v8::String::Concat must not throw.

R=dcarney@chromium.org BUG=chromium:420240 LOG=Y API=v8::String::Concat may return empty handle on overflow. Review URL: https://codereview.chromium.org/735763002 Cr-Commit-Position: refs/heads/master@{#25402}

v8::String::Concat must not throw.
R=dcarney@chromium.org BUG=chromium:420240 LOG=Y API=v8::String::Concat may return empty handle on overflow. Review URL: https://codereview.chromium.org/735763002 Cr-Commit-Position: refs/heads/master@{#25402}
cfccf397 · yangguo · Commit bot · bbf48588 · cfccf397 · cfccf397
Commit cfccf397 authored Nov 18, 2014 by yangguo Committed by Commit bot Nov 18, 2014
Hide whitespace changes
Inline Side-by-side

Showing with 30 additions and 7 deletions

api.cc src/api.cc +5 -1

test-api.cc test/cctest/test-api.cc +25 -6

No files found.
--- a/src/api.cc
+++ b/src/api.cc
@@ -5550,7 +5550,11 @@ Local<String> v8::String::Concat(Handle<String> left, Handle<String> right) {
  LOG_API(isolate, "String::New(char)");
  ENTER_V8(isolate);
  i::Handle<i::String> right_string = Utils::OpenHandle(*right);
-  // We do not expect this to fail. Change this if it does.
+  // If we are steering towards a range error, do not wait for the error to be
+  // thrown, and return the null handle instead.
+  if (left_string->length() + right_string->length() > i::String::kMaxLength) {
+    return Local<String>();
+  }
  i::Handle<i::String> result = isolate->factory()->NewConsString(
      left_string, right_string).ToHandleChecked();
  return Utils::ToLocal(result);

--- a/test/cctest/test-api.cc
+++ b/test/cctest/test-api.cc
@@ -742,23 +742,28 @@ THREADED_TEST(UsingExternalOneByteString) {
 }
-class DummyResource : public v8::String::ExternalStringResource {
+class RandomLengthResource : public v8::String::ExternalStringResource {
 public:
+  explicit RandomLengthResource(int length) : length_(length) {}
  virtual const uint16_t* data() const { return string_; }
-  virtual size_t length() const { return 1 << 30; }
+  virtual size_t length() const { return length_; }
 private:
  uint16_t string_[10];
+  int length_;
 };
-class DummyOneByteResource : public v8::String::ExternalOneByteStringResource {
+class RandomLengthOneByteResource
+    : public v8::String::ExternalOneByteStringResource {
 public:
+  explicit RandomLengthOneByteResource(int length) : length_(length) {}
  virtual const char* data() const { return string_; }
-  virtual size_t length() const { return 1 << 30; }
+  virtual size_t length() const { return length_; }
 private:
  char string_[10];
+  int length_;
 };
@@ -767,7 +772,7 @@ THREADED_TEST(NewExternalForVeryLongString) {
    LocalContext env;
    v8::HandleScope scope(env->GetIsolate());
    v8::TryCatch try_catch;
-    DummyOneByteResource r;
+    RandomLengthOneByteResource r(1 << 30);
    v8::Local<v8::String> str = v8::String::NewExternal(CcTest::isolate(), &r);
    CHECK(str.IsEmpty());
    CHECK(try_catch.HasCaught());
@@ -779,7 +784,7 @@ THREADED_TEST(NewExternalForVeryLongString) {
    LocalContext env;
    v8::HandleScope scope(env->GetIsolate());
    v8::TryCatch try_catch;
-    DummyResource r;
+    RandomLengthResource r(1 << 30);
    v8::Local<v8::String> str = v8::String::NewExternal(CcTest::isolate(), &r);
    CHECK(str.IsEmpty());
    CHECK(try_catch.HasCaught());
@@ -24232,3 +24237,17 @@ TEST(InvalidCacheData) {
  TestInvalidCacheData(v8::ScriptCompiler::kConsumeParserCache);
  TestInvalidCacheData(v8::ScriptCompiler::kConsumeCodeCache);
 }
+TEST(StringConcatOverflow) {
+  v8::V8::Initialize();
+  v8::HandleScope scope(CcTest::isolate());
+  RandomLengthOneByteResource* r =
+      new RandomLengthOneByteResource(i::String::kMaxLength);
+  v8::Local<v8::String> str = v8::String::NewExternal(CcTest::isolate(), r);
+  CHECK(!str.IsEmpty());
+  v8::TryCatch try_catch;
+  v8::Local<v8::String> result = v8::String::Concat(str, str);
+  CHECK(result.IsEmpty());
+  CHECK(!try_catch.HasCaught());
+}