From 79738fe3bf82b8c34e3df0c14b28fb8ba471ab73 Mon Sep 17 00:00:00 2001 From: Akrosh Gandhi Date: Thu, 11 Oct 2018 14:33:23 -0700 Subject: [PATCH] Fixing out of stack AV in Destructuring pattern. Probe stack first to see if the stack is available. --- lib/Parser/Parse.cpp | 3 +++ test/Bugs/misc_bugs.js | 22 ++++++++++++++++++++++ 2 files changed, 25 insertions(+) diff --git a/lib/Parser/Parse.cpp b/lib/Parser/Parse.cpp index 8631aabf02d..a4355d963d5 100644 --- a/lib/Parser/Parse.cpp +++ b/lib/Parser/Parse.cpp @@ -12842,6 +12842,9 @@ ParseNodePtr Parser::ParseDestructuredLiteral(tokens declarationType, { ParseNodeUni * pnode = nullptr; Assert(IsPossiblePatternStart()); + + PROBE_STACK_NO_DISPOSE(m_scriptContext, Js::Constants::MinStackDefault); + if (m_token.tk == tkLCurly) { pnode = ParseDestructuredObjectLiteral(declarationType, isDecl, topLevel); diff --git a/test/Bugs/misc_bugs.js b/test/Bugs/misc_bugs.js index c361b02a8a5..ff785ef87d6 100644 --- a/test/Bugs/misc_bugs.js +++ b/test/Bugs/misc_bugs.js @@ -189,6 +189,28 @@ var tests = [ }); } }, + { + name: "destructuring : testing recursion", + body: function () { + try { + eval(` + var ${'['.repeat(6631)} + `); + assert.fail(); + } + catch (e) { + } + + try { + eval(` + var {${'a:{'.repeat(6631)} + `); + assert.fail(); + } + catch (e) { + } + } + } ];