The bug was found by fuzzing - but it would have been a serious problem if we'd made a release with this bug in.
I have added deterministic assertions, so that we don't rely on fuzzing, in case we make the same (easy) mistake again in future.
It's a little bit cumbersome, since there are two cases when we do write out more items to parsed_pattern than we consume from the input: ")" after (*atomic_script_run:... will write out two META_KETs when it consumes the ")", and secondly a quantifier after (*ACCEPT) can write out a META_NOCAPTURE/META_KET pair.
The code here is rather inelegant, but it's the best I could manage.
A follow-up to #561.
The bug was found by fuzzing - but it would have been a serious problem if we'd made a release with this bug in.
I have added deterministic assertions, so that we don't rely on fuzzing, in case we make the same (easy) mistake again in future.
It's a little bit cumbersome, since there are two cases when we do write out more items to
parsed_patternthan we consume from the input: ")" after(*atomic_script_run:...will write out two META_KETs when it consumes the ")", and secondly a quantifier after(*ACCEPT)can write out a META_NOCAPTURE/META_KET pair.The code here is rather inelegant, but it's the best I could manage.