de-fuzz: prevent infinite recursion in recursive expressions (case 14).

2025-07-19 23:32:10 +02:00 · 2017-02-15 19:44:41 +00:00
parent b05fafe1c5
commit edd94320c7
4 changed files with 44 additions and 0 deletions
--- a/include/boost/regex/v4/perl_matcher_recursive.hpp
+++ b/include/boost/regex/v4/perl_matcher_recursive.hpp
@ -900,10 +900,27 @@ bool perl_matcher<BidiIterator, Allocator, traits>::match_recursion()
   {
      recursion_stack.reserve(50);
   }
+   //
+   // See if we've seen this recursion before at this location, if we have then
+   // we need to prevent infinite recursion:
+   //
+   for(std::vector<recursion_info<results_type> >::const_reverse_iterator i = recursion_stack.rbegin(); i != recursion_stack.rend(); ++i)
+   {
+      if(i->idx == static_cast<const re_brace*>(static_cast<const re_jump*>(pstate)->alt.p)->index)
+      {
+         if(i->location_of_start == position)
+            return false;
+         break;
+      }
+   }
+   //
+   // Now get on with it:
+   //
   recursion_stack.push_back(recursion_info<results_type>());
   recursion_stack.back().preturn_address = pstate->next.p;
   recursion_stack.back().results = *m_presult;
   recursion_stack.back().repeater_stack = next_count;
+   recursion_stack.back().location_of_start = position;
   pstate = static_cast<const re_jump*>(pstate)->alt.p;
   recursion_stack.back().idx = static_cast<const re_brace*>(pstate)->index;