Fixed RegExp.prototype.exec() when second argument is absent.

Previously, when the second argument is undefined, NaN is casted to
unsigned which is undefined behavior.

Found by UndefinedBehaviorSanitizer.

diff --git a/src/njs_regexp.c b/src/njs_regexp.c
index e61bf54ceaa2bfdcdd366d59c99c2757ff368ac8..d4706cc0e14253f62270b866e171cba11d766f03 100644 (file)
--- a/src/njs_regexp.c
+++ b/src/njs_regexp.c
@@ -1235,6 +1235,7 @@ njs_int_t
 njs_regexp_prototype_exec(njs_vm_t *vm, njs_value_t *args, njs_uint_t nargs,
     njs_index_t unused, njs_value_t *retval)
 {
+    unsigned     flags;
     njs_int_t    ret;
     njs_value_t  *r, *s;
     njs_value_t  string_lvalue;
@@ -1253,8 +1254,14 @@ njs_regexp_prototype_exec(njs_vm_t *vm, njs_value_t *args, njs_uint_t nargs,
         return ret;
     }
 
-    return njs_regexp_builtin_exec(vm, r, s,
-                                   njs_number(njs_arg(args, nargs, 2)), retval);
+    if (nargs > 2) {
+        flags = njs_number(njs_arg(args, nargs, 2));
+
+    } else {
+        flags = 0;
+    }
+
+    return njs_regexp_builtin_exec(vm, r, s, flags, retval);
 }