | |
| 797 | - sqlite3_context *context, | |
| 798 | - int argc, | |
| 799 | - sqlite3_value **argv | |
| 800 | -){ | |
| 801 | - ReCompiled *pRe; /* Compiled regular expression */ | |
| 802 | - const char *zPattern; /* The regular expression */ | |
| 803 | - const unsigned char *zStr;/* String being searched */ | |
| 804 | - const char *zErr; /* Compile error message */ | |
| 805 | - int setAux = 0; /* True to invoke sqlite3_set_auxdata() */ | |
| 806 | - | |
| 807 | - (void)argc; /* Unused */ | |
| 808 | - pRe = sqlite3_get_auxdata(context, 0); | |
| 809 | - if( pRe==0 ){ | |
| 810 | - zPattern = (const char*)sqlite3_value_text(argv[0]); | |
| 811 | - if( zPattern==0 ) return; | |
| 812 | - zErr = fossil_re_compile(&pRe, zPattern, sqlite3_user_data(context)!=0); | |
| 813 | - if( zErr ){ | |
| 814 | - re_free(pRe); | |
| 815 | - sqlite3_result_int(context, 0); | |
| 816 | - /* sqlite3_result_error(context, zErr, -1); */ | |
| 817 | - return; | |
| 818 | - } | |
| 819 | - if( pRe==0 ){ | |
| 820 | - sqlite3_result_error_nomem(context); | |
| 821 | - return; | |
| 822 | - } | |
| 823 | - setAux = 1; | |
| 824 | - } | |
| 825 | - zStr = (const unsigned char*)sqlite3_value_text(argv[1]); | |
| 826 | - if( zStr!=0 ){ | |
| 827 | - sqlite3_result_int(context, re_match(pRe, zStr, -1)); | |
| 828 | - } | |
| 829 | - if( setAux ){ | |
| 830 | - sqlite3_set_auxdata(context, 0, pRe, (void(*)(void*))re_free); | |
| 831 | - } | |
| 832 | -} | |
| 833 | - | |
| 834 | -/* | |
| 835 | -** Invoke this routine to register the regexp() function with the | |
| 836 | -** SQLite database connection. | |
| 837 | -*/ | |
| 838 | -int re_add_sql_func(sqlite3 *db){ | |
| 839 | - int rc; | |
| 840 | - rc = sqlite3_create_function(db, "regexp", 2, | |
| 841 | - SQLITE_UTF8|SQLITE_INNOCUOUS|SQLITE_DETERMINISTIC, | |
| 842 | - 0, re_sql_func, 0, 0); | |
| 843 | - if( rc==SQLITE_OK ){ | |
| 844 | - /* The regexpi(PATTERN,STRING) function is a case-insensitive version | |
| 845 | - ** of regexp(PATTERN,STRING). */ | |
| 846 | - rc = sqlite3_create_function(db, "regexpi", 2, | |
| 847 | - SQLITE_UTF8|SQLITE_INNOCUOUS|SQLITE_DETERMINISTIC, | |
| 848 | - (void*)db, re_sql_func, 0, 0); | |
| 849 | - } | |
| 850 | - return rc; | |
| 844 | + int mxLen = g.db ? db_get_int("regexp-limit",1000) : 1000; | |
| 845 | + return re_compile(ppRe, zIn, mxLen, noCase); | |
| 851 | 846 | } |
| 852 | 847 | |
| 853 | 848 | /* |
| 854 | 849 | ** Run a "grep" over a single file read from disk. |
| 855 | 850 | */ |
| 856 | 851 |
| --- src/regexp.c | |
| +++ src/regexp.c | |
| @@ -53,18 +53,16 @@ | |
| 53 | ** expression and M is the size of the input string. The matcher never |
| 54 | ** exhibits exponential behavior. Note that the X{p,q} operator expands |
| 55 | ** to p copies of X following by q-p copies of X? and that the size of the |
| 56 | ** regular expression in the O(N*M) performance bound is computed after |
