[PATCH] D39066: [libcxx] Fix signed overflow when constructing integers from brace expressions.

Tim Shen via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Wed Oct 18 12:35:38 PDT 2017 

timshen created this revision.
Herald added a subscriber: sanjoy.
Herald added a reviewer: EricWF.

This should unblock PR24411.


https://reviews.llvm.org/D39066

Files:
  libcxx/include/regex
  libcxx/test/std/re/re.grammar/excessive_brace_count.pass.cpp


Index: libcxx/test/std/re/re.grammar/excessive_brace_count.pass.cpp
===================================================================
--- /dev/null
+++ libcxx/test/std/re/re.grammar/excessive_brace_count.pass.cpp
@@ -0,0 +1,40 @@
+//===----------------------------------------------------------------------===//
+//
+//                     The LLVM Compiler Infrastructure
+//
+// This file is dual licensed under the MIT and the University of Illinois Open
+// Source Licenses. See LICENSE.TXT for details.
+//
+//===----------------------------------------------------------------------===//
+
+// <regex>
+// UNSUPPORTED: libcpp-no-exceptions
+// UNSUPPORTED: c++03
+
+// the "n" in `a{n}` should be within the numeric limits.
+
+#include <regex>
+#include <cassert>
+
+int main() {
+  for (std::regex_constants::syntax_option_type op :
+       {std::regex::basic, std::regex::grep}) {
+    try {
+      (void)std::regex("a\\{100000000000000000\\}", op);
+      assert(false);
+    } catch (const std::regex_error &e) {
+      assert(e.code() == std::regex_constants::error_badbrace);
+    }
+  }
+  for (std::regex_constants::syntax_option_type op :
+       {std::regex::ECMAScript, std::regex::extended, std::regex::egrep,
+        std::regex::awk}) {
+    try {
+      (void)std::regex("a{100000000000000000}", op);
+      assert(false);
+    } catch (const std::regex_error &e) {
+      assert(e.code() == std::regex_constants::error_badbrace);
+    }
+  }
+  return 0;
+}
Index: libcxx/include/regex
===================================================================
--- libcxx/include/regex
+++ libcxx/include/regex
@@ -4064,6 +4064,8 @@
                  __first != __last && ( __val = __traits_.value(*__first, 10)) != -1;
                  ++__first)
             {
+                if (__c >= std::numeric_limits<int>::max() / 10)
+                  __throw_regex_error<regex_constants::error_badbrace>();
                 __c *= 10;
                 __c += __val;
             }


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D39066.119515.patch
Type: text/x-patch
Size: 1996 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20171018/9f51d4f5/attachment.bin>

More information about the cfe-commits mailing list