details: http://hg.nginx.org/njs/rev/be8d68d4b8b5 branches: changeset: 342:be8d68d4b8b5 user: Igor Sysoev <i...@sysoev.ru> date: Fri May 26 20:07:24 2017 +0300 description: parseInt() did not test invalid values.
diffstat: njs/njs_number.c | 22 ++++++++++++---------- njs/njs_number.h | 3 +-- njs/njs_parser.c | 7 ++++--- njs/test/njs_unit_test.c | 10 ++++++++-- 4 files changed, 25 insertions(+), 17 deletions(-) diffs (117 lines): diff -r fc6c8da00858 -r be8d68d4b8b5 njs/njs_number.c --- a/njs/njs_number.c Thu May 25 14:16:31 2017 +0300 +++ b/njs/njs_number.c Fri May 26 20:07:24 2017 +0300 @@ -132,9 +132,11 @@ njs_number_parse(const u_char **start, c int64_t -njs_number_radix_parse(u_char *p, u_char *end, uint8_t radix, nxt_bool_t exact) +njs_number_radix_parse(u_char **start, u_char *end, uint8_t radix) { + u_char *p; uint8_t d; + int64_t num; uint64_t n; static const int8_t digits[256] @@ -158,19 +160,23 @@ njs_number_radix_parse(u_char *p, u_char -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, }; + num = -1; n = 0; - while (p < end) { - d = digits[*p++]; + for (p = *start; p < end; p++) { + d = digits[*p]; if (nxt_slow_path(d >= radix)) { - return (exact) ? -1 : (int64_t) n; + break; } n = (n * radix) + d; + num = n; } - return n; + *start = p; + + return num; } @@ -715,11 +721,7 @@ njs_number_parse_int(njs_vm_t *vm, njs_v radix = 16; } - if (p == end) { - goto done; - } - - n = njs_number_radix_parse(p, end, radix, 0); + n = njs_number_radix_parse(&p, end, radix); if (n >= 0) { num = (minus) ? -n : n; diff -r fc6c8da00858 -r be8d68d4b8b5 njs/njs_number.h --- a/njs/njs_number.h Thu May 25 14:16:31 2017 +0300 +++ b/njs/njs_number.h Fri May 26 20:07:24 2017 +0300 @@ -13,8 +13,7 @@ double njs_value_to_number(njs_value_t *value); double njs_number_parse(const u_char **start, const u_char *end); -int64_t njs_number_radix_parse(u_char *p, u_char *end, uint8_t radix, - nxt_bool_t exact); +int64_t njs_number_radix_parse(u_char **start, u_char *end, uint8_t radix); njs_ret_t njs_number_to_string(njs_vm_t *vm, njs_value_t *string, const njs_value_t *number); njs_ret_t njs_number_constructor(njs_vm_t *vm, njs_value_t *args, diff -r fc6c8da00858 -r be8d68d4b8b5 njs/njs_parser.c --- a/njs/njs_parser.c Thu May 25 14:16:31 2017 +0300 +++ b/njs/njs_parser.c Fri May 26 20:07:24 2017 +0300 @@ -2429,12 +2429,13 @@ njs_parser_escape_string_create(njs_vm_t goto invalid; } - u = njs_number_radix_parse(src, hex_end, 16, 1); - if (nxt_slow_path(u < 0)) { + u = njs_number_radix_parse(&src, hex_end, 16); + + if (nxt_slow_path(src != hex_end)) { goto invalid; } - src = hex_end + skip; + src += skip; size += nxt_utf8_size(u); length++; diff -r fc6c8da00858 -r be8d68d4b8b5 njs/test/njs_unit_test.c --- a/njs/test/njs_unit_test.c Thu May 25 14:16:31 2017 +0300 +++ b/njs/test/njs_unit_test.c Fri May 26 20:07:24 2017 +0300 @@ -3139,6 +3139,9 @@ static njs_unit_test_t njs_test[] = { nxt_string("'\\u'"), nxt_string("SyntaxError: Invalid Unicode code point \"\\u\" in 1") }, + { nxt_string("'\\uzzzz'"), + nxt_string("SyntaxError: Invalid Unicode code point \"\\uzzzz\" in 1") }, + { nxt_string("'\\u03B'"), nxt_string("SyntaxError: Invalid Unicode code point \"\\u03B\" in 1") }, @@ -7050,8 +7053,11 @@ static njs_unit_test_t njs_test[] = { nxt_string("parseInt('0x')"), nxt_string("NaN") }, - { nxt_string("parseInt('0x', 10)"), - nxt_string("0") }, + { nxt_string("parseInt('z')"), + nxt_string("NaN") }, + + { nxt_string("parseInt('0xz')"), + nxt_string("NaN") }, { nxt_string("parseInt('0x', 16)"), nxt_string("NaN") }, _______________________________________________ nginx-devel mailing list nginx-devel@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx-devel