diff options
| author | dpranke@google.com <dpranke@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-06-25 00:02:52 +0000 |
|---|---|---|
| committer | dpranke@google.com <dpranke@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-06-25 00:02:52 +0000 |
| commit | 7be4f1214403bd8627fd561e83a4ea6e34dddcd6 (patch) | |
| tree | 4935035d6ed57d0649c51af882a1dad6c495c5c3 /webkit | |
| parent | 1e27ccc2e890645dc24f2690bb449636aa5a04a0 (diff) | |
| download | chromium_src-7be4f1214403bd8627fd561e83a4ea6e34dddcd6.zip chromium_src-7be4f1214403bd8627fd561e83a4ea6e34dddcd6.tar.gz chromium_src-7be4f1214403bd8627fd561e83a4ea6e34dddcd6.tar.bz2 | |
implement WebSandboxSupport stub to prevent a null ptr deref
If FontChromiumWin's Font::drawGlyphs() fails for some reason, we
may attempt to reload the font using ChromiumBridge::ensureFontLoaded().
This requires a sandbox routine, SandboxSupport::ensureFontLoaded() to be
implemented, and in test_shell, it wasn't, causing a null ptr deref and
weird things to happen.
Note that there is no easy way to provoke this codepath once the other
bugs causing the crash in #10977 are fixed.
R=darin
BUG=http://crbug.org/10977
TEST=none
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@19200 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'webkit')
| -rw-r--r-- | webkit/api/public/WebKitClient.h | 2 | ||||
| -rw-r--r-- | webkit/api/src/ChromiumBridge.cpp | 12 |
2 files changed, 9 insertions, 5 deletions
diff --git a/webkit/api/public/WebKitClient.h b/webkit/api/public/WebKitClient.h index 7dc158a..4ebbb25 100644 --- a/webkit/api/public/WebKitClient.h +++ b/webkit/api/public/WebKitClient.h @@ -54,7 +54,7 @@ namespace WebKit { // Must return non-null. virtual WebMimeRegistry* mimeRegistry() = 0; - // May return null on some platforms. + // May return null if sandbox support is not necessary virtual WebSandboxSupport* sandboxSupport() = 0; // May return null on some platforms. diff --git a/webkit/api/src/ChromiumBridge.cpp b/webkit/api/src/ChromiumBridge.cpp index b82bc28..a544baa 100644 --- a/webkit/api/src/ChromiumBridge.cpp +++ b/webkit/api/src/ChromiumBridge.cpp @@ -1,10 +1,10 @@ /* * Copyright (C) 2009 Google Inc. All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are * met: - * + * * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * Redistributions in binary form must reproduce the above @@ -14,7 +14,7 @@ * * Neither the name of Google Inc. nor the names of its * contributors may be used to endorse or promote products derived from * this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR @@ -148,7 +148,11 @@ void ChromiumBridge::prefetchDNS(const String& hostname) #if defined(OS_WIN) bool ChromiumBridge::ensureFontLoaded(HFONT font) { - return webKitClient()->sandboxSupport()->ensureFontLoaded(font); + WebSandboxSupport* ss = webKitClient()->sandboxSupport(); + + // if there is no sandbox, then we can assume the font + // was able to be loaded successfully already + return ss ? ss->ensureFontLoaded(font) : true; } #endif |