Bug 167067 - Octal escapes should be max 3 digits and syntax errors in Unicode patterns
Summary: Octal escapes should be max 3 digits and syntax errors in Unicode patterns
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: WebKit Nightly Build
Hardware: All All
: P2 Minor
Assignee: Alexey Shvayka
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2017-01-15 10:25 PST by Erik Corry
Modified: 2020-04-05 14:02 PDT (History)
11 users (show)

See Also:


Attachments
Patch (12.39 KB, patch)
2020-04-04 14:01 PDT, Alexey Shvayka
no flags Details | Formatted Diff | Diff
Patch (13.41 KB, patch)
2020-04-04 21:44 PDT, Alexey Shvayka
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Erik Corry 2017-01-15 10:25:08 PST
/\0000040/.exec(" ") == null

should return true, returns false
Comment 1 Erik Corry 2017-01-15 10:27:08 PST
Actually I think Webkit does the right thing for strings, it's just regexes where leading zeros are erroneously allowed.
Comment 2 Alexey Shvayka 2020-04-04 13:58:54 PDT
(In reply to Erik Corry from comment #1)
> Actually I think Webkit does the right thing for strings, it's just regexes
> where leading zeros are erroneously allowed.

Alright, thank you for report. Some tests for octal escapes in strings:
  LayoutTests/js/basic-strict-mode.html
  LayoutTests/js/numeric-escapes-in-string-literals.html
Comment 3 Alexey Shvayka 2020-04-04 14:01:29 PDT
Created attachment 395460 [details]
Patch
Comment 4 Ross Kirsling 2020-04-04 14:45:10 PDT
Comment on attachment 395460 [details]
Patch

r=me pending EWS
Comment 5 Ross Kirsling 2020-04-04 14:58:58 PDT
Comment on attachment 395460 [details]
Patch

cq-'ing due to the failure under LayoutTests/js.
(Feel free to migrate that test to JSTests/stress if you're feeling adventurous. :p)
Comment 6 Alexey Shvayka 2020-04-04 21:44:06 PDT
Created attachment 395478 [details]
Patch

Adjust fast/regex/pcre-test-1.html test.
Comment 7 Ross Kirsling 2020-04-04 22:09:23 PDT
Comment on attachment 395478 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=395478&action=review

> LayoutTests/fast/regex/script-tests/pcre-test-1.js:998
> -var input0 = "abc\0def\0pqr\0xyz\0AB";
> -var results = ["abc\0def\0pqr\0xyz\0AB"];
> +var input0 = "abc\0def\0pqr\0xyz\0" + "0AB";
> +var results = ["abc\0def\0pqr\0xyz\0" + "0AB"];

Interesting—looks like it's that we (and SM) get confused about what this string even is?
Comment 8 Alexey Shvayka 2020-04-04 22:40:31 PDT
(In reply to Ross Kirsling from comment #7)
> Interesting—looks like it's that we (and SM) get confused about what this
> string even is?

I am using + to add unescaped "0" char without resorting to "\x30".
I've checked V8 and SpiderMonkey, they both limit octal escapes in strings to 3 chars, fail PCRE test before this change and passing after.
Comment 9 Ross Kirsling 2020-04-04 23:12:16 PDT
(In reply to Alexey Shvayka from comment #8)
> (In reply to Ross Kirsling from comment #7)
> > Interesting—looks like it's that we (and SM) get confused about what this
> > string even is?
> 
> I am using + to add unescaped "0" char without resorting to "\x30".
> I've checked V8 and SpiderMonkey, they both limit octal escapes in strings
> to 3 chars, fail PCRE test before this change and passing after.

Er whoops, I'd just gotten myself confused -- it's simply that the shells for JSC and SM stop printing when they hit \0, unlike V8.
Comment 10 EWS 2020-04-05 01:13:00 PDT
Committed r259546: <https://trac.webkit.org/changeset/259546>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 395478 [details].
Comment 11 Radar WebKit Bug Importer 2020-04-05 01:13:15 PDT
<rdar://problem/61311334>