https://github.com/quickjs-ng/quickjs/blob/master/cutils.c#L247 makes the assumption that the buffer is always at least UTF8_CHAR_LEN_MAX, this is not checked. re_parse_group_name then calls it with a buffer, the size of which is also not checked. This results in a dependency on the buffer supplied to this function that the buffer is at least UTF8_CHAR_LEN_MAX.
I would consider this a soon-to-be-bug at best. I understand that error handling is difficult, but an assert would make sense here at the very least.
https://github.com/quickjs-ng/quickjs/blob/master/cutils.c#L247 makes the assumption that the buffer is always at least
UTF8_CHAR_LEN_MAX, this is not checked.re_parse_group_namethen calls it with a buffer, the size of which is also not checked. This results in a dependency on the buffer supplied to this function that the buffer is at leastUTF8_CHAR_LEN_MAX.I would consider this a soon-to-be-bug at best. I understand that error handling is difficult, but an
assertwould make sense here at the very least.