Fix bug in Dart_GetTypeOfExternalTypedData.

fsc8000 · fsc8000 · commit 19bb19d7162c · 2015-06-12T18:41:07.000+02:00
This API function would return true for typed data view objects, even if the view has a non-external data object underneath. It is used e.g. by Builtin_LoadSource. This function copies the data object for internal typed-data objects. When it wrongly be identifies a view as external, it consequently results in crash/undefined behavior because GC may interfere with this internal data pointer. BUG= R=asiva@google.com, koda@google.com Review URL: https://codereview.chromium.org//1182123002.
diff --git a/runtime/vm/dart_api_impl.cc b/runtime/vm/dart_api_impl.cc
@@ -3241,10 +3241,20 @@ DART_EXPORT Dart_TypedData_Type Dart_GetTypeOfExternalTypedData(
     Dart_Handle object) {
   TRACE_API_CALL(CURRENT_FUNC);
   intptr_t class_id = Api::ClassId(object);
-  if (RawObject::IsExternalTypedDataClassId(class_id) ||
-      RawObject::IsTypedDataViewClassId(class_id)) {
+  if (RawObject::IsExternalTypedDataClassId(class_id)) {
     return GetType(class_id);
   }
+  if (RawObject::IsTypedDataViewClassId(class_id)) {
+    // Check if data object of the view is external.
+    Isolate* isolate = Isolate::Current();
+    const Instance& view_obj = Api::UnwrapInstanceHandle(isolate, object);
+    ASSERT(!view_obj.IsNull());
+    const Instance& data_obj =
+        Instance::Handle(isolate, TypedDataView::Data(view_obj));
+    if (ExternalTypedData::IsExternalTypedData(data_obj)) {
+      return GetType(class_id);
+    }
+  }
   return Dart_TypedData_kInvalid;
 }
 
