Sorry for the late reply. Just took a look at it again and I don't see an
attachment?
On Thu, Feb 7, 2013 at 2:56 AM, Carl Peto <carl_p...@dennis.co.uk> wrote:
> If it's OK, because I don't plan to contribute often, I've just attached a
> formatted patch.
>
> If I start to do loads of bug fixes, I'll sort out proper forking. Depends
> if I'm assigned to the project full time again or not!
>
> From 2279ccda9ada8ec5d7189eb3cbb7ae0f29626ef0 Mon Sep 17 00:00:00 2001
> From: Carl Peto <carl_p...@dennis.co.uk>
> Date: Thu, 7 Feb 2013 10:51:19 +0000
> Subject: [PATCH] prevent crash from malformed javascript
>
> this traps if someone tries to write javascript code like...
>
> Cordova.exec(frontPage.updatePublicationList,frontPage.Error,"MyPlugin","up
> date-list",
> null);
>
> ...or...
>
> Cordova.exec(frontPage.updatePublicationList,frontPage.Error,"MyPlugin","up
> date-list",
> "");
>
> ...etc.
>
> and silently assumes no parameters
> ---
> CordovaLib/Classes/CDVInvokedUrlCommand.m | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/CordovaLib/Classes/CDVInvokedUrlCommand.m
> b/CordovaLib/Classes/CDVInvokedUrlCommand.m
> index 6c7a856..e3ca263 100644
> --- a/CordovaLib/Classes/CDVInvokedUrlCommand.m
> +++ b/CordovaLib/Classes/CDVInvokedUrlCommand.m
> @@ -54,12 +54,14 @@
> {
> self = [super init];
> if (self != nil) {
> - _arguments = arguments;
> + if ([arguments isKindOfClass:[NSArray class]]) {
> + _arguments = arguments;
> + [self massageArguments];
> + }
> _callbackId = callbackId;
> _className = className;
> _methodName = methodName;
> }
> - [self massageArguments];
> return self;
> }
> --
> 1.7.10.2 (Apple Git-33)
>
>
>
>
> On 07/02/2013 02:03, "Shazron" <shaz...@gmail.com> wrote:
>
> >Thanks Carl!
> >We usually do pull requests for this:
> >http://wiki.apache.org/cordova/ContributorWorkflow
> >https://help.github.com/articles/using-pull-requests
> >
> >This is for attribution purposes.
> >
> >Since it's a very small patch, I suppose you could save the trouble and
> >use
> >"git format-patch" and attach it in this thread as well. The difference
> >from git diff is , it includes the contributor info (meta info):
> >
> http://stackoverflow.com/questions/4624127/what-is-the-difference-between-
> >git-format-patch-and-git-diff
> >
> >
> >On Wed, Feb 6, 2013 at 5:34 PM, Carl Peto <carl_p...@dennis.co.uk> wrote:
> >
> >>
> >> Dear Cordova,
> >>
> >> We recently had a crash in iOS because we accidentally wrote this
> >> javascriptÅ
> >>
> >>
> >>Cordova.exec(frontPage.updatePublicationList,frontPage.Error,"MyPlugin","
> >>update-list",
> >> null);
> >>
> >> I may have messed up the exact syntax during copy/paste/obfusticate but
> >> the essence is that passing null for the parameters causes a crash. But
> >>it
> >> is perfectly understandable from a javascript point of view, given that
> >>the
> >> method being called takes no parameters.
> >>
> >> Cordova doesn't handle this well yet, at least on iOS. Can I propose a
> >> small patch in the iOS code to just defend against this?
> >>
> >> diff --git a/CordovaLib/Classes/CDVInvokedUrlCommand.m
> >> b/CordovaLib/Classes/CDVInvokedUrlCommand.m
> >> index 6c7a856..e3ca263 100644
> >> --- a/CordovaLib/Classes/CDVInvokedUrlCommand.m
> >> +++ b/CordovaLib/Classes/CDVInvokedUrlCommand.m
> >> @@ -54,12 +54,14 @@
> >> {
> >> self = [super init];
> >> if (self != nil) {
> >> - _arguments = arguments;
> >> + if ([arguments isKindOfClass:[NSArray class]]) {
> >> + _arguments = arguments;
> >> + [self massageArguments];
> >> + }
> >> _callbackId = callbackId;
> >> _className = className;
> >> _methodName = methodName;
> >> }
> >> - [self massageArguments];
> >> return self;
> >> }
> >>
> >>
> >> Thanks and regards.
> >>
> >> Carl Peto,
> >> Dennis Publishing
> >>
> >> NOTE: The information in this email is confidential and may be legally
> >> privileged, unless stated to the contrary. If you are not the intended
> >> recipient, you must not read, use or disseminate that information.
> >> Any opinions or comments are personal to the writer and do not represent
> >> the
> >> official view of Dennis Publishing Ltd. If you have received this email
> >> and are not a named addressee, please contact
> >>it.direc...@dennis.co.ukimmediately by reply email and then delete this
> >>message from your system.
> >> Please do not copy it or use it for any purpose, or disclose its
> >>contents
> >> to any other person.
> >> Although this email and any attachments are believed to be free of any
> >> virus, or other defects, it is the responsibility of the recipient to
> >> ensure that they are virus free and no responsibility is accepted by
> >>Dennis
> >> Publishing Ltd for any loss or damage arising from the receipt or use
> >> thereof.
> >> Company registered in England No. 1138891
> >> Registered office: 30, Cleveland Street, London, W1T 4JD
> >>
> >>
> >>NOTE: The information in this email is confidential and may be legally
> privileged, unless stated to the contrary. If you are not the intended
> recipient, you must not read, use or disseminate that information.
> Any opinions or comments are personal to the writer and do not represent
> the
> official view of Dennis Publishing Ltd. If you have received this email
> and are not a named addressee, please contact
> it.direc...@dennis.co.ukimmediately by reply email and then delete this
> message from your system.
> Please do not copy it or use it for any purpose, or disclose its contents
> to any other person.
> Although this email and any attachments are believed to be free of any
> virus, or other defects, it is the responsibility of the recipient to
> ensure that they are virus free and no responsibility is accepted by Dennis
> Publishing Ltd for any loss or damage arising from the receipt or use
> thereof.
> Company registered in England No. 1138891
> Registered office: 30, Cleveland Street, London, W1T 4JD
>
>
>
>
