mirrors/quickjs
1
0
Fork 0
mirror of https://github.com/bellard/quickjs.git synced 2025-05-12 03:05:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

workaround for overflow test in JS_GetOwnPropertyNamesInternal() (#111)

Browse Source
This commit is contained in:
Fabrice Bellard 2025-04-05 16:19:25 +02:00
parent beeb2725cd
commit c1bf4e99db
1 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
quickjs.c
View File

@ -7936,7 +7936,21 @@ static int __exception JS_GetOwnPropertyNamesInternal(JSContext *ctx,
/* fill them */
atom_count = num_keys_count + str_keys_count + sym_keys_count + exotic_keys_count;
atom_count = num_keys_count + str_keys_count;
if (atom_count < str_keys_count)
goto add_overflow;
atom_count += sym_keys_count;
if (atom_count < sym_keys_count)
goto add_overflow;
atom_count += exotic_keys_count;
if (atom_count < exotic_keys_count || atom_count > INT32_MAX) {
add_overflow:
JS_ThrowOutOfMemory(ctx);
js_free_prop_enum(ctx, tab_exotic, exotic_count);
return -1;
}
/* XXX: need generic way to test for js_malloc(ctx, a * b) overflow */
/* avoid allocating 0 bytes */
tab_atom = js_malloc(ctx, sizeof(tab_atom[0]) * max_int(atom_count, 1));
if (!tab_atom) {