Gurusamy Sarathy writes:
>
> On Thu, 30 Jul 1998 19:14:32 EDT, Ilya Zakharevich wrote:
> >Gurusamy Sarathy writes:
> >> I'll do one better.  Purify shows two instances of "Array Bounds Read" with
> >> C<perl -e '$_=""; s/\s*$//g'>.  Backtrace at incident:

What follows is the patch for 5.005_50.  The bug is in fact a
pessimization (!).  I also removed uncheating strend, substituting
the non-cheated copy PL_regeol.

What bothers me is

     a) there are many places where I do not understand what cheating
        is happening.  Witness modification of strend in nodes which
        reach the nearest BOUND and friends (look for the first BOUND in
        regexec.c).
     b) Future optimizations may introduce negative offsets of
        constant substrings (as for /(?<=a)\b/).  Apparently, the code
        assumes in many places that such offsets are positive.

"b" may be answered by a planned future rewrite of const-substr
optimizer.  Anybody knowing about "a" ?

Ilya

--- ./regexec.c~	Sat Jul 25 22:11:26 1998
+++ ./regexec.c	Thu Jul 30 19:42:14 1998
@@ -872,10 +872,13 @@ regexec_flags(register regexp *prog, cha
 	    else {
 		STRLEN len;
 		char *little = SvPV(prog->float_substr, len);
-		last = rninstr(s, strend, little, little + len);
+		if (len) 
+		    last = rninstr(s, strend, little, little + len);
+		else
+		    last = strend;	/* matching `$' */
 	    }
 	    if (last == NULL) goto phooey; /* Should not happen! */
-	    dontbother = strend - last - 1;
+	    dontbother = strend - last + prog->float_min_offset;
 	}
 	if (minlen && (dontbother < minlen))
 	    dontbother = minlen - 1;
@@ -883,11 +886,8 @@ regexec_flags(register regexp *prog, cha
 	/* We don't know much -- general case. */
 	if (UTF) {
 	    for (;;) {
-		if (regtry(prog, s)) {
-		    strend += dontbother;  /* this one's always in bytes! */
-		    dontbother = 0;
+		if (regtry(prog, s))
 		    goto got_it;
-		}
 		if (s >= strend)
 		    break;
 		s += UTF8SKIP(s);
@@ -905,9 +905,8 @@ regexec_flags(register regexp *prog, cha
     goto phooey;
 
 got_it:
-    strend = HOP(strend, dontbother);	/* uncheat */
     prog->subbeg = strbeg;
-    prog->subend = strend;
+    prog->subend = PL_regeol;		/* strend may have been modified */
     RX_MATCH_TAINTED_set(prog, PL_reg_flags & RF_tainted);
 
     /* make sure $`, $&, $', and $digit will work later */
@@ -919,7 +918,7 @@ got_it:
 	    }
 	}
 	else {
-	    I32 i = strend - startpos + (stringarg - strbeg);
+	    I32 i = PL_regeol - startpos + (stringarg - strbeg);
 	    s = savepvn(strbeg, i);
 	    Safefree(prog->subbase);
 	    prog->subbase = s;
