Fix a bug in literal extraction from exact-count repetition patterns #1367
Conversation
|
I'll honestly say that I am not sure if this is the right fix. I just don't know the code. But this particular line looked suspicious. I did try to verify this empirically by writing a fuzzer to look out for more bugs by fuzz-feeding the |
|
One of the failing fuzz-generated cases of the sort related to this issue: |
BurntSushi
added
the
rollup
This appears to be another transcription bug from copying this code from
the prefix literal detection from inside the regex crate. Namely, when
it comes to inner literals, we only want to treat counted repetition as
two separate cases: the case when the minimum match is 0 and the case
when the minimum match is more than 0. In the former case, we treat
`e{0,n}` as `e*` and in the latter we treat `e{m,n}` where `m >= 1` as
just `e`.
We could definitely do better here. e.g., This means regexes like
`(foo){10}` will only have `foo` extracted as a literal, where searching
for the full literal would likely be faster.
The actual bug here was that we were not implementing this logic
correctly. Namely, we weren't always "cutting" the literals in the
second case to prevent them from being expanded.
Fixes #1319, Closes #1367
There was a problem hiding this comment.
Apologies for the delay, but thanks so much for this PR! I agree that this does fix the problem. I simplified this just a bit by just removing the if n < min { check above and uncondionally running lits.cut().
This code is completely inscrutable, but the essence of the problem is that the literal detector was continuing the extension of literals when it shouldn't have been.
I'll be merging this in #1486, where your commit message has grown a few details if you're curious.
Closes #1319.