[Webkit-unassigned] [Bug 52791] Buffer overrun in WebCore::InspectorBasicValue::writeJSON

Mon Feb 7 01:32:30 PST 2011

https://bugs.webkit.org/show_bug.cgi?id=52791

--- Comment #19 from Pavel Feldman <pfeldman at chromium.org>  2011-02-07 01:32:30 PST ---
> I understand that you might have not tested the toJSONString method at all, but in order to provide any tests for that, I need some wireframes to pin in my test code. Where can I find that?

Typically, LayoutTestController harness is being extended to expose additional APIs to the layout test page. I don't think it is worth it in this case though.

> First of all, web inspector is implemented such a way that I can always create another type of inspector client, pin in my injected script, which is just a js script, and all these things should work.

I am very familiar with how inspector works (and more importantly should work) since most of the abstractions you are operating were introduced by myself. In fact, you can't 'pin in' your injected script. Injected script is backend's implementation details.

> The reason why I hit this scenario is simple: because I am calling the toJSONString method in my code. And I am doing that exactly for the inspector purposes: the inspector client we've written is a special proxy for remote debugging, where JSON is the base protocol format. So I am using InspectorValue framework to create the data tree, then call toJSONString() to produce a JSON representation of the data, then I send them through the stream to the remote debugger controller.

Until inspector protocol matures, we'd like to keep its format private to inspector. So strictly speaking, there is no guarantee that the String message you are operating is a JSON string. It will most likely be one since we are working on publishing the protocol. Speaking of InspectorValue, it is definitely inspector's property and should not be used outside of inspector. It is not a real JSON, if you need one - use JSON object in the JavaScript context instead.

Speaking of remote debugging, I know a number of ports that are supporting it already using our front-end (i.e. not cracking the protocol messages) and one Eclipse integration being developed. None of them are cracking inspector messages on the backend side. Why does yours do that?

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.