Changeset 229994 in webkit

Timestamp:

Mar 27, 2018 3:10:41 AM (6 years ago)

Author:

Fujii Hironori

Message:

[GTK] Layout test editing/deleting/delete-surrogatepair.html crashing with CRITICAL : enchant_dict_check: assertion 'g_utf8_validate(word, len, NULL)' failed
​https://bugs.webkit.org/show_bug.cgi?id=176799

Reviewed by Carlos Garcia Campos.

Source/WebCore:

The length of a surrogate-pair UTF-16 character is 2 even though
the number of characters is 1. An incorrect string length was
passed to enchant_dict_check if the string contains a
surrogate-pair character because the length was calculated by
applying UTF-16 character position to UTF-8 string.

No new tests (Covered by existing tests).

• platform/text/enchant/TextCheckerEnchant.cpp:

(WebCore::TextCheckerEnchant::checkSpellingOfWord): Changed the
type of an argument word from CString to String. Convert a
substring of the argument into UTF-8.
(WebCore::TextCheckerEnchant::checkSpellingOfString): Pass the
original UTF-16 string to checkSpellingOfWord instead of a
converted UTF-8 string.

• platform/text/enchant/TextCheckerEnchant.h: Changed the type of

an argument word from CString to String.

LayoutTests:

• platform/gtk/TestExpectations: Unmarked editing/deleting/delete-surrogatepair.html.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/platform/gtk/TestExpectations (modified) (1 diff)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/platform/text/enchant/TextCheckerEnchant.cpp (modified) (2 diffs)
• Source/WebCore/platform/text/enchant/TextCheckerEnchant.h (modified) (1 diff)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2018-03-27  Fujii Hironori  <Hironori.Fujii@sony.com>
+
+        [GTK] Layout test editing/deleting/delete-surrogatepair.html crashing with CRITICAL **: enchant_dict_check: assertion 'g_utf8_validate(word, len, NULL)' failed
+        https://bugs.webkit.org/show_bug.cgi?id=176799
+
+        Reviewed by Carlos Garcia Campos.
+
+        * platform/gtk/TestExpectations: Unmarked editing/deleting/delete-surrogatepair.html.
+
 2018-03-23  Antoine Quint  <graouts@apple.com>
 

trunk/LayoutTests/platform/gtk/TestExpectations

@@ -1258 +1258 @@
 webkit.org/b/175575 imported/w3c/web-platform-tests/html/semantics/embedded-content/media-elements/ready-states/autoplay-with-slow-text-tracks.html [ Crash Pass ]
 
-webkit.org/b/176799 editing/deleting/delete-surrogatepair.html [ Crash ]
-
 webkit.org/b/176801 fast/mediastream/apply-constraints-audio.html [ Crash ]
 webkit.org/b/176801 fast/mediastream/argument-types.html [ Crash Pass ]

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2018-03-27  Fujii Hironori  <Hironori.Fujii@sony.com>
+
+        [GTK] Layout test editing/deleting/delete-surrogatepair.html crashing with CRITICAL **: enchant_dict_check: assertion 'g_utf8_validate(word, len, NULL)' failed
+        https://bugs.webkit.org/show_bug.cgi?id=176799
+
+        Reviewed by Carlos Garcia Campos.
+
+        The length of a surrogate-pair UTF-16 character is 2 even though
+        the number of characters is 1. An incorrect string length was
+        passed to enchant_dict_check if the string contains a
+        surrogate-pair character because the length was calculated by
+        applying UTF-16 character position to UTF-8 string.
+
+        No new tests (Covered by existing tests).
+
+        * platform/text/enchant/TextCheckerEnchant.cpp:
+        (WebCore::TextCheckerEnchant::checkSpellingOfWord): Changed the
+        type of an argument `word` from CString to String. Convert a
+        substring of the argument into UTF-8.
+        (WebCore::TextCheckerEnchant::checkSpellingOfString): Pass the
+        original UTF-16 string to checkSpellingOfWord instead of a
+        converted UTF-8 string.
+        * platform/text/enchant/TextCheckerEnchant.h: Changed the type of
+        an argument `word` from CString to String.
+
 2018-03-26  Ms2ger  <Ms2ger@igalia.com>
 

trunk/Source/WebCore/platform/text/enchant/TextCheckerEnchant.cpp

@@ -65 +65 @@
 }
 
-void TextCheckerEnchant::checkSpellingOfWord(const CString& word, int start, int end, int& misspellingLocation, int& misspellingLength)
-{
-    const char* string = word.data();
-    char* startPtr = g_utf8_offset_to_pointer(string, start);
-    int numberOfBytes = static_cast<int>(g_utf8_offset_to_pointer(string, end) - startPtr);
+void TextCheckerEnchant::checkSpellingOfWord(const String& word, int start, int end, int& misspellingLocation, int& misspellingLength)
+{
+    CString string = word.substring(start, end - start).utf8();
 
     for (auto& dictionary : m_enchantDictionaries) {
-        if (!enchant_dict_check(dictionary, startPtr, numberOfBytes)) {
+        if (!enchant_dict_check(dictionary, string.data(), string.length())) {
             // Stop checking, this word is ok in at least one dict.
             misspellingLocation = -1;
@@ -97 +95 @@
         return;
 
-    CString utf8String = string.utf8();
     int start = ubrk_first(iter);
     for (int end = ubrk_next(iter); end != UBRK_DONE; end = ubrk_next(iter)) {
         if (isWordTextBreak(iter)) {
-            checkSpellingOfWord(utf8String, start, end, misspellingLocation, misspellingLength);
+            checkSpellingOfWord(string, start, end, misspellingLocation, misspellingLength);
             // Stop checking the next words If the current word is misspelled, to do not overwrite its misspelled location and length.
             if (misspellingLength)

trunk/Source/WebCore/platform/text/enchant/TextCheckerEnchant.h

@@ -49 +49 @@
 private:
     void freeEnchantBrokerDictionaries();
-    void checkSpellingOfWord(const CString&, int start, int end, int& misspellingLocation, int& misspellingLength);
+    void checkSpellingOfWord(const String&, int start, int end, int& misspellingLocation, int& misspellingLength);
 
     EnchantBroker* m_broker;