commit d0d1ef27327048c4054c707e2eec3fed2b624a65
author Tom Sepez <tsepez@chromium.org> Tue Nov 09 23:26:29 2021 +0000
committer Pdfium LUCI CQ <pdfium-scoped@luci-project-accounts.iam.gserviceaccount.com> Tue Nov 09 23:26:29 2021 +0000
tree 4353ad7e50c601b4511b18c6547fe5597574a077
parent a97690dce12252623f9e97c9908ec2f99c9dba44

Use alternate form of v8::Array::New().

Assign the members of the array in a single shot, avoiding some
re-entrancy issues that would occur doing this one at a time.

-- Avoid a size_t to int conversion in PDFium code, (however v8 is
   doing this silently under the covers, but that's a v8 issue).

Change-Id: I51f4cbf36aec98cef21f7e383bdd64a6bfe244f6
Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/87012
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>

fxjs/xfa/cfxjse_value.cpp

diff --git a/fxjs/xfa/cfxjse_value.cpp b/fxjs/xfa/cfxjse_value.cpp
index a22bd61..e005acf 100644
--- a/fxjs/xfa/cfxjse_value.cpp
+++ b/fxjs/xfa/cfxjse_value.cpp
@@ -97,14 +97,16 @@
     v8::Isolate* pIsolate,
     const std::vector<std::unique_ptr<CFXJSE_Value>>& values) {
   CFXJSE_ScopeUtil_IsolateHandleRootContext scope(pIsolate);
-  v8::Local<v8::Array> hArrayObject = v8::Array::New(pIsolate, values.size());
-  uint32_t count = 0;
+  std::vector<v8::Local<v8::Value>> local_values;
+  local_values.reserve(values.size());
   for (auto& v : values) {
     if (v->IsEmpty())
-      v->SetUndefined(pIsolate);
-    fxv8::ReentrantPutArrayElementHelper(pIsolate, hArrayObject, count++,
-                                         v->GetValue(pIsolate));
+      local_values.push_back(fxv8::NewUndefinedHelper(pIsolate));
+    else
+      local_values.push_back(v->GetValue(pIsolate));
   }
+  v8::Local<v8::Array> hArrayObject =
+      v8::Array::New(pIsolate, local_values.data(), local_values.size());
   m_hValue.Reset(pIsolate, hArrayObject);
 }