Add more validation logic to CompressibleVector
authoroliver@apple.com <oliver@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 23 Aug 2013 20:30:23 +0000 (20:30 +0000)
committeroliver@apple.com <oliver@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 23 Aug 2013 20:30:23 +0000 (20:30 +0000)
https://bugs.webkit.org/show_bug.cgi?id=120227

Reviewed by Brent Fulgham.

Add a pile of assertions to try on catch whatever is going wrong
in the windows environment or other platforms.

* wtf/Compression.cpp:
(WTF::GenericCompressedData::create):
(WTF::GenericCompressedData::decompress):
* wtf/Compression.h:
(WTF::CompressedVector::decompress):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@154516 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WTF/ChangeLog
Source/WTF/wtf/Compression.cpp
Source/WTF/wtf/Compression.h

index f26ecb6..f88e810 100644 (file)
@@ -1,3 +1,19 @@
+2013-08-23  Oliver Hunt  <oliver@apple.com>
+
+        Add more validation logic to CompressibleVector
+        https://bugs.webkit.org/show_bug.cgi?id=120227
+
+        Reviewed by Brent Fulgham.
+
+        Add a pile of assertions to try on catch whatever is going wrong
+        in the windows environment or other platforms.
+
+        * wtf/Compression.cpp:
+        (WTF::GenericCompressedData::create):
+        (WTF::GenericCompressedData::decompress):
+        * wtf/Compression.h:
+        (WTF::CompressedVector::decompress):
+
 2013-08-23  Alex Christensen  <achristensen@apple.com>
 
         Re-separating Win32 and Win64 builds.
index 836bfab..17c3fbe 100644 (file)
@@ -71,7 +71,7 @@ PassOwnPtr<GenericCompressedData> GenericCompressedData::create(const uint8_t* d
     size_t currentOffset = OBJECT_OFFSETOF(GenericCompressedData, m_data);
     size_t currentCapacity = fastMallocGoodSize(MinimumSize);
     Bytef* compressedData = static_cast<Bytef*>(fastMalloc(currentCapacity));
-    memset(compressedData, 0, currentCapacity);
+    memset(compressedData, 0, sizeof(GenericCompressedData));
     stream.next_out = compressedData + currentOffset;
     stream.avail_out = currentCapacity - currentOffset;
 
@@ -126,8 +126,10 @@ PassOwnPtr<GenericCompressedData> GenericCompressedData::create(const uint8_t* d
     return adoptPtr(result);
 }
 
-bool GenericCompressedData::decompress(uint8_t* destination, size_t bufferSize)
+bool GenericCompressedData::decompress(uint8_t* destination, size_t bufferSize, size_t* decompressedByteCount)
 {
+    if (decompressedByteCount)
+        *decompressedByteCount = 0;
     z_stream stream;
     memset(&stream, 0, sizeof(stream));
     stream.zalloc = zAlloc;
@@ -146,6 +148,10 @@ bool GenericCompressedData::decompress(uint8_t* destination, size_t bufferSize)
     int inflateResult = inflate(&stream, Z_FINISH);
     inflateEnd(&stream);
 
+    ASSERT(stream.total_out <= bufferSize);
+    if (decompressedByteCount)
+        *decompressedByteCount = stream.total_out;
+
     if (inflateResult != Z_STREAM_END) {
         ASSERT_NOT_REACHED();
         return false;
index e280936..160d410 100644 (file)
@@ -38,7 +38,7 @@ public:
     uint32_t compressedSize() const { return m_compressedSize; }
     uint32_t originalSize() const { return m_originalSize; }
 
-    WTF_EXPORT_PRIVATE bool decompress(uint8_t* destination, size_t bufferSize);
+    WTF_EXPORT_PRIVATE bool decompress(uint8_t* destination, size_t bufferSize, size_t* decompressedByteCount = 0);
     
 private:
     GenericCompressedData(size_t originalSize, size_t compressedSize)
@@ -65,7 +65,12 @@ public:
     void decompress(Vector<T>& destination)
     {
         Vector<T> output(originalSize() / sizeof(T));
-        GenericCompressedData::decompress(reinterpret_cast<uint8_t*>(output.data()), originalSize());
+        ASSERT(output.size() * sizeof(T) == originalSize());
+        size_t decompressedByteCount = 0;
+        GenericCompressedData::decompress(reinterpret_cast<uint8_t*>(output.data()), originalSize(), &decompressedByteCount);
+        ASSERT(decompressedByteCount == originalSize());
+        ASSERT(output.size() * sizeof(T) == decompressedByteCount);
+
         destination.swap(output);
     }