222340 2021-02-23 18:42:51 -0800 Streamline ImageData size calculations and handle out-of-memory 2021-02-25 13:10:49 -0800 1 1 1 Unclassified WebKit Images WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 darin darin cdumez changseok esprehn+autocc ews-watchlist ggaren gyuyoung.kim webkit-bug-importer oldest_to_newest 1732765 0 darin 2021-02-23 18:42:51 -0800 Streamline ImageData size calculations and handle out-of-memory 1732927 1 421418 darin 2021-02-24 09:57:13 -0800 Created attachment 421418 Patch 1732928 2 darin 2021-02-24 09:57:47 -0800 rdar://72090831 1732943 3 421418 ggaren 2021-02-24 10:18:43 -0800 Comment on attachment 421418 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=421418&action=review r=me > Source/WebCore/html/ImageData.cpp:69 > RefPtr<ImageData> ImageData::create(const IntSize& size) > { > - Checked<int, RecordOverflow> dataSize = 4; > - dataSize *= size.width(); > - dataSize *= size.height(); > + auto dataSize = ImageData::dataSize(size); > if (dataSize.hasOverflowed()) > return nullptr; > - > - return adoptRef(*new ImageData(size)); > + return adoptRef(*new ImageData(size, Uint8ClampedArray::createUninitialized(dataSize.unsafeGet()))); > } It's kind of funny that this function will safely return null on absurd sizes that overflow, but crash on more modest sizes that trigger allocation failure. Should we crash on overflow too? Or return null on allocation failure instead? 1732952 4 421418 darin 2021-02-24 10:32:21 -0800 Comment on attachment 421418 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=421418&action=review >> Source/WebCore/html/ImageData.cpp:69 >> } > > It's kind of funny that this function will safely return null on absurd sizes that overflow, but crash on more modest sizes that trigger allocation failure. Should we crash on overflow too? Or return null on allocation failure instead? Those thoughts occurred to me, too. I wasn’t sure enough about where and how this function is used to make a good decision. Let me research that now. 1732996 5 421418 darin 2021-02-24 11:28:44 -0800 Comment on attachment 421418 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=421418&action=review >>> Source/WebCore/html/ImageData.cpp:69 >>> } >> >> It's kind of funny that this function will safely return null on absurd sizes that overflow, but crash on more modest sizes that trigger allocation failure. Should we crash on overflow too? Or return null on allocation failure instead? > > Those thoughts occurred to me, too. I wasn’t sure enough about where and how this function is used to make a good decision. Let me research that now. Looking into