[webkit-changes] [WebKit/WebKit] edcf18: CloneDeserializer should always purifyNaN all doub...
youennf
noreply at github.com
Thu Nov 2 18:41:32 PDT 2023
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: edcf18996504f11f319fb74aa22eb29fb5a70535
https://github.com/WebKit/WebKit/commit/edcf18996504f11f319fb74aa22eb29fb5a70535
Author: Mark Lam <mark.lam at apple.com>
Date: 2023-11-02 (Thu, 02 Nov 2023)
Changed paths:
M Source/WebCore/bindings/js/SerializedScriptValue.cpp
Log Message:
-----------
CloneDeserializer should always purifyNaN all double values it reads.
https://bugs.webkit.org/show_bug.cgi?id=261801
rdar://115756664
Reviewed by Yusuke Suzuki.
CloneDeserializer::read() will now invoke purifyNaN() on any double values that it reads.
As a result, we can remove the 2 purifyNaN calls in its client that are now redundant.
* Source/WebCore/bindings/js/SerializedScriptValue.cpp:
(WebCore::CloneDeserializer::read):
(WebCore::CloneDeserializer::readTerminal):
Originally-landed-as: 265870.574 at safari-7616-branch (58238f2ad1a0). rdar://117810713
Canonical link: https://commits.webkit.org/270153@main
Commit: 25b7b0fab317d2f14d4cdea4320def22b6734cf8
https://github.com/WebKit/WebKit/commit/25b7b0fab317d2f14d4cdea4320def22b6734cf8
Author: Youenn Fablet <youennf at gmail.com>
Date: 2023-11-02 (Thu, 02 Nov 2023)
Changed paths:
M Source/ThirdParty/libwebrtc/Source/third_party/libvpx/source/libvpx/test/resize_test.cc
M Source/ThirdParty/libwebrtc/Source/third_party/libvpx/source/libvpx/vp9/common/vp9_alloccommon.c
M Source/ThirdParty/libwebrtc/Source/third_party/libvpx/source/libvpx/vp9/encoder/vp9_encoder.c
Log Message:
-----------
VP9 additional changes related to CVE-2023-5217
rdar://116293231
Reviewed by Jean-Yves Avenard.
Cherry-picking patches that do hardening of VP9 encoder reconfiguration:
- 02ab555e992c191e5c509ed87b3cc48ed915b447
- 263682c9a29395055f3b3afe2d97be1828a6223f
I had to update CHECK_MEM_ERROR call site since we need to pass cm currently, while they do pass cm->error upstream.
While we do not think we are exercising this code path of reconfiguring while encoding,
it is future proof and low risk to cherry-pick these changes.
* Source/ThirdParty/libwebrtc/Source/third_party/libvpx/source/libvpx/test/resize_test.cc:
* Source/ThirdParty/libwebrtc/Source/third_party/libvpx/source/libvpx/vp9/common/vp9_alloccommon.c:
(free_seg_map):
(vp9_free_context_buffers):
(vp9_alloc_context_buffers):
* Source/ThirdParty/libwebrtc/Source/third_party/libvpx/source/libvpx/vp9/encoder/vp9_encoder.c:
(free_copy_partition_data):
(vp9_change_config):
Originally-landed-as: 267815.170 at safari-7617-branch (505f26eea3a5). rdar://117811019
Canonical link: https://commits.webkit.org/270154@main
Compare: https://github.com/WebKit/WebKit/compare/fbed4417590f...25b7b0fab317
More information about the webkit-changes
mailing list