Changeset 65920 in webkit


Ignore:
Timestamp:
Aug 24, 2010 12:00:56 PM (14 years ago)
Author:
oliver@apple.com
Message:

2010-08-24 Oliver Hunt <oliver@apple.com>

Reviewed by Beth Dakin.

Make overflow guards in UString::utf8 explicit
https://bugs.webkit.org/show_bug.cgi?id=44540

Add an explicit overflow check prior to allocating our buffer,
rather than implicitly relying on the guard in convertUTF16ToUTF8.

  • runtime/UString.cpp: (JSC::UString::utf8):
Location:
trunk/JavaScriptCore
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/JavaScriptCore/ChangeLog

    r65886 r65920  
     12010-08-24  Oliver Hunt  <oliver@apple.com>
     2
     3        Reviewed by Beth Dakin.
     4
     5        Make overflow guards in UString::utf8 explicit
     6        https://bugs.webkit.org/show_bug.cgi?id=44540
     7
     8        Add an explicit overflow check prior to allocating our buffer,
     9        rather than implicitly relying on the guard in convertUTF16ToUTF8.
     10
     11        * runtime/UString.cpp:
     12        (JSC::UString::utf8):
     13
    1142010-08-24  Yael Aharon  <yael.aharon@nokia.com>
    215
  • trunk/JavaScriptCore/runtime/UString.cpp

    r65593 r65920  
    335335    //    have a good chance of being able to write the string into the
    336336    //    buffer without reallocing (say, 1.5 x length).
     337    if (length > numeric_limits<unsigned>::max() / 3)
     338        return CString();
    337339    Vector<char, 1024> bufferVector(length * 3);
    338340
Note: See TracChangeset for help on using the changeset viewer.