String overflow in JSC::createError results in ASSERT in WTF::makeString
authortzagallo@apple.com <tzagallo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 19 Dec 2018 11:33:12 +0000 (11:33 +0000)
committertzagallo@apple.com <tzagallo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 19 Dec 2018 11:33:12 +0000 (11:33 +0000)
commit68eedff6911ce18e8e6b3ffd94c2268f684c9ea0
treebac3c478f7304e1da7e6f61da14952e832e712e5
parent7f8a9fee911fb4ac4a664075a25ae21588083144
String overflow in JSC::createError results in ASSERT in WTF::makeString
https://bugs.webkit.org/show_bug.cgi?id=192833
<rdar://problem/45706868>

Reviewed by Mark Lam.

JSTests:

* stress/string-overflow-createError.js: Added.

Source/JavaScriptCore:

JSC::createError was calling WTF::makeString which would result in an
assertion failure when the string was too big. Change it to call
WTF::tryMakeString instead and return an OutOfMemory error if we fail
to create the error string.

* runtime/ExceptionHelpers.cpp:
(JSC::createError):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239375 268f45cc-cd09-0410-ab3c-d52691b4dbfc
JSTests/ChangeLog
JSTests/stress/string-overflow-createError.js [new file with mode: 0644]
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/runtime/ExceptionHelpers.cpp