MIRROR: javascript for ๐Ÿœ's, a tiny runtime with big ambitions
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

add array length validation

+57 -15
+1 -1
meson.build
··· 74 74 build_date = run_command('date', '+%Y-%m-%d', check: true).stdout().strip() 75 75 76 76 version_conf = configuration_data() 77 - version_conf.set('ANT_VERSION', '0.2.1.3') 77 + version_conf.set('ANT_VERSION', '0.2.1.4') 78 78 version_conf.set('ANT_GIT_HASH', git_hash) 79 79 version_conf.set('ANT_BUILD_DATE', build_date) 80 80
+56 -14
src/ant.c
··· 2872 2872 return js_mkundef(); 2873 2873 } 2874 2874 2875 + static jsval_t validate_array_length(struct js *js, jsval_t v) { 2876 + if (vtype(v) != T_NUM) { 2877 + return js_mkerr_typed(js, JS_ERR_RANGE, "Invalid array length"); 2878 + } 2879 + double d = tod(v); 2880 + if (d < 0 || d != (uint32_t)d || d >= 4294967296.0) { 2881 + return js_mkerr_typed(js, JS_ERR_RANGE, "Invalid array length"); 2882 + } 2883 + return js_mkundef(); 2884 + } 2885 + 2875 2886 jsval_t js_setprop(struct js *js, jsval_t obj, jsval_t k, jsval_t v) { 2876 2887 jsoff_t koff = (jsoff_t) vdata(k); 2877 2888 jsoff_t klen = offtolen(loadoff(js, koff)); ··· 2881 2892 } 2882 2893 2883 2894 if (vtype(obj) == T_ARR && streq(key, klen, "length", 6)) { 2884 - if (vtype(v) != T_NUM) { 2885 - return js_mkerr_typed(js, JS_ERR_RANGE, "Invalid array length"); 2886 - } 2887 - double d = tod(v); 2888 - if (d < 0 || d != (uint32_t)d || d >= 4294967296.0) { 2889 - return js_mkerr_typed(js, JS_ERR_RANGE, "Invalid array length"); 2890 - } 2895 + jsval_t err = validate_array_length(js, v); 2896 + if (is_err(err)) return err; 2891 2897 } 2892 2898 2893 2899 if (is_proxy(js, obj)) { ··· 4426 4432 jsoff_t klen = offtolen(loadoff(js, koff)); 4427 4433 const char *key = (char *)&js->mem[koff + sizeof(jsoff_t)]; 4428 4434 4435 + if (klen == 6 && memcmp(key, "length", 6) == 0) { 4436 + jsoff_t obj_off = 0; 4437 + for (jsoff_t scan = 0; scan < propoff; ) { 4438 + jsoff_t header = loadoff(js, scan); 4439 + jsoff_t cleaned = header & ~(GCMASK | CONSTMASK | ARRMASK); 4440 + if ((cleaned & 3U) == T_OBJ || (header & ARRMASK)) { 4441 + jsoff_t first_prop = cleaned & ~3U; 4442 + jsoff_t p = first_prop; 4443 + while (p != 0 && p < js->brk) { 4444 + if (p == propoff) { obj_off = scan; break; } 4445 + p = loadoff(js, p) & ~(3U | GCMASK | CONSTMASK); 4446 + } 4447 + if (obj_off != 0) break; 4448 + } 4449 + jsoff_t sz = esize(cleaned); 4450 + if (sz == (jsoff_t)~0U) break; 4451 + scan += sz; 4452 + } 4453 + if (obj_off != 0 && is_arr_off(js, obj_off)) { 4454 + jsval_t err = validate_array_length(js, val); 4455 + if (is_err(err)) return err; 4456 + } 4457 + } 4458 + 4429 4459 if (is_const_prop(js, propoff)) { 4430 4460 if (js->flags & F_STRICT) return js_mkerr(js, "assignment to constant"); 4431 4461 return mkval(T_PROP, propoff); ··· 4583 4613 return tov(offtolen(loadoff(js, (jsoff_t) vdata(obj)))); 4584 4614 } 4585 4615 if (vtype(obj) == T_ARR) { 4586 - return tov(arr_length(js, obj)); 4616 + jsoff_t len_off = lkp(js, obj, "length", 6); 4617 + if (len_off != 0) { 4618 + return mkval(T_PROP, len_off); 4619 + } 4620 + jsval_t key = js_mkstr(js, "length", 6); 4621 + jsval_t len_val = tov(arr_length(js, obj)); 4622 + jsval_t prop = setprop(js, obj, key, len_val); 4623 + return prop; 4587 4624 } 4588 4625 } 4589 4626 if (vtype(obj) == T_STR) { ··· 4662 4699 } 4663 4700 4664 4701 if (t == T_ARR && streq(ptr, plen, "length", 6)) { 4665 - return tov(arr_length(js, l)); 4702 + jsoff_t len_off = lkp(js, l, "length", 6); 4703 + if (len_off != 0) { 4704 + return mkval(T_PROP, len_off); 4705 + } 4706 + jsval_t key = js_mkstr(js, "length", 6); 4707 + jsval_t len_val = tov(arr_length(js, l)); 4708 + jsval_t prop = setprop(js, l, key, len_val); 4709 + return prop; 4666 4710 } 4667 4711 4668 4712 if (t == T_STR || t == T_NUM || t == T_BOOL || t == T_BIGINT) { ··· 11626 11670 jsval_t arr = mkarr(js); 11627 11671 11628 11672 if (nargs == 1 && vtype(args[0]) == T_NUM) { 11629 - double d = tod(args[0]); 11630 - if (d < 0 || d != (uint32_t)d || d >= 4294967296.0) { 11631 - return js_mkerr_typed(js, JS_ERR_RANGE, "Invalid array length"); 11632 - } 11633 - jsoff_t len = (jsoff_t) d; 11673 + jsval_t err = validate_array_length(js, args[0]); 11674 + if (is_err(err)) return err; 11675 + jsoff_t len = (jsoff_t) tod(args[0]); 11634 11676 jsval_t len_key = js_mkstr(js, "length", 6); 11635 11677 jsval_t len_val = tov((double) len); 11636 11678 setprop(js, arr, len_key, len_val);