Changeset 47092 in webkit
- Timestamp:
- Aug 11, 2009 11:22:41 PM (15 years ago)
- Location:
- trunk
- Files:
-
- 2 added
- 13 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/JavaScriptCore/ChangeLog
r47091 r47092 75 75 (JSC::FunctionBodyNode::make): 76 76 Make this method inline (was FuncDeclNode::makeFunction). 77 78 2009-08-11 Oliver Hunt <oliver@apple.com> 79 80 Reviewed by Gavin Barraclough. 81 82 Make it harder to misuse try* allocation routines 83 https://bugs.webkit.org/show_bug.cgi?id=27469 84 85 Jump through a few hoops to make it much harder to accidentally 86 miss null-checking of values returned by the try-* allocation 87 routines. 88 89 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: 90 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def: 91 * JavaScriptCore.xcodeproj/project.pbxproj: 92 * runtime/JSArray.cpp: 93 (JSC::JSArray::putSlowCase): 94 (JSC::JSArray::increaseVectorLength): 95 * runtime/StringPrototype.cpp: 96 (JSC::stringProtoFuncFontsize): 97 (JSC::stringProtoFuncLink): 98 * runtime/UString.cpp: 99 (JSC::allocChars): 100 (JSC::reallocChars): 101 (JSC::expandCapacity): 102 (JSC::UString::Rep::reserveCapacity): 103 (JSC::UString::expandPreCapacity): 104 (JSC::createRep): 105 (JSC::concatenate): 106 (JSC::UString::spliceSubstringsWithSeparators): 107 (JSC::UString::replaceRange): 108 (JSC::UString::append): 109 (JSC::UString::operator=): 110 * runtime/UString.h: 111 (JSC::UString::Rep::createEmptyBuffer): 112 * wtf/FastMalloc.cpp: 113 (WTF::tryFastZeroedMalloc): 114 (WTF::tryFastMalloc): 115 (WTF::tryFastCalloc): 116 (WTF::tryFastRealloc): 117 (WTF::TCMallocStats::tryFastMalloc): 118 (WTF::TCMallocStats::tryFastCalloc): 119 (WTF::TCMallocStats::tryFastRealloc): 120 * wtf/FastMalloc.h: 121 (WTF::TryMallocReturnValue::TryMallocReturnValue): 122 (WTF::TryMallocReturnValue::~TryMallocReturnValue): 123 (WTF::TryMallocReturnValue::operator PossiblyNull<T>): 124 (WTF::TryMallocReturnValue::getValue): 125 * wtf/Platform.h: 126 * wtf/PossiblyNull.h: Added. 127 (WTF::PossiblyNull::PossiblyNull): 128 (WTF::PossiblyNull::~PossiblyNull): 129 (WTF::::getValue): 77 130 78 131 2009-08-11 Oliver Hunt <oliver@apple.com> -
trunk/JavaScriptCore/JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def
r47091 r47092 265 265 ?toUInt32@UString@JSC@@QBEIPA_N_N@Z 266 266 ?toUInt32SlowCase@JSC@@YAINAA_N@Z 267 ?tryFastCalloc@WTF@@YA PAXII@Z267 ?tryFastCalloc@WTF@@YA?AUTryMallocReturnValue@1@II@Z 268 268 ?tryLock@Mutex@WTF@@QAE_NXZ 269 269 ?type@DebuggerCallFrame@JSC@@QBE?AW4Type@12@XZ -
trunk/JavaScriptCore/JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def
r47091 r47092 264 264 ?toUInt32@UString@JSC@@QBEIPA_N_N@Z 265 265 ?toUInt32SlowCase@JSC@@YAINAA_N@Z 266 ?tryFastCalloc@WTF@@YA PAXII@Z266 ?tryFastCalloc@WTF@@YA?AUTryMallocReturnValue@1@II@Z 267 267 ?tryLock@Mutex@WTF@@QAE_NXZ 268 268 ?type@DebuggerCallFrame@JSC@@QBE?AW4Type@12@XZ -
trunk/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
