Gitiles
Code Review Sign In
review.blissroms.org / platform_external_skia / 1fa54044efa81967c3b5acb03427a37575ce65e5
commit1fa54044efa81967c3b5acb03427a37575ce65e5[log] [tgz]
authorBryce Thomas <bryct@amazon.com>Tue Jan 14 13:46:30 2020 -0800
committerKevin Lubick <kjlubick@google.com>Wed Jan 15 14:48:36 2020 +0000
tree859127f55e4427f4d33451ba547519dd3bba526d
parenta4f218dd683aae82179708c3cb24e6515c57d6da [diff]
rm CanvasKit.HEAPU8.buffer caching (fix UAF bug).

Cached references to the WASM heap buffer are invalid following memory growth:
https://github.com/emscripten-core/emscripten/issues/6747#issuecomment-400081465.
This change replaces references to the cached CanvasKit.buffer with direct
references to CanvasKit.HEAPU8.buffer.  The symptom of this bug is a Javascript
error thrown in the Chrome console: "Uncaught TypeError: Cannot perform
Construct on a neutered ArrayBuffer", causing the operation in question to fail.

Bug: NONE
Change-Id: I27462e80db1d33e0e77ee7295b25039c9036d2e2
Reviewed-on: https://skia-review.googlesource.com/c/skia/+/264477
Reviewed-by: Kevin Lubick <kjlubick@google.com>
4 files changed
tree: 859127f55e4427f4d33451ba547519dd3bba526d
  1. animations/
  2. bench/
  3. bin/
  4. build/
  5. build_overrides/
  6. dm/
  7. docker/
  8. docs/
  9. example/
  10. experimental/
  11. fuzz/
  12. gm/
  13. gn/
  14. include/
  15. infra/
  16. modules/
  17. platform_tools/
  18. resources/
  19. samplecode/
  20. site/
  21. specs/
  22. src/
  23. tests/
  24. third_party/
  25. tools/
  26. .clang-format
  27. .clang-tidy
  28. .gitignore
  29. .gn
  30. AUTHORS
  31. BUILD.gn
  32. codereview.settings
  33. CONTRIBUTING
  34. CQ_COMMITTERS
  35. DEPS
  36. go.mod
  37. go.sum
  38. LICENSE
  39. OWNERS
  40. PRESUBMIT.py
  41. public.bzl
  42. README
  43. README.chromium
  44. RELEASE_NOTES.txt
  45. whitespace.txt