[webkit-changes] [137644] tags/Safari-537.21/Source/WebCore

Thu, 13 Dec 2012 13:16:34 -0800

Title: [137644] tags/Safari-537.21/Source/WebCore

Diff

Modified: tags/Safari-537.21/Source/WebCore/ChangeLog (137643 => 137644)


--- tags/Safari-537.21/Source/WebCore/ChangeLog	2012-12-13 21:18:01 UTC (rev 137643)
+++ tags/Safari-537.21/Source/WebCore/ChangeLog	2012-12-13 21:18:19 UTC (rev 137644)
@@ -1,5 +1,31 @@
 2012-12-13  Lucas Forschler  <[email protected]>
 
+        Merge r137573
+
+    2012-12-12  Jon Lee  <[email protected]>
+
+            Crash in PlugInOriginHash with empty MIME type (104882)
+            https://bugs.webkit.org/show_bug.cgi?id=104882
+            <rdar://problem/12872298>
+
+            Reviewed by Filip Pizlo.
+
+            The crash occurs because the strings might be null. Add a check for it, but also try to infer a MIME type
+            in case the markup does not include a type attribute, but we can find it from the extension in the URL.
+
+            * platform/KURL.cpp: Add a new function mimeTypeFromURL() which tries to return the implied MIME type
+            based on the URL provided. If nothing was found, return a null string.
+            (WebCore::mimeTypeFromURL): Factored out from FrameLoader::defaultObjectContentType().
+            * platform/KURL.h:
+
+            * loader/FrameLoader.cpp:
+            (WebCore::FrameLoader::defaultObjectContentType): Refactor to use mimeTypeFromURL().
+            * plugins/PlugInOriginHash.cpp:
+            (WebCore::addCaseFoldedCharacters): Add a check for an empty string.
+            (WebCore::PlugInOriginHash::hash): If the service type is empty, try to infer the MIME type.
+
+2012-12-13  Lucas Forschler  <[email protected]>
+
         Merge r137607
 
     2012-12-13  Nate Chapin  <[email protected]>

Modified: tags/Safari-537.21/Source/WebCore/loader/FrameLoader.cpp (137643 => 137644)


--- tags/Safari-537.21/Source/WebCore/loader/FrameLoader.cpp	2012-12-13 21:18:01 UTC (rev 137643)
+++ tags/Safari-537.21/Source/WebCore/loader/FrameLoader.cpp	2012-12-13 21:18:19 UTC (rev 137644)
@@ -884,16 +884,15 @@
 ObjectContentType FrameLoader::defaultObjectContentType(const KURL& url, const String& mimeTypeIn, bool shouldPreferPlugInsForImages)
 {
     String mimeType = mimeTypeIn;
-    String decodedPath = decodeURLEscapeSequences(url.path());
-    String extension = decodedPath.substring(decodedPath.reverseFind('.') + 1);
 
-    // We don't use MIMETypeRegistry::getMIMETypeForPath() because it returns "application/octet-stream" upon failure
     if (mimeType.isEmpty())
-        mimeType = MIMETypeRegistry::getMIMETypeForExtension(extension);
+        mimeType = mimeTypeFromURL(url);
 
 #if !PLATFORM(MAC) && !PLATFORM(CHROMIUM) && !PLATFORM(EFL) // Mac has no PluginDatabase, nor does Chromium or EFL
-    if (mimeType.isEmpty())
-        mimeType = PluginDatabase::installedPlugins()->MIMETypeForExtension(extension);
+    if (mimeType.isEmpty()) {
+        String decodedPath = decodeURLEscapeSequences(url.path());
+        mimeType = PluginDatabase::installedPlugins()->MIMETypeForExtension(decodedPath.substring(decodedPath.reverseFind('.') + 1));
+    }
 #endif
 
     if (mimeType.isEmpty())

Modified: tags/Safari-537.21/Source/WebCore/platform/KURL.cpp (137643 => 137644)


--- tags/Safari-537.21/Source/WebCore/platform/KURL.cpp	2012-12-13 21:18:01 UTC (rev 137643)
+++ tags/Safari-537.21/Source/WebCore/platform/KURL.cpp	2012-12-13 21:18:19 UTC (rev 137644)
@@ -28,6 +28,7 @@
 #include "KURL.h"
 
