JoBoEVD/UglifyJS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

improve false positive detection in ufuzz (#3968)

Browse Source
This commit is contained in:
Alex Lam S.L
2020-06-08 07:21:45 +01:00
committed by GitHub
parent cd55eeb77c
commit 491d6ce1d5
1 changed files with 15 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
test/ufuzz/index.js
View File

@@ -1181,7 +1181,7 @@ function fuzzy_match(original, uglified) {
return true; return true;
} }
function skip_infinite_recursion(orig, toplevel) { function patch_try_catch(orig, toplevel) {
var code = orig; var code = orig;
var tries = []; var tries = [];
var offset = 0; var offset = 0;
@@ -1198,15 +1198,23 @@ function skip_infinite_recursion(orig, toplevel) {
continue; continue;
} }
while (tries.length && tries[0].catch) tries.shift(); while (tries.length && tries[0].catch) tries.shift();
tries[0].catch = index; tries[0].catch = index - offset;
var insert = "throw " + match[1] + ".ufuzz_skip || (" + match[1] + ".ufuzz_skip = " + tries[0].try + "), " + match[1] + ";"; var insert = "throw " + [
match[1] + ".ufuzz_var || (" + match[1] + '.ufuzz_var = "' + match[1] + '")',
match[1] + ".ufuzz_try || (" + match[1] + ".ufuzz_try = " + tries[0].try + ")",
match[1] + ".ufuzz_catch || (" + match[1] + ".ufuzz_catch = " + tries[0].catch + ")",
match[1],
].join(", ") + ";";
var new_code = code.slice(0, index) + insert + code.slice(index); var new_code = code.slice(0, index) + insert + code.slice(index);
var result = sandbox.run_code(new_code, toplevel); var result = sandbox.run_code(new_code, toplevel);
if (typeof result != "object" || typeof result.name != "string" || typeof result.message != "string") { if (typeof result != "object" || typeof result.name != "string" || typeof result.message != "string") {
offset += insert.length; offset += insert.length;
code = new_code; code = new_code;
} else if (result.name == "TypeError" && /'in'/.test(result.message)) {
index = result.ufuzz_catch;
return orig.slice(0, index) + result.ufuzz_var + ' = new Error("invalid `in`");' + orig.slice(index);
} else if (result.name == "RangeError" && result.message == "Maximum call stack size exceeded") { } else if (result.name == "RangeError" && result.message == "Maximum call stack size exceeded") {
index = result.ufuzz_skip; index = result.ufuzz_try;
return orig.slice(0, index) + 'throw new Error("skipping infinite recursion");' + orig.slice(index); return orig.slice(0, index) + 'throw new Error("skipping infinite recursion");' + orig.slice(index);
} }
} }
@@ -1256,10 +1264,11 @@ for (var round = 1; round <= num_iterations; round++) {
ok = sandbox.same_stdout(fuzzy_result, uglify_result); ok = sandbox.same_stdout(fuzzy_result, uglify_result);
} }
} }
// ignore difference in error message caused by `in`
// ignore difference in depth of termination caused by infinite recursion // ignore difference in depth of termination caused by infinite recursion
if (!ok) { if (!ok) {
var orig_skipped = skip_infinite_recursion(original_code, toplevel); var orig_skipped = patch_try_catch(original_code, toplevel);
var uglify_skipped = skip_infinite_recursion(uglify_code, toplevel); var uglify_skipped = patch_try_catch(uglify_code, toplevel);
if (orig_skipped && uglify_skipped) { if (orig_skipped && uglify_skipped) {
ok = sandbox.same_stdout(sandbox.run_code(orig_skipped, toplevel), sandbox.run_code(uglify_skipped, toplevel)); ok = sandbox.same_stdout(sandbox.run_code(orig_skipped, toplevel), sandbox.run_code(uglify_skipped, toplevel));
} }