Google Git
Sign in
chromium / v8 / v8.git / 3.2.10.16^! / .
commit28ad7d9408b00a37af9b440e1629b8a9f081da74[log] [tgz]
authorwhesse@chromium.org <whesse@chromium.org@ce2b1a6d-e550-0410-aec6-3dcde31c8c00>Tue Jun 07 12:08:41 2011
committerwhesse@chromium.org <whesse@chromium.org@ce2b1a6d-e550-0410-aec6-3dcde31c8c00>Tue Jun 07 12:08:41 2011
tree886dec28a7349736b2a232f929f809f054f44504
parentacbfcd4c66fbbeb1442ae20cfd88f98d18500c43 [diff]
Merge revision r8194 to 3.2 branch.
Limit the number of arguments in a function call to 32766. This is identical
to the limit on the number of parameters to a function.

BUG=v8:1413
TEST=regress/regress-1122.js
Review URL: http://codereview.chromium.org/7130003

git-svn-id: http://v8.googlecode.com/svn/branches/3.2@8200 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

diff --git a/src/messages.js b/src/messages.js
index 5381d08..d8810dc 100644
--- a/src/messages.js
+++ b/src/messages.js

@@ -212,6 +212,7 @@
       invalid_preparser_data:       ["Invalid preparser data for function ", "%0"],
       strict_mode_with:             ["Strict mode code may not include a with statement"],
       strict_catch_variable:        ["Catch variable may not be eval or arguments in strict mode"],
+      too_many_arguments:           ["Too many arguments in function call (only 32766 allowed)"],
       too_many_parameters:          ["Too many parameters in function definition (only 32766 allowed)"],
       too_many_variables:           ["Too many variables declared (only 32767 allowed)"],
       strict_param_name:            ["Parameter name eval or arguments is not allowed in strict mode"],

diff --git a/src/parser.cc b/src/parser.cc
index a84ec6f..266f77d 100644
--- a/src/parser.cc
+++ b/src/parser.cc

@@ -3501,6 +3501,12 @@
   while (!done) {
     Expression* argument = ParseAssignmentExpression(true, CHECK_OK);
     result->Add(argument);
+    if (result->length() > kMaxNumFunctionParameters) {
+      ReportMessageAt(scanner().location(), "too_many_arguments",
+                      Vector<const char*>::empty());
+      *ok = false;
+      return NULL;
+    }
     done = (peek() == Token::RPAREN);
     if (!done) Expect(Token::COMMA, CHECK_OK);
   }

diff --git a/src/version.cc b/src/version.cc
index 29f4b1a..71a07db 100644
--- a/src/version.cc
+++ b/src/version.cc

@@ -35,7 +35,7 @@
 #define MAJOR_VERSION     3
 #define MINOR_VERSION     2
 #define BUILD_NUMBER      10
-#define PATCH_LEVEL       15
+#define PATCH_LEVEL       16
 // Use 1 for candidates and 0 otherwise.
 // (Boolean macro values are not supported by all preprocessors.)
 #define IS_CANDIDATE_VERSION 0

diff --git a/test/mjsunit/regress/regress-1122.js b/test/mjsunit/regress/regress-1122.js
index 7dc9b24..815511d 100644
--- a/test/mjsunit/regress/regress-1122.js
+++ b/test/mjsunit/regress/regress-1122.js

@@ -25,12 +25,14 @@
 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-// Test that we can handle functions with up to 32766 arguments, and that
-// functions with more arguments throw an exception.
+// Test that we can handle function calls with up to 32766 arguments, and
+// that function calls with more arguments throw an exception.  Apply a
+// similar limit to the number of function parameters.
 
-// See http://code.google.com/p/v8/issues/detail?id=1122.
+// See http://code.google.com/p/v8/issues/detail?id=1122 and
+// http://code.google.com/p/v8/issues/detail?id=1413.
 
-function function_with_n_args(n) {
+function function_with_n_params_and_m_args(n, m) {
   test_prefix = 'prefix ';
   test_suffix = ' suffix';
   var source = 'test_prefix + (function f(';
@@ -39,7 +41,7 @@
     source += 'arg' + arg;
   }
   source += ') { return arg' + (n - n % 2) / 2 + '; })(';
-  for (var arg = 0; arg < n ; arg++) {
+  for (var arg = 0; arg < m ; arg++) {
     if (arg != 0) source += ',';
     source += arg;
   }
@@ -47,9 +49,20 @@
   return eval(source);
 }
 
-assertEquals('prefix 4000 suffix', function_with_n_args(8000));
-assertEquals('prefix 9000 suffix', function_with_n_args(18000));
-assertEquals('prefix 16000 suffix', function_with_n_args(32000));
+assertEquals('prefix 4000 suffix',
+             function_with_n_params_and_m_args(8000, 8000));
+assertEquals('prefix 3000 suffix',
+             function_with_n_params_and_m_args(6000, 8000));
+assertEquals('prefix 5000 suffix',
+             function_with_n_params_and_m_args(10000, 8000));
+assertEquals('prefix 9000 suffix',
+             function_with_n_params_and_m_args(18000, 18000));
+assertEquals('prefix 16000 suffix',
+             function_with_n_params_and_m_args(32000, 32000));
+assertEquals('prefix undefined suffix',
+             function_with_n_params_and_m_args(32000, 10000));
 
-assertThrows("function_with_n_args(35000)");
-assertThrows("function_with_n_args(100000)");
+assertThrows("function_with_n_params_and_m_args(35000, 35000)");
+assertThrows("function_with_n_params_and_m_args(100000, 100000)");
+assertThrows("function_with_n_params_and_m_args(35000, 30000)");
+assertThrows("function_with_n_params_and_m_args(30000, 35000)");