Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(403)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/bindings/v8/SerializedScriptValue.cpp

Issue 238273010: Don't check if SerializedScriptValue's Reader::m_version is less than 0 (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Created 6 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2010 Google Inc. All rights reserved. 2 * Copyright (C) 2010 Google Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are 5 * modification, are permitted provided that the following conditions are
6 * met: 6 * met:
7 * 7 *
8 * * Redistributions of source code must retain the above copyright 8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer. 9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above 10 * * Redistributions in binary form must reproduce the above
(...skipping 1619 matching lines...) Expand 10 before | Expand all | Expand 10 after
1630 1630
1631 v8::Isolate* isolate() const { return m_isolate; } 1631 v8::Isolate* isolate() const { return m_isolate; }
1632 1632
1633 bool read(v8::Handle<v8::Value>* value, CompositeCreator& creator) 1633 bool read(v8::Handle<v8::Value>* value, CompositeCreator& creator)
1634 { 1634 {
1635 SerializationTag tag; 1635 SerializationTag tag;
1636 if (!readTag(&tag)) 1636 if (!readTag(&tag))
1637 return false; 1637 return false;
1638 switch (tag) { 1638 switch (tag) {
1639 case ReferenceCountTag: { 1639 case ReferenceCountTag: {
1640 if (m_version <= 0) 1640 if (!m_version)
1641 return false; 1641 return false;
1642 uint32_t referenceTableSize; 1642 uint32_t referenceTableSize;
1643 if (!doReadUint32(&referenceTableSize)) 1643 if (!doReadUint32(&referenceTableSize))
1644 return false; 1644 return false;
1645 // If this test fails, then the serializer and deserializer disagree about the assignment 1645 // If this test fails, then the serializer and deserializer disagree about the assignment
1646 // of object reference IDs. On the deserialization side, this means there are too many or too few 1646 // of object reference IDs. On the deserialization side, this means there are too many or too few
1647 // calls to pushObjectReference. 1647 // calls to pushObjectReference.
1648 if (referenceTableSize != creator.objectReferenceCount()) 1648 if (referenceTableSize != creator.objectReferenceCount())
1649 return false; 1649 return false;
1650 return true; 1650 return true;
(...skipping 120 matching lines...) Expand 10 before | Expand all | Expand 10 after
1771 uint32_t length; 1771 uint32_t length;
1772 if (!doReadUint32(&numProperties)) 1772 if (!doReadUint32(&numProperties))
1773 return false; 1773 return false;
1774 if (!doReadUint32(&length)) 1774 if (!doReadUint32(&length))
1775 return false; 1775 return false;
1776 if (!creator.completeDenseArray(numProperties, length, value)) 1776 if (!creator.completeDenseArray(numProperties, length, value))
1777 return false; 1777 return false;
1778 break; 1778 break;
1779 } 1779 }
1780 case ArrayBufferViewTag: { 1780 case ArrayBufferViewTag: {
1781 if (m_version <= 0) 1781 if (!m_version)
1782 return false; 1782 return false;
1783 if (!readArrayBufferView(value, creator)) 1783 if (!readArrayBufferView(value, creator))
1784 return false; 1784 return false;
1785 creator.pushObjectReference(*value); 1785 creator.pushObjectReference(*value);
1786 break; 1786 break;
1787 } 1787 }
1788 case ArrayBufferTag: { 1788 case ArrayBufferTag: {
1789 if (m_version <= 0) 1789 if (!m_version)
1790 return false; 1790 return false;
1791 if (!readArrayBuffer(value)) 1791 if (!readArrayBuffer(value))
1792 return false; 1792 return false;
1793 creator.pushObjectReference(*value); 1793 creator.pushObjectReference(*value);
1794 break; 1794 break;
1795 } 1795 }
1796 case GenerateFreshObjectTag: { 1796 case GenerateFreshObjectTag: {
1797 if (m_version <= 0) 1797 if (!m_version)
