[Webkit-unassigned] [Bug 21939] Uninitialized ExceptionCodes in MessagePort.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Oct 29 09:03:54 PDT 2008
https://bugs.webkit.org/show_bug.cgi?id=21939
mike at belshe.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|INVALID |
------- Comment #8 from mike at belshe.com 2008-10-29 09:03 PDT -------
I might have closed this prematurely.
As per Darin, we want the declarer of the ExceptionCode to initialize. That
makes sense, and that is why I closed this bug.
However, DOMWindow::postMessage is non-deterministic based on whether the
caller initialized the ExceptionCode before calling.
DOMWindow::postMessage uses ec internally with messagePort->clone(). If the
caller of postMessage didn't initialize it, postMessage will have undefined
behavior. (clone won't touch ec unless there is an exception, so when we come
out of clone() postMessage will be using an uninitialized ec).
There are two possible fixes; either we modify postMessage to use a different
ExceptionCode for calling into clone() or we initialize ec within postMessage
as per the patch here.
Does this sound right?
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list