[chromium-bugs] Re: Issue 29861 in chromium: Typekit.com and possibly other font-face sites stall out, don't respond.

Fri, 18 Dec 2009 01:38:36 -0800 

Comment #13 on issue 29861 by [email protected]: Typekit.com and  
possibly other font-face sites stall out, don't respond.
http://code.google.com/p/chromium/issues/detail?id=29861

The following revision refers to this bug:
     http://src.chromium.org/viewvc/chrome?view=rev&revision=34915

------------------------------------------------------------------------
r34915 | [email protected] | 2009-12-17 17:33:49 -0800 (Thu, 17 Dec 2009)  
| 17 lines
Changed paths:
    M  
http://src.chromium.org/viewvc/chrome/trunk/src/chrome/browser/renderer_host/render_sandbox_host_linux.cc?r1=34915&r2=34914
    M  
http://src.chromium.org/viewvc/chrome/trunk/src/skia/ext/SkFontHost_fontconfig_direct.cpp?r1=34915&r2=34914
    M  
http://src.chromium.org/viewvc/chrome/trunk/src/skia/ext/SkFontHost_fontconfig_impl.h?r1=34915&r2=34914
    M  
http://src.chromium.org/viewvc/chrome/trunk/src/skia/ext/SkFontHost_fontconfig_ipc.cpp?r1=34915&r2=34914

Returns an error immediately without sending IPC message when a font family  
name to resolve is too long.

This change is important when a site has @font-face rule like:

   // http://paulirish.com/webkit-fontface-hang.html
    
@font-face{font-family:testfont;src:url('data:font/ttf;base64,AA.....<<looooooooooong
  
base64 data>>.....aQ==')}

In such a case, WebCore first calls SkFontHost::CreateTypeface() with the  
(possibly very long) data-uri string itself, then calls  
SkFontHost::CreateTypefaceFromStream() with decoded byte stream. Since  
render_sandbox_host_linux.cc just ignores too long IPC message, the  
renderer process could block indefinitely waiting for a reply inside  
recvmsg() system call called from SkFontHost::CreateTypeface().

I'm not sure if the WebCore behavior (i.e. calling CreateTypeface with  
data-uris) is reasonable, but I believe the Skia part is better to be fixed  
anyway. Non data-uri font family names could be very long too:

   @font-face{font-family:testfont;src:local('AA........AA');}

BUG=29861
TEST=First, set up your Linux SUID Sandbox binary:  
http://code.google.com/p/chromium/wiki/LinuxSUIDSandboxDevelopment. Then  
start Chromium and visit http://paulirish.com/webkit-fontface-hang.html or  
http://typekit.com/. Verify that the renderer does not freeze.

Review URL: http://codereview.chromium.org/507037
------------------------------------------------------------------------


--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings

-- 
Automated mail from issue updates at http://crbug.com/
Subscription options: http://groups.google.com/group/chromium-bugs

Reply via email to