Replace NativeBufferFactory
with a more secure implementation
#3062
Labels
enhancement
New feature or request
Uh oh!
There was an error while loading. Please reload this page.
Description
Skia.NativeBuffer is badly designed.
The
MakeFromImage
function sadly returns pointers as BigInts.react-native-skia/packages/skia/cpp/api/JsiNativeBuffer.h
Lines 20 to 25 in 15edae0
The
Release
function accepts a BigInt argument, which is expected to be the pointer for which the memory should be freed. It should've encapsulated the pointers and restricted this with a check to ensure the value can't be tampered with from JavaScript side.react-native-skia/packages/skia/cpp/api/JsiNativeBuffer.h
Lines 27 to 34 in 15edae0
Ideally, the JavaScript side does not get an arbitrary way to free any hardware pointers beyond the ones it's explicitly been granted.
The text was updated successfully, but these errors were encountered: