Bug 188899
| Summary: | Function evaluation with special characters as params | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | isol2 |
| Component: | JavaScriptCore | Assignee: | Nobody <webkit-unassigned> |
| Status: | NEW | ||
| Severity: | Normal | CC: | fpizlo, ysuzuki |
| Priority: | P2 | ||
| Version: | Safari 11 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
isol2
Hi everyone,
I found this inconsistency in JSC when it try to parsing the HTML comment block as param, but I don't know if this behavior is expected by others engines.
This param was generated by a fuzzer.
Version: 235121
OS: Ubuntu 16.04 x64
Steps to reproduce:
let a = Function("<!--", "print(1+1)")
a()
let b = Function("<!--", "<!--", "print(1+1)")
b()
Actual result:
SyntaxError: Unexpected token '}'. Expected a parameter pattern or a ')' in parameter list.
Expected result:
2
2
V8, Chakra and SpiderMonkey works as expected.
cinfuzz
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |