JoBoEVD/UglifyJS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix fuzzer on this (#1842)

Browse Source 
- forbid redeclaration of `this`
- suppress probability for `this` within nested functions
This commit is contained in:
Alex Lam S.L
2017-04-24 03:15:03 +08:00
committed by GitHub
parent 9e62628171
commit 76d19b60ad
1 changed files with 8 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
test/ufuzz.js
View File

@@ -513,7 +513,6 @@ function createStatement(recurmax, canThrow, canBreak, canContinue, cannotReturn
// we have to do go through some trouble here to prevent leaking it
var nameLenBefore = VAR_NAMES.length;
var catchName = createVarName(MANDATORY);
if (catchName == 'this') catchName = 'a';
var freshCatchName = VAR_NAMES.length !== nameLenBefore;
s += ' catch (' + catchName + ') { ' + createStatements(3, recurmax, canThrow, canBreak, canContinue, cannotReturn, stmtDepth) + ' }';
if (freshCatchName) VAR_NAMES.splice(nameLenBefore, 1); // remove catch name
@@ -631,13 +630,16 @@ function _createExpression(recurmax, noComma, stmtDepth, canThrow) {
);
break;
default:
if (rng(4) == 0) s.push('function ' + name + '(){');
else {
VAR_NAMES.push('this');
s.push('new function ' + name + '(){');
var instantiate = rng(4) ? 'new ' : '';
s.push(
instantiate + 'function ' + name + '(){',
strictMode()
);
if (instantiate) for (var i = rng(4); --i >= 0;) {
if (rng(2)) s.push('this.' + getDotKey() + createAssignment() + _createBinaryExpr(recurmax, noComma, stmtDepth, canThrow) + ';');
else s.push('this[' + createExpression(recurmax, COMMA_OK, stmtDepth, canThrow) + ']' + createAssignment() + _createBinaryExpr(recurmax, noComma, stmtDepth, canThrow) + ';');
}
s.push(
strictMode(),
createStatements(rng(5) + 1, recurmax, canThrow, CANNOT_BREAK, CANNOT_CONTINUE, CAN_RETURN, stmtDepth),
'}'
);
@@ -777,7 +779,6 @@ function _createSimpleBinaryExpr(recurmax, noComma, stmtDepth, canThrow) {
return '(' + createUnarySafePrefix() + '(' + _createSimpleBinaryExpr(recurmax, noComma, stmtDepth, canThrow) + '))';
case 2:
assignee = getVarName();
if (assignee == 'this') assignee = 'a';
return '(' + assignee + createAssignment() + _createBinaryExpr(recurmax, noComma, stmtDepth, canThrow) + ')';
case 3:
assignee = getVarName();