[Webkit-unassigned] [Bug 22623] New: Uninitialized memory access in cache parsing code
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Dec 3 05:13:02 PST 2008
https://bugs.webkit.org/show_bug.cgi?id=22623
Summary: Uninitialized memory access in cache parsing code
Product: WebKit
Version: 528+ (Nightly build)
Platform: PC
OS/Version: Mac OS X 10.5
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: WebCore Misc.
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: deanm at chromium.org
CC: ddkilzer at webkit.org
http://trac.webkit.org/changeset/38145
https://bugs.webkit.org/show_bug.cgi?id=21596
This patch added two additional fields:
129 mutable bool m_haveParsedCacheControlHeader:1;
130 mutable bool m_haveParsedPragmaHeader:1;
These are not initialized anywhere. They should likely both be set to false in
the constructor above. This is causing undefined behavior, it can lead to the
code thinking we have already parsed the cache control header (and returning
the already parsed value), when we actually have no parsed anything.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list