Changeset 74065 in webkit


Ignore:
Timestamp:
Dec 14, 2010 3:54:00 PM (13 years ago)
Author:
mrowe@apple.com
Message:

<http://webkit.org/b/51064> Reproducible crash inside WebCore::MediaPlayerPrivateQTKit::createQTMovie when loading <video>

Reviewed by Sam Weinig.

JavaScriptCore:

  • wtf/text/WTFString.h: Prevent String from being implicitly convertable to bool.

It was previously implicitly convertible to bool on Mac via operator NSString*,
but since that always has a non-zero return value it would give unexpected results.

WebCore:

We were crashing inside MediaPlayerPrivateQTKit::createQTMovie as we were passing a null URL in
to CFNetworkCopyProxiesForURL. This happened because we were null-checking the URL incorrectly.

  • platform/graphics/mac/MediaPlayerPrivateQTKit.mm:

(WebCore::MediaPlayerPrivateQTKit::resumeLoad): Explicitly test for a null string.

WebKit/mac:

  • History/WebHistoryItem.mm:

(-[WebHistoryItem description]): Test whether the string is empty rather than incorrectly
always including the target in the output.

Location:
trunk
Files:
6 edited

Legend:

Unmodified
Added
Removed
  • trunk/JavaScriptCore/ChangeLog

    r74056 r74065  
     12010-12-14  Mark Rowe  <mrowe@apple.com>
     2
     3        Reviewed by Sam Weinig.
     4
     5        <http://webkit.org/b/51064> Reproducible crash inside WebCore::MediaPlayerPrivateQTKit::createQTMovie when loading <video>
     6
     7        * wtf/text/WTFString.h: Prevent String from being implicitly convertable to bool.
     8        It was previously implicitly convertible to bool on Mac via operator NSString*,
     9        but since that always has a non-zero return value it would give unexpected results.
     10
    1112010-12-14  Laszlo Gombos  <laszlo.1.gombos@nokia.com>
    212
  • trunk/JavaScriptCore/wtf/text/WTFString.h

    r73201 r74065  
    276276    // to ever prefer copy() over plain old assignment.
    277277    String threadsafeCopy() const;
     278
     279    // Prevent Strings from being implicitly convertable to bool as it will be ambiguous on any platform that
     280    // allows implicit conversion to another pointer type (e.g., Mac allows implicit conversion to NSString*).
     281    typedef struct ImplicitConversionFromWTFStringToBoolDisallowedA* (String::*UnspecifiedBoolTypeA);
     282    typedef struct ImplicitConversionFromWTFStringToBoolDisallowedB* (String::*UnspecifiedBoolTypeB);
     283    operator UnspecifiedBoolTypeA() const;
     284    operator UnspecifiedBoolTypeB() const;
    278285
    279286#if PLATFORM(CF)
  • trunk/WebCore/ChangeLog

    r74063 r74065  
     12010-12-14  Mark Rowe  <mrowe@apple.com>
     2
     3        Reviewed by Sam Weinig.
     4
     5        <http://webkit.org/b/51064> Reproducible crash inside WebCore::MediaPlayerPrivateQTKit::createQTMovie when loading <video>
     6
     7        We were crashing inside MediaPlayerPrivateQTKit::createQTMovie as we were passing a null URL in
     8        to CFNetworkCopyProxiesForURL. This happened because we were null-checking the URL incorrectly.
     9
     10        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
     11        (WebCore::MediaPlayerPrivateQTKit::resumeLoad): Explicitly test for a null string.
     12
    1132010-12-14  David Hyatt  <hyatt@apple.com>
    214
  • trunk/WebCore/platform/graphics/mac/MediaPlayerPrivateQTKit.mm

    r74034 r74065  
    624624    m_delayingLoad = false;
    625625
    626     if (m_movieURL)
     626    if (!m_movieURL.isNull())
    627627        loadInternal(m_movieURL);
    628628}
  • trunk/WebKit/mac/ChangeLog

    r74041 r74065  
     12010-12-14  Mark Rowe  <mrowe@apple.com>
     2
     3        Reviewed by Sam Weinig.
     4
     5        <http://webkit.org/b/51064> Reproducible crash inside WebCore::MediaPlayerPrivateQTKit::createQTMovie when loading <video>
     6
     7        * History/WebHistoryItem.mm:
     8        (-[WebHistoryItem description]): Test whether the string is empty rather than incorrectly
     9        always including the target in the output.
     10
    1112010-12-13  Alexey Proskuryakov  <ap@apple.com>
    212
  • trunk/WebKit/mac/History/WebHistoryItem.mm

    r58266 r74065  
    220220    HistoryItem* coreItem = core(_private);
    221221    NSMutableString *result = [NSMutableString stringWithFormat:@"%@ %@", [super description], (NSString*)coreItem->urlString()];
    222     if (coreItem->target()) {
     222    if (!coreItem->target().isEmpty()) {
    223223        NSString *target = coreItem->target();
    224224        [result appendFormat:@" in \"%@\"", target];
Note: See TracChangeset for help on using the changeset viewer.