[SCM] WebKit Debian packaging branch, debian/unstable, updated. debian/1.1.15-1-40151-g37bb677
darin
darin at 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Sat Sep 26 08:36:10 UTC 2009
The following commit has been merged in the debian/unstable branch:
commit 8de987aabaa80c5c5ea0414eaa3aabe50acbaabc
Author: darin <darin at 268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Thu Apr 22 17:10:59 2004 +0000
Reviewed by Maciej.
- fixed <rdar://problem/3627473>: "REGRESSION (125-137): memory trasher in UString::append, causing many different crashes"
* kjs/ustring.cpp:
(KJS::UString::expandCapacity): Fix sizeof(UChar *) that should be sizeof(UChar).
Was resulting in a buffer 2x the needed size.
(KJS::UString::expandPreCapacity): Ditto.
(KJS::UString::append): Fix malloc that is missing a sizeof(UChar).
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@6454 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/JavaScriptCore/ChangeLog b/JavaScriptCore/ChangeLog
index 3c278b4..ad330c3 100644
--- a/JavaScriptCore/ChangeLog
+++ b/JavaScriptCore/ChangeLog
@@ -1,3 +1,15 @@
+2004-04-22 Darin Adler <darin at apple.com>
+
+ Reviewed by Maciej.
+
+ - fixed <rdar://problem/3627473>: "REGRESSION (125-137): memory trasher in UString::append, causing many different crashes"
+
+ * kjs/ustring.cpp:
+ (KJS::UString::expandCapacity): Fix sizeof(UChar *) that should be sizeof(UChar).
+ Was resulting in a buffer 2x the needed size.
+ (KJS::UString::expandPreCapacity): Ditto.
+ (KJS::UString::append): Fix malloc that is missing a sizeof(UChar).
+
2004-04-21 Maciej Stachowiak <mjs at apple.com>
Reviewed by Darin.
diff --git a/JavaScriptCore/kjs/ustring.cpp b/JavaScriptCore/kjs/ustring.cpp
index 61f0586..4f1ab6a 100644
--- a/JavaScriptCore/kjs/ustring.cpp
+++ b/JavaScriptCore/kjs/ustring.cpp
@@ -197,7 +197,7 @@ UString::Rep *UString::Rep::create(UChar *d, int l)
return r;
}
-UString::Rep *UString::Rep::create(UString::Rep *base, int offset, int length)
+UString::Rep *UString::Rep::create(Rep *base, int offset, int length)
{
assert(base);
@@ -337,7 +337,7 @@ void UString::expandCapacity(int requiredLength)
if (requiredLength > r->capacity) {
int newCapacity = expandedSize(requiredLength, r->preCapacity);
- r->buf = static_cast<UChar *>(realloc(r->buf, newCapacity * sizeof(UChar *)));
+ r->buf = static_cast<UChar *>(realloc(r->buf, newCapacity * sizeof(UChar)));
r->capacity = newCapacity - r->preCapacity;
}
if (requiredLength > r->usedCapacity) {
@@ -353,7 +353,7 @@ void UString::expandPreCapacity(int requiredPreCap)
int newCapacity = expandedSize(requiredPreCap, r->capacity);
int delta = newCapacity - r->capacity - r->preCapacity;
- UChar *newBuf = static_cast<UChar *>(malloc(newCapacity * sizeof(UChar *)));
+ UChar *newBuf = static_cast<UChar *>(malloc(newCapacity * sizeof(UChar)));
memcpy(newBuf + delta, r->buf, (r->capacity + r->preCapacity) * sizeof(UChar));
free(r->buf);
r->buf = newBuf;
@@ -622,7 +622,7 @@ UString &UString::append(const UString &t)
} else {
// this is shared with someone using more capacity, gotta make a whole new string
int newCapacity = expandedSize(sizeof(UChar) * length, 0);
- UChar *d = static_cast<UChar *>(malloc(newCapacity));
+ UChar *d = static_cast<UChar *>(malloc(sizeof(UChar) * newCapacity));
memcpy(d, data(), thisSize * sizeof(UChar));
memcpy(const_cast<UChar *>(d + thisSize), t.data(), tSize * sizeof(UChar));
release();
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list