[Webkit-unassigned] [Bug 118068] SVG data:uri images are not handled properly

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Nov 4 12:52:23 PST 2013


https://bugs.webkit.org/show_bug.cgi?id=118068





--- Comment #13 from Philip Rogers <pdr at google.com>  2013-11-04 12:51:09 PST ---
(From update of attachment 215923)
View in context: https://bugs.webkit.org/attachment.cgi?id=215923&action=review

> Source/WebCore/ChangeLog:5
> +

Please add more information about what this patch does. It may be useful to list the specific patches being merged as well.

> Source/WebCore/loader/cache/CachedResourceLoader.cpp:164
> +static PassRefPtr<ResourceBuffer> parseDataURI(const URL &url, ResourceResponse &response)

This seems to be an exact copy of WebCore/platform/network/DataURL.cpp's handleDataURL. Can these be unified?

> Source/WebCore/loader/cache/CachedResourceLoader.cpp:246
> +            memoryCache()->add(resource);

I think this may cause a security bug in the xml parser, see https://chromiumcodereview.appspot.com/18226005

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.


More information about the webkit-unassigned mailing list