Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(238)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: src/js/typedarray.js

Issue 2090353003: Amend DataView, ArrayBuffer, and TypedArray methods to use ToIndex. (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master
Patch Set: enable test Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « src/js/runtime.js ('k') | src/messages.h » ('j') | src/runtime/runtime-object.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: src/js/typedarray.js
diff --git a/src/js/typedarray.js b/src/js/typedarray.js
index 50aae94bdcca99cbc567901d775e767bbac5f7b4..a685f41f59d32cfa7233d717b5087686359c021c 100644
--- a/src/js/typedarray.js
+++ b/src/js/typedarray.js
@@ -46,6 +46,7 @@ var MinSimple;
var PackedArrayReverse;
var SpeciesConstructor;
var ToPositiveInteger;
+var ToIndex;
var iteratorSymbol = utils.ImportNow("iterator_symbol");
var toStringTagSymbol = utils.ImportNow("to_string_tag_symbol");
@@ -98,6 +99,7 @@ utils.Import(function(from) {
PackedArrayReverse = from.PackedArrayReverse;
SpeciesConstructor = from.SpeciesConstructor;
ToPositiveInteger = from.ToPositiveInteger;
+ ToIndex = from.ToIndex;
});
// --------------- Typed Arrays ---------------------
@@ -142,10 +144,13 @@ function TypedArraySpeciesCreate(exemplar, arg0, arg1, arg2, conservative) {
macro TYPED_ARRAY_CONSTRUCTOR(ARRAY_ID, NAME, ELEMENT_SIZE)
function NAMEConstructByArrayBuffer(obj, buffer, byteOffset, length) {
if (!IS_UNDEFINED(byteOffset)) {
- byteOffset = ToPositiveInteger(byteOffset, kInvalidTypedArrayLength);
+ byteOffset = ToIndex(byteOffset, kInvalidTypedArrayLength);
}
if (!IS_UNDEFINED(length)) {
- length = ToPositiveInteger(length, kInvalidTypedArrayLength);
+ length = ToIndex(length, kInvalidTypedArrayLength);
+ }
+ if (length > %_MaxSmi()) { // note: this is not per spec; we just don't want to allocate excessively large arrays
adamk 2016/06/23 22:04:28 Drive-by comment, here and elsewhere: please limit
+ throw MakeRangeError(kInvalidTypedArrayLength);
}
var bufferByteLength = %_ArrayBufferGetByteLength(buffer);
@@ -159,35 +164,33 @@ function NAMEConstructByArrayBuffer(obj, buffer, byteOffset, length) {
throw MakeRangeError(kInvalidTypedArrayAlignment,
"start offset", "NAME", ELEMENT_SIZE);
}
- if (offset > bufferByteLength) {
- throw MakeRangeError(kInvalidTypedArrayOffset);
- }
}
var newByteLength;
- var newLength;
if (IS_UNDEFINED(length)) {
if (bufferByteLength % ELEMENT_SIZE !== 0) {
throw MakeRangeError(kInvalidTypedArrayAlignment,
"byte length", "NAME", ELEMENT_SIZE);
}
newByteLength = bufferByteLength - offset;
- newLength = newByteLength / ELEMENT_SIZE;
+ if (newByteLength < 0) {
+ throw MakeRangeError(kInvalidTypedArrayAlignment,
+ "byte length", "NAME", ELEMENT_SIZE);
+ }
} else {
- var newLength = length;
- newByteLength = newLength * ELEMENT_SIZE;
- }
- if ((offset + newByteLength > bufferByteLength)
- || (newLength > %_MaxSmi())) {
- throw MakeRangeError(kInvalidTypedArrayLength);
+ newByteLength = length * ELEMENT_SIZE;
+ if (offset + newByteLength > bufferByteLength) {
+ throw MakeRangeError(kInvalidTypedArrayAlignment,
+ "byte length", "NAME", ELEMENT_SIZE);
+ }
}
%_TypedArrayInitialize(obj, ARRAY_ID, buffer, offset, newByteLength, true);
}
function NAMEConstructByLength(obj, length) {
var l = IS_UNDEFINED(length) ?
- 0 : ToPositiveInteger(length, kInvalidTypedArrayLength);
- if (l > %_MaxSmi()) {
+ 0 : ToIndex(length, kInvalidTypedArrayLength);
+ if (length > %_MaxSmi()) { // note: this is not per spec; we just don't want to allocate excessively large arrays
throw MakeRangeError(kInvalidTypedArrayLength);
}
var byteLength = l * ELEMENT_SIZE;
@@ -859,8 +862,7 @@ function DataViewGetTYPENAMEJS(offset, little_endian) {
throw MakeTypeError(kIncompatibleMethodReceiver,
'DataView.getTYPENAME', this);
}
- if (arguments.length < 1) throw MakeTypeError(kInvalidArgument);
- offset = ToPositiveInteger(offset, kInvalidDataViewAccessorOffset);
+ offset = IS_UNDEFINED(offset) ? 0 : ToIndex(offset, kInvalidDataViewAccessorOffset);
return %DataViewGetTYPENAME(this, offset, !!little_endian);
}
%FunctionSetLength(DataViewGetTYPENAMEJS, 1);
@@ -870,8 +872,7 @@ function DataViewSetTYPENAMEJS(offset, value, little_endian) {
throw MakeTypeError(kIncompatibleMethodReceiver,
'DataView.setTYPENAME', this);
}
- if (arguments.length < 2) throw MakeTypeError(kInvalidArgument);
- offset = ToPositiveInteger(offset, kInvalidDataViewAccessorOffset);
+ offset = IS_UNDEFINED(offset) ? 0 : ToIndex(offset, kInvalidDataViewAccessorOffset);
%DataViewSetTYPENAME(this, offset, TO_NUMBER(value), !!little_endian);
}
%FunctionSetLength(DataViewSetTYPENAMEJS, 2);
« no previous file with comments | « src/js/runtime.js ('k') | src/messages.h » ('j') | src/runtime/runtime-object.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698