[Webkit-unassigned] [Bug 93078] SharedBuffer::copy() can cause segmentation fault.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Jan 14 00:04:43 PST 2013
https://bugs.webkit.org/show_bug.cgi?id=93078
Xiaoming Shi <xiaomings at google.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |xiaomings at google.com
--- Comment #11 from Xiaoming Shi <xiaomings at google.com> 2013-01-14 00:06:30 PST ---
I have also hit this issue this week. Just wonder when this patch will be committed.
Also, the line in the patch:
+ unsigned positionInSegment = offsetInSegment(m_size - m_buffer.size());
will make positionInSegment to 0 if the size of the last segment is segmentSize. You can use:
unsigned positionInSegment = m_size - m_buffer.size() - secondToLast * segmentSize;
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list