2 | 2 | > ... [ r19027 ] contains implicit casts in code that does memory accesses, which is something that is very commonly seen in code that is vulnerable to OOB reads and writes. By now I'm quite certain that this piece of code only fails in a way that doesn't leak any data, just yield some unexpected results if the C++ data would be changed from the C++ side, or via another path not yet there. I did however need 4 reads of that code to come to that assertion, for pieces of code that should be a lot shorter (about 1 line for reading and 1 for writing). Using To/FromJSVal might even work out of the box, otherwise extending them slightly would be a lot shorter than those blocks of code (and would not duplicate something we already do in a common place). The code also seems to copy around vectors for fun. |