Changeset 86899 in webkit
- Timestamp:
- May 19, 2011 3:29:24 PM (13 years ago)
- Location:
- trunk
- Files:
-
- 6 edited
-
LayoutTests/ChangeLog (modified) (1 diff)
-
LayoutTests/fast/events/message-port-multi-expected.txt (modified) (1 diff)
-
LayoutTests/fast/events/resources/message-port-multi.js (modified) (2 diffs)
-
Source/WebCore/ChangeLog (modified) (1 diff)
-
Source/WebCore/bindings/js/JSMessagePortCustom.cpp (modified) (2 diffs)
-
Source/WebCore/bindings/v8/custom/V8MessagePortCustom.cpp (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r86888 r86899 1 2011-05-19 Andrew Wilson <atwilson@chromium.org> 2 3 Reviewed by Darin Adler. 4 5 MessagePortArray cloning code needs to verify source before copying 6 https://bugs.webkit.org/show_bug.cgi?id=61130 7 8 * fast/events/message-port-multi-expected.txt: 9 * fast/events/resources/message-port-multi.js: 10 Added test for "passing an array with an item at a really large index" to postMessage(). 11 1 12 2011-05-19 Justin Schuh <jschuh@chromium.org> 2 13 -
trunk/LayoutTests/fast/events/message-port-multi-expected.txt
r48926 r86899 10 10 PASS channel.port1.postMessage("notAnArray", channel3.port1) threw exception TypeError: Type error. 11 11 PASS channel.port1.postMessage("notASequence", [{length: 3}]) threw exception TypeError: Type error. 12 PASS channel.port1.postMessage("largeSequence", largePortArray) threw exception Error: INVALID_STATE_ERR: DOM Exception 11. 12 13 PASS event.ports is null when no port sent 13 14 PASS event.ports is null when empty array sent -
trunk/LayoutTests/fast/events/resources/message-port-multi.js
r48926 r86899 9 9 var channel2 = new MessageChannel(); 10 10 var channel3 = new MessageChannel(); 11 var channel4 = new MessageChannel(); 11 12 12 13 channel.port1.postMessage("noport"); … … 24 25 shouldThrow('channel.port1.postMessage("notAnArray", channel3.port1)') 25 26 shouldThrow('channel.port1.postMessage("notASequence", [{length: 3}])'); 27 28 // Should not crash (we should figure out that the array contains undefined 29 // entries). 30 var largePortArray = []; 31 largePortArray[1234567890] = channel4.port1; 32 shouldThrow('channel.port1.postMessage("largeSequence", largePortArray)'); 26 33 27 34 channel.port1.postMessage("done"); -
trunk/Source/WebCore/ChangeLog
r86879 r86899 1 2011-05-19 Andrew Wilson <atwilson@chromium.org> 2 3 Reviewed by Darin Adler. 4 5 MessagePortArray cloning code needs to verify source before copying. 6 https://bugs.webkit.org/show_bug.cgi?id=61130 7 8 * bindings/js/JSMessagePortCustom.cpp: 9 (WebCore::fillMessagePortArray): 10 Changed code to not pre-allocate the destination array. 11 * bindings/v8/custom/V8MessagePortCustom.cpp: 12 (WebCore::getMessagePortArray): 13 Changed code to not pre-allocate the destination array. 14 1 15 2011-05-19 Sheriff Bot <webkit.review.bot@gmail.com> 2 16 -
trunk/Source/WebCore/bindings/js/JSMessagePortCustom.cpp
r86499 r86899 76 76 return; 77 77 78 portArray.resize(length);79 78 for (unsigned i = 0 ; i < length; ++i) { 80 79 JSValue value = object->get(exec, i); … … 93 92 return; 94 93 } 95 portArray [i] = port.release();94 portArray.append(port.release()); 96 95 } 97 96 } -
trunk/Source/WebCore/bindings/v8/custom/V8MessagePortCustom.cpp
r57207 r86899 87 87 length = sequenceLength->Uint32Value(); 88 88 } 89 portArray.resize(length);90 89 90 // Validate the passed array of ports. 91 91 for (unsigned int i = 0; i < length; ++i) { 92 92 v8::Local<v8::Value> port = ports->Get(v8::Integer::New(i)); … … 101 101 return false; 102 102 } 103 portArray [i] = V8MessagePort::toNative(v8::Handle<v8::Object>::Cast(port));103 portArray.append(V8MessagePort::toNative(v8::Handle<v8::Object>::Cast(port))); 104 104 } 105 105 return true;
Note: See TracChangeset
for help on using the changeset viewer.
