Home | History | Annotate | Download | only in patches 
      1 Index: source/i18n/rematch.cpp
      2 ===================================================================
      3 --- source/i18n/rematch.cpp	(revision 98343)
      4 +++ source/i18n/rematch.cpp	(working copy)
      5 @@ -5598,6 +5598,7 @@
      6                      const UChar *foldChars = NULL;
      7                      int32_t foldOffset, foldLength;
      8                      UChar32 c;
      9 +                    UBool c_is_valid = FALSE;
     10                      
     11                      #ifdef REGEX_SMART_BACKTRACKING
     12                      int32_t originalInputIdx = fp->fInputIdx;
     13 @@ -5607,23 +5608,31 @@
     14                      foldOffset = foldLength = 0;
     15  
     16                      while (patternChars < patternEnd && success) {
     17 -                        if(foldOffset < foldLength) {
     18 -                            U16_NEXT_UNSAFE(foldChars, foldOffset, c);
     19 -                        } else {
     20 -                            U16_NEXT(inputBuf, fp->fInputIdx, fActiveLimit, c);
     21 -                            foldLength = ucase_toFullFolding(csp, c, &foldChars, U_FOLD_CASE_DEFAULT);
     22 -                            if(foldLength >= 0) {
     23 -                                if(foldLength <= UCASE_MAX_STRING_LENGTH) {   // !!!: Does not correctly handle chars that fold to 0-length strings
     24 -                                    foldOffset = 0;
     25 -                                    U16_NEXT_UNSAFE(foldChars, foldOffset, c);
     26 -                                } else {
     27 -                                    c = foldLength;
     28 -                                    foldLength = foldOffset; // to avoid reading chars from the folding buffer
     29 +                        if (fp->fInputIdx < fActiveLimit) {  // don't read past end of string
     30 +                            if(foldOffset < foldLength) {
     31 +                                U16_NEXT_UNSAFE(foldChars, foldOffset, c);
     32 +                                c_is_valid = TRUE;
     33 +                            } else {
     34 +                                // test pre-condition of U16_NEXT: i < length
     35 +                                U_ASSERT(fp->fInputIdx < fActiveLimit);
     36 +                                U16_NEXT(inputBuf, fp->fInputIdx, fActiveLimit, c);
     37 +                                c_is_valid = TRUE;
     38 +                                foldLength = ucase_toFullFolding(csp, c, &foldChars, U_FOLD_CASE_DEFAULT);
     39 +                                if(foldLength >= 0) {
     40 +                                    if(foldLength <= UCASE_MAX_STRING_LENGTH) {   // !!!: Does not correctly handle chars that fold to 0-length strings
     41 +                                        foldOffset = 0;
     42 +                                        U16_NEXT_UNSAFE(foldChars, foldOffset, c);
     43 +                                    } else {
     44 +                                        c = foldLength;
     45 +                                        foldLength = foldOffset; // to avoid reading chars from the folding buffer
     46 +                                    }
     47                                  }
     48                              }
     49 +                        } else {
     50 +                          c_is_valid = FALSE;
     51                          }
     52                          
     53 -                        if (fp->fInputIdx <= fActiveLimit) {
     54 +                        if (fp->fInputIdx <= fActiveLimit && c_is_valid) {
     55                              if (U_IS_BMP(c)) {
     56                                  success = (*patternChars == c);
     57                                  patternChars += 1;
     58 @@ -6070,4 +6079,3 @@
     59  U_NAMESPACE_END
     60  
     61  #endif  // !UCONFIG_NO_REGULAR_EXPRESSIONS
     62 -
     63