Title: [158152] branches/safari-537.73-branch/Source/WTF
- Revision
- 158152
- Author
- [email protected]
- Date
- 2013-10-28 18:50:41 -0700 (Mon, 28 Oct 2013)
Log Message
Merged r155717. <rdar://problem/15292366>
Modified Paths
Diff
Modified: branches/safari-537.73-branch/Source/WTF/ChangeLog (158151 => 158152)
--- branches/safari-537.73-branch/Source/WTF/ChangeLog 2013-10-29 01:38:06 UTC (rev 158151)
+++ branches/safari-537.73-branch/Source/WTF/ChangeLog 2013-10-29 01:50:41 UTC (rev 158152)
@@ -1,5 +1,19 @@
2013-10-28 Lucas Forschler <[email protected]>
+ Merge r155717
+
+ 2013-09-13 Brent Fulgham <[email protected]>
+
+ [Windows] Activate FastMalloc hardening
+ https://bugs.webkit.org/show_bug.cgi?id=121307
+
+ Reviewed by Oliver Hunt.
+
+ * wtf/FastMalloc.cpp:
+ (WTF::SLL_Next): Add workaround for MSVC compiler bug.
+
+2013-10-28 Lucas Forschler <[email protected]>
+
Merge r156302
2013-09-23 Patrick Gansterer <[email protected]>
Modified: branches/safari-537.73-branch/Source/WTF/wtf/FastMalloc.cpp (158151 => 158152)
--- branches/safari-537.73-branch/Source/WTF/wtf/FastMalloc.cpp 2013-10-29 01:38:06 UTC (rev 158151)
+++ branches/safari-537.73-branch/Source/WTF/wtf/FastMalloc.cpp 2013-10-29 01:50:41 UTC (rev 158152)
@@ -106,7 +106,7 @@
#endif
// Harden the pointers stored in the TCMalloc linked lists
-#if COMPILER(GCC) && !PLATFORM(QT)
+#if !PLATFORM(QT)
#define ENABLE_TCMALLOC_HARDENING 1
#endif
@@ -555,9 +555,12 @@
#define HARDENING_ENTROPY internalEntropyValue()
#define ROTATE_VALUE(value, amount) (((value) >> (amount)) | ((value) << (sizeof(value) * 8 - (amount))))
+#if COMPILER(MSVC)
+#define XOR_MASK_PTR_WITH_KEY(ptr, key, entropy) (reinterpret_cast<decltype(ptr)>(reinterpret_cast<uintptr_t>(ptr)^(ROTATE_VALUE(reinterpret_cast<uintptr_t>(key), MaskKeyShift)^entropy)))
+#else
#define XOR_MASK_PTR_WITH_KEY(ptr, key, entropy) (reinterpret_cast<__typeof__(ptr)>(reinterpret_cast<uintptr_t>(ptr)^(ROTATE_VALUE(reinterpret_cast<uintptr_t>(key), MaskKeyShift)^entropy)))
+#endif
-
static ALWAYS_INLINE uint32_t freedObjectStartPoison()
{
static uint32_t value = EntropySource<sizeof(uint32_t)>::value() | 1;
@@ -828,7 +831,8 @@
// Functions for using our simple hardened singly linked list
static ALWAYS_INLINE HardenedSLL SLL_Next(HardenedSLL t, uintptr_t entropy) {
- return HardenedSLL::create(XOR_MASK_PTR_WITH_KEY(*(reinterpret_cast<void**>(t.value())), t.value(), entropy));
+ void* tValueNext = *(reinterpret_cast<void**>(t.value()));
+ return HardenedSLL::create(XOR_MASK_PTR_WITH_KEY(tValueNext, t.value(), entropy));
}
static ALWAYS_INLINE void SLL_SetNext(HardenedSLL t, HardenedSLL n, uintptr_t entropy) {
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
