Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: c928bfc4f8173c9862197c957f66189bdc54bbf4
https://github.com/WebKit/WebKit/commit/c928bfc4f8173c9862197c957f66189bdc54bbf4
Author: Michael Saboff <[email protected]>
Date: 2024-08-05 (Mon, 05 Aug 2024)
Changed paths:
A JSTests/stress/regexp-backreference-backtrack-interpreter.js
M Source/JavaScriptCore/yarr/YarrInterpreter.cpp
Log Message:
-----------
Crash in JavaScriptCore: JSC::Yarr::Interpreter<unsigned
char>::matchDisjunction()
rdar://115244009
https://bugs.webkit.org/show_bug.cgi?id=276154
Reviewed by Yusuke Suzuki.
When processing back references, if the referenced capture was empty then the
back reference succeeds without comparing
the characters at the back reference atom with the captured characters. This
was handled with early exits in the
function matchBackReference(), before setting match info like the start
position, match size or match count. This
info is used when backtracking or when matching more in the case of a
non-greedy quantified back reference.
The fix is to move the setting the initial match information before we do any
checks for an empty match or a match comparing
characters. Also added code to properly handle duplicate named capture groups
in the function backtrackBackReference().
Added a new regression test.
* JSTests/stress/regexp-backreference-backtrack-interpreter.js: Added.
(arrayToString):
(objectToString):
(dumpValue):
(compareArray):
(compareGroups):
(testRegExp):
(testRegExpSyntaxError):
* Source/JavaScriptCore/yarr/YarrInterpreter.cpp:
(JSC::Yarr::Interpreter::matchBackReference):
(JSC::Yarr::Interpreter::backtrackBackReference):
Originally-landed-as: 51993233d76f. rdar://132960128
Canonical link: https://commits.webkit.org/281858@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
