Title: [122990] trunk/Source
- Revision
- 122990
- Author
- [email protected]
- Date
- 2012-07-18 11:09:56 -0700 (Wed, 18 Jul 2012)
Log Message
Source/WebCore: Alignment crash in MIMESniffer
https://bugs.webkit.org/show_bug.cgi?id=89787
Reviewed by Yong Li.
PR 169064
Prevent ASSERT on unaligned data. Special-case handling of unaligned data
to maskedCompareSlowCase.
No test, too hard to reproduce.
* platform/network/MIMESniffing.cpp:
(std::maskedCompareSlowCase):
(std):
(std::maskedCompare):
Source/WTF: Alignment crash in MIMESniffer
https://bugs.webkit.org/show_bug.cgi?id=89787
Reviewed by Yong Li.
PR 169064
Change isPointerTypeAlignmentOkay so calling it does not require ifdefs.
* wtf/StdLibExtras.h:
(isPointerTypeAlignmentOkay):
Modified Paths
Diff
Modified: trunk/Source/WTF/ChangeLog (122989 => 122990)
--- trunk/Source/WTF/ChangeLog 2012-07-18 17:58:59 UTC (rev 122989)
+++ trunk/Source/WTF/ChangeLog 2012-07-18 18:09:56 UTC (rev 122990)
@@ -1,3 +1,17 @@
+2012-07-18 Rob Buis <[email protected]>
+
+ Alignment crash in MIMESniffer
+ https://bugs.webkit.org/show_bug.cgi?id=89787
+
+ Reviewed by Yong Li.
+
+ PR 169064
+
+ Change isPointerTypeAlignmentOkay so calling it does not require ifdefs.
+
+ * wtf/StdLibExtras.h:
+ (isPointerTypeAlignmentOkay):
+
2012-07-17 Gabor Ballabas <[email protected]>
[Qt][V8] Remove the V8 related codepaths and configuration
Modified: trunk/Source/WTF/wtf/StdLibExtras.h (122989 => 122990)
--- trunk/Source/WTF/wtf/StdLibExtras.h 2012-07-18 17:58:59 UTC (rev 122989)
+++ trunk/Source/WTF/wtf/StdLibExtras.h 2012-07-18 18:09:56 UTC (rev 122990)
@@ -102,6 +102,11 @@
return reinterpret_cast<TypePtr>(ptr);
}
#else
+template<typename Type>
+bool isPointerTypeAlignmentOkay(Type*)
+{
+ return true;
+}
#define reinterpret_cast_ptr reinterpret_cast
#endif
Modified: trunk/Source/WebCore/ChangeLog (122989 => 122990)
--- trunk/Source/WebCore/ChangeLog 2012-07-18 17:58:59 UTC (rev 122989)
+++ trunk/Source/WebCore/ChangeLog 2012-07-18 18:09:56 UTC (rev 122990)
@@ -1,3 +1,22 @@
+2012-07-18 Rob Buis <[email protected]>
+
+ Alignment crash in MIMESniffer
+ https://bugs.webkit.org/show_bug.cgi?id=89787
+
+ Reviewed by Yong Li.
+
+ PR 169064
+
+ Prevent ASSERT on unaligned data. Special-case handling of unaligned data
+ to maskedCompareSlowCase.
+
+ No test, too hard to reproduce.
+
+ * platform/network/MIMESniffing.cpp:
+ (std::maskedCompareSlowCase):
+ (std):
+ (std::maskedCompare):
+
2012-07-18 Steve VanDeBogart <[email protected]>
Chrome/Skia: PDF print output does not have clickable links.
Modified: trunk/Source/WebCore/platform/network/MIMESniffing.cpp (122989 => 122990)
--- trunk/Source/WebCore/platform/network/MIMESniffing.cpp 2012-07-18 17:58:59 UTC (rev 122989)
+++ trunk/Source/WebCore/platform/network/MIMESniffing.cpp 2012-07-18 18:09:56 UTC (rev 122990)
@@ -233,11 +233,28 @@
return result;
}
+static inline bool maskedCompareSlowCase(const MagicNumbers& info, const char* data)
+{
+ const char* pattern = reinterpret_cast<const char*>(info.pattern);
+ const char* mask = reinterpret_cast<const char*>(info.mask);
+
+ size_t count = info.size;
+
+ for (size_t i = 0; i < count; ++i) {
+ if ((*data++ & *mask++) != *pattern++)
+ return false;
+ }
+ return true;
+}
+
static inline bool maskedCompare(const MagicNumbers& info, const char* data, size_t dataSize)
{
if (dataSize < info.size)
return false;
+ if (!isPointerTypeAlignmentOkay(static_cast<const uint32_t*>(static_cast<const void*>(data))))
+ return maskedCompareSlowCase(info, data);
+
const uint32_t* pattern32 = reinterpret_cast_ptr<const uint32_t*>(info.pattern);
const uint32_t* mask32 = reinterpret_cast_ptr<const uint32_t*>(info.mask);
const uint32_t* data32 = reinterpret_cast_ptr<const uint32_t*>(data);
_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo/webkit-changes
