Changeset 130424 in webkit for trunk/Source/JavaScriptCore/API/JSValueRef.cpp

Timestamp:

Oct 4, 2012, 1:27:45 PM (13 years ago)

Author:

[email protected]

Message:

Crash in Safari at com.apple.JavaScriptCore: WTF::StringImpl::is8Bit const + 12
​https://bugs.webkit.org/show_bug.cgi?id=98433

Reviewed by Jessie Berlin.

The problem is due to a String with a null StringImpl (i.e. a null string).
Added a length check before the is8Bit() check since length() checks for a null StringImpl. Changed the
characters16() call to characters() since it can handle a null StringImpl as well.

• API/JSValueRef.cpp:

(JSValueMakeFromJSONString):

File:

• trunk/Source/JavaScriptCore/API/JSValueRef.cpp (modified) (1 diff)

trunk/Source/JavaScriptCore/API/JSValueRef.cpp

@@ -236 +236 @@
     APIEntryShim entryShim(exec);
     String str = string->string();
-    if (str.is8Bit()) {
-        LiteralParser<LChar> parser(exec, str.characters8(), str.length(), StrictJSON);
+    unsigned length = str.length();
+    if (length && str.is8Bit()) {
+        LiteralParser<LChar> parser(exec, str.characters8(), length, StrictJSON);
         return toRef(exec, parser.tryLiteralParse());
     }
-    LiteralParser<UChar> parser(exec, str.characters16(), str.length(), StrictJSON);
+    LiteralParser<UChar> parser(exec, str.characters(), length, StrictJSON);
     return toRef(exec, parser.tryLiteralParse());
 }