Chromium Code Reviews Chromium Code Reviews
Issue 1414553002:
Fix out-of-memory crashes related to ArrayBuffer allocation
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef DOMTypedArray_h | 5 #ifndef DOMTypedArray_h |
| 6 #define DOMTypedArray_h | 6 #define DOMTypedArray_h |
| 7 | 7 |
| 8 #include "bindings/core/v8/ScriptWrappable.h" | 8 #include "bindings/core/v8/ScriptWrappable.h" |
| 9 #include "core/CoreExport.h" | 9 #include "core/CoreExport.h" |
| 10 #include "core/dom/DOMArrayBufferView.h" | 10 #include "core/dom/DOMArrayBufferView.h" |
| (...skipping 11 matching lines...) Expand all Loading... | |
| 22 | 22 |
| 23 namespace blink { | 23 namespace blink { |
| 24 | 24 |
| 25 template<typename WTFTypedArray, typename V8TypedArray> | 25 template<typename WTFTypedArray, typename V8TypedArray> |
| 26 class CORE_TEMPLATE_CLASS_EXPORT DOMTypedArray final : public DOMArrayBufferView { | 26 class CORE_TEMPLATE_CLASS_EXPORT DOMTypedArray final : public DOMArrayBufferView { |
| 27 typedef DOMTypedArray<WTFTypedArray, V8TypedArray> ThisType; | 27 typedef DOMTypedArray<WTFTypedArray, V8TypedArray> ThisType; |
| 28 DECLARE_WRAPPERTYPEINFO(); | 28 DECLARE_WRAPPERTYPEINFO(); |
| 29 public: | 29 public: |
| 30 typedef typename WTFTypedArray::ValueType ValueType; | 30 typedef typename WTFTypedArray::ValueType ValueType; |
| 31 | 31 |
| 32 static PassRefPtr<ThisType> createOrNull(PassRefPtr<WTFTypedArray> bufferVie w) | |
| 33 { | |
| 34 if (!bufferView) | |
| 35 return nullptr; | |
| 36 return adoptRef(new ThisType(bufferView)); | |
| 37 } | |
| 32 static PassRefPtr<ThisType> create(PassRefPtr<WTFTypedArray> bufferView) | 38 static PassRefPtr<ThisType> create(PassRefPtr<WTFTypedArray> bufferView) |
| 33 { | 39 { |
| 40 RELEASE_ASSERT(bufferView); | |
| 34 return adoptRef(new ThisType(bufferView)); | 41 return adoptRef(new ThisType(bufferView)); |
| 35 } | 42 } |
| 36 static PassRefPtr<ThisType> create(unsigned length) | 43 static PassRefPtr<ThisType> createOrNull(const ValueType* array, unsigned le ngth) |
| 37 { | 44 { |
| 38 return create(WTFTypedArray::create(length)); | 45 return createOrNull(WTFTypedArray::createOrNull(array, length)); |
| 39 } | 46 } |
| 40 static PassRefPtr<ThisType> create(const ValueType* array, unsigned length) | 47 static PassRefPtr<ThisType> deprecatedCreateOrCrash(const ValueType* array, unsigned length) |
| 41 { | 48 { |
| 42 return create(WTFTypedArray::create(array, length)); | 49 return create(WTFTypedArray::deprecatedCreateOrCrash(array, length)); |
| 43 } | 50 } |
| 44 static PassRefPtr<ThisType> create(PassRefPtr<WTF::ArrayBuffer> buffer, unsi gned byteOffset, unsigned length) | 51 static PassRefPtr<ThisType> create(PassRefPtr<WTF::ArrayBuffer> buffer, unsi gned byteOffset, unsigned length) |
| 45 { | 52 { |
| 46 return create(WTFTypedArray::create(buffer, byteOffset, length)); | 53 return create(WTFTypedArray::create(buffer, byteOffset, length)); |
| 47 } | 54 } |
| 48 static PassRefPtr<ThisType> create(PassRefPtr<DOMArrayBufferBase> prpBuffer, unsigned byteOffset, unsigned length) | 55 static PassRefPtr<ThisType> create(PassRefPtr<DOMArrayBufferBase> prpBuffer, unsigned byteOffset, unsigned length) |
| 49 { | 56 { |
| 50 RefPtr<DOMArrayBufferBase> buffer = prpBuffer; | 57 RefPtr<DOMArrayBufferBase> buffer = prpBuffer; |
| 51 RefPtr<WTFTypedArray> bufferView = WTFTypedArray::create(buffer->buffer( ), byteOffset, length); | 58 RefPtr<WTFTypedArray> bufferView = WTFTypedArray::create(buffer->buffer( ), byteOffset, length); |
| 52 return adoptRef(new ThisType(bufferView.release(), buffer.release())); | 59 return adoptRef(new ThisType(bufferView.release(), buffer.release())); |
| 53 } | 60 } |
| 54 | 61 |
| 55 static PassRefPtr<ThisType> createOrNull(unsigned length) | 62 static PassRefPtr<ThisType> createOrNull(unsigned length) |
| 56 { | 63 { |
| 57 RefPtr<WTF::ArrayBuffer> buffer = WTF::ArrayBuffer::createOrNull(length, 1); | 64 RefPtr<WTF::ArrayBuffer> buffer = WTF::ArrayBuffer::createOrNull(length, 1); |
| 58 return buffer ? create(buffer.release(), 0, length) : nullptr; | 65 return buffer ? create(buffer.release(), 0, length) : nullptr; |
| 59 } | 66 } |
| 60 | 67 |
| 68 static PassRefPtr<ThisType> deprecatedCreateOrCrash(unsigned length) | |
| 69 { | |
| 70 RefPtr<WTF::ArrayBuffer> buffer = WTF::ArrayBuffer::deprecatedCreateOrCr ash(length, 1); | |
|
binji
2015/10/16 22:12:39
what is the 1 here? Ah, element size.