| 57 | ** this expansion. |
| 58 | */ |
| 59 | #include "config.h" |
| 60 | #include "regexp.h" |
| 61 | |
| 62 | #ifndef SQLITE_MAX_REGEXP_REPEAT |
| 63 | # define SQLITE_MAX_REGEXP_REPEAT 999 |
| 64 | #endif |
| 65 | |
| 66 | /* The end-of-input character */ |
| 67 | #define RE_EOF 0 /* End of input */ |
| 68 | #define RE_START 0xfffffff /* Start of input - larger than an UTF-8 */ |
| 69 | |
| 70 | /* The NFA is implemented as sequence of opcodes taken from the following |
| @@ -119,11 +117,11 @@ | |
| 119 | const char *zErr; /* Error message to return */ |
| 120 | char *aOp; /* Operators for the virtual machine */ |
| 121 | int *aArg; /* Arguments to each operator */ |
| 122 | unsigned (*xNextChar)(ReInput*); /* Next character function */ |
| 123 | unsigned char zInit[12]; /* Initial text to match */ |
| 124 | int nInit; /* Number of characters in zInit */ |
| 125 | unsigned nState; /* Number of entries in aOp[] and aArg[] */ |
| 126 | unsigned nAlloc; /* Slots allocated for aOp[] and aArg[] */ |
| 127 | unsigned mxAlloc; /* Complexity limit */ |
| 128 | }; |
| 129 | #endif |
| @@ -151,11 +149,11 @@ | |
| 151 | }else if( (c&0xf0)==0xe0 && p->i+1<p->mx && (p->z[p->i]&0xc0)==0x80 |
| 152 | && (p->z[p->i+1]&0xc0)==0x80 ){ |
| 153 | c = (c&0x0f)<<12 | ((p->z[p->i]&0x3f)<<6) | (p->z[p->i+1]&0x3f); |
| 154 | p->i += 2; |
| 155 | if( c<=0x7ff || (c>=0xd800 && c<=0xdfff) ) c = 0xfffd; |
| 156 | }else if( (c&0xf8)==0xf0 && p->i+3<p->mx && (p->z[p->i]&0xc0)==0x80 |
| 157 | && (p->z[p->i+1]&0xc0)==0x80 && (p->z[p->i+2]&0xc0)==0x80 ){ |
| 158 | c = (c&0x07)<<18 | ((p->z[p->i]&0x3f)<<12) | ((p->z[p->i+1]&0x3f)<<6) |
| 159 | | (p->z[p->i+2]&0x3f); |
| 160 | p->i += 3; |
| 161 | if( c<=0xffff || c>0x10ffff ) c = 0xfffd; |
| @@ -296,13 +294,13 @@ | |
| 296 | rc = 1; |
| 297 | goto re_match_end; |
| 298 | } |
| 299 | case RE_OP_CC_EXC: { |
| 300 | if( c==0 ) break; |
| 301 | /* fall-through */ |
| 302 | } |
| 303 | case RE_OP_CC_INC: { |
| 304 | int j = 1; |
| 305 | int n = pRe->aArg[x]; |
| 306 | int hit = 0; |
| 307 | for(j=1; j>0 && j<n; j++){ |
| 308 | if( pRe->aOp[x+j]==RE_OP_CC_VALUE ){ |
| @@ -547,11 +545,11 @@ | |
| 547 | if( n*2>p->mxAlloc ) return "REGEXP pattern too big"; |
| 548 | p->sIn.i++; |
| 549 | } |
| 550 | } |
| 551 | if( c!='}' ) return "unmatched '{'"; |
| 552 | if( n>0 && n<m ) return "n less than m in '{m,n}'"; |
| 553 | p->sIn.i++; |
| 554 | sz = p->nState - iPrev; |
| 555 | if( m==0 ){ |
| 556 | if( n==0 ) return "both m and n are zero in '{m,n}'"; |
| 557 | re_insert(p, iPrev, RE_OP_FORK, sz+1); |
| @@ -643,11 +641,11 @@ | |
| 643 | ** Compile a textual regular expression in zIn[] into a compiled regular |
| 644 | ** expression suitable for us by re_match() and return a pointer to the |
| 645 | ** compiled regular expression in *ppRe. Return NULL on success or an |
| 646 | ** error message if something goes wrong. |
