mirror of
https://github.com/RGBCube/serenity
synced 2025-07-27 17:17:45 +00:00
LibJS: Prevent stack overflow in flatten_into_array()
The check for stack space in VM from push_execution_context has been moved to a method on VM called did_reach_stack_space_limit. This allows us to check the stack size in other places besides push_execution_context. We can now verify that we have enough space on the stack before calling flatten_into_array to ensure that we don't cause a stack overflow error when calling the function with a large depth.
This commit is contained in:
parent
da51b8f39d
commit
e26cfd313e
3 changed files with 22 additions and 2 deletions
|
@ -2,6 +2,16 @@ test("length is 0", () => {
|
|||
expect(Array.prototype.flat).toHaveLength(0);
|
||||
});
|
||||
|
||||
describe("error", () => {
|
||||
test("Issue #9317, stack overflow in flatten_into_array from flat call", () => {
|
||||
var a = [];
|
||||
a[0] = a;
|
||||
expect(() => {
|
||||
a.flat(3893232121);
|
||||
}).toThrowWithMessage(Error, "Call stack size limit exceeded");
|
||||
});
|
||||
});
|
||||
|
||||
describe("normal behavior", () => {
|
||||
test("basic functionality", () => {
|
||||
var array1 = [1, 2, [3, 4]];
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue