Changeset 210357 in webkit
- Timestamp:
- Jan 5, 2017 9:30:57 AM (7 years ago)
- Location:
- trunk/Source/WebCore
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r210330 r210357 1 2017-01-05 Milan Crha <mcrha@redhat.com> 2 3 [SOUP] AddressSanitizer: heap-use-after-free under WTF::String::fromUTF8() 4 https://bugs.webkit.org/show_bug.cgi?id=166722 5 6 Reviewed by Alex Christensen. 7 8 * platform/soup/PublicSuffixSoup.cpp: 9 (WebCore::topPrivatelyControlledDomain): 10 Use a variable to hold UTF-8 version of the domain, because 11 the soup_tld_get_base_domain() returns a pointer into the passed-in 12 string, which could be freed due to the temporary object being freed. 13 1 14 2017-01-05 Andreas Kling <akling@apple.com> 2 15 -
trunk/Source/WebCore/platform/soup/PublicSuffixSoup.cpp
r186023 r210357 48 48 49 49 GUniqueOutPtr<GError> error; 50 if (const char* baseDomain = soup_tld_get_base_domain(domain.utf8().data(), &error.outPtr())) 50 CString domainUTF8 = domain.utf8(); 51 if (const char* baseDomain = soup_tld_get_base_domain(domainUTF8.data(), &error.outPtr())) 51 52 return String::fromUTF8(baseDomain); 52 53
Note: See TracChangeset
for help on using the changeset viewer.