[Webkit-unassigned] [Bug 179963] Unrepresentable characters in <input type="file"> filenames are incorrectly encoded

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Nov 22 19:34:14 PST 2017 

https://bugs.webkit.org/show_bug.cgi?id=179963

--- Comment #2 from Victor Costan <costan at gmail.com> ---
FWIW, while running the new LayoutTests on the unpatched version of WebKit, I got this crash.

ASSERTION FAILED: size >= m_size
/Users/costan/WebKit/WebKitBuild/Debug/usr/local/include/wtf/Vector.h(1088) : void WTF::Vector<char, 0, WTF::CrashOnOverflow, 16, WTF::FastMalloc>::grow(size_t) [T = char, inlineCapacity = 0, OverflowHandler = WTF::CrashOnOverflow, minCapacity = 16, Malloc = WTF::FastMalloc]
1   0x119d3de1d WTFCrash
2   0x10c0b1fc2 WTF::Vector<char, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>::grow(unsigned long)
3   0x10e94cee1 WebCore::encodeComplexUserDefined(unsigned short const*, unsigned long, WebCore::UnencodableHandling)
4   0x10e94cd5d WebCore::TextCodecUserDefined::encode(unsigned short const*, unsigned long, WebCore::UnencodableHandling)
5   0x10e94d5b8 WebCore::TextEncoding::encode(WTF::StringView, WebCore::UnencodableHandling) const
6   0x10e8fb93a WebCore::FormDataBuilder::addFilenameToMultiPartHeader(WTF::Vector<char, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&, WebCore::TextEncoding const&, WTF::String const&)
7   0x10e8fb751 WebCore::FormData::appendMultiPartFileValue(WebCore::File const&, WTF::Vector<char, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&, WebCore::TextEncoding&, WebCore::Document*)
8   0x10e8fab5f WebCore::FormData::appendMultiPartKeyValuePairItems(WebCore::DOMFormData const&, WebCore::Document*)
9   0x10e8fa9dd WebCore::FormData::createMultiPart(WebCore::DOMFormData const&, WebCore::Document*)
10  0x10e26ba98 WebCore::FormSubmission::create(WebCore::HTMLFormElement&, WebCore::FormSubmission::Attributes const&, WebCore::Event*, WebCore::LockHistory, WebCore::FormSubmissionTrigger)
11  0x10dee4390 WebCore::HTMLFormElement::submit(WebCore::Event*, bool, bool, WebCore::FormSubmissionTrigger)
12  0x10dee44f6 WebCore::HTMLFormElement::submitFromJavaScript()
13  0x10c884b6a WebCore::jsHTMLFormElementPrototypeFunctionSubmitBody(JSC::ExecState*, WebCore::JSHTMLFormElement*, JSC::ThrowScope&)
14  0x10c86fede long long WebCore::IDLOperation<WebCore::JSHTMLFormElement>::call<&(WebCore::jsHTMLFormElementPrototypeFunctionSubmitBody(JSC::ExecState*, WebCore::JSHTMLFormElement*, JSC::ThrowScope&)), (WebCore::CastedThisErrorBehavior)0>(JSC::ExecState&, char const*)
15  0x10c86fc6c WebCore::jsHTMLFormElementPrototypeFunctionSubmit(JSC::ExecState*)
16  0x225343801168
17  0x1188f4a34 llint_entry
18  0x1188ecb97 vmEntryToJavaScript
19  0x11961b4ae JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*)
20  0x1195c2b35 JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&)
21  0x119818b3a JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&)
22  0x119818c19 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&)
23  0x119818ebd JSC::profiledCall(JSC::ExecState*, JSC::ProfilingReason, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&)
24  0x10d6f496b WebCore::JSMainThreadExecState::profiledCall(JSC::ExecState*, JSC::ProfilingReason, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&)
25  0x10d72ef62 WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext&, WebCore::Event&)
26  0x10dc71ed2 WebCore::EventTarget::fireEventListeners(WebCore::Event&, WTF::Vector<WTF::RefPtr<WebCore::RegisteredEventListener>, 1ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>)
27  0x10dc699ca WebCore::EventTarget::fireEventListeners(WebCore::Event&)
28  0x10dcc3794 WebCore::Node::handleLocalEvents(WebCore::Event&)
29  0x10dc6983d WebCore::EventContext::handleLocalEvents(WebCore::Event&) const
30  0x10dc6a506 WebCore::dispatchEventInDOM(WebCore::Event&, WebCore::EventPath const&)
31  0x10dc6a02d WebCore::EventDispatcher::dispatchEvent(WebCore::Node&, WebCore::Event&)

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20171123/d84f02f2/attachment.html>

More information about the webkit-unassigned mailing list