2011-06-08 Mikołaj Małecki <m.malecki@samsung.com>
authorIlya Tikhonovsky <loislo@chromium.org>
Thu, 9 Jun 2011 12:42:40 +0000 (12:42 +0000)
committerAdemar de Souza Reis Jr <ademar.reis@openbossa.org>
Tue, 2 Aug 2011 17:33:16 +0000 (14:33 -0300)
commitb5e100fc1c38285ed10027020f43889dda72ea0d
tree87c46abb4fc29a0cf2e84826288ce35589ec1929
parentd230e745d1046a23cd5efa084a8c7ba7f113473b
2011-06-08  Mikołaj Małecki  <m.malecki@samsung.com>

        Reviewed by Pavel Feldman.

        Web Inspector: Crash by buffer overrun crash when serializing inspector object tree.
        https://bugs.webkit.org/show_bug.cgi?id=52791

        No new tests. The problem can be reproduced by trying to create InspectorValue
        from 1.0e-100 and call ->toJSONString() on this.

        * JavaScriptCore.exp:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        export 2 functions DecimalNumber::bufferLengthForStringExponential and
        DecimalNumber::toStringExponential.

2011-06-08  Mikołaj Małecki  <m.malecki@samsung.com>

        Reviewed by Pavel Feldman.

        Web Inspector: Crash by buffer overrun crash when serializing inspector object tree.
        https://bugs.webkit.org/show_bug.cgi?id=52791

        No new tests. The problem can be reproduced by trying to create InspectorValue
        from 1.0e-100 and call ->toJSONString() on this.

        * JavaScriptCore.exp:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        export 2 functions DecimalNumber::bufferLengthForStringExponential and
        DecimalNumber::toStringExponential.

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@88444 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/JavaScriptCore.exp
Source/JavaScriptCore/JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def
Source/WebCore/ChangeLog
Source/WebCore/inspector/InspectorValues.cpp