[webkit-reviews] review granted: [Bug 188740] [JSC] HeapUtil should care pointer overflow : [Attachment 347485] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Aug 21 19:53:28 PDT 2018
Saam Barati <sbarati at apple.com> has granted Yusuke Suzuki
<yusukesuzuki at slowstart.org>'s request for review:
Bug 188740: [JSC] HeapUtil should care pointer overflow
https://bugs.webkit.org/show_bug.cgi?id=188740
Attachment 347485: Patch
https://bugs.webkit.org/attachment.cgi?id=347485&action=review
--- Comment #2 from Saam Barati <sbarati at apple.com> ---
Comment on attachment 347485
--> https://bugs.webkit.org/attachment.cgi?id=347485
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=347485&action=review
> Source/JavaScriptCore/ChangeLog:3
> + [JSC] HeapUtil should care pointer overflow
care pointer => care about pointer
> Source/JavaScriptCore/ChangeLog:8
> + `pointer - sizeof(IndexingHeader) - 1` causes an undefined behavior
if a pointer is overflow.
is overflow => overflows
More information about the webkit-reviews
mailing list