What version of Bun is running?
1.3.14-debug+e750984db
What platform is your computer?
Linux 6.8.0-88-generic x86_64 x86_64
What steps can reproduce the bug?
Run bun on the following text input:
What is the expected behavior?
This should give a user-facing error, since the code is invalid
What do you see instead?
A panic:
panic: slice index starts at 5 but ends at 4 (src/js_parser/lexer.rs:3463:38)
Additional information
The relevant code is here:
|
pub fn raw_template_contents(&mut self) -> &'a [u8] { |
|
self.assert_not_json(); |
|
|
|
let mut text: &[u8] = b""; |
|
|
|
match self.token { |
|
T::TNoSubstitutionTemplateLiteral | T::TTemplateTail => { |
|
text = &self.contents[self.start + 1..self.end - 1]; |
|
} |
|
T::TTemplateMiddle | T::TTemplateHead => { |
|
text = &self.contents[self.start + 1..self.end - 2]; |
|
} |
|
_ => {} |
|
} |
This was found via a fuzzer, but I confirmed it panics on e750984 the latest main
What version of Bun is running?
1.3.14-debug+e750984db
What platform is your computer?
Linux 6.8.0-88-generic x86_64 x86_64
What steps can reproduce the bug?
Run bun on the following text input:
What is the expected behavior?
This should give a user-facing error, since the code is invalid
What do you see instead?
A panic:
Additional information
The relevant code is here:
bun/src/js_parser/lexer.rs
Lines 3456 to 3469 in e750984
This was found via a fuzzer, but I confirmed it panics on e750984 the latest
main