RESOLVED FIXED 188571
[YARR] Align allocation size in BumpPointerAllocator with sizeof(void*) 
https://bugs.webkit.org/show_bug.cgi?id=188571
Summary [YARR] Align allocation size in BumpPointerAllocator with sizeof(void*)
Yusuke Suzuki
Reported 2018-08-14 11:52:05 PDT
[YARR] Align allocation size in BumpPointerAllocator with sizeof(void*)
Attachments
Patch (5.99 KB, patch)
2018-08-14 11:55 PDT, Yusuke Suzuki 		saam: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Yusuke Suzuki
Comment 1 2018-08-14 11:55:08 PDT
Created attachment 347100 [details] Patch
Saam Barati
Comment 2 2018-08-15 14:33:22 PDT
Comment on attachment 347100 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=347100&action=review > Source/JavaScriptCore/yarr/YarrInterpreter.cpp:77 > + static size_t allocationSize(size_t numberOfFrames) Should we be worried about overflow here? > Source/JavaScriptCore/yarr/YarrInterpreter.cpp:133 > + static size_t allocationSize(size_t numberOfSubpatterns) Ditto
Yusuke Suzuki
Comment 3 2018-08-16 02:36:19 PDT
Comment on attachment 347100 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=347100&action=review Thank you! >> Source/JavaScriptCore/yarr/YarrInterpreter.cpp:77 >> + static size_t allocationSize(size_t numberOfFrames) > > Should we be worried about overflow here? Use Checked<> here. >> Source/JavaScriptCore/yarr/YarrInterpreter.cpp:133 >> + static size_t allocationSize(size_t numberOfSubpatterns) > > Ditto Fixed by using Checked<>
Yusuke Suzuki
Comment 4 2018-08-16 02:41:42 PDT
Committed r234916: <https://trac.webkit.org/changeset/234916>
Radar WebKit Bug Importer
Comment 5 2018-08-16 02:42:22 PDT
<rdar://problem/43373238>
Note You need to log in before you can comment on or make changes to this bug.