RESOLVED FIXED 118652
Origins with invalid ports are not marked as unique 
https://bugs.webkit.org/show_bug.cgi?id=118652
Summary Origins with invalid ports are not marked as unique
Jon Lee
Reported 2013-07-14 00:40:32 PDT
Refactoring(?) bug in SecurityOrigin::create.
Attachments
Patch (1.45 KB, patch)
2013-07-14 00:47 PDT, Jon Lee 		sam: review+
buildbot: commit-queue-
DetailsFormatted DiffDiff
Archive of layout-test-results from webkit-ews-04 for mac-mountainlion (708.98 KB, application/zip)
2013-07-14 05:52 PDT, Build Bot 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2013-07-14 00:40:50 PDT
<rdar://problem/14437753>
Jon Lee
Comment 2 2013-07-14 00:47:44 PDT
Created attachment 206626 [details] Patch
Build Bot
Comment 3 2013-07-14 05:52:38 PDT
Comment on attachment 206626 [details] Patch Attachment 206626 [details] did not pass mac-ews (mac): Output: http://webkit-queues.appspot.com/results/1040840 New failing tests: svg/batik/text/smallFonts.svg
Build Bot
Comment 4 2013-07-14 05:52:39 PDT
Created attachment 206632 [details] Archive of layout-test-results from webkit-ews-04 for mac-mountainlion The attached test failures were seen while running run-webkit-tests on the mac-ews. Bot: webkit-ews-04 Port: mac-mountainlion Platform: Mac OS X 10.8.3
Alexey Proskuryakov
Comment 5 2013-07-14 09:17:10 PDT
Comment on attachment 206626 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=206626&action=review > Source/WebCore/page/SecurityOrigin.cpp:542 > if (port < 0 || port > MaxAllowedPort) > - createUnique(); > + return createUnique(); Existing code is clearly wrong, however I'm not sure why we try to do this in the first place. A second layer of defense against invalid typecasts elsewhere?
Jon Lee
Comment 6 2013-07-14 23:11:08 PDT
Committed r152623: <http://trac.webkit.org/changeset/152623>
Jon Lee
Comment 7 2013-07-15 00:08:58 PDT
(In reply to comment #5) > (From update of attachment 206626 [details]) > View in context: https://bugs.webkit.org/attachment.cgi?id=206626&action=review > > > Source/WebCore/page/SecurityOrigin.cpp:542 > > if (port < 0 || port > MaxAllowedPort) > > - createUnique(); > > + return createUnique(); > > Existing code is clearly wrong, however I'm not sure why we try to do this in the first place. A second layer of defense against invalid typecasts elsewhere? The same check is made in the function above this one, in createFromDatabaseIdentifier. The returned origin, in that case, however, is not a unique one.
Note You need to log in before you can comment on or make changes to this bug.