[Forensics-changes] [yara] 146/192: Fix issue #626
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:31:58 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.6.0
in repository yara.
commit 64e67ade08b8d84078c605863b2c7977213299f0
Author: plusvic <plusvic at gmail.com>
Date: Mon Apr 24 18:21:16 2017 +0200
Fix issue #626
The zero-sized repeat in regexps like /a{0}/ and /a{0,0}/ prevented the code for the regexp from being generated. Many regexp engines accept 0 repeats, but they are useless and we are forbidding them in YARA.
---
libyara/re_lexer.c | 255 +++++++++++++++++++++++++++++++++--------------------
libyara/re_lexer.l | 12 +++
tests/test-rules.c | 4 +-
3 files changed, 174 insertions(+), 97 deletions(-)
diff --git a/libyara/re_lexer.c b/libyara/re_lexer.c
index 0314edb..ca1d8ce 100644
--- a/libyara/re_lexer.c
+++ b/libyara/re_lexer.c
@@ -8,8 +8,8 @@
#define FLEX_SCANNER
#define YY_FLEX_MAJOR_VERSION 2
-#define YY_FLEX_MINOR_VERSION 5
-#define YY_FLEX_SUBMINOR_VERSION 35
+#define YY_FLEX_MINOR_VERSION 6
+#define YY_FLEX_SUBMINOR_VERSION 0
#if YY_FLEX_SUBMINOR_VERSION > 0
#define FLEX_BETA
#endif
@@ -47,7 +47,6 @@ typedef int16_t flex_int16_t;
typedef uint16_t flex_uint16_t;
typedef int32_t flex_int32_t;
typedef uint32_t flex_uint32_t;
-typedef uint64_t flex_uint64_t;
#else
typedef signed char flex_int8_t;
typedef short int flex_int16_t;
@@ -55,7 +54,6 @@ typedef int flex_int32_t;
typedef unsigned char flex_uint8_t;
typedef unsigned short int flex_uint16_t;
typedef unsigned int flex_uint32_t;
-#endif /* ! C99 */
/* Limits of integral types. */
#ifndef INT8_MIN
@@ -86,6 +84,8 @@ typedef unsigned int flex_uint32_t;
#define UINT32_MAX (4294967295U)
#endif
+#endif /* ! C99 */
+
#endif /* ! FLEXINT_H */
#ifdef __cplusplus
@@ -159,7 +159,15 @@ typedef void* yyscan_t;
/* Size of default input buffer. */
#ifndef YY_BUF_SIZE
+#ifdef __ia64__
+/* On IA-64, the buffer size is 16k, not 8k.
+ * Moreover, YY_BUF_SIZE is 2*YY_READ_BUF_SIZE in the general case.
+ * Ditto for the __ia64__ case accordingly.
+ */
+#define YY_BUF_SIZE 32768
+#else
#define YY_BUF_SIZE 16384
+#endif /* __ia64__ */
#endif
/* The state buf must be large enough to hold one state per character in the main buffer.
@@ -189,11 +197,18 @@ typedef size_t yy_size_t;
*/
#define YY_LESS_LINENO(n) \
do { \
- yy_size_t yyl;\
+ int yyl;\
for ( yyl = n; yyl < yyleng; ++yyl )\
if ( yytext[yyl] == '\n' )\
--yylineno;\
}while(0)
+ #define YY_LINENO_REWIND_TO(dst) \
+ do {\
+ const char *p;\
+ for ( p = yy_cp-1; p >= (dst); --p)\
+ if ( *p == '\n' )\
+ --yylineno;\
+ }while(0)
/* Return all but the first "n" matched characters back to the input stream. */
#define yyless(n) \
@@ -339,7 +354,7 @@ void re_yyfree (void * ,yyscan_t yyscanner );
/* Begin user sect3 */
-#define re_yywrap(n) 1
+#define re_yywrap(yyscanner) (/*CONSTCOND*/1)
#define YY_SKIP_YYWRAP
typedef unsigned char YY_CHAR;
@@ -351,6 +366,9 @@ typedef int yy_state_type;
static yy_state_type yy_get_previous_state (yyscan_t yyscanner );
static yy_state_type yy_try_NUL_trans (yy_state_type current_state ,yyscan_t yyscanner);
static int yy_get_next_buffer (yyscan_t yyscanner );
+#if defined(__GNUC__) && __GNUC__ >= 3
+__attribute__((__noreturn__))
+#endif
static void yy_fatal_error (yyconst char msg[] ,yyscan_t yyscanner );
/* Done after the current pattern has been matched and before the
@@ -358,7 +376,7 @@ static void yy_fatal_error (yyconst char msg[] ,yyscan_t yyscanner );
*/
#define YY_DO_BEFORE_ACTION \
yyg->yytext_ptr = yy_bp; \
- yyleng = (yy_size_t) (yy_cp - yy_bp); \
+ yyleng = (size_t) (yy_cp - yy_bp); \
yyg->yy_hold_char = *yy_cp; \
*yy_cp = '\0'; \
yyg->yy_c_buf_p = yy_cp;
@@ -381,7 +399,7 @@ static yyconst flex_int16_t yy_accept[45] =
2, 19, 0, 0
} ;
-static yyconst flex_int32_t yy_ec[256] =
+static yyconst YY_CHAR yy_ec[256] =
{ 0,
1, 1, 1, 1, 1, 1, 1, 1, 1, 2,
1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
@@ -413,14 +431,14 @@ static yyconst flex_int32_t yy_ec[256] =
1, 1, 1, 1, 1
} ;
-static yyconst flex_int32_t yy_meta[23] =
+static yyconst YY_CHAR yy_meta[23] =
{ 0,
1, 2, 1, 1, 3, 4, 4, 4, 4, 1,
1, 1, 1, 5, 1, 4, 4, 1, 1, 1,
1, 1
} ;
-static yyconst flex_int16_t yy_base[51] =
+static yyconst flex_uint16_t yy_base[51] =
{ 0,
0, 20, 3, 5, 50, 89, 89, 89, 10, 36,
0, 44, 43, 47, 38, 89, 26, 33, 89, 89,
@@ -438,7 +456,7 @@ static yyconst flex_int16_t yy_def[51] =
44, 44, 50, 0, 44, 44, 44, 44, 44, 44
} ;
-static yyconst flex_int16_t yy_nxt[112] =
+static yyconst flex_uint16_t yy_nxt[112] =
{ 0,
44, 7, 8, 27, 13, 28, 13, 30, 27, 39,
28, 9, 10, 39, 8, 14, 15, 14, 15, 29,
@@ -564,7 +582,7 @@ int read_escaped_char(
#define YY_NO_UNISTD_H 1
-#line 568 "re_lexer.c"
+#line 586 "re_lexer.c"
#define INITIAL 0
#define char_class 1
@@ -642,11 +660,11 @@ void re_yyset_extra (YY_EXTRA_TYPE user_defined ,yyscan_t yyscanner );
FILE *re_yyget_in (yyscan_t yyscanner );
-void re_yyset_in (FILE * in_str ,yyscan_t yyscanner );
+void re_yyset_in (FILE * _in_str ,yyscan_t yyscanner );
FILE *re_yyget_out (yyscan_t yyscanner );
-void re_yyset_out (FILE * out_str ,yyscan_t yyscanner );
+void re_yyset_out (FILE * _out_str ,yyscan_t yyscanner );
yy_size_t re_yyget_leng (yyscan_t yyscanner );
@@ -654,7 +672,11 @@ char *re_yyget_text (yyscan_t yyscanner );
int re_yyget_lineno (yyscan_t yyscanner );
-void re_yyset_lineno (int line_number ,yyscan_t yyscanner );
+void re_yyset_lineno (int _line_number ,yyscan_t yyscanner );
+
+int re_yyget_column (yyscan_t yyscanner );
+
+void re_yyset_column (int _column_no ,yyscan_t yyscanner );
YYSTYPE * re_yyget_lval (yyscan_t yyscanner );
@@ -672,6 +694,10 @@ extern int re_yywrap (yyscan_t yyscanner );
#endif
#endif
+#ifndef YY_NO_UNPUT
+
+#endif
+
#ifndef yytext_ptr
static void yy_flex_strncpy (char *,yyconst char *,int ,yyscan_t yyscanner);
#endif
@@ -692,7 +718,12 @@ static int input (yyscan_t yyscanner );
/* Amount of stuff to slurp up with each read. */
#ifndef YY_READ_BUF_SIZE
+#ifdef __ia64__
+/* On IA-64, the buffer size is 16k, not 8k */
+#define YY_READ_BUF_SIZE 16384
+#else
#define YY_READ_BUF_SIZE 8192
+#endif /* __ia64__ */
#endif
/* Copy whatever the last rule matched to the standard output. */
@@ -700,7 +731,7 @@ static int input (yyscan_t yyscanner );
/* This used to be an fputs(), but since the string might contain NUL's,
* we now use fwrite().
*/
-#define ECHO fwrite( yytext, yyleng, 1, yyout )
+#define ECHO do { if (fwrite( yytext, yyleng, 1, yyout )) {} } while (0)
#endif
/* Gets input and stuffs it into "buf". number of characters read, or YY_NULL,
@@ -711,7 +742,7 @@ static int input (yyscan_t yyscanner );
if ( YY_CURRENT_BUFFER_LVALUE->yy_is_interactive ) \
{ \
int c = '*'; \
- yy_size_t n; \
+ size_t n; \
for ( n = 0; n < max_size && \
(c = getc( yyin )) != EOF && c != '\n'; ++n ) \
buf[n] = (char) c; \
@@ -781,7 +812,7 @@ extern int re_yylex \
/* Code executed at the end of each rule. */
#ifndef YY_BREAK
-#define YY_BREAK break;
+#define YY_BREAK /*LINTED*/break;
#endif
#define YY_RULE_SETUP \
@@ -791,16 +822,11 @@ extern int re_yylex \
*/
YY_DECL
{
- register yy_state_type yy_current_state;
- register char *yy_cp, *yy_bp;
- register int yy_act;
+ yy_state_type yy_current_state;
+ char *yy_cp, *yy_bp;
+ int yy_act;
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
-#line 99 "re_lexer.l"
-
-
-#line 803 "re_lexer.c"
-
yylval = yylval_param;
if ( !yyg->yy_init )
@@ -829,7 +855,13 @@ YY_DECL
re_yy_load_buffer_state(yyscanner );
}
- while ( 1 ) /* loops until end-of-file is reached */
+ {
+#line 99 "re_lexer.l"
+
+
+#line 863 "re_lexer.c"
+
+ while ( /*CONSTCOND*/1 ) /* loops until end-of-file is reached */
{
yy_cp = yyg->yy_c_buf_p;
@@ -845,7 +877,7 @@ YY_DECL
yy_match:
do
{
- register YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)];
+ YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)] ;
if ( yy_accept[yy_current_state] )
{
yyg->yy_last_accepting_state = yy_current_state;
@@ -923,6 +955,12 @@ YY_RULE_SETUP
yyterminate();
}
+ if (hi_bound == 0 && lo_bound == 0)
+ {
+ yyerror(yyscanner, lex_env, "bad repeat interval");
+ yyterminate();
+ }
+
yylval->range = (hi_bound << 16) | lo_bound;
return _RANGE_;
@@ -930,7 +968,7 @@ YY_RULE_SETUP
YY_BREAK
case 2:
YY_RULE_SETUP
-#line 135 "re_lexer.l"
+#line 141 "re_lexer.l"
{
// Example: {10}
@@ -943,6 +981,12 @@ YY_RULE_SETUP
yyterminate();
}
+ if (value == 0)
+ {
+ yyerror(yyscanner, lex_env, "bad repeat interval");
+ yyterminate();
+ }
+
yylval->range = (value << 16) | value;
return _RANGE_;
@@ -950,7 +994,7 @@ YY_RULE_SETUP
YY_BREAK
case 3:
YY_RULE_SETUP
-#line 153 "re_lexer.l"
+#line 165 "re_lexer.l"
{
// Start of a negated character class. Example: [^abcd]
@@ -962,7 +1006,7 @@ YY_RULE_SETUP
YY_BREAK
case 4:
YY_RULE_SETUP
-#line 162 "re_lexer.l"
+#line 174 "re_lexer.l"
{
// Start of character negated class containing a ].
@@ -977,7 +1021,7 @@ YY_RULE_SETUP
YY_BREAK
case 5:
YY_RULE_SETUP
-#line 175 "re_lexer.l"
+#line 187 "re_lexer.l"
{
// Start of character class containing a ].
@@ -992,7 +1036,7 @@ YY_RULE_SETUP
YY_BREAK
case 6:
YY_RULE_SETUP
-#line 188 "re_lexer.l"
+#line 200 "re_lexer.l"
{
// Start of character class. Example: [abcd]
@@ -1005,7 +1049,7 @@ YY_RULE_SETUP
case 7:
/* rule 7 can match eol */
YY_RULE_SETUP
-#line 198 "re_lexer.l"
+#line 210 "re_lexer.l"
{
// Any non-special character is passed as a CHAR token to the scanner.
@@ -1016,63 +1060,63 @@ YY_RULE_SETUP
YY_BREAK
case 8:
YY_RULE_SETUP
-#line 207 "re_lexer.l"
+#line 219 "re_lexer.l"
{
return _WORD_CHAR_;
}
YY_BREAK
case 9:
YY_RULE_SETUP
-#line 212 "re_lexer.l"
+#line 224 "re_lexer.l"
{
return _NON_WORD_CHAR_;
}
YY_BREAK
case 10:
YY_RULE_SETUP
-#line 217 "re_lexer.l"
+#line 229 "re_lexer.l"
{
return _SPACE_;
}
YY_BREAK
case 11:
YY_RULE_SETUP
-#line 222 "re_lexer.l"
+#line 234 "re_lexer.l"
{
return _NON_SPACE_;
}
YY_BREAK
case 12:
YY_RULE_SETUP
-#line 227 "re_lexer.l"
+#line 239 "re_lexer.l"
{
return _DIGIT_;
}
YY_BREAK
case 13:
YY_RULE_SETUP
-#line 232 "re_lexer.l"
+#line 244 "re_lexer.l"
{
return _NON_DIGIT_;
}
YY_BREAK
case 14:
YY_RULE_SETUP
-#line 237 "re_lexer.l"
+#line 249 "re_lexer.l"
{
return _WORD_BOUNDARY_;
}
YY_BREAK
case 15:
YY_RULE_SETUP
-#line 241 "re_lexer.l"
+#line 253 "re_lexer.l"
{
return _NON_WORD_BOUNDARY_;
}
YY_BREAK
case 16:
YY_RULE_SETUP
-#line 246 "re_lexer.l"
+#line 258 "re_lexer.l"
{
yyerror(yyscanner, lex_env, "backreferences are not allowed");
@@ -1081,7 +1125,7 @@ YY_RULE_SETUP
YY_BREAK
case 17:
YY_RULE_SETUP
-#line 253 "re_lexer.l"
+#line 265 "re_lexer.l"
{
uint8_t c;
@@ -1100,7 +1144,7 @@ YY_RULE_SETUP
YY_BREAK
case 18:
YY_RULE_SETUP
-#line 270 "re_lexer.l"
+#line 282 "re_lexer.l"
{
// End of character class.
@@ -1123,7 +1167,7 @@ YY_RULE_SETUP
case 19:
/* rule 19 can match eol */
YY_RULE_SETUP
-#line 291 "re_lexer.l"
+#line 303 "re_lexer.l"
{
// A range inside a character class.
