[webkit-qt] Issue with KWebwallet and QtWebKit23

[Allan Sandfeld Jensen]

On Tuesday 23 October 2012, Lindsay Mathieson wrote:
> I don't know if the following is a bug in QtWebKit-2.3 or whether it is
> changed behaviour that has triggered a bug in KWebWallet.
> 
> Problem: 100% of CPU core usuage, memory consumption *rapidly* increasing
> (GB per 10's of seconds)
> 
I have tracked this issue to another page where it happens (version2.dk). The 
problem is the attempt to serialize a single DOM Element, which ends up trying 
to turn the entire document into a QVariantMap of QVariantMaps. It seems 
trying to return an element should be avoided at all cost in 
evaluateJavaScript calls. We have some ideas for how to improve the situation 
with returned elements, but it looks to be a project for Qt 5.1.

Specifically it seems some web pages assigns non-strings values to form names, 
and the JavaScript code in KWebWallet does not try to protect against these 
"element-injections". 

So taking a lesson from SQL-injections I have tried to protect the code 
better. I have also replaced the css-query with form.elements which returns 
the elements WebKit has associated with the form element. The attached patch 
is against kdelibs KDE/4.9 branch, but should apply to newer branches as well.

To answer your question is it a problem in KWallet or QtWebKit? It is a 
problem on the web, but we can improve how we handle it in all places ;)

Best regards
`Allan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Patch
Type: text/x-patch
Size: 8033 bytes
Desc: not available
URL: <http://lists.webkit.org/pipermail/webkit-qt/attachments/20121112/4490100e/attachment-0001.bin>