[Webkit-unassigned] [Bug 31138] New: Uninitialized memory read in WebCore::Page::userStyleSheetLocationChanged()
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Nov 4 12:17:37 PST 2009
https://bugs.webkit.org/show_bug.cgi?id=31138
Summary: Uninitialized memory read in
WebCore::Page::userStyleSheetLocationChanged()
Product: WebKit
Version: 528+ (Nightly build)
Platform: PC
OS/Version: Mac OS X 10.5
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: WebCore Misc.
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: dank at kegel.com
Found via chromium linux layout valgrind bot on
LayoutTests/platform/mac/fast/loader/user-stylesheet-fast-path.html .
Valgrind complains
Invalid read of size 1
at strlen (mc_replace_strmem.c:275)
by WebCore::String::fromUTF8(char const*) (String.cpp:682)
by WebCore::Page::userStyleSheetLocationChanged() (Page.cpp:545)
Address 0xd60f4af is 0 bytes after a block of size 31 alloc'd
at malloc (vg_replace_malloc.c:195)
...
by WebCore::base64Decode(WTF::Vector<char, 0ul> const&, WTF::Vector<char,
0ul>&) (Base64.cpp:134)
by WebCore::Page::userStyleSheetLocationChanged() (Page.cpp:544)
Looks like someone forgot to specify a length. I'll attach a fix.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list