third_party/WebKit/Source/wtf/TypedArrayBase.h - Issue 1414553002: Fix out-of-memory crashes related to ArrayBuffer allocation

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: third_party/WebKit/Source/wtf/TypedArrayBase.h

Issue 1414553002: Fix out-of-memory crashes related to ArrayBuffer allocation Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: rebase+more tweaks Created 5 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: third_party/WebKit/Source/wtf/TypedArrayBase.h

diff --git a/third_party/WebKit/Source/wtf/TypedArrayBase.h b/third_party/WebKit/Source/wtf/TypedArrayBase.h

index d1dd85416c368e900262907fff0afd2456670649..f47cfc5c1e27d7c385d9d34d041dfa28cf685972 100644

--- a/third_party/WebKit/Source/wtf/TypedArrayBase.h

+++ b/third_party/WebKit/Source/wtf/TypedArrayBase.h

@@ -73,16 +73,18 @@ protected:

}

template <class Subclass>

- static PassRefPtr<Subclass> create(unsigned length)

+ static PassRefPtr<Subclass> createOrNull(unsigned length)

{

- RefPtr<ArrayBuffer> buffer = ArrayBuffer::create(length, sizeof(T));

+ RefPtr<ArrayBuffer> buffer = ArrayBuffer::createOrNull(length, sizeof(T));

+ if (!buffer)

+ return nullptr;

return create<Subclass>(buffer.release(), 0, length);

}

template <class Subclass>

- static PassRefPtr<Subclass> create(const T* array, unsigned length)

+ static PassRefPtr<Subclass> createOrNull(const T* array, unsigned length)

{

- RefPtr<Subclass> a = create<Subclass>(length);

+ RefPtr<Subclass> a = createOrNull<Subclass>(length);

if (a)

for (unsigned i = 0; i < length; ++i)

a->set(i, array[i]);

@@ -90,20 +92,30 @@ protected:

}

template <class Subclass>

- static PassRefPtr<Subclass> create(PassRefPtr<ArrayBuffer> buffer, unsigned byteOffset, unsigned length)

+ static PassRefPtr<Subclass> deprecatedCreateOrCrash(unsigned length)

{

- RefPtr<ArrayBuffer> buf(buffer);

- RELEASE_ASSERT(verifySubRange<T>(buf, byteOffset, length));

- return adoptRef(new Subclass(buf.release(), byteOffset, length));

+ RefPtr<ArrayBuffer> buffer = ArrayBuffer::deprecatedCreateOrCrash(length, sizeof(T));

+ if (!buffer)

+ return nullptr;

+ return create<Subclass>(buffer.release(), 0, length);

}

template <class Subclass>

- static PassRefPtr<Subclass> createOrNull(unsigned length)

+ static PassRefPtr<Subclass> deprecatedCreateOrCrash(const T* array, unsigned length)

{

- RefPtr<ArrayBuffer> buffer = ArrayBuffer::createOrNull(length, sizeof(T));

- if (!buffer)

- return nullptr;

- return create<Subclass>(buffer.release(), 0, length);

+ RefPtr<Subclass> a = deprecatedCreateOrCrash<Subclass>(length);

+ if (a)

+ for (unsigned i = 0; i < length; ++i)

+ a->set(i, array[i]);

+ return a;

+ }

+ template <class Subclass>

+ static PassRefPtr<Subclass> create(PassRefPtr<ArrayBuffer> buffer, unsigned byteOffset, unsigned length)

+ {

+ RefPtr<ArrayBuffer> buf(buffer);

+ RELEASE_ASSERT(verifySubRange<T>(buf, byteOffset, length));

+ return adoptRef(new Subclass(buf.release(), byteOffset, length));

}

void neuter() final

« no previous file with comments | « third_party/WebKit/Source/wtf/Int8Array.h ('k') | third_party/WebKit/Source/wtf/Uint16Array.h » ('j') | no next file with comments »