Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: bc6d37008fb3c4858a96c78fa656af0a2ec9f6da
https://github.com/WebKit/WebKit/commit/bc6d37008fb3c4858a96c78fa656af0a2ec9f6da
Author: Gerald Squelart <g_squel...@apple.com>
Date: 2025-03-19 (Wed, 19 Mar 2025)
Changed paths:
M Source/WTF/wtf/text/StringImpl.h
Log Message:
-----------
StringImpl should construct a valid span to pass to StringImplShape
https://bugs.webkit.org/show_bug.cgi?id=289518
rdar://146724107
Reviewed by Geoffrey Garen.
StringImpl's constructor passes a span to StringImplShape, with a
nullptr data and non-null size.
It's only used to initialize StringImplShape members, the data pointer
is soon overriden with a valid pointer, so there's no UB per se.
However, it's a dangerous state that may trigger assertions in some
libraries, e.g.:
https://github.com/llvm/llvm-project/blob/1e83d975d72037567afd9d3b22bb063b442ec045/libcxx/include/span#L273
This patch moves some code from the constructor function body, into a
static member function template that directly constructs the final
valid span given to StringImplShape.
* Source/WTF/wtf/text/StringImpl.h:
(WTF::StringImpl::toStringImplMallocSpan):
(WTF::StringImpl::StringImpl):
Canonical link: https://commits.webkit.org/292384@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
