src/runtime.cc - Issue 7565009: Fix out-of-bounds access in fetching propery names

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: src/runtime.cc

Issue 7565009: Fix out-of-bounds access in fetching propery names (Closed) Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge

Patch Set: additional fixes Created 9 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

Index: src/runtime.cc

diff --git a/src/runtime.cc b/src/runtime.cc

index e63b9f7613d1a020c41156ad21bbccd4eb21ea49..51091bb4ada9f4f8ddedfe599ee4efa96a6ed7dd 100644

--- a/src/runtime.cc

+++ b/src/runtime.cc

@@ -4583,9 +4583,10 @@ RUNTIME_FUNCTION(MaybeObject*, Runtime_GetLocalPropertyNames) {

// Get the property names.

jsproto = obj;

int proto_with_hidden_properties = 0;

+ int next_copy_index = 0;

for (int i = 0; i < length; i++) {

- jsproto->GetLocalPropertyNames(*names,

- i == 0 ? 0 : local_property_count[i - 1]);

+ jsproto->GetLocalPropertyNames(*names, next_copy_index);

+ next_copy_index += local_property_count[i];

if (jsproto->HasHiddenProperties()) {

proto_with_hidden_properties++;

}

« no previous file with comments | « src/objects.cc ('k') | no next file » | no next file with comments »