From f251a9866243b088e4e9cd463cfee41f33a25c41 Mon Sep 17 00:00:00 2001
From: jzmaddock <john@johnmaddock.co.uk>
Date: Tue, 24 Oct 2017 19:06:53 +0100
Subject: [PATCH] Regex: When matching an (*ACCEPT) and skipping forwards, we
 have to be careful not to stop skipping prematurely if we're inside a
 lookahead. Fixes:
 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3493#c2

---
 include/boost/regex/v4/perl_matcher_non_recursive.hpp | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/include/boost/regex/v4/perl_matcher_non_recursive.hpp b/include/boost/regex/v4/perl_matcher_non_recursive.hpp
index 8127ae77..789226ba 100644
--- a/include/boost/regex/v4/perl_matcher_non_recursive.hpp
+++ b/include/boost/regex/v4/perl_matcher_non_recursive.hpp
@@ -1181,10 +1181,15 @@ bool perl_matcher<BidiIterator, Allocator, traits>::skip_until_paren(int index,
          {
             // Unenclosed closing ), occurs when (*ACCEPT) is inside some other 
             // parenthesis which may or may not have other side effects associated with it.
+            const re_syntax_base* sp = pstate;
             match_endmark();
             if(!pstate)
             {
                unwind(true);
+               // unwind may leave pstate NULL if we've unwound a forward lookahead, in which
+               // case just move to the next state and keep looking...
+               if (!pstate)
+                  pstate = sp->next.p;
             }
          }
          continue;