v8: work around String::WriteAscii segfault

See http://code.google.com/p/v8/issues/detail?id=2493 for details.
Once the patch lands in upstream V8, this commit can be reverted.

diff --git a/deps/v8/src/v8utils.h b/deps/v8/src/v8utils.h
index 9072b4e..111abdf 100644 (file)
--- a/deps/v8/src/v8utils.h
+++ b/deps/v8/src/v8utils.h
@@ -209,6 +209,8 @@ INLINE(void CopyChars(sinkchar* dest, const sourcechar* src, int chars));
 
 template <typename sourcechar, typename sinkchar>
 void CopyChars(sinkchar* dest, const sourcechar* src, int chars) {
+  ASSERT(chars >= 0);
+  if (chars == 0) return;
   sinkchar* limit = dest + chars;
 #ifdef V8_HOST_CAN_READ_UNALIGNED
   if (sizeof(*dest) == sizeof(*src)) {

diff --git a/test/simple/test-buffer.js b/test/simple/test-buffer.js
index 1b1398b..7851a00 100644 (file)
--- a/test/simple/test-buffer.js
+++ b/test/simple/test-buffer.js
@@ -22,8 +22,15 @@
 var common = require('../common');
 var assert = require('assert');
 
+var SlowBuffer = require('buffer').SlowBuffer;
 var Buffer = require('buffer').Buffer;
 
+// Regression test for segfault introduced in commit e501ce4.
+['base64','binary','ucs2','utf8','ascii'].forEach(function(encoding) {
+  var buf = new SlowBuffer(0);
+  buf.write('', encoding);
+});
+
 var b = Buffer(1024); // safe constructor
 
 console.log('b.length == ' + b.length);