[webkit-reviews] review granted: [Bug 35612] Update WebGLArray.slice() to new spec : [Attachment 51168] revised patch : responding to Oliver Hunt's review
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Mar 19 16:19:14 PDT 2010
Oliver Hunt <oliver at apple.com> has granted Zhenyao Mo <zmo at google.com>'s
request for review:
Bug 35612: Update WebGLArray.slice() to new spec
https://bugs.webkit.org/show_bug.cgi?id=35612
Attachment 51168: revised patch : responding to Oliver Hunt's review
https://bugs.webkit.org/attachment.cgi?id=51168&action=review
------- Additional Comments from Oliver Hunt <oliver at apple.com>
r=me, but i've noticed that
unsigned fullOffset = m_byteOffset + offset * sizeof(/*whatever type*/);
can overflow and therefore lead to incorrect _behaviour_ as
clampOffsetAndNumElements is unaware of the initial byteoffset so you can
trigger an overflow that will produce fullOffset < m_byteOffset
More information about the webkit-reviews
mailing list