Bug 146304
| Summary: | ExceptionHelpers.cpp::functionCallBase doesn't properly handle embedded comments and string literals | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Michael Saboff <msaboff> |
| Component: | JavaScriptCore | Assignee: | Nobody <webkit-unassigned> |
| Status: | NEW | ||
| Severity: | Normal | ||
| Priority: | P2 | ||
| Version: | 528+ (Nightly build) | ||
| Hardware: | All | ||
| OS: | All | ||
Michael Saboff
The loop in functionCallBase() tries to match parenthesis. It tries to recognize multiline comments, but either the comment constructs or parens could actually be inside a string literal and the code doesn't handle those cases.
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Michael Saboff
Here are some examples of cases that the function does not properly handle:
foo.bar("/abc\)*/")
blah(/* A /* B */ x, y)
baz("((((")