Commit 2a877bfc authored by ager@chromium.org's avatar ager@chromium.org

Landing for pmehta.

Changed a static cast from static_cast<int> to static_cast<size_t>
that previously introduced a signed/unsigned comparison issue in the
main allocator for V8 (MemoryAllocator::AllocateRawMemory) that could
be used to bypass the V8 allocation limitations or trigger integer
overflows.

Review URL: http://codereview.chromium.org/3027006/show

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5094 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
parent 35a80e16
......@@ -342,7 +342,9 @@ void MemoryAllocator::TearDown() {
void* MemoryAllocator::AllocateRawMemory(const size_t requested,
size_t* allocated,
Executability executable) {
if (size_ + static_cast<int>(requested) > capacity_) return NULL;
if (size_ + static_cast<size_t>(requested) > static_cast<size_t>(capacity_)) {
return NULL;
}
void* mem;
if (executable == EXECUTABLE && CodeRange::exists()) {
mem = CodeRange::AllocateRawMemory(requested, allocated);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment