Fix an edge case bug in fuzz support; it missed the quantifier in seq…

…uences like "){9){123}", causing a JIT timeout.
PCRE2Project · Apr 19, 2024 · 1649c76 · 1649c76
1 parent cbff6bb
commit 1649c76
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/src/pcre2_fuzzsupport.c b/src/pcre2_fuzzsupport.c
@@ -342,7 +342,11 @@ if (size > 3)
           if (wdata[j] != '}' && wdata[j] != ',') goto OUTERLOOP;
           }
         if (wdata[j] == '}' || (ii == 0 && wdata[j] == ',')) break;
-        if (wdata[j] < '0' || wdata[j] > '9') goto OUTERLOOP;
+        if (wdata[j] < '0' || wdata[j] > '9')
+          {
+          j--;               /* Ensure this character is checked next. The */
+          goto OUTERLOOP;    /* string might be (e.g.) "){9){234}" */
+          }
         q = q * 10 + wdata[j] - '0';
         }