[webkit-changes] [168303] releases/WebKitGTK/webkit-2.4/Source

Mon, 05 May 2014 11:34:37 -0700

Title: [168303] releases/WebKitGTK/webkit-2.4/Source
Revision
168303
Author
carlo...@webkit.org
Date
2014-05-05 11:34:14 -0700 (Mon, 05 May 2014)

Log Message

Merge r167548 - Make it easier to check if an integer sum would overflow
https://bugs.webkit.org/show_bug.cgi?id=131900

Reviewed by Darin Adler.

Source/_javascript_Core:
* dfg/DFGOperations.cpp:
* runtime/Operations.h:
(JSC::jsString):

Source/WTF:
* wtf/CheckedArithmetic.h:
(WTF::checkedSum):
(WTF::sumOverflows):

Modified Paths

Diff

Modified: releases/WebKitGTK/webkit-2.4/Source/_javascript_Core/ChangeLog (168302 => 168303)


--- releases/WebKitGTK/webkit-2.4/Source/_javascript_Core/ChangeLog	2014-05-05 18:31:30 UTC (rev 168302)
+++ releases/WebKitGTK/webkit-2.4/Source/_javascript_Core/ChangeLog	2014-05-05 18:34:14 UTC (rev 168303)
@@ -1,5 +1,16 @@
 2014-04-19  Filip Pizlo  <fpi...@apple.com>
 
+        Make it easier to check if an integer sum would overflow
+        https://bugs.webkit.org/show_bug.cgi?id=131900
+
+        Reviewed by Darin Adler.
+
+        * dfg/DFGOperations.cpp:
+        * runtime/Operations.h:
+        (JSC::jsString):
+
+2014-04-19  Filip Pizlo  <fpi...@apple.com>
+
         Address some feedback on https://bugs.webkit.org/show_bug.cgi?id=130684.
 
         * dfg/DFGOperations.cpp:

Modified: releases/WebKitGTK/webkit-2.4/Source/_javascript_Core/dfg/DFGOperations.cpp (168302 => 168303)


--- releases/WebKitGTK/webkit-2.4/Source/_javascript_Core/dfg/DFGOperations.cpp	2014-05-05 18:31:30 UTC (rev 168302)
+++ releases/WebKitGTK/webkit-2.4/Source/_javascript_Core/dfg/DFGOperations.cpp	2014-05-05 18:34:14 UTC (rev 168303)
@@ -966,8 +966,8 @@
 {
     VM& vm = exec->vm();
     NativeCallFrameTracer tracer(&vm, exec);
-    
-    if (static_cast<int32_t>(left->length() + right->length()) < 0) {
+
+    if (sumOverflows<int32_t>(left->length(), right->length())) {
         throwOutOfMemoryError(exec);
         return nullptr;
     }
@@ -980,10 +980,7 @@
     VM& vm = exec->vm();
     NativeCallFrameTracer tracer(&vm, exec);
 
-    Checked<int32_t, RecordOverflow> length = a->length();
-    length += b->length();
-    length += c->length();
-    if (length.hasOverflowed()) {
+    if (sumOverflows<int32_t>(a->length(), b->length(), c->length())) {
         throwOutOfMemoryError(exec);
         return nullptr;
     }

Modified: releases/WebKitGTK/webkit-2.4/Source/_javascript_Core/runtime/Operations.h (168302 => 168303)


--- releases/WebKitGTK/webkit-2.4/Source/_javascript_Core/runtime/Operations.h	2014-05-05 18:31:30 UTC (rev 168302)
+++ releases/WebKitGTK/webkit-2.4/Source/_javascript_Core/runtime/Operations.h	2014-05-05 18:34:14 UTC (rev 168303)
@@ -51,7 +51,7 @@
     int32_t length2 = s2->length();
     if (!length2)
         return s1;
-    if ((length1 + length2) < 0)
+    if (sumOverflows<int32_t>(length1, length2))
         return throwOutOfMemoryError(exec);
 
     return JSRopeString::create(vm, s1, s2);
@@ -75,10 +75,8 @@
     if (!length3)
         return jsString(exec, jsString(vm, u1), jsString(vm, u2));
 
-    if ((length1 + length2) < 0)
+    if (sumOverflows<int32_t>(length1, length2, length3))
         return throwOutOfMemoryError(exec);
-    if ((length1 + length2 + length3) < 0)
-        return throwOutOfMemoryError(exec);
 
     return JSRopeString::create(exec->vm(), jsString(vm, u1), jsString(vm, u2), jsString(vm, u3));
 }

Modified: releases/WebKitGTK/webkit-2.4/Source/WTF/ChangeLog (168302 => 168303)


--- releases/WebKitGTK/webkit-2.4/Source/WTF/ChangeLog	2014-05-05 18:31:30 UTC (rev 168302)
+++ releases/WebKitGTK/webkit-2.4/Source/WTF/ChangeLog	2014-05-05 18:34:14 UTC (rev 168303)
@@ -1,3 +1,14 @@
+2014-04-19  Filip Pizlo  <fpi...@apple.com>
+
+        Make it easier to check if an integer sum would overflow
+        https://bugs.webkit.org/show_bug.cgi?id=131900
+
+        Reviewed by Darin Adler.
+
+        * wtf/CheckedArithmetic.h:
+        (WTF::checkedSum):
+        (WTF::sumOverflows):
+
 2014-03-10  Jer Noble  <jer.no...@apple.com>
 
         Improve WeakPtr operators.

Modified: releases/WebKitGTK/webkit-2.4/Source/WTF/wtf/CheckedArithmetic.h (168302 => 168303)


--- releases/WebKitGTK/webkit-2.4/Source/WTF/wtf/CheckedArithmetic.h	2014-05-05 18:31:30 UTC (rev 168302)
+++ releases/WebKitGTK/webkit-2.4/Source/WTF/wtf/CheckedArithmetic.h	2014-05-05 18:34:14 UTC (rev 168303)
@@ -716,8 +716,27 @@
 typedef Checked<uint64_t, RecordOverflow> CheckedUint64;
 typedef Checked<size_t, RecordOverflow> CheckedSize;
 
+template<typename T, typename U>
+Checked<T, RecordOverflow> checkedSum(U value)
+{
+    return Checked<T, RecordOverflow>(value);
 }
+template<typename T, typename U, typename... Args>
+Checked<T, RecordOverflow> checkedSum(U value, Args... args)
+{
+    return Checked<T, RecordOverflow>(value) + checkedSum<T>(args...);
+}
 
+// Sometimes, you just want to check if some math would overflow - the code to do the math is
+// already in place, and you want to guard it.
+
+template<typename T, typename... Args> bool sumOverflows(Args... args)
+{
+    return checkedSum<T>(args...).hasOverflowed();
+}
+
+}
+
 using WTF::Checked;
 using WTF::CheckedState;
 using WTF::RecordOverflow;
@@ -730,5 +749,7 @@
 using WTF::CheckedInt64;
 using WTF::CheckedUint64;
 using WTF::CheckedSize;
+using WTF::checkedSum;
+using WTF::sumOverflows;
 
 #endif

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to