Bug 35715

Summary: WebSocket test to transfer null character
Product: WebKit Reporter: Fumitoshi Ukai <ukai>
Component: WebCore JavaScriptAssignee: Fumitoshi Ukai <ukai>
Status: RESOLVED FIXED    
Severity: Normal CC: ap
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   
Attachments:
Description Flags
Patch ap: review+

Description Fumitoshi Ukai 2010-03-03 19:22:23 PST 
We should have test that WebSocket could send/receive message contains null character, which is frame type.
Comment 1 Fumitoshi Ukai 2010-03-03 23:58:10 PST 
Created attachment 49993 [details]
Patch
Comment 2 Alexey Proskuryakov 2010-03-04 10:28:43 PST 
Comment on attachment 49993 [details]
Patch

r=me, thank you for making the test!

It makes me somewhat nervous that we have the following FIXME in send():

    // FIXME: check message is valid utf8.

Can one sneak 0xff in by passing invalid UTF-16 to send()? String::utf8() relies on platform-provided encoder, and I don't even know what ICU does for invalid input, let alone other implementations.
Comment 3 Fumitoshi Ukai 2010-03-05 01:51:52 PST 
Committed r55574: <http://trac.webkit.org/changeset/55574>
Comment 4 Fumitoshi Ukai 2010-03-05 01:54:05 PST 
(In reply to comment #2)
> (From update of attachment 49993 [details])
> r=me, thank you for making the test!
> 
> It makes me somewhat nervous that we have the following FIXME in send():
> 
>     // FIXME: check message is valid utf8.
> 
> Can one sneak 0xff in by passing invalid UTF-16 to send()? String::utf8()
> relies on platform-provided encoder, and I don't even know what ICU does for
> invalid input, let alone other implementations.

Hmm, I think any values represented in UTF-16 couldn't be 0xff in UTF-8, since UTF-8 bit pattern should have at least one zero bit in every bytes.
Maybe, we could remove this comment..