runtime/vm/object.cc - Issue 16783003: Fix issue 11214 avoid length overflow in String::ConcatAll

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: runtime/vm/object.cc

Issue 16783003: Fix issue 11214 avoid length overflow in String::ConcatAll (Closed) Base URL: http://dart.googlecode.com/svn/branches/bleeding_edge/dart/

Patch Set: Created 7 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: runtime/vm/object.cc

===================================================================

--- runtime/vm/object.cc (revision 23830)

+++ runtime/vm/object.cc (working copy)

@@ -11713,7 +11713,15 @@

intptr_t char_size = kOneByteChar;

for (intptr_t i = 0; i < strings_len; i++) {

str ^= strings.At(i);

- result_len += str.Length();

+ intptr_t str_len = str.Length();

+ if ((kMaxElements - result_len) < str_len) {

+ Isolate* isolate = Isolate::Current();

+ const Instance& exception =

+ Instance::Handle(isolate->object_store()->out_of_memory());

+ Exceptions::Throw(exception);

+ UNREACHABLE();

+ }

+ result_len += str_len;

char_size = Utils::Maximum(char_size, str.CharSize());

}

if (char_size == kOneByteChar) {

@@ -12187,6 +12195,7 @@

str ^= strings.At(i);

intptr_t str_len = str.Length();

String::Copy(result, pos, str, 0, str_len);

+ ASSERT((kMaxElements - pos) >= str_len);

pos += str_len;

}

return OneByteString::raw(result);

@@ -12350,6 +12359,7 @@

str ^= strings.At(i);

intptr_t str_len = str.Length();

String::Copy(result, pos, str, 0, str_len);

+ ASSERT((kMaxElements - pos) >= str_len);

pos += str_len;

}

return TwoByteString::raw(result);

« no previous file with comments | « no previous file | tests/language/string_overflow.dart » ('j') | no next file with comments »