Skip to content

Creating a regexes from an empty string crashes with an OOB #13843

New issue
New issue
Closed
Closed
Creating a regexes from an empty string crashes with an OOB#13843
Labels
I-crashIssue: The compiler crashes (SIGSEGV, SIGABRT, etc). Use I-ICE instead when the compiler panics.
@huonw

Description

@huonw
huonw
opened on Apr 29, 2014
Member
extern crate regex;

fn main() { let _ = regex::Regex::new(""); }
task '<main>' failed at 'index out of bounds: the len is 0 but the index is 0', /build/rust-git/src/rust/src/libregex/lib.rs:1

Activity

huonw
added
I-crash
on Apr 29, 2014
alexcrichton

alexcrichton commented on Apr 29, 2014

@alexcrichton
alexcrichton
on Apr 29, 2014
Member

cc @BurntSushi

alexcrichton
mentioned this on May 7, 2014
alexcrichton

alexcrichton commented on May 7, 2014

@alexcrichton
alexcrichton
on May 7, 2014
Member

@Polyphemus noted in #14018

Using an empty string as the re argument to regex::Regex::new() or regex!() leads to an index out of bounds: the len is 0 but the index is 0 failure on runtime and compile time respectively.

The following is a compilable test-case:

#![feature(phase)]
extern crate regex;
#[phase(syntax)] extern crate regex_macros;

fn main() {
    // error: internal compiler error: unexpected failure
    // note: the compiler hit an unexpected failure path. this is a bug.
    // note: we would appreciate a bug report: http://static.rust-lang.org/doc/master/complement-bugreport.html
    // note: run with `RUST_BACKTRACE=1` for a backtrace
    // task 'rustc' failed at 'index out of bounds: the len is 0 but the index is 0', /build/rust-git/src/rust/src/libregex/lib.rs:1
    let compile_time_empty_re = regex!("");

    // comment out the regex! macro to get the task failure on runtime for the following:
    let run_time_empty_re = regex::Regex::new("").unwrap();
}

The backtrace from rustc:

% RUST_BACKTRACE=1 rustc regex-empty-str.rs
error: internal compiler error: unexpected failure
note: the compiler hit an unexpected failure path. this is a bug.
note: we would appreciate a bug report: http://static.rust-lang.org/doc/master/complement-bugreport.html
note: run with `RUST_BACKTRACE=1` for a backtrace
task 'rustc' failed at 'index out of bounds: the len is 0 but the index is 0', /build/rust-git/src/rust/src/libregex/lib.rs:1
stack backtrace:
   1:     0x7f2f857062f0 - rt::backtrace::imp::write::h288a001cb8ab0467Mwa::v0.11.pre
   2:     0x7f2f85657960 - rt::unwind::begin_unwind_inner::h21d0e74b81447276R69::v0.11.pre
   3:     0x7f2f856578d0 - <unknown>
   4:     0x7f2f85705f00 - rt::unwind::begin_unwind_raw::hcae126cecf9ac08b039::v0.11.pre
   5:     0x7f2f85656c00 - rt::unwind::fail_::hb350ad41fcb04968E19::v0.11.pre
   6:     0x7f2f85705f70 - <unknown>
   7:     0x7f2f85658b90 - rt::unwind::fail_bounds_check::h77cb92ae44655be1119::v0.11.pre
   8:     0x7f2f81af2710 - <unknown>
   9:     0x7f2f81b018a0 - re::Regex::new::h7515f9e2f6385e4exZg::v0.11.pre
  10:     0x7f2f81d458e0 - <unknown>
  11:     0x7f2f845f43d0 - ext::base::BasicMacroExpander.MacroExpander::expand::hd67bc89fd9d9a56eQbR::v0.11.pre
  12:     0x7f2f84605490 - ext::expand::expand_expr::ha374fe02226e64benIR::v0.11.pre
  13:     0x7f2f8460dd70 - ext::expand::MacroExpander<'a, 'b>.Folder::fold_expr::h677bb239787cfda7RyS::v0.11.pre
  14:     0x7f2f8462cb80 - ext::expand::expand_stmt::hcdb4c2679a8ed298FhS::v0.11.pre
  15:     0x7f2f84648610 - <unknown>
  16:     0x7f2f8461a840 - ext::expand::expand_block_elts::h5c64eab4a957c3e9OuS::v0.11.pre
  17:     0x7f2f84648530 - ext::expand::expand_block::h454ad0775b85e8908tS::v0.11.pre
  18:     0x7f2f846175b0 - ext::expand::MacroExpander<'a, 'b>.Folder::fold_block::h96e96e3fb41ac8e10zS::v0.11.pre
  19:     0x7f2f84620ae0 - <unknown>
  20:     0x7f2f8461b600 - ext::expand::expand_item::h94bc4908c0c8fdf5TVR::v0.11.pre
  21:     0x7f2f84623bf0 - ext::expand::MacroExpander<'a, 'b>.Folder::fold_item::hfe58429eae993e278yS::v0.11.pre
  22:     0x7f2f84623b90 - <unknown>
  23:     0x7f2f846235d0 - <unknown>
  24:     0x7f2f84622ea0 - <unknown>
  25:     0x7f2f84648d50 - ext::expand::expand_crate::h8377624133b73814MAS::v0.11.pre
  26:     0x7f2f86b61a00 - <unknown>
  27:     0x7f2f86b61260 - <unknown>
  28:     0x7f2f86b5eaf0 - driver::driver::phase_2_configure_and_expand::he42a57583b18ce58YSe::v0.11.pre
  29:     0x7f2f86ba1550 - driver::driver::compile_input::hffffe7f389caa620Amf::v0.11.pre
  30:     0x7f2f86bc6aa0 - run_compiler::hfcd48299addf77dfeQm::v0.11.pre
  31:     0x7f2f86be2f10 - <unknown>
  32:     0x7f2f86be1410 - <unknown>
  33:     0x7f2f86bdbc80 - <unknown>
  34:     0x7f2f85d9e340 - <unknown>
  35:     0x7f2f856fbda0 - <unknown>
  36:     0x7f2f8570c5c0 - rust_try
  37:     0x7f2f856fbbe0 - rt::task::Task::run::h93895fb04573c54dUW7::v0.11.pre
  38:     0x7f2f85d9e110 - <unknown>
  39:     0x7f2f85704e30 - <unknown>
  40:     0x7f2f833ef060 - start_thread
  41:     0x7f2f8532a489 - __clone
  42:                0x0 - <unknown>

