[webkit-reviews] review granted: [Bug 59949] Avoid potential buffer underrun in WTFLog() and WTFLogVerbose() : [Attachment 91941] Avoid potential buffer underrun in WTFLog() and WTFLogVerbose()
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon May 2 11:13:58 PDT 2011
Alexey Proskuryakov <ap at webkit.org> has granted Jeff Miller <jeffm at apple.com>'s
request for review:
Bug 59949: Avoid potential buffer underrun in WTFLog() and WTFLogVerbose()
https://bugs.webkit.org/show_bug.cgi?id=59949
Attachment 91941: Avoid potential buffer underrun in WTFLog() and
WTFLogVerbose()
https://bugs.webkit.org/attachment.cgi?id=91941&action=review
------- Additional Comments from Alexey Proskuryakov <ap at webkit.org>
View in context: https://bugs.webkit.org/attachment.cgi?id=91941&action=review
> Source/JavaScriptCore/ChangeLog:5
> + Avoid potential buffer underrun in WTFLog() and WTFLogVerbose()
I think it's a buffer overrun, not underrun -
<http://en.wikipedia.org/wiki/Buffer_underrun>.
> Source/JavaScriptCore/wtf/Assertions.cpp:277
> + if (!format)
> + return;
I'm not sure if this is a good time to make this check after calling
vprintf_stderr_common. Or if it's really necessary - crashing on null ptr
access if fairly safe, even if we were guarding against malicious input, which
we aren't really.
> Source/JavaScriptCore/wtf/Assertions.cpp:279
> + size_t formatLen = strlen(format);
Please don't abbreviate.
> Source/JavaScriptCore/wtf/Assertions.cpp:294
> + if (!format) {
Same comment about necessity of the check.
More information about the webkit-reviews
mailing list