75260 2011-12-27 10:48:47 -0800 Null name for host function can result in dereference of uninitialize memory 2011-12-27 14:09:46 -0800 1 1 1 Unclassified WebKit JavaScriptCore 528+ (Nightly build) Unspecified Unspecified RESOLVED FIXED P2 Normal --- 1 barraclough barraclough oldest_to_newest 527414 0 barraclough 2011-12-27 10:48:47 -0800 This is a recent regression in ToT, if the name passed to finishCreation of a host function is null, we are currently skipping the putDirect, which leaves memory uninitialized. This patch reverts the aspect of the change that introduced the issue. It might be better if functions that don't have a name don't have this property at all, but that's change should be separate from fixing the bug. 527416 1 120606 barraclough 2011-12-27 10:59:25 -0800 Created attachment 120606 Fix 527418 2 barraclough 2011-12-27 11:03:05 -0800 <rdar://problem/10628279> 527465 3 barraclough 2011-12-27 14:09:46 -0800 Fixed in r103728 120606 2011-12-27 10:59:25 -0800 2011-12-27 11:32:33 -0800 Fix 75260.patch text/plain 4244 barraclough SW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291 cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gMTAzNzE1KQorKysgU291cmNl L0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDE5IEBA CisyMDExLTEyLTI3ICBHYXZpbiBCYXJyYWNsb3VnaCAgPGJhcnJhY2xvdWdoQGFwcGxlLmNvbT4K KworICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9NzUyNjAK KyAgICAgICAgTnVsbCBuYW1lIGZvciBob3N0IGZ1bmN0aW9uIGNhbiByZXN1bHQgaW4gZGVyZWZl cmVuY2Ugb2YgdW5pbml0aWFsaXplIG1lbW9yeQorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9E WSAoT09QUyEpLgorCisgICAgICAgIFRoaXMgaXMgYSByZWNlbnQgcmVncmVzc2lvbiBpbiBUb1Qs IGlmIHRoZSBuYW1lIHBhc3NlZCB0byBmaW5pc2hDcmVhdGlvbiBvZiBhIGhvc3QgZnVuY3Rpb24g aXMgbnVsbCwKKyAgICAgICAgd2UgYXJlIGN1cnJlbnRseSBza2lwcGluZyB0aGUgcHV0RGlyZWN0 LCB3aGljaCBsZWF2ZXMgbWVtb3J5IHVuaW5pdGlhbGl6ZWQuIFRoaXMgcGF0Y2ggcmV2ZXJ0cyB0 aGUKKyAgICAgICAgYXNwZWN0IG9mIHRoZSBjaGFuZ2UgdGhhdCBpbnRyb2R1Y2VkIHRoZSBpc3N1 ZS4gIEl0IG1pZ2h0IGJlIGJldHRlciBpZiBmdW5jdGlvbnMgdGhhdCBkb24ndCBoYXZlIGEKKyAg ICAgICAgbmFtZSBkb24ndCBoYXZlIHRoaXMgcHJvcGVydHkgYXQgYWxsLCBidXQgdGhhdCdzIGNo YW5nZSBzaG91bGQgYmUgc2VwYXJhdGUgZnJvbSBmaXhpbmcgdGhlIGJ1Zy4KKworICAgICAgICAq