[Webkit-unassigned] [Bug 71997] crash: WebCore::FontPlatformData::roundsGlyphAdvances on Lion
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Nov 10 22:06:11 PST 2011
https://bugs.webkit.org/show_bug.cgi?id=71997
Justin Schuh <jschuh at chromium.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Product|Security |WebKit
Version|Other |528+ (Nightly build)
Component|Security |Text
AssignedTo|webkit-security-unassigned@ |webkit-unassigned at lists.web
|lists.webkit.org |kit.org
CC| |jschuh at chromium.org
Group|Security-Sensitive |
--- Comment #10 from Justin Schuh <jschuh at chromium.org> 2011-11-10 22:06:11 PST ---
(In reply to comment #9)
> (In reply to comment #7)
> > How is a null dereference a security issue?
>
> It causes crash and crash bugs which assigned to me were marked as security issues so I filed this as a security issue. Please let me know if it's not appropriate.
All crashes are not necessarily security issues. Things like NULL dereferences and resource exhaustion are generally safe crashes. Whereas memory corruption or out-of-band reads are potentially dangerous and should be filed as security issues.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list