third_party/WebKit/Source/wtf/ArrayBufferBuilder.cpp - Issue 1414553002: Fix out-of-memory crashes related to ArrayBuffer allocation

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: third_party/WebKit/Source/wtf/ArrayBufferBuilder.cpp

Issue 1414553002: Fix out-of-memory crashes related to ArrayBuffer allocation Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 5 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« third_party/WebKit/Source/wtf/ArrayBufferBuilder.h ('K') | « third_party/WebKit/Source/wtf/ArrayBufferBuilder.h ('k') | third_party/WebKit/Source/wtf/ArrayBufferContents.h » ('j') | third_party/WebKit/Source/wtf/ArrayBufferContents.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: third_party/WebKit/Source/wtf/ArrayBufferBuilder.cpp

diff --git a/third_party/WebKit/Source/wtf/ArrayBufferBuilder.cpp b/third_party/WebKit/Source/wtf/ArrayBufferBuilder.cpp

index 78a7447e23b99407fa47bc313b3a1b68d4739533..ee44bed7f85fa529fc4594db28e00836c4a7db2d 100644

--- a/third_party/WebKit/Source/wtf/ArrayBufferBuilder.cpp

+++ b/third_party/WebKit/Source/wtf/ArrayBufferBuilder.cpp

@@ -42,7 +42,7 @@ ArrayBufferBuilder::ArrayBufferBuilder()

: m_bytesUsed(0)

, m_variableCapacity(true)

{

- m_buffer = ArrayBuffer::create(defaultBufferCapacity, 1);

+ m_buffer = ArrayBuffer::createOrNull(defaultBufferCapacity, 1);

}

bool ArrayBufferBuilder::expandCapacity(unsigned sizeToIncrease)

@@ -64,7 +64,7 @@ bool ArrayBufferBuilder::expandCapacity(unsigned sizeToIncrease)

newBufferSize = exponentialGrowthNewBufferSize;

// Copy existing data in current buffer to new buffer.

- RefPtr<ArrayBuffer> newBuffer = ArrayBuffer::create(newBufferSize, 1);

+ RefPtr<ArrayBuffer> newBuffer = ArrayBuffer::createOrNull(newBufferSize, 1);

if (!newBuffer)

return false;

@@ -106,7 +106,10 @@ PassRefPtr<ArrayBuffer> ArrayBufferBuilder::toArrayBuffer()

if (m_buffer->byteLength() == m_bytesUsed)

return m_buffer;

- return m_buffer->slice(0, m_bytesUsed);

+ RefPtr<ArrayBuffer> tmp = m_buffer->sliceOrNull(0, m_bytesUsed);

+ if (tmp)

+ return tmp;

+ return m_buffer;

}

String ArrayBufferBuilder::toString()

@@ -118,8 +121,11 @@ void ArrayBufferBuilder::shrinkToFit()

{

ASSERT(m_bytesUsed <= m_buffer->byteLength());

- if (m_buffer->byteLength() > m_bytesUsed)

- m_buffer = m_buffer->slice(0, m_bytesUsed);

+ if (m_buffer->byteLength() > m_bytesUsed) {

+ RefPtr<ArrayBuffer> tmp = m_buffer->sliceOrNull(0, m_bytesUsed);

+ if (tmp)

+ m_buffer = tmp;

+ }

}

} // namespace WTF