Changeset 249164 in webkit

Timestamp:

Aug 27, 2019 1:10:40 PM (5 years ago)

Author:

mark.lam@apple.com

Message:

constructFunctionSkippingEvalEnabledCheck() should use tryMakeString() and check for OOM.
​https://bugs.webkit.org/show_bug.cgi?id=201196
<rdar://problem/54703775>

Reviewed by Yusuke Suzuki.

JSTests:

• stress/constructFunctionSkippingEvalEnabledCheck-should-throw-out-of-memory-error.js: Added.

Source/JavaScriptCore:

• runtime/FunctionConstructor.cpp:

(JSC::constructFunctionSkippingEvalEnabledCheck):

Location:

trunk

Files:

• JSTests/ChangeLog (modified) (1 diff)
• JSTests/stress/constructFunctionSkippingEvalEnabledCheck-should-throw-out-of-memory-error.js (added)
• Source/JavaScriptCore/ChangeLog (modified) (1 diff)
• Source/JavaScriptCore/runtime/FunctionConstructor.cpp (modified) (3 diffs)

trunk/JSTests/ChangeLog

@@ +1 @@
+2019-08-27  Mark Lam  <mark.lam@apple.com>
+
+        constructFunctionSkippingEvalEnabledCheck() should use tryMakeString() and check for OOM.
+        https://bugs.webkit.org/show_bug.cgi?id=201196
+        <rdar://problem/54703775>
+
+        Reviewed by Yusuke Suzuki.
+
+        * stress/constructFunctionSkippingEvalEnabledCheck-should-throw-out-of-memory-error.js: Added.
+
 2019-08-26  Ross Kirsling  <ross.kirsling@sony.com>
 

trunk/Source/JavaScriptCore/ChangeLog

@@ +1 @@
+2019-08-27  Mark Lam  <mark.lam@apple.com>
+
+        constructFunctionSkippingEvalEnabledCheck() should use tryMakeString() and check for OOM.
+        https://bugs.webkit.org/show_bug.cgi?id=201196
+        <rdar://problem/54703775>
+
+        Reviewed by Yusuke Suzuki.
+
+        * runtime/FunctionConstructor.cpp:
+        (JSC::constructFunctionSkippingEvalEnabledCheck):
+
 2019-08-27  Keith Miller  <keith_miller@apple.com>
 

trunk/Source/JavaScriptCore/runtime/FunctionConstructor.cpp

@@ -110 +110 @@
         auto body = args.at(0).toWTFString(exec);
         RETURN_IF_EXCEPTION(scope, nullptr);
-        program = makeString(prefix, functionName.string(), "() {\n", body, "\n}");
+        program = tryMakeString(prefix, functionName.string(), "() {\n", body, "\n}");
+        if (UNLIKELY(!program)) {
+            throwOutOfMemoryError(exec, scope);
+            return nullptr;
+        }
     } else {
         StringBuilder builder(StringBuilder::OverflowHandler::RecordOverflow);
@@ -123 +127 @@
             builder.append(", ", viewWithString.view);
         }
-        if (builder.hasOverflowed()) {
+        if (UNLIKELY(builder.hasOverflowed())) {
             throwOutOfMemoryError(exec, scope);
             return nullptr;
@@ -133 +137 @@
         RETURN_IF_EXCEPTION(scope, nullptr);
         builder.append(") {\n", body.view, "\n}");
-        if (builder.hasOverflowed()) {
+        if (UNLIKELY(builder.hasOverflowed())) {
             throwOutOfMemoryError(exec, scope);
             return nullptr;