[SCM] WebKit Debian packaging branch, webkit-1.2, updated. 1.2.5-1500-gb65db3c

[Huzaifa Sidhpurwala]

The following commit has been merged in the webkit-1.2 branch:
commit 29616effac60ecbc24e53932cdc998f42246398d
Author: Huzaifa Sidhpurwala <huzaifas at redhat.com>
Date:   Thu Dec 2 12:49:03 2010 +0530

    Backport crash fix by Huzaifa Sidhpurwala <huzaifas at redhat.com>
    
    Original author: Anders Carlsson  <andersca at apple.com>
    
        Add additional check to Text::wholeText.
        <rdar://problem/8304795>
    
        Reviewed by Darin Adler.
    
        * dom/Text.cpp:
        (WebCore::Text::wholeText):
    
        git-svn-id: http://svn.webkit.org/repository/webkit/trunk@68705 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/WebCore/dom/Text.cpp b/WebCore/dom/Text.cpp
index 229fa88..cbf5aa7 100644
--- a/WebCore/dom/Text.cpp
+++ b/WebCore/dom/Text.cpp
@@ -128,6 +128,8 @@ String Text::wholeText() const
             continue;
         const Text* t = static_cast<const Text*>(n);
         const String& data = t->data();
+        if (std::numeric_limits<unsigned>::max() - data.length() < resultLength)
+            CRASH();
         resultLength += data.length();
     }
     UChar* resultData;

-- 
WebKit Debian packaging