2011-06-08 Mikołaj Małecki <m.malecki@samsung.com>
authorloislo@chromium.org <loislo@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 9 Jun 2011 12:42:40 +0000 (12:42 +0000)
committerloislo@chromium.org <loislo@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 9 Jun 2011 12:42:40 +0000 (12:42 +0000)
commit1fbaf9a7e89fe15b3a93f85c434354da22aaccdd
treefd801b65f86df9f5541a9b1f3d52fb7fa7592a49
parentdd5145660f9a85839a426977a260d417c4870382
2011-06-08  Mikołaj Małecki  <m.malecki@samsung.com>

        Reviewed by Pavel Feldman.

        Web Inspector: Crash by buffer overrun crash when serializing inspector object tree.
        https://bugs.webkit.org/show_bug.cgi?id=52791

        No new tests. The problem can be reproduced by trying to create InspectorValue
        from 1.0e-100 and call ->toJSONString() on this.

        * JavaScriptCore.exp:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        export 2 functions DecimalNumber::bufferLengthForStringExponential and
        DecimalNumber::toStringExponential.

2011-06-08  Mikołaj Małecki  <m.malecki@samsung.com>

        Reviewed by Pavel Feldman.

        Web Inspector: Crash by buffer overrun crash when serializing inspector object tree.
        https://bugs.webkit.org/show_bug.cgi?id=52791

        No new tests. The problem can be reproduced by trying to create InspectorValue
        from 1.0e-100 and call ->toJSONString() on this.

        * JavaScriptCore.exp:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        export 2 functions DecimalNumber::bufferLengthForStringExponential and
        DecimalNumber::toStringExponential.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@88444 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/JavaScriptCore.exp
Source/JavaScriptCore/JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def
Source/WebCore/ChangeLog
Source/WebCore/inspector/InspectorValues.cpp