RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-26 19:27:45 +00:00
Code Issues Activity Actions

LibRegex: Treat brace quantifiers with invalid contents as literals

Browse source 
Fixes #6208.
This commit is contained in:
AnotherTest 2021-04-10 09:10:44 +04:30 committed by Andreas Kling
parent 25d336bc27
commit 1b071455b1
2 changed files with 32 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

9
Userland/Libraries/LibJS/Tests/builtins/RegExp/RegExp.prototype.exec.js
View file

@ -127,3 +127,12 @@ test("non-greedy brace quantifier", () => {
expect(res.length).toBe(1); expect(res.length).toBe(1);
expect(res[0]).toBe("abc"); expect(res[0]).toBe("abc");
}); });
// #6208
test("brace quantifier with invalid contents", () => {
let re = /{{lit-746579221856449}}|<!--{{lit-746579221856449}}-->/;
let res = re.exec("{{lit-746579221856449}}");
expect(res.length).toBe(1);
expect(res[0]).toBe("{{lit-746579221856449}}");
});

31
Userland/Libraries/LibRegex/RegexParser.cpp
View file

@ -880,7 +880,7 @@ StringView ECMA262Parser::read_digits_as_string(ReadDigitsInitialZeroState initi
size_t offset = 0; size_t offset = 0;
auto start_token = m_parser_state.current_token; auto start_token = m_parser_state.current_token;
while (match(TokenType::Char)) { while (match(TokenType::Char)) {
auto c = m_parser_state.current_token.value(); auto& c = m_parser_state.current_token.value();
if (follow_policy == ReadDigitFollowPolicy::DisallowNonDigit) { if (follow_policy == ReadDigitFollowPolicy::DisallowNonDigit) {
if (hex && !AK::StringUtils::convert_to_uint_from_hex(c).has_value()) if (hex && !AK::StringUtils::convert_to_uint_from_hex(c).has_value())
@ -892,6 +892,11 @@ StringView ECMA262Parser::read_digits_as_string(ReadDigitsInitialZeroState initi
if (max_count > 0 && count >= max_count) if (max_count > 0 && count >= max_count)
break; break;
if (hex && !AK::StringUtils::convert_to_uint_from_hex(c).has_value())
break;
if (!hex && !c.to_uint().has_value())
break;
offset += consume().value().length(); offset += consume().value().length();
++count; ++count;
} }
@ -933,31 +938,41 @@ bool ECMA262Parser::parse_quantifier(ByteCode& stack, size_t& match_length_minim
repetition_mark = Repetition::Optional; repetition_mark = Repetition::Optional;
} else if (match(TokenType::LeftCurly)) { } else if (match(TokenType::LeftCurly)) {
consume(); consume();
auto chars_consumed = 1;
repetition_mark = Repetition::Explicit; repetition_mark = Repetition::Explicit;
auto low_bound = read_digits(); auto low_bound_string = read_digits_as_string();
chars_consumed += low_bound_string.length();
auto low_bound = low_bound_string.to_uint();
if (!low_bound.has_value()) { if (!low_bound.has_value()) {
set_error(Error::InvalidBraceContent); back(chars_consumed + 1);
return false; return true;
} }
repeat_min = low_bound.value(); repeat_min = low_bound.value();
if (match(TokenType::Comma)) { if (match(TokenType::Comma)) {
consume(); consume();
auto high_bound = read_digits(); ++chars_consumed;
if (high_bound.has_value()) auto high_bound_string = read_digits_as_string();
auto high_bound = high_bound_string.to_uint();
if (high_bound.has_value()) {
repeat_max = high_bound.value(); repeat_max = high_bound.value();
chars_consumed += high_bound_string.length();
}
} else { } else {
repeat_max = repeat_min; repeat_max = repeat_min;
} }
if (!match(TokenType::RightCurly)) { if (!match(TokenType::RightCurly)) {
set_error(Error::MismatchingBrace); back(chars_consumed + 1);
return false; return true;
} }
consume(); consume();
++chars_consumed;
if (repeat_max.has_value()) { if (repeat_max.has_value()) {
if (repeat_min.value() > repeat_max.value()) if (repeat_min.value() > repeat_max.value())