beenull/ladybird
1
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2024-11-22 07:30:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

LibJS: Fix incorrect Lexer VERIFY when parsing Unicode characters

Browse source 
This bug was discovered via OSS fuzz, it's possible to fall through
to this assert with a char_size == 1, so we need to account for that
in the VERIFY(..).

Repro test case can be found in the OSS fuzz bug:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37296
This commit is contained in:
Brian Gianforcaro 2021-08-24 23:11:08 -07:00 committed by Linus Groh
parent 0f3f814945
commit 77d8a65498
Notes: sideshowbarker 2024-07-18 05:19:00 +09:00 
Author: https://github.com/bgianfo
Commit: https://github.com/SerenityOS/serenity/commit/77d8a65498e
Pull-request: https://github.com/SerenityOS/serenity/pull/9601
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Userland/Libraries/LibJS/Lexer.cpp
View file

@ -201,7 +201,7 @@ void Lexer::consume()
char_size = 4;
}
VERIFY(char_size > 1);
VERIFY(char_size >= 1);
--char_size;
m_position += char_size;