[webkit-reviews] review granted: [Bug 33759] [iexploder] DoS in Gtk/Qt port on painting text from test=81 : [Attachment 50192] Add a test and workaround for the DoS found in WebKit/GTK+
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Mar 8 08:08:51 PST 2010
Darin Adler <darin at apple.com> has granted Holger Freyther <zecke at selfish.org>'s
request for review:
Bug 33759: [iexploder] DoS in Gtk/Qt port on painting text from test=81
https://bugs.webkit.org/show_bug.cgi?id=33759
Attachment 50192: Add a test and workaround for the DoS found in WebKit/GTK+
https://bugs.webkit.org/attachment.cgi?id=50192&action=review
------- Additional Comments from Darin Adler <darin at apple.com>
> + // Prevent running into a denial of service here. If the stroke width is
> + // twice the size of the width of the text we will not ask cairo to
stroke
> + // the text. See https://bugs.webkit.org/show_bug.cgi?id=33759.
I don't think this comment or change log entry should refer to "denial of
service"; any crashing bug could be called that, and it's an irritatingly
oblique term for a crash.
You could improve the comment by instead explaining the logic behind the 2X
text width limit (larger widths wouldn't look good anyway?) and stating more
specifically why passing a bad value to Cairo is a problem (it crashes when the
value is so large that something overflows?).
r=me on the code change, though
More information about the webkit-reviews
mailing list