this has led me down a bit of a rabbit hole. I discovered that CanvasRenderingContext2D calls this in response to calls from JavaScript and thus should be using a create function that can return an exception. That needs to be fixed, which might change the ImageData class interface to add more create functions, or we might just use the JavaScript-friendly one. Maybe it needs a name different from just "create" to make it clear that it tries or to make it clear that it’s for JavaScript-exposed uses. I’m not sure I should make any behavior change to this function in this patch, though. It seems logical that returning nullptr would be OK, but I am not really sure. One of the uses is in SerializedScriptValue, and I’m not sure are what the implications there; probably fine to fail cleanly if out of memory? It might be indirectly JavaScript-exposed? 1733133 6 421418 darin 2021-02-24 16:06:17 -0800 Comment on attachment 421418 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=421418&action=review >>>> Source/WebCore/html/ImageData.cpp:69 >>>> } >>> >>> It's kind of funny that this function will safely return null on absurd sizes that overflow, but crash on more modest sizes that trigger allocation failure. Should we crash on overflow too? Or return null on allocation failure instead? >> >> Those thoughts occurred to me, too. I wasn’t sure enough about where and how this function is used to make a good decision. Let me research that now. > > Looking into this has led me down a bit of a rabbit hole. > > I discovered that CanvasRenderingContext2D calls this in response to calls from JavaScript and thus should be using a create function that can return an exception. That needs to be fixed, which might change the ImageData class interface to add more create functions, or we might just use the JavaScript-friendly one. Maybe it needs a name different from just "create" to make it clear that it tries or to make it clear that it’s for JavaScript-exposed uses. > > I’m not sure I should make any behavior change to this function in this patch, though. It seems logical that returning nullptr would be OK, but I am not really sure. One of the uses is in SerializedScriptValue, and I’m not sure are what the implications there; probably fine to fail cleanly if out of memory? It might be indirectly JavaScript-exposed? Turns out that changing behavior here, to return nullptr, fixes a failing regression test. So I’m going to change as you suggested (your second suggestion, return null). There is still follow up needed to make sure we consistently raise an exception rather than failing silently or returning