212847 2020-06-05 14:15:20 -0700 Make CodeBlockHash robust against unreasonably long source code. 2020-06-06 07:11:52 -0700 1 1 1 Unclassified WebKit JavaScriptCore WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 mark.lam mark.lam ews-watchlist keith_miller msaboff saam tzagallo webkit-bug-importer oldest_to_newest 1659785 0 mark.lam 2020-06-05 14:15:20 -0700 <rdar://problem/64024279> 1659794 1 401200 mark.lam 2020-06-05 14:29:09 -0700 Created attachment 401200 proposed patch. 1659800 2 401200 saam 2020-06-05 14:34:18 -0700 Comment on attachment 401200 proposed patch. View in context: https://bugs.webkit.org/attachment.cgi?id=401200&action=review > Source/JavaScriptCore/bytecode/CodeBlockHash.cpp:51 > + constexpr int maxSourceCodeLengthToHash = 500 * MB; should be size_t > Source/JavaScriptCore/bytecode/CodeBlockHash.cpp:59 > + m_hash = sourceCode.length() ^ 0x2d5a93d0; could you alternatively just sample 500mb of the source code? 1659811 3 401200 mark.lam 2020-06-05 15:02:52 -0700 Comment on attachment 401200 proposed patch. View in context: https://bugs.webkit.org/attachment.cgi?id=401200&action=review >> Source/JavaScriptCore/bytecode/CodeBlockHash.cpp:51 >> + constexpr int maxSourceCodeLengthToHash = 500 * MB; > > should be size_t Sadly, sourceCode.length() is an int, which is what made this an int. But I'll be changing this anyway. >> Source/JavaScriptCore/bytecode/CodeBlockHash.cpp:59 >> + m_hash = sourceCode.length() ^ 0x2d5a93d0; > > could you alternatively just sample 500mb of the source code? Will do. 1659813 4 401204 mark.lam 2020-06-05 15:03:22 -0700 Created attachment 401204 proposed patch. 1659833 5 401210 mark.lam 2020-06-05 15:48:34 -0700 Created attachment 401210 proposed patch. 1659844 6 401210 saam 2020-06-05 16:06:01 -0700 Comment on attachment 401210 proposed patch. View in context: https://bugs.webkit.org/attachment.cgi?id=401210&action=review > Source/JavaScriptCore/bytecode/CodeBlockHash.cpp:67 > + UChar character = str[index]; what guarantees this doesn't read OOB? Why not just make this look at 500*MB characters? Seems more straight forward than this. 1659852 7 401210 mark.lam 2020-06-05 16:17:32 -0700 Comment on attachment 401210 proposed patch. View in context: https://bugs.webkit.org/attachment.cgi?id=401210&action=review >> Source/JavaScriptCore/bytecode/CodeBlockHash.cpp:67 >> + UChar character = str[index]; > > what guarantees this doesn't read OOB? > > Why not just make this look at 500*MB characters? Seems more straight forward than this. Spoke with Saam offline. Just to make it clear for others, index is guaranteed to be < length, and we're using StringView::length() and StringView::operator[] here. There's no risk of overflow. The initial index is always 0, and we know length > 500 MB. So, no overflow there either. 1659952 8 401210 mark.lam 2020-06-06 07:09:20 -0700 Comment on attachment 401210 proposed patch. Thanks for the review. Landing now. 1659953 9 ews-feeder 2020-06-06 07:11:52 -0700 Committed r262677: <https://trac.webkit.org/changeset/262677> All reviewed patches have been landed. Closing bug and clearing flags on attachment 401210. 401200 2020-06-05 14:29:09 -0700 2020-06-05 15:03:22 -0700 proposed patch. bug-212847.patch text/plain 3433 mark.lam SW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291 cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gMjYyNjUyKQorKysgU291cmNl L0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDI4IEBA CisyMDIwLTA2LTA1ICBNYXJrIExhbSAgPG1hcmsubGFtQGFwcGxlLmNvbT4KKworICAgICAgICBN YWtlIENvZGVCbG9ja0hhc2ggcm9idXN0IGFnYWluc3QgdW5yZWFzb25hYmx5IGxvbmcgc291cmNl IGNvZGUuCisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0y MTI4NDcKKyAgICAgICAgPHJkYXI6Ly9wcm9ibGVtLzY0MDI0Mjc5PgorCisgICAgICAgIFJldmll d2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIFRoaXMgcGF0Y2ggYWRkcyBhIGhldXJp c3RpYyB0byBhdm9pZCB0cnlpbmcgdG8gY29tcHV0ZSB0aGUgQ29kZUJsb2NrSGFzaCBvbgorICAg ICAgICB1bnJlYXNvbmFibHkgbG9uZyBzb3VyY2UgY29kZSBzdHJpbmdzLiAgVGhpcyBpcyBkb25l IGJ5IGZpcnN0IGFwcGx5aW5nIGEgbGVuZ3RoCisgICAgICAgIGNoZWNrIGFuZCwgaWYgbmVlZGVk LCBjb21wdXRpbmcgdGhlIGhhc2ggd2l0aCBhbiBhbHRlcm5hdGUgbWV0aG9kLgorCisgICAgICAg IFRoaXMgaXMgT0sgdG8gZG8gYmVjYXVzZToKKyAgICAgICAgMS4gQ29kZUJsb2NrSGFzaCBpcyBu b3QgYSBjcml0aWNhbCBoYXNoLgorICAgICAgICAyLiBJbiBwcmFjdGljZSwgcmVhc29uYWJsZSBz b3VyY2UgY29kZSBhcmUgbm90IHRoYXQgbG9uZy4KKyAgICAgICAgMy4gQW5kIGlmIHRoZXkgYXJl IHRoYXQgbG9uZywgdGhlbiB3ZSBhcmUgc3RpbGwgZGl2ZXJzaWZ5aW5nIHRoZSBoYXNoIG9uIHRo ZWlyCisgICAgICAgICAgIGxlbmd0aC4gQnV0IGlmIHRoZXkgZG8gY29sbGlkZSwgaXQncyBPSy4K KworICAgICAgICBUaGUgb25seSBpbnZhcmlhbnQgaGVyZSBpcyB0aGF0IHdlIHNob3VsZCBhbHdh eXMgcHJvZHVjZSB0aGUgc2FtZSBoYXNoIGZvciB0aGUKKyAgICAgICAgc2FtZSBzb3VyY2Ugc3Ry aW5nLiAgU2luY2UgdGhlIGFsZ29yaXRobSBpcyBkZXRlcm1pbmlzdGljLCB0aGlzIGludmFyaWFu dCBpcyBub3QKKyAgICAgICAgdmlvbGF0ZWQuCisKKyAgICAgICAgKiBieXRlY29kZS9Db2RlQmxv Y2tIYXNoLmNwcDoKKyAgICAgICAgKEpTQzo6Q29kZUJsb2NrSGFzaDo6Q29kZUJsb2NrSGFzaCk6 CisKIDIwMjAtMDYtMDUgIFNhYW0gQmFyYXRpICA8c2JhcmF0aUBhcHBsZS5jb20+CiAKICAgICAg ICAgQXVkaXQgc2FmZSB0byBleGVjdXRlCkluZGV4OiBTb3VyY2UvSmF2YVNjcmlwdENvcmUvYnl0 ZWNvZGUvQ29kZUJsb2NrSGFzaC5jcHAKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291cmNlL0phdmFTY3JpcHRD b3JlL2J5dGVjb2RlL0NvZGVCbG9ja0hhc2guY3BwCShyZXZpc2lvbiAyNjI1NzApCisrKyBTb3Vy Y2UvSmF2YVNjcmlwdENvcmUvYnl0ZWNvZGUvQ29kZUJsb2NrSGFzaC5jcHAJKHdvcmtpbmcgY29w eSkKQEAgLTEsNSArMSw1IEBACiAvKgotICogQ29weXJpZ2h0IChDKSAyMDEyLCAyMDEzIEFwcGxl IEluYy4gQWxsIHJpZ2h0cyByZXNlcnZlZC4KKyAqIENvcHlyaWdodCAoQykgMjAxMi0yMDIwIEFw cGxlIEluYy4gQWxsIHJpZ2h0cyByZXNlcnZlZC4KICAqCiAgKiBSZWRpc3RyaWJ1dGlvbiBhbmQg dXNlIGluIHNvdXJjZSBhbmQgYmluYXJ5IGZvcm1zLCB3aXRoIG9yIHdpdGhvdXQKICAqIG1vZGlm aWNhdGlvbiwgYXJlIHBlcm1pdHRlZCBwcm92aWRlZCB0aGF0IHRoZSBmb2xsb3dpbmcgY29uZGl0 aW9ucwpAQCAtNDAsMTEgKzQwLDIzIEBAIENvZGVCbG9ja0hhc2g6OkNvZGVCbG9ja0hhc2goY29u c3QgY2hhcioKIENvZGVCbG9ja0hhc2g6OkNvZGVCbG9ja0hhc2goY29uc3QgU291cmNlQ29kZSYg c291cmNlQ29kZSwgQ29kZVNwZWNpYWxpemF0aW9uS2luZCBraW5kKQogICAgIDogbV9oYXNoKDAp CiB7Ci0gICAgU0hBMSBzaGExOwotICAgIHNoYTEuYWRkQnl0ZXMoc291cmNlQ29kZS50b1VURjgo KSk7Ci0gICAgU0hBMTo6RGlnZXN0IGRpZ2VzdDsKLSAgICBzaGExLmNvbXB1dGVIYXNoKGRpZ2Vz dCk7Ci0gICAgbV9oYXNoID0gZGlnZXN0WzBdIHwgKGRpZ2VzdFsxXSA8PCA4KSB8IChkaWdlc3Rb Ml0gPDwgMTYpIHwgKGRpZ2VzdFszXSA8PCAyNCk7CisgICAgLy8gVGhlIG1heFNvdXJjZUNvZGVM ZW5ndGhUb0hhc2ggaXMgYSBoZXVyaXN0aWMgdG8gYXZvaWQgY3Jhc2hpbmcgZnV6emVycworICAg IC8vIGR1ZSB0byByZXNvdXJjZSBleGhhdXN0aW9uLiBUaGlzIGlzIE9LIHRvIGRvIGJlY2F1c2U6 CisgICAgLy8gMS4gQ29kZUJsb2NrSGFzaCBpcyBub3QgYSBjcml0aWNhbCBoYXNoLgorICAgIC8v IDIuIEluIHByYWN0aWNlLCByZWFzb25hYmxlIHNvdXJjZSBjb2RlIGFyZSBub3QgNTAwIE1CIG9y IG1vcmUgbG9uZy4KKyAgICAvLyAzLiBBbmQgaWYgdGhleSBhcmUgdGhhdCBsb25nLCB0aGVuIHdl IGFyZSBzdGlsbCBkaXZlcnNpZnlpbmcgdGhlIGhhc2ggb24KKyAgICAvLyAgICB0aGVpciBsZW5n dGguIEJ1dCBpZiB0aGV5IGRvIGNvbGxpZGUsIGl0J3MgT0suCisgICAgLy8gVGhlIG9ubHkgaW52 YXJpYW50IGhlcmUgaXMgdGhhdCB3ZSBzaG91bGQgYWx3YXlzIHByb2R1Y2UgdGhlIHNhbWUgaGFz