[webkit-reviews] review requested: [Bug 20267] Crash on some pages due to a plugin : [Attachment 22892] Fix handling of badly formatted and empty plugin mime descriptions
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Aug 20 01:11:50 PDT 2008
Kalle Vahlman <zuh at iki.fi> has asked for review:
Bug 20267: Crash on some pages due to a plugin
https://bugs.webkit.org/show_bug.cgi?id=20267
Attachment 22892: Fix handling of badly formatted and empty plugin mime
descriptions
https://bugs.webkit.org/attachment.cgi?id=22892&action=edit
------- Additional Comments from Kalle Vahlman <zuh at iki.fi>
The backtrace looks to be the same crash I encountered with the new Maemo
release (Diablo), which was due to the Nokia's browser plugin including a
trailing '; ' in their return value for NP_GetMIMEDescription().
The GTK+ PluginPackage code first splits by ';', then by ':' and assumes that
the latter always succeeds to find three elements and thus crashing when
there's less.
The patch fixes it to only accept well-formatted (ie. three elements separated
by ':' for each ';' block) mime descriptions.
More information about the webkit-reviews
mailing list