[webkit-changes] [98970] trunk/Source/WebKit/mac

Tue, 01 Nov 2011 09:28:26 -0700

Title: [98970] trunk/Source/WebKit/mac
Revision
98970
Author
da...@apple.com
Date
2011-11-01 09:28:18 -0700 (Tue, 01 Nov 2011)

Log Message

Crash in PDF code when script has illegal UTF-8 or UTF-16 sequences
https://bugs.webkit.org/show_bug.cgi?id=71289

Reviewed by Dan Bernstein.

Just adding a null check. I don't have access to an actual PDF with
this problem but crashes from the field indicate they exist.

* WebView/WebPDFDocumentExtras.mm:
(allScriptsInPDFDocument): Skip the code to add the script text
to an array when the script is null.

Modified Paths

Diff

Modified: trunk/Source/WebKit/mac/ChangeLog (98969 => 98970)


--- trunk/Source/WebKit/mac/ChangeLog	2011-11-01 15:59:08 UTC (rev 98969)
+++ trunk/Source/WebKit/mac/ChangeLog	2011-11-01 16:28:18 UTC (rev 98970)
@@ -1,3 +1,17 @@
+2011-11-01  Darin Adler  <da...@apple.com>
+
+        Crash in PDF code when script has illegal UTF-8 or UTF-16 sequences
+        https://bugs.webkit.org/show_bug.cgi?id=71289
+
+        Reviewed by Dan Bernstein.
+
+        Just adding a null check. I don't have access to an actual PDF with
+        this problem but crashes from the field indicate they exist.
+
+        * WebView/WebPDFDocumentExtras.mm:
+        (allScriptsInPDFDocument): Skip the code to add the script text
+        to an array when the script is null.
+
 2011-10-28  John Sullivan  <sulli...@apple.com>
 
         WebKit part of:

Modified: trunk/Source/WebKit/mac/WebView/WebPDFDocumentExtras.mm (98969 => 98970)


--- trunk/Source/WebKit/mac/WebView/WebPDFDocumentExtras.mm	2011-11-01 15:59:08 UTC (rev 98969)
+++ trunk/Source/WebKit/mac/WebView/WebPDFDocumentExtras.mm	2011-11-01 16:28:18 UTC (rev 98970)
@@ -89,7 +89,7 @@
     if (!CGPDFDictionaryGetDictionary(namesDictionary, "_javascript_", &_javascript_NameTree))
         return scripts;
 
-    // The names are aribtrary. We are only interested in the values.
+    // The names are arbitrary. We are only interested in the values.
     Vector<CGPDFObjectRef> objects;
     getAllValuesInPDFNameTree(_javascript_NameTree, objects);
     size_t objectCount = objects.size();
@@ -125,6 +125,9 @@
 
         NSStringEncoding encoding = (length > 1 && bytes[0] == 0xFE && bytes[1] == 0xFF) ? NSUnicodeStringEncoding : NSUTF8StringEncoding;
         NSString *script = [[NSString alloc] initWithBytes:bytes length:length encoding:encoding];
+        if (!script)
+            continue;
+
         [scripts addObject:script];
         [script release];
     }

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes

Reply via email to