From 350f8071793b177a04a7280001eecfd8d5ee4c36 Mon Sep 17 00:00:00 2001 From: HyukWoo Park Date: Mon, 2 Dec 2024 15:56:46 +0900 Subject: [PATCH] Fix bugs in RegExp Signed-off-by: HyukWoo Park --- src/runtime/RegExpObject.cpp | 7 ++++++- test/vendortest | 2 +- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/src/runtime/RegExpObject.cpp b/src/runtime/RegExpObject.cpp index 1c5e17b05..72c435cf8 100644 --- a/src/runtime/RegExpObject.cpp +++ b/src/runtime/RegExpObject.cpp @@ -336,11 +336,15 @@ bool RegExpObject::match(ExecutionState& state, String* str, RegexMatchResult& m WTF::BumpPointerAllocator* bumpAlloc = ThreadLocal::bumpPointerAllocator(); JSC::Yarr::ErrorCode errorCode = JSC::Yarr::ErrorCode::NoError; std::unique_ptr ownedBytecode = JSC::Yarr::byteCompile(*m_yarrPattern, bumpAlloc, errorCode); + if (errorCode != JSC::Yarr::ErrorCode::NoError) { + return false; + } m_bytecodePattern = ownedBytecode.release(); entry.m_bytecodePattern = m_bytecodePattern; } } + ASSERT(!!m_bytecodePattern); unsigned subPatternNum = m_bytecodePattern->m_body->m_numSubpatterns; matchResult.m_subPatternNum = (int)subPatternNum; size_t length = str->length(); @@ -349,7 +353,8 @@ bool RegExpObject::match(ExecutionState& state, String* str, RegexMatchResult& m bool isGlobal = option() & RegExpObject::Option::Global; bool isSticky = option() & RegExpObject::Option::Sticky; bool gotResult = false; - unsigned* outputBuf = ALLOCA(sizeof(unsigned) * 2 * (subPatternNum + 1), unsigned int); + unsigned outputBufLength = std::max((2 * (subPatternNum + 1)), m_bytecodePattern->m_offsetsSize); + unsigned* outputBuf = ALLOCA(sizeof(unsigned) * outputBufLength, unsigned int); outputBuf[1] = start; do { start = outputBuf[1]; diff --git a/test/vendortest b/test/vendortest index 4d76c58d4..02bd12536 160000 --- a/test/vendortest +++ b/test/vendortest @@ -1 +1 @@ -Subproject commit 4d76c58d4881167cdc415e859ad2c1c9e281c0f9 +Subproject commit 02bd1253605d5e6bed0c09de126bf4c90d7595bb