null in various JavaScript contexts. And I suppose some tiny risk that returning nullptr rather than crashing is worse in some way. 1733140 7 421481 darin 2021-02-24 16:35:04 -0800 Created attachment 421481 Patch 1733472 8 darin 2021-02-25 13:10:49 -0800 Committed r273505 (234582@main): <https://commits.webkit.org/234582@main> 421418 2021-02-24 09:57:13 -0800 2021-02-24 11:49:48 -0800 Patch bug-222340-20210224095712.patch text/plain 5568 darin U3VidmVyc2lvbiBSZXZpc2lvbjogMjczMzU5CmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViQ29yZS9D aGFuZ2VMb2cgYi9Tb3VyY2UvV2ViQ29yZS9DaGFuZ2VMb2cKaW5kZXggZjFhZWE2NTNlMTk5ZGEx ZGFlZTE2ZDFkMDEzZWY3ZDQ3NmNiZWU1My4uOWMzNmVlOTA5ODk1M2VkOWZhNzY5YzE2OTRhZjQx MDg4ZTRlNDJiNiAxMDA2NDQKLS0tIGEvU291cmNlL1dlYkNvcmUvQ2hhbmdlTG9nCisrKyBiL1Nv dXJjZS9XZWJDb3JlL0NoYW5nZUxvZwpAQCAtMSwzICsxLDIxIEBACisyMDIxLTAyLTIzICBEYXJp biBBZGxlciAgPGRhcmluQGFwcGxlLmNvbT4KKworICAgICAgICBTdHJlYW1saW5lIEltYWdlRGF0 YSBzaXplIGNhbGN1bGF0aW9ucyBhbmQgaGFuZGxlIG91dC1vZi1tZW1vcnkKKyAgICAgICAgaHR0 cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTIyMjM0MAorCisgICAgICAgIFJl dmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgICogaHRtbC9JbWFnZURhdGEuY3Bw OgorICAgICAgICAoV2ViQ29yZTo6SW1hZ2VEYXRhOjpkYXRhU2l6ZSk6IEFkZGVkCisgICAgICAg IChXZWJDb3JlOjpJbWFnZURhdGE6OmNyZWF0ZSk6IFVzZSB0aGUgZGF0YVNpemUgZnVuY3Rpb24g Y29uc2lzdGVudGx5IHRvIGNvbXB1dGUKKyAgICAgICAgdGhlIHNpemUgb2YgdGhlIGJ5dGVBcnJh eSBuZWVkZWQuIEluIHRoZSBKYXZhU2NyaXB0LWV4cG9zZWQgY3JlYXRlIGZ1bmN0aW9uLCB1c2UK KyAgICAgICAgdHJ5Q3JlYXRlVW5pbml0aWFsaXplZCBhbmQgdGhyb3cgYW4gZXhjZXB0aW9uIGlm IGl0IGZhaWxzLiBSZW1vdmVkIGFuIHVubmVjZXNzYXJ5CisgICAgICAgIGFzc2VydGlvbiB0aGF0 IHNpbXBseSByZXBlYXRzIHNvbWV0aGluZyBjb3ZlcmVkIGJ5IGFuIGlmIHN0YXRlbWVudCBqdXN0 IGFib3ZlIGl0LgorICAgICAgICAoV2ViQ29yZTo6SW1hZ2VEYXRhOjpJbWFnZVNpemUpOiBSZW1v dmVkIHRoZSBvdmVybG9hZCB0aGF0IG9ubHkgdGFrZXMgYW4gSW50U2l6ZQorICAgICAgICBhbmQg YWxsb2NhdGVzIGEgVWludDhDbGFtcGVkQXJyYXksIG1vdmluZyB0aGF0IGludG8gdGhlIGNyZWF0 ZSBmdW5jdGlvbiBpbnN0ZWFkLgorCisgICAgICAgICogaHRtbC9JbWFnZURhdGEuaDogQWRkZWQg ZGF0YVNpemUsIHJlbW92ZWQgYSBjb25zdHJ1Y3RvciBvdmVybG9hZC4KKwogMjAyMS0wMi0yMyAg RnJlZGVyaWMgV2FuZyAgPGZ3YW5nQGlnYWxpYS5jb20+CiAKICAgICAgICAgTnVsbHB0ciBjcmFz aCBpbiBSZXBsYWNlU2VsZWN0aW9uQ29tbWFuZDo6cmVtb3ZlUmVkdW5kYW50U3R5bGVzQW5kS2Vl cFN0eWxlU3BhbklubGluZQpkaWZmIC0tZ2l0IGEvU291cmNlL1dlYkNvcmUvaHRtbC9JbWFnZURh dGEuY3BwIGIvU291cmNlL1dlYkNvcmUvaHRtbC9JbWFnZURhdGEuY3BwCmluZGV4IGI1ZGZmYTQx OTcyZjRmODc4ZTA1NTZhZDc4MzhiOGNhOTQ5NmJlOTAuLmEyMzM2MGU1MDM4MGIzZGQxYzM5YzVl Njc1MTQ0MzcyMTkyMzg5NDMgMTAwNjQ0Ci0tLSBhL1NvdXJjZS9XZWJDb3JlL2h0bWwvSW1hZ2VE YXRhLmNwcAorKysgYi9Tb3VyY2UvV2ViQ29yZS9odG1sL0ltYWdlRGF0YS5jcHAKQEAgLTEsNSAr