From d59c6238abffb5a53342e4e4a23f122b135812e3 Mon Sep 17 00:00:00 2001 From: Fawzi Mohamed Date: Tue, 29 Apr 2014 12:13:08 +0200 Subject: [PATCH] v4: assert when an unsupported double value is stored in a value we assume that just few NaN values can be generated by the HW (currently 0x7ff800..00 and 0x7ffc00..00), and we use the other values to encode js values. If uninitialized memory is interpreted as double or another NaN is explicitly constructed and feed to the interpreter, it might crash (later when actually accessing that value). Adding an assertion to catch those values when assertions are active for the 32 bit encoding (64 bit already has it). Task-number: QTBUG-36859 Change-Id: I7ac7b2619f286ba19066729836af718014a515a6 Reviewed-by: Johannes Matokic Reviewed-by: Simon Hausmann Reviewed-by: Lars Knoll --- src/qml/jsruntime/qv4value_p.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/qml/jsruntime/qv4value_p.h b/src/qml/jsruntime/qv4value_p.h index 2c78062..3f83d7b 100644 --- a/src/qml/jsruntime/qv4value_p.h +++ b/src/qml/jsruntime/qv4value_p.h @@ -241,8 +241,8 @@ struct Q_QML_PRIVATE_EXPORT Value static inline bool bothDouble(Value a, Value b) { return ((a.tag | b.tag) & NotDouble_Mask) != NotDouble_Mask; } - double doubleValue() const { return dbl; } - void setDouble(double d) { dbl = d; } + double doubleValue() const { Q_ASSERT(isDouble()); return dbl; } + void setDouble(double d) { dbl = d; Q_ASSERT(isDouble()); } bool isNaN() const { return (tag & QV4::Value::NotDouble_Mask) == QV4::Value::NaN_Mask; } #endif inline bool isString() const; -- 2.7.4