Reviewers: Yang,
Message:
Yang, could you please take a look. Thanks.
Description:
Avoid calling memchr with a zero range as this is undefined behavior.
Calling memchr with a zero range is not explicitly specified to return
NULL, and
on Android arm64 it
returns an undefined value instead. This CL ensures we don't call it with a
zero range.
BUG=395678
LOG=N
Please review this at https://codereview.chromium.org/433463002/
SVN Base: https://v8.googlecode.com/svn/branches/bleeding_edge
Affected files (+18, -13 lines):
M src/runtime.cc
M src/string-search.h
Index: src/runtime.cc
diff --git a/src/runtime.cc b/src/runtime.cc
index
518e96a99bfc0c1cf6f636793a5784d5e0373a5a..f6abd93b605df5a2194278d3ed61dafa229af293
100644
--- a/src/runtime.cc
+++ b/src/runtime.cc
@@ -3603,7 +3603,7 @@ void FindAsciiStringIndices(Vector<const uint8_t>
subject,
const uint8_t* subject_start = subject.start();
const uint8_t* subject_end = subject_start + subject.length();
const uint8_t* pos = subject_start;
- while (limit > 0) {
+ while ((limit > 0) && (subject_end > pos)) {
pos = reinterpret_cast<const uint8_t*>(
memchr(pos, pattern, subject_end - pos));
if (pos == NULL) return;
Index: src/string-search.h
diff --git a/src/string-search.h b/src/string-search.h
index
09bc36ef82ea0e6f5e436da10d529d20248b4d4f..c8b2f155087485e65d33eec4b2f4de71352a7fc9
100644
--- a/src/string-search.h
+++ b/src/string-search.h
@@ -102,6 +102,17 @@ class StringSearch : private StringSearchBase {
return -1;
}
+ static inline const SubjectChar* SafeMemChr(const SubjectChar* string,
+ PatternChar pattern_char,
+ size_t search_length) {
+ if (search_length == 0) {
+ return NULL;
+ } else {
+ return reinterpret_cast<const SubjectChar*>(
+ memchr(string, pattern_char, search_length));
+ }
+ }
+
static int SingleCharSearch(StringSearch<PatternChar, SubjectChar>*
search,
Vector<const SubjectChar> subject,
int start_index);
@@ -200,10 +211,8 @@ int StringSearch<PatternChar,
SubjectChar>::SingleCharSearch(
PatternChar pattern_first_char = search->pattern_[0];
int i = index;
if (sizeof(SubjectChar) == 1 && sizeof(PatternChar) == 1) {
- const SubjectChar* pos = reinterpret_cast<const SubjectChar*>(
- memchr(subject.start() + i,
- pattern_first_char,
- subject.length() - i));
+ const SubjectChar* pos = SafeMemChr(subject.start() + i,
pattern_first_char,
+ subject.length() - i);
if (pos == NULL) return -1;
return static_cast<int>(pos - subject.start());
} else {
@@ -256,10 +265,8 @@ int StringSearch<PatternChar,
SubjectChar>::LinearSearch(
int n = subject.length() - pattern_length;
while (i <= n) {
if (sizeof(SubjectChar) == 1 && sizeof(PatternChar) == 1) {
- const SubjectChar* pos = reinterpret_cast<const SubjectChar*>(
- memchr(subject.start() + i,
- pattern_first_char,
- n - i + 1));
+ const SubjectChar* pos =
+ SafeMemChr(subject.start() + i, pattern_first_char, n - i + 1);
if (pos == NULL) return -1;
i = static_cast<int>(pos - subject.start()) + 1;
} else {
@@ -507,10 +514,8 @@ int StringSearch<PatternChar,
SubjectChar>::InitialSearch(
badness++;
if (badness <= 0) {
if (sizeof(SubjectChar) == 1 && sizeof(PatternChar) == 1) {
- const SubjectChar* pos = reinterpret_cast<const SubjectChar*>(
- memchr(subject.start() + i,
- pattern_first_char,
- n - i + 1));
+ const SubjectChar* pos =
+ SafeMemChr(subject.start() + i, pattern_first_char, n - i + 1);
if (pos == NULL) {
return -1;
}
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
