[regexp] Abort on compilation overflow if flag passed

Abort execution on stack overflow during compilation if --abort-on-stack-or-string-length-overflow was passed (for correctness fuzzer support). Bug: chromium:778962 Change-Id: Idd50b47c4ddc03b7839ce850da95502fce4cc848 Reviewed-on: https://chromium-review.googlesource.com/750842Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#49079}

[regexp] Abort on compilation overflow if flag passed
Abort execution on stack overflow during compilation if --abort-on-stack-or-string-length-overflow was passed (for correctness fuzzer support). Bug: chromium:778962 Change-Id: Idd50b47c4ddc03b7839ce850da95502fce4cc848 Reviewed-on: https://chromium-review.googlesource.com/750842Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#49079}
759cfaa2 · Jakob Gruber · Commit Bot · fd1fa357 · 759cfaa2
Commit 759cfaa2 authored Nov 02, 2017 by Jakob Gruber Committed by Commit Bot Nov 02, 2017
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 0 deletions

jsregexp.cc src/regexp/jsregexp.cc +4 -0

No files found.
--- a/src/regexp/jsregexp.cc
+++ b/src/regexp/jsregexp.cc
@@ -330,6 +330,10 @@ bool RegExpImpl::CompileIrregexp(Handle<JSRegExp> re,
                            sample_subject, is_one_byte);
  if (result.error_message != nullptr) {
    // Unable to compile regexp.
+    if (FLAG_abort_on_stack_or_string_length_overflow &&
+        strncmp(result.error_message, "Stack overflow", 15) == 0) {
+      FATAL("Aborting on stack overflow");
+    }
    Handle<String> error_message = isolate->factory()->NewStringFromUtf8(
        CStrVector(result.error_message)).ToHandleChecked();
    ThrowRegExpException(re, error_message);