[Webkit-unassigned] [Bug 118483] New: WebVTTParser's identifier buffering can ignore subsequent lines
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Jul 8 14:14:57 PDT 2013
https://bugs.webkit.org/show_bug.cgi?id=118483
Summary: WebVTTParser's identifier buffering can ignore
subsequent lines
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: Media Elements
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: b.long at cablelabs.com
In WebVTTParser::parseBytes, we do this:
String line = collectNextLine(data, length, &position);
switch (m_state) {
case Initial:
// Buffer up at least 9 bytes before proceeding with checking for the file identifier.
m_identifierData.append(data, length);
if (m_identifierData.size() < bomLength + fileIdentifierLength)
return;
But it doesn't work in this situation:
parser->parseBytes("WEBVTT\n\n", 8);
parser->parseBytes("00:00:00.000 --> 00:00:10.000\nCue text\n\n", strlen("00:00:00.000 --> 00:00:10.000\nCue text\n\n");
The first parseBytes call has less than 9 bytes, so it does nothing. The second parseBytes call collects the current line ("00:00:00.000 --> 00:00:10.000"), but since the state is `Initial`, it just checks the identifier and throws away the current line. Now it collects the next line ("Cue text"), and because we're in state `Header`, it treats it as a comment and throws it away too.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list