[Webkit-unassigned] [Bug 140173] New: The ASCII decoding for non ASCII character is incorrect if this character comes after the going through fast decoding code path and before the end of the text by less than a machine word size of characters

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Jan 6 21:09:53 PST 2015


https://bugs.webkit.org/show_bug.cgi?id=140173

            Bug ID: 140173
           Summary: The ASCII decoding for non ASCII character is
                    incorrect if this character comes after the going
                    through fast decoding code path and before the end of
                    the text by less than a machine word size of
                    characters
    Classification: Unclassified
           Product: WebKit
           Version: 528+ (Nightly build)
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Page Loading
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: said at apple.com

Created attachment 244137
  --> https://bugs.webkit.org/attachment.cgi?id=244137&action=review
Test case

1. Check the function TextCodecLatin1::decode()
2. Suppose the following text is decoded: "%41%42%43%44%45%46%47%48%82%82".
3. The URL precent encoded text will be converted to 10 bytes array and sent to TextCodecLatin1::decode(),
4. Since the first byte is ASCII and since its index is 8-bytes aligned, we use the fast decoding path.
5. Since the first eight bytes are all ASCII, we do the decoding in one step and and we copy the whole word from the source byte array to the result buffer.
6. Since after the first eight bytes, what is left is less than a machine word, we exit the fast decoding path.
7. The problem is after breaking the fast decoding code path, we copy the current byte as is even if it is a non ASCII character.

A test case is attached. It works correctly in FireFox and Chrome and shows two non ASCII 0x82 characters at the end. But in Safari, it shows a single 0x82 character at the end.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20150107/a9cab0d4/attachment-0002.html>


More information about the webkit-unassigned mailing list