Bug 246260

Summary: StringImpl::copyCharacters incorrectly uses memcpy on destination pointers that may be null
Product: WebKit Reporter: Darin Adler <darin>
Component: Web Template FrameworkAssignee: Darin Adler <darin>
Status: RESOLVED FIXED    
Severity: Normal CC: philn, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   

Description Darin Adler 2022-10-09 14:50:35 PDT 
After studying the call sites of StringImpl::copyCharacters, it is clear that many rely on being able to pass a combination of a null pointer for the destination and a zero length. The documentation of std::memcpy makes it clear that this leads to undefined behavior, so we can’t do this any more.
Comment 1 Radar WebKit Bug Importer 2022-10-09 22:04:50 PDT 
<rdar://problem/100962334>
Comment 2 Darin Adler 2022-10-10 01:59:07 PDT 
Pull request: https://github.com/WebKit/WebKit/pull/5184
Comment 3 Philippe Normand 2022-10-10 02:19:34 PDT 
*** Bug 246267 has been marked as a duplicate of this bug. ***
Comment 4 EWS 2022-10-16 01:00:00 PDT 
Committed 255600@main (71265755b78a): <https://commits.webkit.org/255600@main>

Reviewed commits have been landed. Closing PR #5184 and removing active labels.