Reviewers: Lasse Reichstein,
Description:
Merge svn r5572 from bleeding_edge.
This fixes an out-of-bounds array access in string search code.
Please review this at http://codereview.chromium.org/3535004/show
Affected files:
M src/string-search.h
M src/version.cc
M test/mjsunit/string-indexof-1.js
Index: src/string-search.h
diff --git a/src/string-search.h b/src/string-search.h
index
4412e32ed3d735c61818fa4bcd901f11e94fff0c..eac84757ecf1d45458133442c5cfc200627cd691
100644
--- a/src/string-search.h
+++ b/src/string-search.h
@@ -170,12 +170,12 @@ class StringSearch : private StringSearchBase {
return bad_char_occurrence[static_cast<int>(char_code)];
}
if (sizeof(PatternChar) == 1) {
- if (static_cast<unsigned char>(char_code) >
String::kMaxAsciiCharCode) {
+ if (static_cast<unsigned int>(char_code) >
String::kMaxAsciiCharCodeU) {
return -1;
}
- return bad_char_occurrence[static_cast<int>(char_code)];
+ return bad_char_occurrence[static_cast<unsigned int>(char_code)];
}
- // Reduce to equivalence class.
+ // Both pattern and subject are UC16. Reduce character to equivalence
class.
int equiv_class = char_code % kUC16AlphabetSize;
return bad_char_occurrence[equiv_class];
}
Index: src/version.cc
diff --git a/src/version.cc b/src/version.cc
index
c284123959be92a5af170998b960e434fbb95203..33874aa75cacd98175655782127a5c5165936ac9
100644
--- a/src/version.cc
+++ b/src/version.cc
@@ -35,7 +35,7 @@
#define MAJOR_VERSION 2
#define MINOR_VERSION 4
#define BUILD_NUMBER 7
-#define PATCH_LEVEL 0
+#define PATCH_LEVEL 1
#define CANDIDATE_VERSION false
// Define SONAME to have the SCons build the put a specific SONAME into the
Index: test/mjsunit/string-indexof-1.js
diff --git a/test/mjsunit/string-indexof-1.js
b/test/mjsunit/string-indexof-1.js
index
c7dcdb8352a935720d51e611cd8d917c2161e9a6..c5ae4b898a8a9342fd5c163ac938f924b0dd210c
100644
--- a/test/mjsunit/string-indexof-1.js
+++ b/test/mjsunit/string-indexof-1.js
@@ -97,3 +97,29 @@ assertEquals(1534, long.indexOf("AJABACA", 511), "Long
AJABACA, Second J");
pattern = "JABACABADABACABA";
assertEquals(511, long.indexOf(pattern), "Long JABACABA..., First J");
assertEquals(1535, long.indexOf(pattern, 512), "Long JABACABA..., Second
J");
+
+
+// Search for a non-ASCII string in a pure ASCII string.
+var asciiString
= "arglebargleglopglyfarglebargleglopglyfarglebargleglopglyf";
+assertEquals(-1, asciiString.indexOf("\x2061"));
+
+
+// Search in string containing many non-ASCII chars.
+var allCodePoints = [];
+for (var i = 0; i < 65536; i++) allCodePoints[i] = i;
+var allCharsString = String.fromCharCode.apply(String, allCodePoints);
+// Search for string long enough to trigger complex search with ASCII
pattern
+// and UC16 subject.
+assertEquals(-1, allCharsString.indexOf("notfound"));
+
+// Find substrings.
+var lengths = [1, 4, 15]; // Single char, simple and complex.
+var indices = [0x5, 0x65, 0x85, 0x105, 0x205, 0x285, 0x2005, 0x2085,
0xfff0];
+for (var lengthIndex = 0; lengthIndex < lengths.length; lengthIndex++) {
+ var length = lengths[lengthIndex];
+ for (var i = 0; i < indices.length; i++) {
+ var index = indices[i];
+ var pattern = allCharsString.substring(index, index + length);
+ assertEquals(index, allCharsString.indexOf(pattern));
+ }
+}
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
