ref: cbdf814ee25841ce2130e6d58b0ac607b508f045
parent: caabe08cb11e8c879173b599030d897a7e852373
author: Tor Andersson <tor.andersson@artifex.com>
date: Tue May 15 09:41:26 EDT 2018
Handle undefined and unset array slots separately in Array.prototype.sort.
--- a/jsarray.c
+++ b/jsarray.c
@@ -288,7 +288,7 @@
static void Ap_sort(js_State *J)
{
struct sortslot *array = NULL;
- int i, len;
+ int i, n, len;
len = js_getlength(J, 0);
@@ -298,18 +298,24 @@
js_throw(J);
}
+ n = 0;
for (i = 0; i < len; ++i) {
- js_getindex(J, 0, i);
- array[i].v = *js_tovalue(J, -1);
- array[i].J = J;
- js_pop(J, 1);
+ if (js_hasindex(J, 0, i)) {
+ array[n].v = *js_tovalue(J, -1);
+ array[n].J = J;
+ js_pop(J, 1);
+ ++n;
+ }
}
- qsort(array, len, sizeof *array, sortcmp);
+ qsort(array, n, sizeof *array, sortcmp);
- for (i = 0; i < len; ++i) {
+ for (i = 0; i < n; ++i) {
js_pushvalue(J, array[i].v);
js_setindex(J, 0, i);
+ }
+ for (i = n; i < len; ++i) {
+ js_delindex(J, 0, i);
}
js_endtry(J);