r47022 r47092 208 208 A7B48F490EE8936F00DCBDB6 /* ExecutableAllocator.cpp in Sources */ = {isa = PBXBuildFile; fileRef = A7B48DB60EE74CFC00DCBDB6 /* ExecutableAllocator.cpp */; }; 209 209 A7C530E4102A3813005BC741 /* MarkStackPosix.cpp in Sources */ = {isa = PBXBuildFile; fileRef = A7C530E3102A3813005BC741 /* MarkStackPosix.cpp */; }; 210 A7D649AA1015224E009B2E1B /* PossiblyNull.h in Headers */ = {isa = PBXBuildFile; fileRef = A7D649A91015224E009B2E1B /* PossiblyNull.h */; settings = {ATTRIBUTES = (Private, ); }; }; 210 211 A7E2EA6B0FB460CF00601F06 /* LiteralParser.h in Headers */ = {isa = PBXBuildFile; fileRef = A7E2EA690FB460CF00601F06 /* LiteralParser.h */; }; 211 212 A7E2EA6C0FB460CF00601F06 /* LiteralParser.cpp in Sources */ = {isa = PBXBuildFile; fileRef = A7E2EA6A0FB460CF00601F06 /* LiteralParser.cpp */; }; … … 753 754 A7B48DB60EE74CFC00DCBDB6 /* ExecutableAllocator.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ExecutableAllocator.cpp; sourceTree = "<group>"; }; 754 755 A7C530E3102A3813005BC741 /* MarkStackPosix.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = MarkStackPosix.cpp; sourceTree = "<group>"; }; 756 A7D649A91015224E009B2E1B /* PossiblyNull.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = PossiblyNull.h; sourceTree = "<group>"; }; 755 757 A7E2EA690FB460CF00601F06 /* LiteralParser.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = LiteralParser.h; sourceTree = "<group>"; }; 756 758 A7E2EA6A0FB460CF00601F06 /* LiteralParser.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = LiteralParser.cpp; sourceTree = "<group>"; }; … … 1243 1245 6580F795094070560082C219 /* PassRefPtr.h */, 1244 1246 65D6D87E09B5A32E0002E4D7 /* Platform.h */, 1247 A7D649A91015224E009B2E1B /* PossiblyNull.h */, 1245 1248 0B1F921B0F17502D0036468E /* PtrAndFlags.h */, 1246 1249 088FA5B90EF76D4300578E6F /* RandomNumber.cpp */, … … 1903 1906 9688CB160ED12B4E001D649F /* X86Assembler.h in Headers */, 1904 1907 A7795590101A74D500114E55 /* MarkStack.h in Headers */, 1908 A7D649AA1015224E009B2E1B /* PossiblyNull.h in Headers */, 1905 1909 ); 1906 1910 runOnlyForDeploymentPostprocessing = 0; -
trunk/JavaScriptCore/runtime/JSArray.cpp
r47022 r47092 349 349 } 350 350 351 storage = static_cast<ArrayStorage*>(tryFastRealloc(storage, storageSize(newVectorLength))); 352 if (!storage) { 351 if (!tryFastRealloc(storage, storageSize(newVectorLength)).getValue(storage)) { 353 352 throwOutOfMemoryError(exec); 354 353 return; … … 468 467 unsigned newVectorLength = increasedVectorLength(newLength); 469 468 470 storage = static_cast<ArrayStorage*>(tryFastRealloc(storage, storageSize(newVectorLength))); 471 if (!storage) 469 if (!tryFastRealloc(storage, storageSize(newVectorLength)).getValue(storage)) 472 470 return false; 473 471 -
trunk/JavaScriptCore/runtime/StringPrototype.cpp
r46598 r47092 822 822 unsigned stringSize = s.size(); 823 823 unsigned bufferSize = 22 + stringSize; 824 UChar* buffer = static_cast<UChar*>(tryFastMalloc(bufferSize * sizeof(UChar)));825 if (! buffer)824 UChar* buffer; 825 if (!tryFastMalloc(bufferSize * sizeof(UChar)).getValue(buffer)) 826 826 return jsUndefined(); 827 827 buffer[0] = '<'; … … 870 870 unsigned stringSize = s.size(); 871 871 unsigned bufferSize = 15 + linkTextSize + stringSize; 872 UChar* buffer = static_cast<UChar*>(tryFastMalloc(bufferSize * sizeof(UChar)));873 if (! buffer)872 UChar* buffer; 873 if (!tryFastMalloc(bufferSize * sizeof(UChar)).getValue(buffer)) 874 874 return jsUndefined(); 875 875 buffer[0] = '<'; -
