inline Value* HashTable<Key, Value, Extractor, HashFunctions, Traits, KeyTraits>::lookup(const T& key)
{
ASSERT(m_table);
+#ifndef ASSERT_DISABLED
+ if (HashFunctions::safeToCompareToEmptyOrDeleted) {
+ ASSERT(!HashTranslator::equal(KeyTraits::emptyValue(), key));
+ ASSERT(!HashTranslator::equal(KeyTraits::deletedValue(), key));
+ }
+#endif
int k = 0;
int sizeMask = m_tableSizeMask;
inline typename HashTable<Key, Value, Extractor, HashFunctions, Traits, KeyTraits>::LookupType HashTable<Key, Value, Extractor, HashFunctions, Traits, KeyTraits>::lookupForWriting(const T& key)
{
ASSERT(m_table);
+#ifndef ASSERT_DISABLED
+ if (HashFunctions::safeToCompareToEmptyOrDeleted) {
+ ASSERT(!HashTranslator::equal(KeyTraits::emptyValue(), key));
+ ASSERT(!HashTranslator::equal(KeyTraits::deletedValue(), key));
+ }
+#endif
int k = 0;
ValueType* table = m_table;
inline typename HashTable<Key, Value, Extractor, HashFunctions, Traits, KeyTraits>::FullLookupType HashTable<Key, Value, Extractor, HashFunctions, Traits, KeyTraits>::fullLookupForWriting(const T& key)
{
ASSERT(m_table);
+#ifndef ASSERT_DISABLED
+ if (HashFunctions::safeToCompareToEmptyOrDeleted) {
+ ASSERT(!HashTranslator::equal(KeyTraits::emptyValue(), key));
+ ASSERT(!HashTranslator::equal(KeyTraits::deletedValue(), key));
+ }
+#endif
int k = 0;
ValueType* table = m_table;
template<typename T, typename Extra, typename HashTranslator>
inline pair<typename HashTable<Key, Value, Extractor, HashFunctions, Traits, KeyTraits>::iterator, bool> HashTable<Key, Value, Extractor, HashFunctions, Traits, KeyTraits>::add(const T& key, const Extra& extra)
{
+#ifndef ASSERT_DISABLED
+ if (HashFunctions::safeToCompareToEmptyOrDeleted) {
+ ASSERT(!HashTranslator::equal(KeyTraits::emptyValue(), key));
+ ASSERT(!HashTranslator::equal(KeyTraits::deletedValue(), key));
+ }
+#endif
+
invalidateIterators();
if (!m_table)
+2007-10-28 Maciej Stachowiak <mjs@apple.com>
+
+ Reviewed by Mark.
+
+ - fixed REGRESSION(r27176): Reproducible crash while trying to order dinner makes bdash sad
+ http://bugs.webkit.org/show_bug.cgi?id=15731
+
+ * bindings/js/kjs_window.cpp:
+ (KJS::Window::installTimeout): Avoid putting in or accessing empty or deleted keys.
+ (KJS::Window::clearTimeout): ditto
+ * manual-tests/bad-clearTimeout-crash.html: Added. Automated test not possible.
+
2007-10-28 Kevin Ollivier <kevino@theolliviers.com>
wx port defines for graphics and network layers.
int Window::installTimeout(ScheduledAction* a, int t, bool singleShot)
{
int timeoutId = ++lastUsedTimeoutId;
+
+ // avoid wraparound going negative on us
+ if (timeoutId <= 0)
+ timeoutId = 1;
+
int nestLevel = timerNestingLevel + 1;
DOMWindowTimer* timer = new DOMWindowTimer(timeoutId, nestLevel, this, a);
ASSERT(!d->m_timeouts.get(timeoutId));
void Window::clearTimeout(int timeoutId, bool delAction)
{
+ // timeout IDs have to be positive, and 0 and -1 are unsafe to
+ // even look up since they are the empty and deleted value
+ // respectively
+ if (timeoutId <= 0)
+ return;
+
WindowPrivate::TimeoutsMap::iterator it = d->m_timeouts.find(timeoutId);
if (it == d->m_timeouts.end())
return;
git://git.webkit.org / WebKit-https.git / commitdiff