113011 2013-03-22 00:01:00 -0700 Please restore ValueCheck functionality in WebCore 2013-04-05 10:33:15 -0700 1 1 1 Unclassified WebKit Web Template Framework 528+ (Nightly build) Unspecified Unspecified NEW P2 Normal --- 1 ap webkit-unassigned abarth benjamin eric mjs oldest_to_newest 861158 0 ap 2013-03-22 00:01:00 -0700 Changes in bug 112831 yesterday disabled almost all ValueCheck security checks in WebCore. They need to be restored. Please see Maciej's suggestion in bug 112873: "It sounds like it will be possible to fix the StringImpl/AtomicStringImpl cases once the new statically allocated StringImpl's return true from isStatic()." 863059 1 ap 2013-03-25 14:14:54 -0700 Adam, Eric, who is going to work on this? 866649 2 abarth 2013-03-30 11:32:15 -0700 (In reply to comment #1) > Adam, Eric, who is going to work on this? I don't plan to work on this issue this week. 868952 3 ap 2013-04-03 16:38:33 -0700 Do you plan to work on this after this week? 869038 4 mjs 2013-04-04 00:13:18 -0700 (In reply to comment #3) > Do you plan to work on this after this week? I think it's going to our job to deal with it now, given the recent announcement. Let's let our former colleagues go in peace. 869043 5 ap 2013-04-04 00:36:26 -0700 I was thinking about this part of Eric's e-mail to webkit-dev: "Adam and I are happy to work with other reviewers to remove PLATFORM(CHROMIUM) code and other messes we may have caused over the years from webkit.org" This is one of the most recent cases of "mess". 869173 6 abarth 2013-04-04 08:50:09 -0700 I'm happy to roll out the patches that led to the changes to ValueCheck if that would be helpful to you. Completing this work requires landing the patch that makes HTMLNames thread safe. That patch works for Chromium today, but making it work for other ports is probably out of scope for helping with cleanup.