[Webkit-unassigned] [Bug 65420] WebKit2 crashes on attempt to decode null image
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sat Jul 30 23:08:42 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=65420
Darin Adler <darin at apple.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #102452|review? |review-
Flag| |
--- Comment #3 from Darin Adler <darin at apple.com> 2011-07-30 23:08:42 PST ---
(From update of attachment 102452)
This change is incorrect. While this will not crash, it will create an encoded argument that will not decode properly on the receiving end. The decode function will decode the cursor type, see that it is Custom, then call decodeImage. But decodeImage will read the data of the next thing encoded in the stream, and the decode process will then fail because we’ll be off by at least one byte.
The correct way to change this is to make the null image encode in a way that can be decoded on the other end. One way this could be accomplished would be to encode a boolean to indicate whether an image is present before encoding the image and then decode that boolean in the cursor decode function. If the boolean says the image is null the decoder knows not to try to decode the image. If the boolean says the image is non-null then it knows it must decode the image.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list