Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(470)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/json-stringifier.h

Issue 11265011: Fix stack overflow in JSON.stringify. (Closed) Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge
Patch Set: Created 8 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « build/common.gypi ('k') | test/mjsunit/json-recursive.js » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 the V8 project authors. All rights reserved. 1 // Copyright 2012 the V8 project authors. All rights reserved.
2 // Redistribution and use in source and binary forms, with or without 2 // Redistribution and use in source and binary forms, with or without
3 // modification, are permitted provided that the following conditions are 3 // modification, are permitted provided that the following conditions are
4 // met: 4 // met:
5 // 5 //
6 // * Redistributions of source code must retain the above copyright 6 // * Redistributions of source code must retain the above copyright
7 // notice, this list of conditions and the following disclaimer. 7 // notice, this list of conditions and the following disclaimer.
8 // * Redistributions in binary form must reproduce the above 8 // * Redistributions in binary form must reproduce the above
9 // copyright notice, this list of conditions and the following 9 // copyright notice, this list of conditions and the following
10 // disclaimer in the documentation and/or other materials provided 10 // disclaimer in the documentation and/or other materials provided
(...skipping 27 matching lines...) Expand all
38 class BasicJsonStringifier BASE_EMBEDDED { 38 class BasicJsonStringifier BASE_EMBEDDED {
39 public: 39 public:
40 explicit BasicJsonStringifier(Isolate* isolate); 40 explicit BasicJsonStringifier(Isolate* isolate);
41 41
42 MaybeObject* Stringify(Handle<Object> object); 42 MaybeObject* Stringify(Handle<Object> object);
43 43
44 private: 44 private:
45 static const int kInitialPartLength = 32; 45 static const int kInitialPartLength = 32;
46 static const int kMaxPartLength = 16 * 1024; 46 static const int kMaxPartLength = 16 * 1024;
47 static const int kPartLengthGrowthFactor = 2; 47 static const int kPartLengthGrowthFactor = 2;
48 static const int kStackLimit = 8 * 1024; 48 static const int kStackLimit = 4 * 1024;
49 49
50 enum Result { UNCHANGED, SUCCESS, BAILOUT, CIRCULAR, STACK_OVERFLOW }; 50 enum Result { UNCHANGED, SUCCESS, BAILOUT, CIRCULAR, STACK_OVERFLOW };
51 51
52 template <bool is_ascii> void Extend(); 52 template <bool is_ascii> void Extend();
53 53
54 void ChangeEncoding(); 54 void ChangeEncoding();
55 55
56 void ShrinkCurrentPart(); 56 void ShrinkCurrentPart();
57 57
58 template <bool is_ascii, typename Char> 58 template <bool is_ascii, typename Char>
(...skipping 333 matching lines...) Expand 10 before | Expand all | Expand 10 after
392 char chars[kBufferSize]; 392 char chars[kBufferSize];
393 Vector<char> buffer(chars, kBufferSize); 393 Vector<char> buffer(chars, kBufferSize);
394 Append(DoubleToCString(number, buffer)); 394 Append(DoubleToCString(number, buffer));
395 return SUCCESS; 395 return SUCCESS;
396 } 396 }
397 397
398 398
399 BasicJsonStringifier::Result BasicJsonStringifier::SerializeArray( 399 BasicJsonStringifier::Result BasicJsonStringifier::SerializeArray(
400 Handle<JSArray> object) { 400 Handle<JSArray> object) {
401 HandleScope handle_scope(isolate_); 401 HandleScope handle_scope(isolate_);
402 if (StackPush(object) == CIRCULAR) return CIRCULAR; 402 Result stack_push = StackPush(object);
403 if (stack_push != SUCCESS) return stack_push;
403 int length = Smi::cast(object->length())->value(); 404 int length = Smi::cast(object->length())->value();
404 Append('['); 405 Append('[');
405 switch (object->GetElementsKind()) { 406 switch (object->GetElementsKind()) {
406 case FAST_SMI_ELEMENTS: { 407 case FAST_SMI_ELEMENTS: {
407 Handle<FixedArray> elements = Handle<FixedArray>( 408 Handle<FixedArray> elements = Handle<FixedArray>(
408 FixedArray::cast(object->elements())); 409 FixedArray::cast(object->elements()));
409 for (int i = 0; i < length; i++) { 410 for (int i = 0; i < length; i++) {
410 if (i > 0) Append(','); 411 if (i > 0) Append(',');
411 SerializeSmi(Smi::cast(elements->get(i))); 412 SerializeSmi(Smi::cast(elements->get(i)));
412 } 413 }
(...skipping 264 matching lines...) Expand 10 before | Expand all | Expand 10 after
677 SerializeString_<false, char>(flat.ToAsciiVector(), object); 678 SerializeString_<false, char>(flat.ToAsciiVector(), object);
678 } else { 679 } else {
679 SerializeString_<false, uc16>(flat.ToUC16Vector(), object); 680 SerializeString_<false, uc16>(flat.ToUC16Vector(), object);
680 } 681 }
681 } 682 }
682 } 683 }
683 684
684 } } // namespace v8::internal 685 } } // namespace v8::internal
685 686
686 #endif // V8_JSON_STRINGIFIER_H_ 687 #endif // V8_JSON_STRINGIFIER_H_
OLDNEW
« no previous file with comments | « build/common.gypi ('k') | test/mjsunit/json-recursive.js » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698