Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1180)

Unified Diff: Source/core/loader/DocumentLoader.cpp

Issue 125403003: Fix crash on incorrectly formatted MHTML documents (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Created 6 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « Source/core/loader/DocumentLoader.h ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: Source/core/loader/DocumentLoader.cpp
diff --git a/Source/core/loader/DocumentLoader.cpp b/Source/core/loader/DocumentLoader.cpp
index 7feb915f6c3620b29fcc53db9137eea4292bbbe2..601b696340508e3c21916b2ccedb28788304b98f 100644
--- a/Source/core/loader/DocumentLoader.cpp
+++ b/Source/core/loader/DocumentLoader.cpp
@@ -286,9 +286,7 @@ void DocumentLoader::finishedLoading(double finishTime)
if (!frameLoader())
return;
- if (isArchiveMIMEType(m_response.mimeType())) {
- createArchive();
- } else {
+ if (!isArchiveMIMEType(m_response.mimeType()) || !createArchive()) {
Nate Chapin 2014/01/06 23:04:11 Should we consider changing this function's name b
Inactive 2014/01/07 00:38:17 Done.
// If this is an empty document, it will not have actually been created yet. Commit dummy data so that
// DocumentWriter::begin() gets called and creates the Document.
if (!m_writer)
@@ -645,11 +643,15 @@ bool DocumentLoader::isLoadingInAPISense() const
return frameLoader()->subframeIsLoading();
}
-void DocumentLoader::createArchive()
+bool DocumentLoader::createArchive()
{
ASSERT(m_mainResource);
m_archive = MHTMLArchive::create(m_response.url(), m_mainResource->resourceBuffer());
- RELEASE_ASSERT(m_archive);
+ // Invalid MHTML.
+ if (!m_archive || !m_archive->mainResource()) {
+ m_archive.clear();
+ return false;
+ }
addAllArchiveResources(m_archive.get());
ArchiveResource* mainResource = m_archive->mainResource();
@@ -659,6 +661,7 @@ void DocumentLoader::createArchive()
ensureWriter(mainResource->mimeType(), m_archive->mainResource()->url());
commitData(mainResource->data()->data(), mainResource->data()->size());
+ return true;
}
void DocumentLoader::addAllArchiveResources(MHTMLArchive* archive)
« no previous file with comments | « Source/core/loader/DocumentLoader.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698