Skip to site navigation (Press enter)

[webkit-changes] [205937] trunk

msaboff Wed, 14 Sep 2016 16:17:46 -0700

Title: [205937] trunk

Revision: 205937
Author: [email protected]
Date: 2016-09-14 16:17:59 -0700 (Wed, 14 Sep 2016)

Log Message

YARR doesn't check for invalid flags for literal regular expressions
https://bugs.webkit.org/show_bug.cgi?id=161995


Reviewed by Mark Lam.

JSTests:

New test.

* stress/regress-161995.js: Added.
(testStatic):
(catch):

Source/_javascript_Core:

Added a new error and a check that the flags are valid when we create a
literal regular _expression_.

* runtime/RegExp.cpp:
(JSC::RegExp::finishCreation):
* yarr/YarrPattern.cpp:
(JSC::Yarr::YarrPattern::errorMessage):
(JSC::Yarr::YarrPattern::compile):
* yarr/YarrPattern.h:

Modified Paths

trunk/JSTests/ChangeLog
trunk/Source/_javascript_Core/ChangeLog
trunk/Source/_javascript_Core/runtime/RegExp.cpp
trunk/Source/_javascript_Core/yarr/YarrPattern.cpp
trunk/Source/_javascript_Core/yarr/YarrPattern.h

Added Paths

trunk/JSTests/stress/regress-161995.js

Diff

Modified: trunk/JSTests/ChangeLog (205936 => 205937)


--- trunk/JSTests/ChangeLog	2016-09-14 23:15:46 UTC (rev 205936)
+++ trunk/JSTests/ChangeLog	2016-09-14 23:17:59 UTC (rev 205937)
@@ -1,3 +1,16 @@
+2016-09-14  Michael Saboff  <[email protected]>
+
+        YARR doesn't check for invalid flags for literal regular expressions
+        https://bugs.webkit.org/show_bug.cgi?id=161995
+
+        Reviewed by Mark Lam.
+
+        New test.
+
+        * stress/regress-161995.js: Added.
+        (testStatic):
+        (catch):
+
 2016-09-14  Joseph Pecoraro  <[email protected]>
 
         test262: TypedArray constructors length should be 3 and configurable

Added: trunk/JSTests/stress/regress-161995.js (0 => 205937)


--- trunk/JSTests/stress/regress-161995.js	                        (rev 0)
+++ trunk/JSTests/stress/regress-161995.js	2016-09-14 23:17:59 UTC (rev 205937)
@@ -0,0 +1,14 @@
+// Regression test for 161995.
+
+function testStatic()
+{
+    return /a/Z;
+}
+
+try {
+    testStatic();
+    throw "Expected a SyntaxEerror for bad RegExp flags, but didn't get one.";
+} catch(e) {
+    if (e != "SyntaxError: Invalid regular _expression_: invalid flags")
+        throw "Incorrect exception for bad RegExp flags.  Got: " + e;
+}

Modified: trunk/Source/_javascript_Core/ChangeLog (205936 => 205937)


--- trunk/Source/_javascript_Core/ChangeLog	2016-09-14 23:15:46 UTC (rev 205936)
+++ trunk/Source/_javascript_Core/ChangeLog	2016-09-14 23:17:59 UTC (rev 205937)
@@ -1,3 +1,20 @@
+2016-09-14  Michael Saboff  <[email protected]>
+
+        YARR doesn't check for invalid flags for literal regular expressions
+        https://bugs.webkit.org/show_bug.cgi?id=161995
+
+        Reviewed by Mark Lam.
+
+        Added a new error and a check that the flags are valid when we create a
+        literal regular _expression_.
+
+        * runtime/RegExp.cpp:
+        (JSC::RegExp::finishCreation):
+        * yarr/YarrPattern.cpp:
+        (JSC::Yarr::YarrPattern::errorMessage):
+        (JSC::Yarr::YarrPattern::compile):
+        * yarr/YarrPattern.h:
+
 2016-09-14  Keith Miller  <[email protected]>
 
         Unreviewed, fix the Windows build.

Modified: trunk/Source/_javascript_Core/runtime/RegExp.cpp (205936 => 205937)


--- trunk/Source/_javascript_Core/runtime/RegExp.cpp	2016-09-14 23:15:46 UTC (rev 205936)
+++ trunk/Source/_javascript_Core/runtime/RegExp.cpp	2016-09-14 23:17:59 UTC (rev 205937)
@@ -223,7 +223,7 @@
 {
     Base::finishCreation(vm);
     Yarr::YarrPattern pattern(m_patternString, m_flags, &m_constructionError, vm.stackLimit());
-    if (m_constructionError)
+    if (!isValid())
         m_state = ParseError;
     else
         m_numSubpatterns = pattern.m_numSubpatterns;

Modified: trunk/Source/_javascript_Core/yarr/YarrPattern.cpp (205936 => 205937)


--- trunk/Source/_javascript_Core/yarr/YarrPattern.cpp	2016-09-14 23:15:46 UTC (rev 205936)
+++ trunk/Source/_javascript_Core/yarr/YarrPattern.cpp	2016-09-14 23:17:59 UTC (rev 205937)
@@ -907,7 +907,8 @@
         REGEXP_ERROR_PREFIX "invalid unicode {} escape",
         REGEXP_ERROR_PREFIX "invalid escaped character for unicode pattern",
         REGEXP_ERROR_PREFIX "too many nested disjunctions",
-        REGEXP_ERROR_PREFIX "pattern exceeds string length limits"
+        REGEXP_ERROR_PREFIX "pattern exceeds string length limits",
+        REGEXP_ERROR_PREFIX "invalid flags"
     };
 
     return errorMessages[error];
@@ -917,6 +918,9 @@
 {
     YarrPatternConstructor constructor(*this, stackLimit);
 
+    if (m_flags == InvalidFlags)
+        return errorMessage(InvalidRegularExpressionFlags);
+
     if (const char* error = parse(constructor, patternString, unicode()))
         return error;

Modified: trunk/Source/_javascript_Core/yarr/YarrPattern.h (205936 => 205937)


--- trunk/Source/_javascript_Core/yarr/YarrPattern.h	2016-09-14 23:15:46 UTC (rev 205936)
+++ trunk/Source/_javascript_Core/yarr/YarrPattern.h	2016-09-14 23:17:59 UTC (rev 205937)
@@ -321,6 +321,7 @@
         InvalidIdentityEscape,
         TooManyDisjunctions,
         OffsetTooLarge,
+        InvalidRegularExpressionFlags,
         NumberOfErrorCodes
     };

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes