Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(42)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 489853002: copy points in array that may stretch (Closed)

Created:
6 years, 4 months ago by caryclark
Modified:
6 years, 4 months ago
CC:
reviews_skia.org
Base URL:
https://skia.googlesource.com/skia.git@master
Project:
skia
Visibility:
Public.

Description

copy points in array that may stretch Description: Potential SkOpSegment::addT() use-after-free The 'pt' arg can be a reference to a point stored in the local fTs TDArray => appending may cause a realloc and leave the reference pointing to deallocated mem. Copy the points from the stretchy array before adding them. R=fmalita BUG=405417 Committed: https://skia.googlesource.com/skia/+/bdbb2422b9f20372597367a032d822b4297eab41

Patch Set 1 #

Unified diffs Side-by-side diffs Delta from patch set Stats (+4 lines, -3 lines) Patch
M src/pathops/SkOpSegment.cpp View 2 chunks +4 lines, -3 lines 0 comments Download

Messages

Total messages: 5 (0 generated)
caryclark
6 years, 4 months ago (2014-08-20 14:44:36 UTC) #1
f(malita)
lgtm
6 years, 4 months ago (2014-08-20 14:50:00 UTC) #2
caryclark
The CQ bit was checked by caryclark@google.com
6 years, 4 months ago (2014-08-20 14:56:50 UTC) #3
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://skia-tree-status.appspot.com/cq/caryclark@google.com/489853002/1
6 years, 4 months ago (2014-08-20 14:57:17 UTC) #4
commit-bot: I haz the power
6 years, 4 months ago (2014-08-20 15:11:31 UTC) #5
Message was sent while issue was closed. 
Committed patchset #1 (1) as bdbb2422b9f20372597367a032d822b4297eab41

Powered by Google App Engine
This is Rietveld 408576698