Changeset 40131 in webkit for trunk/JavaScriptCore/parser/Lexer.h


Ignore:
Timestamp:
Jan 22, 2009, 1:07:14 PM (16 years ago)
Author:
[email protected]
Message:

<rdar://problem/6516853> (r39682-r39736) JSFunFuzz: crash on "(function(){({ x2: x }), })()"
<https://bugs.webkit.org/show_bug.cgi?id=23479>

Reviewed by Geoff Garen.

Automatic semicolon insertion was resulting in this being accepted in the initial
nodeless parsing, but subsequent reparsing for code generation would fail, leading
to a crash. The solution is to ensure that reparsing a function performs parsing
in the same state as the initial parse. We do this by modifying the saved source
ranges to include rather than exclude the opening and closing braces.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/JavaScriptCore/parser/Lexer.h

    r39556 r40131  
    8989
    9090        void clear();
    91         SourceCode sourceCode(int openBrace, int closeBrace, int firstLine) { return SourceCode(m_source->provider(), openBrace + 1, closeBrace, firstLine); }
     91        SourceCode sourceCode(int openBrace, int closeBrace, int firstLine) { return SourceCode(m_source->provider(), openBrace, closeBrace + 1, firstLine); }
    9292
    9393    private:
Note: See TracChangeset for help on using the changeset viewer.