mirror of
				https://github.com/RGBCube/serenity
				synced 2025-10-26 03:02:06 +00:00 
			
		
		
		
	 85e313077a
			
		
	
	
		85e313077a
		
	
	
	
	
		
			
			In a subclass of Cell, we cannot use Cell::vm() before the base Cell object itself is constructed. Use the Realm's VM instead. This was caught by UBSAN with vptr sanitation enabled.
		
			
				
	
	
		
			77 lines
		
	
	
	
		
			2.9 KiB
		
	
	
	
		
			C++
		
	
	
	
	
	
			
		
		
	
	
			77 lines
		
	
	
	
		
			2.9 KiB
		
	
	
	
		
			C++
		
	
	
	
	
	
| /*
 | |
|  * Copyright (c) 2021, Idan Horowitz <idan.horowitz@serenityos.org>
 | |
|  *
 | |
|  * SPDX-License-Identifier: BSD-2-Clause
 | |
|  */
 | |
| 
 | |
| #include <AK/Checked.h>
 | |
| #include <LibJS/Runtime/AbstractOperations.h>
 | |
| #include <LibJS/Runtime/DataView.h>
 | |
| #include <LibJS/Runtime/DataViewConstructor.h>
 | |
| #include <LibJS/Runtime/Error.h>
 | |
| #include <LibJS/Runtime/GlobalObject.h>
 | |
| 
 | |
| namespace JS {
 | |
| 
 | |
| DataViewConstructor::DataViewConstructor(Realm& realm)
 | |
|     : NativeFunction(realm.vm().names.DataView.as_string(), *realm.intrinsics().function_prototype())
 | |
| {
 | |
| }
 | |
| 
 | |
| void DataViewConstructor::initialize(Realm& realm)
 | |
| {
 | |
|     auto& vm = this->vm();
 | |
|     NativeFunction::initialize(realm);
 | |
| 
 | |
|     // 25.3.3.1 DataView.prototype, https://tc39.es/ecma262/#sec-dataview.prototype
 | |
|     define_direct_property(vm.names.prototype, realm.intrinsics().data_view_prototype(), 0);
 | |
| 
 | |
|     define_direct_property(vm.names.length, Value(1), Attribute::Configurable);
 | |
| }
 | |
| 
 | |
| // 25.3.2.1 DataView ( buffer [ , byteOffset [ , byteLength ] ] ), https://tc39.es/ecma262/#sec-dataview-buffer-byteoffset-bytelength
 | |
| ThrowCompletionOr<Value> DataViewConstructor::call()
 | |
| {
 | |
|     auto& vm = this->vm();
 | |
|     return vm.throw_completion<TypeError>(ErrorType::ConstructorWithoutNew, vm.names.DataView);
 | |
| }
 | |
| 
 | |
| // 25.3.2.1 DataView ( buffer [ , byteOffset [ , byteLength ] ] ), https://tc39.es/ecma262/#sec-dataview-buffer-byteoffset-bytelength
 | |
| ThrowCompletionOr<Object*> DataViewConstructor::construct(FunctionObject& new_target)
 | |
| {
 | |
|     auto& vm = this->vm();
 | |
| 
 | |
|     auto buffer = vm.argument(0);
 | |
|     if (!buffer.is_object() || !is<ArrayBuffer>(buffer.as_object()))
 | |
|         return vm.throw_completion<TypeError>(ErrorType::IsNotAn, buffer.to_string_without_side_effects(), vm.names.ArrayBuffer);
 | |
| 
 | |
|     auto& array_buffer = static_cast<ArrayBuffer&>(buffer.as_object());
 | |
| 
 | |
|     auto offset = TRY(vm.argument(1).to_index(vm));
 | |
| 
 | |
|     if (array_buffer.is_detached())
 | |
|         return vm.throw_completion<TypeError>(ErrorType::DetachedArrayBuffer);
 | |
| 
 | |
|     auto buffer_byte_length = array_buffer.byte_length();
 | |
|     if (offset > buffer_byte_length)
 | |
|         return vm.throw_completion<RangeError>(ErrorType::DataViewOutOfRangeByteOffset, offset, buffer_byte_length);
 | |
| 
 | |
|     size_t view_byte_length;
 | |
|     if (vm.argument(2).is_undefined()) {
 | |
|         view_byte_length = buffer_byte_length - offset;
 | |
|     } else {
 | |
|         view_byte_length = TRY(vm.argument(2).to_index(vm));
 | |
|         auto const checked_add = AK::make_checked(view_byte_length) + AK::make_checked(offset);
 | |
|         if (checked_add.has_overflow() || checked_add.value() > buffer_byte_length)
 | |
|             return vm.throw_completion<RangeError>(ErrorType::InvalidLength, vm.names.DataView);
 | |
|     }
 | |
| 
 | |
|     auto* data_view = TRY(ordinary_create_from_constructor<DataView>(vm, new_target, &Intrinsics::data_view_prototype, &array_buffer, view_byte_length, offset));
 | |
| 
 | |
|     if (array_buffer.is_detached())
 | |
|         return vm.throw_completion<TypeError>(ErrorType::DetachedArrayBuffer);
 | |
| 
 | |
|     return data_view;
 | |
| }
 | |
| 
 | |
| }
 |