Heap out of bounds read in JSC::Yarr::Parser<JSC::Yarr::SyntaxChecker, unsigned char...
authormsaboff@apple.com <msaboff@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 28 Sep 2017 04:48:51 +0000 (04:48 +0000)
committermsaboff@apple.com <msaboff@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 28 Sep 2017 04:48:51 +0000 (04:48 +0000)
commit250cd2e8aec176a1fac9186a9c340c9f0625e553
tree94ac8a550f98397c8997400fd015f91ab3598d68
parent9574bdaabf6d44246b241f067f39c9ccb16f627f
Heap out of bounds read in JSC::Yarr::Parser<JSC::Yarr::SyntaxChecker, unsigned char>::peek()
https://bugs.webkit.org/show_bug.cgi?id=177423

Reviewed by Mark Lam.

JSTests:

Updated regression test.

* stress/regress-177423.js:
(catch):

Source/JavaScriptCore:

Updated fix that restructures that changes the do ... while to a while and adds another
atEndOfPattern() check before looking for the first named group identifier character.

* yarr/YarrParser.h:
(JSC::Yarr::Parser::tryConsumeGroupName):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@222600 268f45cc-cd09-0410-ab3c-d52691b4dbfc
JSTests/ChangeLog
JSTests/stress/regress-177423.js
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/yarr/YarrParser.h