diff options
| author | László Langó <llango.u-szeged@partner.samsung.com> | 2018-06-11 09:25:53 +0200 |
|---|---|---|
| committer | yichoi <duddlf.choi@samsung.com> | 2018-06-11 16:25:53 +0900 |
| commit | f32c18313738c3b42574ba0916295c3fb7207ea0 (patch) | |
| tree | 7c5ef6f2f6080880f498899f92f82cc006a6dbcb /jerry-core | |
| parent | bd0ea4f474e4922c4ef85950ac341fb01e461eb3 (diff) | |
Fixed assertion in 're_insert_into_group'. (#2388)
Assertion 'qmin <= qmax' failed in 're_insert_into_group', but
it should throw a SyntaxError. Fixes #2384.
JerryScript-DCO-1.0-Signed-off-by: László Langó llango.u-szeged@partner.samsung.com
Diffstat (limited to 'jerry-core')
| -rw-r--r-- | jerry-core/parser/regexp/re-compiler.c | 48 |
1 files changed, 32 insertions, 16 deletions
diff --git a/jerry-core/parser/regexp/re-compiler.c b/jerry-core/parser/regexp/re-compiler.c index 9046fa46..89df5829 100644 --- a/jerry-core/parser/regexp/re-compiler.c +++ b/jerry-core/parser/regexp/re-compiler.c @@ -75,7 +75,8 @@ re_insert_simple_iterator (re_compiler_ctx_t *re_ctx_p, /**< RegExp compiler con } else if (qmin > qmax) { - return ecma_raise_syntax_error (ECMA_ERR_MSG ("RegExp quantifier error: qmin > qmax.")); + /* ECMA-262 v5.1 15.10.2.5 */ + return ecma_raise_syntax_error (ECMA_ERR_MSG ("RegExp quantifier error: min > max.")); } /* TODO: optimize bytecode length. Store 0 rather than INF */ @@ -166,23 +167,31 @@ re_get_end_opcode_type (re_compiler_ctx_t *re_ctx_p, /**< RegExp compiler contex /** * Enclose the given bytecode to a group + * + * @return empty ecma value - if inserted successfully + * error ecma value - otherwise + * + * Returned value must be freed with ecma_free_value */ -static void +static ecma_value_t re_insert_into_group (re_compiler_ctx_t *re_ctx_p, /**< RegExp compiler context */ uint32_t group_start_offset, /**< offset of group start */ uint32_t idx, /**< index of group */ bool is_capturable) /**< is capturable group */ { - uint32_t qmin, qmax; + uint32_t qmin = re_ctx_p->current_token.qmin; + uint32_t qmax = re_ctx_p->current_token.qmax; + + if (qmin > qmax) + { + /* ECMA-262 v5.1 15.10.2.5 */ + return ecma_raise_syntax_error (ECMA_ERR_MSG ("RegExp quantifier error: min > max.")); + } + re_opcode_t start_opcode = re_get_start_opcode_type (re_ctx_p, is_capturable); re_opcode_t end_opcode = re_get_end_opcode_type (re_ctx_p, is_capturable); - uint32_t start_head_offset_len; - qmin = re_ctx_p->current_token.qmin; - qmax = re_ctx_p->current_token.qmax; - JERRY_ASSERT (qmin <= qmax); - - start_head_offset_len = re_get_bytecode_length (re_ctx_p->bytecode_ctx_p); + uint32_t start_head_offset_len = re_get_bytecode_length (re_ctx_p->bytecode_ctx_p); re_insert_u32 (re_ctx_p->bytecode_ctx_p, group_start_offset, idx); re_insert_opcode (re_ctx_p->bytecode_ctx_p, group_start_offset, start_opcode); start_head_offset_len = re_get_bytecode_length (re_ctx_p->bytecode_ctx_p) - start_head_offset_len; @@ -201,12 +210,19 @@ re_insert_into_group (re_compiler_ctx_t *re_ctx_p, /**< RegExp compiler context group_start_offset, re_get_bytecode_length (re_ctx_p->bytecode_ctx_p) - group_start_offset); } + + return ECMA_VALUE_EMPTY; } /* re_insert_into_group */ /** * Enclose the given bytecode to a group and inster jump value + * + * @return empty ecma value - if inserted successfully + * error ecma value - otherwise + * + * Returned value must be freed with ecma_free_value */ -static void +static ecma_value_t re_insert_into_group_with_jump (re_compiler_ctx_t *re_ctx_p, /**< RegExp compiler context */ uint32_t group_start_offset, /**< offset of group start */ uint32_t idx, /**< index of group */ @@ -215,7 +231,7 @@ re_insert_into_group_with_jump (re_compiler_ctx_t *re_ctx_p, /**< RegExp compile re_insert_u32 (re_ctx_p->bytecode_ctx_p, group_start_offset, re_get_bytecode_length (re_ctx_p->bytecode_ctx_p) - group_start_offset); - re_insert_into_group (re_ctx_p, group_start_offset, idx, is_capturable); + return re_insert_into_group (re_ctx_p, group_start_offset, idx, is_capturable); } /* re_insert_into_group_with_jump */ /** @@ -261,7 +277,7 @@ re_parse_alternative (re_compiler_ctx_t *re_ctx_p, /**< RegExp compiler context if (ecma_is_value_empty (ret_value)) { - re_insert_into_group (re_ctx_p, new_atom_start_offset, idx, true); + ret_value = re_insert_into_group (re_ctx_p, new_atom_start_offset, idx, true); } break; @@ -275,7 +291,7 @@ re_parse_alternative (re_compiler_ctx_t *re_ctx_p, /**< RegExp compiler context if (ecma_is_value_empty (ret_value)) { - re_insert_into_group (re_ctx_p, new_atom_start_offset, idx, false); + ret_value = re_insert_into_group (re_ctx_p, new_atom_start_offset, idx, false); } break; @@ -345,7 +361,7 @@ re_parse_alternative (re_compiler_ctx_t *re_ctx_p, /**< RegExp compiler context { re_append_opcode (bc_ctx_p, RE_OP_MATCH); - re_insert_into_group_with_jump (re_ctx_p, new_atom_start_offset, idx, false); + ret_value = re_insert_into_group_with_jump (re_ctx_p, new_atom_start_offset, idx, false); } break; @@ -362,7 +378,7 @@ re_parse_alternative (re_compiler_ctx_t *re_ctx_p, /**< RegExp compiler context { re_append_opcode (bc_ctx_p, RE_OP_MATCH); - re_insert_into_group_with_jump (re_ctx_p, new_atom_start_offset, idx, false); + ret_value = re_insert_into_group_with_jump (re_ctx_p, new_atom_start_offset, idx, false); } break; @@ -381,7 +397,7 @@ re_parse_alternative (re_compiler_ctx_t *re_ctx_p, /**< RegExp compiler context re_append_opcode (bc_ctx_p, RE_OP_BACKREFERENCE); re_append_u32 (bc_ctx_p, backref); - re_insert_into_group_with_jump (re_ctx_p, new_atom_start_offset, idx, false); + ret_value = re_insert_into_group_with_jump (re_ctx_p, new_atom_start_offset, idx, false); break; } case RE_TOK_DIGIT: |