Bug 20394

Summary: src from or 302 to abnormal data uris cause NULL dereference
Product: WebKit Reporter: Tavis Ormandy <taviso>
Component: WebCore Misc.Assignee: Nobody <webkit-unassigned>
Status: RESOLVED INVALID    
Severity: Normal CC: mrowe
Priority: P2 Keywords: HasReduction, InRadar
Version: 525.x (Safari 3.1)   
Hardware: PC   
OS: OS X 10.5   

Tavis Ormandy
Reported 2008-08-15 06:11:53 PDT
data:/?./%be,;
Attachments
Mark Rowe (bdash)
Comment 1 2008-08-15 08:11:49 PDT
I see a crash here, but it is not in WebKit: Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_PROTECTION_FAILURE at address: 0x00000000 0x95a37b5c in CFStringCreateMutableCopy () (gdb) bt #0 0x95a37b5c in CFStringCreateMutableCopy () #1 0x95abd573 in _CFDataURLCreateDataAndPropertiesFromResource () #2 0x95a2096b in CFURLCreateDataAndPropertiesFromResource () #3 0x9073d2cd in _CFStreamErrorFromCFError () #4 0x907531a6 in _CFStreamErrorFromCFError () #5 0x9075275f in _CFStreamErrorFromCFError () Does that match the crash that you are seeing?
Mark Rowe (bdash)
Comment 2 2008-08-15 08:39:58 PDT
Mark Rowe (bdash)
Comment 3 2008-08-15 08:40:47 PDT
Closing as INVALID per our policy for handling bugs outside of WebKit. The issue will be forwarded to the appropriate team via Radar.
Note You need to log in before you can comment on or make changes to this bug.