IHJ1bnRpbWUvSlNGdW5jdGlvbi5jcHA6CisgICAgICAgIChKU0M6OkpTRnVuY3Rpb246OmZpbmlz aENyZWF0aW9uKToKKyAgICAgICAgICAgIC0gQWx3YXlzIGluaXRpYWxpemUgdGhlIG5hbWUgcHJv cGVydHkuCisKIDIwMTEtMTItMjYgIEdhdmluIEJhcnJhY2xvdWdoICA8YmFycmFjbG91Z2hAYXBw bGUuY29tPgogCiAgICAgICAgIEVycmshIE9TIFggYnVpbGQgZml4LgpJbmRleDogU291cmNlL0ph dmFTY3JpcHRDb3JlL3J1bnRpbWUvSlNGdW5jdGlvbi5jcHAKPT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291cmNl L0phdmFTY3JpcHRDb3JlL3J1bnRpbWUvSlNGdW5jdGlvbi5jcHAJKHJldmlzaW9uIDEwMzY3MykK KysrIFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9ydW50aW1lL0pTRnVuY3Rpb24uY3BwCSh3b3JraW5n IGNvcHkpCkBAIC05Miw4ICs5Miw3IEBAIHZvaWQgSlNGdW5jdGlvbjo6ZmluaXNoQ3JlYXRpb24o RXhlY1N0YXQKICAgICBCYXNlOjpmaW5pc2hDcmVhdGlvbihleGVjLT5nbG9iYWxEYXRhKCkpOwog ICAgIEFTU0VSVChpbmhlcml0cygmc19pbmZvKSk7CiAgICAgbV9leGVjdXRhYmxlLnNldChleGVj LT5nbG9iYWxEYXRhKCksIHRoaXMsIGV4ZWN1dGFibGUpOwotICAgIGlmICghbmFtZS5pc051bGwo KSkKLSAgICAgICAgcHV0RGlyZWN0KGV4ZWMtPmdsb2JhbERhdGEoKSwgZXhlYy0+Z2xvYmFsRGF0 YSgpLnByb3BlcnR5TmFtZXMtPm5hbWUsIGpzU3RyaW5nKGV4ZWMsIG5hbWUudXN0cmluZygpKSwg RG9udERlbGV0ZSB8IFJlYWRPbmx5IHwgRG9udEVudW0pOworICAgIHB1dERpcmVjdChleGVjLT5n bG9iYWxEYXRhKCksIGV4ZWMtPmdsb2JhbERhdGEoKS5wcm9wZXJ0eU5hbWVzLT5uYW1lLCBqc1N0 cmluZyhleGVjLCBuYW1lLmlzTnVsbCgpID8gIiIgOiBuYW1lLnVzdHJpbmcoKSksIERvbnREZWxl dGUgfCBSZWFkT25seSB8IERvbnRFbnVtKTsKICAgICBwdXREaXJlY3QoZXhlYy0+Z2xvYmFsRGF0 YSgpLCBleGVjLT5wcm9wZXJ0eU5hbWVzKCkubGVuZ3RoLCBqc051bWJlcihsZW5ndGgpLCBEb250 RGVsZXRlIHwgUmVhZE9ubHkgfCBEb250RW51bSk7CiB9CiAKSW5kZXg6IExheW91dFRlc3RzL0No YW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09Ci0tLSBMYXlvdXRUZXN0cy9DaGFuZ2VMb2cJKHJldmlzaW9uIDEw MzcxNSkKKysrIExheW91dFRlc3RzL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsx LDE2IEBACisyMDExLTEyLTI3ICBHYXZpbiBCYXJyYWNsb3VnaCAgPGJhcnJhY2xvdWdoQGFwcGxl LmNvbT4KKworICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9 NzUyNjAKKyAgICAgICAgTnVsbCBuYW1lIGZvciBob3N0IGZ1bmN0aW9uIGNhbiByZXN1bHQgaW4g ZGVyZWZlcmVuY2Ugb2YgdW5pbml0aWFsaXplIG1lbW9yeQorCisgICAgICAgIFJldmlld2VkIGJ5 IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIEFkZGVkIGEgdGVzdCBmb3IgU3RyaW5nIGFwcGxp ZXMgdG8gdGhlIFRocm93VHlwZUVycm9yIGZ1bmN0aW9uIG9iamVjdCAtCisgICAgICAgIGlmIHRo