[webkit-reviews] review granted: [Bug 224984] Remove decoder memory allocations based on untrusted data (sizes) in the stream; related changes : [Attachment 426923] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Apr 23 10:58:25 PDT 2021
Sam Weinig <sam at webkit.org> has granted Darin Adler <darin at apple.com>'s request
for review:
Bug 224984: Remove decoder memory allocations based on untrusted data (sizes)
in the stream; related changes
https://bugs.webkit.org/show_bug.cgi?id=224984
Attachment 426923: Patch
https://bugs.webkit.org/attachment.cgi?id=426923&action=review
--- Comment #3 from Sam Weinig <sam at webkit.org> ---
Comment on attachment 426923
--> https://bugs.webkit.org/attachment.cgi?id=426923
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=426923&action=review
> Source/WebKit/Platform/IPC/ArgumentCoders.h:-517
> HashMapType hashMap;
> - hashMap.reserveInitialCapacity(hashMapSize);
Should we consider doing the trick we do for Vector here where if the key and
value are both fixed size we can check that the buffer is big enough to contain
size * (sizeof(key type) + sizeof(value type)) and then reserve? I don't have a
good feeling about what type of HashMaps/HashSets we use so I am not sure if
that is a useful optimization.
More information about the webkit-reviews
mailing list