579f0b307c
For input `0'e+1` lexer tokenized as numeric constant only `0'e`. Later NumericLiteralParser skipped 0 and ' as digits and parsed `e+1` as valid exponent going past the end of the token. Because it didn't mark numeric literal as having an error, it continued parsing and tried to expandUCNs with StringRef of length -2. The fix is not to parse exponent when we reached the end of token. Discovered by OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4588 rdar://problem/36076719 Reviewers: rsmith, t.p.northover Reviewed By: rsmith Subscribers: cfe-commits, jkorous-apple Differential Revision: https://reviews.llvm.org/D41834 llvm-svn: 324419
59 KiB
59 KiB