mirrors/escargot
2
0
Fork 0
mirror of https://github.com/Samsung/escargot.git synced 2026-06-22 10:01:50 +00:00
Code Issues Projects Releases Packages Wiki Activity

Check if the size exceeds the maximum allowed size for TypedArray construction

Browse source 
Signed-off-by: Seonghyun Kim <sh8281.kim@samsung.com>
This commit is contained in:
Seonghyun Kim 2026-04-29 12:59:40 +09:00
commit 210a52fe5a
1 changed files with 6 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/runtime/IteratorObject.cpp
View file

@ -26,6 +26,7 @@
#include "runtime/AsyncFromSyncIteratorObject.h"
#include "runtime/ScriptAsyncFunctionObject.h"
#include "runtime/StringObject.h"
#include "runtime/ArrayBuffer.h"
namespace Escargot {
@ -227,6 +228,11 @@ ValueVectorWithInlineStorage IteratorObject::iterableToList(ExecutionState& stat
if (next.hasValue()) {
Value nextValue = IteratorObject::iteratorValue(state, next.value());
values.pushBack(nextValue);
// Check if the size exceeds the maximum allowed size for TypedArray construction
// This prevents memory exhaustion when iterating over very large sparse arrays
if (values.size() >= ArrayBuffer::maxArrayBufferSize) {
ErrorObject::throwBuiltinError(state, ErrorCode::RangeError, state.context()->staticStrings().TypedArray.string(), false, String::emptyString(), ErrorObject::Messages::GlobalObject_InvalidArrayLength);
}
} else {
break;
}