Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug: 'unescape' fails at the very line end #828

Closed
firegurafiku opened this issue Jan 25, 2021 · 1 comment · Fixed by #831
Closed

Bug: 'unescape' fails at the very line end #828

firegurafiku opened this issue Jan 25, 2021 · 1 comment · Fixed by #831
Labels
bug

Comments

@firegurafiku
Copy link

Please, have a look at the following REPL session:

Welcome to Jint (1.0.0.0)
Type 'exit' to leave, 'print()' to write on the console, 'load()' to load scripts.

jint> unescape("%40")
=> "%40"
jint> unescape("%40_")
=> "@_"
jint> unescape("%40%40")
=> "@%40"
jint> unescape("%u0040")
=> "%u0040"
jint> unescape("%u0040_")
=> "@_"
jint> unescape("%u0040%u0040")
=> "@%u0040"

It shows that unescape consistently fails to decode a percent-encoded character if it happens just before the end of string.
I believe this behavior is caused by an "off by one" error in the function's implementation loop.

The following patch seems to fix the bug:

diff --git a/Jint/Native/Global/GlobalObject.cs b/Jint/Native/Global/GlobalObject.cs
index de224161..62dd56db 100644
--- a/Jint/Native/Global/GlobalObject.cs
+++ b/Jint/Native/Global/GlobalObject.cs
@@ -676,23 +676,23 @@ namespace Jint.Native.Global

             for (var k = 0; k < strLen; k++)
             {
                 var c = uriString[k];
                 if (c == '%')
                 {
-                    if (k < strLen - 6
+                    if (k <= strLen - 6
                         && uriString[k + 1] == 'u'
                         && uriString.Skip(k + 2).Take(4).All(IsValidHexaChar))
                     {
                         c = (char)int.Parse(
                             string.Join(string.Empty, uriString.Skip(k + 2).Take(4)),
                             NumberStyles.AllowHexSpecifier);

                         k += 5;
                     }
-                    else if (k < strLen - 3
+                    else if (k <= strLen - 3
                         && uriString.Skip(k + 1).Take(2).All(IsValidHexaChar))
                     {
                         c = (char)int.Parse(
                             string.Join(string.Empty, uriString.Skip(k + 1).Take(2)),
                             NumberStyles.AllowHexSpecifier);

HEAD: 6880a99
@lahma lahma mentioned this issue Jan 27, 2021
Merged
@lahma
Copy link
Collaborator

lahma commented Jan 27, 2021

Thank you for the detailed reproduction and fix. The fix has been merged and will be in the next release (to be released soon to NuGet).

@lahma lahma added the bug label Jan 27, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix unescape at end of string lahma/jint
2 participants
@lahma @firegurafiku