Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

process: fix two overflow cases in SourceMap VLQ decoding #31490

Closed
wants to merge 3 commits into from
Closed
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 14 additions & 2 deletions lib/internal/source_map/source_map.js
Original file line number Diff line number Diff line change
Expand Up @@ -303,8 +303,20 @@ function decodeVLQ(stringCharIterator) {

// Fix the sign.
const negative = result & 1;
result >>= 1;
return negative ? -result : result;
// Use unsigned right shift, so that the 32nd bit is properly shifted to the
cjihrig marked this conversation as resolved.
Show resolved Hide resolved
// 31st, and the 32nd becomes unset.
result >>>= 1;
if (!negative) {
return result;
}

// We need to OR 0x80000000 here to ensure the 32nd bit (the sign bit in a
// 32bit int) is always set for negative numbers. If `result` were 1,
// (meaning `negate` is true and all other bits were zeros), `result` would
// now be 0. But -0 doesn't flip the 32nd bit as intended. All other numbers
// will successfully set the 32nd bit without issue, so doing this is a noop
// for them.
return -result | 0x80000000;
devsnek marked this conversation as resolved.
Show resolved Hide resolved
}

/**
Expand Down