[Webkit-unassigned] [Bug 228234] New: Uninitialized data in UIClient::windowFrame written over IPC

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Jul 23 07:10:40 PDT 2021 

https://bugs.webkit.org/show_bug.cgi?id=228234

            Bug ID: 228234
           Summary: Uninitialized data in UIClient::windowFrame written
                    over IPC
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKitGTK
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: mcatanzaro at gnome.org
                CC: bugs-noreply at webkitgtk.org

==87186== Thread 55 ReceiveQueue:
==87186== Syscall param sendmsg(msg.msg_iov[1]) points to uninitialised byte(s)
==87186==    at 0x59A0ACD: sendmsg (in /usr/lib64/libc-2.33.so)
==87186==    by 0x6AC8783: IPC::Connection::sendOutputMessage(IPC::UnixMessage&) (ConnectionUnix.cpp:536)
==87186==    by 0x6ACA719: IPC::Connection::sendOutgoingMessage(WTF::UniqueRef<IPC::Encoder>&&) (ConnectionUnix.cpp:454)
==87186==    by 0x6AB7997: IPC::Connection::sendOutgoingMessages() [clone .part.0] (Connection.cpp:932)
==87186==    by 0xA9C8505: operator() (Function.h:82)
==87186==    by 0xA9C8505: WTF::RunLoop::performWork() (RunLoop.cpp:133)
==87186==    by 0xAA1D8F8: operator() (RunLoopGLib.cpp:80)
==87186==    by 0xAA1D8F8: WTF::RunLoop::RunLoop()::{lambda(void*)#1}::_FUN(void*) (RunLoopGLib.cpp:82)
==87186==    by 0xAA1E22E: operator() (RunLoopGLib.cpp:53)
==87186==    by 0xAA1E22E: WTF::RunLoop::{lambda(_GSource*, int (*)(void*), void*)#1}::_FUN(_GSource*, int (*)(void*), void*) (RunLoopGLib.cpp:56)
==87186==    by 0x5609922: g_main_dispatch (gmain.c:3344)
==87186==    by 0x560A875: g_main_context_dispatch (gmain.c:4062)
==87186==    by 0x560AA61: g_main_context_iterate (gmain.c:4138)
==87186==    by 0x560AEFE: g_main_loop_run (gmain.c:4336)
==87186==    by 0xAA1E34F: WTF::RunLoop::run() (RunLoopGLib.cpp:108)
==87186==  Address 0x21525daa is in a rw- anonymous segment
==87186==  Uninitialised value was created by a stack allocation
==87186==    at 0x6C310A0: UIClient::windowFrame(WebKit::WebPageProxy&, WTF::Function<void (WebCore::FloatRect)>&&) (WebKitUIClient.cpp:240)

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210723/b3fe635f/attachment.htm>

More information about the webkit-unassigned mailing list