224268 – [JSC] WasmMemory caging should care about nullptr

RESOLVED FIXED 224268

[JSC] WasmMemory caging should care about nullptr

https://bugs.webkit.org/show_bug.cgi?id=224268

Summary [JSC] WasmMemory caging should care about nullptr

Yusuke Suzuki

Reported 2021-04-06 22:13:31 PDT

[JSC] WasmMemory caging should care nullptr

Attachments
Patch (21.30 KB, patch) 2021-04-06 23:16 PDT, Yusuke Suzuki	mark.lam: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Yusuke Suzuki

Comment 1 2021-04-06 23:15:51 PDT

<rdar://problem/74654838>

Yusuke Suzuki

Comment 2 2021-04-06 23:16:21 PDT

Created attachment 425358 [details] Patch

Mark Lam

Comment 3 2021-04-07 01:13:04 PDT

Comment on attachment 425358 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=425358&action=review r=me > Source/JavaScriptCore/ChangeLog:3 > + [JSC] WasmMemory caging should care nullptr "care about nullptr"? > Source/JavaScriptCore/ChangeLog:10 > + This checking size can include redzone for fast-memory, but this is OK: bound-check pass in LLInt (in upper tiers, we "bounds-check" > JSTests/ChangeLog:3 > + [JSC] WasmMemory caging should care nullptr "care about"

Yusuke Suzuki

Comment 4 2021-04-07 02:29:01 PDT

Committed r275597 (236242@main): <https://commits.webkit.org/236242@main>

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component New Bugs

Assignee

Yusuke Suzuki

Reported

2021-04-06 22:13 PDT

Modified

2021-04-07 02:29 PDT History

CC List

10 users Show

URL

Keywords InRadar

Depends on

Blocks