Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(11)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/runtime.cc

Issue 264383006: Guard against stack overflow in Runtime::StringReplaceOneCharWithString. (Closed) Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge
Patch Set: Created 6 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 the V8 project authors. All rights reserved. 1 // Copyright 2012 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <stdlib.h> 5 #include <stdlib.h>
6 #include <limits> 6 #include <limits>
7 7
8 #include "v8.h" 8 #include "v8.h"
9 9
10 #include "accessors.h" 10 #include "accessors.h"
(...skipping 4315 matching lines...) Expand 10 before | Expand all | Expand 10 after
4326 4326
4327 4327
4328 // This may return an empty MaybeHandle if an exception is thrown or 4328 // This may return an empty MaybeHandle if an exception is thrown or
4329 // we abort due to reaching the recursion limit. 4329 // we abort due to reaching the recursion limit.
4330 MaybeHandle<String> StringReplaceOneCharWithString(Isolate* isolate, 4330 MaybeHandle<String> StringReplaceOneCharWithString(Isolate* isolate,
4331 Handle<String> subject, 4331 Handle<String> subject,
4332 Handle<String> search, 4332 Handle<String> search,
4333 Handle<String> replace, 4333 Handle<String> replace,
4334 bool* found, 4334 bool* found,
4335 int recursion_limit) { 4335 int recursion_limit) {
4336 if (recursion_limit == 0) return MaybeHandle<String>(); 4336 StackLimitCheck stackLimitCheck(isolate);
4337 if (stackLimitCheck.HasOverflowed() || (recursion_limit == 0)) {
4338 return MaybeHandle<String>();
4339 }
4337 recursion_limit--; 4340 recursion_limit--;
4338 if (subject->IsConsString()) { 4341 if (subject->IsConsString()) {
4339 ConsString* cons = ConsString::cast(*subject); 4342 ConsString* cons = ConsString::cast(*subject);
4340 Handle<String> first = Handle<String>(cons->first()); 4343 Handle<String> first = Handle<String>(cons->first());
4341 Handle<String> second = Handle<String>(cons->second()); 4344 Handle<String> second = Handle<String>(cons->second());
4342 Handle<String> new_first; 4345 Handle<String> new_first;
4343 if (!StringReplaceOneCharWithString( 4346 if (!StringReplaceOneCharWithString(
4344 isolate, first, search, replace, found, recursion_limit) 4347 isolate, first, search, replace, found, recursion_limit)
4345 .ToHandle(&new_first)) { 4348 .ToHandle(&new_first)) {
4346 return MaybeHandle<String>(); 4349 return MaybeHandle<String>();
(...skipping 10893 matching lines...) Expand 10 before | Expand all | Expand 10 after
15240 } 15243 }
15241 return NULL; 15244 return NULL;
15242 } 15245 }
15243 15246
15244 15247
15245 const Runtime::Function* Runtime::FunctionForId(Runtime::FunctionId id) { 15248 const Runtime::Function* Runtime::FunctionForId(Runtime::FunctionId id) {
15246 return &(kIntrinsicFunctions[static_cast<int>(id)]); 15249 return &(kIntrinsicFunctions[static_cast<int>(id)]);
15247 } 15250 }
15248 15251
15249 } } // namespace v8::internal 15252 } } // namespace v8::internal
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698