MSw1IEBACiAvKgotICogQ29weXJpZ2h0IChDKSAyMDA4LTIwMTYgQXBwbGUgSW5jLiBBbGwgcmln aHRzIHJlc2VydmVkLgorICogQ29weXJpZ2h0IChDKSAyMDA4LTIwMjEgQXBwbGUgSW5jLiBBbGwg cmlnaHRzIHJlc2VydmVkLgogICogQ29weXJpZ2h0IChDKSAyMDE0IEFkb2JlIFN5c3RlbXMgSW5j b3Jwb3JhdGVkLiBBbGwgcmlnaHRzIHJlc2VydmVkLgogICoKICAqIFJlZGlzdHJpYnV0aW9uIGFu ZCB1c2UgaW4gc291cmNlIGFuZCBiaW5hcnkgZm9ybXMsIHdpdGggb3Igd2l0aG91dApAQCAtMzUs NDUgKzM1LDQ0IEBACiAKIG5hbWVzcGFjZSBXZWJDb3JlIHsKIAorQ2hlY2tlZDx1bnNpZ25lZCwg UmVjb3JkT3ZlcmZsb3c+IEltYWdlRGF0YTo6ZGF0YVNpemUoY29uc3QgSW50U2l6ZSYgc2l6ZSkK K3sKKyAgICBDaGVja2VkPHVuc2lnbmVkLCBSZWNvcmRPdmVyZmxvdz4gY2hlY2tlZERhdGFTaXpl ID0gNDsKKyAgICBjaGVja2VkRGF0YVNpemUgKj0gc3RhdGljX2Nhc3Q8dW5zaWduZWQ+KHNpemUu d2lkdGgoKSk7CisgICAgY2hlY2tlZERhdGFTaXplICo9IHN0YXRpY19jYXN0PHVuc2lnbmVkPihz aXplLmhlaWdodCgpKTsKKyAgICByZXR1cm4gY2hlY2tlZERhdGFTaXplOworfQorCiBFeGNlcHRp b25PcjxSZWY8SW1hZ2VEYXRhPj4gSW1hZ2VEYXRhOjpjcmVhdGUodW5zaWduZWQgc3csIHVuc2ln bmVkIHNoKQogewogICAgIGlmICghc3cgfHwgIXNoKQogICAgICAgICByZXR1cm4gRXhjZXB0aW9u IHsgSW5kZXhTaXplRXJyb3IgfTsKLQotICAgIENoZWNrZWQ8aW50LCBSZWNvcmRPdmVyZmxvdz4g ZGF0YVNpemUgPSA0OwotICAgIGRhdGFTaXplICo9IHN3OwotICAgIGRhdGFTaXplICo9IHNoOwor ICAgIEludFNpemUgc2l6ZShzdywgc2gpOworICAgIGF1dG8gZGF0YVNpemUgPSBJbWFnZURhdGE6 OmRhdGFTaXplKHNpemUpOwogICAgIGlmIChkYXRhU2l6ZS5oYXNPdmVyZmxvd2VkKCkpCiAgICAg ICAgIHJldHVybiBFeGNlcHRpb24geyBSYW5nZUVycm9yLCAiQ2Fubm90IGFsbG9jYXRlIGEgYnVm ZmVyIG9mIHRoaXMgc2l6ZSJfcyB9OwotCi0gICAgSW50U2l6ZSBzaXplKHN3LCBzaCk7Ci0gICAg YXV0byBkYXRhID0gYWRvcHRSZWYoKm5ldyBJbWFnZURhdGEoc2l6ZSkpOwotICAgIGRhdGEtPmRh dGEoKS0+emVyb0ZpbGwoKTsKLSAgICByZXR1cm4gZGF0YTsKKyAgICBhdXRvIGJ5dGVBcnJheSA9 IFVpbnQ4Q2xhbXBlZEFycmF5Ojp0cnlDcmVhdGVVbmluaXRpYWxpemVkKGRhdGFTaXplLnVuc2Fm ZUdldCgpKTsKKyAgICBpZiAoIWJ5dGVBcnJheSkgeworICAgICAgICAvLyBGSVhNRTogRG9lcyB0 aGlzIG5lZWQgdG8gYmUgYSAicmVhbCIgb3V0IG9mIG1lbW9yeSBlcnJvciB3aXRoIHNldE91dE9m TWVtb3J5RXJyb3IgY2FsbGVkIG9uIGl0PworICAgICAgICByZXR1cm4gRXhjZXB0aW9uIHsgUmFu Z2VFcnJvciwgIk91dCBvZiBtZW1vcnkiX3MgfTsKKyAgICB9CisgICAgYnl0ZUFycmF5LT56ZXJv RmlsbCgpOworICAgIHJldHVybiBhZG9wdFJlZigqbmV3IEltYWdlRGF0YShzaXplLCBieXRlQXJy YXkucmVsZWFzZU5vbk51bGwoKSkpOwogfQogCiBSZWZQdHI8SW1hZ2VEYXRhPiBJbWFnZURhdGE6 OmNyZWF0ZShjb25zdCBJbnRTaXplJiBzaXplKQogewotICAgIENoZWNrZWQ8aW50LCBSZWNvcmRP dmVyZmxvdz4gZGF0YVNpemUgPSA0OwotICAgIGRhdGFTaXplICo9IHNpemUud2lkdGgoKTsKLSAg ICBkYXRhU2l6ZSAqPSBzaXplLmhlaWdodCgpOworICAgIGF1dG8gZGF0YVNpemUgPSBJbWFnZURh dGE6OmRhdGFTaXplKHNpemUpOwogICAgIGlmIChkYXRhU2l6ZS5oYXNPdmVyZmxvd2VkKCkpCiAg ICAgICAgIHJldHVybiBudWxscHRyOwotCi0gICAgcmV0dXJuIGFkb3B0UmVmKCpuZXcgSW1hZ2VE YXRhKHNpemUpKTsKKyAgICByZXR1cm4gYWRvcHRSZWYoKm5ldyBJbWFnZURhdGEoc2l6ZSwgVWlu