Bug 224268 - [JSC] WasmMemory caging should care about nullptr
Summary: [JSC] WasmMemory caging should care about nullptr
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Yusuke Suzuki
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2021-04-06 22:13 PDT by Yusuke Suzuki
Modified: 2021-04-07 02:29 PDT (History)
10 users (show)

See Also:

Attachments
Patch (21.30 KB, patch)
2021-04-06 23:16 PDT, Yusuke Suzuki 		mark.lam: review+
Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Yusuke Suzuki 2021-04-06 22:13:31 PDT 
[JSC] WasmMemory caging should care nullptr
Comment 1 Yusuke Suzuki 2021-04-06 23:15:51 PDT 
<rdar://problem/74654838>
Comment 2 Yusuke Suzuki 2021-04-06 23:16:21 PDT 
Created attachment 425358 [details]
Patch
Comment 3 Mark Lam 2021-04-07 01:13:04 PDT 
Comment on attachment 425358 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=425358&action=review

r=me

> Source/JavaScriptCore/ChangeLog:3
> +        [JSC] WasmMemory caging should care nullptr

"care about nullptr"?

> Source/JavaScriptCore/ChangeLog:10
> +           This checking size can include redzone for fast-memory, but this is OK: bound-check pass in LLInt (in upper tiers, we

"bounds-check"

> JSTests/ChangeLog:3
> +        [JSC] WasmMemory caging should care nullptr

"care about"
Comment 4 Yusuke Suzuki 2021-04-07 02:29:01 PDT 
Committed r275597 (236242@main): <https://commits.webkit.org/236242@main>