trunk/JavaScriptCore/runtime/UString.cpp
r46180 r47092 69 69 static inline size_t maxUChars() { return std::numeric_limits<size_t>::max() / sizeof(UChar); } 70 70 71 static inline UChar*allocChars(size_t length)71 static inline PossiblyNull<UChar*> allocChars(size_t length) 72 72 { 73 73 ASSERT(length); 74 74 if (length > maxUChars()) 75 75 return 0; 76 return static_cast<UChar*>(tryFastMalloc(sizeof(UChar) * length));77 } 78 79 static inline UChar*reallocChars(UChar* buffer, size_t length)76 return tryFastMalloc(sizeof(UChar) * length); 77 } 78 79 static inline PossiblyNull<UChar*> reallocChars(UChar* buffer, size_t length) 80 80 { 81 81 ASSERT(length); 82 82 if (length > maxUChars()) 83 83 return 0; 84 return static_cast<UChar*>(tryFastRealloc(buffer, sizeof(UChar) * length));84 return tryFastRealloc(buffer, sizeof(UChar) * length); 85 85 } 86 86 … … 481 481 size_t newCapacity = expandedSize(requiredLength, base->preCapacity); 482 482 UChar* oldBuf = base->buf; 483 base->buf = reallocChars(base->buf, newCapacity); 484 if (!base->buf) { 483 if (!reallocChars(base->buf, newCapacity).getValue(base->buf)) { 485 484 base->buf = oldBuf; 486 485 return false; … … 513 512 size_t newCapacity = expandedSize(capacity, base->preCapacity); 514 513 UChar* oldBuf = base->buf; 515 base->buf = reallocChars(base->buf, newCapacity); 516 if (!base->buf) { 514 if (!reallocChars(base->buf, newCapacity).getValue(base->buf)) { 517 515 base->buf = oldBuf; 518 516 return false; … … 541 539 int delta = newCapacity - base->capacity - base->preCapacity; 542 540 543 UChar* newBuf = allocChars(newCapacity);544 if (! newBuf) {541 UChar* newBuf; 542 if (!allocChars(newCapacity).getValue(newBuf)) { 545 543 makeNull(); 546 544 return; … … 567 565 568 566 size_t length = strlen(c); 569 UChar* d = allocChars(length);570 if (! d)567 UChar* d; 568 if (!allocChars(length).getValue(d)) 571 569 return &UString::Rep::null(); 572 570 else { … … 657 655 // This is shared in some way that prevents us from modifying base, so we must make a whole new string. 658 656 size_t newCapacity = expandedSize(length, 0); 659 UChar* d = allocChars(newCapacity);660 if (! d)657 UChar* d; 658 if (!allocChars(newCapacity).getValue(d)) 661 659 rep = &UString::Rep::null(); 662 660 else { … … 713 711 // This is shared in some way that prevents us from modifying base, so we must make a whole new string. 