diff options
| author | erikkay@google.com <erikkay@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-11-13 20:26:40 +0000 |
|---|---|---|
| committer | erikkay@google.com <erikkay@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-11-13 20:26:40 +0000 |
| commit | dc8c5b2a54e0485c291b4c080ab896bb7637716c (patch) | |
| tree | 18bdd3fe5b93196ba84dd593761db494b015ee76 | |
| parent | 3803088091ca375b9dc4896ec5a3c85c5e99cbea (diff) | |
| download | chromium_src-dc8c5b2a54e0485c291b4c080ab896bb7637716c.zip chromium_src-dc8c5b2a54e0485c291b4c080ab896bb7637716c.tar.gz chromium_src-dc8c5b2a54e0485c291b4c080ab896bb7637716c.tar.bz2 | |
Fix a crash in runOpenPanel where an array size wasn't being checked. To repro: compose a new message in gmail and click attach file.
Review URL: http://codereview.chromium.org/10887
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@5368 0039d316-1c4b-4281-b951-d872f2087c98
| -rw-r--r-- | webkit/glue/chrome_client_impl.cc | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/webkit/glue/chrome_client_impl.cc b/webkit/glue/chrome_client_impl.cc index 4fe6e60..daf9432 100644 --- a/webkit/glue/chrome_client_impl.cc +++ b/webkit/glue/chrome_client_impl.cc @@ -444,8 +444,9 @@ void ChromeClientImpl::runOpenPanel(WebCore::Frame* frame, if (!delegate) return; - std::wstring suggestion = webkit_glue::StringToStdWString( - fileChooser->filenames()[0]); + std::wstring suggestion; + if (fileChooser->filenames().size() > 0) + suggestion = webkit_glue::StringToStdWString(fileChooser->filenames()[0]); WebFileChooserCallbackImpl* chooser = new WebFileChooserCallbackImpl(fileChooser); delegate->RunFileChooser(suggestion, chooser); |