Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Commit 57bb21b

Browse files
fix heap-buffer-overflow in lexer_compare_identifier_to_char
JerryScript-DCO-1.0-Signed-off-by: tangbin 2387440390@qq.com
1 parent 5020015 commit 57bb21b

File tree

2 files changed

+26
-2
lines changed

2 files changed

+26
-2
lines changed

‎jerry-core/parser/js/js-lexer.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3322,7 +3322,7 @@ lexer_compare_identifier_to_chars (const uint8_t *left_p, /**< left identifier *
33223322
{
33233323
uint8_t utf8_buf[6];
33243324

3325-
do
3325+
while (size>0)
33263326
{
33273327
if (*left_p == *right_p)
33283328
{
@@ -3362,7 +3362,7 @@ lexer_compare_identifier_to_chars (const uint8_t *left_p, /**< left identifier *
33623362
return false;
33633363
}
33643364
} while (--escape_size > 0);
3365-
}while (size>0);
3365+
}
33663366

33673367
return true;
33683368
} /* lexer_compare_identifier_to_chars */
Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,24 @@
1+
// Copyright JS Foundation and other contributors, http://js.foundation
2+
//
3+
// Licensed under the Apache License, Version 2.0 (the "License");
4+
// you may not use this file except in compliance with the License.
5+
// You may obtain a copy of the License at
6+
//
7+
// http://www.apache.org/licenses/LICENSE-2.0
8+
//
9+
// Unless required by applicable law or agreed to in writing, software
10+
// distributed under the License is distributed on an "AS IS" BASIS
11+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12+
// See the License for the specific language governing permissions and
13+
// limitations under the License.
14+
15+
function check_syntax_error(code) {
16+
try {
17+
eval(code)
18+
assert(false)
19+
} catch (e) {
20+
assert(e instanceof SyntaxError)
21+
}
22+
}
23+
24+
check_syntax_error("class C {#static async''");

0 commit comments

Comments
(0)

AltStyle によって変換されたページ (->オリジナル) /