Closed Bug 227705 Opened 21 years ago Closed 20 years ago

Accessing *state->cpend in jsregexp.c

Categories

(Core :: JavaScript Engine, defect)

defect
Not set
normal

Tracking

()

RESOLVED FIXED

People

(Reporter: igor, Unassigned)

Details

Attachments

(1 file)

The lines 483-485 in jsregexp.c contain:

                if ((state->cp < state->cpend) && (*state->cp == '?')
                        && ( (state->cp[1] == '=')
                                || (state->cp[1] == '!')
                                || (state->cp[1] == ':') )) {

which would access a character at state->cpend for regexp like /(?/. AFAIK since
all char arrays are 0-terminated, it does not cause any problems, but it still I
guess violates recommended practice.

In addition the line 488 contains useless check against state->cpend which
always passes since the initial "if" guaranties that at that point (state->cp <
state->cpend)
Attached patch FixSplinter Review
Attachment #136972 - Flags: review?(brendan)
CC Brendan for review
Comment on attachment 136972 [details] [diff] [review]
Fix

I actually checked in a much bigger change that included a version of this fix.

/be
Attachment #136972 - Flags: review?(brendan) → review+
.
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: