[SCM] WebKit Debian packaging branch, debian/unstable, updated. debian/1.1.15-1-40151-g37bb677

darin darin at 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Sat Sep 26 06:48:50 UTC 2009 

The following commit has been merged in the debian/unstable branch:
commit c2ded481ba035e423916da2f86c14ba959b3c3f6
Author: darin <darin at 268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date:   Fri Oct 11 04:07:07 2002 +0000

    	- fixed 3072643 -- infinite loop in JavaScript code at walgreens.com
    
    	The problem is that "xxx".indexOf("", 1) needs to return 1, but we
    	were returning 0.
    
            * kjs/ustring.cpp:
            (UString::find): Return pos, not 0, when the search string is empty.
            (UString::rfind): Make sure that pos is not past the end of the string,
    	taking into account the search string; fixes a potential read off the end
    	of the buffer. Also return pos, not 0, when the search string is empty.
    
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@2304 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/JavaScriptCore/ChangeLog b/JavaScriptCore/ChangeLog
index 94ea7d9..f022996 100644
--- a/JavaScriptCore/ChangeLog
+++ b/JavaScriptCore/ChangeLog
@@ -1,3 +1,16 @@
+2002-10-10  Darin Adler  <darin at apple.com>
+
+	- fixed 3072643 -- infinite loop in JavaScript code at walgreens.com
+
+	The problem is that "xxx".indexOf("", 1) needs to return 1, but we
+	were returning 0.
+
+        * kjs/ustring.cpp:
+        (UString::find): Return pos, not 0, when the search string is empty.
+        (UString::rfind): Make sure that pos is not past the end of the string,
+	taking into account the search string; fixes a potential read off the end
+	of the buffer. Also return pos, not 0, when the search string is empty.
+
 === Alexander-27 ===
 
 2002-10-07  Darin Adler  <darin at apple.com>
diff --git a/JavaScriptCore/ChangeLog-2002-12-03 b/JavaScriptCore/ChangeLog-2002-12-03
index 94ea7d9..f022996 100644
--- a/JavaScriptCore/ChangeLog-2002-12-03
+++ b/JavaScriptCore/ChangeLog-2002-12-03
@@ -1,3 +1,16 @@
+2002-10-10  Darin Adler  <darin at apple.com>
+
+	- fixed 3072643 -- infinite loop in JavaScript code at walgreens.com
+
+	The problem is that "xxx".indexOf("", 1) needs to return 1, but we
+	were returning 0.
+
+        * kjs/ustring.cpp:
+        (UString::find): Return pos, not 0, when the search string is empty.
+        (UString::rfind): Make sure that pos is not past the end of the string,
+	taking into account the search string; fixes a potential read off the end
+	of the buffer. Also return pos, not 0, when the search string is empty.
+
 === Alexander-27 ===
 
 2002-10-07  Darin Adler  <darin at apple.com>
diff --git a/JavaScriptCore/ChangeLog-2003-10-25 b/JavaScriptCore/ChangeLog-2003-10-25
index 94ea7d9..f022996 100644
--- a/JavaScriptCore/ChangeLog-2003-10-25
+++ b/JavaScriptCore/ChangeLog-2003-10-25
@@ -1,3 +1,16 @@
+2002-10-10  Darin Adler  <darin at apple.com>
+
+	- fixed 3072643 -- infinite loop in JavaScript code at walgreens.com
+
+	The problem is that "xxx".indexOf("", 1) needs to return 1, but we
+	were returning 0.
+
+        * kjs/ustring.cpp:
+        (UString::find): Return pos, not 0, when the search string is empty.
+        (UString::rfind): Make sure that pos is not past the end of the string,
+	taking into account the search string; fixes a potential read off the end
+	of the buffer. Also return pos, not 0, when the search string is empty.
+
 === Alexander-27 ===
 
 2002-10-07  Darin Adler  <darin at apple.com>
diff --git a/JavaScriptCore/kjs/ustring.cpp b/JavaScriptCore/kjs/ustring.cpp
index 24722f7..abf552e 100644
--- a/JavaScriptCore/kjs/ustring.cpp
+++ b/JavaScriptCore/kjs/ustring.cpp
@@ -491,10 +491,10 @@ int UString::find(const UString &f, int pos) const
   int fsz = f.size();
   if (sz < fsz)
     return -1;
-  if (fsz == 0)
-    return 0;
   if (pos < 0)
     pos = 0;
+  if (fsz == 0)
+    return pos;
   const UChar *end = data() + sz - fsz;
   long fsizeminusone = (fsz - 1) * sizeof(UChar);
   const UChar *fdata = f.data();
@@ -523,10 +523,12 @@ int UString::rfind(const UString &f, int pos) const
   int fsz = f.size();
   if (sz < fsz)
     return -1;
-  if (fsz == 0)
-    return 0;
   if (pos < 0)
     pos = 0;
+  if (pos > sz - fsz)
+    pos = sz - fsz;
+  if (fsz == 0)
+    return pos;
   long fsizeminusone = (fsz - 1) * sizeof(UChar);
   const UChar *fdata = f.data();
   for (const UChar *c = data() + pos; c >= data(); c--) {

-- 
WebKit Debian packaging

More information about the Pkg-webkit-commits mailing list