RESOLVED FIXED Bug 209132
SerializedScriptValue::decode should check bufferIsLargeEnoughToContain before allocating a buffer 
https://bugs.webkit.org/show_bug.cgi?id=209132
Summary SerializedScriptValue::decode should check bufferIsLargeEnoughToContain befor...
Fujii Hironori
Reported 2020-03-16 00:45:35 PDT
SerializedScriptValue::decode should check bufferIsLargeEnoughToContain This is a sub-task of Bug 209131. Bug 209131 – Don't allocate a buffer with the decoded size without ensuring bufferIsLargeEnoughToContain(size)
Attachments
Patch (1.79 KB, patch)
2020-03-16 00:50 PDT, Fujii Hironori 		no flags
DetailsFormatted DiffDiff
Patch (1.77 KB, patch)
2020-03-16 17:23 PDT, Fujii Hironori 		darin: review+
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Fujii Hironori
Comment 1 2020-03-16 00:50:10 PDT
Created attachment 393634 [details] Patch
Fujii Hironori
Comment 2 2020-03-16 17:23:18 PDT
Created attachment 393714 [details] Patch
Darin Adler
Comment 3 2020-03-17 15:38:17 PDT
Comment on attachment 393714 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=393714&action=review > Source/WebCore/ChangeLog:8 > + I have no new tests. The idea here is to state *why* there are no tests. Otherwise please just leave this line out.
Fujii Hironori
Comment 4 2020-03-17 17:31:25 PDT
Committed r258614: <https://trac.webkit.org/changeset/258614>
Radar WebKit Bug Importer
Comment 5 2020-03-17 17:32:12 PDT
<rdar://problem/60562941>
Note You need to log in before you can comment on or make changes to this bug.