[Webkit-unassigned] [Bug 49900] ArrayBuffer size check missing - easy OOM
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Jan 10 03:25:02 PST 2011
https://bugs.webkit.org/show_bug.cgi?id=49900
SkyLined <skylined at chromium.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
URL|http://code.google.com/p/ch |
|romium/issues/detail?id=640 |
|41 |
--- Comment #1 from SkyLined <skylined at chromium.org> 2011-01-10 03:25:02 PST ---
Chromium bug: http://code.google.com/p/chromium/issues/detail?id=42342
The Chromium bug contains a discussion that may be of interest when fixing this.
Variations:
new Uint32Array(0x3FFFFFFF)
new Int32Array(0x3FFFFFFF)
new Float32Array(0x3FFFFFFF)
new Uint16Array(0x3FFFFFFF)
new Int16Array(0x3FFFFFFF)
new Uint8Array(0x3FFFFFFF)
new Int8Array(0x3FFFFFFF)
new ArrayBuffer(0x3FFFFFFF)
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list