aAorICAgIC8vIGZvciB0aGUgc2FtZSBzb3VyY2Ugc3RyaW5nLiBUaGUgYWxnb3JpdGhtIGJlbG93 IGFjaGlldmVzIHRoYXQuCisgICAgY29uc3RleHByIGludCBtYXhTb3VyY2VDb2RlTGVuZ3RoVG9I YXNoID0gNTAwICogTUI7CisgICAgaWYgKHNvdXJjZUNvZGUubGVuZ3RoKCkgPCBtYXhTb3VyY2VD b2RlTGVuZ3RoVG9IYXNoKSB7CisgICAgICAgIFNIQTEgc2hhMTsKKyAgICAgICAgc2hhMS5hZGRC eXRlcyhzb3VyY2VDb2RlLnRvVVRGOCgpKTsKKyAgICAgICAgU0hBMTo6RGlnZXN0IGRpZ2VzdDsK KyAgICAgICAgc2hhMS5jb21wdXRlSGFzaChkaWdlc3QpOworICAgICAgICBtX2hhc2ggPSBkaWdl c3RbMF0gfCAoZGlnZXN0WzFdIDw8IDgpIHwgKGRpZ2VzdFsyXSA8PCAxNikgfCAoZGlnZXN0WzNd IDw8IDI0KTsKKyAgICB9IGVsc2UKKyAgICAgICAgbV9oYXNoID0gc291cmNlQ29kZS5sZW5ndGgo KSBeIDB4MmQ1YTkzZDA7CiAKICAgICBpZiAobV9oYXNoID09IDAgfHwgbV9oYXNoID09IDEpCiAg ICAgICAgIG1faGFzaCArPSAweDJkNWE5M2QwOyAvLyBFbnN1cmVzIGEgbm9uLXplcm8gaGFzaCwg YW5kIGdldHMgdXMgI0F6ZXJvMCBmb3IgQ29kZUZvckNhbGwgYW5kICNBemVybzEgZm9yIENvZGVG b3JDb25zdHJ1Y3QuCg== 401204 2020-06-05 15:03:22 -0700 2020-06-05 15:06:21 -0700 proposed patch. bug-212847.patch text/plain 4237 mark.lam SW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291 cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gMjYyNjUyKQorKysgU291cmNl L0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDI4IEBA CisyMDIwLTA2LTA1ICBNYXJrIExhbSAgPG1hcmsubGFtQGFwcGxlLmNvbT4KKworICAgICAgICBN YWtlIENvZGVCbG9ja0hhc2ggcm9idXN0IGFnYWluc3QgdW5yZWFzb25hYmx5IGxvbmcgc291cmNl IGNvZGUuCisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0y MTI4NDcKKyAgICAgICAgPHJkYXI6Ly9wcm9ibGVtLzY0MDI0Mjc5PgorCisgICAgICAgIFJldmll d2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIFRoaXMgcGF0Y2ggYWRkcyBhIGhldXJp c3RpYyB0byBhdm9pZCB0cnlpbmcgdG8gY29tcHV0ZSB0aGUgQ29kZUJsb2NrSGFzaCBvbgorICAg ICAgICB1bnJlYXNvbmFibHkgbG9uZyBzb3VyY2UgY29kZSBzdHJpbmdzLiAgVGhpcyBpcyBkb25l IGJ5IGZpcnN0IGFwcGx5aW5nIGEgbGVuZ3RoCisgICAgICAgIGNoZWNrIGFuZCwgaWYgbmVlZGVk LCBjb21wdXRpbmcgdGhlIGhhc2ggd2l0aCBhbiBhbHRlcm5hdGUgbWV0aG9kLgorCisgICAgICAg IFRoaXMgaXMgT0sgdG8gZG8gYmVjYXVzZToKKyAgICAgICAgMS4gQ29kZUJsb2NrSGFzaCBpcyBu b3QgYSBjcml0aWNhbCBoYXNoLgorICAgICAgICAyLiBJbiBwcmFjdGljZSwgcmVhc29uYWJsZSBz b3VyY2UgY29kZSBhcmUgbm90IHRoYXQgbG9uZy4KKyAgICAgICAgMy4gQW5kIGlmIHRoZXkgYXJl IHRoYXQgbG9uZywgdGhlbiB3ZSBhcmUgc3RpbGwgZGl2ZXJzaWZ5aW5nIHRoZSBoYXNoIG9uIHRo ZWlyCisgICAgICAgICAgIGxlbmd0aC4gQnV0IGlmIHRoZXkgZG8gY29sbGlkZSwgaXQncyBPSy4K