[v8-dev] Re: Compare external pixel data length against Smi::kMaxValue (issue 226133002)

[jkummerow]

Reviewers: rossberg,

Message:
Committed patchset #1 manually as r20519 (presubmit successful).
Description:
Compare external pixel data length against Smi::kMaxValue

BUG=chromium:359802
LOG=n
R=rossb...@chromium.org

Committed: https://code.google.com/p/v8/source/detail?r=20519

Please review this at https://codereview.chromium.org/226133002/

SVN Base: https://v8.googlecode.com/svn/branches/bleeding_edge

Affected files (+2, -6 lines):
  M src/api.cc
  M src/objects.h


Index: src/api.cc
diff --git a/src/api.cc b/src/api.cc
index  
060914a8d84973d0cfae15f091741ba0da9795d1..551cefb87659609b354c7ea0b1f5f0acd3cc5b39  
100644
--- a/src/api.cc
+++ b/src/api.cc
@@ -3744,8 +3744,7 @@ void  
v8::Object::SetIndexedPropertiesToPixelData(uint8_t* data, int length) {
   ON_BAILOUT(isolate, "v8::SetElementsToPixelData()", return);
   ENTER_V8(isolate);
   i::HandleScope scope(isolate);
-  if (!Utils::ApiCheck(length >= 0 &&
-                       length <= i::ExternalUint8ClampedArray::kMaxLength,
+  if (!Utils::ApiCheck(length >= 0 && length <= i::Smi::kMaxValue,
                        "v8::Object::SetIndexedPropertiesToPixelData()",
                        "length exceeds max acceptable value")) {
     return;
@@ -3801,7 +3800,7 @@ void  
v8::Object::SetIndexedPropertiesToExternalArrayData(
   ON_BAILOUT(isolate, "v8::SetIndexedPropertiesToExternalArrayData()",  
return);
   ENTER_V8(isolate);
   i::HandleScope scope(isolate);
-  if (!Utils::ApiCheck(length >= 0 && length <=  
i::ExternalArray::kMaxLength,
+  if (!Utils::ApiCheck(length >= 0 && length <= i::Smi::kMaxValue,
                        "v8::Object::SetIndexedPropertiesToExternalArrayData()",
                        "length exceeds max acceptable value")) {
     return;
Index: src/objects.h
diff --git a/src/objects.h b/src/objects.h
index  
1194dd393a78355a2bb1edeaa8a14984ec2d8c9c..5b29fe826b468ee2bb13f7bbffd454ba54974515  
100644
--- a/src/objects.h
+++ b/src/objects.h
@@ -4693,9 +4693,6 @@ class ExternalArray: public FixedArrayBase {
   // Casting.
   static inline ExternalArray* cast(Object* obj);

-  // Maximal acceptable length for an external array.
-  static const int kMaxLength = 0x3fffffff;
-
   // ExternalArray headers are not quadword aligned.
   static const int kExternalPointerOffset =
       POINTER_SIZE_ALIGN(FixedArrayBase::kLengthOffset + kPointerSize);


--
--
v8-dev mailing list
v8-dev@googlegroups.com
http://groups.google.com/group/v8-dev
--- 
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to v8-dev+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.