223666 – [YARR] Interpreter incorrectly matches non-BMP characters with multiple . w/dotAll flag

Bug 223666 - [YARR] Interpreter incorrectly matches non-BMP characters with multiple . w/dotAll flag

Summary: [YARR] Interpreter incorrectly matches non-BMP characters with multiple . w/d...

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	JavaScriptCore (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Michael Saboff

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2021-03-23 18:57 PDT by Michael Saboff
Modified:	2021-03-24 10:29 PDT (History)
CC List:	6 users (show)

See Also:

Attachments
Patch (2.94 KB, patch) 2021-03-23 19:02 PDT, Michael Saboff	mark.lam: review+	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Michael Saboff 2021-03-23 18:57:34 PDT

Similar to the fuzzer bug found in https://bugs.webkit.org/show_bug.cgi?id=223498 - "[YARR] Interpreter incorrectly matches non-BMP characters with multiple .", there is a similar issue when the dotAll flag (s) is used.

String.fromCodePoint(0x10000).match(/../u) should not match but does in the Yarr Interpreter.

Comment 1 Michael Saboff 2021-03-23 18:58:06 PDT

<rdar://75730500>

Comment 2 Michael Saboff 2021-03-23 19:02:55 PDT

Created attachment 424089 [details]
Patch

Comment 3 Mark Lam 2021-03-23 20:01:39 PDT

Comment on attachment 424089 [details]
Patch

r=me

Comment 4 Michael Saboff 2021-03-24 10:29:05 PDT

Committed r274945 (235702@main): <https://commits.webkit.org/235702@main>