KworICAgICAgICBUaGUgb25seSBpbnZhcmlhbnQgaGVyZSBpcyB0aGF0IHdlIHNob3VsZCBhbHdh eXMgcHJvZHVjZSB0aGUgc2FtZSBoYXNoIGZvciB0aGUKKyAgICAgICAgc2FtZSBzb3VyY2Ugc3Ry aW5nLiAgU2luY2UgdGhlIGFsZ29yaXRobSBpcyBkZXRlcm1pbmlzdGljLCB0aGlzIGludmFyaWFu dCBpcyBub3QKKyAgICAgICAgdmlvbGF0ZWQuCisKKyAgICAgICAgKiBieXRlY29kZS9Db2RlQmxv Y2tIYXNoLmNwcDoKKyAgICAgICAgKEpTQzo6Q29kZUJsb2NrSGFzaDo6Q29kZUJsb2NrSGFzaCk6 CisKIDIwMjAtMDYtMDUgIFNhYW0gQmFyYXRpICA8c2JhcmF0aUBhcHBsZS5jb20+CiAKICAgICAg ICAgQXVkaXQgc2FmZSB0byBleGVjdXRlCkluZGV4OiBTb3VyY2UvSmF2YVNjcmlwdENvcmUvYnl0 ZWNvZGUvQ29kZUJsb2NrSGFzaC5jcHAKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291cmNlL0phdmFTY3JpcHRD b3JlL2J5dGVjb2RlL0NvZGVCbG9ja0hhc2guY3BwCShyZXZpc2lvbiAyNjI1NzApCisrKyBTb3Vy Y2UvSmF2YVNjcmlwdENvcmUvYnl0ZWNvZGUvQ29kZUJsb2NrSGFzaC5jcHAJKHdvcmtpbmcgY29w eSkKQEAgLTEsNSArMSw1IEBACiAvKgotICogQ29weXJpZ2h0IChDKSAyMDEyLCAyMDEzIEFwcGxl IEluYy4gQWxsIHJpZ2h0cyByZXNlcnZlZC4KKyAqIENvcHlyaWdodCAoQykgMjAxMi0yMDIwIEFw cGxlIEluYy4gQWxsIHJpZ2h0cyByZXNlcnZlZC4KICAqCiAgKiBSZWRpc3RyaWJ1dGlvbiBhbmQg dXNlIGluIHNvdXJjZSBhbmQgYmluYXJ5IGZvcm1zLCB3aXRoIG9yIHdpdGhvdXQKICAqIG1vZGlm aWNhdGlvbiwgYXJlIHBlcm1pdHRlZCBwcm92aWRlZCB0aGF0IHRoZSBmb2xsb3dpbmcgY29uZGl0 aW9ucwpAQCAtNDAsMTEgKzQwLDQyIEBAIENvZGVCbG9ja0hhc2g6OkNvZGVCbG9ja0hhc2goY29u c3QgY2hhcioKIENvZGVCbG9ja0hhc2g6OkNvZGVCbG9ja0hhc2goY29uc3QgU291cmNlQ29kZSYg c291cmNlQ29kZSwgQ29kZVNwZWNpYWxpemF0aW9uS2luZCBraW5kKQogICAgIDogbV9oYXNoKDAp CiB7Ci0gICAgU0hBMSBzaGExOwotICAgIHNoYTEuYWRkQnl0ZXMoc291cmNlQ29kZS50b1VURjgo KSk7Ci0gICAgU0hBMTo6RGlnZXN0IGRpZ2VzdDsKLSAgICBzaGExLmNvbXB1dGVIYXNoKGRpZ2Vz dCk7Ci0gICAgbV9oYXNoID0gZGlnZXN0WzBdIHwgKGRpZ2VzdFsxXSA8PCA4KSB8IChkaWdlc3Rb Ml0gPDwgMTYpIHwgKGRpZ2VzdFszXSA8PCAyNCk7CisgICAgLy8gVGhlIG1heFNvdXJjZUNvZGVM ZW5ndGhUb0hhc2ggaXMgYSBoZXVyaXN0aWMgdG8gYXZvaWQgY3Jhc2hpbmcgZnV6emVycworICAg IC8vIGR1ZSB0byByZXNvdXJjZSBleGhhdXN0aW9uLiBUaGlzIGlzIE9LIHRvIGRvIGJlY2F1c2U6 CisgICAgLy8gMS4gQ29kZUJsb2NrSGFzaCBpcyBub3QgYSBjcml0aWNhbCBoYXNoLgorICAgIC8v IDIuIEluIHByYWN0aWNlLCByZWFzb25hYmxlIHNvdXJjZSBjb2RlIGFyZSBub3QgNTAwIE1CIG9y IG1vcmUgbG9uZy4KKyAgICAvLyAzLiBBbmQgaWYgdGhleSBhcmUgdGhhdCBsb25nLCB0aGVuIHdl IGFyZSBzdGlsbCBkaXZlcnNpZnlpbmcgdGhlIGhhc2ggb24KKyAgICAvLyAgICB0aGVpciBsZW5n dGguIEJ1dCBpZiB0aGV5IGRvIGNvbGxpZGUsIGl0J3MgT0suCisgICAgLy8gVGhlIG9ubHkgaW52 YXJpYW50IGhlcmUgaXMgdGhhdCB3ZSBzaG91bGQgYWx3YXlzIHByb2R1Y2UgdGhlIHNhbWUgaGFz