Title: [160453] trunk/Source/WTF
- Revision
- 160453
- Author
- [email protected]
- Date
- 2013-12-11 14:06:13 -0800 (Wed, 11 Dec 2013)
Log Message
Give Unique StringImpls a meaningful data pointer
https://bugs.webkit.org/show_bug.cgi?id=125598
Reviewed by Michael Saboff.
Found by code inspection. If there is a collision in an Identifier
table when comparing to a string literal we attempt to use the data
pointer (essentially this ends up being a null termination check).
Previously unique pointers just used the literal 1 as the data address
but this obviously fails when dereferenced. Instead we now make the
data pointer point to the location of the buffer pointer itself. As
the buffer pointer is initialised to 0, this satisfies the requirement
that the 0-length unique string is null terminated.
* wtf/text/StringImpl.h:
(WTF::StringImpl::StringImpl):
Modified Paths
Diff
Modified: trunk/Source/WTF/ChangeLog (160452 => 160453)
--- trunk/Source/WTF/ChangeLog 2013-12-11 22:06:11 UTC (rev 160452)
+++ trunk/Source/WTF/ChangeLog 2013-12-11 22:06:13 UTC (rev 160453)
@@ -1,3 +1,23 @@
+2013-12-11 Oliver Hunt <[email protected]>
+
+ Give Unique StringImpls a meaningful data pointer
+ https://bugs.webkit.org/show_bug.cgi?id=125598
+
+ Reviewed by Michael Saboff.
+
+ Found by code inspection. If there is a collision in an Identifier
+ table when comparing to a string literal we attempt to use the data
+ pointer (essentially this ends up being a null termination check).
+
+ Previously unique pointers just used the literal 1 as the data address
+ but this obviously fails when dereferenced. Instead we now make the
+ data pointer point to the location of the buffer pointer itself. As
+ the buffer pointer is initialised to 0, this satisfies the requirement
+ that the 0-length unique string is null terminated.
+
+ * wtf/text/StringImpl.h:
+ (WTF::StringImpl::StringImpl):
+
2013-12-10 Anders Carlsson <[email protected]>
Add a HashMap constructor that takes an initializer list
Modified: trunk/Source/WTF/wtf/text/StringImpl.h (160452 => 160453)
--- trunk/Source/WTF/wtf/text/StringImpl.h 2013-12-11 22:06:11 UTC (rev 160452)
+++ trunk/Source/WTF/wtf/text/StringImpl.h 2013-12-11 22:06:13 UTC (rev 160453)
@@ -315,7 +315,9 @@
StringImpl(CreateEmptyUnique_T)
: m_refCount(s_refCountIncrement)
, m_length(0)
- , m_data16(reinterpret_cast<const UChar*>(1))
+ // We expect m_buffer to be initialized to 0 as we use it
+ // to represent a null terminated buffer.
+ , m_data16(reinterpret_cast<const UChar*>(&m_buffer))
, m_buffer(0)
{
ASSERT(m_data16);
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