| 647 | */ |
| 648 | const char *re_compile( |
| 649 | ReCompiled **ppRe, /* OUT: write compiled NFA here */ |
| 650 | const char *zIn, /* Input regular expression */ |
| 651 | int mxRe, /* Complexity limit */ |
| 652 | int noCase /* True for caseless comparisons */ |
| 653 | ){ |
| @@ -716,10 +714,79 @@ | |
| 716 | if( j>0 && pRe->zInit[j-1]==0 ) j--; |
| 717 | pRe->nInit = j; |
| 718 | } |
| 719 | return pRe->zErr; |
| 720 | } |
| 721 | |
| 722 | /* |
| 723 | ** The input zIn is a string that we want to match exactly as part of |
| 724 | ** a regular expression. Return a new string (in space obtained from |
| 725 | ** fossil_malloc() or the equivalent) that escapes all regexp syntax |
| @@ -764,92 +831,20 @@ | |
| 764 | ** Limit the size of the bytecode used to implement a regular expression |
| 765 | ** to this many steps. It is important to limit this to avoid possible |
| 766 | ** DoS attacks. |
| 767 | */ |
| 768 | |
| 769 | /* |
| 770 | ** Compute a reasonable limit on the length of the REGEXP NFA. |
| 771 | */ |
| 772 | int re_maxlen(void){ |
| 773 | return g.db ? db_get_int("regexp-limit", 1000) : 1000; |
| 774 | } |
| 775 | |
| 776 | /* |
| 777 | ** Compile an RE using re_maxlen(). |
| 778 | */ |
| 779 | const char *fossil_re_compile( |
| 780 | ReCompiled **ppRe, /* OUT: write compiled NFA here */ |
| 781 | const char *zIn, /* Input regular expression */ |
| 782 | int noCase /* True for caseless comparisons */ |
| 783 | ){ |
| 784 | return re_compile(ppRe, zIn, re_maxlen(), noCase); |
| 785 | } |
| 786 | |
| 787 | /* |
| 788 | ** Implementation of the regexp() SQL function. This function implements |
| 789 | ** the build-in REGEXP operator. The first argument to the function is the |
| 790 | ** pattern and the second argument is the string. So, the SQL statements: |
| 791 | ** |
| 792 | ** A REGEXP B |
| 793 | ** |
| 794 | ** is implemented as regexp(B,A). |
| 795 | */ |
| 796 | static void re_sql_func( |
| 797 | sqlite3_context *context, |
| 798 | int argc, |
| 799 | sqlite3_value **argv |
| 800 | ){ |
| 801 | ReCompiled *pRe; /* Compiled regular expression */ |
| 802 | const char *zPattern; /* The regular expression */ |
| 803 | const unsigned char *zStr;/* String being searched */ |
| 804 | const char *zErr; /* Compile error message */ |
| 805 | int setAux = 0; /* True to invoke sqlite3_set_auxdata() */ |
| 806 | |
| 807 | (void)argc; /* Unused */ |
| 808 | pRe = sqlite3_get_auxdata(context, 0); |
| 809 | if( pRe==0 ){ |
| 810 | zPattern = (const char*)sqlite3_value_text(argv[0]); |
| 811 | if( zPattern==0 ) return; |
| 812 | zErr = fossil_re_compile(&pRe, zPattern, sqlite3_user_data(context)!=0); |
| 813 | if( zErr ){ |
| 814 | re_free(pRe); |
| 815 | sqlite3_result_int(context, 0); |
| 816 | /* sqlite3_result_error(context, zErr, -1); */ |
| 817 | return; |
| 818 | } |
| 819 | if( pRe==0 ){ |
| 820 | sqlite3_result_error_nomem(context); |
| 821 | return; |
| 822 | } |
| 823 | setAux = 1; |
| 824 | } |
| 825 | zStr = (const unsigned char*)sqlite3_value_text(argv[1]); |
| 826 | if( zStr!=0 ){ |
| 827 | sqlite3_result_int(context, re_match(pRe, zStr, -1)); |
| 828 | } |
| 829 | if( setAux ){ |
| 830 | sqlite3_set_auxdata(context, 0, pRe, (void(*)(void*))re_free); |
| 831 | } |
| 832 | } |
| 833 | |
| 834 | /* |
| 835 | ** Invoke this routine to register the regexp() function with the |
| 836 | ** SQLite database connection. |
| 837 | */ |
| 838 | int re_add_sql_func(sqlite3 *db){ |
| 839 | int rc; |
| 840 | rc = sqlite3_create_function(db, "regexp", 2, |
| 841 | SQLITE_UTF8|SQLITE_INNOCUOUS|SQLITE_DETERMINISTIC, |
| 842 | 0, re_sql_func, 0, 0); |
| 843 | if( rc==SQLITE_OK ){ |
| 844 | /* The regexpi(PATTERN,STRING) function is a case-insensitive version |
| 845 | ** of regexp(PATTERN,STRING). */ |
| 846 | rc = sqlite3_create_function(db, "regexpi", 2, |
| 847 | SQLITE_UTF8|SQLITE_INNOCUOUS|SQLITE_DETERMINISTIC, |
| 848 | (void*)db, re_sql_func, 0, 0); |
| 849 | } |
| 850 | return rc; |
| 851 | } |
| 852 | |
| 853 | /* |
| 854 | ** Run a "grep" over a single file read from disk. |
| 855 | */ |
| 856 |
| --- src/regexp.c | |
| +++ src/regexp.c | |
| @@ -53,18 +53,16 @@ | |
| 53 | ** expression and M is the size of the input string. The matcher never |
| 54 | ** exhibits exponential behavior. Note that the X{p,q} operator expands |
| 55 | ** to p copies of X following by q-p copies of X? and that the size of the |
| 56 | ** regular expression in the O(N*M) performance bound is computed after |
| 57 | ** this expansion. |
| 58 | ** |
| 59 | ** To help prevent DoS attacks, the maximum size of the NFA is restricted. |
| 60 | */ |
| 61 | #include "config.h" |
| 62 | #include "regexp.h" |
| 63 | |
| 64 | /* The end-of-input character */ |
| 65 | #define RE_EOF 0 /* End of input */ |
| 66 | #define RE_START 0xfffffff /* Start of input - larger than an UTF-8 */ |
| 67 | |
| 68 | /* The NFA is implemented as sequence of opcodes taken from the following |
| @@ -119,11 +117,11 @@ | |
| 117 | const char *zErr; /* Error message to return */ |
| 118 | char *aOp; /* Operators for the virtual machine */ |
| 119 | int *aArg; /* Arguments to each operator */ |
| 120 | unsigned (*xNextChar)(ReInput*); /* Next character function */ |
| 121 | unsigned char zInit[12]; /* Initial text to match */ |
| 122 | int nInit; /* Number of bytes in zInit */ |
| 123 | unsigned nState; /* Number of entries in aOp[] and aArg[] */ |
| 124 | unsigned nAlloc; /* Slots allocated for aOp[] and aArg[] */ |
| 125 | unsigned mxAlloc; /* Complexity limit */ |
| 126 | }; |
| 127 | #endif |
| @@ -151,11 +149,11 @@ | |
| 149 | }else if( (c&0xf0)==0xe0 && p->i+1<p->mx && (p->z[p->i]&0xc0)==0x80 |
| 150 | && (p->z[p->i+1]&0xc0)==0x80 ){ |
| 151 | c = (c&0x0f)<<12 | ((p->z[p->i]&0x3f)<<6) | (p->z[p->i+1]&0x3f); |
