Skip to content

automata: fix onepass::DFA::try_search_slots panic when too many slots are given#1330

Merged
BurntSushi merged 1 commit intomasterfrom
ag/fix-panic-too-many-slots
Feb 3, 2026
Merged

automata: fix onepass::DFA::try_search_slots panic when too many slots are given#1330
BurntSushi merged 1 commit intomasterfrom
ag/fix-panic-too-many-slots

Conversation

@BurntSushi
Copy link
Member

@BurntSushi BurntSushi commented Jan 30, 2026
edited
Loading

The API specifically documents that the caller may provide any number
of slots. But the onepass implementation was panicking when too many
were provided. (I had only considered the case when too few were
provided when I wrote one-pass implementation I think.)

This already works for the PikeVM and the bounded backtracker. This
commit adds tests covering those as well.

Note that the bug report specifically cites a zero-repetition capture
group as the instigator here. While that may have provided the
circumstances for the bug to appear, the actual bug is more general than
that. You don't need any capture groups at all to provoke it. You just
need to provide more slots than there are in the compiled regex.

Fixes #1327, Closes #1329

@BurntSushi BurntSushi force-pushed the ag/fix-panic-too-many-slots branch 2 times, most recently from f03bef3 to 685c875 Compare January 30, 2026 18:32
@BurntSushi BurntSushi mentioned this pull request Jan 30, 2026
Closed
keith-hall
keith-hall approved these changes Jan 30, 2026
View reviewed changes
Copy link
Contributor

@keith-hall keith-hall left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me

@BurntSushi BurntSushi force-pushed the ag/fix-panic-too-many-slots branch from 685c875 to fde882c Compare February 3, 2026 12:20
@keith-hall @BurntSushi
automata: fix onepass::DFA::try_search_slots panic when too many sl…
9369075 
…ots are given

The API specifically documents that the caller may provide *any* number
of slots. But the onepass implementation was panicking when too many
were provided. (I had only considered the case when too few were
provided when I wrote one-pass implementation I think.)

This already works for the PikeVM and the bounded backtracker. This
commit adds tests covering those as well.

Note that the bug report specifically cites a zero-repetition capture
group as the instigator here. While that may have provided the
circumstances for the bug to appear, the actual bug is more general than
that. You don't need any capture groups at all to provoke it. You just
need to provide more slots than there are in the compiled regex.

Fixes #1327, Closes #1329
@BurntSushi BurntSushi force-pushed the ag/fix-panic-too-many-slots branch from fde882c to 9369075 Compare February 3, 2026 12:22
@BurntSushi BurntSushi merged commit 4733e28 into master Feb 3, 2026
19 checks passed
@BurntSushi BurntSushi deleted the ag/fix-panic-too-many-slots branch February 3, 2026 12:35
@BurntSushi
Copy link
Member Author

BurntSushi commented Feb 3, 2026
edited
Loading

This PR is on crates.io in regex-automata 0.4.14.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@keith-hall keith-hall keith-hall approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

zero repetition capture groups and search slots panic

2 participants

@BurntSushi @keith-hall