Title: [107648] trunk/Source/WebCore
- Revision
- 107648
- Author
- [email protected]
- Date
- 2012-02-13 17:27:21 -0800 (Mon, 13 Feb 2012)
Log Message
SharedBuffer::getSomeData() must support m_dataArray if NETWORK_CFDATA_ARRAY_CALLBACK is defined
https://bugs.webkit.org/show_bug.cgi?id=77718
Patch by Benjamin Poulain <[email protected]> on 2012-02-13
Reviewed by David Kilzer.
Previously, the last part of SharedBuffer::getSomeData() was systematically accessing
the data from the segments. When NETWORK_CFDATA_ARRAY_CALLBACK is defined, there can
be data in m_dataArray past the segment.
The previous code was making invalid memory access pass the segment vector. This patch
adds support for getting the data out of m_dataArray to make SharedBuffer::getSomeData()
works with NETWORK_CFDATA_ARRAY_CALLBACK.
This is covered by existing tests when NETWORK_CFDATA_ARRAY_CALLBACK is defined.
The test 'fast/events/constructors/track-event-constructor.html' is a reliable test
for this.
* platform/SharedBuffer.cpp:
(WebCore::SharedBuffer::getSomeData):
* platform/SharedBuffer.h:
(SharedBuffer):
* platform/cf/SharedBufferCF.cpp:
(WebCore):
(WebCore::SharedBuffer::copySomeDataFromDataArray):
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (107647 => 107648)
--- trunk/Source/WebCore/ChangeLog 2012-02-14 01:10:09 UTC (rev 107647)
+++ trunk/Source/WebCore/ChangeLog 2012-02-14 01:27:21 UTC (rev 107648)
@@ -1,3 +1,30 @@
+2012-02-13 Benjamin Poulain <[email protected]>
+
+ SharedBuffer::getSomeData() must support m_dataArray if NETWORK_CFDATA_ARRAY_CALLBACK is defined
+ https://bugs.webkit.org/show_bug.cgi?id=77718
+
+ Reviewed by David Kilzer.
+
+ Previously, the last part of SharedBuffer::getSomeData() was systematically accessing
+ the data from the segments. When NETWORK_CFDATA_ARRAY_CALLBACK is defined, there can
+ be data in m_dataArray past the segment.
+
+ The previous code was making invalid memory access pass the segment vector. This patch
+ adds support for getting the data out of m_dataArray to make SharedBuffer::getSomeData()
+ works with NETWORK_CFDATA_ARRAY_CALLBACK.
+
+ This is covered by existing tests when NETWORK_CFDATA_ARRAY_CALLBACK is defined.
+ The test 'fast/events/constructors/track-event-constructor.html' is a reliable test
+ for this.
+
+ * platform/SharedBuffer.cpp:
+ (WebCore::SharedBuffer::getSomeData):
+ * platform/SharedBuffer.h:
+ (SharedBuffer):
+ * platform/cf/SharedBufferCF.cpp:
+ (WebCore):
+ (WebCore::SharedBuffer::copySomeDataFromDataArray):
+
2012-02-13 Anders Carlsson <[email protected]>
Force slow-scrolling mode when there are position:fixed elements on a page
Modified: trunk/Source/WebCore/platform/SharedBuffer.cpp (107647 => 107648)
--- trunk/Source/WebCore/platform/SharedBuffer.cpp 2012-02-14 01:10:09 UTC (rev 107647)
+++ trunk/Source/WebCore/platform/SharedBuffer.cpp 2012-02-14 01:27:21 UTC (rev 107648)
@@ -250,14 +250,25 @@
}
position -= consecutiveSize;
- unsigned segmentedSize = m_size - consecutiveSize;
unsigned segments = m_segments.size();
+ unsigned maxSegmentedSize = segments * segmentSize;
unsigned segment = segmentIndex(position);
- ASSERT(segment < segments);
+ if (segment < segments) {
+ unsigned bytesLeft = m_size - consecutiveSize;
+ unsigned segmentedSize = min(maxSegmentedSize, bytesLeft);
- unsigned positionInSegment = offsetInSegment(position);
- someData = m_segments[segment] + positionInSegment;
- return segment == segments - 1 ? segmentedSize - position : segmentSize - positionInSegment;
+ unsigned positionInSegment = offsetInSegment(position);
+ someData = m_segments[segment] + positionInSegment;
+ return segment == segments - 1 ? segmentedSize - position : segmentSize - positionInSegment;
+ }
+#if HAVE(NETWORK_CFDATA_ARRAY_CALLBACK)
+ ASSERT(maxSegmentedSize <= position);
+ position -= maxSegmentedSize;
+ return copySomeDataFromDataArray(someData, position);
+#else
+ ASSERT_NOT_REACHED();
+ return 0;
+#endif
}
#if !USE(CF) || PLATFORM(QT)
Modified: trunk/Source/WebCore/platform/SharedBuffer.h (107647 => 107648)
--- trunk/Source/WebCore/platform/SharedBuffer.h 2012-02-14 01:10:09 UTC (rev 107647)
+++ trunk/Source/WebCore/platform/SharedBuffer.h 2012-02-14 01:27:21 UTC (rev 107648)
@@ -136,6 +136,7 @@
#if HAVE(NETWORK_CFDATA_ARRAY_CALLBACK)
mutable Vector<RetainPtr<CFDataRef> > m_dataArray;
void copyDataArrayAndClear(char *destination, unsigned bytesToCopy) const;
+ unsigned copySomeDataFromDataArray(const char*& someData, unsigned position) const;
#endif
#if USE(CF)
SharedBuffer(CFDataRef);
Modified: trunk/Source/WebCore/platform/cf/SharedBufferCF.cpp (107647 => 107648)
--- trunk/Source/WebCore/platform/cf/SharedBufferCF.cpp 2012-02-14 01:10:09 UTC (rev 107647)
+++ trunk/Source/WebCore/platform/cf/SharedBufferCF.cpp 2012-02-14 01:27:21 UTC (rev 107648)
@@ -115,6 +115,23 @@
}
m_dataArray.clear();
}
+
+unsigned SharedBuffer::copySomeDataFromDataArray(const char*& someData, unsigned position) const
+{
+ Vector<RetainPtr<CFDataRef> >::const_iterator end = m_dataArray.end();
+ unsigned totalOffset = 0;
+ for (Vector<RetainPtr<CFDataRef> >::const_iterator it = m_dataArray.begin(); it != end; ++it) {
+ unsigned dataLen = static_cast<unsigned>(CFDataGetLength(it->get()));
+ ASSERT(totalOffset <= position);
+ unsigned localOffset = position - totalOffset;
+ if (localOffset < dataLen) {
+ someData = reinterpret_cast<const char *>(CFDataGetBytePtr(it->get())) + localOffset;
+ return dataLen - localOffset;
+ }
+ totalOffset += dataLen;
+ }
+ return 0;
+}
#endif
}
_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes
