Change RegExpMacroAssemblerIA32::CaseInsensitiveCompareUC16 so that it

does not use stack-allocated character as a one-element character
array.

The use at this site was actually safe (Ecma262Canonicalize will only
write to the first character of the array), but not obviously so.

BUG=17103

Review URL: http://codereview.chromium.org/159071

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2510 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

diff --git a/src/ia32/regexp-macro-assembler-ia32.cc b/src/ia32/regexp-macro-assembler-ia32.cc
index 04a5390..c5d7c05 100644 (file)
--- a/src/ia32/regexp-macro-assembler-ia32.cc
+++ b/src/ia32/regexp-macro-assembler-ia32.cc
@@ -1073,10 +1073,12 @@ int RegExpMacroAssemblerIA32::CaseInsensitiveCompareUC16(Address byte_offset1,
     unibrow::uchar c1 = substring1[i];
     unibrow::uchar c2 = substring2[i];
     if (c1 != c2) {
-      canonicalize.get(c1, '\0', &c1);
-      if (c1 != c2) {
-        canonicalize.get(c2, '\0', &c2);
-        if (c1 != c2) {
+      unibrow::uchar s1[1] = { c1 };
+      canonicalize.get(c1, '\0', s1);
+      if (s1[0] != c2) {
+        unibrow::uchar s2[1] = { c2 };
+        canonicalize.get(c2, '\0', s2);
+        if (s1[0] != s2[0]) {
           return 0;
         }
       }