Bug 308356

Summary: Fix Memory64 bounds checking and overflow checks in BBQ
Product: WebKit Reporter: ccarley2
Component: WebAssemblyAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   

ccarley2
Reported 2026-02-20 19:37:05 PST
Bounds checking code is incorrect for Memory64 and there is a possibility for overflow when preparing pointers with larget offsets/large pointers
Attachments
Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2026-02-20 19:37:12 PST
<rdar://problem/170851725>
ccarley2
Comment 2 2026-02-20 19:44:11 PST
Pull request: https://github.com/WebKit/WebKit/pull/59137
EWS
Comment 3 2026-03-04 09:47:13 PST
Committed 308634@main (d8a913bd3feb): <https://commits.webkit.org/308634@main> Reviewed commits have been landed. Closing PR #59137 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.