Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Fix potential use-after-free in JSString #318

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
kateinoigakukun merged 1 commit into main from katei/fix-potential-uaf-jsstring
Mar 27, 2025

Conversation

@kateinoigakukun
Copy link
Member

@kateinoigakukun kateinoigakukun commented Mar 27, 2025

The guts' lifetime was not guaranteed to be longer than swjs_value_equals call, which could lead to a use-after-free.

 

The guts' lifetime was not guaranteed to be longer than
`swjs_value_equals` call, which could lead to a use-after-free.
@kateinoigakukun kateinoigakukun marked this pull request as ready for review March 27, 2025 12:17
Copy link

Time Change: +14ms (0%)

Total Time: 9,580ms

Test name Duration Change
Serialization/JavaScript function call through Wasm import with int 22ms +2ms (9%) 🔍
View Unchanged
Test name Duration Change
Serialization/JavaScript function call through Wasm import 24ms +1ms
Serialization/JavaScript function call from Swift 121ms +2ms (1%)
Serialization/Swift Int to JavaScript with assignment 329ms -4ms (1%)
Serialization/Swift Int to JavaScript with call 962ms -0ms
Serialization/JavaScript Number to Swift Int 267ms +7ms (2%)
Serialization/Swift String to JavaScript with assignment 410ms -1ms (0%)
Serialization/Swift String to JavaScript with call 1,051ms +2ms (0%)
Serialization/JavaScript String to Swift String 3,557ms +1ms (0%)
Object heap/Increment and decrement RC 2,804ms +7ms (0%)
View Baselines
Test name Duration
Serialization/Call JavaScript function directly 8ms
Serialization/Assign JavaScript number directly 7ms
Serialization/Call with JavaScript number directly 6ms
Serialization/Write JavaScript string directly 6ms
Serialization/Call with JavaScript string directly 6ms

@kateinoigakukun kateinoigakukun merged commit b006cf6 into main Mar 27, 2025
6 checks passed
@kateinoigakukun kateinoigakukun deleted the katei/fix-potential-uaf-jsstring branch March 27, 2025 12:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

AltStyle によって変換されたページ (->オリジナル) /