WebKit Bugzilla
Attachment 346705 Details for
Bug 184325
: fetch() with subresource integrity crashes on zero length body
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-184325-20180807141204.patch (text/plain), 6.18 KB, created by
Rob Buis
on 2018-08-07 05:12:06 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
Rob Buis
Created:
2018-08-07 05:12:06 PDT
Size:
6.18 KB
patch
obsolete
>Subversion Revision: 234642 >diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog >index 7c56baeb21c61df6370b074e7e95a07aa7331625..025fe8681309d953e5f6bf1b358557b3a4c569a0 100644 >--- a/Source/WebCore/ChangeLog >+++ b/Source/WebCore/ChangeLog >@@ -1,3 +1,18 @@ >+2018-08-07 Rob Buis <rbuis@igalia.com> >+ >+ fetch() with subresource integrity crashes on zero length body >+ https://bugs.webkit.org/show_bug.cgi?id=184325 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Check that resourceBuffer() is non null before dereferencing. >+ >+ Tests: http/tests/subresource-integrity/sri-fetch.js >+ http/tests/subresource-integrity/sri-fetch-worker.js >+ >+ * loader/DocumentThreadableLoader.cpp: >+ (WebCore::DocumentThreadableLoader::didFinishLoading): >+ > 2018-08-07 Frederic Wang <fwang@igalia.com> > > Make DOMWindow::scrollBy rely on DOMWindow::scrollTo >diff --git a/Source/WebCore/loader/DocumentThreadableLoader.cpp b/Source/WebCore/loader/DocumentThreadableLoader.cpp >index 0525bf615ec1e5cc0f5eeee0e35bb9e912b2e8ef..42d7ee96aaf7d9ef56f1d4cb245b34eca03392a0 100644 >--- a/Source/WebCore/loader/DocumentThreadableLoader.cpp >+++ b/Source/WebCore/loader/DocumentThreadableLoader.cpp >@@ -449,12 +449,14 @@ void DocumentThreadableLoader::didFinishLoading(unsigned long identifier) > > if (options().filteringPolicy == ResponseFilteringPolicy::Disable) { > m_client->didReceiveResponse(identifier, response); >- m_client->didReceiveData(m_resource->resourceBuffer()->data(), m_resource->resourceBuffer()->size()); >+ if (m_resource->resourceBuffer()) >+ m_client->didReceiveData(m_resource->resourceBuffer()->data(), m_resource->resourceBuffer()->size()); > } else { > ASSERT(response.type() == ResourceResponse::Type::Default); > > m_client->didReceiveResponse(identifier, ResourceResponseBase::filter(response)); >- m_client->didReceiveData(m_resource->resourceBuffer()->data(), m_resource->resourceBuffer()->size()); >+ if (m_resource->resourceBuffer()) >+ m_client->didReceiveData(m_resource->resourceBuffer()->data(), m_resource->resourceBuffer()->size()); > } > } > >diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog >index c2fe2120f7b6d4b08487354db321d199d4b73bde..fa8fedfb3b6b5d43e0548637ad43e9348153a7b4 100644 >--- a/LayoutTests/ChangeLog >+++ b/LayoutTests/ChangeLog >@@ -1,3 +1,17 @@ >+2018-08-07 Rob Buis <rbuis@igalia.com> >+ >+ fetch() with subresource integrity crashes on zero length body >+ https://bugs.webkit.org/show_bug.cgi?id=184325 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Add a subtest for zero length resources. >+ >+ * http/tests/subresource-integrity/resources/empty-resource.txt: Added. >+ * http/tests/subresource-integrity/sri-fetch-expected.txt: >+ * http/tests/subresource-integrity/sri-fetch-worker-expected.txt: >+ * http/tests/subresource-integrity/sri-fetch.js: >+ > 2018-08-06 Simon Fraser <simon.fraser@apple.com> > > De-flake some animation tests >diff --git a/LayoutTests/http/tests/subresource-integrity/resources/empty-resource.txt b/LayoutTests/http/tests/subresource-integrity/resources/empty-resource.txt >new file mode 100644 >index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 >diff --git a/LayoutTests/http/tests/subresource-integrity/sri-fetch-expected.txt b/LayoutTests/http/tests/subresource-integrity/sri-fetch-expected.txt >index 45739d465daeb3a0e146affea0d88e08d2ae2c81..9d67b4263b9307395fccf294a2efe78bcd7c8f2c 100644 >--- a/LayoutTests/http/tests/subresource-integrity/sri-fetch-expected.txt >+++ b/LayoutTests/http/tests/subresource-integrity/sri-fetch-expected.txt >@@ -31,4 +31,5 @@ PASS Ineligible CORS empty integrity > PASS Ineligible CORS SHA-512 integrity > PASS Ineligible CORS invalid integrity > PASS SHA-256 integrity with 'no-cors' mode >+PASS Resource with zero length body > >diff --git a/LayoutTests/http/tests/subresource-integrity/sri-fetch-worker-expected.txt b/LayoutTests/http/tests/subresource-integrity/sri-fetch-worker-expected.txt >index cf0b0f1260d8eeb082268aeced880e68d77aaa1e..075fdba052a2c1461c71a093e0d1b882309181a4 100644 >--- a/LayoutTests/http/tests/subresource-integrity/sri-fetch-worker-expected.txt >+++ b/LayoutTests/http/tests/subresource-integrity/sri-fetch-worker-expected.txt >@@ -23,4 +23,5 @@ PASS Ineligible CORS empty integrity > PASS Ineligible CORS SHA-512 integrity > PASS Ineligible CORS invalid integrity > PASS SHA-256 integrity with 'no-cors' mode >+PASS Resource with zero length body > >diff --git a/LayoutTests/http/tests/subresource-integrity/sri-fetch.js b/LayoutTests/http/tests/subresource-integrity/sri-fetch.js >index 9bf44b1c913ec24d16952b6033b87c1e4a9596f1..db80eda5548a819adb77449492fcce3a70f9604d 100644 >--- a/LayoutTests/http/tests/subresource-integrity/sri-fetch.js >+++ b/LayoutTests/http/tests/subresource-integrity/sri-fetch.js >@@ -10,6 +10,7 @@ var main_host_and_port = main_host + ':' + port_string; > var remote_host_and_port = remote_host + ':' + port_string; > > var resource = "resources/resource.txt"; >+var empty_resource = "resources/empty-resource.txt"; > var crossorigin_anon_resource = location.protocol + '//' + remote_host_and_port + '/subresource-integrity/resources/crossorigin-anon-resource.txt'; > var crossorigin_creds_resource = location.protocol + '//' + remote_host_and_port + '/subresource-integrity/resources/crossorigin-creds-resource.txt'; > var crossorigin_ineligible_resource = location.protocol + '//' + remote_host_and_port + '/subresource-integrity/resources/crossorigin-ineligible-resource.txt'; >@@ -59,5 +60,6 @@ integrity("Ineligible CORS empty integrity", crossorigin_ineligible_resource, { > integrity("Ineligible CORS SHA-512 integrity", crossorigin_ineligible_resource, { 'integrity': topSha512 }, new TypeError()); > integrity("Ineligible CORS invalid integrity", crossorigin_ineligible_resource, { 'integrity': invalidSha512 }, new TypeError()); > integrity("SHA-256 integrity with 'no-cors' mode", resource, { 'integrity': topSha256, 'mode': 'no-cors' }, new TypeError()); >+integrity("Resource with zero length body", empty_resource, { 'integrity': "47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" }); > > done();
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 184325
:
337247
|
346628
|
346689
|
346691
|
346692
|
346694
|
346696
| 346705