[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#28417: ptx does not terminate when matching a zero length sentence r
|
From: |
Bernhard Voelker |
|
Subject: |
bug#28417: ptx does not terminate when matching a zero length sentence regex |
|
Date: |
Wed, 13 Sep 2017 23:40:42 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 |
On 09/11/2017 05:04 PM, Julian Büning wrote:
> observed behavior:
>
> $ echo | ptx -S $ &
> [1] 1000
> $ jobs
> [1]+ Running echo | ptx -S $ &
>
> expected behavior:
>
> $ echo | ptx -S $ &
> [1] 1000
> [1]+ Done echo | ptx -S $
>
> ptx does not terminate in case the specified sentence regex can be
> matched but has a match of length zero on input that is non-empty.
>
> The following test cases show the same behavior:
> $ echo | ptx -S ^
> $ echo | ptx -S "a*"
> $ echo | ptx -S "\(\)"
> $ echo test | ptx -S "\n*"
> $ echo foo > non_empty; ptx non_empty -S $
> ...
>
> In ptx.c, find_occurs_in_text() calls re_search() and uses the length of
> a match (which is falsely assumed to be greater than zero) to advance a
> cursor through the input. For a match length of zero, the cursor is
> never advanced.
>
> When switching on the results of re_search(), a case 0 could be added.
> One possible fix would be to then abort with an error message.
>
> We found this behavior in version 8.27 and can reproduce it in version
> 8.25 as well as version 8.28.
>
> This behavior was found using Symbolic Execution techniques developed in
> the course of the SYMBIOSYS research project at COMSYS, RWTH Aachen
> University. This research is supported by the European Research Council
> (ERC) under the EU's Horizon 2020 Research and Innovation Programme
> grant agreement n. 647295 (SYMBIOSYS).
Good catch!
The attached patch fixes it; please check.
Have a nice day,
Berny
0001-ptx-avoid-infloop-due-to-zero-length-matches-with-S-.patch
Description: Text Data