Changeset 140751 in webkit

Timestamp:

Jan 24, 2013 4:56:19 PM (11 years ago)

Author:

commit-queue@webkit.org

Message:

NPN_InitializeVariantWithStringCopy is wrong for platforms returning NULL from malloc(0)
​https://bugs.webkit.org/show_bug.cgi?id=96272

Patch by Julien Brianceau <​jbrianceau@nds.com> on 2013-01-24
Reviewed by Alexey Proskuryakov.

No new tests. This is platform dependent.

• bridge/npruntime.cpp:

(NPN_InitializeVariantWithStringCopy):

Location:

trunk/Source/WebCore

Files:

• ChangeLog (modified) (1 diff)
• bridge/npruntime.cpp (modified) (1 diff)

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2013-01-24  Julien Brianceau  <jbrianceau@nds.com>
+
+        NPN_InitializeVariantWithStringCopy is wrong for platforms returning NULL from malloc(0)
+        https://bugs.webkit.org/show_bug.cgi?id=96272
+
+        Reviewed by Alexey Proskuryakov.
+
+        No new tests. This is platform dependent.
+
+        * bridge/npruntime.cpp:
+        (NPN_InitializeVariantWithStringCopy):
+
 2013-01-24  Christian Biesinger  <cbiesinger@chromium.org>
 

trunk/Source/WebCore/bridge/npruntime.cpp

@@ -86 +86 @@
     variant->type = NPVariantType_String;
     variant->value.stringValue.UTF8Length = value->UTF8Length;
-    variant->value.stringValue.UTF8Characters = (NPUTF8 *)malloc(sizeof(NPUTF8) * value->UTF8Length);
-    if (!variant->value.stringValue.UTF8Characters)
+    // Switching to fastMalloc would be better to avoid length check but this is not desirable
+    // as NPN_MemAlloc is using malloc and there might be plugins that mix NPN_MemAlloc and malloc too.
+    variant->value.stringValue.UTF8Characters = (NPUTF8*)malloc(sizeof(NPUTF8) * value->UTF8Length);
+    if (value->UTF8Length && !variant->value.stringValue.UTF8Characters)
         CRASH();
     memcpy((void*)variant->value.stringValue.UTF8Characters, value->UTF8Characters, sizeof(NPUTF8) * value->UTF8Length);