RESOLVED FIXED Bug 51431
-[WebBasePluginPackage isNativeLibraryData:] integer overflows on zero-sized data 
https://bugs.webkit.org/show_bug.cgi?id=51431
Summary -[WebBasePluginPackage isNativeLibraryData:] integer overflows on zero-sized ...
Cameron Zwarich (cpst)
Reported 2010-12-21 16:25:19 PST
This is due to bug 51144.
Attachments
Proposed path (1.25 KB, patch)
2010-12-21 16:28 PST, Cameron Zwarich (cpst) 		darin: review+
zwarich: commit-queue-
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Cameron Zwarich (cpst)
Comment 1 2010-12-21 16:26:53 PST
<rdar://problem/8791757>
Cameron Zwarich (cpst)
Comment 2 2010-12-21 16:28:57 PST
Created attachment 77163 [details] Proposed path
Darin Adler
Comment 3 2010-12-21 16:37:03 PST
Comment on attachment 77163 [details] Proposed path View in context: https://bugs.webkit.org/attachment.cgi?id=77163&action=review > WebKit/mac/Plugins/WebBasePluginPackage.mm:358 > + if (!sizeInBytes) > + return NO; > + > Vector<uint32_t, 128> rawData((sizeInBytes - 1) / 4 + 1); I would suggest just using (sizeInBytes + 3) / 4 rather than adding this null check.
Cameron Zwarich (cpst)
Comment 4 2010-12-21 17:04:02 PST
Thanks, that sounds better.
Cameron Zwarich (cpst)
Comment 5 2010-12-21 18:16:32 PST
Fixed in r74446.
Alexey Proskuryakov
Comment 6 2010-12-23 10:39:31 PST
*** Bug 51519 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.