Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(130)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: src/runtime/runtime-strings.cc

Issue 2122173003: [runtime] Specifically handle robust RUNTIME_ASSERTs. (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master
Patch Set: Fix. Created 4 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « src/runtime/runtime-object.cc ('k') | src/runtime/runtime-test.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: src/runtime/runtime-strings.cc
diff --git a/src/runtime/runtime-strings.cc b/src/runtime/runtime-strings.cc
index c1f14adb277cd18a8e03024aab47246e8d34a824..78b4ed227bd75776659a66410f3e37efc5687af1 100644
--- a/src/runtime/runtime-strings.cc
+++ b/src/runtime/runtime-strings.cc
@@ -298,9 +298,11 @@ RUNTIME_FUNCTION(Runtime_SubString) {
start = FastD2IChecked(from_number);
end = FastD2IChecked(to_number);
}
- RUNTIME_ASSERT(end >= start);
- RUNTIME_ASSERT(start >= 0);
- RUNTIME_ASSERT(end <= string->length());
+ // The following condition is intentionally robust because the SubStringStub
+ // delegates here and we test this in cctest/test-strings/RobustSubStringStub.
+ if (end < start || start < 0 || end > string->length()) {
+ return isolate->ThrowIllegalOperation();
+ }
isolate->counters()->sub_string_runtime()->Increment();
return *isolate->factory()->NewSubString(string, start, end);
« no previous file with comments | « src/runtime/runtime-object.cc ('k') | src/runtime/runtime-test.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698