39435 – QTPixelBuffer passes CFDictionaries across the DLL boundary, which can lead to crashes

RESOLVED FIXED 39435

QTPixelBuffer passes CFDictionaries across the DLL boundary, which can lead to crashes

https://bugs.webkit.org/show_bug.cgi?id=39435

Summary QTPixelBuffer passes CFDictionaries across the DLL boundary, which can lead t...

Adam Roben (:aroben)

Reported 2010-05-20 10:55:23 PDT

QTPixelBuffer::attachments returns a CFDictionary that was created with QuickTime's CF. This is not necessarily compatible with the CF that WebKit uses, so this is unsafe.

Attachments
Remove unused code in MediaPlayerPrivateQuickTimeVisualContext and QTPixelBuffer (5.09 KB, patch) 2010-05-20 11:17 PDT, Adam Roben (:aroben)	darin: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Adam Roben (:aroben)

Comment 1 2010-05-20 10:56:05 PDT

<rdar://problem/8009278>

Adam Roben (:aroben)

Comment 2 2010-05-20 11:17:32 PDT

Created attachment 56612 [details] Remove unused code in MediaPlayerPrivateQuickTimeVisualContext and QTPixelBuffer

Adam Roben (:aroben)

Comment 3 2010-05-20 11:53:48 PDT

Committed r59854: <http://trac.webkit.org/changeset/59854>

WebKit Review Bot

Comment 4 2010-05-20 12:40:26 PDT

http://trac.webkit.org/changeset/59854 might have broken Tiger Intel Release The following changes are on the blame list: http://trac.webkit.org/changeset/59850 http://trac.webkit.org/changeset/59851 http://trac.webkit.org/changeset/59852 http://trac.webkit.org/changeset/59853 http://trac.webkit.org/changeset/59854

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware PC

OS Windows XP

Product WebKit

Component Media

Assignee

Nobody

Reported

2010-05-20 10:55 PDT

Modified

2010-05-20 12:40 PDT History

CC List

3 users Show

URL

Keywords InRadar, PlatformOnly

Depends on

Blocks