« Bugzilla Issues Index
#2849 — 21.2.5.7 RegExp.prototype.replace: Missing string index checks in step 18
- bug_id:
2849
- creation_ts:
2014-05-12 06:06:00 -0700
- short_desc:
21.2.5.7 RegExp.prototype.replace: Missing string index checks in step 18
- delta_ts:
2014-06-16 16:25:07 -0700
- product:
Draft for 6th Edition
- component:
technical issue
- version:
Rev 24: April 27, 2014 Draft
- rep_platform:
All
- op_sys:
All
- bug_status:
RESOLVED
- resolution:
FIXED
- priority:
Normal
- bug_severity:
normal
- everconfirmed:
true
- reporter:
André Bargull
- assigned_to:
Allen Wirfs-Brock
- commentid:
8325
- comment_count:
0
- who:
André Bargull
- bug_when:
2014-05-12 06:06:21 -0700
21.2.5.7 RegExp.prototype.replace ( string, replaceValue ), step 18:
nextSrcPosition may exceed the final code unit of S, add a conditional step to ensure only valid string ranges are used.
> 18: If nextSrcPosition is less than the final code unit of S, then add code units from nextSrcPosition up through ... to accumulatedResult.
> 19: Return accumulatedResult.
Test case:
---
(new class extends RegExp {
exec(){
return {index: 0, 0: "abc"};
}
}).replace("a", "b");
---
- commentid:
8517
- comment_count:
1
- who:
Allen Wirfs-Brock
- bug_when:
2014-05-15 17:58:18 -0700
fixed in rev25 editor's draft.
- commentid:
9025
- comment_count:
2
- who:
Allen Wirfs-Brock
- bug_when:
2014-06-16 16:25:07 -0700
fixed in rev25 editor's draft