[webkit-changes] [141443] trunk/Source/JavaScriptCore

Thu, 31 Jan 2013 10:53:05 -0800

Title: [141443] trunk/Source/_javascript_Core
Revision
141443
Author
[email protected]
Date
2013-01-31 10:54:56 -0800 (Thu, 31 Jan 2013)

Log Message

Objective-C API: Fix insertion of values greater than the max index allowed by the spec
https://bugs.webkit.org/show_bug.cgi?id=108264

Reviewed by Oliver Hunt.

Fixed a bug, added a test to the API tests, cleaned up some code.

* API/JSValue.h: Changed some of the documentation on setValue:atIndex: to indicate that
setting values at indices greater than UINT_MAX - 1 wont' affect the length of JS arrays.
* API/JSValue.mm:
(-[JSValue valueAtIndex:]): We weren't returning when we should have been.
(-[JSValue setValue:atIndex:]): Added a comment about why we do the early check for being larger than UINT_MAX.
(objectToValueWithoutCopy): Removed two redundant cases that were already checked previously.
* API/tests/testapi.mm:

Modified Paths

Diff

Modified: trunk/Source/_javascript_Core/API/JSValue.h (141442 => 141443)


--- trunk/Source/_javascript_Core/API/JSValue.h	2013-01-31 18:54:33 UTC (rev 141442)
+++ trunk/Source/_javascript_Core/API/JSValue.h	2013-01-31 18:54:56 UTC (rev 141443)
@@ -159,9 +159,10 @@
 - (void)defineProperty:(NSString *)property descriptor:(id)descriptor;
 
 // Access an indexed property from the value. This method will return the
-// _javascript_ value 'undefined' if no property exists at that index.
+// _javascript_ value 'undefined' if no property exists at that index. 
 - (JSValue *)valueAtIndex:(NSUInteger)index;
-// Set an indexed property on the value.
+// Set an indexed property on the value. For JSValues that are _javascript_ arrays, 
+// indices greater than UINT_MAX - 1 will not affect the length of the array.
 - (void)setValue:(id)value atIndex:(NSUInteger)index;
 
 // All _javascript_ values are precisely one of these types.

Modified: trunk/Source/_javascript_Core/API/JSValue.mm (141442 => 141443)


--- trunk/Source/_javascript_Core/API/JSValue.mm	2013-01-31 18:54:33 UTC (rev 141442)
+++ trunk/Source/_javascript_Core/API/JSValue.mm	2013-01-31 18:54:56 UTC (rev 141443)
@@ -274,8 +274,10 @@
 
 - (JSValue *)valueAtIndex:(NSUInteger)index
 {
+    // Properties that are higher than an unsigned value can hold are converted to a double then inserted as a normal property.
+    // Indices that are bigger than the max allowed index size (UINT_MAX - 1) will be handled internally in get().
     if (index != (unsigned)index)
-        [self valueForProperty:[[JSValue valueWithDouble:index inContext:_context] toString]];
+        return [self valueForProperty:[[JSValue valueWithDouble:index inContext:_context] toString]];
 
     JSValueRef exception = 0;
     JSObjectRef object = JSValueToObject(contextInternalContext(_context), m_value, &exception);
@@ -291,6 +293,8 @@
 
 - (void)setValue:(id)value atIndex:(NSUInteger)index
 {
+    // Properties that are higher than an unsigned value can hold are converted to a double, then inserted as a normal property.
+    // Indices that are bigger than the max allowed index size (UINT_MAX - 1) will be handled internally in putByIndex().
     if (index != (unsigned)index)
         return [self setValue:value forProperty:[[JSValue valueWithDouble:index inContext:_context] toString]];
 
@@ -864,12 +868,6 @@
         if ([object isKindOfClass:[JSValue class]])
             return (ObjcContainerConvertor::Task){ object, ((JSValue *)object)->m_value, ContainerNone };
 
-        if ([object isKindOfClass:[NSArray class]])
-            return (ObjcContainerConvertor::Task){ object, JSObjectMakeArray(contextRef, 0, NULL, 0), ContainerArray };
-
-        if ([object isKindOfClass:[NSDictionary class]])
-            return (ObjcContainerConvertor::Task){ object, JSObjectMake(contextRef, 0, 0), ContainerDictionary };
-
         if ([object isKindOfClass:[NSString class]]) {
             JSStringRef string = JSStringCreateWithCFString((CFStringRef)object);
             JSValueRef js = JSValueMakeString(contextRef, string);

