[parser] fix null-dereference in DoExpression rewriting

src/parsing/parser.cc

 // Copyright 2012 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "src/parsing/parser.h"
 
 #include "src/api.h"
 #include "src/ast/ast.h"
 #include "src/ast/ast-expression-visitor.h"
 #include "src/ast/ast-literal-reindexer.h"
@@ skipping 2178 matching lines @@
 
   Assignment* assignment =
       factory()->NewAssignment(Token::INIT, proxy, value, pos);
   Statement* assignment_statement =
       factory()->NewExpressionStatement(assignment, RelocInfo::kNoPosition);
   if (names) names->Add(name, zone());
   return assignment_statement;
 }
 
 
-Block* Parser::ParseBlock(ZoneList<const AstRawString*>* labels, bool* ok) {
+Block* Parser::ParseBlock(ZoneList<const AstRawString*>* labels,
+                          bool finalize_block_scope, bool* ok) {
   // The harmony mode uses block elements instead of statements.
   //
   // Block ::
   //   '{' StatementList '}'
 
   // Construct block expecting 16 statements.
   Block* body =
       factory()->NewBlock(labels, 16, false, RelocInfo::kNoPosition);
   Scope* block_scope = NewScope(scope_, BLOCK_SCOPE);
 
   // Parse the statements and collect escaping labels.
   Expect(Token::LBRACE, CHECK_OK);
   block_scope->set_start_position(scanner()->location().beg_pos);
   { BlockState block_state(&scope_, block_scope);
     Target target(&this->target_stack_, body);
 
     while (peek() != Token::RBRACE) {
       Statement* stat = ParseStatementListItem(CHECK_OK);
       if (stat && !stat->IsEmpty()) {
         body->statements()->Add(stat, zone());
       }
     }
   }
   Expect(Token::RBRACE, CHECK_OK);
   block_scope->set_end_position(scanner()->location().end_pos);
-  block_scope = block_scope->FinalizeBlockScope();
+  if (finalize_block_scope) {
+    block_scope = block_scope->FinalizeBlockScope();
+  }
   body->set_scope(block_scope);
   return body;
 }
 
 
+Block* Parser::ParseBlock(ZoneList<const AstRawString*>* labels, bool* ok) {
+  return ParseBlock(labels, true, ok);
+}
+
+
 Block* Parser::DeclarationParsingResult::BuildInitializationBlock(
     ZoneList<const AstRawString*>* names, bool* ok) {
   Block* result = descriptor.parser->factory()->NewBlock(
       NULL, 1, true, descriptor.declaration_pos);
   for (auto declaration : declarations) {
     PatternRewriter::DeclareAndInitializeVariables(
         result, &descriptor, &declaration, names, CHECK_OK);
   }
   return result;
 }
@@ skipping 1744 matching lines @@
 
 
 DoExpression* Parser::ParseDoExpression(bool* ok) {
   // AssignmentExpression ::
   //     do '{' StatementList '}'
   int pos = peek_position();
 
   Expect(Token::DO, CHECK_OK);
   Variable* result =
       scope_->NewTemporary(ast_value_factory()->dot_result_string());
-  Block* block = ParseBlock(nullptr, CHECK_OK);
+  Block* block = ParseBlock(nullptr, false, CHECK_OK);
   DoExpression* expr = factory()->NewDoExpression(block, result, pos);
   if (!Rewriter::Rewrite(this, expr, ast_value_factory())) {
     *ok = false;
     return nullptr;
   }
+  block->set_scope(block->scope()->FinalizeBlockScope());
   return expr;
 }
 
 
 void ParserTraits::ParseArrowFunctionFormalParameterList(
     ParserFormalParameters* parameters, Expression* expr,
     const Scanner::Location& params_loc,
     Scanner::Location* duplicate_loc, bool* ok) {
   if (expr->IsEmptyParentheses()) return;
 
@@ skipping 1429 matching lines @@
     auto class_literal = value->AsClassLiteral();
     if (class_literal->raw_name() == nullptr) {
       class_literal->set_raw_name(name);
     }
   }
 }
 
 
 }  // namespace internal
 }  // namespace v8