[Webkit-unassigned] [Bug 230776] New: IPC::Encoder::grow and IPC::Decoder::alignBufferPosition are incompatible when alignment != 8

Fri Sep 24 16:03:59 PDT 2021

https://bugs.webkit.org/show_bug.cgi?id=230776

            Bug ID: 230776
           Summary: IPC::Encoder::grow and
                    IPC::Decoder::alignBufferPosition are incompatible
                    when alignment != 8
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit2
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: wenson_hsieh at apple.com
                CC: kkinnunen at apple.com

IPC::Encoder rounds the buffer size to the given alignment, whereas IPC::Decoder rounds the buffer offset (a pointer) to the given alignment.

For instance, if the alignment is 16 bytes, then it is possible for IPC::Encoder to add more padding to adjust for alignment, which IPC::Decoder may not add if the buffer pointer offset (`m_bufferPos`) just so happens to land on a 16-byte-aligned address.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210924/e010d3c3/attachment-0001.htm>