diff options
Diffstat (limited to 'chromium/third_party/blink/renderer/modules/encoding/text_decoder_stream.cc')
-rw-r--r-- | chromium/third_party/blink/renderer/modules/encoding/text_decoder_stream.cc | 24 |
1 files changed, 18 insertions, 6 deletions
diff --git a/chromium/third_party/blink/renderer/modules/encoding/text_decoder_stream.cc b/chromium/third_party/blink/renderer/modules/encoding/text_decoder_stream.cc index 6e440da228a..716c221d6e0 100644 --- a/chromium/third_party/blink/renderer/modules/encoding/text_decoder_stream.cc +++ b/chromium/third_party/blink/renderer/modules/encoding/text_decoder_stream.cc @@ -10,11 +10,11 @@ #include "third_party/blink/renderer/bindings/core/v8/array_buffer_or_array_buffer_view.h" #include "third_party/blink/renderer/bindings/core/v8/script_promise.h" #include "third_party/blink/renderer/bindings/core/v8/v8_binding_for_core.h" +#include "third_party/blink/renderer/bindings/modules/v8/v8_text_decoder_options.h" #include "third_party/blink/renderer/core/streams/transform_stream_default_controller.h" #include "third_party/blink/renderer/core/streams/transform_stream_transformer.h" #include "third_party/blink/renderer/core/typed_arrays/dom_typed_array.h" #include "third_party/blink/renderer/modules/encoding/encoding.h" -#include "third_party/blink/renderer/modules/encoding/text_decoder_options.h" #include "third_party/blink/renderer/platform/bindings/exception_messages.h" #include "third_party/blink/renderer/platform/bindings/exception_state.h" #include "third_party/blink/renderer/platform/bindings/to_v8.h" @@ -54,16 +54,28 @@ class TextDecoderStream::Transformer final : public TransformStreamTransformer { if (bufferSource.IsArrayBufferView()) { const auto* view = bufferSource.GetAsArrayBufferView().View(); const char* start = static_cast<const char*>(view->BaseAddress()); - uint32_t length = view->deprecatedByteLengthAsUnsigned(); - DecodeAndEnqueue(start, length, WTF::FlushBehavior::kDoNotFlush, - controller, exception_state); + size_t length = view->byteLengthAsSizeT(); + if (length > std::numeric_limits<uint32_t>::max()) { + exception_state.ThrowRangeError( + "Buffer size exceeds maximum heap object size."); + return ScriptPromise(); + } + DecodeAndEnqueue(start, static_cast<uint32_t>(length), + WTF::FlushBehavior::kDoNotFlush, controller, + exception_state); return ScriptPromise::CastUndefined(script_state_); } DCHECK(bufferSource.IsArrayBuffer()); const auto* array_buffer = bufferSource.GetAsArrayBuffer(); const char* start = static_cast<const char*>(array_buffer->Data()); - uint32_t length = array_buffer->DeprecatedByteLengthAsUnsigned(); - DecodeAndEnqueue(start, length, WTF::FlushBehavior::kDoNotFlush, controller, + size_t length = array_buffer->ByteLengthAsSizeT(); + if (length > std::numeric_limits<uint32_t>::max()) { + exception_state.ThrowRangeError( + "Buffer size exceeds maximum heap object size."); + return ScriptPromise(); + } + DecodeAndEnqueue(start, static_cast<uint32_t>(length), + WTF::FlushBehavior::kDoNotFlush, controller, exception_state); return ScriptPromise::CastUndefined(script_state_); |