Changeset 256081 in webkit
- Timestamp:
- Feb 7, 2020 4:43:52 PM (4 years ago)
- Location:
- trunk/Source
- Files:
-
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WTF/ChangeLog
r256066 r256081 1 2020-02-07 Alex Christensen <achristensen@webkit.org> 2 3 Harden HashTable IPC decoders 4 https://bugs.webkit.org/show_bug.cgi?id=207415 5 6 Reviewed by Chris Dumez. 7 8 * wtf/HashCountedSet.h: 9 1 10 2020-02-07 Ryan Haddad <ryanhaddad@apple.com> 2 11 -
trunk/Source/WTF/wtf/HashCountedSet.h
r237419 r256081 111 111 template<typename V = ValueType> typename std::enable_if<IsSmartPtr<V>::value, bool>::type remove(typename GetPtrHelper<V>::PtrType); 112 112 113 static bool isValidValue(const ValueType& value) { return ImplType::isValidValue(value); } 114 113 115 private: 114 116 ImplType m_impl; -
trunk/Source/WebKit/ChangeLog
r256075 r256081 1 2020-02-07 Alex Christensen <achristensen@webkit.org> 2 3 Harden HashTable IPC decoders 4 https://bugs.webkit.org/show_bug.cgi?id=207415 5 6 Reviewed by Chris Dumez. 7 8 * Platform/IPC/ArgumentCoders.h: 9 1 10 2020-02-07 Chris Dumez <cdumez@apple.com> 2 11 -
trunk/Source/WebKit/Platform/IPC/ArgumentCoders.h
r253206 r256081 390 390 return WTF::nullopt; 391 391 392 if (UNLIKELY(!HashMapType::isValidKey(*key))) { 393 decoder.markInvalid(); 394 return WTF::nullopt; 395 } 396 392 397 if (UNLIKELY(!hashMap.add(WTFMove(*key), WTFMove(*value)).isNewEntry)) { 393 398 // The hash map already has the specified key, bail. … … 445 450 return WTF::nullopt; 446 451 447 if (!hashSet.add(WTFMove(key.value())).isNewEntry) { 452 if (UNLIKELY(!HashSetType::isValidValue(*key))) { 453 decoder.markInvalid(); 454 return WTF::nullopt; 455 } 456 457 if (UNLIKELY(!hashSet.add(WTFMove(*key)).isNewEntry)) { 448 458 // The hash set already has the specified key, bail. 449 459 decoder.markInvalid(); … … 484 494 if (!decoder.decode(count)) 485 495 return false; 486 487 if (!tempHashCountedSet.add(key, count).isNewEntry) { 496 497 if (UNLIKELY(!HashCountedSetType::isValidValue(key))) { 498 decoder.markInvalid(); 499 return false; 500 } 501 502 if (UNLIKELY(!tempHashCountedSet.add(key, count).isNewEntry)) { 488 503 // The hash counted set already has the specified key, bail. 489 504 decoder.markInvalid();
Note: See TracChangeset
for help on using the changeset viewer.