[Webkit-unassigned] [Bug 11555] New: StringImpl can corrupt the static empty string

Thu Nov 9 10:47:34 PST 2006

http://bugs.webkit.org/show_bug.cgi?id=11555

           Summary: StringImpl can corrupt the static empty string
           Product: WebKit
           Version: 420+ (nightly)
          Platform: PC
        OS/Version: Mac OS X 10.4
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: Platform
        AssignedTo: webkit-unassigned at opendarwin.org
        ReportedBy: whereismichelleb at yahoo.com

The following code pattern exhibits exhibits unexpected behavior:
    String s1 = "";   // internally, this gets assigned a static empty string
    String s2 = "";   // internally, this gets the same StringImpl ptr
    s1.insert("corruptme!", 0);  // this modifies the static empty StringImpl
    assert(s1 != s2);     // this assert will trip; both s1 and s2 were
modified

The fix appears to be simple; the StringImpl::append() methods already do this,
so it is just a matter of applying to the insert() methods.  See attached
proposed patch.

-- 
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.