@@ -1167,7 +1211,7 @@ YY_RULE_SETUP
YY_BREAK
case 20:
YY_RULE_SETUP
-#line 333 "re_lexer.l"
+#line 345 "re_lexer.l"
{
int i;
@@ -1178,7 +1222,7 @@ YY_RULE_SETUP
YY_BREAK
case 21:
YY_RULE_SETUP
-#line 342 "re_lexer.l"
+#line 354 "re_lexer.l"
{
int i;
@@ -1189,7 +1233,7 @@ YY_RULE_SETUP
YY_BREAK
case 22:
YY_RULE_SETUP
-#line 351 "re_lexer.l"
+#line 363 "re_lexer.l"
{
LEX_ENV->class_vector[' ' / 8] |= 1 << ' ' % 8;
@@ -1198,7 +1242,7 @@ YY_RULE_SETUP
YY_BREAK
case 23:
YY_RULE_SETUP
-#line 358 "re_lexer.l"
+#line 370 "re_lexer.l"
{
int i;
@@ -1216,7 +1260,7 @@ YY_RULE_SETUP
YY_BREAK
case 24:
YY_RULE_SETUP
-#line 374 "re_lexer.l"
+#line 386 "re_lexer.l"
{
char c;
@@ -1227,7 +1271,7 @@ YY_RULE_SETUP
YY_BREAK
case 25:
YY_RULE_SETUP
-#line 383 "re_lexer.l"
+#line 395 "re_lexer.l"
{
int i;
@@ -1249,7 +1293,7 @@ YY_RULE_SETUP
YY_BREAK
case 26:
YY_RULE_SETUP
-#line 403 "re_lexer.l"
+#line 415 "re_lexer.l"
{
uint8_t c;
@@ -1267,7 +1311,7 @@ YY_RULE_SETUP
YY_BREAK
case 27:
YY_RULE_SETUP
-#line 419 "re_lexer.l"
+#line 431 "re_lexer.l"
{
if (yytext[0] >= 32 && yytext[0] < 127)
@@ -1285,7 +1329,7 @@ YY_RULE_SETUP
}
YY_BREAK
case YY_STATE_EOF(char_class):
-#line 436 "re_lexer.l"
+#line 448 "re_lexer.l"
{
// End of regexp reached while scanning a character class.
@@ -1296,7 +1340,7 @@ case YY_STATE_EOF(char_class):
YY_BREAK
case 28:
YY_RULE_SETUP
-#line 445 "re_lexer.l"
+#line 457 "re_lexer.l"
{
if (yytext[0] >= 32 && yytext[0] < 127)
@@ -1311,7 +1355,7 @@ YY_RULE_SETUP
}
YY_BREAK
case YY_STATE_EOF(INITIAL):
-#line 459 "re_lexer.l"
+#line 471 "re_lexer.l"
{
yyterminate();
@@ -1319,10 +1363,10 @@ case YY_STATE_EOF(INITIAL):
YY_BREAK
case 29:
YY_RULE_SETUP
-#line 464 "re_lexer.l"
+#line 476 "re_lexer.l"
ECHO;
YY_BREAK
-#line 1326 "re_lexer.c"
+#line 1370 "re_lexer.c"
case YY_END_OF_BUFFER:
{
@@ -1452,6 +1496,7 @@ ECHO;
"fatal flex scanner internal error--no action found" );
} /* end of action switch */
} /* end of scanning one token */
+ } /* end of user's declarations */
} /* end of re_yylex */
/* yy_get_next_buffer - try to read in a new buffer
@@ -1464,9 +1509,9 @@ ECHO;
static int yy_get_next_buffer (yyscan_t yyscanner)
{
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
- register char *dest = YY_CURRENT_BUFFER_LVALUE->yy_ch_buf;
- register char *source = yyg->yytext_ptr;
- register int number_to_move, i;
+ char *dest = YY_CURRENT_BUFFER_LVALUE->yy_ch_buf;
+ char *source = yyg->yytext_ptr;
+ yy_size_t number_to_move, i;
int ret_val;
if ( yyg->yy_c_buf_p > &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[yyg->yy_n_chars + 1] )
@@ -1495,7 +1540,7 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
/* Try to read more data. */
/* First move last chars to start of buffer. */
- number_to_move = (int) (yyg->yy_c_buf_p - yyg->yytext_ptr) - 1;
+ number_to_move = (yy_size_t) (yyg->yy_c_buf_p - yyg->yytext_ptr) - 1;
for ( i = 0; i < number_to_move; ++i )
*(dest++) = *(source++);
@@ -1515,7 +1560,7 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
{ /* Not enough room in the buffer - grow it. */
/* just a shorter name for the current buffer */
- YY_BUFFER_STATE b = YY_CURRENT_BUFFER;
