[SCM] WebKit Debian packaging branch, webkit-1.1, updated. upstream/1.1.21-584-g1e41756

ap at apple.com ap at apple.com
Fri Feb 26 22:25:20 UTC 2010 

The following commit has been merged in the webkit-1.1 branch:
commit 2f473a21840695d251d1124cd760184e0d408443
Author: ap at apple.com <ap at apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date:   Fri Feb 19 00:37:08 2010 +0000

            Reviewed by Dan Bernstein.
    
            https://bugs.webkit.org/show_bug.cgi?id=35134
            <rdar://problem/7246280> Crash when a plugin calls NPN_SetStatus(0)
    
            Test: plugins/set-status.html
    
            * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
            (WebKit::NetscapePluginInstanceProxy::status):
            (WebKit::NetscapePluginInstanceProxy::loadURL):
            Added null checks for CFStringCreateWithCString arguments.
    
    
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@54993 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
index fe3d6a4..edb5110 100644
--- a/LayoutTests/ChangeLog
+++ b/LayoutTests/ChangeLog
@@ -1,3 +1,14 @@
+2010-02-18  Alexey Proskuryakov  <ap at apple.com>
+
+        Reviewed by Dan Bernstein.
+
+        https://bugs.webkit.org/show_bug.cgi?id=35134
+        <rdar://problem/7246280> Crash when a plugin calls NPN_SetStatus(0)
+
+        * plugins/set-status-expected.txt: Added.
+        * plugins/set-status.html: Added.
+        While at it, also test that we process UTF-8.
+
 2010-02-18  Dan Bernstein  <mitz at apple.com>
 
         Reviewed by John Sullivan.
diff --git a/LayoutTests/plugins/set-status-expected.txt b/LayoutTests/plugins/set-status-expected.txt
new file mode 100644
index 0000000..9bfe6ac
--- /dev/null
+++ b/LayoutTests/plugins/set-status-expected.txt
@@ -0,0 +1,3 @@
+UI DELEGATE STATUS CALLBACK: setStatusText:PАSS
+
+PASS if status bar says "PASS".
diff --git a/LayoutTests/plugins/set-status.html b/LayoutTests/plugins/set-status.html
new file mode 100644
index 0000000..2501904
--- /dev/null
+++ b/LayoutTests/plugins/set-status.html
@@ -0,0 +1,15 @@
+<html>
+<meta charset="utf-8">
+<body>
+<embed name="plg" type="application/x-webkit-test-netscape"></embed>
+<p>PASS if status bar says "PASS".</p>
+<script>
+    if (window.layoutTestController) {
+        layoutTestController.dumpStatusCallbacks();
+        layoutTestController.dumpAsText();
+    }
+
+    plg.setStatus(); // Try sending a null string, which used to cause a crash.
+    plg.setStatus("PАSS");
+
+</script></body></html>
diff --git a/WebKit/mac/ChangeLog b/WebKit/mac/ChangeLog
index ec76133..004f8e5 100644
--- a/WebKit/mac/ChangeLog
+++ b/WebKit/mac/ChangeLog
@@ -1,3 +1,17 @@
+2010-02-18  Alexey Proskuryakov  <ap at apple.com>
+
+        Reviewed by Dan Bernstein.
+
+        https://bugs.webkit.org/show_bug.cgi?id=35134
+        <rdar://problem/7246280> Crash when a plugin calls NPN_SetStatus(0)
+
+        Test: plugins/set-status.html
+
+        * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
+        (WebKit::NetscapePluginInstanceProxy::status):
+        (WebKit::NetscapePluginInstanceProxy::loadURL):
+        Added null checks for CFStringCreateWithCString arguments.
+
 2010-02-17  Dmitry Titov  <dimich at chromium.org>
 
         Reviewed by David Levin, Darin Fisher, Simon Hausmann.
diff --git a/WebKit/mac/Plugins/Hosted/NetscapePluginInstanceProxy.mm b/WebKit/mac/Plugins/Hosted/NetscapePluginInstanceProxy.mm
index d11f25c..766cfce 100644
--- a/WebKit/mac/Plugins/Hosted/NetscapePluginInstanceProxy.mm
+++ b/WebKit/mac/Plugins/Hosted/NetscapePluginInstanceProxy.mm
@@ -504,11 +504,12 @@ void NetscapePluginInstanceProxy::stopTimers()
 
 void NetscapePluginInstanceProxy::status(const char* message)
 {
-    RetainPtr<CFStringRef> status(AdoptCF, CFStringCreateWithCString(NULL, message, kCFStringEncodingUTF8));
-    
+    if (!message)
+        return;
+    RetainPtr<CFStringRef> status(AdoptCF, CFStringCreateWithCString(0, message, kCFStringEncodingUTF8));
     if (!status)
         return;
-    
+
     WebView *wv = [m_pluginView webView];
     [[wv _UIDelegateForwarder] webView:wv setStatusText:(NSString *)status.get()];
 }
@@ -525,6 +526,8 @@ NPError NetscapePluginInstanceProxy::loadURL(const char* url, const char* target
 
         if (flags & PostDataIsFile) {
             // If we're posting a file, buf is either a file URL or a path to the file.
+            if (!postData)
+                return NPERR_INVALID_PARAM;
             RetainPtr<CFStringRef> bufString(AdoptCF, CFStringCreateWithCString(kCFAllocatorDefault, postData, kCFStringEncodingWindowsLatin1));
             if (!bufString)
                 return NPERR_INVALID_PARAM;

-- 
WebKit Debian packaging

More information about the Pkg-webkit-commits mailing list