Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
REGRESSION(r255164) [PlayStation] WTFReportBacktrace tries to print b…
…acktrace even when backtrace cannot be obtained and crashes https://bugs.webkit.org/show_bug.cgi?id=261497 Reviewed by Kimmo Kinnunen. WTFPrintBacktraceWithPrefixAndPrintStream should wrap the size parameter to 0 if it is negative not to print stack. Currently, when !HAVE(BACKTRACE) && !OS(WINDOWS), - WTFGetBacktrace(samples, &frames) makes frames = 0 - WTFReportBacktraceWithPrefixAndPrintStream passes -2 (=frames-framesToSkip) to WTFPrintBacktraceWithPrefixAndPrintStream. - WTFPrintBacktraceWithPrefixAndPrintStream static_cast -2 to size_t, which can overflow and makes large number. - It possibly tries to print the large stack and eventually crashes. * Source/WTF/wtf/Assertions.cpp: (WTFPrintBacktraceWithPrefixAndPrintStream): Wraps negative size to 0. (WTFReportBacktraceWithPrefixAndPrintStream): Check the frame size and print "no stacktrace available" if the size is not enough. (WTFReportBacktrace): Ditto. Canonical link: https://commits.webkit.org/268121@main
- Loading branch information