[SCM] WebKit Debian packaging branch, webkit-1.1, updated. upstream/1.1.21-584-g1e41756

kov at webkit.org kov at webkit.org
Fri Feb 26 22:22:39 UTC 2010 

The following commit has been merged in the webkit-1.1 branch:
commit 07a5a9ae9f7d39f1b083f1856d659ea92dad7748
Author: kov at webkit.org <kov at webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date:   Wed Feb 17 13:39:12 2010 +0000

    2010-02-16 Gustavo Noronha Silva <gustavo.noronha at collabora.co.uk>
    
    Reviewed by NOBODY (OOPS!).
    
            Protect the resource loader object from disappearing during
            parseDataUrl.
    
            Tested by testdownload API test.
    
            * platform/network/soup/ResourceHandleSoup.cpp:
            (WebCore::parseDataUrl):
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@54885 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index 08cf15b..505a606 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,15 @@
+2010-02-17  Gustavo Noronha Silva  <gustavo.noronha at collabora.co.uk>
+
+        Reviewed by Xan Lopez.
+
+        Protect the resource loader object from disappearing during
+        parseDataUrl.
+
+        Tested by testdownload API test.
+
+        * platform/network/soup/ResourceHandleSoup.cpp:
+        (WebCore::parseDataUrl):
+
 2010-02-17  Marcus Bulach  <bulach at chromium.org>
 
         Reviewed by Jeremy Orlow.
diff --git a/WebCore/platform/network/soup/ResourceHandleSoup.cpp b/WebCore/platform/network/soup/ResourceHandleSoup.cpp
index 9a315cd..f67f5ce 100644
--- a/WebCore/platform/network/soup/ResourceHandleSoup.cpp
+++ b/WebCore/platform/network/soup/ResourceHandleSoup.cpp
@@ -43,6 +43,7 @@
 #include "ResourceError.h"
 #include "ResourceHandleClient.h"
 #include "ResourceHandleInternal.h"
+#include "ResourceLoader.h"
 #include "ResourceResponse.h"
 #include "TextEncoding.h"
 
@@ -357,6 +358,11 @@ static gboolean parseDataUrl(gpointer callback_data)
     if (!client)
         return false;
 
+    // Ugly hack to avoid crashing in this function, by having
+    // didReceiveResponse destroy the loader. This condition is
+    // impossible to detect the way data: URLs are handled, currently.
+    RefPtr<ResourceLoader> resourceLoader(reinterpret_cast<ResourceLoader*>(client));
+
     String url = handle->request().url().string();
     ASSERT(url.startsWith("data:", false));
 
@@ -410,11 +416,12 @@ static gboolean parseDataUrl(gpointer callback_data)
 
         if (data.length() > 0)
             client->didReceiveData(handle, reinterpret_cast<const char*>(data.characters()), data.length() * sizeof(UChar), 0);
-
-        if (d->m_cancelled)
-            return false;
     }
 
+
+    if (d->m_cancelled || !resourceLoader->frameLoader())
+        return false;
+
     client->didFinishLoading(handle);
 
     return false;
diff --git a/WebKit/gtk/ChangeLog b/WebKit/gtk/ChangeLog
index c31c032..270c987 100644
--- a/WebKit/gtk/ChangeLog
+++ b/WebKit/gtk/ChangeLog
@@ -1,3 +1,15 @@
+2010-02-17  Gustavo Noronha Silva  <gustavo.noronha at collabora.co.uk>
+
+        Reviewed by Xan Lopez.
+
+        Test that data URIs that cause downloads to be started do not crash.
+
+        * tests/testdownload.c:
+        (mime_type_policy_decision_requested_cb):
+        (idle_quit_loop_cb):
+        (test_webkit_download_data):
+        (main):
+
 2010-02-17  Philippe Normand  <pnormand at igalia.com>
 
         Reviewed by Xan Lopez.
diff --git a/WebKit/gtk/tests/testdownload.c b/WebKit/gtk/tests/testdownload.c
index 05c3a8d..c7985d5 100644
--- a/WebKit/gtk/tests/testdownload.c
+++ b/WebKit/gtk/tests/testdownload.c
@@ -177,6 +177,52 @@ test_webkit_download_asynch(void)
     test_webkit_download_perform(TRUE);
 }
 
+static gboolean mime_type_policy_decision_requested_cb(WebKitWebView* view, WebKitWebFrame* frame,
+                                                       WebKitNetworkRequest* request, const char* mime_type,
+                                                       WebKitWebPolicyDecision* decision, gpointer data)
+{
+    webkit_web_policy_decision_download(decision);
+    return TRUE;
+}
+
+static void idle_quit_loop_cb(WebKitWebView* web_view, GParamSpec* pspec, gpointer data)
+{
+    if (webkit_web_view_get_load_status(web_view) == WEBKIT_LOAD_FINISHED ||
+        webkit_web_view_get_load_status(web_view) == WEBKIT_LOAD_FAILED)
+        g_main_loop_quit(loop);
+}
+
+static void
+test_webkit_download_data(void)
+{
+    gboolean beenThere = FALSE;
+    WebKitWebView* webView = WEBKIT_WEB_VIEW(webkit_web_view_new());
+    g_object_ref_sink(webView);
+
+    g_signal_connect(webView, "download-requested",
+                     G_CALLBACK(download_requested_cb),
+                     &beenThere);
+
+    g_signal_connect(webView, "notify::load-status",
+                     G_CALLBACK(idle_quit_loop_cb),
+                     NULL);
+
+    g_signal_connect(webView, "mime-type-policy-decision-requested",
+                     G_CALLBACK(mime_type_policy_decision_requested_cb),
+                     NULL);
+
+    loop = g_main_loop_new(NULL, TRUE);
+
+    /* We're testing for a crash, so just not crashing is a pass */
+    webkit_web_view_load_uri(webView, "data:application/octect-stream,");
+    g_main_loop_run(loop);
+
+    g_assert_cmpint(beenThere, ==, TRUE);
+
+    g_main_loop_unref(loop);
+    g_object_unref(webView);
+}
+
 int main(int argc, char** argv)
 {
     g_thread_init(NULL);
@@ -186,6 +232,7 @@ int main(int argc, char** argv)
     g_test_add_func("/webkit/download/create", test_webkit_download_create);
     g_test_add_func("/webkit/download/synch", test_webkit_download_synch);
     g_test_add_func("/webkit/download/asynch", test_webkit_download_asynch);
+    g_test_add_func("/webkit/download/data", test_webkit_download_data);
     return g_test_run ();
 }
 

-- 
WebKit Debian packaging

More information about the Pkg-webkit-commits mailing list