dDhDbGFtcGVkQXJyYXk6OmNyZWF0ZVVuaW5pdGlhbGl6ZWQoZGF0YVNpemUudW5zYWZlR2V0KCkp KSk7CiB9CiAKIFJlZlB0cjxJbWFnZURhdGE+IEltYWdlRGF0YTo6Y3JlYXRlKGNvbnN0IEludFNp emUmIHNpemUsIFJlZjxVaW50OENsYW1wZWRBcnJheT4mJiBieXRlQXJyYXkpCiB7Ci0gICAgQ2hl Y2tlZDxpbnQsIFJlY29yZE92ZXJmbG93PiBkYXRhU2l6ZSA9IDQ7Ci0gICAgZGF0YVNpemUgKj0g c2l6ZS53aWR0aCgpOwotICAgIGRhdGFTaXplICo9IHNpemUuaGVpZ2h0KCk7Ci0gICAgaWYgKGRh dGFTaXplLmhhc092ZXJmbG93ZWQoKSkKLSAgICAgICAgcmV0dXJuIG51bGxwdHI7Ci0KLSAgICBp ZiAoZGF0YVNpemUudW5zYWZlR2V0KCkgPCAwIHx8IHN0YXRpY19jYXN0PHVuc2lnbmVkPihkYXRh U2l6ZS51bnNhZmVHZXQoKSkgPiBieXRlQXJyYXktPmxlbmd0aCgpKQorICAgIGF1dG8gZGF0YVNp emUgPSBJbWFnZURhdGE6OmRhdGFTaXplKHNpemUpOworICAgIGlmIChkYXRhU2l6ZS5oYXNPdmVy Zmxvd2VkKCkgfHwgZGF0YVNpemUudW5zYWZlR2V0KCkgPiBieXRlQXJyYXktPmxlbmd0aCgpKQog ICAgICAgICByZXR1cm4gbnVsbHB0cjsKLQogICAgIHJldHVybiBhZG9wdFJlZigqbmV3IEltYWdl RGF0YShzaXplLCBXVEZNb3ZlKGJ5dGVBcnJheSkpKTsKIH0KIApAQCAtODMsNyArODIsNiBAQCBF eGNlcHRpb25PcjxSZWY8SW1hZ2VEYXRhPj4gSW1hZ2VEYXRhOjpjcmVhdGUoUmVmPFVpbnQ4Q2xh bXBlZEFycmF5PiYmIGJ5dGVBcnJheQogICAgIGlmICghbGVuZ3RoIHx8IGxlbmd0aCAlIDQpCiAg ICAgICAgIHJldHVybiBFeGNlcHRpb24geyBJbnZhbGlkU3RhdGVFcnJvciwgIkxlbmd0aCBpcyBu b3QgYSBub24temVybyBtdWx0aXBsZSBvZiA0Il9zIH07CiAKLSAgICBBU1NFUlQobGVuZ3RoID4g MCk7CiAgICAgbGVuZ3RoIC89IDQ7CiAgICAgaWYgKCFzdyB8fCBsZW5ndGggJSBzdykKICAgICAg ICAgcmV0dXJuIEV4Y2VwdGlvbiB7IEluZGV4U2l6ZUVycm9yLCAiTGVuZ3RoIGlzIG5vdCBhIG11 bHRpcGxlIG9mIHN3Il9zIH07CkBAIC05OCwxMiArOTYsNiBAQCBFeGNlcHRpb25PcjxSZWY8SW1h Z2VEYXRhPj4gSW1hZ2VEYXRhOjpjcmVhdGUoUmVmPFVpbnQ4Q2xhbXBlZEFycmF5PiYmIGJ5dGVB cnJheQogICAgIHJldHVybiByZXN1bHQucmVsZWFzZU5vbk51bGwoKTsKIH0KIAotSW1hZ2VEYXRh OjpJbWFnZURhdGEoY29uc3QgSW50U2l6ZSYgc2l6ZSkKLSAgICA6IG1fc2l6ZShzaXplKQotICAg ICwgbV9kYXRhKFVpbnQ4Q2xhbXBlZEFycmF5OjpjcmVhdGVVbmluaXRpYWxpemVkKChzaXplLmFy ZWEoKSAqIDQpLnVuc2FmZUdldCgpKSkKLXsKLX0KLQogSW1hZ2VEYXRhOjpJbWFnZURhdGEoY29u c3QgSW50U2l6ZSYgc2l6ZSwgUmVmPFVpbnQ4Q2xhbXBlZEFycmF5PiYmIGJ5dGVBcnJheSkKICAg ICA6IG1fc2l6ZShzaXplKQogICAgICwgbV9kYXRhKFdURk1vdmUoYnl0ZUFycmF5KSkKZGlmZiAt LWdpdCBhL1NvdXJjZS9XZWJDb3JlL2h0bWwvSW1hZ2VEYXRhLmggYi9Tb3VyY2UvV2ViQ29yZS9o dG1sL0ltYWdlRGF0YS5oCmluZGV4IDg4ZGYwYzQ1NWY3YWVmMmJiMjA3ZGM1NjU0YjdkZmViYTFm YjhiNjQuLjUwMmUwNGM0ZGJlNzE2MjJjMzRkN2VmYmZmYzY3NDRlZTcyMzI4YWMgMTAwNjQ0Ci0t LSBhL1NvdXJjZS9XZWJDb3JlL2h0bWwvSW1hZ2VEYXRhLmgKKysrIGIvU291cmNlL1dlYkNvcmUv aHRtbC9JbWFnZURhdGEuaApAQCAtNTEsOCArNTEsOCBAQCBwdWJsaWM6CiAgICAgUmVmPEltYWdl RGF0YT4gZGVlcENsb25lKCkgY29uc3Q7CiAKIHByaXZhdGU6Ci0gICAgZXhwbGljaXQgSW1hZ2VE YXRhKGNvbnN0IEludFNpemUmKTsKICAgICBJbWFnZURhdGEoY29uc3QgSW50U2l6ZSYsIFJlZjxV aW50OENsYW1wZWRBcnJheT4mJik7CisgICAgc3RhdGljIENoZWNrZWQ8dW5zaWduZWQsIFJlY29y