714 712 size_t newCapacity = expandedSize(length, 0); 715 UChar* d = allocChars(newCapacity);716 if (! d)713 UChar* d; 714 if (!allocChars(newCapacity).getValue(d)) 717 715 rep = &UString::Rep::null(); 718 716 else { … … 801 799 // a does not qualify for append, and b does not qualify for prepend, gotta make a whole new string 802 800 size_t newCapacity = expandedSize(length, 0); 803 UChar* d = allocChars(newCapacity);804 if (! d)801 UChar* d; 802 if (!allocChars(newCapacity).getValue(d)) 805 803 return 0; 806 804 copyChars(d, a->data(), aSize); … … 1077 1075 return ""; 1078 1076 1079 UChar* buffer = allocChars(totalLength);1080 if (! buffer)1077 UChar* buffer; 1078 if (!allocChars(totalLength).getValue(buffer)) 1081 1079 return null(); 1082 1080 … … 1106 1104 return ""; 1107 1105 1108 UChar* buffer = allocChars(totalLength);1109 if (! buffer)1106 UChar* buffer; 1107 if (!allocChars(totalLength).getValue(buffer)) 1110 1108 return null(); 1111 1109 … … 1154 1152 // This is shared in some way that prevents us from modifying base, so we must make a whole new string. 1155 1153 size_t newCapacity = expandedSize(length, 0); 1156 UChar* d = allocChars(newCapacity);1157 if (! d)1154 UChar* d; 1155 if (!allocChars(newCapacity).getValue(d)) 1158 1156 makeNull(); 1159 1157 else { … … 1207 1205 // this is empty - must make a new m_rep because we don't want to pollute the shared empty one 1208 1206 size_t newCapacity = expandedSize(1, 0); 1209 UChar* d = allocChars(newCapacity);1210 if (! d)1207 UChar* d; 1208 if (!allocChars(newCapacity).getValue(d)) 1211 1209 makeNull(); 1212 1210 else { … … 1235 1233 // This is shared in some way that prevents us from modifying base, so we must make a whole new string. 1236 1234 size_t newCapacity = expandedSize(length + 1, 0); 1237 UChar* d = allocChars(newCapacity);1238 if (! d)1235 UChar* d; 1236 if (!allocChars(newCapacity).getValue(d)) 1239 1237 makeNull(); 1240 1238 else { … … 1314 1312 m_rep->len = l; 1315 1313 } else { 1316 d = allocChars(l); 1317 if (!d) { 1314 if (!allocChars(l).getValue(d)) { 1318 1315 makeNull(); 1319 1316 return *this; -
trunk/JavaScriptCore/runtime/UString.h
r46180 r47092 92 92 // Guard against integer overflow 93 93 if (size < (std::numeric_limits<size_t>::max() / sizeof(UChar))) { 94 if (void * buf = tryFastMalloc(size * sizeof(UChar))) 94 void * buf = 0; 95 if (tryFastMalloc(size * sizeof(UChar)).getValue(buf)) 95 96 return adoptRef(new BaseString(static_cast<UChar*>(buf), 0, size)); 96 97 } -
trunk/JavaScriptCore/wtf/FastMalloc.cpp
r46999 r47092 179 179 } 180 180 181 void*tryFastZeroedMalloc(size_t n)182 { 183 void* result = tryFastMalloc(n);184 if (! result)181 TryMallocReturnValue tryFastZeroedMalloc(size_t n) 182 { 183 void* result; 184 if (!tryFastMalloc(n).getValue(result)) 185 185 return 0; 186 186 memset(result, 0, n); … … 201 201 namespace WTF { 202 202 203 void*tryFastMalloc(size_t n)203 TryMallocReturnValue tryFastMalloc(size_t n) 204 204 { 205 205 ASSERT(!isForbidden()); … … 237 237 } 238 238 239 void*tryFastCalloc(size_t n_elements, size_t element_size)239 TryMallocReturnValue tryFastCalloc(size_t n_elements, size_t element_size) 240 240 { 241 241 ASSERT(!isForbidden()); … … 292 292 } 293 293 294 void*tryFastRealloc(void* p, size_t n)294 TryMallocReturnValue tryFastRealloc(void* p, size_t n) 295 295 { 296 296 ASSERT(!isForbidden()); … … 3577 3577 } 3578 3578 3579 void*tryFastMalloc(size_t size)3579 TryMallocReturnValue tryFastMalloc(size_t size) 