diff options
| author | asvitkine@chromium.org <asvitkine@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-11-04 16:54:41 +0000 |
|---|---|---|
| committer | asvitkine@chromium.org <asvitkine@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-11-04 16:54:41 +0000 |
| commit | c85f02139f8fda277710862a5d19b25749c7ec0b (patch) | |
| tree | fb7f0402c0004c6860541b88c2784f5211a5b095 /content | |
| parent | d9310e73313623e83708e0ba4e242343ddb71beb (diff) | |
| download | chromium_src-c85f02139f8fda277710862a5d19b25749c7ec0b.zip chromium_src-c85f02139f8fda277710862a5d19b25749c7ec0b.tar.gz chromium_src-c85f02139f8fda277710862a5d19b25749c7ec0b.tar.bz2 | |
Fix mouse over renderer crash with URLs over 2MB in size.
BUG=102287
TEST=Mouse over the link in test.html from bug report. It should not crash the renderer.
Review URL: http://codereview.chromium.org/8417057
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@108668 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'content')
| -rw-r--r-- | content/renderer/render_view_impl.cc | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/content/renderer/render_view_impl.cc b/content/renderer/render_view_impl.cc index ee41e27..e31f376 100644 --- a/content/renderer/render_view_impl.cc +++ b/content/renderer/render_view_impl.cc @@ -1686,6 +1686,10 @@ void RenderViewImpl::UpdateTargetURL(const GURL& url, pending_target_url_ = latest_url; target_url_status_ = TARGET_PENDING; } else { + // URLs larger than |content::kMaxURLChars| cannot be sent through IPC - + // see |ParamTraits<GURL>|. + if (latest_url.possibly_invalid_spec().size() > content::kMaxURLChars) + latest_url = GURL(); Send(new ViewHostMsg_UpdateTargetURL(routing_id_, page_id_, latest_url)); target_url_ = latest_url; target_url_status_ = TARGET_INFLIGHT; |