[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gnash-commit] gnash ChangeLog server/vm/ASHandlers.cpp testsu...
From: |
Sandro Santilli |
Subject: |
[Gnash-commit] gnash ChangeLog server/vm/ASHandlers.cpp testsu... |
Date: |
Sat, 15 Mar 2008 16:56:31 +0000 |
CVSROOT: /sources/gnash
Module name: gnash
Changes by: Sandro Santilli <strk> 08/03/15 16:56:31
Modified files:
. : ChangeLog
server/vm : ASHandlers.cpp
testsuite/actionscript.all: String.as
Log message:
Fix ActionMbSubstring, fixing bug #22437. Add tests for it.
CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/gnash/ChangeLog?cvsroot=gnash&r1=1.5932&r2=1.5933
http://cvs.savannah.gnu.org/viewcvs/gnash/server/vm/ASHandlers.cpp?cvsroot=gnash&r1=1.213&r2=1.214
http://cvs.savannah.gnu.org/viewcvs/gnash/testsuite/actionscript.all/String.as?cvsroot=gnash&r1=1.45&r2=1.46
Patches:
Index: ChangeLog
===================================================================
RCS file: /sources/gnash/gnash/ChangeLog,v
retrieving revision 1.5932
retrieving revision 1.5933
diff -u -b -r1.5932 -r1.5933
--- ChangeLog 15 Mar 2008 13:01:30 -0000 1.5932
+++ ChangeLog 15 Mar 2008 16:56:30 -0000 1.5933
@@ -1,5 +1,12 @@
2008-03-15 Sandro Santilli <address@hidden>
+ * server/vm/ASHandlers.cpp (ActionMbSubString): fix the opcode, and
+ avoid out-of-range accesses. Fixes panda.swf (bug #22437)
+ * testsuite/actionscript.all/String.as: add tests for mbsubstring.
+ Gnash used to fail a lot there.
+
+2008-03-15 Sandro Santilli <address@hidden>
+
* testsuite/actionscript.all/Inheritance.as: finally some more failing
tests (equivalent to swfdec's super-missing-{7,8}.swf)
Index: server/vm/ASHandlers.cpp
===================================================================
RCS file: /sources/gnash/gnash/server/vm/ASHandlers.cpp,v
retrieving revision 1.213
retrieving revision 1.214
diff -u -b -r1.213 -r1.214
--- server/vm/ASHandlers.cpp 15 Mar 2008 15:32:06 -0000 1.213
+++ server/vm/ASHandlers.cpp 15 Mar 2008 16:56:30 -0000 1.214
@@ -906,8 +906,10 @@
if ( size < 0 )
{
- log_error(_("Negative size passed to ActionSubString, "
+ IF_VERBOSE_ASCODING_ERRORS(
+ log_aserror(_("Negative size passed to ActionSubString, "
"taking as whole length"));
+ );
size = str.length();
}
@@ -1557,7 +1559,7 @@
continue;
}
++length;
- offsets[length - 1] = index;
+ offsets.push_back(index); //[length - 1] = index;
if ((j & 0xC0) == 0x80)
continue; // A 1 byte character.
@@ -1570,7 +1572,7 @@
else if (j & 0x80)
is_sought = false;
}
- offsets[length - 1] = index;
+ offsets.push_back(index); // [length - 1] = index;
if (!width && is_sought) // No width left, so it's almost certainly UTF8.
return ENCGUESS_UNICODE;
@@ -1596,7 +1598,7 @@
}
++length;
- offsets[length - 1] = index;
+ offsets.push_back(index); // [length - 1] = index;
if ((j == 0x80) || (j == 0xA0) || (j >= 0xF0))
{
@@ -1612,7 +1614,7 @@
}
}
- offsets[length - 1] = index;
+ offsets.push_back(index); // [length - 1] = index;
if (!width && is_sought) // No width left, so it's probably SHIFT_JIS.
return ENCGUESS_JIS;
@@ -1725,6 +1727,10 @@
int start = env.top(1).to_int();
as_value& string_val = env.top(2);
+ IF_VERBOSE_ACTION(
+ log_action(" ActionMbSubString(%s, %d, %d)",
string_val.to_debug_string().c_str(), start, size);
+ );
+
env.drop(2);
if (string_val.is_undefined() || string_val.is_null())
@@ -1735,26 +1741,25 @@
return;
}
- if (size < 1)
- {
- if (size < 0)
- {
- IF_VERBOSE_ASCODING_ERRORS(
- log_aserror(_("Length is less than 1 in ActionMbSubString, "
- "returning empty string."));
- );
- }
- env.top(0).set_string("");
- return;
- }
-
string str = string_val.to_string();
int length = 0;
std::vector<int> offsets;
- offsets.resize(str.length() + 1);
+ //offsets.resize(str.length() + 1);
as_encoding_guess_t encoding = GuessEncoding(str, length, offsets);
+ //log_debug("Guessed encoding for %s: %d - len:%d, offsets.size:%d",
str.c_str(), encoding, length, offsets.size());
+ //for (int i=0; i<offsets.size(); ++i) log_debug(" offsets[%d]: %d", i,
offsets[i]);
+
+ if (size < 0)
+ {
+ IF_VERBOSE_ASCODING_ERRORS(
+ log_aserror(_("Negative size passed to ActionSubString, "
+ "taking as whole length"));
+ );
+ size = length;
+ }
+
if (start < 1)
{
IF_VERBOSE_ASCODING_ERRORS(
@@ -1764,6 +1769,16 @@
start = 1;
}
+ else if ( unsigned(start) > length )
+ {
+ IF_VERBOSE_ASCODING_ERRORS (
+ log_aserror(_("base goes beyond input string in ActionMbSubString, "
+ "returning the empty string."));
+ );
+ env.top(0).set_string("");
+ return;
+ }
+
// Adjust the start for our own use.