1798 return false; 1798 return false;
1799 if (!creator.newObject()) 1799 if (!creator.newObject())
1800 return false; 1800 return false;
1801 return true; 1801 return true;
1802 } 1802 }
1803 case GenerateFreshSparseArrayTag: { 1803 case GenerateFreshSparseArrayTag: {
1804 if (m_version <= 0) 1804 if (!m_version)
1805 return false; 1805 return false;
1806 uint32_t length; 1806 uint32_t length;
1807 if (!doReadUint32(&length)) 1807 if (!doReadUint32(&length))
1808 return false; 1808 return false;
1809 if (!creator.newSparseArray(length)) 1809 if (!creator.newSparseArray(length))
1810 return false; 1810 return false;
1811 return true; 1811 return true;
1812 } 1812 }
1813 case GenerateFreshDenseArrayTag: { 1813 case GenerateFreshDenseArrayTag: {
1814 if (m_version <= 0) 1814 if (!m_version)
1815 return false; 1815 return false;
1816 uint32_t length; 1816 uint32_t length;
1817 if (!doReadUint32(&length)) 1817 if (!doReadUint32(&length))
1818 return false; 1818 return false;
1819 if (!creator.newDenseArray(length)) 1819 if (!creator.newDenseArray(length))
1820 return false; 1820 return false;
1821 return true; 1821 return true;
1822 } 1822 }
1823 case MessagePortTag: { 1823 case MessagePortTag: {
1824 if (m_version <= 0) 1824 if (!m_version)
1825 return false; 1825 return false;
1826 uint32_t index; 1826 uint32_t index;
1827 if (!doReadUint32(&index)) 1827 if (!doReadUint32(&index))
1828 return false; 1828 return false;
1829 if (!creator.tryGetTransferredMessagePort(index, value)) 1829 if (!creator.tryGetTransferredMessagePort(index, value))
1830 return false; 1830 return false;
1831 break; 1831 break;
1832 } 1832 }
1833 case ArrayBufferTransferTag: { 1833 case ArrayBufferTransferTag: {
1834 if (m_version <= 0) 1834 if (!m_version)
1835 return false; 1835 return false;
1836 uint32_t index; 1836 uint32_t index;
1837 if (!doReadUint32(&index)) 1837 if (!doReadUint32(&index))
1838 return false; 1838 return false;
1839 if (!creator.tryGetTransferredArrayBuffer(index, value)) 1839 if (!creator.tryGetTransferredArrayBuffer(index, value))
1840 return false; 1840 return false;
1841 break; 1841 break;
1842 } 1842 }
1843 case ObjectReferenceTag: { 1843 case ObjectReferenceTag: {
1844 if (m_version <= 0) 1844 if (!m_version)
1845 return false; 1845 return false;
1846 uint32_t reference; 1846 uint32_t reference;
1847 if (!doReadUint32(&reference)) 1847 if (!doReadUint32(&reference))
1848 return false; 1848 return false;
1849 if (!creator.tryGetObjectFromObjectReference(reference, value)) 1849 if (!creator.tryGetObjectFromObjectReference(reference, value))
1850 return false; 1850 return false;
1851 break; 1851 break;
1852 } 1852 }
1853 default: 1853 default:
1854 return false; 1854 return false;
(...skipping 1200 matching lines...) Expand 10 before | Expand all | Expand 10 after
3055 // If the allocated memory was not registered before, then this class is lik ely 3055 // If the allocated memory was not registered before, then this class is lik ely
3056 // used in a context other then Worker's onmessage environment and the prese nce of 3056 // used in a context other then Worker's onmessage environment and the prese nce of
3057 // current v8 context is not guaranteed. Avoid calling v8 then. 3057 // current v8 context is not guaranteed. Avoid calling v8 then.
3058 if (m_externallyAllocatedMemory) { 3058 if (m_externallyAllocatedMemory) {
3059 ASSERT(v8::Isolate::GetCurrent()); 3059 ASSERT(v8::Isolate::GetCurrent());
3060 v8::Isolate::GetCurrent()->AdjustAmountOfExternalAllocatedMemory(-m_exte rnallyAllocatedMemory); 3060 v8::Isolate::GetCurrent()->AdjustAmountOfExternalAllocatedMemory(-m_exte rnallyAllocatedMemory);
3061 } 3061 }
3062 } 3062 }
3063 3063
3064 } // namespace WebCore 3064 } // namespace WebCore
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698