github_mirrors/quickjs
3
0
Fork 1
mirror of https://github.com/bellard/quickjs.git synced 2025-09-27 05:38:45 +03:00
Code Issues Packages Projects Releases Wiki Activity

fixed buffer overflow in TypedArray.prototype.lastIndexOf()

Browse Source
This commit is contained in:
Fabrice Bellard 2025-08-25 15:25:41 +02:00
parent 9ce544289f
commit c927eca49a
1 changed files with 5 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
quickjs.c
View File

@ -53619,22 +53619,12 @@ static JSValue js_typed_array_indexOf(JSContext *ctx, JSValueConst this_val,
if (special == special_lastIndexOf) {
k = len - 1;
if (argc > 1) {
if (JS_ToFloat64(ctx, &d, argv[1]))
int64_t k1;
if (JS_ToInt64Clamp(ctx, &k1, argv[1], -1, len - 1, len))
goto exception;
if (isnan(d)) {
k = 0;
} else {
if (d >= 0) {
if (d < k) {
k = d;
}
} else {
d += len;
if (d < 0)
k = k1;
if (k < 0)
goto done;
k = d;
}
}
}
stop = -1;
inc = -1;