JoBoEVD/UglifyJS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

improve false positive detection in ufuzz (#3973)

Browse Source
This commit is contained in:
Alex Lam S.L
2020-06-08 18:47:50 +01:00
committed by GitHub
parent 5561d3e7f3
commit 08c4729eb4
1 changed files with 17 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
test/ufuzz/index.js
View File

@@ -1188,23 +1188,28 @@ function patch_try_catch(orig, toplevel) {
var re = /(?:(?:^|[\s{}):;])try|}\s*catch\s*\(([^)]+)\)|}\s*finally)\s*(?={)/g; var re = /(?:(?:^|[\s{}):;])try|}\s*catch\s*\(([^)]+)\)|}\s*finally)\s*(?={)/g;
var match; var match;
while (match = re.exec(code)) { while (match = re.exec(code)) {
if (/}\s*finally\s*$/.test(match[0])) {
tries.shift();
continue;
}
var index = match.index + match[0].length + 1; var index = match.index + match[0].length + 1;
if (/(?:^|[\s{}):;])try\s*$/.test(match[0])) { if (/(?:^|[\s{}):;])try\s*$/.test(match[0])) {
tries.unshift({ try: index - offset }); tries.unshift({ try: index - offset });
continue; continue;
} }
while (tries.length && tries[0].catch) tries.shift(); var insert;
tries[0].catch = index - offset; if (/}\s*finally\s*$/.test(match[0])) {
var insert = "throw " + [ tries.shift();
match[1] + ".ufuzz_var || (" + match[1] + '.ufuzz_var = "' + match[1] + '")', insert = 'if (typeof UFUZZ_ERROR == "object") throw UFUZZ_ERROR;';
match[1] + ".ufuzz_try || (" + match[1] + ".ufuzz_try = " + tries[0].try + ")", } else {
match[1] + ".ufuzz_catch || (" + match[1] + ".ufuzz_catch = " + tries[0].catch + ")", while (tries.length && tries[0].catch) tries.shift();
match[1], tries[0].catch = index - offset;
].join(", ") + ";"; insert = [
"if (!" + match[1] + ".ufuzz_var) {",
match[1] + '.ufuzz_var = "' + match[1] + '";',
match[1] + ".ufuzz_try = " + tries[0].try + ";",
match[1] + ".ufuzz_catch = " + tries[0].catch + ";",
"UFUZZ_ERROR = " + match[1] + ";",
"}",
"throw " + match[1] + ";",
].join("\n");
}
var new_code = code.slice(0, index) + insert + code.slice(index); var new_code = code.slice(0, index) + insert + code.slice(index);
var result = sandbox.run_code(new_code, toplevel); var result = sandbox.run_code(new_code, toplevel);
if (typeof result != "object" || typeof result.name != "string" || typeof result.message != "string") { if (typeof result != "object" || typeof result.name != "string" || typeof result.message != "string") {