| 152 | p->i += 2; |
| 153 | if( c<=0x7ff || (c>=0xd800 && c<=0xdfff) ) c = 0xfffd; |
| 154 | }else if( (c&0xf8)==0xf0 && p->i+2<p->mx && (p->z[p->i]&0xc0)==0x80 |
| 155 | && (p->z[p->i+1]&0xc0)==0x80 && (p->z[p->i+2]&0xc0)==0x80 ){ |
| 156 | c = (c&0x07)<<18 | ((p->z[p->i]&0x3f)<<12) | ((p->z[p->i+1]&0x3f)<<6) |
| 157 | | (p->z[p->i+2]&0x3f); |
| 158 | p->i += 3; |
| 159 | if( c<=0xffff || c>0x10ffff ) c = 0xfffd; |
| @@ -296,13 +294,13 @@ | |
| 294 | rc = 1; |
| 295 | goto re_match_end; |
| 296 | } |
| 297 | case RE_OP_CC_EXC: { |
| 298 | if( c==0 ) break; |
| 299 | /* fall-through */ goto re_op_cc_inc; |
| 300 | } |
| 301 | case RE_OP_CC_INC: re_op_cc_inc: { |
| 302 | int j = 1; |
| 303 | int n = pRe->aArg[x]; |
| 304 | int hit = 0; |
| 305 | for(j=1; j>0 && j<n; j++){ |
| 306 | if( pRe->aOp[x+j]==RE_OP_CC_VALUE ){ |
| @@ -547,11 +545,11 @@ | |
| 545 | if( n*2>p->mxAlloc ) return "REGEXP pattern too big"; |
| 546 | p->sIn.i++; |
| 547 | } |
| 548 | } |
| 549 | if( c!='}' ) return "unmatched '{'"; |
| 550 | if( n<m ) return "n less than m in '{m,n}'"; |
| 551 | p->sIn.i++; |
| 552 | sz = p->nState - iPrev; |
| 553 | if( m==0 ){ |
| 554 | if( n==0 ) return "both m and n are zero in '{m,n}'"; |
| 555 | re_insert(p, iPrev, RE_OP_FORK, sz+1); |
| @@ -643,11 +641,11 @@ | |
| 641 | ** Compile a textual regular expression in zIn[] into a compiled regular |
| 642 | ** expression suitable for us by re_match() and return a pointer to the |
| 643 | ** compiled regular expression in *ppRe. Return NULL on success or an |
| 644 | ** error message if something goes wrong. |
| 645 | */ |
| 646 | static const char *re_compile( |
| 647 | ReCompiled **ppRe, /* OUT: write compiled NFA here */ |
| 648 | const char *zIn, /* Input regular expression */ |
| 649 | int mxRe, /* Complexity limit */ |
| 650 | int noCase /* True for caseless comparisons */ |
| 651 | ){ |
| @@ -716,10 +714,79 @@ | |
| 714 | if( j>0 && pRe->zInit[j-1]==0 ) j--; |
| 715 | pRe->nInit = j; |
| 716 | } |
| 717 | return pRe->zErr; |
| 718 | } |
| 719 | |
| 720 | /* |
| 721 | ** Implementation of the regexp() SQL function. This function implements |
| 722 | ** the build-in REGEXP operator. The first argument to the function is the |
| 723 | ** pattern and the second argument is the string. So, the SQL statements: |
| 724 | ** |
| 725 | ** A REGEXP B |
| 726 | ** |
| 727 | ** is implemented as regexp(B,A). |
| 728 | */ |
| 729 | static void re_sql_func( |
| 730 | sqlite3_context *context, |
| 731 | int argc, |
| 732 | sqlite3_value **argv |
| 733 | ){ |
| 734 | ReCompiled *pRe; /* Compiled regular expression */ |
| 735 | const char *zPattern; /* The regular expression */ |
| 736 | const unsigned char *zStr;/* String being searched */ |
| 737 | const char *zErr; /* Compile error message */ |
| 738 | int setAux = 0; /* True to invoke sqlite3_set_auxdata() */ |
| 739 | |
| 740 | (void)argc; /* Unused */ |
| 741 | pRe = sqlite3_get_auxdata(context, 0); |
| 742 | if( pRe==0 ){ |
| 743 | zPattern = (const char*)sqlite3_value_text(argv[0]); |
| 744 | if( zPattern==0 ) return; |
| 745 | zErr = fossil_re_compile(&pRe, zPattern, sqlite3_user_data(context)!=0); |
| 746 | if( zErr ){ |
| 747 | re_free(pRe); |
| 748 | /* The original SQLite function from which this code was copied raises |
| 749 | ** an error if the REGEXP contained a syntax error. This variant |
| 750 | ** silently fails to match, as that works better for Fossil. |
| 751 | ** sqlite3_result_error(context, zErr, -1); */ |
| 752 | sqlite3_result_int(context, 0); |
| 753 | return; |
| 754 | } |
| 755 | if( pRe==0 ){ |
| 756 | sqlite3_result_error_nomem(context); |
| 757 | return; |
| 758 | } |
| 759 | setAux = 1; |
| 760 | } |
| 761 | zStr = (const unsigned char*)sqlite3_value_text(argv[1]); |
| 762 | if( zStr!=0 ){ |
| 763 | sqlite3_result_int(context, re_match(pRe, zStr, -1)); |
| 764 | } |
| 765 | if( setAux ){ |
| 766 | sqlite3_set_auxdata(context, 0, pRe, (void(*)(void*))re_free); |
| 767 | } |
| 768 | } |
| 769 | |
| 770 | /* |
| 771 | ** Invoke this routine to register the regexp() function with the |
| 772 | ** SQLite database connection. |
| 773 | */ |
| 774 | int re_add_sql_func(sqlite3 *db){ |
| 775 | int rc; |
| 776 | rc = sqlite3_create_function(db, "regexp", 2, |
| 777 | SQLITE_UTF8|SQLITE_INNOCUOUS|SQLITE_DETERMINISTIC, |
| 778 | 0, re_sql_func, 0, 0); |
| 779 | if( rc==SQLITE_OK ){ |
| 780 | /* The regexpi(PATTERN,STRING) function is a case-insensitive version |
| 781 | ** of regexp(PATTERN,STRING). */ |
| 782 | rc = sqlite3_create_function(db, "regexpi", 2, |
| 783 | SQLITE_UTF8|SQLITE_INNOCUOUS|SQLITE_DETERMINISTIC, |
| 784 | (void*)db, re_sql_func, 0, 0); |
| 785 | } |
| 786 | return rc; |
| 787 | } |
| 788 | |
| 789 | /* |
| 790 | ** The input zIn is a string that we want to match exactly as part of |
| 791 | ** a regular expression. Return a new string (in space obtained from |
| 792 | ** fossil_malloc() or the equivalent) that escapes all regexp syntax |
| @@ -764,92 +831,20 @@ | |
| 831 | ** Limit the size of the bytecode used to implement a regular expression |
| 832 | ** to this many steps. It is important to limit this to avoid possible |
| 833 | ** DoS attacks. |
| 834 | */ |
| 835 | |
| 836 | /* |
| 837 | ** Compile an RE using re_maxlen(). |
| 838 | */ |
| 839 | const char *fossil_re_compile( |
| 840 | ReCompiled **ppRe, /* OUT: write compiled NFA here */ |
| 841 | const char *zIn, /* Input regular expression */ |
| 842 | int noCase /* True for caseless comparisons */ |
| 843 | ){ |
| 844 | int mxLen = g.db ? db_get_int("regexp-limit",1000) : 1000; |
| 845 | return re_compile(ppRe, zIn, mxLen, noCase); |
| 846 | } |
| 847 | |
| 848 | /* |
| 849 | ** Run a "grep" over a single file read from disk. |
| 850 | */ |
| 851 |