diff --git a/compiler_service/interface/aot_compiler_interface_stub.cpp b/compiler_service/interface/aot_compiler_interface_stub.cpp index 1fef836457..f6bbf81ee3 100644 --- a/compiler_service/interface/aot_compiler_interface_stub.cpp +++ b/compiler_service/interface/aot_compiler_interface_stub.cpp @@ -51,6 +51,10 @@ int32_t AotCompilerInterfaceStub::CommandAOTCompiler(MessageParcel &data, { std::unordered_map argsMap; int32_t argsMapSize = data.ReadInt32(); + if (argsMapSize > mapMaxSize) { + HiLog::Error(LABEL, "The map size exceeds ths security limit!"); + return ERR_INVALID_DATA; + } for (int32_t i = 0; i < argsMapSize; ++i) { std::string key = Str16ToStr8(data.ReadString16()); std::string value = Str16ToStr8(data.ReadString16()); diff --git a/ecmascript/builtins/builtins_regexp.cpp b/ecmascript/builtins/builtins_regexp.cpp index ae9c951a4c..9f105998f7 100644 --- a/ecmascript/builtins/builtins_regexp.cpp +++ b/ecmascript/builtins/builtins_regexp.cpp @@ -395,49 +395,49 @@ JSTaggedValue BuiltinsRegExp::GetAllFlagsInternal(JSThread *thread, JSHandle emptyString = factory->GetEmptyString(); JSHandle hasIndicesKey(factory->NewFromASCII("hasIndices")); JSHandle hasIndicesResult = JSObject::GetProperty(thread, thisObj, hasIndicesKey).GetValue(); - RETURN_VALUE_IF_ABRUPT_COMPLETION(thread, emptyString.GetTaggedValue()); + RETURN_VALUE_IF_ABRUPT_COMPLETION_WITH_DATA_DELETE(thread, emptyString.GetTaggedValue(), flagsStr); if (hasIndicesResult->ToBoolean()) { flagsStr[flagsLen] = 'd'; flagsLen++; } JSHandle globalKey(globalConstants->GetHandledGlobalString()); JSHandle globalResult = JSObject::GetProperty(thread, thisObj, globalKey).GetValue(); - RETURN_VALUE_IF_ABRUPT_COMPLETION(thread, emptyString.GetTaggedValue()); + RETURN_VALUE_IF_ABRUPT_COMPLETION_WITH_DATA_DELETE(thread, emptyString.GetTaggedValue(), flagsStr); if (globalResult->ToBoolean()) { flagsStr[flagsLen] = 'g'; flagsLen++; } JSHandle ignoreCaseKey(factory->NewFromASCII("ignoreCase")); JSHandle ignoreCaseResult = JSObject::GetProperty(thread, thisObj, ignoreCaseKey).GetValue(); - RETURN_VALUE_IF_ABRUPT_COMPLETION(thread, emptyString.GetTaggedValue()); + RETURN_VALUE_IF_ABRUPT_COMPLETION_WITH_DATA_DELETE(thread, emptyString.GetTaggedValue(), flagsStr); if (ignoreCaseResult->ToBoolean()) { flagsStr[flagsLen] = 'i'; flagsLen++; } JSHandle multilineKey(factory->NewFromASCII("multiline")); JSHandle multilineResult = JSObject::GetProperty(thread, thisObj, multilineKey).GetValue(); - RETURN_VALUE_IF_ABRUPT_COMPLETION(thread, emptyString.GetTaggedValue()); + RETURN_VALUE_IF_ABRUPT_COMPLETION_WITH_DATA_DELETE(thread, emptyString.GetTaggedValue(), flagsStr); if (multilineResult->ToBoolean()) { flagsStr[flagsLen] = 'm'; flagsLen++; } JSHandle dotAllKey(factory->NewFromASCII("dotAll")); JSHandle dotAllResult = JSObject::GetProperty(thread, thisObj, dotAllKey).GetValue(); - RETURN_VALUE_IF_ABRUPT_COMPLETION(thread, emptyString.GetTaggedValue()); + RETURN_VALUE_IF_ABRUPT_COMPLETION_WITH_DATA_DELETE(thread, emptyString.GetTaggedValue(), flagsStr); if (dotAllResult->ToBoolean()) { flagsStr[flagsLen] = 's'; flagsLen++; } JSHandle unicodeKey(globalConstants->GetHandledUnicodeString()); JSHandle unicodeResult = JSObject::GetProperty(thread, thisObj, unicodeKey).GetValue(); - RETURN_VALUE_IF_ABRUPT_COMPLETION(thread, emptyString.GetTaggedValue()); + RETURN_VALUE_IF_ABRUPT_COMPLETION_WITH_DATA_DELETE(thread, emptyString.GetTaggedValue(), flagsStr); if (unicodeResult->ToBoolean()) { flagsStr[flagsLen] = 'u'; flagsLen++; } JSHandle stickyKey(globalConstants->GetHandledStickyString()); JSHandle stickyResult = JSObject::GetProperty(thread, thisObj, stickyKey).GetValue(); - RETURN_VALUE_IF_ABRUPT_COMPLETION(thread, emptyString.GetTaggedValue()); + RETURN_VALUE_IF_ABRUPT_COMPLETION_WITH_DATA_DELETE(thread, emptyString.GetTaggedValue(), flagsStr); if (stickyResult->ToBoolean()) { flagsStr[flagsLen] = 'y'; flagsLen++; diff --git a/ecmascript/containers/containers_bitvector.cpp b/ecmascript/containers/containers_bitvector.cpp index 20310d2d39..ceb01dde30 100644 --- a/ecmascript/containers/containers_bitvector.cpp +++ b/ecmascript/containers/containers_bitvector.cpp @@ -512,15 +512,13 @@ JSTaggedValue ContainersBitVector::GetIteratorObj(EcmaRuntimeCallInfo* argv) return values; } -void ContainersBitVector::FreeBitsetVectorPointer([[maybe_unused]] void *env, void *pointer, void *data) +void ContainersBitVector::FreeBitsetVectorPointer([[maybe_unused]] void *env, void *pointer, + [[maybe_unused]] void *data) { if (pointer == nullptr) { return; } - auto bitsetVector = reinterpret_cast *>(pointer); + auto bitsetVector = reinterpret_cast> *>(pointer); delete bitsetVector; - if (data != nullptr) { - reinterpret_cast(data)->GetNativeAreaAllocator()->FreeBuffer(pointer); - } } } // namespace panda::ecmascript::containers diff --git a/ecmascript/containers/containers_private.cpp b/ecmascript/containers/containers_private.cpp index 8ff90fcd55..df015a6da3 100644 --- a/ecmascript/containers/containers_private.cpp +++ b/ecmascript/containers/containers_private.cpp @@ -895,6 +895,7 @@ JSHandle ContainersPrivate::InitializeBitVector(JSThread* thread) SetFrozenFunction(thread, prototype, "getLastIndexOf", ContainersBitVector::GetLastIndexOf, FuncLength::THREE); SetFrozenFunction(thread, prototype, "flipBitByIndex", ContainersBitVector::FlipBitByIndex, FuncLength::ONE); SetFrozenFunction(thread, prototype, "flipBitsByRange", ContainersBitVector::FlipBitsByRange, FuncLength::TWO); + SetFrozenFunction(thread, prototype, "values", ContainersBitVector::GetIteratorObj, FuncLength::ZERO); JSHandle env = thread->GetEcmaVM()->GetGlobalEnv(); SetStringTagSymbol(thread, env, prototype, "BitVector"); @@ -904,8 +905,6 @@ JSHandle ContainersPrivate::InitializeBitVector(JSThread* thread) JSHandle lengthKey(thread, globalConst->GetLengthString()); SetGetter(thread, prototype, lengthKey, lengthGetter); - SetFunctionAtSymbol(thread, env, prototype, env->GetIteratorSymbol(), "[Symbol.iterator]", - ContainersBitVector::GetIteratorObj, FuncLength::ONE); ContainersPrivate::InitializeBitVectorIterator(thread, env, globalConst); globalConst->SetConstant(ConstantIndex::BITVECTOR_FUNCTION_INDEX, bitVectorFunction.GetTaggedValue()); diff --git a/ecmascript/dfx/stackinfo/js_stackinfo.cpp b/ecmascript/dfx/stackinfo/js_stackinfo.cpp index 7505d8ea14..5b819b170b 100644 --- a/ecmascript/dfx/stackinfo/js_stackinfo.cpp +++ b/ecmascript/dfx/stackinfo/js_stackinfo.cpp @@ -1173,6 +1173,7 @@ std::string ArkGetFileName(int pid, uintptr_t jsPandaFileAddr, std::string &hapP for (size_t i = 0; i < size; i++) { if (!ReadUintptrFromAddr(pid, jsPandaFileAddr, jsPandaFilePart[i], g_needCheck)) { LOG_ECMA(ERROR) << "ArkGetFilePath failed, jsPandaFileAddr: " << jsPandaFileAddr; + delete []jsPandaFilePart; return ""; } jsPandaFileAddr += sizeof(long); diff --git a/ecmascript/ecma_macros.h b/ecmascript/ecma_macros.h index 2031755c19..8aecc52cd3 100644 --- a/ecmascript/ecma_macros.h +++ b/ecmascript/ecma_macros.h @@ -225,6 +225,15 @@ } \ } while (false) +// NOLINTNEXTLINE(cppcoreguidelines-macro-usage) +#define RETURN_VALUE_IF_ABRUPT_COMPLETION_WITH_DATA_DELETE(thread, value, flagsStr) \ + do { \ + if ((thread)->HasPendingException()) { \ + delete[] flagsStr; \ + return (value); \ + } \ + } while (false) + // NOLINTNEXTLINE(cppcoreguidelines-macro-usage) #define RETURN_EXCEPTION_IF_ABRUPT_COMPLETION(thread) \ do { \ diff --git a/ecmascript/extractortool/src/source_map.cpp b/ecmascript/extractortool/src/source_map.cpp index 75ecbd0e11..a606988ba9 100644 --- a/ecmascript/extractortool/src/source_map.cpp +++ b/ecmascript/extractortool/src/source_map.cpp @@ -39,7 +39,6 @@ static constexpr int32_t INDEX_THREE = 3; static constexpr int32_t INDEX_FOUR = 4; static constexpr int32_t ANS_MAP_SIZE = 5; static constexpr int32_t DIGIT_NUM = 64; -[[maybe_unused]] static constexpr int32_t MILLION_TIME = 1000; const std::string MEGER_SOURCE_MAP_PATH = "ets/sourceMaps.map"; static const CString FLAG_SOURCES = " \"sources\":"; @@ -104,8 +103,8 @@ void SourceMap::Init(const std::string& hapPath) SplitSourceMap(sourceMapData); } auto end = Clock::now(); - auto duration = std::chrono::duration_cast(end - start); - LOG_ECMA(DEBUG) << "Init sourcemap time: " << (float) (duration.count() / MILLION_TIME) << "ms"; + auto duration = std::chrono::duration_cast(end - start); + LOG_ECMA(DEBUG) << "Init sourcemap time: " << duration.count() << "ms"; } #endif diff --git a/ecmascript/extractortool/src/zip_file.cpp b/ecmascript/extractortool/src/zip_file.cpp index e7422002d1..5f4d5c3d51 100644 --- a/ecmascript/extractortool/src/zip_file.cpp +++ b/ecmascript/extractortool/src/zip_file.cpp @@ -686,6 +686,8 @@ bool ZipFile::UnzipWithInflatedFromMMap(const ZipEntry &zipEntry, [[maybe_unused len = zipEntry.uncompressedSize; dataPtr = std::make_unique(len); if (!dataPtr) { + delete[] bufOut; + delete[] bufIn; return false; } uint8_t *dstDataPtr = static_cast(dataPtr.get()); diff --git a/ecmascript/mem/heap.cpp b/ecmascript/mem/heap.cpp index 827ac115b8..4de843afd1 100644 --- a/ecmascript/mem/heap.cpp +++ b/ecmascript/mem/heap.cpp @@ -1743,17 +1743,18 @@ void Heap::PostParallelGCTask(ParallelGCTaskPhase gcTask) void Heap::ChangeGCParams(bool inBackground) { + const double doubleOne = 1.0; inBackground_ = inBackground; if (inBackground) { LOG_GC(INFO) << "app is inBackground"; if (GetHeapObjectSize() - heapAliveSizeAfterGC_ > BACKGROUND_GROW_LIMIT && GetCommittedSize() >= MIN_BACKGROUNG_GC_LIMIT && - GetHeapObjectSize() / GetCommittedSize() <= MIN_OBJECT_SURVIVAL_RATE) { + doubleOne * GetHeapObjectSize() / GetCommittedSize() <= MIN_OBJECT_SURVIVAL_RATE) { CollectGarbage(TriggerGCType::FULL_GC, GCReason::SWITCH_BACKGROUND); } if (sHeap_->GetHeapObjectSize() - sHeap_->GetHeapAliveSizeAfterGC() > BACKGROUND_GROW_LIMIT && sHeap_->GetCommittedSize() >= MIN_BACKGROUNG_GC_LIMIT && - sHeap_->GetHeapObjectSize() / sHeap_->GetCommittedSize() <= MIN_OBJECT_SURVIVAL_RATE) { + doubleOne * sHeap_->GetHeapObjectSize() / sHeap_->GetCommittedSize() <= MIN_OBJECT_SURVIVAL_RATE) { sHeap_->CollectGarbage(thread_); } if (GetMemGrowingType() != MemGrowingType::PRESSURE) { diff --git a/ecmascript/napi/dfx_jsnapi.cpp b/ecmascript/napi/dfx_jsnapi.cpp index 3666aef585..bc4cdd0090 100644 --- a/ecmascript/napi/dfx_jsnapi.cpp +++ b/ecmascript/napi/dfx_jsnapi.cpp @@ -187,6 +187,15 @@ void DFXJSNApi::DumpHeapSnapshotWithVm([[maybe_unused]] const EcmaVM *vm, [[mayb { #if defined(ECMASCRIPT_SUPPORT_SNAPSHOT) #if defined(ENABLE_DUMP_IN_FAULTLOG) + uv_loop_t *loop = reinterpret_cast(vm->GetLoop()); + if (loop == nullptr) { + LOG_ECMA(ERROR) << "loop nullptr"; + return; + } + if (uv_loop_alive(loop) == 0) { + LOG_ECMA(ERROR) << "uv_loop_alive dead"; + return; + } struct DumpForSnapShotStruct *dumpStruct = new DumpForSnapShotStruct(); dumpStruct->vm = vm; dumpStruct->dumpFormat = dumpFormat; @@ -200,15 +209,6 @@ void DFXJSNApi::DumpHeapSnapshotWithVm([[maybe_unused]] const EcmaVM *vm, [[mayb return; } work->data = static_cast(dumpStruct); - uv_loop_t *loop = reinterpret_cast(vm->GetLoop()); - if (loop == nullptr) { - LOG_ECMA(ERROR) << "loop nullptr"; - return; - } - if (uv_loop_alive(loop) == 0) { - LOG_ECMA(ERROR) << "uv_loop_alive dead"; - return; - } uint32_t curTid = vm->GetTid(); int ret = 0; @@ -279,11 +279,6 @@ void DFXJSNApi::TriggerGCWithVm([[maybe_unused]] const EcmaVM *vm) { #if defined(ECMASCRIPT_SUPPORT_SNAPSHOT) #if defined(ENABLE_DUMP_IN_FAULTLOG) - uv_work_t *work = new uv_work_t; - if (work == nullptr) { - LOG_ECMA(FATAL) << "DFXJSNApi::TriggerGCWithVm:work is nullptr"; - } - work->data = static_cast(const_cast(vm)); uv_loop_t *loop = reinterpret_cast(vm->GetLoop()); if (loop == nullptr) { LOG_ECMA(ERROR) << "loop nullptr"; @@ -293,6 +288,11 @@ void DFXJSNApi::TriggerGCWithVm([[maybe_unused]] const EcmaVM *vm) LOG_ECMA(ERROR) << "uv_loop_alive dead"; return; } + uv_work_t *work = new uv_work_t; + if (work == nullptr) { + LOG_ECMA(FATAL) << "DFXJSNApi::TriggerGCWithVm:work is nullptr"; + } + work->data = static_cast(const_cast(vm)); int ret = uv_queue_work(loop, work, [](uv_work_t *) {}, [](uv_work_t *work, int32_t) { EcmaVM *vm = static_cast(work->data); ecmascript::ThreadManagedScope managedScope(vm->GetJSThread()); diff --git a/ecmascript/pgo_profiler/pgo_profiler_decoder.cpp b/ecmascript/pgo_profiler/pgo_profiler_decoder.cpp index 8c77399620..26ba1ab14d 100644 --- a/ecmascript/pgo_profiler/pgo_profiler_decoder.cpp +++ b/ecmascript/pgo_profiler/pgo_profiler_decoder.cpp @@ -246,6 +246,7 @@ bool PGOProfilerDecoder::InitMergeData() if (!header_) { // For merge scene, we only care about the ap capability which is in the version field. PGOProfilerHeader::Build(&header_, sizeof(PGOProfilerHeader)); + ASSERT(header_ != nullptr); memset_s(header_, sizeof(PGOProfilerHeader), 0, sizeof(PGOProfilerHeader)); } if (!abcFilePool_) {