 #include "DecodeEscapeSequences.h"
+#include "MIMETypeRegistry.h"
 #include "PlatformMemoryInstrumentation.h"
 #include "TextEncoding.h"
 #include <stdio.h>
@@ -1918,6 +1919,15 @@
     return "";
 }
 
+String mimeTypeFromURL(const KURL& url)
+{
+    String decodedPath = decodeURLEscapeSequences(url.path());
+    String extension = decodedPath.substring(decodedPath.reverseFind('.') + 1);
+
+    // We don't use MIMETypeRegistry::getMIMETypeForPath() because it returns "application/octet-stream" upon failure
+    return MIMETypeRegistry::getMIMETypeForExtension(extension);
+}
+
 void KURL::reportMemoryUsage(MemoryObjectInfo* memoryObjectInfo) const
 {
     MemoryClassInfo info(memoryObjectInfo, this);

Modified: tags/Safari-537.21/Source/WebCore/platform/KURL.h (137643 => 137644)


--- tags/Safari-537.21/Source/WebCore/platform/KURL.h	2012-12-13 21:18:01 UTC (rev 137643)
+++ tags/Safari-537.21/Source/WebCore/platform/KURL.h	2012-12-13 21:18:19 UTC (rev 137644)
@@ -290,6 +290,7 @@
 bool isValidProtocol(const String&);
 
 String mimeTypeFromDataURL(const String& url);
+String mimeTypeFromURL(const KURL&);
 
 // Unescapes the given string using URL escaping rules, given an optional
 // encoding (defaulting to UTF-8 otherwise). DANGER: If the URL has "%00"

Modified: tags/Safari-537.21/Source/WebCore/plugins/PlugInOriginHash.cpp (137643 => 137644)


--- tags/Safari-537.21/Source/WebCore/plugins/PlugInOriginHash.cpp	2012-12-13 21:18:01 UTC (rev 137643)
+++ tags/Safari-537.21/Source/WebCore/plugins/PlugInOriginHash.cpp	2012-12-13 21:18:19 UTC (rev 137644)
@@ -31,6 +31,7 @@
 #include "HTMLPlugInImageElement.h"
 #include "KURL.h"
 #include "Logging.h"
+#include "MIMETypeRegistry.h"
 #include "Page.h"
 #include <wtf/text/StringHash.h>
 
@@ -38,6 +39,8 @@
 
 static inline void addCaseFoldedCharacters(StringHasher& hasher, const String& string)
 {
+    if (string.isEmpty())
+        return;
     if (string.is8Bit())
         return hasher.addCharacters<LChar, CaseFoldingHash::foldCase<LChar> >(string.characters8(), string.length());
     return hasher.addCharacters<UChar, CaseFoldingHash::foldCase<UChar> >(string.characters16(), string.length());
@@ -47,6 +50,10 @@
 {
     ASSERT(plugInElement->document()->page());
 
+    String mimeType = plugInElement->serviceType();
+    if (mimeType.isEmpty())
+        mimeType = mimeTypeFromURL(plugInURL);
+
     // We want to avoid concatenating the strings and then taking the hash, since that could lead to an expensive conversion.
     // We also want to avoid using the hash() function in StringImpl or CaseFoldingHash because that masks out bits for the use of flags.
     StringHasher hasher;
@@ -54,8 +61,8 @@
     hasher.addCharacter(0);
     addCaseFoldedCharacters(hasher, plugInURL.host());
     hasher.addCharacter(0);
-    addCaseFoldedCharacters(hasher, plugInElement->serviceType());
-    LOG(Plugins, "Hash: %s %s %s", plugInElement->document()->page()->mainFrame()->document()->baseURL().host().utf8().data(), plugInURL.host().utf8().data(), plugInElement->serviceType().utf8().data());
+    addCaseFoldedCharacters(hasher, mimeType);
+    LOG(Plugins, "Hash: %s %s %s", plugInElement->document()->page()->mainFrame()->document()->baseURL().host().utf8().data(), plugInURL.host().utf8().data(), mimeType.utf8().data());
     return hasher.hash();
 }
 

_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to