Google Git
Sign in
webkit / WebKit / 4e3f96534501c6afed9a27a90e39f5df36b51763
commit4e3f96534501c6afed9a27a90e39f5df36b51763[log] [tgz]
authoroliver@apple.com <oliver@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Mon Apr 08 04:14:50 2013 +0000
committeroliver@apple.com <oliver@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Mon Apr 08 04:14:50 2013 +0000
tree62747f8fb084440fbca3e8c488d1dfb36bd2e90f
parentd4d91ae23cf49fdb88e5502039deeff04627efeb [diff]
Add bounds checking for WTF::Vector::operator[]
https://bugs.webkit.org/show_bug.cgi?id=89600

Reviewed by Filip Pizlo.

Source/JavaScriptCore:

Make a few JSC classes opt-out of release mode bounds checking.

* assembler/AssemblerBuffer.h:
(AssemblerBuffer):
* assembler/AssemblerBufferWithConstantPool.h:
(AssemblerBufferWithConstantPool):
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::CodeBlock):
(JSC::CodeBlock::bytecodeOffset):
(JSC):
(JSC::replaceExistingEntries):
* bytecode/CodeBlock.h:
(JSC::CodeBlock::bytecodeOffsetForCallAtIndex):
(JSC::CodeBlock::callReturnIndexVector):
(JSC::CodeBlock::codeOrigins):
(RareData):
* bytecode/UnlinkedCodeBlock.h:
(JSC::UnlinkedEvalCodeBlock::adoptVariables):
(UnlinkedEvalCodeBlock):
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::BytecodeGenerator):
(JSC::BytecodeGenerator::emitNewArray):
(JSC::BytecodeGenerator::emitCall):
(JSC::BytecodeGenerator::emitConstruct):
* bytecompiler/BytecodeGenerator.h:
(CallArguments):
(JSC::BytecodeGenerator::instructions):
(BytecodeGenerator):
* bytecompiler/StaticPropertyAnalysis.h:
(JSC::StaticPropertyAnalysis::create):
(JSC::StaticPropertyAnalysis::StaticPropertyAnalysis):
(StaticPropertyAnalysis):
* bytecompiler/StaticPropertyAnalyzer.h:
(StaticPropertyAnalyzer):
(JSC::StaticPropertyAnalyzer::StaticPropertyAnalyzer):
* dfg/DFGJITCompiler.cpp:
(JSC::DFG::JITCompiler::link):
* parser/ASTBuilder.h:
(ASTBuilder):
* runtime/ArgList.h:
(MarkedArgumentBuffer):
* runtime/ArrayPrototype.cpp:
(JSC::arrayProtoFuncSort):

Source/WebCore:

Fix exports

* WebCore.exp.in:

Source/WTF:

Add a template parameter to Vector<> that controls whether
bounds checking is performed in release builds or not.
Defaults to crashing on overflow.

* wtf/Forward.h:
(WTF):
* wtf/Vector.h:
(WTF):
(Vector):
(WTF::Vector::at):
(WTF::Vector::removeLast):
(WTF::::Vector):
(WTF::=):
(WTF::::contains):
(WTF::::find):
(WTF::::reverseFind):
(WTF::::fill):
(WTF::::appendRange):
(WTF::::expandCapacity):
(WTF::::tryExpandCapacity):
(WTF::::resize):
(WTF::::shrink):
(WTF::::grow):
(WTF::::reserveCapacity):
(WTF::::tryReserveCapacity):
(WTF::::reserveInitialCapacity):
(WTF::::shrinkCapacity):
(WTF::::append):
(WTF::::tryAppend):
(WTF::::appendSlowCase):
(WTF::::uncheckedAppend):
(WTF::::appendVector):
(WTF::::insert):
(WTF::::prepend):
(WTF::::remove):
(WTF::::reverse):
(WTF::::releaseBuffer):
(WTF::::checkConsistency):
(WTF::deleteAllValues):
(WTF::swap):
(WTF::operator==):
(WTF::operator!=):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@147892 268f45cc-cd09-0410-ab3c-d52691b4dbfc
32 files changed
tree: 62747f8fb084440fbca3e8c488d1dfb36bd2e90f
  1. Examples/
  2. LayoutTests/
  3. ManualTests/
  4. PerformanceTests/
  5. Source/
  6. Tools/
  7. WebKit.xcworkspace/
  8. WebKitLibraries/
  9. Websites/
  10. .dir-locals.el
  11. .gitattributes
  12. .gitignore
  13. .qmake.conf
  14. autogen.sh
  15. ChangeLog
  16. ChangeLog-2012-05-22
  17. CMakeLists.txt
  18. configure.ac
  19. GNUmakefile.am
  20. Makefile
  21. Makefile.shared
  22. WebKit.pro
  23. wscript