A panic in lexer.go: [runtime error: index out of range]
MyLGG opened this issue · comments
Hello
I find a bug when using lexer.Lex(). Here is the poc
import (
"github.com/z7zmey/php-parser/pkg/conf"
"github.com/z7zmey/php-parser/pkg/version"
"testing"
"gotest.tools/assert"
)
func TestCrash(t *testing.T) {
src := "=<?i<F<o�Q<}!45"
expected := []string{
token.T_START_HEREDOC.String(),
}
config := conf.Config{
Version: &version.Version{
Major: 7,
Minor: 4,
},
}
lexer := NewLexer([]byte(src), config)
actual := []string{}
for {
tkn := lexer.Lex()
if tkn.ID == 0 {
break
}
actual = append(actual, tkn.ID.String())
}
assert.DeepEqual(t, expected, actual)
}
The stack information is this:
goroutine 33 [running]:
testing.tRunner.func1.2(0x67c4e0, 0xc000228060)
/home/lyf/.local/go/src/testing/testing.go:1143 +0x332
testing.tRunner.func1(0xc000102480)
/home/lyf/.local/go/src/testing/testing.go:1146 +0x4b6
panic(0x67c4e0, 0xc000228060)
/home/lyf/.local/go/src/runtime/panic.go:965 +0x1b9
github.com/z7zmey/php-parser/internal/scanner.(*Lexer).ret(0xc00011aeb8, 0x1)
/home/lyf/workspace/gowork/src/fuzzTestee_lyf/projects/php-parser/internal/scanner/lexer.go:214 +0x65
github.com/z7zmey/php-parser/internal/scanner.(*Lexer).Lex(0xc00010deb8, 0xc00012a376)
/home/lyf/workspace/gowork/src/fuzzTestee_lyf/projects/php-parser/internal/scanner/scanner.go:3789 +0x19971
github.com/z7zmey/php-parser/internal/scanner.TestHereDocUnclosed(0xc000102480)
/home/lyf/workspace/gowork/src/fuzzTestee_lyf/projects/php-parser/internal/scanner/scanner_test.go:1115 +0x36e
testing.tRunner(0xc000102480, 0x6a0a30)
/home/lyf/.local/go/src/testing/testing.go:1193 +0xef
created by testing.(*T).Run
/home/lyf/.local/go/src/testing/testing.go:1238 +0x2b3
It looks like the panic-causing code can be boiled down to <?}