From 540f7dd3161d9e2d0343a93219d555f983321862 Mon Sep 17 00:00:00 2001 From: "Matthew \"strager\" Glazar" Date: Fri, 29 Dec 2023 12:35:43 -0500 Subject: [PATCH] fix(fe): fix crash caught by fuzzing --- src/quick-lint-js/fe/parse-type.cpp | 16 +++++++++++----- test/test-parse-typescript-type.cpp | 6 ++++++ 2 files changed, 17 insertions(+), 5 deletions(-) diff --git a/src/quick-lint-js/fe/parse-type.cpp b/src/quick-lint-js/fe/parse-type.cpp index d348ebb016..6db7196196 100644 --- a/src/quick-lint-js/fe/parse-type.cpp +++ b/src/quick-lint-js/fe/parse-type.cpp @@ -595,11 +595,17 @@ void Parser::parse_and_visit_typescript_type_expression_no_scope( // | | Type // Invalid. case Token_Type::ampersand: case Token_Type::pipe: - this->diag_reporter_->report( - Diag_Missing_Type_Between_Intersection_Or_Union{ - .left_operator = leading_binary_operator.value(), - .right_operator = this->peek().span(), - }); + if (leading_binary_operator.has_value()) { + this->diag_reporter_->report( + Diag_Missing_Type_Between_Intersection_Or_Union{ + .left_operator = leading_binary_operator.value(), + .right_operator = this->peek().span(), + }); + } else { + // ? | Type + // NOTE(strager): We get here if we reported + // Diag_TypeScript_Question_In_Type_Expression_Should_Be_Void. + } break; // typeof varname diff --git a/test/test-parse-typescript-type.cpp b/test/test-parse-typescript-type.cpp index 6b09912a9a..e4ceaab301 100644 --- a/test/test-parse-typescript-type.cpp +++ b/test/test-parse-typescript-type.cpp @@ -1071,6 +1071,12 @@ TEST_F(Test_Parse_TypeScript_Type, no_question_in_type_expression) { u8"?Type"_sv, // u8"^ Diag_TypeScript_Question_In_Type_Expression_Should_Be_Void"_diag, // typescript_options); + + // This used to crash quick-lint-js: + test_parse_and_visit_typescript_type_expression( + u8"? & Type"_sv, // + u8"^ Diag_TypeScript_Question_In_Type_Expression_Should_Be_Void"_diag, // + typescript_options); } TEST_F(Test_Parse_TypeScript_Type, generic_arrow_function) {