+ YY_BUFFER_STATE b = YY_CURRENT_BUFFER_LVALUE;
int yy_c_buf_p_offset =
(int) (yyg->yy_c_buf_p - b->yy_ch_buf);
@@ -1598,15 +1643,15 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
static yy_state_type yy_get_previous_state (yyscan_t yyscanner)
{
- register yy_state_type yy_current_state;
- register char *yy_cp;
+ yy_state_type yy_current_state;
+ char *yy_cp;
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
yy_current_state = yyg->yy_start;
for ( yy_cp = yyg->yytext_ptr + YY_MORE_ADJ; yy_cp < yyg->yy_c_buf_p; ++yy_cp )
{
- register YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1);
+ YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1);
if ( yy_accept[yy_current_state] )
{
yyg->yy_last_accepting_state = yy_current_state;
@@ -1631,11 +1676,11 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
*/
static yy_state_type yy_try_NUL_trans (yy_state_type yy_current_state , yyscan_t yyscanner)
{
- register int yy_is_jam;
+ int yy_is_jam;
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner; /* This var may be unused depending upon options. */
- register char *yy_cp = yyg->yy_c_buf_p;
+ char *yy_cp = yyg->yy_c_buf_p;
- register YY_CHAR yy_c = 1;
+ YY_CHAR yy_c = 1;
if ( yy_accept[yy_current_state] )
{
yyg->yy_last_accepting_state = yy_current_state;
@@ -1650,9 +1695,14 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
yy_is_jam = (yy_current_state == 44);
+ (void)yyg;
return yy_is_jam ? 0 : yy_current_state;
}
+#ifndef YY_NO_UNPUT
+
+#endif
+
#ifndef YY_NO_INPUT
#ifdef __cplusplus
static int yyinput (yyscan_t yyscanner)
@@ -1702,7 +1752,7 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
case EOB_ACT_END_OF_FILE:
{
if ( re_yywrap(yyscanner ) )
- return 0;
+ return EOF;
if ( ! yyg->yy_did_buffer_switch_on_eof )
YY_NEW_FILE;
@@ -1813,7 +1863,7 @@ static void re_yy_load_buffer_state (yyscan_t yyscanner)
if ( ! b )
YY_FATAL_ERROR( "out of dynamic memory in re_yy_create_buffer()" );
- b->yy_buf_size = size;
+ b->yy_buf_size = (yy_size_t)size;
/* yy_ch_buf has to be 2 characters longer than the size given because
* we need to put in 2 end-of-buffer characters.
@@ -1974,7 +2024,7 @@ static void re_yyensure_buffer_stack (yyscan_t yyscanner)
* scanner will even need a stack. We use 2 instead of 1 to avoid an
* immediate realloc on the next call.
*/
- num_to_alloc = 1;
+ num_to_alloc = 1; // After all that talk, this was set to 1 anyways...
yyg->yy_buffer_stack = (struct yy_buffer_state**)re_yyalloc
(num_to_alloc * sizeof(struct yy_buffer_state*)
, yyscanner);
@@ -1991,7 +2041,7 @@ static void re_yyensure_buffer_stack (yyscan_t yyscanner)
if (yyg->yy_buffer_stack_top >= (yyg->yy_buffer_stack_max) - 1){
/* Increase the buffer to prepare for a possible push. */
- int grow_size = 8 /* arbitrary grow size */;
+ yy_size_t grow_size = 8 /* arbitrary grow size */;
num_to_alloc = yyg->yy_buffer_stack_max + grow_size;
yyg->yy_buffer_stack = (struct yy_buffer_state**)re_yyrealloc
@@ -2058,8 +2108,8 @@ YY_BUFFER_STATE re_yy_scan_string (yyconst char * yystr , yyscan_t yyscanner)
/** Setup the input buffer state to scan the given bytes. The next call to re_yylex() will
* scan from a @e copy of @a bytes.
