Changeset 47092 in webkit for trunk/JavaScriptCore/runtime/UString.cpp

Timestamp:

Aug 11, 2009, 11:22:41 PM (16 years ago)

Author:

[email protected]

Message:

Make it harder to misuse try* allocation routines
​https://bugs.webkit.org/show_bug.cgi?id=27469

Reviewed by Gavin Barraclough

Jump through a few hoops to make it much harder to accidentally
miss null-checking of values returned by the try-* allocation
routines.

File:

• trunk/JavaScriptCore/runtime/UString.cpp (modified) (14 diffs)

trunk/JavaScriptCore/runtime/UString.cpp

@@ -69 +69 @@
 static inline size_t maxUChars() { return std::numeric_limits<size_t>::max() / sizeof(UChar); }
 
-static inline UChar* allocChars(size_t length)
+static inline PossiblyNull<UChar*> allocChars(size_t length)
 {
     ASSERT(length);
     if (length > maxUChars())
         return 0;
-    return static_cast<UChar*>(tryFastMalloc(sizeof(UChar) * length));
-}
-
-static inline UChar* reallocChars(UChar* buffer, size_t length)
+    return tryFastMalloc(sizeof(UChar) * length);
+}
+
+static inline PossiblyNull<UChar*> reallocChars(UChar* buffer, size_t length)
 {
     ASSERT(length);
     if (length > maxUChars())
         return 0;
-    return static_cast<UChar*>(tryFastRealloc(buffer, sizeof(UChar) * length));
+    return tryFastRealloc(buffer, sizeof(UChar) * length);
 }
 
@@ -481 +481 @@
         size_t newCapacity = expandedSize(requiredLength, base->preCapacity);
         UChar* oldBuf = base->buf;
-        base->buf = reallocChars(base->buf, newCapacity);
-        if (!base->buf) {
+        if (!reallocChars(base->buf, newCapacity).getValue(base->buf)) {
             base->buf = oldBuf;
             return false;
@@ -513 +512 @@
     size_t newCapacity = expandedSize(capacity, base->preCapacity);
     UChar* oldBuf = base->buf;
-    base->buf = reallocChars(base->buf, newCapacity);
-    if (!base->buf) {
+    if (!reallocChars(base->buf, newCapacity).getValue(base->buf)) {
         base->buf = oldBuf;
         return false;
@@ -541 +539 @@
         int delta = newCapacity - base->capacity - base->preCapacity;
 
-        UChar* newBuf = allocChars(newCapacity);
-        if (!newBuf) {
+        UChar* newBuf;
+        if (!allocChars(newCapacity).getValue(newBuf)) {
             makeNull();
             return;
@@ -567 +565 @@
 
     size_t length = strlen(c);
-    UChar* d = allocChars(length);
-    if (!d)
+    UChar* d;
+    if (!allocChars(length).getValue(d))
         return &UString::Rep::null();
     else {
@@ -657 +655 @@
         // This is shared in some way that prevents us from modifying base, so we must make a whole new string.
         size_t newCapacity = expandedSize(length, 0);
-        UChar* d = allocChars(newCapacity);
-        if (!d)
+        UChar* d;
+        if (!allocChars(newCapacity).getValue(d))
             rep = &UString::Rep::null();
         else {
@@ -713 +711 @@
         // This is shared in some way that prevents us from modifying base, so we must make a whole new string.
         size_t newCapacity = expandedSize(length, 0);
-        UChar* d = allocChars(newCapacity);
-        if (!d)
+        UChar* d;
+        if (!allocChars(newCapacity).getValue(d))
             rep = &UString::Rep::null();
         else {
@@ -801 +799 @@
     // a does not qualify for append, and b does not qualify for prepend, gotta make a whole new string
     size_t newCapacity = expandedSize(length, 0);
-    UChar* d = allocChars(newCapacity);
-    if (!d)
+    UChar* d;
+    if (!allocChars(newCapacity).getValue(d))
         return 0;
     copyChars(d, a->data(), aSize);
@@ -1077 +1075 @@
         return "";
 
-    UChar* buffer = allocChars(totalLength);
-    if (!buffer)
+    UChar* buffer;
+    if (!allocChars(totalLength).getValue(buffer))
         return null();
 
@@ -1106 +1104 @@
         return "";
 
-    UChar* buffer = allocChars(totalLength);
-    if (!buffer)
+    UChar* buffer;
+    if (!allocChars(totalLength).getValue(buffer))
         return null();
 
@@ -1154 +1152 @@
         // This is shared in some way that prevents us from modifying base, so we must make a whole new string.
         size_t newCapacity = expandedSize(length, 0);
-        UChar* d = allocChars(newCapacity);
-        if (!d)
+        UChar* d;
+        if (!allocChars(newCapacity).getValue(d))
             makeNull();
         else {
@@ -1207 +1205 @@
         // this is empty - must make a new m_rep because we don't want to pollute the shared empty one 
         size_t newCapacity = expandedSize(1, 0);
-        UChar* d = allocChars(newCapacity);
-        if (!d)
+        UChar* d;
+        if (!allocChars(newCapacity).getValue(d))
             makeNull();
         else {
@@ -1235 +1233 @@
         // This is shared in some way that prevents us from modifying base, so we must make a whole new string.
         size_t newCapacity = expandedSize(length + 1, 0);
-        UChar* d = allocChars(newCapacity);
-        if (!d)
+        UChar* d;
+        if (!allocChars(newCapacity).getValue(d))
             makeNull();
         else {
@@ -1314 +1312 @@
         m_rep->len = l;
     } else {
-        d = allocChars(l);
-        if (!d) {
+        if (!allocChars(l).getValue(d)) {
             makeNull();
             return *this;