Modified: trunk/Source/_javascript_Core/API/tests/testapi.mm (141442 => 141443)


--- trunk/Source/_javascript_Core/API/tests/testapi.mm	2013-01-31 18:54:33 UTC (rev 141442)
+++ trunk/Source/_javascript_Core/API/tests/testapi.mm	2013-01-31 18:54:56 UTC (rev 141443)
@@ -257,6 +257,34 @@
     }
 
     @autoreleasepool {
+        JSContext *context = [[[JSContext alloc] init] autorelease];        
+        JSValue *array = [JSValue valueWithNewArrayInContext:context];
+        checkResult(@"arrayLengthEmpty", [[array[@"length"] toNumber] unsignedIntegerValue] == 0);
+        JSValue *value1 = [JSValue valueWithInt32:42 inContext:context];
+        JSValue *value2 = [JSValue valueWithInt32:24 inContext:context];
+        NSUInteger lowIndex = 5;
+        NSUInteger maxLength = UINT_MAX;
+
+        [array setValue:value1 atIndex:lowIndex];
+        checkResult(@"array.length after put to low index", [[array[@"length"] toNumber] unsignedIntegerValue] == (lowIndex + 1));
+
+        [array setValue:value1 atIndex:(maxLength - 1)];
+        checkResult(@"array.length after put to maxLength - 1", [[array[@"length"] toNumber] unsignedIntegerValue] == maxLength);
+
+        [array setValue:value2 atIndex:maxLength];
+        checkResult(@"array.length after put to maxLength", [[array[@"length"] toNumber] unsignedIntegerValue] == maxLength);
+
+        [array setValue:value2 atIndex:(maxLength + 1)];
+        checkResult(@"array.length after put to maxLength + 1", [[array[@"length"] toNumber] unsignedIntegerValue] == maxLength);
+
+        checkResult(@"valueAtIndex:0 is undefined", [[array valueAtIndex:0] isUndefined]);
+        checkResult(@"valueAtIndex:lowIndex", [[array valueAtIndex:lowIndex] toInt32] == 42);
+        checkResult(@"valueAtIndex:maxLength - 1", [[array valueAtIndex:(maxLength - 1)] toInt32] == 42);
+        checkResult(@"valueAtIndex:maxLength", [[array valueAtIndex:maxLength] toInt32] == 24);
+        checkResult(@"valueAtIndex:maxLength + 1", [[array valueAtIndex:(maxLength + 1)] toInt32] == 24);
+    }
+
+    @autoreleasepool {
         JSContext *context = [[[JSContext alloc] init] autorelease];
         JSValue *object = [JSValue valueWithNewObjectInContext:context];

Modified: trunk/Source/_javascript_Core/ChangeLog (141442 => 141443)


--- trunk/Source/_javascript_Core/ChangeLog	2013-01-31 18:54:33 UTC (rev 141442)
+++ trunk/Source/_javascript_Core/ChangeLog	2013-01-31 18:54:56 UTC (rev 141443)
@@ -1,3 +1,20 @@
+2013-01-31  Mark Hahnenberg  <[email protected]>
+
+        Objective-C API: Fix insertion of values greater than the max index allowed by the spec
+        https://bugs.webkit.org/show_bug.cgi?id=108264
+
+        Reviewed by Oliver Hunt.
+
+        Fixed a bug, added a test to the API tests, cleaned up some code.
+
+        * API/JSValue.h: Changed some of the documentation on setValue:atIndex: to indicate that 
+        setting values at indices greater than UINT_MAX - 1 wont' affect the length of JS arrays.
+        * API/JSValue.mm:
+        (-[JSValue valueAtIndex:]): We weren't returning when we should have been.
+        (-[JSValue setValue:atIndex:]): Added a comment about why we do the early check for being larger than UINT_MAX.
+        (objectToValueWithoutCopy): Removed two redundant cases that were already checked previously.
+        * API/tests/testapi.mm:
+
 2013-01-30  Andreas Kling  <[email protected]>
 
         Vector should consult allocator about ideal size when choosing capacity.

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to