Title: [258620] trunk/Source/WebKit
- Revision
- 258620
- Author
- [email protected]
- Date
- 2020-03-17 20:32:31 -0700 (Tue, 17 Mar 2020)
Log Message
SharedMemory::Handle::m_size should be more consistent
<https://webkit.org/b/209007>
<rdar://problem/60340890>
Reviewed by Darin Adler.
* Platform/cocoa/SharedMemoryCocoa.cpp:
(WebKit::SharedMemory::Handle::decode):
- Return early if an invalid `size` is decoded.
(WebKit::SharedMemory::map):
- Drive-by fix to change '0' to 'nullptr'.
- Since all known methods of creating a SharedMemory::Handle()
set SharedMemory::Handle::m_size to a value of round_page(),
this means we can also change `round_page(handle.m_size)` to
`handle.m_size` in the call to mach_vm_map() since we know
they're equal.
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (258619 => 258620)
--- trunk/Source/WebKit/ChangeLog 2020-03-18 03:18:11 UTC (rev 258619)
+++ trunk/Source/WebKit/ChangeLog 2020-03-18 03:32:31 UTC (rev 258620)
@@ -1,3 +1,22 @@
+2020-03-17 David Kilzer <[email protected]>
+
+ SharedMemory::Handle::m_size should be more consistent
+ <https://webkit.org/b/209007>
+ <rdar://problem/60340890>
+
+ Reviewed by Darin Adler.
+
+ * Platform/cocoa/SharedMemoryCocoa.cpp:
+ (WebKit::SharedMemory::Handle::decode):
+ - Return early if an invalid `size` is decoded.
+ (WebKit::SharedMemory::map):
+ - Drive-by fix to change '0' to 'nullptr'.
+ - Since all known methods of creating a SharedMemory::Handle()
+ set SharedMemory::Handle::m_size to a value of round_page(),
+ this means we can also change `round_page(handle.m_size)` to
+ `handle.m_size` in the call to mach_vm_map() since we know
+ they're equal.
+
2020-03-17 Commit Queue <[email protected]>
Unreviewed, reverting r258496.
Modified: trunk/Source/WebKit/Platform/cocoa/SharedMemoryCocoa.cpp (258619 => 258620)
--- trunk/Source/WebKit/Platform/cocoa/SharedMemoryCocoa.cpp 2020-03-18 03:18:11 UTC (rev 258619)
+++ trunk/Source/WebKit/Platform/cocoa/SharedMemoryCocoa.cpp 2020-03-18 03:32:31 UTC (rev 258620)
@@ -93,6 +93,8 @@
uint64_t size;
if (!decoder.decode(size))
return false;
+ if (size != round_page(size))
+ return false;
IPC::MachPort machPort;
if (!decoder.decode(machPort))
@@ -190,13 +192,13 @@
RefPtr<SharedMemory> SharedMemory::map(const Handle& handle, Protection protection)
{
if (handle.isNull())
- return 0;
-
+ return nullptr;
+
ASSERT(round_page(handle.m_size) == handle.m_size);
vm_prot_t vmProtection = machProtection(protection);
mach_vm_address_t mappedAddress = 0;
- kern_return_t kr = mach_vm_map(mach_task_self(), &mappedAddress, round_page(handle.m_size), 0, VM_FLAGS_ANYWHERE, handle.m_port, 0, false, vmProtection, vmProtection, VM_INHERIT_NONE);
+ kern_return_t kr = mach_vm_map(mach_task_self(), &mappedAddress, handle.m_size, 0, VM_FLAGS_ANYWHERE, handle.m_port, 0, false, vmProtection, vmProtection, VM_INHERIT_NONE);
#if RELEASE_LOG_DISABLED
if (kr != KERN_SUCCESS)
return nullptr;
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
