String::NewExternal should not crash the renderer.

test/cctest/test-strings.cc

 // Copyright 2012 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 //       notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 //       copyright notice, this list of conditions and the following
 //       disclaimer in the documentation and/or other materials provided
@@ skipping 1355 matching lines @@
       CheckCanonicalEquivalence(c, test);
       continue;
     }
     CHECK_EQ(Min(upper, lower), test);
   }
 }
 
 
 class DummyResource: public v8::String::ExternalStringResource {
  public:
-  virtual const uint16_t* data() const { return NULL; }
+  virtual const uint16_t* data() const { return string_; }
   virtual size_t length() const { return 1 << 30; }
+
+ private:
+  uint16_t string_[10];

[yurys, 2014/09/26 09:30:34]

Length 1 should be enough

 };
 
 
 class DummyOneByteResource: public v8::String::ExternalOneByteStringResource {
  public:
-  virtual const char* data() const { return NULL; }
+  virtual const char* data() const { return string_; }
   virtual size_t length() const { return 1 << 30; }
+
+ private:
+  char string_[10];

[yurys, 2014/09/26 09:30:34]

ditto

 };
 
 
 TEST(InvalidExternalString) {
   CcTest::InitializeVM();
   LocalContext context;
   Isolate* isolate = CcTest::i_isolate();
   { HandleScope scope(isolate);
     DummyOneByteResource r;
     CHECK(isolate->factory()->NewExternalStringFromOneByte(&r).is_null());
     CHECK(isolate->has_pending_exception());
     isolate->clear_pending_exception();
   }
 
   { HandleScope scope(isolate);
     DummyResource r;
     CHECK(isolate->factory()->NewExternalStringFromTwoByte(&r).is_null());
     CHECK(isolate->has_pending_exception());
     isolate->clear_pending_exception();
   }
+
+  {
+    HandleScope scope(isolate);
+    DummyOneByteResource r;
+    v8::Local<v8::String> str = v8::String::NewExternal(CcTest::isolate(), &r);
+    CHECK(str.IsEmpty());
+    CHECK(isolate->has_pending_exception());
+    isolate->clear_pending_exception();
+  }
+
+  {
+    HandleScope scope(isolate);
+    DummyResource r;
+    v8::Local<v8::String> str = v8::String::NewExternal(CcTest::isolate(), &r);
+    CHECK(str.IsEmpty());
+    CHECK(isolate->has_pending_exception());
+    isolate->clear_pending_exception();
+  }
 }
 
 
 #define INVALID_STRING_TEST(FUN, TYPE)                                         \
   TEST(StringOOM##FUN) {                                                       \
     CcTest::InitializeVM();                                                    \
     LocalContext context;                                                      \
     Isolate* isolate = CcTest::i_isolate();                                    \
     STATIC_ASSERT(String::kMaxLength < kMaxInt);                               \
     static const int invalid = String::kMaxLength + 1;                         \
     HandleScope scope(isolate);                                                \
     Vector<TYPE> dummy = Vector<TYPE>::New(invalid);                           \
     CHECK(isolate->factory()->FUN(Vector<const TYPE>::cast(dummy)).is_null()); \
     memset(dummy.start(), 0x20, dummy.length() * sizeof(TYPE));                \
     CHECK(isolate->has_pending_exception());                                   \
     isolate->clear_pending_exception();                                        \
     dummy.Dispose();                                                           \
   }
 
 INVALID_STRING_TEST(NewStringFromAscii, char)
 INVALID_STRING_TEST(NewStringFromUtf8, char)
 INVALID_STRING_TEST(NewStringFromOneByte, uint8_t)
 
 #undef INVALID_STRING_TEST