Bug 90640 - Reproducible crasher when pasting a 0x0 image into Mail
Summary: Reproducible crasher when pasting a 0x0 image into Mail
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: HTML Editing (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Nobody
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2012-07-05 15:59 PDT by Alice Cheng
Modified: 2012-07-10 09:54 PDT (History)
1 user (show)

See Also:


Attachments
patch (1.39 KB, patch)
2012-07-05 16:23 PDT, Alice Cheng
gyuyoung.kim: commit-queue-
Details | Formatted Diff | Diff
patch (1.36 KB, patch)
2012-07-05 16:31 PDT, Alice Cheng
sam: review-
Details | Formatted Diff | Diff
patch (6.80 KB, patch)
2012-07-09 10:13 PDT, Alice Cheng
beidson: review-
Details | Formatted Diff | Diff
patch (6.60 KB, patch)
2012-07-09 16:59 PDT, Alice Cheng
no flags Details | Formatted Diff | Diff
patch (6.60 KB, patch)
2012-07-09 17:09 PDT, Alice Cheng
no flags Details | Formatted Diff | Diff
patch (6.60 KB, patch)
2012-07-09 17:17 PDT, Alice Cheng
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Alice Cheng 2012-07-05 15:59:04 PDT
This bug seems to be reproducible when pasting a 0x0 image into Mail

>  1 com.apple.WebCore              0x7fff8a050a0e WebCore::KURL::createCFURL() const + 0xe
   2 com.apple.WebCore              0x7fff8a0509cb WebCore::KURL::operator NSURL*() const + 0xb
   3 com.apple.WebCore              0x7fff8aa80416 WebCore::documentFragmentWithImageResource(WebCore::Frame*, WTF::PassRefPtr<WebCore::ArchiveResource>) + 0xe6
   4 com.apple.WebCore              0x7fff8a34e212 WebCore::Pasteboard::documentFragment(WebCore::Frame*, WTF::PassRefPtr<WebCore::Range>, bool, bool&) + 0x1b62
   5 com.apple.WebCore              0x7fff8a34c22e WebCore::Editor::pasteWithPasteboard(WebCore::Pasteboard*, bool) + 0xce
   6 com.apple.WebCore              0x7fff8a34c12a WebCore::Editor::paste() + 0x9a
   7 com.apple.WebCore              0x7fff8a34c060 WebCore::executePaste(WebCore::Frame*, WebCore::Event*, WebCore::EditorCommandSource, WTF::String const&) + 0x30
   8 com.apple.WebCore              0x7fff8a2e4ac4 WebCore::Editor::Command::execute(WTF::String const&, WebCore::Event*) const + 0xc4
   9 com.apple.WebKit               0x7fff9341a01f -[WebHTMLView executeCoreCommandBySelector:] + 0x6f
  10 com.apple.AppKit               0x7fff8fa3bb39 -[NSApplication sendAction:to:from:] + 0xd6
  11 com.apple.AppKit               0x7fff8fb27ef8 -[NSMenuItem _corePerformAction] + 0x196
  12 com.apple.AppKit               0x7fff8fb27bea -[NSCarbonMenuImpl performActionWithHighlightingForItemAtIndex:] + 0x85
  13 com.apple.AppKit               0x7fff8faa736f -[NSMenu performKeyEquivalent:] + 0x10f
  14 com.apple.AppKit               0x7fff8faa61ba -[NSApplication _handleKeyEquivalent:] + 0x33d
  15 com.apple.AppKit               0x7fff8f99a5d9 -[NSApplication sendEvent:] + 0x117e
  16 com.apple.mail                 0x104980d43 -[MailApp sendEvent:] + 0x0 (/SourceCache/Mail/Mail-1445/Mail/Application/MailApp.m:429)
  17 com.apple.AppKit               0x7fff8f9389ba -[NSApplication run] + 0x27c
  18 com.apple.AppKit               0x7fff8fba850b NSApplicationMain + 0x365
  19 libdyld.dylib                  0x7fff94d4c7e1 start + 0x1
Comment 1 Alice Cheng 2012-07-05 15:59:48 PDT
<rdar://problem/11141920>
Comment 2 Alice Cheng 2012-07-05 16:23:18 PDT
Created attachment 150999 [details]
patch

check if resource is nil to prevent from crashing
Comment 3 WebKit Review Bot 2012-07-05 16:27:46 PDT
Attachment 150999 [details] did not pass style-queue:

Failed to run "['Tools/Scripts/check-webkit-style', '--diff-files', u'Source/WebCore/ChangeLog', u'Source/WebCor..." exit_code: 1
Source/WebCore/ChangeLog:11:  You should remove the 'No new tests' and either add and list tests, or explain why no new tests were possible.  [changelog/nonewtests] [5]
Total errors found: 1 in 2 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 4 Alice Cheng 2012-07-05 16:31:13 PDT
Created attachment 151002 [details]
patch

Check if resource is nil to prevent from crashing

Need advice on test case and how to determine if it is a regression
Comment 5 Brady Eidson 2012-07-05 16:32:23 PDT
Comment on attachment 150999 [details]
patch

View in context: https://bugs.webkit.org/attachment.cgi?id=150999&action=review

> Source/WebCore/platform/mac/PasteboardMac.mm:373
> +    if(!resource.get())
> +        return 0;
> +    

Is this a restoration of the old behavior, or is it Yet Another New Behavior™?
Comment 6 Sam Weinig 2012-07-05 17:03:37 PDT
Comment on attachment 151002 [details]
patch

View in context: https://bugs.webkit.org/attachment.cgi?id=151002&action=review

> Source/WebCore/platform/mac/PasteboardMac.mm:372
> +    if(!resource.get())
> +        return 0;

You need a space in between if and ( and you don't need to call .get().
Comment 7 Gyuyoung Kim 2012-07-05 20:19:49 PDT
Comment on attachment 150999 [details]
patch

Attachment 150999 [details] did not pass efl-ews (efl):
Output: http://queues.webkit.org/results/13142329
Comment 8 Alice Cheng 2012-07-09 10:13:00 PDT
Created attachment 151268 [details]
patch

check if resource is nil to prevent from crashing
add test case for the patch
Comment 9 Brady Eidson 2012-07-09 15:12:38 PDT
Comment on attachment 151268 [details]
patch

View in context: https://bugs.webkit.org/attachment.cgi?id=151268&action=review

Close - Let's give it one more shot.

> Source/WebCore/ChangeLog:9
> +        Editing: Reproducible crasher when pasting a 0x0 image into Mail
> +        https://bugs.webkit.org/show_bug.cgi?id=90640
> +        <rdar://problem/11141920>
> +
> +        Reviewed by NOBODY (OOPS!).
> +
> +        patch the crash by checking for nil.

Can be a bit more descriptive here.

Something like:
"0x0 images don't get a resource representation in the WebArchive so we need a null check"

> Tools/ChangeLog:26
> +2012-07-09  Alice Cheng  <alice_cheng@apple.com>
> +
> +        Editing: Reproducible crasher when pasting a 0x0 image into Mail
> +        https://bugs.webkit.org/show_bug.cgi?id=90640
> +        <rdar://problem/11141920>
> +
> +        Reviewed by NOBODY (OOPS!).
> +
> +        Test cases for the patch that checks for nil.
> +
> +        * TestWebKitAPI/Tests/mac/0.png: Added.
> +        * TestWebKitAPI/Tests/mac/WebViewCanPasteZeroPng.mm: Added.
> +        (TestWebKitAPI):
> +        (TestWebKitAPI::TEST):
> +
> +2012-07-09  Alice Cheng  <alice_cheng@apple.com>
> +
> +        Need a short description and bug URL (OOPS!)
> +
> +        Reviewed by NOBODY (OOPS!).
> +
> +        * TestWebKitAPI/Tests/mac/0.png: Added.
> +        * TestWebKitAPI/Tests/mac/WebViewCanPasteZeroPng.mm: Added.
> +        (TestWebKitAPI):
> +        (TestWebKitAPI::TEST):
> +

Some leftover ChangeLog cruft here.
Comment 10 Alice Cheng 2012-07-09 16:59:49 PDT
Created attachment 151357 [details]
patch

Modified the ChangeLog according to the review comments
Comment 11 Alice Cheng 2012-07-09 17:09:38 PDT
Created attachment 151360 [details]
patch

submit for commit queue
Comment 12 Alice Cheng 2012-07-09 17:17:09 PDT
Created attachment 151362 [details]
patch

submit for commit queue
Comment 13 WebKit Review Bot 2012-07-10 09:18:55 PDT
Comment on attachment 151357 [details]
patch

Clearing flags on attachment: 151357

Committed r122228: <http://trac.webkit.org/changeset/122228>
Comment 14 WebKit Review Bot 2012-07-10 09:19:00 PDT
All reviewed patches have been landed.  Closing bug.