Title: [164851] trunk/Source/_javascript_Core
- Revision
- 164851
- Author
- [email protected]
- Date
- 2014-02-27 21:30:09 -0800 (Thu, 27 Feb 2014)
Log Message
indexOf and lastIndexOf shouldn't resolve ropes when needle is longer than haystack
https://bugs.webkit.org/show_bug.cgi?id=129466
Reviewed by Michael Saboff.
Refactored the code to avoid calling JSString::value when needle is longer than haystack.
* runtime/StringPrototype.cpp:
(JSC::stringProtoFuncIndexOf):
(JSC::stringProtoFuncLastIndexOf):
Modified Paths
Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (164850 => 164851)
--- trunk/Source/_javascript_Core/ChangeLog 2014-02-28 05:11:55 UTC (rev 164850)
+++ trunk/Source/_javascript_Core/ChangeLog 2014-02-28 05:30:09 UTC (rev 164851)
@@ -1,3 +1,16 @@
+2014-02-27 Ryosuke Niwa <[email protected]>
+
+ indexOf and lastIndexOf shouldn't resolve ropes when needle is longer than haystack
+ https://bugs.webkit.org/show_bug.cgi?id=129466
+
+ Reviewed by Michael Saboff.
+
+ Refactored the code to avoid calling JSString::value when needle is longer than haystack.
+
+ * runtime/StringPrototype.cpp:
+ (JSC::stringProtoFuncIndexOf):
+ (JSC::stringProtoFuncLastIndexOf):
+
2014-02-27 Timothy Hatcher <[email protected]>
Improve how ContentSearchUtilities::lineEndings works by supporting the three common line endings.
Modified: trunk/Source/_javascript_Core/runtime/StringPrototype.cpp (164850 => 164851)
--- trunk/Source/_javascript_Core/runtime/StringPrototype.cpp 2014-02-28 05:11:55 UTC (rev 164850)
+++ trunk/Source/_javascript_Core/runtime/StringPrototype.cpp 2014-02-28 05:30:09 UTC (rev 164851)
@@ -752,18 +752,16 @@
JSValue thisValue = exec->hostThisValue();
if (!checkObjectCoercible(thisValue))
return throwVMTypeError(exec);
- String s = thisValue.toString(exec)->value(exec);
JSValue a0 = exec->argument(0);
JSValue a1 = exec->argument(1);
- String u2 = a0.toString(exec)->value(exec);
- size_t result;
- if (a1.isUndefined())
- result = s.find(u2);
- else {
- unsigned pos;
- int len = s.length();
+ JSString* thisJSString = thisValue.toString(exec);
+ JSString* otherJSString = a0.toString(exec);
+
+ unsigned pos = 0;
+ if (!a1.isUndefined()) {
+ int len = thisJSString->length();
if (a1.isUInt32())
pos = std::min<uint32_t>(a1.asUInt32(), len);
else {
@@ -774,9 +772,12 @@
dpos = len;
pos = static_cast<unsigned>(dpos);
}
- result = s.find(u2, pos);
}
+ if (thisJSString->length() < otherJSString->length() + pos)
+ return JSValue::encode(jsNumber(-1));
+
+ size_t result = thisJSString->value(exec).find(otherJSString->value(exec), pos);
if (result == notFound)
return JSValue::encode(jsNumber(-1));
return JSValue::encode(jsNumber(result));
@@ -787,25 +788,33 @@
JSValue thisValue = exec->hostThisValue();
if (!checkObjectCoercible(thisValue))
return throwVMTypeError(exec);
- String s = thisValue.toString(exec)->value(exec);
- int len = s.length();
JSValue a0 = exec->argument(0);
JSValue a1 = exec->argument(1);
- String u2 = a0.toString(exec)->value(exec);
+ JSString* thisJSString = thisValue.toString(exec);
+ unsigned len = thisJSString->length();
+ JSString* otherJSString = a0.toString(exec);
+
double dpos = a1.toIntegerPreserveNaN(exec);
+ unsigned startPosition;
if (dpos < 0)
- dpos = 0;
+ startPosition = 0;
else if (!(dpos <= len)) // true for NaN
- dpos = len;
+ startPosition = len;
+ else
+ startPosition = static_cast<unsigned>(dpos);
+ if (len < otherJSString->length())
+ return JSValue::encode(jsNumber(-1));
+
+ String thisString = thisJSString->value(exec);
+ String otherString = otherJSString->value(exec);
size_t result;
- unsigned startPosition = static_cast<unsigned>(dpos);
if (!startPosition)
- result = s.startsWith(u2) ? 0 : notFound;
+ result = thisString.startsWith(otherString) ? 0 : notFound;
else
- result = s.reverseFind(u2, startPosition);
+ result = thisString.reverseFind(otherString, startPosition);
if (result == notFound)
return JSValue::encode(jsNumber(-1));
return JSValue::encode(jsNumber(result));
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
