• Peter Marshall's avatar
    [typedarray] Fix GetBuffer for 0-length off-heap typed arrays. · eab5583a
    Peter Marshall authored
    Fixes a crash that happens when calling postMessage on an empty typed
    array.
    
    GetBuffer should only call MaterializeArrayBuffer for on-heap buffers,
    but the on-heap check is slightly wrong. This CL moves the on-heap check
    logic to the JSTypedArray class so that other parts of the codebase
    don't need to worry about how that is determined.
    
    Also add some dchecks to materialize itself. It should only receive
    on-heap buffers and should always transform them to off-heap buffers.
    There is also no reason for it to be static, so change that here too.
    
    Bug: chromium:797588
    Change-Id: Icd88a5b68e424d82c9f1f7889ca42a40a72a1bdc
    Reviewed-on: https://chromium-review.googlesource.com/995898
    Commit-Queue: Peter Marshall <petermarshall@chromium.org>
    Reviewed-by: 's avatarCamillo Bruni <cbruni@chromium.org>
    Cr-Commit-Position: refs/heads/master@{#52388}
    eab5583a
deserializer.cc 34.7 KB