Eight new use-after-free bugs introduced into Safari in the last 12 months. Chrome and Edge use garbage collection in C++ to eliminate a large proportion of these security issues, but Safari is still adding them.https://twitter.com/ProjectZeroBugs/status/1047889297049714688 …
-
-
Does that prevent use-after-frees? If the ref count accidentally goes to zero, the object gets freed immediately, right?
-
Yeah, you’re right, it doesn’t eliminate that kind of UAF :(
- 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.