Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

CAtlRegExp bug/crash

27 views
Skip to first unread message

Ismo Salonen

unread,
Sep 1, 2006, 1:43:12 AM9/1/06
to

Environment : VS2003, no servicepack, compiled as debug, multithreaded
dll, no mfc.

One of our user discovered that using regular expression to match empty
input gives unpredictable results. E.g matching expression .+ agains
empty string produces true. In my opinion it shoild evaluate as false.

After more testing I discovered that matching empty string with
expression \a+ crashes inside CAtlRegExp.Match(), in my version on line
638 in atlrx.h. The actual crash happens one line before, at size_t u =
(size_t) *sz; The sz has been incremented beyond end of string.

Can anybody confirm my findings and/or has this been fixed to some
version ?


br

ismo

David Lowndes

unread,
Sep 1, 2006, 6:50:48 AM9/1/06
to
>One of our user discovered that using regular expression to match empty
>input gives unpredictable results. E.g matching expression .+ agains
>empty string produces true. In my opinion it shoild evaluate as false.
>
>After more testing I discovered that matching empty string with
>expression \a+ crashes inside CAtlRegExp.Match(), in my version on line
>638 in atlrx.h. The actual crash happens one line before, at size_t u =
>(size_t) *sz; The sz has been incremented beyond end of string.
>
>Can anybody confirm my findings and/or has this been fixed to some
>version ?

Have you got a short code example that neatly demonstrates the problem
you're having?

Dave

Gerry Hickman

unread,
Sep 1, 2006, 8:35:06 PM9/1/06
to
Hi,

I'm amazed you got it to compile at all. The original headers I had with
VS2003 didn't even compile for CAtlRegExp properly. There's thread about
it here:

<http://groups.google.co.uk/group/microsoft.public.vc.atl/browse_thread/thread/25478a33132c3afb/2af4682c168b3476?lnk=st&q=catlregexp&rnum=1&hl=en#2af4682c168b3476>


--
Gerry Hickman (London UK)

Ismo Salonen

unread,
Sep 4, 2006, 2:36:06 AM9/4/06
to

Here is example which crashes every time. Just compile and run,
Multithreaded debug dll was my selection for code generation.
Stdafx is here

-----------------
#pragma once


#include <iostream>
#include <tchar.h>

------
and it is easily removed . Tailor the code compile.

-------------------------------------

// regbug.cpp : Defines the entry point for the console application.
//

#include "stdafx.h"
#include <string>
#include <atlrx.h>

using namespace std;

int _tmain(int argc, _TCHAR* argv[])
{

CAtlRegExp<> re;
CAtlREMatchContext<> mc;
string what("");
string rest("\\a+");
string result;

REParseError status = re.Parse(rest.c_str());

if (REPARSE_ERROR_OK != status)
{
cout << " Parse error " << status << endl;
return false;
}

if( re.Match( what.c_str() , &mc ) )
{
result = "1";
}
else
{
result = "0";
}
cout << "result is " << result << endl;
return 0;
}

// ismo

Ismo Salonen

unread,
Sep 4, 2006, 2:38:49 AM9/4/06
to
Gerry Hickman wrote:
> Hi,
>
> I'm amazed you got it to compile at all. The original headers I had with
> VS2003 didn't even compile for CAtlRegExp properly. There's thread about
> it here:
>
> <http://groups.google.co.uk/group/microsoft.public.vc.atl/browse_thread/thread/25478a33132c3afb/2af4682c168b3476?lnk=st&q=catlregexp&rnum=1&hl=en#2af4682c168b3476>
>

Well, only minor warnings in my environment :

