JS_EXPORT_PRIVATE virtual ~ArrayBufferView();
+ // Helper to verify byte offset is size aligned.
+ static bool verifyByteOffsetAlignment(unsigned byteOffset, size_t size)
+ {
+ return !(byteOffset & (size - 1));
+ }
+
// Helper to verify that a given sub-range of an ArrayBuffer is
// within range.
- // FIXME: This should distinguish between alignment errors and bounds errors.
- // https://bugs.webkit.org/show_bug.cgi?id=125391
- template <typename T>
- static bool verifySubRange(
- PassRefPtr<ArrayBuffer> buffer,
- unsigned byteOffset,
- unsigned numElements)
+ static bool verifySubRangeLength(PassRefPtr<ArrayBuffer> buffer, unsigned byteOffset, unsigned numElements, size_t size)
{
unsigned byteLength = buffer->byteLength();
- if (sizeof(T) > 1 && byteOffset % sizeof(T))
- return false;
if (byteOffset > byteLength)
return false;
- unsigned remainingElements = (byteLength - byteOffset) / sizeof(T);
+ unsigned remainingElements = (byteLength - byteOffset) / size;
if (numElements > remainingElements)
return false;
return true;
projects / apple / javascriptcore.git / blobdiff