[SCM] WebKit Debian packaging branch, debian/experimental, updated. upstream/1.3.3-9427-gc2be6fc

darin at apple.com darin at apple.com
Wed Dec 22 16:39:04 UTC 2010 

The following commit has been merged in the debian/experimental branch:
commit 41b66871e6513f80d65dd29c57cb9ccab22aad35
Author: darin at apple.com <darin at apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date:   Mon Nov 29 22:06:31 2010 +0000

    2010-11-29  Darin Adler  <darin at apple.com>
    
            Reviewed by Andreas Kling.
    
            Remove a couple unneeded overflow checks
            https://bugs.webkit.org/show_bug.cgi?id=49816
    
            * wtf/text/CString.cpp:
            (WTF::CString::init): Use an ASSERT instead of
            an overflow check with CRASH.
    2010-11-29  Darin Adler  <darin at apple.com>
    
            Reviewed by Andreas Kling.
    
            Remove a couple unneeded overflow checks
            https://bugs.webkit.org/show_bug.cgi?id=49816
    
            * platform/text/TextCodecUTF16.cpp:
            (WebCore::TextCodecUTF16::encode): Use an ASSERT instead of
            an overflow check with CRASH.
    
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@72831 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/JavaScriptCore/ChangeLog b/JavaScriptCore/ChangeLog
index 87f8368..781e991 100644
--- a/JavaScriptCore/ChangeLog
+++ b/JavaScriptCore/ChangeLog
@@ -1,3 +1,14 @@
+2010-11-29  Darin Adler  <darin at apple.com>
+
+        Reviewed by Andreas Kling.
+
+        Remove a couple unneeded overflow checks
+        https://bugs.webkit.org/show_bug.cgi?id=49816
+
+        * wtf/text/CString.cpp:
+        (WTF::CString::init): Use an ASSERT instead of
+        an overflow check with CRASH.
+
 2010-11-29  Adam Roben  <aroben at apple.com>
 
         Robustify react-to-vsprops-changes.py against changes to its location
diff --git a/JavaScriptCore/wtf/text/CString.cpp b/JavaScriptCore/wtf/text/CString.cpp
index db6443f..981d77a 100644
--- a/JavaScriptCore/wtf/text/CString.cpp
+++ b/JavaScriptCore/wtf/text/CString.cpp
@@ -49,8 +49,11 @@ void CString::init(const char* str, size_t length)
     if (!str)
         return;
 
-    if (length >= numeric_limits<size_t>::max())
-        CRASH();
+    // We need to be sure we can add 1 to length without overflowing.
+    // Since the passed-in length is the length of an actual existing
+    // string, and we know the string doesn't occupy the entire address
+    // space, we can assert here and there's no need for a runtime check.
+    ASSERT(length < numeric_limits<size_t>::max());
 
     m_buffer = CStringBuffer::create(length + 1);
     memcpy(m_buffer->mutableData(), str, length); 
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index e48fc0d..9a2c00c 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,14 @@
+2010-11-29  Darin Adler  <darin at apple.com>
+
+        Reviewed by Andreas Kling.
+
+        Remove a couple unneeded overflow checks
+        https://bugs.webkit.org/show_bug.cgi?id=49816
+
+        * platform/text/TextCodecUTF16.cpp:
+        (WebCore::TextCodecUTF16::encode): Use an ASSERT instead of
+        an overflow check with CRASH.
+
 2010-11-29  Tony Chang  <tony at chromium.org>
 
         Unreviewed, disable warnings again on chromium linux
diff --git a/WebCore/platform/text/TextCodecUTF16.cpp b/WebCore/platform/text/TextCodecUTF16.cpp
index 95f4dc4..e88e83b 100644
--- a/WebCore/platform/text/TextCodecUTF16.cpp
+++ b/WebCore/platform/text/TextCodecUTF16.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2004, 2006, 2008 Apple Inc. All rights reserved.
+ * Copyright (C) 2004, 2006, 2008, 2010 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -117,8 +117,13 @@ String TextCodecUTF16::decode(const char* bytes, size_t length, bool, bool, bool
 
 CString TextCodecUTF16::encode(const UChar* characters, size_t length, UnencodableHandling)
 {
-    if (length > numeric_limits<size_t>::max() / 2)
-        CRASH();
+    // We need to be sure we can double the length without overflowing.
+    // Since the passed-in length is the length of an actual existing
+    // character buffer, each character is two bytes, and we know
+    // the buffer doesn't occupy the entire address space, we can
+    // assert here that doubling the length does not overflow size_t
+    // and there's no need for a runtime check.
+    ASSERT(length <= numeric_limits<size_t>::max() / 2);
 
     char* bytes;
     CString string = CString::newUninitialized(length * 2, bytes);

-- 
WebKit Debian packaging

More information about the Pkg-webkit-commits mailing list