[webkit-changes] [273886] trunk

Thu, 04 Mar 2021 05:54:05 -0800

Title: [273886] trunk
Revision
273886
Author
commit-qu...@webkit.org
Date
2021-03-04 05:53:24 -0800 (Thu, 04 Mar 2021)

Log Message

Null check platformData when decoding
https://bugs.webkit.org/show_bug.cgi?id=221442

Patch by Rob Buis <rb...@igalia.com> on 2021-03-04
Reviewed by Ryosuke Niwa.

Source/WebKit:

Null check platformData when decoding.

Test: ipc/pasteboard-write-custom-data.html

* Shared/WebCoreArgumentCoders.cpp:
(IPC::ArgumentCoder<PasteboardCustomData::Entry>::decode):

LayoutTests:

Add test for this.

* ipc/pasteboard-write-custom-data-expected.txt: Added.
* ipc/pasteboard-write-custom-data.html: Added.

Modified Paths

Added Paths

Diff

Modified: trunk/LayoutTests/ChangeLog (273885 => 273886)


--- trunk/LayoutTests/ChangeLog	2021-03-04 13:22:14 UTC (rev 273885)
+++ trunk/LayoutTests/ChangeLog	2021-03-04 13:53:24 UTC (rev 273886)
@@ -1,3 +1,15 @@
+2021-03-04  Rob Buis  <rb...@igalia.com>
+
+        Null check platformData when decoding
+        https://bugs.webkit.org/show_bug.cgi?id=221442
+
+        Reviewed by Ryosuke Niwa.
+
+        Add test for this.
+
+        * ipc/pasteboard-write-custom-data-expected.txt: Added.
+        * ipc/pasteboard-write-custom-data.html: Added.
+
 2021-03-04  Antoine Quint  <grao...@webkit.org>
 
         initial value for border-image-outset should be 0

Added: trunk/LayoutTests/ipc/pasteboard-write-custom-data-expected.txt (0 => 273886)


--- trunk/LayoutTests/ipc/pasteboard-write-custom-data-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/ipc/pasteboard-write-custom-data-expected.txt	2021-03-04 13:53:24 UTC (rev 273886)
@@ -0,0 +1 @@
+Test passes if it does not crash.

Added: trunk/LayoutTests/ipc/pasteboard-write-custom-data.html (0 => 273886)


--- trunk/LayoutTests/ipc/pasteboard-write-custom-data.html	                        (rev 0)
+++ trunk/LayoutTests/ipc/pasteboard-write-custom-data.html	2021-03-04 13:53:24 UTC (rev 273886)
@@ -0,0 +1,11 @@
+<!DOCTYPE html><!-- webkit-test-runner [ IPCTestingAPIEnabled=true ] -->
+<html>
+Test passes if it does not crash.
+<script>
+if (window.testRunner)
+    testRunner.dumpAsText();
+if (window.IPC) {
+    buf = new Uint8Array([0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x0,0xff,0xff,0xff,0xff,0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,0x0,0x10,0x0,0x0,0x0,0x0,0x0,0xb,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x2,0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x9,])
 ;
+    IPC.sendMessage('UI', IPC.webPageProxyID, IPC.messages.WebPasteboardProxy_WriteCustomData.name, [buf]);
+}
+</script>

Modified: trunk/Source/WebKit/ChangeLog (273885 => 273886)


--- trunk/Source/WebKit/ChangeLog	2021-03-04 13:22:14 UTC (rev 273885)
+++ trunk/Source/WebKit/ChangeLog	2021-03-04 13:53:24 UTC (rev 273886)
@@ -1,3 +1,17 @@
+2021-03-04  Rob Buis  <rb...@igalia.com>
+
+        Null check platformData when decoding
+        https://bugs.webkit.org/show_bug.cgi?id=221442
+
+        Reviewed by Ryosuke Niwa.
+
+        Null check platformData when decoding.
+
+        Test: ipc/pasteboard-write-custom-data.html
+
+        * Shared/WebCoreArgumentCoders.cpp:
+        (IPC::ArgumentCoder<PasteboardCustomData::Entry>::decode):
+
 2021-03-04  Kimmo Kinnunen  <kkinnu...@apple.com>
 
         IPC stream feature should use client/server naming instead of sender/receiver

Modified: trunk/Source/WebKit/Shared/WebCoreArgumentCoders.cpp (273885 => 273886)


--- trunk/Source/WebKit/Shared/WebCoreArgumentCoders.cpp	2021-03-04 13:22:14 UTC (rev 273885)
+++ trunk/Source/WebKit/Shared/WebCoreArgumentCoders.cpp	2021-03-04 13:53:24 UTC (rev 273886)
@@ -1571,7 +1571,7 @@
 
     if (hasBuffer) {
         RefPtr<SharedBuffer> value;
-        if (!decodeSharedBuffer(decoder, value))
+        if (!decodeSharedBuffer(decoder, value) || !value)
             return false;
         data.platformData = { value.releaseNonNull() };
     }

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to