- * @param bytes the byte buffer to scan
- * @param len the number of bytes in the buffer pointed to by @a bytes.
+ * @param yybytes the byte buffer to scan
+ * @param _yybytes_len the number of bytes in the buffer pointed to by @a bytes.
* @param yyscanner The scanner object.
* @return the newly allocated buffer state object.
*/
@@ -2067,7 +2117,8 @@ YY_BUFFER_STATE re_yy_scan_bytes (yyconst char * yybytes, yy_size_t _yybytes_l
{
YY_BUFFER_STATE b;
char *buf;
- yy_size_t n, i;
+ yy_size_t n;
+ yy_size_t i;
/* Get memory for full buffer, including space for trailing EOB's. */
n = _yybytes_len + 2;
@@ -2098,7 +2149,9 @@ YY_BUFFER_STATE re_yy_scan_bytes (yyconst char * yybytes, yy_size_t _yybytes_l
static void yy_fatal_error (yyconst char* msg , yyscan_t yyscanner)
{
- (void) fprintf( stderr, "%s\n", msg );
+ struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
+ (void)yyg;
+ (void) fprintf( stderr, "%s\n", msg );
exit( YY_EXIT_FAILURE );
}
@@ -2204,51 +2257,51 @@ void re_yyset_extra (YY_EXTRA_TYPE user_defined , yyscan_t yyscanner)
}
/** Set the current line number.
- * @param line_number
+ * @param _line_number line number
* @param yyscanner The scanner object.
*/
-void re_yyset_lineno (int line_number , yyscan_t yyscanner)
+void re_yyset_lineno (int _line_number , yyscan_t yyscanner)
{
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
/* lineno is only valid if an input buffer exists. */
if (! YY_CURRENT_BUFFER )
- yy_fatal_error( "re_yyset_lineno called with no buffer" , yyscanner);
+ YY_FATAL_ERROR( "re_yyset_lineno called with no buffer" );
- yylineno = line_number;
+ yylineno = _line_number;
}
/** Set the current column.
- * @param line_number
+ * @param _column_no column number
* @param yyscanner The scanner object.
*/
-void re_yyset_column (int column_no , yyscan_t yyscanner)
+void re_yyset_column (int _column_no , yyscan_t yyscanner)
{
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
/* column is only valid if an input buffer exists. */
if (! YY_CURRENT_BUFFER )
- yy_fatal_error( "re_yyset_column called with no buffer" , yyscanner);
+ YY_FATAL_ERROR( "re_yyset_column called with no buffer" );
- yycolumn = column_no;
+ yycolumn = _column_no;
}
/** Set the input stream. This does not discard the current
* input buffer.
- * @param in_str A readable stream.
+ * @param _in_str A readable stream.
* @param yyscanner The scanner object.