ZE92ZXJmbG93PiBkYXRhU2l6ZShjb25zdCBJbnRTaXplJik7CiAKICAgICBJbnRTaXplIG1fc2l6 ZTsKICAgICBSZWY8VWludDhDbGFtcGVkQXJyYXk+IG1fZGF0YTsK 421481 2021-02-24 16:35:04 -0800 2021-02-24 16:35:04 -0800 Patch bug-222340-20210224163503.patch text/plain 5623 darin U3VidmVyc2lvbiBSZXZpc2lvbjogMjczNDUzCmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViQ29yZS9D aGFuZ2VMb2cgYi9Tb3VyY2UvV2ViQ29yZS9DaGFuZ2VMb2cKaW5kZXggMTkwNjYxYjEwMWFiNDU5 OWJiODkyN2RhZjZjNTlkOWJkNDUwYjVmNi4uODYzOTYwMTcwN2JiNjc5NGQ0OWRiMjk2ZmY3ZmMz M2JlZmU5Y2U1NSAxMDA2NDQKLS0tIGEvU291cmNlL1dlYkNvcmUvQ2hhbmdlTG9nCisrKyBiL1Nv dXJjZS9XZWJDb3JlL0NoYW5nZUxvZwpAQCAtMSwzICsxLDIxIEBACisyMDIxLTAyLTIzICBEYXJp biBBZGxlciAgPGRhcmluQGFwcGxlLmNvbT4KKworICAgICAgICBTdHJlYW1saW5lIEltYWdlRGF0 YSBzaXplIGNhbGN1bGF0aW9ucyBhbmQgaGFuZGxlIG91dC1vZi1tZW1vcnkKKyAgICAgICAgaHR0 cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTIyMjM0MAorCisgICAgICAgIFJl dmlld2VkIGJ5IEdlb2ZmIEdhcmVuLgorCisgICAgICAgICogaHRtbC9JbWFnZURhdGEuY3BwOgor ICAgICAgICAoV2ViQ29yZTo6SW1hZ2VEYXRhOjpkYXRhU2l6ZSk6IEFkZGVkCisgICAgICAgIChX ZWJDb3JlOjpJbWFnZURhdGE6OmNyZWF0ZSk6IFVzZSB0aGUgZGF0YVNpemUgZnVuY3Rpb24gY29u c2lzdGVudGx5IHRvIGNvbXB1dGUKKyAgICAgICAgdGhlIHNpemUgb2YgdGhlIGJ5dGVBcnJheSBu ZWVkZWQuIEluIHRoZSBKYXZhU2NyaXB0LWV4cG9zZWQgY3JlYXRlIGZ1bmN0aW9uLCB1c2UKKyAg ICAgICAgdHJ5Q3JlYXRlVW5pbml0aWFsaXplZCBhbmQgdGhyb3cgYW4gZXhjZXB0aW9uIGlmIGl0 IGZhaWxzLiBSZW1vdmVkIGFuIHVubmVjZXNzYXJ5CisgICAgICAgIGFzc2VydGlvbiB0aGF0IHNp bXBseSByZXBlYXRzIHNvbWV0aGluZyBjb3ZlcmVkIGJ5IGFuIGlmIHN0YXRlbWVudCBqdXN0IGFi b3ZlIGl0LgorICAgICAgICAoV2ViQ29yZTo6SW1hZ2VEYXRhOjpJbWFnZVNpemUpOiBSZW1vdmVk IHRoZSBvdmVybG9hZCB0aGF0IG9ubHkgdGFrZXMgYW4gSW50U2l6ZQorICAgICAgICBhbmQgYWxs b2NhdGVzIGEgVWludDhDbGFtcGVkQXJyYXksIG1vdmluZyB0aGF0IGludG8gdGhlIGNyZWF0ZSBm dW5jdGlvbiBpbnN0ZWFkLgorCisgICAgICAgICogaHRtbC9JbWFnZURhdGEuaDogQWRkZWQgZGF0 YVNpemUsIHJlbW92ZWQgYSBjb25zdHJ1Y3RvciBvdmVybG9hZC4KKwogMjAyMS0wMi0yNCAgQ2hy aXMgRHVtZXogIDxjZHVtZXpAYXBwbGUuY29tPgogCiAgICAgICAgIFVucmV2aWV3ZWQsIGZpeCBi dWlsZCB3aXRoIHRoZSBsYXRlc3QgaU9TIFNESy4KZGlmZiAtLWdpdCBhL1NvdXJjZS9XZWJDb3Jl L2h0bWwvSW1hZ2VEYXRhLmNwcCBiL1NvdXJjZS9XZWJDb3JlL2h0bWwvSW1hZ2VEYXRhLmNwcApp bmRleCBiNWRmZmE0MTk3MmY0Zjg3OGUwNTU2YWQ3ODM4YjhjYTk0OTZiZTkwLi44YzBkYzM5ZDVk YTc4ZjIxNDU0NjUwYzMwZDRlYjg4NWEwNzM5OWQ2IDEwMDY0NAotLS0gYS9Tb3VyY2UvV2ViQ29y ZS9odG1sL0ltYWdlRGF0YS5jcHAKKysrIGIvU291cmNlL1dlYkNvcmUvaHRtbC9JbWFnZURhdGEu Y3BwCkBAIC0xLDUgKzEsNSBAQAogLyoKLSAqIENvcHlyaWdodCAoQykgMjAwOC0yMDE2IEFwcGxl IEluYy4gQWxsIHJpZ2h0cyByZXNlcnZlZC4KKyAqIENvcHlyaWdodCAoQykgMjAwOC0yMDIxIEFw cGxlIEluYy4gQWxsIHJpZ2h0cyByZXNlcnZlZC4KICAqIENvcHlyaWdodCAoQykgMjAxNCBBZG9i