Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: b416e36fff4608fc03b8213d55e7daa27821a3fa
https://github.com/WebKit/WebKit/commit/b416e36fff4608fc03b8213d55e7daa27821a3fa
Author: Chris Dumez <[email protected]>
Date: 2026-03-23 (Mon, 23 Mar 2026)
Changed paths:
M Source/WTF/wtf/StdLibExtras.h
M Source/WTF/wtf/text/CStringView.h
M Tools/TestWebKitAPI/Tests/WTF/CStringView.cpp
Log Message:
-----------
Fix UB in equalSpans() and inconsistent null/empty semantics in CStringView
https://bugs.webkit.org/show_bug.cgi?id=310514
Reviewed by Anne van Kesteren.
equalSpans() calls memcmp() without guarding against zero-size spans.
However, passing nullptr to memcmp() is undefined behavior, even when
the count is zero. This was triggered when comparing null or
empty CStringViews via operator==.
Additionally, CStringView's ASCIILiteral constructor was collapsing
empty strings to null (`CStringView(""_s).isNull()` was true), while
`unsafeFromUTF8("")` and `fromUTF8({'\0'})` correctly preserved the
non-null empty state. Fix the ASCIILiteral constructor to stop
special-casing empty strings, making all construction paths consistent.
Test: Tools/TestWebKitAPI/Tests/WTF/CStringView.cpp
* Source/WTF/wtf/StdLibExtras.h:
(WTF::equalSpans): Add early return when both spans have size zero
to avoid calling memcmp() with potentially-null pointers.
* Source/WTF/wtf/text/CStringView.h:
* Tools/TestWebKitAPI/Tests/WTF/CStringView.cpp:
(TestWebKitAPI::TEST(WTF, CStringViewNullAndEmpty)):
(TestWebKitAPI::TEST(WTF, CStringViewSize)):
(TestWebKitAPI::TEST(WTF, CStringViewFrom)):
(TestWebKitAPI::TEST(WTF, CStringViewEquality)):
Canonical link: https://commits.webkit.org/309766@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
