RESOLVED FIXED 187167
[WinCairo] WebKit MiniBrowser crashes when attempting to navigate to certain URLs 
https://bugs.webkit.org/show_bug.cgi?id=187167
Summary [WinCairo] WebKit MiniBrowser crashes when attempting to navigate to certain ...
Christopher Reid
Reported 2018-06-28 19:16:08 PDT
It is crashing due to mishandling of buffers when doing string conversion.
Attachments
Patch (4.27 KB, patch)
2018-06-28 19:24 PDT, Christopher Reid 		no flags
DetailsFormatted DiffDiff
Patch (3.13 KB, patch)
2018-06-29 01:32 PDT, Christopher Reid 		no flags
DetailsFormatted DiffDiff
Patch for landing (3.40 KB, patch)
2018-07-06 13:27 PDT, Christopher Reid 		no flags
DetailsFormatted DiffDiff
Archive of layout-test-results from webkit-cq-03 for mac-sierra (2.31 MB, application/zip)
2018-07-06 14:34 PDT, WebKit Commit Bot 		no flags
Details
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Christopher Reid
Comment 1 2018-06-28 19:24:05 PDT
Created attachment 343887 [details] Patch
Fujii Hironori
Comment 2 2018-06-28 21:27:57 PDT
Comment on attachment 343887 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=343887&action=review I'm not a reviewer. This is an informal review. > Tools/MiniBrowser/win/WebKitBrowserWindow.cpp:48 > +std::vector<char> toUtf8(const wchar_t* src, size_t srcLength) Why do you want to use std::vector<char> for utf-8 strings? > Tools/MiniBrowser/win/WebKitBrowserWindow.cpp:233 > + SetWindowText(thisWindow.m_urlBarWnd, urlString.data()); Why did you replace c_str with data? Windows API expects a null-terminated string.
Christopher Reid
Comment 3 2018-06-28 22:41:31 PDT
(In reply to Fujii Hironori from comment #2) > Comment on attachment 343887 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=343887&action=review > > I'm not a reviewer. This is an informal review. > > > Tools/MiniBrowser/win/WebKitBrowserWindow.cpp:48 > > +std::vector<char> toUtf8(const wchar_t* src, size_t srcLength) > > Why do you want to use std::vector<char> for utf-8 strings? This function was copying the buffer to a std::string just for callers to call c_str() on the returned string. I wanted to use std::vector here as that copy didn't seem needed. > > Tools/MiniBrowser/win/WebKitBrowserWindow.cpp:233 > > + SetWindowText(thisWindow.m_urlBarWnd, urlString.data()); > > Why did you replace c_str with data? Windows API expects a null-terminated > string. Oops right, those ones shouldn't have been changed.
Christopher Reid
Comment 4 2018-06-29 01:32:42 PDT
Created attachment 343896 [details] Patch
Fujii Hironori
Comment 5 2018-06-29 02:11:20 PDT
Super. LGTM.
Anders Carlsson
Comment 6 2018-06-30 08:30:59 PDT
Comment on attachment 343896 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=343896&action=review > Tools/MiniBrowser/win/WebKitBrowserWindow.cpp:62 > - return adoptWK(WKStringCreateWithUTF8CString(utf8.c_str())); > + return adoptWK(WKStringCreateWithUTF8CString(utf8.data())); Pretty sure WKStringCreateWithUTF8CString expects a null terminated string. > Tools/MiniBrowser/win/WebKitBrowserWindow.cpp:69 > - return adoptWK(WKURLCreateWithUTF8CString(utf8.c_str())); > + return adoptWK(WKURLCreateWithUTF8CString(utf8.data())); Same here.
Michael Catanzaro
Comment 7 2018-06-30 14:04:25 PDT
(In reply to Fujii Hironori from comment #2) > > Tools/MiniBrowser/win/WebKitBrowserWindow.cpp:233 > > + SetWindowText(thisWindow.m_urlBarWnd, urlString.data()); > > Why did you replace c_str with data? Windows API expects a null-terminated > string. Note that for std::string, c_str() and data() are equivalent since C++ 11 (i.e. data() is now guaranteed to be null-terminated).
Christopher Reid
Comment 8 2018-07-02 14:35:15 PDT
(In reply to Anders Carlsson from comment #6) > Comment on attachment 343896 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=343896&action=review > > > Tools/MiniBrowser/win/WebKitBrowserWindow.cpp:62 > > - return adoptWK(WKStringCreateWithUTF8CString(utf8.c_str())); > > + return adoptWK(WKStringCreateWithUTF8CString(utf8.data())); > > Pretty sure WKStringCreateWithUTF8CString expects a null terminated string. I think that's okay, toUtf8() is null terminating the buffer.
Alex Christensen
Comment 9 2018-07-05 10:45:59 PDT
Comment on attachment 343896 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=343896&action=review > Tools/MiniBrowser/win/WebKitBrowserWindow.cpp:48 > +std::vector<char> toUtf8(const wchar_t* src, size_t srcLength) toNullTerminatedUTF8?
Christopher Reid
Comment 10 2018-07-06 13:27:16 PDT
Created attachment 344449 [details] Patch for landing
WebKit Commit Bot
Comment 11 2018-07-06 14:34:11 PDT
Comment on attachment 344449 [details] Patch for landing Rejecting attachment 344449 [details] from commit-queue. New failing tests: media/media-fullscreen-return-to-inline.html Full output: https://webkit-queues.webkit.org/results/8459655
WebKit Commit Bot
Comment 12 2018-07-06 14:34:13 PDT
Created attachment 344455 [details] Archive of layout-test-results from webkit-cq-03 for mac-sierra The attached test failures were seen while running run-webkit-tests on the commit-queue. Bot: webkit-cq-03 Port: mac-sierra Platform: Mac OS X 10.12.6
WebKit Commit Bot
Comment 13 2018-07-06 19:24:42 PDT
Comment on attachment 344449 [details] Patch for landing Clearing flags on attachment: 344449 Committed r233610: <https://trac.webkit.org/changeset/233610>
WebKit Commit Bot
Comment 14 2018-07-06 19:24:44 PDT
All reviewed patches have been landed. Closing bug.
Radar WebKit Bug Importer
Comment 15 2018-07-06 19:26:54 PDT
<rdar://problem/41918558>
Note You need to log in before you can comment on or make changes to this bug.