[SCM] WebKit Debian packaging branch, webkit-1.2, updated. upstream/1.1.90-6072-g9a69373
Gustavo Noronha Silva
gns at gnome.org
Thu Apr 8 02:24:38 UTC 2010
The following commit has been merged in the webkit-1.2 branch:
commit 38220a7adc8ccb35216527fea67968eca8483653
Author: mrowe at apple.com <mrowe at apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Thu Mar 25 05:26:14 2010 +0000
WebKit should treat port numbers outside the valid range as being blacklisted
<http://webkit.org/b/36571> / <rdar://problem/7790908>
Reviewed by Darin Adler.
WebCore:
* platform/KURL.cpp:
(WebCore::KURL::port): Map invalid port numbers to invalidPortNumber.
(WebCore::portAllowed): Add invalidPortNumber to the blacklist.
* platform/KURLGoogle.cpp: invalid port numbers to invalidPortNumber.
(WebCore::KURL::port): Add invalidPortNumber to the blacklist.
Also bring this in to sync with KURL. Having this identical code in two places is stupid.
LayoutTests:
* platform/mac/security/block-test-expected.txt:
* security/block-test.html: Add tests of a few invalid port numbers.
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@56489 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
index 303b0fd..c2f637c 100644
--- a/LayoutTests/ChangeLog
+++ b/LayoutTests/ChangeLog
@@ -1,3 +1,13 @@
+2010-03-24 Mark Rowe <mrowe at apple.com>
+
+ Reviewed by Darin Adler.
+
+ WebKit should treat port numbers outside the valid range as being blacklisted
+ <http://webkit.org/b/36571> / <rdar://problem/7790908>
+
+ * platform/mac/security/block-test-expected.txt:
+ * security/block-test.html: Add tests of a few invalid port numbers.
+
2010-03-23 Alexey Proskuryakov <ap at apple.com>
Reviewed by Geoff Garen.
diff --git a/LayoutTests/platform/mac/security/block-test-expected.txt b/LayoutTests/platform/mac/security/block-test-expected.txt
index b765ea0..e88931c 100644
--- a/LayoutTests/platform/mac/security/block-test-expected.txt
+++ b/LayoutTests/platform/mac/security/block-test-expected.txt
@@ -1,7 +1,9 @@
-http://255.255.255.255:1/test.jpg - willSendRequest <NSURLRequest URL http://255.255.255.255:1/test.jpg, main document URL block-test.html, http method GET> redirectResponse (null)
+http://255.255.255.255:0/test.jpg - willSendRequest <NSURLRequest URL http://255.255.255.255:0/test.jpg, main document URL block-test.html, http method GET> redirectResponse (null)
<unknown> - didFinishLoading
-http://255.255.255.255:7/test.jpg - willSendRequest <NSURLRequest URL http://255.255.255.255:7/test.jpg, main document URL block-test.html, http method GET> redirectResponse (null)
+http://255.255.255.255:1/test.jpg - willSendRequest <NSURLRequest URL http://255.255.255.255:1/test.jpg, main document URL block-test.html, http method GET> redirectResponse (null)
+http://255.255.255.255:0/test.jpg - didFailLoadingWithError: <NSError domain WebKitErrorDomain, code 103, failing URL "http://255.255.255.255:0/test.jpg">
http://255.255.255.255:1/test.jpg - didFailLoadingWithError: <NSError domain WebKitErrorDomain, code 103, failing URL "http://255.255.255.255:1/test.jpg">
+http://255.255.255.255:7/test.jpg - willSendRequest <NSURLRequest URL http://255.255.255.255:7/test.jpg, main document URL block-test.html, http method GET> redirectResponse (null)
http://255.255.255.255:7/test.jpg - didFailLoadingWithError: <NSError domain WebKitErrorDomain, code 103, failing URL "http://255.255.255.255:7/test.jpg">
http://255.255.255.255:9/test.jpg - willSendRequest <NSURLRequest URL http://255.255.255.255:9/test.jpg, main document URL block-test.html, http method GET> redirectResponse (null)
http://255.255.255.255:9/test.jpg - didFailLoadingWithError: <NSError domain WebKitErrorDomain, code 103, failing URL "http://255.255.255.255:9/test.jpg">
@@ -127,6 +129,14 @@ http://255.255.255.255:6668/test.jpg - willSendRequest <NSURLRequest URL http://
http://255.255.255.255:6668/test.jpg - didFailLoadingWithError: <NSError domain WebKitErrorDomain, code 103, failing URL "http://255.255.255.255:6668/test.jpg">
http://255.255.255.255:6669/test.jpg - willSendRequest <NSURLRequest URL http://255.255.255.255:6669/test.jpg, main document URL block-test.html, http method GET> redirectResponse (null)
http://255.255.255.255:6669/test.jpg - didFailLoadingWithError: <NSError domain WebKitErrorDomain, code 103, failing URL "http://255.255.255.255:6669/test.jpg">
+http://255.255.255.255:65535/test.jpg - willSendRequest <NSURLRequest URL http://255.255.255.255:65535/test.jpg, main document URL block-test.html, http method GET> redirectResponse (null)
+http://255.255.255.255:65535/test.jpg - didFailLoadingWithError: <NSError domain WebKitErrorDomain, code 103, failing URL "http://255.255.255.255:65535/test.jpg">
+http://255.255.255.255:65536/test.jpg - willSendRequest <NSURLRequest URL http://255.255.255.255:65536/test.jpg, main document URL block-test.html, http method GET> redirectResponse (null)
+http://255.255.255.255:65536/test.jpg - didFailLoadingWithError: <NSError domain WebKitErrorDomain, code 103, failing URL "http://255.255.255.255:65536/test.jpg">
+http://255.255.255.255:4294967295/test.jpg - willSendRequest <NSURLRequest URL http://255.255.255.255:4294967295/test.jpg, main document URL block-test.html, http method GET> redirectResponse (null)
+http://255.255.255.255:4294967295/test.jpg - didFailLoadingWithError: <NSError domain WebKitErrorDomain, code 103, failing URL "http://255.255.255.255:4294967295/test.jpg">
+http://255.255.255.255:4294967296/test.jpg - willSendRequest <NSURLRequest URL http://255.255.255.255:4294967296/test.jpg, main document URL block-test.html, http method GET> redirectResponse (null)
+http://255.255.255.255:4294967296/test.jpg - didFailLoadingWithError: <NSError domain WebKitErrorDomain, code 103, failing URL "http://255.255.255.255:4294967296/test.jpg">
ftp://255.255.255.255/test.jpg - willSendRequest <NSURLRequest URL ftp://255.255.255.255/test.jpg, main document URL block-test.html, http method GET> redirectResponse (null)
ftp://255.255.255.255/test.jpg - didFailLoadingWithError: <NSError domain NSURLErrorDomain, code -1, failing URL "ftp://255.255.255.255/test.jpg">
ftp://255.255.255.255:21/test.jpg - willSendRequest <NSURLRequest URL ftp://255.255.255.255:21/test.jpg, main document URL block-test.html, http method GET> redirectResponse (null)
diff --git a/LayoutTests/security/block-test.html b/LayoutTests/security/block-test.html
index 9214c49..981eb25 100644
--- a/LayoutTests/security/block-test.html
+++ b/LayoutTests/security/block-test.html
@@ -1,12 +1,18 @@
<html>
<script>
- // Note that port "1" is tested by the initial load.
- var blockedPorts = new Array(7, 9, 11, 13, 15, 17, 19, 20,
- 21, 22, 23, 25, 37, 42, 43, 53, 77, 79, 87, 95, 101, 102,
+ // Note that port "0" is tested by the initial load.
+ var blockedPorts = new Array(1, 7, 9, 11, 13, 15, 17, 19, 20,
+ 21, 22, 23, 25, 37, 42, 43, 53, 77, 79, 87, 95, 101, 102,
103, 104, 109, 110, 111, 113, 115, 117, 119, 123, 135, 139,
143, 179, 389, 465, 512, 513, 514, 515, 526, 530, 531, 532,
- 540, 556, 563, 587, 601, 636, 993, 995, 2049, 3659, 4045,
- 6000, 6665, 6666, 6667, 6668, 6669, 0);
+ 540, 556, 563, 587, 601, 636, 993, 995, 2049, 3659, 4045,
+ 6000, 6665, 6666, 6667, 6668, 6669,
+
+ // Port numbers that we consider to be invalid due to being out of range.
+ Math.pow(2, 16) - 1, Math.pow(2, 16), Math.pow(2, 32) - 1, Math.pow(2, 32),
+
+ // A port number of 0 indicates to nextTest that it should test the FTP exemptions.
+ 0);
var baseURL = "255.255.255.255";
var currentPort = 0;
@@ -56,6 +62,6 @@
correct error for them - blocked instead of cannot find. It also tries the FTP ports for exemptions. Due to the
nature of this test, the results can only be processed automatically via DumpRenderTree
</p>
-<img id="testIMG" src="http://255.255.255.255:1/test.jpg" onError="nextTest();"></img>
+<img id="testIMG" src="http://255.255.255.255:0/test.jpg" onError="nextTest();"></img>
</body>
</html>
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index ab20af7..a8de44e 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,17 @@
+2010-03-24 Mark Rowe <mrowe at apple.com>
+
+ Reviewed by Darin Adler.
+
+ WebKit should treat port numbers outside the valid range as being blacklisted
+ <http://webkit.org/b/36571> / <rdar://problem/7790908>
+
+ * platform/KURL.cpp:
+ (WebCore::KURL::port): Map invalid port numbers to invalidPortNumber.
+ (WebCore::portAllowed): Add invalidPortNumber to the blacklist.
+ * platform/KURLGoogle.cpp: invalid port numbers to invalidPortNumber.
+ (WebCore::KURL::port): Add invalidPortNumber to the blacklist.
+ Also bring this in to sync with KURL. Having this identical code in two places is stupid.
+
2010-03-24 Gustavo Noronha Silva <gustavo.noronha at collabora.co.uk>
Reviewed by Eric Carlson.
diff --git a/WebCore/platform/KURL.cpp b/WebCore/platform/KURL.cpp
index 40adfbc..9a67479 100644
--- a/WebCore/platform/KURL.cpp
+++ b/WebCore/platform/KURL.cpp
@@ -215,6 +215,9 @@ static const unsigned char characterClassTable[256] = {
/* 252 */ BadChar, /* 253 */ BadChar, /* 254 */ BadChar, /* 255 */ BadChar
};
+static const unsigned maximumValidPortNumber = 0xFFFE;
+static const unsigned invalidPortNumber = 0xFFFF;
+
static int copyPathRemovingDots(char* dst, const char* src, int srcStart, int srcEnd);
static void encodeRelativeString(const String& rel, const TextEncoding&, CharBuffer& ouput);
static String substituteBackslashes(const String&);
@@ -576,9 +579,10 @@ unsigned short KURL::port() const
if (m_hostEnd == m_portEnd)
return 0;
- int number = m_string.substring(m_hostEnd + 1, m_portEnd - m_hostEnd - 1).toInt();
- if (number < 0 || number > 0xFFFF)
- return 0;
+ const UChar* stringData = m_string.characters();
+ unsigned number = charactersToUIntStrict(stringData + m_hostEnd + 1, m_portEnd - m_hostEnd - 1);
+ if (!number || number > maximumValidPortNumber)
+ return invalidPortNumber;
return number;
}
@@ -1757,7 +1761,7 @@ bool portAllowed(const KURL& url)
6667, // Standard IRC [Apple addition]
6668, // Alternate IRC [Apple addition]
6669, // Alternate IRC [Apple addition]
-
+ invalidPortNumber, // Used to block all invalid port numbers
};
const unsigned short* const blockedPortListEnd = blockedPortList + sizeof(blockedPortList) / sizeof(blockedPortList[0]);
diff --git a/WebCore/platform/KURLGoogle.cpp b/WebCore/platform/KURLGoogle.cpp
index 8be7009..10b9bb8 100644
--- a/WebCore/platform/KURLGoogle.cpp
+++ b/WebCore/platform/KURLGoogle.cpp
@@ -57,6 +57,8 @@ using std::binary_search;
namespace WebCore {
+static const unsigned invalidPortNumber = 0xFFFF;
+
// Wraps WebCore's text encoding in a character set converter for the
// canonicalizer.
class KURLCharsetConverter : public url_canon::CharsetConverter {
@@ -499,7 +501,7 @@ String KURL::host() const
unsigned short KURL::port() const
{
if (!m_url.m_isValid || m_url.m_parsed.port.len <= 0)
- return 0;
+ return invalidPortNumber;
int port = url_parse::ParsePort(m_url.utf8String().data(), m_url.m_parsed.port);
if (port == url_parse::PORT_UNSPECIFIED)
return 0;
@@ -853,6 +855,12 @@ bool portAllowed(const KURL& url)
3659, // apple-sasl / PasswordServer [Apple addition]
4045, // lockd
6000, // X11
+ 6665, // Alternate IRC [Apple addition]
+ 6666, // Alternate IRC [Apple addition]
+ 6667, // Standard IRC [Apple addition]
+ 6668, // Alternate IRC [Apple addition]
+ 6669, // Alternate IRC [Apple addition]
+ invalidPortNumber, // Used to block all invalid port numbers
};
const unsigned short* const blockedPortListEnd = blockedPortList + sizeof(blockedPortList) / sizeof(blockedPortList[0]);
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list