Commit 3e7b1a63 authored by oliver@apple.com's avatar oliver@apple.com
Browse files

2011-01-16 Oliver Hunt <oliver@apple.com>

        Reviewed by Sam Weinig.

        [jsfunfuzz] Parser doesn't correctly validate for-loop syntax
        https://bugs.webkit.org/show_bug.cgi?id=52516

        Add test for the case where a syntax error immediately follows
        multiple declarations in a for-loop initialiser.

        * fast/js/parser-syntax-check-expected.txt:
        * fast/js/script-tests/parser-syntax-check.js:
2011-01-16  Oliver Hunt  <oliver@apple.com>

        Reviewed by Sam Weinig.

        [jsfunfuzz] Parser doesn't correctly validate for-loop syntax
        https://bugs.webkit.org/show_bug.cgi?id=52516

        Ensure that we always check for a semicolon after encountering
        multiple declarations in the initialiser portion of a for-loop.

        * parser/JSParser.cpp:
        (JSC::JSParser::parseForStatement):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@75899 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent 448c931f
2011-01-16 Oliver Hunt <oliver@apple.com>
Reviewed by Sam Weinig.
[jsfunfuzz] Parser doesn't correctly validate for-loop syntax
https://bugs.webkit.org/show_bug.cgi?id=52516
Add test for the case where a syntax error immediately follows
multiple declarations in a for-loop initialiser.
* fast/js/parser-syntax-check-expected.txt:
* fast/js/script-tests/parser-syntax-check.js:
2011-01-16 Oliver Hunt <oliver@apple.com>
 
Reviewed by Geoffrey Garen.
......
......@@ -537,6 +537,10 @@ PASS Invalid: "L: L1: L: ;"
PASS Invalid: "function f() { L: L1: L: ; }"
PASS Invalid: "L: L1: L2: L3: L4: L: ;"
PASS Invalid: "function f() { L: L1: L2: L3: L4: L: ; }"
PASS Invalid: "for(var a,b 'this shouldn't be allowed' false ; ) ;"
PASS Invalid: "function f() { for(var a,b 'this shouldn't be allowed' false ; ) ; }"
PASS Invalid: "for(var a,b '"
PASS Invalid: "function f() { for(var a,b ' }"
PASS successfullyParsed is true
TEST COMPLETE
......
......@@ -343,4 +343,7 @@ invalid("L: L: ;");
invalid("L: L1: L: ;");
invalid("L: L1: L2: L3: L4: L: ;");
invalid("for(var a,b 'this shouldn\'t be allowed' false ; ) ;");
invalid("for(var a,b '");
var successfullyParsed = true;
2011-01-16 Oliver Hunt <oliver@apple.com>
Reviewed by Sam Weinig.
[jsfunfuzz] Parser doesn't correctly validate for-loop syntax
https://bugs.webkit.org/show_bug.cgi?id=52516
Ensure that we always check for a semicolon after encountering
multiple declarations in the initialiser portion of a for-loop.
* parser/JSParser.cpp:
(JSC::JSParser::parseForStatement):
2011-01-16 Oliver Hunt <oliver@apple.com>
 
Reviewed by Geoffrey Garen.
......
......@@ -795,9 +795,11 @@ template <class TreeBuilder> TreeStatement JSParser::parseForStatement(TreeBuild
fail();
// Remainder of a standard for loop is handled identically
if (declarations > 1 || match(SEMICOLON))
if (match(SEMICOLON))
goto standardForLoop;
failIfFalse(declarations == 1);
// Handle for-in with var declaration
int inLocation = tokenStart();
if (!consume(INTOKEN))
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment