[webkit-changes] [WebKit/WebKit] cd16ef: [Regression] pattern attribute handling for invali...
Michael Saboff
noreply at github.com
Wed Oct 18 21:57:29 PDT 2023
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: cd16ef7144b7cb7f5e3bc2b541c89bccdff5d820
https://github.com/WebKit/WebKit/commit/cd16ef7144b7cb7f5e3bc2b541c89bccdff5d820
Author: Michael Saboff <msaboff at apple.com>
Date: 2023-10-18 (Wed, 18 Oct 2023)
Changed paths:
M JSTests/stress/regexp-vflag-property-of-strings.js
M Source/JavaScriptCore/yarr/YarrParser.h
Log Message:
-----------
[Regression] pattern attribute handling for invalid regular expressions (unicode-invalid-01)
https://bugs.webkit.org/show_bug.cgi?id=261077
rdar://115234392
Reviewed by Yusuke Suzuki.
Fixed issue where RegExp parsing code allowed escaped ClassSetReservedPunctuator characters anywhere in an expression with the 'v' flag.
The ECMAScript standard actually only allows escaped ClassSetReservedPunctuator characters within a ClassSetExpression or a ClassStringDisjunction.
See https://tc39.es/ecma262/#prod-ClassSetExpression and https://tc39.es/ecma262/#prod-ClassStringDisjunction and follow the productions to
ClassSetCharacter which has a production \ ClassSetReservedPunctuator.
Added tests to check the syntax errors when ClassSetReservedPunctuator characters are used incorrectly as well as tests with ClassSetReservedPunctuator
characters in both a Class Set and a Class String Disjunction.
* JSTests/stress/regexp-vflag-property-of-strings.js:
* Source/JavaScriptCore/yarr/YarrParser.h:
(JSC::Yarr::Parser::isIdentityEscapeAnError):
(JSC::Yarr::Parser::parseEscape):
Canonical link: https://commits.webkit.org/269502@main
More information about the webkit-changes
mailing list