Title: [256077] trunk/Source/WebCore
- Revision
- 256077
- Author
- rn...@webkit.org
- Date
- 2020-02-07 16:21:04 -0800 (Fri, 07 Feb 2020)
Log Message
Nullptr crash in WebCore::FontFamilySpecificationCoreText::fontRanges
https://bugs.webkit.org/show_bug.cgi?id=207236
<rdar://problem/57214193>
Patch by Jack Lee <shihchieh_...@apple.com> on 2020-02-07
Reviewed by Ryosuke Niwa.
Add a state variable in FontDescriptionKey for tracking hash entry deletion.
* platform/graphics/FontCache.h:
(WebCore::FontDescriptionKey::FontDescriptionKey):
(WebCore::FontDescriptionKey::operator== const):
(WebCore::FontDescriptionKey::isHashTableDeletedValue const):
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (256076 => 256077)
--- trunk/Source/WebCore/ChangeLog 2020-02-08 00:03:28 UTC (rev 256076)
+++ trunk/Source/WebCore/ChangeLog 2020-02-08 00:21:04 UTC (rev 256077)
@@ -1,3 +1,18 @@
+2020-02-07 Jack Lee <shihchieh_...@apple.com>
+
+ Nullptr crash in WebCore::FontFamilySpecificationCoreText::fontRanges
+ https://bugs.webkit.org/show_bug.cgi?id=207236
+ <rdar://problem/57214193>
+
+ Reviewed by Ryosuke Niwa.
+
+ Add a state variable in FontDescriptionKey for tracking hash entry deletion.
+
+ * platform/graphics/FontCache.h:
+ (WebCore::FontDescriptionKey::FontDescriptionKey):
+ (WebCore::FontDescriptionKey::operator== const):
+ (WebCore::FontDescriptionKey::isHashTableDeletedValue const):
+
2020-02-07 Chris Dumez <cdu...@apple.com>
[Hardening] Validate Geolocation access permission on UIProcess side
Modified: trunk/Source/WebCore/platform/graphics/FontCache.h (256076 => 256077)
--- trunk/Source/WebCore/platform/graphics/FontCache.h 2020-02-08 00:03:28 UTC (rev 256076)
+++ trunk/Source/WebCore/platform/graphics/FontCache.h 2020-02-08 00:21:04 UTC (rev 256077)
@@ -86,12 +86,13 @@
{ }
explicit FontDescriptionKey(WTF::HashTableDeletedValueType)
- : m_size(cHashTableDeletedSize)
+ : m_isDeletedValue(true)
{ }
bool operator==(const FontDescriptionKey& other) const
{
- return m_size == other.m_size
+ return m_isDeletedValue == other.m_isDeletedValue
+ && m_size == other.m_size
&& m_fontSelectionRequest == other.m_fontSelectionRequest
&& m_flags == other.m_flags
&& m_locale == other.m_locale
@@ -106,7 +107,7 @@
return !(*this == other);
}
- bool isHashTableDeletedValue() const { return m_size == cHashTableDeletedSize; }
+ bool isHashTableDeletedValue() const { return m_isDeletedValue; }
inline unsigned computeHash() const
{
@@ -156,9 +157,8 @@
return {{ first, second }};
}
- static const unsigned cHashTableDeletedSize = 0xFFFFFFFFU;
-
// FontCascade::locale() is explicitly not included in this struct.
+ bool m_isDeletedValue { false };
unsigned m_size { 0 };
FontSelectionRequest m_fontSelectionRequest;
std::array<unsigned, 2> m_flags {{ 0, 0 }};
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