Seems weird
Justin Novosad
2015/10/19 16:42:52
Acknowledged.
| |
| 71 ASSERT(buffer); | |
| 72 return create(buffer.release(), 0, length); | |
| 73 } | |
| 74 | |
| 61 const WTFTypedArray* view() const { return static_cast<const WTFTypedArray*> (DOMArrayBufferView::view()); } | 75 const WTFTypedArray* view() const { return static_cast<const WTFTypedArray*> (DOMArrayBufferView::view()); } |
| 62 WTFTypedArray* view() { return static_cast<WTFTypedArray*>(DOMArrayBufferVie w::view()); } | 76 WTFTypedArray* view() { return static_cast<WTFTypedArray*>(DOMArrayBufferVie w::view()); } |
| 63 | 77 |
| 64 ValueType* data() const { return view()->data(); } | 78 ValueType* data() const { return view()->data(); } |
| 65 unsigned length() const { return view()->length(); } | 79 unsigned length() const { return view()->length(); } |
| 66 // Invoked by the indexed getter. Does not perform range checks; caller | 80 // Invoked by the indexed getter. Does not perform range checks; caller |
| 67 // is responsible for doing so and returning undefined as necessary. | 81 // is responsible for doing so and returning undefined as necessary. |
| 68 ValueType item(unsigned index) const { return view()->item(index); } | 82 ValueType item(unsigned index) const { return view()->item(index); } |
| 69 | 83 |
| 70 v8::Local<v8::Object> wrap(v8::Isolate*, v8::Local<v8::Object> creationConte xt) override; | 84 v8::Local<v8::Object> wrap(v8::Isolate*, v8::Local<v8::Object> creationConte xt) override; |
| (...skipping 21 matching lines...) Expand all Loading... | |
| 92 typedef DOMTypedArray<WTF::Uint8Array, v8::Uint8Array> DOMUint8Array; | 106 typedef DOMTypedArray<WTF::Uint8Array, v8::Uint8Array> DOMUint8Array; |
| 93 typedef DOMTypedArray<WTF::Uint8ClampedArray, v8::Uint8ClampedArray> DOMUint8Cla mpedArray; | 107 typedef DOMTypedArray<WTF::Uint8ClampedArray, v8::Uint8ClampedArray> DOMUint8Cla mpedArray; |
| 94 typedef DOMTypedArray<WTF::Uint16Array, v8::Uint16Array> DOMUint16Array; | 108 typedef DOMTypedArray<WTF::Uint16Array, v8::Uint16Array> DOMUint16Array; |
| 95 typedef DOMTypedArray<WTF::Uint32Array, v8::Uint32Array> DOMUint32Array; | 109 typedef DOMTypedArray<WTF::Uint32Array, v8::Uint32Array> DOMUint32Array; |
| 96 typedef DOMTypedArray<WTF::Float32Array, v8::Float32Array> DOMFloat32Array; | 110 typedef DOMTypedArray<WTF::Float32Array, v8::Float32Array> DOMFloat32Array; |
| 97 typedef DOMTypedArray<WTF::Float64Array, v8::Float64Array> DOMFloat64Array; | 111 typedef DOMTypedArray<WTF::Float64Array, v8::Float64Array> DOMFloat64Array; |
| 98 | 112 |
| 99 } // namespace blink | 113 } // namespace blink |
| 100 | 114 |
| 101 #endif // DOMTypedArray_h | 115 #endif // DOMTypedArray_h |
| OLD | NEW |
