[CVE-2017-11908] Invalid stack restore when destructuring is used as …

…a call param The destructuring element in the call argslist was not correctly determined as we were not restoring the previous state. Fixed that
chakra-core · Dec 7, 2017 · 39eecff · 39eecff
1 parent 760822c
commit 39eecff
Showing 1 changed file with 10 additions and 0 deletions.
diff --git a/lib/Parser/Parse.h b/lib/Parser/Parse.h
@@ -1125,6 +1125,7 @@ class Parser
             : m_parser(parser)
         {
             m_prevState = m_parser->GetIsInParsingArgList();
+            m_prevDestructuringState = m_parser->GetHasDestructuringPattern();
             m_parser->SetHasDestructuringPattern(false);
             m_parser->SetIsInParsingArgList(true);
         }
@@ -1135,11 +1136,20 @@ class Parser
             {
                 m_parser->SetHasDestructuringPattern(false);
             }
+            else
+            {
+                // Reset back to previous state only when the current call node does not have usage of destructuring expression.
+                if (!m_parser->GetHasDestructuringPattern())
+                {
+                    m_parser->SetHasDestructuringPattern(m_prevDestructuringState);
+                }
+            }
         }
 
     private:
         Parser *m_parser;
         bool m_prevState;
+        bool m_prevDestructuringState;
     };
 
 public: