diff options
| author | Ali Mohammad Pur <ali.mpfard@gmail.com> | 2023-04-13 21:12:59 +0330 |
|---|---|---|
| committer | Andreas Kling <kling@serenityos.org> | 2023-04-14 12:33:54 +0200 |
| commit | eba466b8e766bd69992b8cf2dcd300538713fda5 (patch) | |
| tree | f69a9c60bd464cac6b02c914211545508ffadb40 /Userland/Libraries | |
| parent | 821702fadd551ffa987d7caae98ba10b18a8b153 (diff) | |
| download | serenity-eba466b8e766bd69992b8cf2dcd300538713fda5.zip | |
LibRegex: Avoid calling GenericLexer::consume() past EOF
The consume(size_t) overload consumes "at most" as many bytes as
requested, but consume() consumes exactly one byte.
This commit makes sure to avoid consuming past EOF.
Fixes #18324.
Fixes #18325.
Diffstat (limited to 'Userland/Libraries')
| -rw-r--r-- | Userland/Libraries/LibRegex/RegexParser.cpp | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/Userland/Libraries/LibRegex/RegexParser.cpp b/Userland/Libraries/LibRegex/RegexParser.cpp index 136b7a97f2..24d378e8a9 100644 --- a/Userland/Libraries/LibRegex/RegexParser.cpp +++ b/Userland/Libraries/LibRegex/RegexParser.cpp @@ -2695,17 +2695,22 @@ size_t ECMA262Parser::ensure_total_number_of_capturing_parenthesis() while (!lexer.is_eof()) { switch (lexer.peek()) { case '\\': - lexer.consume(2); + lexer.consume(min(lexer.tell_remaining(), 2)); continue; case '[': while (!lexer.is_eof()) { if (lexer.consume_specific('\\')) { + if (lexer.is_eof()) + break; lexer.consume(); continue; } if (lexer.consume_specific(']')) { break; } + + if (lexer.is_eof()) + break; lexer.consume(); } break; |