aXMgZG9lcyBub3QgY3Jhc2gsIGl0IHBhc3NlcyEKKworICAgICAgICAqIGZhc3QvanMvYmFzaWMt c3RyaWN0LW1vZGUtZXhwZWN0ZWQudHh0OgorICAgICAgICAqIGZhc3QvanMvc2NyaXB0LXRlc3Rz L2Jhc2ljLXN0cmljdC1tb2RlLmpzOgorCiAyMDExLTEyLTI3ICBSeW9zdWtlIE5pd2EgIDxybml3 YUB3ZWJraXQub3JnPgogCiAgICAgICAgIENocm9taXVtIHJlYmFzZWxpbmUgYWZ0ZXIgcjEwMzI1 MS4KSW5kZXg6IExheW91dFRlc3RzL2Zhc3QvanMvYmFzaWMtc3RyaWN0LW1vZGUtZXhwZWN0ZWQu dHh0Cj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT0KLS0tIExheW91dFRlc3RzL2Zhc3QvanMvYmFzaWMtc3RyaWN0LW1vZGUt ZXhwZWN0ZWQudHh0CShyZXZpc2lvbiAxMDM2NzMpCisrKyBMYXlvdXRUZXN0cy9mYXN0L2pzL2Jh c2ljLXN0cmljdC1tb2RlLWV4cGVjdGVkLnR4dAkod29ya2luZyBjb3B5KQpAQCAtMjA1LDYgKzIw NSw3IEBAIFBBU1MgKGZ1bmN0aW9uICgpIHsndXNlIHN0cmljdCc7ICB0cnkgeyAKIFBBU1MgdHJ5 IHsgdGhyb3cgMTsgfSBjYXRjaCAoZSkgeyBhR2xvYmFsID0gdHJ1ZTsgfSBpcyB0cnVlCiBQQVNT IChmdW5jdGlvbiAoKSB7IHRyeSB7IHRocm93IDE7IH0gY2F0Y2ggKGUpIHsgYUdsb2JhbCA9IHRy dWU7IH19KSgpOyBhR2xvYmFsOyBpcyB0cnVlCiBQQVNTIChmdW5jdGlvbiAoKSB7dHJ5IHsgdGhy b3cgMTsgfSBjYXRjaCAoZSkgeyBhR2xvYmFsID0gdHJ1ZTsgfX0pKCk7IGFHbG9iYWw7IGlzIHRy dWUKK1BBU1MgU3RyaW5nKE9iamVjdC5nZXRPd25Qcm9wZXJ0eURlc2NyaXB0b3IoZnVuY3Rpb24o KSB7ICJ1c2Ugc3RyaWN0IjsgfSwgImNhbGxlciIpLmdldCkgaXMgJ2Z1bmN0aW9uICgpIHtcbiAg ICBbbmF0aXZlIGNvZGVdXG59JwogUEFTUyBzdWNjZXNzZnVsbHlQYXJzZWQgaXMgdHJ1ZQogCiBU RVNUIENPTVBMRVRFCkluZGV4OiBMYXlvdXRUZXN0cy9mYXN0L2pzL3NjcmlwdC10ZXN0cy9iYXNp Yy1zdHJpY3QtbW9kZS5qcwo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBMYXlvdXRUZXN0cy9mYXN0L2pzL3Njcmlw dC10ZXN0cy9iYXNpYy1zdHJpY3QtbW9kZS5qcwkocmV2aXNpb24gMTAzNjczKQorKysgTGF5b3V0 VGVzdHMvZmFzdC9qcy9zY3JpcHQtdGVzdHMvYmFzaWMtc3RyaWN0LW1vZGUuanMJKHdvcmtpbmcg Y29weSkKQEAgLTIwMywzICsyMDMsNiBAQCBhR2xvYmFsID0gZmFsc2U7CiBzaG91bGRCZVRydWUo IihmdW5jdGlvbiAoKSB7IHRyeSB7IHRocm93IDE7IH0gY2F0Y2ggKGUpIHsgYUdsb2JhbCA9IHRy dWU7IH19KSgpOyBhR2xvYmFsOyIpOwogYUdsb2JhbCA9IGZhbHNlOwogc2hvdWxkQmVUcnVlKCIo ZnVuY3Rpb24gKCkge3RyeSB7IHRocm93IDE7IH0gY2F0Y2ggKGUpIHsgYUdsb2JhbCA9IHRydWU7 IH19KSgpOyBhR2xvYmFsOyIpOworCisvLyBNYWtlIHN1cmUgdGhpcyBkb2Vzbid0IGNyYXNoIQor c2hvdWxkQmUoJ1N0cmluZyhPYmplY3QuZ2V0T3duUHJvcGVydHlEZXNjcmlwdG9yKGZ1bmN0aW9u KCkgeyAidXNlIHN0cmljdCI7IH0sICJjYWxsZXIiKS5nZXQpJywgIidmdW5jdGlvbiAoKSB7XFxu ICAgIFtuYXRpdmUgY29kZV1cXG59JyIpOwo=