[Webkit-unassigned] [Bug 16127] Reproducible crash inside PCRE under guard malloc
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Nov 30 05:39:01 PST 2007
http://bugs.webkit.org/show_bug.cgi?id=16127
eric at webkit.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #17603| |review?
Flag| |
------- Comment #6 from eric at webkit.org 2007-11-30 05:39 PDT -------
Created an attachment (id=17603)
--> (http://bugs.webkit.org/attachment.cgi?id=17603&action=view)
Check against patternEnd to make sure we don't walk of the end of the string
JavaScriptCore/ChangeLog | 12 +++++
JavaScriptCore/pcre/pcre_compile.cpp | 47 ++++++++++----------
LayoutTests/ChangeLog | 10 ++++
.../fast/js/regexp-compile-crash-expected.txt | 5 ++
LayoutTests/fast/js/regexp-compile-crash.html | 22 +++++++++
5 files changed, 72 insertions(+), 24 deletions(-)
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list