From: Dmitry Volyntsev Date: Tue, 9 Jan 2024 00:40:42 +0000 (-0800) Subject: Fixed RegExp.prototype.exec() when second argument is absent. X-Git-Url: http://git.kaiwu.me/postgresql/log/contrib/postgres_fdw/static/gitweb.js?a=commitdiff_plain;h=5541631336af0ba757888fc16a919ddaa0f38f12;p=njs.git Fixed RegExp.prototype.exec() when second argument is absent. Previously, when the second argument is undefined, NaN is casted to unsigned which is undefined behavior. Found by UndefinedBehaviorSanitizer. --- diff --git a/src/njs_regexp.c b/src/njs_regexp.c index e61bf54c..d4706cc0 100644 --- a/src/njs_regexp.c +++ b/src/njs_regexp.c @@ -1235,6 +1235,7 @@ njs_int_t njs_regexp_prototype_exec(njs_vm_t *vm, njs_value_t *args, njs_uint_t nargs, njs_index_t unused, njs_value_t *retval) { + unsigned flags; njs_int_t ret; njs_value_t *r, *s; njs_value_t string_lvalue; @@ -1253,8 +1254,14 @@ njs_regexp_prototype_exec(njs_vm_t *vm, njs_value_t *args, njs_uint_t nargs, return ret; } - return njs_regexp_builtin_exec(vm, r, s, - njs_number(njs_arg(args, nargs, 2)), retval); + if (nargs > 2) { + flags = njs_number(njs_arg(args, nargs, 2)); + + } else { + flags = 0; + } + + return njs_regexp_builtin_exec(vm, r, s, flags, retval); }