ZSBTeXN0ZW1zIEluY29ycG9yYXRlZC4gQWxsIHJpZ2h0cyByZXNlcnZlZC4KICAqCiAgKiBSZWRp c3RyaWJ1dGlvbiBhbmQgdXNlIGluIHNvdXJjZSBhbmQgYmluYXJ5IGZvcm1zLCB3aXRoIG9yIHdp dGhvdXQKQEAgLTM1LDQ1ICszNSw0NyBAQAogCiBuYW1lc3BhY2UgV2ViQ29yZSB7CiAKK0NoZWNr ZWQ8dW5zaWduZWQsIFJlY29yZE92ZXJmbG93PiBJbWFnZURhdGE6OmRhdGFTaXplKGNvbnN0IElu dFNpemUmIHNpemUpCit7CisgICAgQ2hlY2tlZDx1bnNpZ25lZCwgUmVjb3JkT3ZlcmZsb3c+IGNo ZWNrZWREYXRhU2l6ZSA9IDQ7CisgICAgY2hlY2tlZERhdGFTaXplICo9IHN0YXRpY19jYXN0PHVu c2lnbmVkPihzaXplLndpZHRoKCkpOworICAgIGNoZWNrZWREYXRhU2l6ZSAqPSBzdGF0aWNfY2Fz dDx1bnNpZ25lZD4oc2l6ZS5oZWlnaHQoKSk7CisgICAgcmV0dXJuIGNoZWNrZWREYXRhU2l6ZTsK K30KKwogRXhjZXB0aW9uT3I8UmVmPEltYWdlRGF0YT4+IEltYWdlRGF0YTo6Y3JlYXRlKHVuc2ln bmVkIHN3LCB1bnNpZ25lZCBzaCkKIHsKICAgICBpZiAoIXN3IHx8ICFzaCkKICAgICAgICAgcmV0 dXJuIEV4Y2VwdGlvbiB7IEluZGV4U2l6ZUVycm9yIH07Ci0KLSAgICBDaGVja2VkPGludCwgUmVj b3JkT3ZlcmZsb3c+IGRhdGFTaXplID0gNDsKLSAgICBkYXRhU2l6ZSAqPSBzdzsKLSAgICBkYXRh U2l6ZSAqPSBzaDsKKyAgICBJbnRTaXplIHNpemUoc3csIHNoKTsKKyAgICBhdXRvIGRhdGFTaXpl ID0gSW1hZ2VEYXRhOjpkYXRhU2l6ZShzaXplKTsKICAgICBpZiAoZGF0YVNpemUuaGFzT3ZlcmZs b3dlZCgpKQogICAgICAgICByZXR1cm4gRXhjZXB0aW9uIHsgUmFuZ2VFcnJvciwgIkNhbm5vdCBh bGxvY2F0ZSBhIGJ1ZmZlciBvZiB0aGlzIHNpemUiX3MgfTsKLQotICAgIEludFNpemUgc2l6ZShz dywgc2gpOwotICAgIGF1dG8gZGF0YSA9IGFkb3B0UmVmKCpuZXcgSW1hZ2VEYXRhKHNpemUpKTsK LSAgICBkYXRhLT5kYXRhKCktPnplcm9GaWxsKCk7Ci0gICAgcmV0dXJuIGRhdGE7CisgICAgYXV0 byBieXRlQXJyYXkgPSBVaW50OENsYW1wZWRBcnJheTo6dHJ5Q3JlYXRlVW5pbml0aWFsaXplZChk YXRhU2l6ZS51bnNhZmVHZXQoKSk7CisgICAgaWYgKCFieXRlQXJyYXkpIHsKKyAgICAgICAgLy8g RklYTUU6IERvZXMgdGhpcyBuZWVkIHRvIGJlIGEgInJlYWwiIG91dCBvZiBtZW1vcnkgZXJyb3Ig d2l0aCBzZXRPdXRPZk1lbW9yeUVycm9yIGNhbGxlZCBvbiBpdD8KKyAgICAgICAgcmV0dXJuIEV4 Y2VwdGlvbiB7IFJhbmdlRXJyb3IsICJPdXQgb2YgbWVtb3J5Il9zIH07CisgICAgfQorICAgIGJ5 dGVBcnJheS0+emVyb0ZpbGwoKTsKKyAgICByZXR1cm4gYWRvcHRSZWYoKm5ldyBJbWFnZURhdGEo c2l6ZSwgYnl0ZUFycmF5LnJlbGVhc2VOb25OdWxsKCkpKTsKIH0KIAogUmVmUHRyPEltYWdlRGF0 YT4gSW1hZ2VEYXRhOjpjcmVhdGUoY29uc3QgSW50U2l6ZSYgc2l6ZSkKIHsKLSAgICBDaGVja2Vk PGludCwgUmVjb3JkT3ZlcmZsb3c+IGRhdGFTaXplID0gNDsKLSAgICBkYXRhU2l6ZSAqPSBzaXpl LndpZHRoKCk7Ci0gICAgZGF0YVNpemUgKj0gc2l6ZS5oZWlnaHQoKTsKKyAgICBhdXRvIGRhdGFT aXplID0gSW1hZ2VEYXRhOjpkYXRhU2l6ZShzaXplKTsKICAgICBpZiAoZGF0YVNpemUuaGFzT3Zl cmZsb3dlZCgpKQogICAgICAgICByZXR1cm4gbnVsbHB0cjsKLQotICAgIHJldHVybiBhZG9wdFJl ZigqbmV3IEltYWdlRGF0YShzaXplKSk7CisgICAgYXV0byBieXRlQXJyYXkgPSBVaW50OENsYW1w ZWRBcnJheTo6dHJ5Q3JlYXRlVW5pbml0aWFsaXplZChkYXRhU2l6ZS51bnNhZmVHZXQoKSk7Cisg ICAgaWYgKCFieXRlQXJyYXkpCisgICAgICAgIHJldHVybiBudWxscHRyOworICAgIHJldHVybiBh ZG9wdFJlZigqbmV3IEltYWdlRGF0YShzaXplLCBieXRlQXJyYXkucmVsZWFzZU5vbk51bGwoKSkp OwogfQogCiBSZWZQdHI8SW1hZ2VEYXRhPiBJbWFnZURhdGE6OmNyZWF0ZShjb25zdCBJbnRTaXpl JiBzaXplLCBSZWY8VWludDhDbGFtcGVkQXJyYXk+JiYgYnl0ZUFycmF5KQogewotICAgIENoZWNr ZWQ8aW50LCBSZWNvcmRPdmVyZmxvdz4gZGF0YVNpemUgPSA0OwotICAgIGRhdGFTaXplICo9IHNp emUud2lkdGgoKTsKLSAgICBkYXRhU2l6ZSAqPSBzaXplLmhlaWdodCgpOwotICAgIGlmIChkYXRh U2l6ZS5oYXNPdmVyZmxvd2VkKCkpCi0gICAgICAgIHJldHVybiBudWxscHRyOwotCi0gICAgaWYg KGRhdGFTaXplLnVuc2FmZUdldCgpIDwgMCB8fCBzdGF0aWNfY2FzdDx1bnNpZ25lZD4oZGF0YVNp emUudW5zYWZlR2V0KCkpID4gYnl0ZUFycmF5LT5sZW5ndGgoKSkKKyAgICBhdXRvIGRhdGFTaXpl ID0gSW1hZ2VEYXRhOjpkYXRhU2l6ZShzaXplKTsKKyAgICBpZiAoZGF0YVNpemUuaGFzT3ZlcmZs b3dlZCgpIHx8IGRhdGFTaXplLnVuc2FmZUdldCgpID4gYnl0ZUFycmF5LT5sZW5ndGgoKSkKICAg ICAgICAgcmV0dXJuIG51bGxwdHI7Ci0KICAgICByZXR1cm4gYWRvcHRSZWYoKm5ldyBJbWFnZURh dGEoc2l6ZSwgV1RGTW92ZShieXRlQXJyYXkpKSk7CiB9CiAKQEAgLTgzLDcgKzg1LDYgQEAgRXhj ZXB0aW9uT3I8UmVmPEltYWdlRGF0YT4+IEltYWdlRGF0YTo6Y3JlYXRlKFJlZjxVaW50OENsYW1w ZWRBcnJheT4mJiBieXRlQXJyYXkKICAgICBpZiAoIWxlbmd0aCB8fCBsZW5ndGggJSA0KQogICAg ICAgICByZXR1cm4gRXhjZXB0aW9uIHsgSW52YWxpZFN0YXRlRXJyb3IsICJMZW5ndGggaXMgbm90 IGEgbm9uLXplcm8gbXVsdGlwbGUgb2YgNCJfcyB9OwogCi0gICAgQVNTRVJUKGxlbmd0aCA+IDAp OwogICAgIGxlbmd0aCAvPSA0OwogICAgIGlmICghc3cgfHwgbGVuZ3RoICUgc3cpCiAgICAgICAg IHJldHVybiBFeGNlcHRpb24geyBJbmRleFNpemVFcnJvciwgIkxlbmd0aCBpcyBub3QgYSBtdWx0 aXBsZSBvZiBzdyJfcyB9OwpAQCAtOTgsMTIgKzk5LDYgQEAgRXhjZXB0aW9uT3I8UmVmPEltYWdl RGF0YT4+IEltYWdlRGF0YTo6Y3JlYXRlKFJlZjxVaW50OENsYW1wZWRBcnJheT4mJiBieXRlQXJy YXkKICAgICByZXR1cm4gcmVzdWx0LnJlbGVhc2VOb25OdWxsKCk7CiB9CiAKLUltYWdlRGF0YTo6 SW1hZ2VEYXRhKGNvbnN0IEludFNpemUmIHNpemUpCi0gICAgOiBtX3NpemUoc2l6ZSkKLSAgICAs IG1fZGF0YShVaW50OENsYW1wZWRBcnJheTo6Y3JlYXRlVW5pbml0aWFsaXplZCgoc2l6ZS5hcmVh KCkgKiA0KS51bnNhZmVHZXQoKSkpCi17Ci19Ci0KIEltYWdlRGF0YTo6SW1hZ2VEYXRhKGNvbnN0 IEludFNpemUmIHNpemUsIFJlZjxVaW50OENsYW1wZWRBcnJheT4mJiBieXRlQXJyYXkpCiAgICAg OiBtX3NpemUoc2l6ZSkKICAgICAsIG1fZGF0YShXVEZNb3ZlKGJ5dGVBcnJheSkpCmRpZmYgLS1n aXQgYS9Tb3VyY2UvV2ViQ29yZS9odG1sL0ltYWdlRGF0YS5oIGIvU291cmNlL1dlYkNvcmUvaHRt bC9JbWFnZURhdGEuaAppbmRleCA4OGRmMGM0NTVmN2FlZjJiYjIwN2RjNTY1NGI3ZGZlYmExZmI4 YjY0Li41MDJlMDRjNGRiZTcxNjIyYzM0ZDdlZmJmZmM2NzQ0ZWU3MjMyOGFjIDEwMDY0NAotLS0g YS9Tb3VyY2UvV2ViQ29yZS9odG1sL0ltYWdlRGF0YS5oCisrKyBiL1NvdXJjZS9XZWJDb3JlL2h0 bWwvSW1hZ2VEYXRhLmgKQEAgLTUxLDggKzUxLDggQEAgcHVibGljOgogICAgIFJlZjxJbWFnZURh dGE+IGRlZXBDbG9uZSgpIGNvbnN0OwogCiBwcml2YXRlOgotICAgIGV4cGxpY2l0IEltYWdlRGF0 YShjb25zdCBJbnRTaXplJik7CiAgICAgSW1hZ2VEYXRhKGNvbnN0IEludFNpemUmLCBSZWY8VWlu dDhDbGFtcGVkQXJyYXk+JiYpOworICAgIHN0YXRpYyBDaGVja2VkPHVuc2lnbmVkLCBSZWNvcmRP dmVyZmxvdz4gZGF0YVNpemUoY29uc3QgSW50U2l6ZSYpOwogCiAgICAgSW50U2l6ZSBtX3NpemU7 CiAgICAgUmVmPFVpbnQ4Q2xhbXBlZEFycmF5PiBtX2RhdGE7Cg==