From f2411acb3711a44497539d17b245bd366d9c26d7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Carlo=20Marcelo=20Arenas=20Bel=C3=B3n?= <carenas@gmail.com>
Date: Mon, 12 Dec 2022 08:32:42 -0800
Subject: [PATCH] jit: fail early in ffcps_* if subject shorter than offs1
 (#175)

FF_FUN would try loading a vector from an invalid address
triggering a crash.

Add the same check that is done in the x86/s390x implementations
and that was missing from the original code.

Fixes: #86
---
 src/pcre2_jit_neon_inc.h | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/pcre2_jit_neon_inc.h b/src/pcre2_jit_neon_inc.h
index e74adf12..165602ed 100644
--- a/src/pcre2_jit_neon_inc.h
+++ b/src/pcre2_jit_neon_inc.h
@@ -183,6 +183,8 @@ restart:;
 #endif
 
 #if defined(FFCPS)
+if (str_ptr >= str_end)
+  return NULL;
 sljit_u8 *p1 = str_ptr - diff;
 #endif
 sljit_s32 align_offset = ((uint64_t)str_ptr & 0xf);
-- 
2.45.1