From c1d60e2f394f1d6b692e58f68655cc574d39247f Mon Sep 17 00:00:00 2001 From: Jan de Mooij Date: Mon, 25 Apr 2016 13:34:38 +0200 Subject: [PATCH] Bug 1265690 part 2 - Fix some more OOM issues in TypedObject code. r=jonco --- js/src/builtin/TypedObject.cpp | 46 +++++++++++++--------------------- 1 file changed, 17 insertions(+), 29 deletions(-) diff --git a/js/src/builtin/TypedObject.cpp b/js/src/builtin/TypedObject.cpp index 5aeaf547fb4a..56ae7031c256 100644 --- a/js/src/builtin/TypedObject.cpp +++ b/js/src/builtin/TypedObject.cpp @@ -644,8 +644,10 @@ ArrayMetaTypeDescr::create(JSContext* cx, if (!CreateTraceList(cx, obj)) return nullptr; - if (!cx->zone()->typeDescrObjects.put(obj)) + if (!cx->zone()->typeDescrObjects.put(obj)) { + ReportOutOfMemory(cx); return nullptr; + } return obj; } @@ -803,10 +805,8 @@ StructMetaTypeDescr::create(JSContext* cx, if (!userFieldTypes) return nullptr; - if (!stringBuffer.append("new StructType({")) { - ReportOutOfMemory(cx); + if (!stringBuffer.append("new StructType({")) return nullptr; - } RootedValue fieldTypeVal(cx); RootedId id(cx); @@ -834,14 +834,10 @@ StructMetaTypeDescr::create(JSContext* cx, // Collect field name and type object RootedValue fieldName(cx, IdToValue(id)); - if (!fieldNames.append(fieldName)) { - ReportOutOfMemory(cx); + if (!fieldNames.append(fieldName)) return nullptr; - } - if (!fieldTypeObjs.append(ObjectValue(*fieldType))) { - ReportOutOfMemory(cx); + if (!fieldTypeObjs.append(ObjectValue(*fieldType))) return nullptr; - } // userFieldTypes[id] = typeObj if (!DefineProperty(cx, userFieldTypes, id, fieldTypeObjs[i], nullptr, nullptr, @@ -851,22 +847,14 @@ StructMetaTypeDescr::create(JSContext* cx, } // Append "f:Type" to the string repr - if (i > 0 && !stringBuffer.append(", ")) { - ReportOutOfMemory(cx); + if (i > 0 && !stringBuffer.append(", ")) return nullptr; - } - if (!stringBuffer.append(JSID_TO_ATOM(id))) { - ReportOutOfMemory(cx); + if (!stringBuffer.append(JSID_TO_ATOM(id))) return nullptr; - } - if (!stringBuffer.append(": ")) { - ReportOutOfMemory(cx); + if (!stringBuffer.append(": ")) return nullptr; - } - if (!stringBuffer.append(&fieldType->stringRepr())) { - ReportOutOfMemory(cx); + if (!stringBuffer.append(&fieldType->stringRepr())) return nullptr; - } // Offset of this field is the current total size adjusted for // the field's alignment. @@ -877,10 +865,8 @@ StructMetaTypeDescr::create(JSContext* cx, return nullptr; } MOZ_ASSERT(offset.value() >= 0); - if (!fieldOffsets.append(Int32Value(offset.value()))) { - ReportOutOfMemory(cx); + if (!fieldOffsets.append(Int32Value(offset.value()))) return nullptr; - } // userFieldOffsets[id] = offset RootedValue offsetValue(cx, Int32Value(offset.value())); @@ -907,10 +893,9 @@ StructMetaTypeDescr::create(JSContext* cx, } // Complete string representation. - if (!stringBuffer.append("})")) { - ReportOutOfMemory(cx); + if (!stringBuffer.append("})")) return nullptr; - } + RootedAtom stringRepr(cx, stringBuffer.finishAtom()); if (!stringRepr) return nullptr; @@ -1007,6 +992,7 @@ StructMetaTypeDescr::create(JSContext* cx, if (!cx->zone()->typeDescrObjects.put(descr) || !cx->zone()->typeDescrObjects.put(fieldTypeVec)) { + ReportOutOfMemory(cx); return nullptr; } @@ -1176,8 +1162,10 @@ DefineSimpleTypeDescr(JSContext* cx, if (!CreateTraceList(cx, descr)) return false; - if (!cx->zone()->typeDescrObjects.put(descr)) + if (!cx->zone()->typeDescrObjects.put(descr)) { + ReportOutOfMemory(cx); return false; + } return true; }