Changeset 179783 in webkit

Timestamp:

Feb 7, 2015 12:21:24 PM (9 years ago)

Author:

ap@apple.com

Message:

ASan complains about plugins/snapshotting/snapshot-plugin-not-quite-blocked-by-image.html
​https://bugs.webkit.org/show_bug.cgi?id=141352
rdar://problem/19717490

Reviewed by Anders Carlsson.

• dom/Document.cpp: (WebCore::Document::ensurePlugInsInjectedScript): This string

is not null terminated.

Location:

trunk/Source/WebCore

Files:

• ChangeLog (modified) (1 diff)
• dom/Document.cpp (modified) (1 diff)

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2015-02-07  Alexey Proskuryakov  <ap@apple.com>
+
+        ASan complains about plugins/snapshotting/snapshot-plugin-not-quite-blocked-by-image.html
+        https://bugs.webkit.org/show_bug.cgi?id=141352
+        rdar://problem/19717490
+
+        Reviewed by Anders Carlsson.
+
+        * dom/Document.cpp: (WebCore::Document::ensurePlugInsInjectedScript): This string
+        is not null terminated.
+
 2015-02-06  Zalan Bujtas  <zalan@apple.com>
 

trunk/Source/WebCore/dom/Document.cpp

@@ -6272 +6272 @@
     String jsString = page()->chrome().client().plugInExtraScript();
     if (!jsString)
-        jsString = plugInsJavaScript;
+        jsString = String(plugInsJavaScript, sizeof(plugInsJavaScript));
 
     m_frame->mainFrame().script().evaluateInWorld(ScriptSourceCode(jsString), world);