Commit 2876c3f0 authored by Toon Verwaest's avatar Toon Verwaest Committed by Commit Bot

[runtime] We cannot trust byteness of slice/thin/cons strings

MakeExternal can change byteness of strings without updating wrappers; hence we
cannot trust byteness of wrappers. Unwrap the string before checking encoding.

Bug: chromium:960680

Change-Id: I95d2bca906141c0d8b3de8fdac44b9fdb2ef2c43
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601140Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61326}
parent 2e1fe076
......@@ -6860,7 +6860,8 @@ Handle<StringTable> StringTable::CautiousShrink(Isolate* isolate,
namespace {
template <typename Char>
Address LookupString(Isolate* isolate, String string) {
Address LookupString(Isolate* isolate, String string, String source,
size_t start) {
DisallowHeapAllocation no_gc;
StringTable table = isolate->heap()->string_table();
uint64_t seed = HashSeed(isolate);
......@@ -6870,19 +6871,12 @@ Address LookupString(Isolate* isolate, String string) {
std::unique_ptr<Char[]> buffer;
const Char* chars;
if (string.IsConsString()) {
if (source.IsConsString()) {
DCHECK(!source.IsFlat());
buffer.reset(new Char[length]);
String::WriteToFlat(string, buffer.get(), 0, length);
String::WriteToFlat(source, buffer.get(), 0, length);
chars = buffer.get();
} else {
String source = string;
size_t start = 0;
if (source.IsSlicedString()) {
SlicedString sliced = SlicedString::cast(source);
start = sliced.offset();
source = sliced.parent();
}
if (source.IsThinString()) source = ThinString::cast(source).actual();
chars = source.GetChars<Char>(no_gc) + start;
}
// TODO(verwaest): Internalize to one-byte when possible.
......@@ -6929,10 +6923,23 @@ Address StringTable::LookupStringIfExists_NoAllocate(Isolate* isolate,
STATIC_ASSERT(
!String::ArrayIndexValueBits::is_valid(ResultSentinel::kNotFound));
if (string.IsOneByteRepresentation()) {
return i::LookupString<uint8_t>(isolate, string);
size_t start = 0;
String source = string;
if (source.IsSlicedString()) {
SlicedString sliced = SlicedString::cast(source);
start = sliced.offset();
source = sliced.parent();
} else if (source.IsConsString() && source.IsFlat()) {
source = ConsString::cast(source).first();
}
if (source.IsThinString()) {
source = ThinString::cast(source).actual();
if (start == 0) return source.ptr();
}
if (source.IsOneByteRepresentation()) {
return i::LookupString<uint8_t>(isolate, string, source, start);
}
return i::LookupString<uint16_t>(isolate, string);
return i::LookupString<uint16_t>(isolate, string, source, start);
}
Handle<StringSet> StringSet::New(Isolate* isolate) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment