From: Charlotte Pabst cpabst@codeweavers.com
Before this fix, the regex engine would run into an infinite loop and OOM when encountering a quantifier allowing a zero amount of items in a REG_GLOB regex. --- dlls/jscript/jsregexp.c | 3 +++ 1 file changed, 3 insertions(+)
diff --git a/dlls/jscript/jsregexp.c b/dlls/jscript/jsregexp.c index e3a707b1f6b..fb04fe5131f 100644 --- a/dlls/jscript/jsregexp.c +++ b/dlls/jscript/jsregexp.c @@ -208,6 +208,9 @@ static HRESULT regexp_match(script_ctx_t *ctx, jsdisp_t *dispex, jsstr_t *jsstr, ret[i].index = result->cp - str - result->match_len; ret[i++].length = result->match_len;
+ if (result->match_len == 0) + result->cp++; + if(!gflag && !(This->jsregexp->flags & REG_GLOB)) { hres = S_OK; break;