aAorICAgIC8vIGZvciB0aGUgc2FtZSBzb3VyY2Ugc3RyaW5nLiBUaGUgYWxnb3JpdGhtIGJlbG93 IGFjaGlldmVzIHRoYXQuCisgICAgQVNTRVJUKHNvdXJjZUNvZGUubGVuZ3RoKCkgPj0gMCk7Cisg ICAgY29uc3RleHByIHVuc2lnbmVkIG1heFNvdXJjZUNvZGVMZW5ndGhUb0hhc2ggPSA1MDAgKiBN QjsKKyAgICBpZiAoc3RhdGljX2Nhc3Q8dW5zaWduZWQ+KHNvdXJjZUNvZGUubGVuZ3RoKCkpIDwg bWF4U291cmNlQ29kZUxlbmd0aFRvSGFzaCkgeworICAgICAgICBTSEExIHNoYTE7CisgICAgICAg IHNoYTEuYWRkQnl0ZXMoc291cmNlQ29kZS50b1VURjgoKSk7CisgICAgICAgIFNIQTE6OkRpZ2Vz dCBkaWdlc3Q7CisgICAgICAgIHNoYTEuY29tcHV0ZUhhc2goZGlnZXN0KTsKKyAgICAgICAgbV9o YXNoID0gZGlnZXN0WzBdIHwgKGRpZ2VzdFsxXSA8PCA4KSB8IChkaWdlc3RbMl0gPDwgMTYpIHwg KGRpZ2VzdFszXSA8PCAyNCk7CisgICAgfSBlbHNlIHsKKyAgICAgICAgLy8gSnVzdCBoYXNoIHdp dGggdGhlIGxlbmd0aCBhbmQgc2FtcGxlcyBvZiB0aGUgc291cmNlIHN0cmluZyBpbnN0ZWFkLgor ICAgICAgICBTdHJpbmdWaWV3IHN0ciA9IHNvdXJjZUNvZGUucHJvdmlkZXIoKS0+c291cmNlKCk7 CisgICAgICAgIHVuc2lnbmVkIGluZGV4ID0gMDsKKyAgICAgICAgdW5zaWduZWQgbGVuZ3RoID0g c291cmNlQ29kZS5sZW5ndGgoKTsKKyAgICAgICAgU0hBMSBzaGExOworICAgICAgICBzaGExLmFk ZEJ5dGVzKGJpdHdpc2VfY2FzdDx1aW50OF90Kj4oJmxlbmd0aCksIHNpemVvZihsZW5ndGgpKTsK KyAgICAgICAgZG8geworICAgICAgICAgICAgVUNoYXIgY2hhcmFjdGVyID0gc3RyW2luZGV4XTsK KyAgICAgICAgICAgIHNoYTEuYWRkQnl0ZXMoYml0d2lzZV9jYXN0PHVpbnQ4X3QqPigmY2hhcmFj dGVyKSwgc2l6ZW9mKGNoYXJhY3RlcikpOworICAgICAgICAgICAgdW5zaWduZWQgbmV3SW5kZXgg PSAoaW5kZXggPDwgMikgKyAxOworICAgICAgICAgICAgaWYgKG5ld0luZGV4IDwgaW5kZXgpCisg ICAgICAgICAgICAgICAgYnJlYWs7CisgICAgICAgICAgICBpbmRleCA9IG5ld0luZGV4OworICAg ICAgICB9IHdoaWxlIChpbmRleCA8IGxlbmd0aCk7CisKKyAgICAgICAgU0hBMTo6RGlnZXN0IGRp Z2VzdDsKKyAgICAgICAgc2hhMS5jb21wdXRlSGFzaChkaWdlc3QpOworICAgICAgICBtX2hhc2gg PSBkaWdlc3RbMF0gfCAoZGlnZXN0WzFdIDw8IDgpIHwgKGRpZ2VzdFsyXSA8PCAxNikgfCAoZGln ZXN0WzNdIDw8IDI0KTsKKyAgICB9CiAKICAgICBpZiAobV9oYXNoID09IDAgfHwgbV9oYXNoID09 IDEpCiAgICAgICAgIG1faGFzaCArPSAweDJkNWE5M2QwOyAvLyBFbnN1cmVzIGEgbm9uLXplcm8g aGFzaCwgYW5kIGdldHMgdXMgI0F6ZXJvMCBmb3IgQ29kZUZvckNhbGwgYW5kICNBemVybzEgZm9y IENvZGVGb3JDb25zdHJ1Y3QuCg== 401210 2020-06-05 15:48:34 -0700 2020-06-06 07:11:52 -0700 proposed patch. bug-212847.patch text/plain 3641 mark.lam SW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291 cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gMjYyNjUyKQorKysgU291cmNl L0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDI4IEBA CisyMDIwLTA2LTA1ICBNYXJrIExhbSAgPG1hcmsubGFtQGFwcGxlLmNvbT4KKworICAgICAgICBN YWtlIENvZGVCbG9ja0hhc2ggcm9idXN0IGFnYWluc3QgdW5yZWFzb25hYmx5IGxvbmcgc291cmNl IGNvZGUuCisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0y MTI4NDcKKyAgICAgICAgPHJkYXI6Ly9wcm9ibGVtLzY0MDI0Mjc5PgorCisgICAgICAgIFJldmll d2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIFRoaXMgcGF0Y2ggYWRkcyBhIGhldXJp c3RpYyB0byBhdm9pZCB0cnlpbmcgdG8gY29tcHV0ZSB0aGUgQ29kZUJsb2NrSGFzaCBvbgorICAg ICAgICB1bnJlYXNvbmFibHkgbG9uZyBzb3VyY2UgY29kZSBzdHJpbmdzLiAgVGhpcyBpcyBkb25l IGJ5IGZpcnN0IGFwcGx5aW5nIGEgbGVuZ3RoCisgICAgICAgIGNoZWNrIGFuZCwgaWYgbmVlZGVk LCBjb21wdXRpbmcgdGhlIGhhc2ggd2l0aCBhbiBhbHRlcm5hdGUgbWV0aG9kLgorCisgICAgICAg IFRoaXMgaXMgT0sgdG8gZG8gYmVjYXVzZToKKyAgICAgICAgMS4gQ29kZUJsb2NrSGFzaCBpcyBu b3QgYSBjcml0aWNhbCBoYXNoLgorICAgICAgICAyLiBJbiBwcmFjdGljZSwgcmVhc29uYWJsZSBz b3VyY2UgY29kZSBhcmUgbm90IHRoYXQgbG9uZy4KKyAgICAgICAgMy4gQW5kIGlmIHRoZXkgYXJl IHRoYXQgbG9uZywgdGhlbiB3ZSBhcmUgc3RpbGwgZGl2ZXJzaWZ5aW5nIHRoZSBoYXNoIG9uIHRo ZWlyCisgICAgICAgICAgIGxlbmd0aC4gQnV0IGlmIHRoZXkgZG8gY29sbGlkZSwgaXQncyBPSy4K KworICAgICAgICBUaGUgb25seSBpbnZhcmlhbnQgaGVyZSBpcyB0aGF0IHdlIHNob3VsZCBhbHdh eXMgcHJvZHVjZSB0aGUgc2FtZSBoYXNoIGZvciB0aGUKKyAgICAgICAgc2FtZSBzb3VyY2Ugc3Ry aW5nLiAgU2luY2UgdGhlIGFsZ29yaXRobSBpcyBkZXRlcm1pbmlzdGljLCB0aGlzIGludmFyaWFu dCBpcyBub3QKKyAgICAgICAgdmlvbGF0ZWQuCisKKyAgICAgICAgKiBieXRlY29kZS9Db2RlQmxv Y2tIYXNoLmNwcDoKKyAgICAgICAgKEpTQzo6Q29kZUJsb2NrSGFzaDo6Q29kZUJsb2NrSGFzaCk6 CisKIDIwMjAtMDYtMDUgIFNhYW0gQmFyYXRpICA8c2JhcmF0aUBhcHBsZS5jb20+CiAKICAgICAg ICAgQXVkaXQgc2FmZSB0byBleGVjdXRlCkluZGV4OiBTb3VyY2UvSmF2YVNjcmlwdENvcmUvYnl0 ZWNvZGUvQ29kZUJsb2NrSGFzaC5jcHAKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291cmNlL0phdmFTY3JpcHRD b3JlL2J5dGVjb2RlL0NvZGVCbG9ja0hhc2guY3BwCShyZXZpc2lvbiAyNjI1NzApCisrKyBTb3Vy Y2UvSmF2YVNjcmlwdENvcmUvYnl0ZWNvZGUvQ29kZUJsb2NrSGFzaC5jcHAJKHdvcmtpbmcgY29w eSkKQEAgLTEsNSArMSw1IEBACiAvKgotICogQ29weXJpZ2h0IChDKSAyMDEyLCAyMDEzIEFwcGxl IEluYy4gQWxsIHJpZ2h0cyByZXNlcnZlZC4KKyAqIENvcHlyaWdodCAoQykgMjAxMi0yMDIwIEFw cGxlIEluYy4gQWxsIHJpZ2h0cyByZXNlcnZlZC4KICAqCiAgKiBSZWRpc3RyaWJ1dGlvbiBhbmQg dXNlIGluIHNvdXJjZSBhbmQgYmluYXJ5IGZvcm1zLCB3aXRoIG9yIHdpdGhvdXQKICAqIG1vZGlm aWNhdGlvbiwgYXJlIHBlcm1pdHRlZCBwcm92aWRlZCB0aGF0IHRoZSBmb2xsb3dpbmcgY29uZGl0 aW9ucwpAQCAtNDEsNyArNDEsMzYgQEAgQ29kZUJsb2NrSGFzaDo6Q29kZUJsb2NrSGFzaChjb25z dCBTb3VyYwogICAgIDogbV9oYXNoKDApCiB7CiAgICAgU0hBMSBzaGExOwotICAgIHNoYTEuYWRk Qnl0ZXMoc291cmNlQ29kZS50b1VURjgoKSk7CisKKyAgICAvLyBUaGUgbWF4U291cmNlQ29kZUxl bmd0aFRvSGFzaCBpcyBhIGhldXJpc3RpYyB0byBhdm9pZCBjcmFzaGluZyBmdXp6ZXJzCisgICAg Ly8gZHVlIHRvIHJlc291cmNlIGV4aGF1c3Rpb24uIFRoaXMgaXMgT0sgdG8gZG8gYmVjYXVzZToK KyAgICAvLyAxLiBDb2RlQmxvY2tIYXNoIGlzIG5vdCBhIGNyaXRpY2FsIGhhc2guCisgICAgLy8g Mi4gSW4gcHJhY3RpY2UsIHJlYXNvbmFibGUgc291cmNlIGNvZGUgYXJlIG5vdCA1MDAgTUIgb3Ig bW9yZSBsb25nLgorICAgIC8vIDMuIEFuZCBpZiB0aGV5IGFyZSB0aGF0IGxvbmcsIHRoZW4gd2Ug YXJlIHN0aWxsIGRpdmVyc2lmeWluZyB0aGUgaGFzaCBvbgorICAgIC8vICAgIHRoZWlyIGxlbmd0 aC4gQnV0IGlmIHRoZXkgZG8gY29sbGlkZSwgaXQncyBPSy4KKyAgICAvLyBUaGUgb25seSBpbnZh cmlhbnQgaGVyZSBpcyB0aGF0IHdlIHNob3VsZCBhbHdheXMgcHJvZHVjZSB0aGUgc2FtZSBoYXNo CisgICAgLy8gZm9yIHRoZSBzYW1lIHNvdXJjZSBzdHJpbmcuIFRoZSBhbGdvcml0aG0gYmVsb3cg YWNoaWV2ZXMgdGhhdC4KKyAgICBBU1NFUlQoc291cmNlQ29kZS5sZW5ndGgoKSA+PSAwKTsKKyAg ICBjb25zdGV4cHIgdW5zaWduZWQgbWF4U291cmNlQ29kZUxlbmd0aFRvSGFzaCA9IDUwMCAqIE1C OworICAgIGlmIChzdGF0aWNfY2FzdDx1bnNpZ25lZD4oc291cmNlQ29kZS5sZW5ndGgoKSkgPCBt YXhTb3VyY2VDb2RlTGVuZ3RoVG9IYXNoKQorICAgICAgICBzaGExLmFkZEJ5dGVzKHNvdXJjZUNv ZGUudG9VVEY4KCkpOworICAgIGVsc2UgeworICAgICAgICAvLyBKdXN0IGhhc2ggd2l0aCB0aGUg bGVuZ3RoIGFuZCBzYW1wbGVzIG9mIHRoZSBzb3VyY2Ugc3RyaW5nIGluc3RlYWQuCisgICAgICAg IFN0cmluZ1ZpZXcgc3RyID0gc291cmNlQ29kZS5wcm92aWRlcigpLT5zb3VyY2UoKTsKKyAgICAg ICAgdW5zaWduZWQgaW5kZXggPSAwOworICAgICAgICB1bnNpZ25lZCBvbGRJbmRleCA9IDA7Cisg ICAgICAgIHVuc2lnbmVkIGxlbmd0aCA9IHN0ci5sZW5ndGgoKTsKKyAgICAgICAgdW5zaWduZWQg c3RlcCA9IChsZW5ndGggPj4gMTApICsgMTsKKworICAgICAgICBzaGExLmFkZEJ5dGVzKGJpdHdp c2VfY2FzdDx1aW50OF90Kj4oJmxlbmd0aCksIHNpemVvZihsZW5ndGgpKTsKKyAgICAgICAgZG8g eworICAgICAgICAgICAgVUNoYXIgY2hhcmFjdGVyID0gc3RyW2luZGV4XTsKKyAgICAgICAgICAg IHNoYTEuYWRkQnl0ZXMoYml0d2lzZV9jYXN0PHVpbnQ4X3QqPigmY2hhcmFjdGVyKSwgc2l6ZW9m KGNoYXJhY3RlcikpOworICAgICAgICAgICAgb2xkSW5kZXggPSBpbmRleDsKKyAgICAgICAgICAg IGluZGV4ICs9IHN0ZXA7CisgICAgICAgIH0gd2hpbGUgKGluZGV4ID4gb2xkSW5kZXggJiYgaW5k ZXggPCBsZW5ndGgpOworICAgIH0KKwogICAgIFNIQTE6OkRpZ2VzdCBkaWdlc3Q7CiAgICAgc2hh MS5jb21wdXRlSGFzaChkaWdlc3QpOwogICAgIG1faGFzaCA9IGRpZ2VzdFswXSB8IChkaWdlc3Rb MV0gPDwgOCkgfCAoZGlnZXN0WzJdIDw8IDE2KSB8IChkaWdlc3RbM10gPDwgMjQpOwo=