fergalmoran/ladybird
1
0
Fork 0
mirror of https://github.com/fergalmoran/ladybird.git synced 2026-01-06 16:45:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

LibRegex: Don't add the Repeat instruction size to its jump target

Browse Source 
This was causing the calculated jump target to become invalid, leading
to possibly invalid optimisations and (more likely) crashes.
Fixes #21047.
This commit is contained in:
Ali Mohammad Pur
2023-09-14 05:43:29 +03:30
committed by Ali Mohammad Pur
parent 9220c68408
commit 4d71f4edc4
2 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Userland/Libraries/LibRegex/RegexOptimizer.cpp
View File

@@ -907,7 +907,7 @@ void Optimizer::append_alternation(ByteCode& target, Span<ByteCode> alternatives
has_any_backwards_jump |= static_cast<OpCode_ForkReplaceStay const&>(opcode).offset() < 0;
break;
case OpCodeId::Repeat:
incoming_jump_edges.ensure(static_cast<OpCode_Repeat const&>(opcode).offset() + state.instruction_position).append({ opcode_bytes });
incoming_jump_edges.ensure(state.instruction_position - static_cast<OpCode_Repeat const&>(opcode).offset()).append({ opcode_bytes });
has_any_backwards_jump = true;
break;
default:
@@ -1139,7 +1139,7 @@ void Optimizer::append_alternation(ByteCode& target, Span<ByteCode> alternatives
jump_offset = static_cast<OpCode_ForkReplaceStay const&>(opcode).offset();
break;
case OpCodeId::Repeat:
jump_offset = static_cast<ssize_t>(0) - static_cast<ssize_t>(static_cast<OpCode_Repeat const&>(opcode).offset());
jump_offset = static_cast<ssize_t>(0) - static_cast<ssize_t>(static_cast<OpCode_Repeat const&>(opcode).offset()) - static_cast<ssize_t>(opcode.size());
break;
default:
is_jump = false;