* @see re_yy_switch_to_buffer
*/
-void re_yyset_in (FILE * in_str , yyscan_t yyscanner)
+void re_yyset_in (FILE * _in_str , yyscan_t yyscanner)
{
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
- yyin = in_str ;
+ yyin = _in_str ;
}
-void re_yyset_out (FILE * out_str , yyscan_t yyscanner)
+void re_yyset_out (FILE * _out_str , yyscan_t yyscanner)
{
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
- yyout = out_str ;
+ yyout = _out_str ;
}
int re_yyget_debug (yyscan_t yyscanner)
@@ -2257,10 +2310,10 @@ int re_yyget_debug (yyscan_t yyscanner)
return yy_flex_debug;
}
-void re_yyset_debug (int bdebug , yyscan_t yyscanner)
+void re_yyset_debug (int _bdebug , yyscan_t yyscanner)
{
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
- yy_flex_debug = bdebug ;
+ yy_flex_debug = _bdebug ;
}
/* Accessor methods for yylval and yylloc */
@@ -2411,7 +2464,10 @@ int re_yylex_destroy (yyscan_t yyscanner)
#ifndef yytext_ptr
static void yy_flex_strncpy (char* s1, yyconst char * s2, int n , yyscan_t yyscanner)
{
- register int i;
+ struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
+ (void)yyg;
+
+ int i;
for ( i = 0; i < n; ++i )
s1[i] = s2[i];
}
@@ -2420,7 +2476,7 @@ static void yy_flex_strncpy (char* s1, yyconst char * s2, int n , yyscan_t yysca
#ifdef YY_NEED_STRLEN
static int yy_flex_strlen (yyconst char * s , yyscan_t yyscanner)
{
- register int n;
+ int n;
for ( n = 0; s[n]; ++n )
;
@@ -2430,11 +2486,16 @@ static int yy_flex_strlen (yyconst char * s , yyscan_t yyscanner)
void *re_yyalloc (yy_size_t size , yyscan_t yyscanner)
{
+ struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
+ (void)yyg;
return (void *) malloc( size );
}
void *re_yyrealloc (void * ptr, yy_size_t size , yyscan_t yyscanner)
{
+ struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
+ (void)yyg;
+
/* The cast to (char *) in the following accommodates both
* implementations that use char* generic pointers, and those
* that use void* generic pointers. It works with the latter
@@ -2447,12 +2508,14 @@ void *re_yyrealloc (void * ptr, yy_size_t size , yyscan_t yyscanner)
void re_yyfree (void * ptr , yyscan_t yyscanner)
{
+ struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
+ (void)yyg;
free( (char *) ptr ); /* see re_yyrealloc() for (char *) cast */
}
#define YYTABLES_NAME "yytables"
-#line 464 "re_lexer.l"
+#line 476 "re_lexer.l"
diff --git a/libyara/re_lexer.l b/libyara/re_lexer.l
index 0f699ed..652c528 100644
--- a/libyara/re_lexer.l
+++ b/libyara/re_lexer.l
@@ -126,6 +126,12 @@ hex_digit [0-9a-fA-F]
yyterminate();
}
+ if (hi_bound == 0 && lo_bound == 0)
+ {
+ yyerror(yyscanner, lex_env, "bad repeat interval");
+ yyterminate();
+ }
+
yylval->range = (hi_bound << 16) | lo_bound;
return _RANGE_;
@@ -144,6 +150,12 @@ hex_digit [0-9a-fA-F]
yyterminate();
}
+ if (value == 0)
+ {
+ yyerror(yyscanner, lex_env, "bad repeat interval");
+ yyterminate();
+ }
+
yylval->range = (value << 16) | value;
return _RANGE_;
diff --git a/tests/test-rules.c b/tests/test-rules.c
index 310ffd4..56aacf4 100644
--- a/tests/test-rules.c
+++ b/tests/test-rules.c
@@ -963,7 +963,6 @@ void test_re()
assert_false_regexp("ab{1,}b", "ab");
assert_false_regexp("ab{1}c", "abbc");
assert_true_regexp("ab{0,}c", "ac", "ac");
- assert_true_regexp("ab{0,0}c", "ac", "ac");
assert_true_regexp("ab{1,1}c", "abc", "abc");
assert_true_regexp("ab{0,}c", "abbbc", "abbbc");
assert_true_regexp("ab{,3}c", "abbbc", "abbbc");
@@ -1127,6 +1126,9 @@ void test_re()
assert_regexp_syntax_error("\\x0");
assert_regexp_syntax_error("\\x");
+ assert_regexp_syntax_error("x{0,0}");
+ assert_regexp_syntax_error("x{0}");
+
assert_regexp_syntax_error("\\xxy");
assert_error(
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list