From 95d35ab188665281f54095e52948c9aad08e364d Mon Sep 17 00:00:00 2001
From: Lars Knoll <lars.knoll@digia.com>
Date: Mon, 18 Nov 2013 13:54:33 +0100
Subject: Fix interaction between head room and appending in arrays

We reserve space on both ends of the JS array for appending
and prepending. Make sure they interact well with each other
and don't cause any memory corruption.

Task-number: QTBUG-34853
Change-Id: I184280178690e3cb12ab9b199a8436b32383af38
Reviewed-by: Simon Hausmann <simon.hausmann@digia.com>
---
 src/qml/jsruntime/qv4arrayobject.cpp | 1 +
 1 file changed, 1 insertion(+)

(limited to 'src/qml/jsruntime/qv4arrayobject.cpp')

diff --git a/src/qml/jsruntime/qv4arrayobject.cpp b/src/qml/jsruntime/qv4arrayobject.cpp
index 5422bff800..a0f0345b8b 100644
--- a/src/qml/jsruntime/qv4arrayobject.cpp
+++ b/src/qml/jsruntime/qv4arrayobject.cpp
@@ -572,6 +572,7 @@ ReturnedValue ArrayPrototype::method_unshift(CallContext *ctx)
                 --instance->arrayOffset;
                 --instance->arrayData;
                 ++instance->arrayDataLen;
+                ++instance->arrayAlloc;
                 if (instance->arrayAttributes) {
                     --instance->arrayAttributes;
                     *instance->arrayAttributes = Attr_Data;
-- 
cgit v1.2.3