src: don't crash on invalid script positions

kvakil · No9 · commit 2769d4010e40 · 2022-10-18T21:08:08.000+01:00
This "fixes" the crash reported in #422, in the sense that you no longer get a crash. However the printing does not actually work, i.e. you currently get an error like this: ```console (lldb) v8 i -s 0x2196b1a09a29 error: Invalid source range, start_pos=3108, len=-3098, source_len=10 ``` I'm deeming this better than crashing. We should really never be crashing as the coredump might be incomplete/partially corrupted. (Also, we already know function printing on v16 doesn't work right now.)
diff --git a/src/llv8.cc b/src/llv8.cc
@@ -362,8 +362,15 @@ std::string JSFunction::GetSource(Error& err) {
   }
   int64_t len = end_pos - start_pos;
 
-  std::string res = source_str.substr(start_pos, len);
+  // Make sure the substr isn't out of range
+  if (start_pos < 0 || len < 0 || start_pos + len > source_len) {
+    err = Error::Failure("Invalid source range, start_pos=%" PRId64
+                         ", len=%" PRId64 ", source_len=%" PRId64,
+                         start_pos, len, source_len);
+    return std::string();
+  }
 
+  std::string res = source_str.substr(start_pos, len);
   return res;
 }
 

Original file line number	Diff line number	Diff line change
`@@ -362,8 +362,15 @@ std::string JSFunction::GetSource(Error& err) {`
`362`	`362`	`}`
`363`	`363`	`int64_t len = end_pos - start_pos;`
`364`	`364`
`365`		`- std::string res = source_str.substr(start_pos, len);`
	`365`	`+ // Make sure the substr isn't out of range`
	`366`	`+ if (start_pos < 0 \|\| len < 0 \|\| start_pos + len > source_len) {`
	`367`	`+ err = Error::Failure("Invalid source range, start_pos=%" PRId64`
	`368`	`+ ", len=%" PRId64 ", source_len=%" PRId64,`
	`369`	`+ start_pos, len, source_len);`
	`370`	`+ return std::string();`
	`371`	`+ }`
`366`	`372`
	`373`	`+ std::string res = source_str.substr(start_pos, len);`
`367`	`374`	`return res;`
`368`	`375`	`}`
`369`	`376`