Change RegExpMacroAssemblerIA32::CaseInsensitiveCompareUC16 so that it

does not use stack-allocated character as a one-element character
array.

The use at this site was actually safe (Ecma262Canonicalize will only
write to the first character of the array), but not obviously so.

BUG=17103

Review URL: http://codereview.chromium.org/159071

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2510 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
This commit is contained in:
kmillikin@chromium.org 2009-07-20 10:54:00 +00:00
parent ec526df16f
commit 2126c36279

View File

@ -1073,10 +1073,12 @@ int RegExpMacroAssemblerIA32::CaseInsensitiveCompareUC16(Address byte_offset1,
unibrow::uchar c1 = substring1[i]; unibrow::uchar c1 = substring1[i];
unibrow::uchar c2 = substring2[i]; unibrow::uchar c2 = substring2[i];
if (c1 != c2) { if (c1 != c2) {
canonicalize.get(c1, '\0', &c1); unibrow::uchar s1[1] = { c1 };
if (c1 != c2) { canonicalize.get(c1, '\0', s1);
canonicalize.get(c2, '\0', &c2); if (s1[0] != c2) {
if (c1 != c2) { unibrow::uchar s2[1] = { c2 };
canonicalize.get(c2, '\0', s2);
if (s1[0] != s2[0]) {
return 0; return 0;
} }
} }