[webkit-changes] [WebKit/WebKit] d1613f: Cherry-pick 252432.954 at safari-7614-branch (1144077...

Ryosuke Niwa noreply at github.com
Wed Feb 1 12:37:26 PST 2023 

  Branch: refs/heads/webkitglib/2.38
  Home:   https://github.com/WebKit/WebKit
  Commit: d1613f2b066592fe3acc7fbbf2d5f06a43e3e2b9
      https://github.com/WebKit/WebKit/commit/d1613f2b066592fe3acc7fbbf2d5f06a43e3e2b9
  Author: Chirag M Shah <chirag_m_shah at apple.com>
  Date:   2023-02-01 (Wed, 01 Feb 2023)

  Changed paths:
    M Source/WebKit/UIProcess/mac/LegacySessionStateCoding.cpp

  Log Message:
  -----------
  Cherry-pick 252432.954 at safari-7614-branch (114407780ae6). rdar://problem/103000322

    Guard against overflow when growing the buffer
    rdar://problem/103000322

    Reviewed by Jonathan Bedard and Chris Dumez.

    * Source/WebKit/UIProcess/mac/LegacySessionStateCoding.cpp:
    (WebKit::HistoryEntryDataEncoder::grow):
    (WebKit::HistoryEntryDataEncoder::growCapacity):

    Canonical link: https://commits.webkit.org/252432.954@safari-7614-branch


  Commit: f9fd2a39a36583c6930c7455faa867cfb309603b
      https://github.com/WebKit/WebKit/commit/f9fd2a39a36583c6930c7455faa867cfb309603b
  Author: Ryosuke Niwa <rniwa at webkit.org>
  Date:   2023-02-01 (Wed, 01 Feb 2023)

  Changed paths:
    A LayoutTests/fast/forms/datalist/datalist-id-change-crash-expected.txt
    A LayoutTests/fast/forms/datalist/datalist-id-change-crash.html

  Log Message:
  -----------
  Cherry-pick 252432.1015 at safari-7614-branch (3be45019e7fd). rdar://104668509

    Crash in HTMLInputElement::dataListMayHaveChanged via ListAttributeTargetObserver::idTargetChanged
    https://bugs.webkit.org/show_bug.cgi?id=250039
    rdar://103823004

    Reviewed by Wenson Hsieh, Geoffrey Garen and Aditya Keerthi.

    Merge https://commits.webkit.org/253773@main to avoid hitting this crash.

    * LayoutTests/fast/forms/datalist/datalist-id-change-crash-expected.txt: Added.
    * LayoutTests/fast/forms/datalist/datalist-id-change-crash.html: Added.
    * Source/WebCore/html/HTMLInputElement.cpp:
    (WebCore::HTMLInputElement::resetListAttributeTargetObserver):
    (WebCore::ListAttributeTargetObserver::ListAttributeTargetObserver):

    Canonical link: https://commits.webkit.org/252432.1015@safari-7614-branch

Canonical link: https://commits.webkit.org/259454@main


Compare: https://github.com/WebKit/WebKit/compare/1ae8226dbb80...f9fd2a39a365

More information about the webkit-changes mailing list