summaryrefslogtreecommitdiff
path: root/Source/JavaScriptCore/runtime/ArrayBufferView.h
diff options
context:
space:
mode:
authorLorry Tar Creator <lorry-tar-importer@lorry>2016-04-10 09:28:39 +0000
committerLorry Tar Creator <lorry-tar-importer@lorry>2016-04-10 09:28:39 +0000
commit32761a6cee1d0dee366b885b7b9c777e67885688 (patch)
treed6bec92bebfb216f4126356e55518842c2f476a1 /Source/JavaScriptCore/runtime/ArrayBufferView.h
parenta4e969f4965059196ca948db781e52f7cfebf19e (diff)
downloadWebKitGtk-tarball-32761a6cee1d0dee366b885b7b9c777e67885688.tar.gz
webkitgtk-2.4.11webkitgtk-2.4.11
Diffstat (limited to 'Source/JavaScriptCore/runtime/ArrayBufferView.h')
-rw-r--r--Source/JavaScriptCore/runtime/ArrayBufferView.h22
1 files changed, 12 insertions, 10 deletions
diff --git a/Source/JavaScriptCore/runtime/ArrayBufferView.h b/Source/JavaScriptCore/runtime/ArrayBufferView.h
index 3fc10b0dd..2b8f70d8b 100644
--- a/Source/JavaScriptCore/runtime/ArrayBufferView.h
+++ b/Source/JavaScriptCore/runtime/ArrayBufferView.h
@@ -10,10 +10,10 @@
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
- * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * THIS SOFTWARE IS PROVIDED BY APPLE COMPUTER, INC. ``AS IS'' AND ANY
* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE COMPUTER, INC. OR
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
@@ -77,20 +77,22 @@ public:
JS_EXPORT_PRIVATE virtual ~ArrayBufferView();
- // Helper to verify byte offset is size aligned.
- static bool verifyByteOffsetAlignment(unsigned byteOffset, size_t size)
- {
- return !(byteOffset & (size - 1));
- }
-
// Helper to verify that a given sub-range of an ArrayBuffer is
// within range.
- static bool verifySubRangeLength(PassRefPtr<ArrayBuffer> buffer, unsigned byteOffset, unsigned numElements, size_t size)
+ // FIXME: This should distinguish between alignment errors and bounds errors.
+ // https://bugs.webkit.org/show_bug.cgi?id=125391
+ template <typename T>
+ static bool verifySubRange(
+ PassRefPtr<ArrayBuffer> buffer,
+ unsigned byteOffset,
+ unsigned numElements)
{
unsigned byteLength = buffer->byteLength();
+ if (sizeof(T) > 1 && byteOffset % sizeof(T))
+ return false;
if (byteOffset > byteLength)
return false;
- unsigned remainingElements = (byteLength - byteOffset) / size;
+ unsigned remainingElements = (byteLength - byteOffset) / sizeof(T);
if (numElements > remainingElements)
return false;
return true;
View Lorry Controller Status