Fix another ancient bug in parsing of BRE-mode regular expressions.

tglsfdc · tglsfdc · commit ab208421eeb7 · 2021-02-18T22:38:55.000-05:00
While poking at the regex code, I happened to notice that the bug squashed in commit afcc877 had a sibling: next() failed to return a specific value associated with the '}' token for a "\{m,n\}" quantifier when parsing in basic RE mode. Again, this could result in treating the quantifier as non-greedy, which it never should be in basic mode. For that to happen, the last character before "\}" that sets "nextvalue" would have to set it to zero, or it'd have to have accidentally been zero from the start. The failure can be provoked repeatably with, for example, a bound ending in digit "0". Like the previous patch, back-patch all the way.
diff --git a/src/backend/regex/regc_lex.c b/src/backend/regex/regc_lex.c
@@ -389,7 +389,7 @@ next(struct vars * v)
 					{
 						v->now++;
 						INTOCON(L_BRE);
-						RET('}');
+						RETV('}', 1);
 					}
 					else
 						FAILW(REG_BADBR);

Original file line number	Diff line number	Diff line change
`@@ -389,7 +389,7 @@ next(struct vars * v)`
`389`	`389`	`{`
`390`	`390`	`v->now++;`
`391`	`391`	`INTOCON(L_BRE);`
`392`		`- RET('}');`
	`392`	`+ RETV('}', 1);`
`393`	`393`	`}`
`394`	`394`	`else`
`395`	`395`	`FAILW(REG_BADBR);`