Handle invalid data more gracefully.
authortimothy_horton@apple.com <timothy_horton@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 2 Jul 2014 03:06:15 +0000 (03:06 +0000)
committertimothy_horton@apple.com <timothy_horton@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 2 Jul 2014 03:06:15 +0000 (03:06 +0000)
Reviewed by Anders Carlsson.

* UIProcess/mac/LegacySessionStateCoding.cpp:
(WebKit::decodeFormData):
(WebKit::decodeBackForwardTreeNode):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@170692 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit2/ChangeLog
Source/WebKit2/UIProcess/mac/LegacySessionStateCoding.cpp

index c0debd0c72a686cdd781e9d4a20aa24d24eeec35..71190ae84eab334fa0d095d829b739f8d30a94c4 100644 (file)
@@ -1,3 +1,13 @@
+2014-07-01  Tim Horton  <timothy_horton@apple.com>
+
+        Handle invalid data more gracefully.
+
+        Reviewed by Anders Carlsson.
+
+        * UIProcess/mac/LegacySessionStateCoding.cpp:
+        (WebKit::decodeFormData):
+        (WebKit::decodeBackForwardTreeNode):
+
 2014-07-01  Mark Rowe  <mrowe@apple.com>
 
         Add a missing return statement in WKPageCopySessionState.
index 65ee2fa334f4dfa1dfae80b288b90755bf732e41..595cc60183b0d400e3aa98c13af2068b5a349474 100644 (file)
@@ -825,6 +825,9 @@ static void decodeFormData(HistoryEntryDataDecoder& decoder, HTTPBody& formData)
         HTTPBody::Element formDataElement;
         decodeFormDataElement(decoder, formDataElement);
 
+        if (!decoder.isValid())
+            return;
+
         formData.elements.append(std::move(formDataElement));
     }
 
@@ -846,6 +849,10 @@ static void decodeBackForwardTreeNode(HistoryEntryDataDecoder& decoder, FrameSta
         decoder >> childFrameState.urlString;
 
         decodeBackForwardTreeNode(decoder, childFrameState);
+
+        if (!decoder.isValid())
+            return;
+
         frameState.children.append(std::move(childFrameState));
     }
 
@@ -858,6 +865,9 @@ static void decodeBackForwardTreeNode(HistoryEntryDataDecoder& decoder, FrameSta
         String state;
         decoder >> state;
 
+        if (!decoder.isValid())
+            return;
+
         frameState.documentState.append(std::move(state));
     }