Don't allow catch to bind to eval or arguments in strict mode

Summary: Implement a point in [section C](https://tc39.es/ecma262/multipage/strict-mode-of-ecmascript.html#sec-strict-mode-of-ecmascript) of the spec. > It is a SyntaxError if a CatchParameter occurs within strict mode code and BoundNames of CatchParameter contains either `eval` or `arguments` Perform this check in the `SemanticValidator`. Reviewed By: jpporto Differential Revision: D41864654 fbshipit-source-id: 0aaf981965c02a347052fe43047fa0dd4630b9b0
barthap · Mar 29, 2023 · 838d1e4 · 838d1e4
1 parent f6b56d3
commit 838d1e4
Show file tree

Hide file tree

Showing 3 changed files with 56 additions and 0 deletions.
diff --git a/lib/AST/SemanticValidator.cpp b/lib/AST/SemanticValidator.cpp
@@ -347,7 +347,34 @@ void SemanticValidator::visit(RegExpLiteralNode *regexp) {
   visitESTreeChildren(*this, regexp);
 }
 
+void SemanticValidator::validateCatchClause(const Node *catchClause) {
+  // The catch clause is optional, so bail early if it doesn't exist.
+  if (!catchClause) {
+    return;
+  }
+  auto *castedCatch = llvh::dyn_cast<ESTree::CatchClauseNode>(catchClause);
+  if (!castedCatch) {
+    return;
+  }
+  // Bail early if there is no identifier in the parameter of the catch.
+  if (!castedCatch->_param ||
+      !llvh::isa<ESTree::IdentifierNode>(castedCatch->_param)) {
+    return;
+  }
+  auto *idNode = cast<ESTree::IdentifierNode>(castedCatch->_param);
+  if (!isValidDeclarationName(idNode)) {
+    sm_.error(
+        idNode->getSourceRange(),
+        "cannot bind to " + idNode->_name->str() +
+            " in the catch clause in strict mode");
+  }
+}
+
 void SemanticValidator::visit(TryStatementNode *tryStatement) {
+  if (curFunction()->strictMode) {
+    validateCatchClause(tryStatement->_handler);
+  }
+  // The catch parameter cannot bind to 'eval' or 'arguments' in strict mode.
   // A try statement with both catch and finally handlers is technically
   // two nested try statements. Transform:
   //

diff --git a/lib/AST/SemanticValidator.h b/lib/AST/SemanticValidator.h
@@ -277,6 +277,10 @@ class SemanticValidator {
       FunctionInfo::BlockDecls *varIdents,
       FunctionInfo::BlockDecls *scopedIdents);
 
+  /// Ensure that the catch clause of a try statement does not bind any
+  /// identifiers to 'eval' or 'arguments'. Should only be used in strict mode.
+  void validateCatchClause(const Node *catchClause);
+
   /// Ensure that the specified node is a valid target for an assignment, in
   /// other words it is an l-value, a Pattern (checked recursively) or an Empty
   /// (used by elision).

diff --git a/test/hermes/catch_invalid_bindings.js b/test/hermes/catch_invalid_bindings.js
@@ -0,0 +1,25 @@
+/**
+ * Copyright (c) Meta Platforms, Inc. and affiliates.
+ *
+ * This source code is licensed under the MIT license found in the
+ * LICENSE file in the root directory of this source tree.
+ */
+
+// RUN: %hermes %s | %FileCheck --match-full-lines %s
+'use strict';
+
+print("catch");
+//CHECK-LABEL: catch
+
+try {
+  eval('try{}catch(eval){}')
+} catch (err){
+  print(err instanceof SyntaxError);
+}
+//CHECK-NEXT: true
+try {
+  eval('try{}catch(arguments){}')
+} catch (err){
+  print(err instanceof SyntaxError);
+}
+//CHECK-NEXT: true