YARR doesn't check for invalid flags for literal regular expressions
authormsaboff@apple.com <msaboff@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 14 Sep 2016 23:17:59 +0000 (23:17 +0000)
committermsaboff@apple.com <msaboff@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 14 Sep 2016 23:17:59 +0000 (23:17 +0000)
https://bugs.webkit.org/show_bug.cgi?id=161995

Reviewed by Mark Lam.

JSTests:

New test.

* stress/regress-161995.js: Added.
(testStatic):
(catch):

Source/JavaScriptCore:

Added a new error and a check that the flags are valid when we create a
literal regular expression.

* runtime/RegExp.cpp:
(JSC::RegExp::finishCreation):
* yarr/YarrPattern.cpp:
(JSC::Yarr::YarrPattern::errorMessage):
(JSC::Yarr::YarrPattern::compile):
* yarr/YarrPattern.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@205937 268f45cc-cd09-0410-ab3c-d52691b4dbfc

JSTests/ChangeLog
JSTests/stress/regress-161995.js [new file with mode: 0644]
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/runtime/RegExp.cpp
Source/JavaScriptCore/yarr/YarrPattern.cpp
Source/JavaScriptCore/yarr/YarrPattern.h

index edd3285..6da7bf8 100644 (file)
@@ -1,3 +1,16 @@
+2016-09-14  Michael Saboff  <msaboff@apple.com>
+
+        YARR doesn't check for invalid flags for literal regular expressions
+        https://bugs.webkit.org/show_bug.cgi?id=161995
+
+        Reviewed by Mark Lam.
+
+        New test.
+
+        * stress/regress-161995.js: Added.
+        (testStatic):
+        (catch):
+
 2016-09-14  Joseph Pecoraro  <pecoraro@apple.com>
 
         test262: TypedArray constructors length should be 3 and configurable
diff --git a/JSTests/stress/regress-161995.js b/JSTests/stress/regress-161995.js
new file mode 100644 (file)
index 0000000..604e939
--- /dev/null
@@ -0,0 +1,14 @@
+// Regression test for 161995.
+
+function testStatic()
+{
+    return /a/Z;
+}
+
+try {
+    testStatic();
+    throw "Expected a SyntaxEerror for bad RegExp flags, but didn't get one.";
+} catch(e) {
+    if (e != "SyntaxError: Invalid regular expression: invalid flags")
+        throw "Incorrect exception for bad RegExp flags.  Got: " + e;
+}
index e1440df..74c1bf3 100644 (file)
@@ -1,3 +1,20 @@
+2016-09-14  Michael Saboff  <msaboff@apple.com>
+
+        YARR doesn't check for invalid flags for literal regular expressions
+        https://bugs.webkit.org/show_bug.cgi?id=161995
+
+        Reviewed by Mark Lam.
+
+        Added a new error and a check that the flags are valid when we create a
+        literal regular expression.
+
+        * runtime/RegExp.cpp:
+        (JSC::RegExp::finishCreation):
+        * yarr/YarrPattern.cpp:
+        (JSC::Yarr::YarrPattern::errorMessage):
+        (JSC::Yarr::YarrPattern::compile):
+        * yarr/YarrPattern.h:
+
 2016-09-14  Keith Miller  <keith_miller@apple.com>
 
         Unreviewed, fix the Windows build.
index f6d0e9b..9939704 100644 (file)
@@ -223,7 +223,7 @@ void RegExp::finishCreation(VM& vm)
 {
     Base::finishCreation(vm);
     Yarr::YarrPattern pattern(m_patternString, m_flags, &m_constructionError, vm.stackLimit());
-    if (m_constructionError)
+    if (!isValid())
         m_state = ParseError;
     else
         m_numSubpatterns = pattern.m_numSubpatterns;
index bee8f93..279145d 100644 (file)
@@ -907,7 +907,8 @@ const char* YarrPattern::errorMessage(YarrPattern::ErrorCode error)
         REGEXP_ERROR_PREFIX "invalid unicode {} escape",
         REGEXP_ERROR_PREFIX "invalid escaped character for unicode pattern",
         REGEXP_ERROR_PREFIX "too many nested disjunctions",
-        REGEXP_ERROR_PREFIX "pattern exceeds string length limits"
+        REGEXP_ERROR_PREFIX "pattern exceeds string length limits",
+        REGEXP_ERROR_PREFIX "invalid flags"
     };
 
     return errorMessages[error];
@@ -917,6 +918,9 @@ const char* YarrPattern::compile(const String& patternString, void* stackLimit)
 {
     YarrPatternConstructor constructor(*this, stackLimit);
 
+    if (m_flags == InvalidFlags)
+        return errorMessage(InvalidRegularExpressionFlags);
+
     if (const char* error = parse(constructor, patternString, unicode()))
         return error;
     
index 6eb4ec5..09652ee 100644 (file)
@@ -321,6 +321,7 @@ struct YarrPattern {
         InvalidIdentityEscape,
         TooManyDisjunctions,
         OffsetTooLarge,
+        InvalidRegularExpressionFlags,
         NumberOfErrorCodes
     };