[webkit-changes] [177094] branches/safari-600.3-branch

Wed, 10 Dec 2014 13:51:48 -0800

Title: [177094] branches/safari-600.3-branch

Diff

Modified: branches/safari-600.3-branch/LayoutTests/ChangeLog (177093 => 177094)


--- branches/safari-600.3-branch/LayoutTests/ChangeLog	2014-12-10 21:50:53 UTC (rev 177093)
+++ branches/safari-600.3-branch/LayoutTests/ChangeLog	2014-12-10 21:51:03 UTC (rev 177094)
@@ -1,3 +1,18 @@
+2014-10-29  Chris Dumez  <cdu...@apple.com>
+
+        Crash in CachedRawResource::canReuse() when reloading http://dnd.wizards.com/dungeons-and-dragons/story
+        https://bugs.webkit.org/show_bug.cgi?id=138164
+
+        Reviewed by Andreas Kling.
+
+        Add a layout test that does XHR loads from cache with only uncommon
+        HTTP headers to reproduce a crash in CachedRawResource::canReuse()
+        when iterating over a HTTPHeaderMap that had uncommon HTTP headers
+        but no common ones.
+
+        * http/tests/cache/xhr-uncommon-header-expected.txt: Added.
+        * http/tests/cache/xhr-uncommon-header.html: Added.
+
 2014-12-10  Matthew Hanson  <matthew_han...@apple.com>
 
         Merge r175243. <rdar://problem/19196762>

Added: branches/safari-600.3-branch/LayoutTests/http/tests/cache/xhr-uncommon-header-expected.txt (0 => 177094)


--- branches/safari-600.3-branch/LayoutTests/http/tests/cache/xhr-uncommon-header-expected.txt	                        (rev 0)
+++ branches/safari-600.3-branch/LayoutTests/http/tests/cache/xhr-uncommon-header-expected.txt	2014-12-10 21:51:03 UTC (rev 177094)
@@ -0,0 +1,11 @@
+Test that we don't crash on xhr loads from cache with only uncommon HTTP headers
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+load
+load
+PASS successfullyParsed is true
+
+TEST COMPLETE
+

Added: branches/safari-600.3-branch/LayoutTests/http/tests/cache/xhr-uncommon-header.html (0 => 177094)


--- branches/safari-600.3-branch/LayoutTests/http/tests/cache/xhr-uncommon-header.html	                        (rev 0)
+++ branches/safari-600.3-branch/LayoutTests/http/tests/cache/xhr-uncommon-header.html	2014-12-10 21:51:03 UTC (rev 177094)
@@ -0,0 +1,26 @@
+<script src=""
+<body>
+<script type="text/_javascript_">
+description("Test that we don't crash on xhr loads from cache with only uncommon HTTP headers");
+jsTestIsAsync = true;
+
+function repeat() {
+    var request2 = new XMLHttpRequest();
+    request2.addEventListener("load", function() { debug("load"); finishJSTest(); }, false);
+    request2.addEventListener("error", function() { debug("error"); finishJSTest(); }, false);
+    request2.addEventListener("abort", function() { debug("abort"); finishJSTest(); }, false);
+    request2.open("GET", "resources/empty.txt", true);
+    request2.setRequestHeader("X-Custom1", "test1");
+    request2.send();
+}
+
+var request = new XMLHttpRequest();
+request.addEventListener("load", function() { debug("load"); repeat(); }, false);
+request.addEventListener("error", function() { debug("error"); repeat(); }, false);
+request.addEventListener("abort", function() { debug("abort"); repeat(); }, false);
+request.open("GET", "resources/empty.txt", true);
+request.setRequestHeader("X-Custom1", "test1");
+request.send();
+</script>
+<script src=""
+</body>

Modified: branches/safari-600.3-branch/Source/WebCore/ChangeLog (177093 => 177094)


--- branches/safari-600.3-branch/Source/WebCore/ChangeLog	2014-12-10 21:50:53 UTC (rev 177093)
+++ branches/safari-600.3-branch/Source/WebCore/ChangeLog	2014-12-10 21:51:03 UTC (rev 177094)
@@ -1,3 +1,32 @@
+2014-10-29  Chris Dumez  <cdu...@apple.com>
+
+        Crash in CachedRawResource::canReuse() when reloading http://dnd.wizards.com/dungeons-and-dragons/story
+        https://bugs.webkit.org/show_bug.cgi?id=138164
+
+        Reviewed by Andreas Kling.
+
+        This patch fixes a crash when reloading the following URL:
+        http://dnd.wizards.com/dungeons-and-dragons/story
+
+        We were crashing in CachedRawResource::canReuse() because header.key
+        would sometimes be a null String and we would call
+        HashMap::get(nullString).
+
+        The real issue was that header.key was null in the first place, which
+        means that even though the HTTPHeaderMap iterator is valid, it->key
+        is a null String, which should never happen. There was a bug in the
+        HTTPHeaderMapConstIterator() constructor that would cause the
+        iterator key/value pair to not get initialized if the HTTPHeaderMap
+        contained *only* uncommon HTTP headers. This patch updates the
+        constructor so that we fall back to updating the key/value from the
+        uncommon header map, if we failed to initialized from the common
+        header map (because it was empty).
+
+        Test: http/tests/cache/xhr-uncommon-header.html
+
+        * platform/network/HTTPHeaderMap.h:
+        (WebCore::HTTPHeaderMap::HTTPHeaderMapConstIterator::HTTPHeaderMapConstIterator):
+
 2014-12-05  Dana Burkart  <dburk...@apple.com>
 
         Merge r176812. <rdar://problem/19140827>

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to