From a65824f353300dedc8440c36a29d0fb6a2cb9662 Mon Sep 17 00:00:00 2001
From: Erik Verbruggen <erik.verbruggen@digia.com>
Date: Tue, 18 Dec 2012 14:54:16 +0100
Subject: [PATCH] Fix: disallow incomplete hex numbers "0x" and "0X".

See also ECMA 5.1, 7.8.3, rule HexIntegerLiteral.

Change-Id: I356dc7cfbc88890bb7f35c8bc4219a37633177f8
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
---
 src/qml/qml/parser/qqmljsengine_p.cpp                        | 2 +-
 src/qml/qml/parser/qqmljslexer.cpp                           | 9 ++++++++-
 src/qml/qml/parser/qqmljslexer_p.h                           | 1 +
 tests/auto/qml/qmlmin/tst_qmlmin.cpp                         | 2 ++
 tests/auto/qml/qqmlecmascript/data/numberParsing_error.1.qml | 9 +++++++++
 tests/auto/qml/qqmlecmascript/data/numberParsing_error.2.qml | 9 +++++++++
 tests/auto/qml/qqmlecmascript/tst_qqmlecmascript.cpp         | 6 ++++++
 7 files changed, 36 insertions(+), 2 deletions(-)
 create mode 100644 tests/auto/qml/qqmlecmascript/data/numberParsing_error.1.qml
 create mode 100644 tests/auto/qml/qqmlecmascript/data/numberParsing_error.2.qml

diff --git a/src/qml/qml/parser/qqmljsengine_p.cpp b/src/qml/qml/parser/qqmljsengine_p.cpp
index aab5035..5adcec2 100644
--- a/src/qml/qml/parser/qqmljsengine_p.cpp
+++ b/src/qml/qml/parser/qqmljsengine_p.cpp
@@ -50,7 +50,7 @@ QT_QML_BEGIN_NAMESPACE
 
 namespace QQmlJS {
 
-static int toDigit(char c)
+static inline int toDigit(char c)
 {
     if ((c >= '0') && (c <= '9'))
         return c - '0';
diff --git a/src/qml/qml/parser/qqmljslexer.cpp b/src/qml/qml/parser/qqmljslexer.cpp
index 79fb971..508d758 100644
--- a/src/qml/qml/parser/qqmljslexer.cpp
+++ b/src/qml/qml/parser/qqmljslexer.cpp
@@ -861,8 +861,9 @@ int Lexer::scanNumber(QChar ch)
     chars.append(ch.unicode());
 
     if (ch == QLatin1Char('0') && (_char == QLatin1Char('x') || _char == QLatin1Char('X'))) {
-        // parse hex integer literal
+        ch = _char; // remember the x or X to use it in the error message below.
 
+        // parse hex integer literal
         chars.append(_char.unicode());
         scanChar(); // consume `x'
 
@@ -871,6 +872,12 @@ int Lexer::scanNumber(QChar ch)
             scanChar();
         }
 
+        if (chars.size() < 3) {
+            _errorCode = IllegalHexNumber;
+            _errorMessage = QCoreApplication::translate("QQmlParser", "At least one hexadecimal digit is required after '0%1'").arg(ch);
+            return T_ERROR;
+        }
+
         _tokenValue = integerFromString(chars.constData(), chars.size(), 16);
         return T_NUMERIC_LITERAL;
     }
diff --git a/src/qml/qml/parser/qqmljslexer_p.h b/src/qml/qml/parser/qqmljslexer_p.h
index e8ffbd3..708bb43 100644
--- a/src/qml/qml/parser/qqmljslexer_p.h
+++ b/src/qml/qml/parser/qqmljslexer_p.h
@@ -121,6 +121,7 @@ public:
     enum Error {
         NoError,
         IllegalCharacter,
+        IllegalHexNumber,
         UnclosedStringLiteral,
         IllegalEscapeSequence,
         IllegalUnicodeEscapeSequence,
diff --git a/tests/auto/qml/qmlmin/tst_qmlmin.cpp b/tests/auto/qml/qmlmin/tst_qmlmin.cpp
index be93a79..3cda6c0 100644
--- a/tests/auto/qml/qmlmin/tst_qmlmin.cpp
+++ b/tests/auto/qml/qmlmin/tst_qmlmin.cpp
@@ -124,6 +124,8 @@ void tst_qmlmin::initTestCase()
     invalidFiles << "tests/auto/qml/qqmlecmascript/data/stringParsing_error.2.qml";
     invalidFiles << "tests/auto/qml/qqmlecmascript/data/stringParsing_error.3.qml";
     invalidFiles << "tests/auto/qml/qqmlecmascript/data/stringParsing_error.4.qml";
+    invalidFiles << "tests/auto/qml/qqmlecmascript/data/numberParsing_error.1.qml";
+    invalidFiles << "tests/auto/qml/qqmlecmascript/data/numberParsing_error.2.qml";
 }
 
 QStringList tst_qmlmin::findFiles(const QDir &d)
diff --git a/tests/auto/qml/qqmlecmascript/data/numberParsing_error.1.qml b/tests/auto/qml/qqmlecmascript/data/numberParsing_error.1.qml
new file mode 100644
index 0000000..61233cb
--- /dev/null
+++ b/tests/auto/qml/qqmlecmascript/data/numberParsing_error.1.qml
@@ -0,0 +1,9 @@
+
+import QtQuick 2.0
+
+QtObject {
+    function code() {
+        var x = 0x;
+    }
+}
+
diff --git a/tests/auto/qml/qqmlecmascript/data/numberParsing_error.2.qml b/tests/auto/qml/qqmlecmascript/data/numberParsing_error.2.qml
new file mode 100644
index 0000000..4519545
--- /dev/null
+++ b/tests/auto/qml/qqmlecmascript/data/numberParsing_error.2.qml
@@ -0,0 +1,9 @@
+
+import QtQuick 2.0
+
+QtObject {
+    function code() {
+        var x = 0X;
+    }
+}
+
diff --git a/tests/auto/qml/qqmlecmascript/tst_qqmlecmascript.cpp b/tests/auto/qml/qqmlecmascript/tst_qqmlecmascript.cpp
index 852c0ef..370db68 100644
--- a/tests/auto/qml/qqmlecmascript/tst_qqmlecmascript.cpp
+++ b/tests/auto/qml/qqmlecmascript/tst_qqmlecmascript.cpp
@@ -7346,6 +7346,12 @@ void tst_qqmlecmascript::numberParsing()
         QObject *object = component.create();
         QVERIFY(object != 0);
     }
+    for (int i = 1; i < 3; ++i) {
+        QString file("numberParsing_error.%1.qml");
+        file = file.arg(i);
+        QQmlComponent component(&engine, testFileUrl(file));
+        QVERIFY(!component.errors().isEmpty());
+    }
 }
 
 void tst_qqmlecmascript::stringParsing()
-- 
2.7.4