--start;
@@ -1771,18 +1786,20 @@
{
IF_VERBOSE_ASCODING_ERRORS(
log_aserror(_("base+size goes beyond input string in
ActionMbSubString, "
- "adjusting size"));
+ "adjusting size based on length:%d and start:%d"), length,start);
);
size = length - start;
}
+ //log_debug("Adjusted start:%d size:%d", start, size);
+
if (encoding == ENCGUESS_OTHER)
{
env.top(0).set_string(str.substr(start, size));
}
else
{
- env.top(0).set_string(str.substr(offsets[start], offsets[size] -
offsets[start] + 1));
+ env.top(0).set_string(str.substr(offsets[start], offsets[start+size] -
offsets[start]));
}
return;
}
Index: testsuite/actionscript.all/String.as
===================================================================
RCS file: /sources/gnash/gnash/testsuite/actionscript.all/String.as,v
retrieving revision 1.45
retrieving revision 1.46
diff -u -b -r1.45 -r1.46
--- testsuite/actionscript.all/String.as 11 Mar 2008 19:31:48 -0000
1.45
+++ testsuite/actionscript.all/String.as 15 Mar 2008 16:56:31 -0000
1.46
@@ -17,7 +17,7 @@
// Original author: Mike Carlson - June 19th, 2006
-rcsid="$Id: String.as,v 1.45 2008/03/11 19:31:48 strk Exp $";
+rcsid="$Id: String.as,v 1.46 2008/03/15 16:56:31 strk Exp $";
#include "check.as"
check_equals(typeof(String), 'function');
@@ -406,6 +406,10 @@
check_equals (a.charCodeAt(10), 195);
#endif
+//-----------------------------------------------------------
+// Test SWFACTION_SUBSTRING
+//-----------------------------------------------------------
+
// see check.as
#ifdef MING_SUPPORTS_ASM
@@ -478,10 +482,107 @@
setvariable
};
check_equals( b, "l");
+
+asm {
+ push "b"
+ push "f"
+ push "1"
+ push "1"
+ substring
+ setvariable
+};
+check_equals( b, "f");
#endif
+//-----------------------------------------------------------
+// Test SWFACTION_MBSUBSTRING
+//-----------------------------------------------------------
+// see check.as
+#ifdef MING_SUPPORTS_ASM
+
+asm {
+ push "b"
+ push "ciao"
+ push "2"
+ push "10" // size is bigger then string length,
+ // we expect the interpreter to adjust it
+ mbsubstring
+ setvariable
+};
+check_equals( b, "iao");
+asm {
+ push "b"
+ push "boowa"
+ push "2"
+ push "-1" // size is bigger then string length,
+ // we expect the interpreter to adjust it
+ mbsubstring
+ setvariable
+};
+check_equals( b, "oowa");
+asm {
+ push "b"
+ push "ciao"
+ push "-2" // negative base should be interpreted as 1
+ push "1"
+ mbsubstring
+ setvariable
+};
+check_equals( b, "c");
+asm {
+ push "b"
+ push "ciao"
+ push "-2" // negative base should be interpreted as 1
+ push "10" // long size reduced
+ mbsubstring
+ setvariable
+};
+check_equals( b, "ciao");
+asm {
+ push "b"
+ push "ciao"
+ push "0" // zero base is invalid, but taken as 1
+ push "1"
+ mbsubstring
+ setvariable
+};
+check_equals( b, "c");
+asm {
+ push "b"
+ push "ciao"
+ push "10" // too large base ...
+ push "1"
+ mbsubstring
+ setvariable
+};
+check_equals( b, "");
+asm {
+ push "b"
+ push "all"
+ push "3" // base is 1-based!
+ push "1"
+ mbsubstring
+ setvariable
+};
+check_equals( b, "l");
+
+asm {
+ push "b"
+ push "f"
+ push "1"
+ push "1"
+ mbsubstring
+ setvariable
+};
+check_equals( b, "f");
+
+#endif
+
+//-----------------------------------------------------------
// Test inheritance with built-in functions
+//-----------------------------------------------------------
+
var stringInstance = new String();
check (stringInstance.__proto__ != undefined);
check (stringInstance.__proto__ == String.prototype);
@@ -607,7 +708,7 @@
check_equals(r, "s:");
#if OUTPUT_VERSION < 6
- check_totals(192);
+ check_totals(201);
#else
- check_totals(222);
+ check_totals(231);
#endif