Branch: refs/heads/main Home: https://github.com/WebKit/WebKit Commit: c19a6292aab1bafc47e52b1bfb4341a06472ef75 https://github.com/WebKit/WebKit/commit/c19a6292aab1bafc47e52b1bfb4341a06472ef75 Author: Matthieu Dubet <m_du...@apple.com> Date: 2022-10-28 (Fri, 28 Oct 2022)
Changed paths: M Source/WebCore/platform/text/TextFlags.cpp Log Message: ----------- Fix use-after-free memory error rdar://101637166 Reviewed by Brent Fulgham. The previous code was creating a temporary vector which was passed to Span. Because Span doesn't own memory, the vector was (potentially) released at the end of the lambda function. With this patch, a reference to the vector stored in the HashMap is given to Span<> (we don't use a temporary anymore), which is live for at least the whole duration of the computeFontFeatureSettingsFromVariants function. * Source/WebCore/platform/text/TextFlags.cpp: (WebCore::computeFeatureSettingsFromVariants): Canonical link: https://commits.webkit.org/256089@main _______________________________________________ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes