141259 – Optimized equal() functions in StringImpl.h may crash when shorter string is near the end of a page

NEW141259

Optimized equal() functions in StringImpl.h may crash when shorter string is near the end of a page

https://bugs.webkit.org/show_bug.cgi?id=141259

Summary Optimized equal() functions in StringImpl.h may crash when shorter string is ...

Alexey Proskuryakov

Reported 2015-02-04 13:00:54 PST

equal() reads some garbage bytes from the shorter string when comparing. This is OK most of the time, but not when the string ends at a page boundary, and the next page is not readable.

Attachments
Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2025-05-29 16:40:23 PDT

<rdar://problem/152277679>

Note You need to log in before you can comment on or make changes to this bug.

Status NEW

Resolution

Priority P2

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware Unspecified

OS Unspecified

Product WebKit

Component Web Template Framework

Assignee

Michael Saboff

Reported

2015-02-04 13:00 PST

Modified

2025-05-29 16:40 PDT History

CC List

3 users Show

URL

Keywords InRadar

Depends on

Blocks