Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 7214ee02bbf60356b32d7742a49150415dbd9e60
https://github.com/WebKit/WebKit/commit/7214ee02bbf60356b32d7742a49150415dbd9e60
Author: Daniel Liu <[email protected]>
Date: 2025-01-23 (Thu, 23 Jan 2025)
Changed paths:
M Source/JavaScriptCore/wasm/WasmIPIntGenerator.cpp
Log Message:
-----------
Pad IPInt argumINTBytecode to an even size
https://bugs.webkit.org/show_bug.cgi?id=286369
rdar://143407486
Reviewed by Yijia Huang and Mark Lam.
During local initialization, we default initialize locals all the way until we
hit the end of our local table. Because of IPInt's design, the local table is
aligned to an even size, meaning that we may read out of bounds by 1 from the
metadata vector. We need to pad this vector with an extra dummy element to make
sure we don't go out of bounds.
* Source/JavaScriptCore/wasm/WasmIPIntGenerator.cpp:
(JSC::Wasm::IPIntGenerator::finalize):
Canonical link: https://commits.webkit.org/289308@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
