Skip to content
  • darin@apple.com's avatar
    2010-05-26 Darin Adler <darin@apple.com> · 019c8ffa
    darin@apple.com authored
            Reviewed by Kent Tamura.
    
            Null characters handled incorrectly in ToNumber conversion
            https://bugs.webkit.org/show_bug.cgi?id=38088
    
            * runtime/JSGlobalObjectFunctions.cpp:
            (JSC::parseInt): Changed code to use UTF8String().data() instead of
            ascii() to fix the thread safety issue. Code path is covered by existing
            tests in run-javascriptcore-tests.
            (JSC::parseFloat): Moved comment to UString::toDouble since the issue
            affects all clients, not just parseFloat. Specifically, this also affects
            standard JavaScript numeric conversion, ToNumber.
    
            * runtime/UString.cpp:
            (JSC::UString::toDouble): Added a comment about incorrect space skipping.
            Changed trailing junk check to use the length of the CString instead of
            checking for a null character. Also got rid of a little unneeded logic
            in the case where we tolerate trailing junk.
    2010-05-26  Darin Adler  <darin@apple.com>
    
            Reviewed by Kent Tamura.
    
            Null characters handled incorrectly in ToNumber conversion
            https://bugs.webkit.org/show_bug.cgi?id=38088
    
            * fast/js/ToNumber-expected.txt: Updated for new tests and to
            expect PASS for two null character tests.
            * fast/js/ToNumber.js: Added more test cases.
            * fast/js/parseFloat-expected.txt: Updated for new test case.
            * fast/js/script-tests/parseFloat.js: Added a test case.
    
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@60328 268f45cc-cd09-0410-ab3c-d52691b4dbfc
    019c8ffa