[Webkit-unassigned] [Bug 52791] Buffer overrun in WebCore::InspectorBasicValue::writeJSON
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Feb 6 23:59:50 PST 2011
https://bugs.webkit.org/show_bug.cgi?id=52791
--- Comment #18 from Mikołaj Małecki <m.malecki at samsung.com> 2011-02-06 23:59:50 PST ---
(In reply to comment #17)
> > I'm afraid not. I haven't found any part of tests that would test this thing; I even think that if there was any, this bug would have been found months ago already.
>
> You are right, we now send stringified descriptions for all the wrapped object values, so we don't hit this scenario.
I understand that you might have not tested the toJSONString method at all, but in order to provide any tests for that, I need some wireframes to pin in my test code. Where can I find that?
> > In order to reproduce this problem, you'd have to make an InspectorValue of type number, set it the value of, say, "1.0e-200", and call v->toJSONString(). No part of the javascript engine is using this thing, especially that this API is a new thing and previously only the javascript scripts were able to be used as inspector clients. These are uses of toJSONString in the whole webkit code, including tests (I cut off efl/WebCoreSupport because it contains a new feature I am developing and will submit separately):
> While designing InspectorValue, we were aiming a JSON subset for the data generated by the inspector itself. It sounds like our use cases fit the implementation. I am thinking that you might be using InspectorValue for non-inspector purposes. Or is it not so? Why do you hit this scenario?
First of all, web inspector is implemented such a way that I can always create another type of inspector client, pin in my injected script, which is just a js script, and all these things should work.
The reason why I hit this scenario is simple: because I am calling the toJSONString method in my code. And I am doing that exactly for the inspector purposes: the inspector client we've written is a special proxy for remote debugging, where JSON is the base protocol format. So I am using InspectorValue framework to create the data tree, then call toJSONString() to produce a JSON representation of the data, then I send them through the stream to the remote debugger controller.
> > In other words: what tests should I update stating that no one has added any tests for the Web Inspector C++ API?
>
> See above. On a general note, we are using layout tests in WebKit instead of testing C++ API.
I can see anything related to tests above. In layout tests there's also nothing.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list