[njs] Fixed for-in rhs expression parsing error handling.
Vadim Zhestikov
v.zhestikov at f5.com
Wed Nov 16 17:18:03 UTC 2022
details: https://hg.nginx.org/njs/rev/0d0b16ecf796
branches:
changeset: 2000:0d0b16ecf796
user: Vadim Zhestikov <v.zhestikov at f5.com>
date: Wed Nov 16 09:15:39 2022 -0800
description:
Fixed for-in rhs expression parsing error handling.
This fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53426.
diffstat:
src/njs_parser.c | 2 +-
src/test/njs_unit_test.c | 3 +++
2 files changed, 4 insertions(+), 1 deletions(-)
diffs (25 lines):
diff -r 046a493850bc -r 0d0b16ecf796 src/njs_parser.c
--- a/src/njs_parser.c Tue Nov 15 18:38:49 2022 -0800
+++ b/src/njs_parser.c Wed Nov 16 09:15:39 2022 -0800
@@ -6054,7 +6054,7 @@ njs_parser_for_in_statement_statement(nj
{
njs_parser_node_t *forin;
- if (token->type != NJS_TOKEN_CLOSE_PARENTHESIS) {
+ if (parser->ret != NJS_OK || token->type != NJS_TOKEN_CLOSE_PARENTHESIS) {
return njs_parser_failed(parser);
}
diff -r 046a493850bc -r 0d0b16ecf796 src/test/njs_unit_test.c
--- a/src/test/njs_unit_test.c Tue Nov 15 18:38:49 2022 -0800
+++ b/src/test/njs_unit_test.c Wed Nov 16 09:15:39 2022 -0800
@@ -2962,6 +2962,9 @@ static njs_unit_test_t njs_test[] =
{ njs_str("for ((a,b,c) => {};;) {break}"),
njs_str("undefined") },
+ { njs_str("for(I in``[)8"),
+ njs_str("SyntaxError: Unexpected token \")\" in 1") },
+
/* switch. */
{ njs_str("switch"),
More information about the nginx-devel
mailing list