diff options
| author | piman@google.com <piman@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-04-19 21:54:26 +0000 |
|---|---|---|
| committer | piman@google.com <piman@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-04-19 21:54:26 +0000 |
| commit | bf04ad0dae9f4f479f90fd2b38f634ffbaf434b4 (patch) | |
| tree | cbeebd9c3013292a9c180fa0d14bc58a857a5936 /webkit/plugins | |
| parent | 22bed334d0bcb0e82cfb9539ba8de2e79e2b8712 (diff) | |
| download | chromium_src-bf04ad0dae9f4f479f90fd2b38f634ffbaf434b4.zip chromium_src-bf04ad0dae9f4f479f90fd2b38f634ffbaf434b4.tar.gz chromium_src-bf04ad0dae9f4f479f90fd2b38f634ffbaf434b4.tar.bz2 | |
Fix invalid read in ppapi code
BUG=77493
TEST=attached test
Review URL: http://codereview.chromium.org/6883059
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@82172 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'webkit/plugins')
| -rw-r--r-- | webkit/plugins/ppapi/npapi_glue.cc | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/webkit/plugins/ppapi/npapi_glue.cc b/webkit/plugins/ppapi/npapi_glue.cc index 112c42e..b2eacb4 100644 --- a/webkit/plugins/ppapi/npapi_glue.cc +++ b/webkit/plugins/ppapi/npapi_glue.cc @@ -51,7 +51,9 @@ bool PPVarToNPVariant(PP_Var var, NPVariant* result) { return false; } const std::string& value = string->value(); - STRINGN_TO_NPVARIANT(base::strdup(value.c_str()), value.size(), *result); + char* c_string = static_cast<char*>(malloc(value.size())); + memcpy(c_string, value.data(), value.size()); + STRINGN_TO_NPVARIANT(c_string, value.size(), *result); break; } case PP_VARTYPE_OBJECT: { |