Compiling...
regbug.cpp
c:\Program Files\Microsoft Visual Studio .NET
2003\vc7\atlmfc\include\atlrx.h(688) : warning C4018: '>=' :
signed/unsigned mismatch
c:\Program Files\Microsoft Visual Studio .NET
2003\vc7\atlmfc\include\atlrx.h(467) : while compiling class-template
member function 'BOOL ATL::CAtlRegExp<>::Match(const
ATL::CAtlRegExp<>::RECHAR *,ATL::CAtlREMatchContext<CharTraits> *,const
ATL::CAtlRegExp<>::RECHAR ** )'
with
[
CharTraits=ATL::CAtlRECharTraits
]
d:\Temp\regexp\regbug\regbug.cpp(13) : see reference to class
template instantiation 'ATL::CAtlRegExp<>' being compiled
c:\Program Files\Microsoft Visual Studio .NET
2003\vc7\atlmfc\include\atlrx.h(689) : warning C4018: '<=' :
signed/unsigned mismatch
c:\Program Files\Microsoft Visual Studio .NET
2003\vc7\atlmfc\include\atlrx.h(722) : warning C4018: '>=' :
signed/unsigned mismatch
c:\Program Files\Microsoft Visual Studio .NET
2003\vc7\atlmfc\include\atlrx.h(723) : warning C4018: '<=' :
signed/unsigned mismatch

Build log was saved at "file://d:\Temp\regexp\regbug\Debug\BuildLog.htm"


Maybe something changed in my environment ? If so then I'd like to know
what because it might affect many other programs too :-(

br
ismo

David Lowndes

unread,
Sep 4, 2006, 9:50:16 AM9/4/06
to
>Environment : VS2003, no servicepack, compiled as debug, multithreaded
>dll, no mfc.
>
>One of our user discovered that using regular expression to match empty
>input gives unpredictable results. E.g matching expression .+ agains
>empty string produces true. In my opinion it shoild evaluate as false.

Compiling the code you posted with VS2005 results in no crash, and
your expected false result, so it may have been a bug in VS2003 that's
fixed in VS2005. I suggest that you try VS2005 and see if it works for
you.

Dave

Ismo Salonen

unread,
Sep 5, 2006, 1:22:32 AM9/5/06
to

Yep, VS2005 compiles & executes as expected. But the product that uses
VS2003 is in use almost worldwide, crashing is not an option in end user
products. And this CAtlRegExp is only in one dll so compiling it with
different compiler version is not an option. Old versions are maintained
with old compilers, only new versions are compiled with newer tools :-(


Has anybody installed SP1 on VS2003 and tested this ?

ismo

Gerry Hickman

unread,
Sep 5, 2006, 5:18:18 PM9/5/06
to
Hi Ismo

>> I'm amazed you got it to compile at all.

> Well, only minor warnings in my environment :

> 2003\vc7\atlmfc\include\atlrx.h(688) : warning C4018: '>=' :
> signed/unsigned mismatch

<snip>

OK, that's what I call "not compiling at all!" In my world a "minor
warning" means it's completely broken. This is the exact error (I mean
warning!) I used to see when I tried it out two years ago.

I tried to get help about this two years ago, but when I asked about it
on the ATL group it seems this was the least of the problems with
CAtlRegExp so I just gave up and used the JScript RegExp engine via COM
instead and everything worked perfectly.

Maybe it's fixed in VS2005, but I'm not able to find ANY documentation
that confirms this. What about attributed programming? Was that fixed in
VS2005???

kuo@discussions.microsoft.com jc kuo

unread,
Sep 12, 2006, 10:19:02 AM9/12/06
to
This bug is NOT completely resolved : the SAME bug occured for me at line
746 in atlrx.h provided with VS2005 . It seems that devs 'forgot' to fix the
bug in the case RE_NOTRANGE statement ...
as a temporary fix , I suggest to replace the bugged code
size_t u = static_cast<size_t>(* ((RECHAR *) sz));
by
size_t u = CharTraits::GetBitFieldForRangeArrayIndex(sz);
accordingly to the fix done in case RE_RANGE statement (24 lines upper).

Hope this fix will be included in next SP

Regards,
JCK

David Lowndes

unread,
Sep 12, 2006, 1:27:43 PM9/12/06
to
>Hope this fix will be included in next SP

Have you reported it at the VS feedback site?

http://connect.microsoft.com/feedback/default.aspx?SiteID=210

Dave

0 new messages