Merge the 2021-03-05 SPL branch from AOSP-Partner
* security-aosp-pi-release:
LiteralBuffer::ExpandBuffer always grows
[parser] Fix off-by-one in parameter count check
Change-Id: Ib3496eb47a08ef40904cf8fe047b707193208853
diff --git a/src/messages.h b/src/messages.h
index bb595c2..8845e53 100644
--- a/src/messages.h
+++ b/src/messages.h
@@ -624,7 +624,7 @@
T(TooManyArguments, \
"Too many arguments in function call (only 65535 allowed)") \
T(TooManyParameters, \
- "Too many parameters in function definition (only 65535 allowed)") \
+ "Too many parameters in function definition (only 65534 allowed)") \
T(TooManySpreads, \
"Literal containing too many nested spreads (up to 65534 allowed)") \
T(TooManyVariables, "Too many variables declared (only 4194303 allowed)") \
diff --git a/src/parsing/parser-base.h b/src/parsing/parser-base.h
index cf56c53..dd7b280 100644
--- a/src/parsing/parser-base.h
+++ b/src/parsing/parser-base.h
@@ -3595,7 +3595,8 @@
if (peek() != Token::RPAREN) {
while (true) {
- if (parameters->arity > Code::kMaxArguments) {
+ // Add one since we're going to be adding a parameter.
+ if (parameters->arity + 1 > Code::kMaxArguments) {
ReportMessage(MessageTemplate::kTooManyParameters);
*ok = false;
return;
diff --git a/src/parsing/scanner.cc b/src/parsing/scanner.cc
index c1580bb..07757ba 100644
--- a/src/parsing/scanner.cc
+++ b/src/parsing/scanner.cc
@@ -67,13 +67,14 @@
}
int Scanner::LiteralBuffer::NewCapacity(int min_capacity) {
- int capacity = Max(min_capacity, backing_store_.length());
- int new_capacity = Min(capacity * kGrowthFactory, capacity + kMaxGrowth);
- return new_capacity;
+ return min_capacity < (kMaxGrowth / (kGrowthFactor - 1))
+ ? min_capacity * kGrowthFactor
+ : min_capacity + kMaxGrowth;
}
void Scanner::LiteralBuffer::ExpandBuffer() {
- Vector<byte> new_store = Vector<byte>::New(NewCapacity(kInitialCapacity));
+ int min_capacity = Max(kInitialCapacity, backing_store_.length());
+ Vector<byte> new_store = Vector<byte>::New(NewCapacity(min_capacity));
MemCopy(new_store.start(), backing_store_.start(), position_);
backing_store_.Dispose();
backing_store_ = new_store;
diff --git a/src/parsing/scanner.h b/src/parsing/scanner.h
index 9885b8e..9cb3f11 100644
--- a/src/parsing/scanner.h
+++ b/src/parsing/scanner.h
@@ -419,8 +419,7 @@
private:
static const int kInitialCapacity = 16;
- static const int kGrowthFactory = 4;
- static const int kMinConversionSlack = 256;
+ static const int kGrowthFactor = 4;
static const int kMaxGrowth = 1 * MB;
inline bool IsValidAscii(char code_unit) {