3580 3580 { 3581 3581 return malloc<false>(size); … … 3638 3638 } 3639 3639 3640 void*tryFastCalloc(size_t n, size_t elem_size)3640 TryMallocReturnValue tryFastCalloc(size_t n, size_t elem_size) 3641 3641 { 3642 3642 return calloc<false>(n, elem_size); … … 3702 3702 } 3703 3703 3704 void*tryFastRealloc(void* old_ptr, size_t new_size)3704 TryMallocReturnValue tryFastRealloc(void* old_ptr, size_t new_size) 3705 3705 { 3706 3706 return realloc<false>(old_ptr, new_size); -
trunk/JavaScriptCore/wtf/FastMalloc.h
r47010 r47092 23 23 24 24 #include "Platform.h" 25 #include "PossiblyNull.h" 25 26 #include <stdlib.h> 26 27 #include <new> … … 34 35 void* fastRealloc(void*, size_t); 35 36 36 // These functions return 0 if an allocation fails. 37 void* tryFastMalloc(size_t); 38 void* tryFastZeroedMalloc(size_t); 39 void* tryFastCalloc(size_t numElements, size_t elementSize); 40 void* tryFastRealloc(void*, size_t); 37 struct TryMallocReturnValue { 38 TryMallocReturnValue(void* data) 39 : m_data(data) 40 { 41 } 42 TryMallocReturnValue(const TryMallocReturnValue& source) 43 : m_data(source.m_data) 44 { 45 source.m_data = 0; 46 } 47 ~TryMallocReturnValue() { ASSERT(!m_data); } 48 template <typename T> bool getValue(T& data) WARN_UNUSED_RETURN; 49 template <typename T> operator PossiblyNull<T>() 50 { 51 T value; 52 getValue(value); 53 return PossiblyNull<T>(value); 54 } 55 private: 56 mutable void* m_data; 57 }; 58 59 template <typename T> bool TryMallocReturnValue::getValue(T& data) { 60 union u { void* data; T target; } res; 61 res.data = m_data; 62 data = res.target; 63 bool returnValue = !!m_data; 64 m_data = 0; 65 return returnValue; 66 } 67 68 TryMallocReturnValue tryFastMalloc(size_t n); 69 TryMallocReturnValue tryFastZeroedMalloc(size_t n); 70 TryMallocReturnValue tryFastCalloc(size_t n_elements, size_t element_size); 71 TryMallocReturnValue tryFastRealloc(void* p, size_t n); 41 72 42 73 void fastFree(void*); -
trunk/JavaScriptCore/wtf/Platform.h
r47056 r47092 733 733 #endif 734 734 735 #if COMPILER(GCC) 736 #define WARN_UNUSED_RETURN __attribute__ ((warn_unused_result)) 737 #else 738 #define WARN_UNUSED_RETURN 739 #endif 740 735 741 #endif /* WTF_Platform_h */ -
trunk/WebCore/ChangeLog
r47089 r47092 1 2009-08-11 Oliver Hunt <oliver@apple.com> 2 3 Reviewed by Gavin Barraclough. 4 5 Make it harder to misuse try* allocation routines 6 https://bugs.webkit.org/show_bug.cgi?id=27469 7 8 Add forwarding header for PossiblyNull type, and add missing null check 9 to ImageBuffer creation. 10 11 * ForwardingHeaders/wtf/PossiblyNull.h: Added. 12 * platform/graphics/cg/ImageBufferCG.cpp: 13 (WebCore::ImageBuffer::ImageBuffer): 14 1 15 2009-08-11 Gavin Barraclough <barraclough@apple.com> 2 16 -
trunk/WebCore/platform/graphics/cg/ImageBufferCG.cpp
r46957 r47092 66 66 } 67 67 68 m_data.m_data = tryFastCalloc(size.height(), bytesPerRow); 68 if (!tryFastCalloc(size.height(), bytesPerRow).getValue(m_data.m_data)) 69 return; 70 69 71 ASSERT((reinterpret_cast<size_t>(m_data.m_data) & 2) == 0); 70 72
Note: See TracChangeset
for help on using the changeset viewer.