A backtrace for the program when the regex!() macro is commented out:

% rust-backtrace ./regex-empty-str
Breakpoint 1 at 0x471a30
warning: Could not load shared library symbols for linux-vdso.so.1.
Do you need "set solib-search-path" or "set sysroot"?
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/usr/lib/libthread_db.so.1".
task '<main>' failed at 'index out of bounds: the len is 0 but the index is 0', /build/rust-git/src/rust/src/libregex/lib.rs:1

Breakpoint 1, 0x0000000000471a30 in rust_fail ()
#0  0x0000000000471a30 in rust_fail ()
#1  0x0000000000471a03 in rt::unwind::Unwinder::begin_unwind::h7a34b2c57cd8ebe9EV9::v0.11.pre ()
#2  0x0000000000453aad in rt::unwind::begin_unwind_inner::h21d0e74b81447276R69::v0.11.pre ()
#3  0x0000000000452d28 in rt::unwind::begin_unwind::h10355639713018170346::v0.11.pre ()
#4  0x0000000000471c17 in rt::unwind::begin_unwind_raw::hcae126cecf9ac08b039::v0.11.pre ()
#5  0x0000000000452b2b in rt::unwind::fail_::hb350ad41fcb04968E19::v0.11.pre ()
#6  0x0000000000471c5f in rt::unwind::fail_bounds_check::closure.40422 ()
#7  0x0000000000453fbe in rt::unwind::fail_bounds_check::h77cb92ae44655be1119::v0.11.pre ()
#8  0x0000000000410c08 in parse::Parser$LT$$x27a$GT$::parse::hd6035c4711160a86Kuf::v0.11.pre ()
#9  0x00000000004190b9 in re::Regex::new::h7515f9e2f6385e4exZg::v0.11.pre ()
#10 0x0000000000402afe in main::h695ce60898fd8803gaa::v0.0 ()
#11 0x0000000000452a43 in start::closure.7194 ()
#12 0x0000000000468903 in rt::task::Task::run::closure.40319 ()
#13 0x0000000000477dcc in rust_try ()
#14 0x0000000000468762 in rt::task::Task::run::h93895fb04573c54dUW7::v0.11.pre ()
#15 0x0000000000452834 in start::h1727cab19364d8a2xxd::v0.11.pre ()
#16 0x0000000000452624 in lang_start::hea05ce15f18b4932Rwd::v0.11.pre ()
#17 0x0000000000402b6f in main ()

The problem seems to be that in rust/src/libregex/parse.rs Parser::parse() calls self.cur(), the character index chari is set to zero and when the string length is zero it fails in self.cur() for *self.chars.get(self.chari).

BurntSushi
added a commit that references this issue on Jun 4, 2014

Fixes rust-lang#13843.

9d39178
BurntSushi
mentioned this on Jun 4, 2014
bors
closed this as completedin 9d39178on Jun 4, 2014
arcnmx
added a commit that references this issue on Jan 9, 2023

Auto merge of rust-lang#13843 - Overpeek:master, r=Veykril

b0214d8
flip1995
added a commit that references this issue on Jan 9, 2025

correct suggestion for `manual_div_ceil` lint (rust-lang#13864)

4be0e62
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    I-crashIssue: The compiler crashes (SIGSEGV, SIGABRT, etc). Use I-ICE instead when the compiler panics.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

      Development

      No branches or pull requests

        Participants

        @alexcrichton@huonw

        Issue actions
          Creating a regexes from an empty string crashes with an OOB · Issue #13843 · rust-lang/rust