Bug#563695: loading data: urls with unknown content type crashes epiphany

Josselin Mouette joss at debian.org
Mon Jan 4 21:18:17 UTC 2010 

reassign 563695 libwebkit-1.0-2 1.1.17-2
thanks

Le lundi 04 janvier 2010 à 18:54 +0100, chrysn a écrit : 
> when opening a data: url containing an unknown mime type, epiphany
> segfaults.
> 
> example:
> $ epiphany-browser -p 'data:foo/bar;baz,'
> 
> (epiphany:11485): GLib-GObject-WARNING **: /build/buildd/glib2.0-2.22.3/gobject/gsignal.c:2270: signal `ge-context-menu' is invalid for instance `0xb09020'
> 
> (epiphany:11485): libsoup-CRITICAL **: soup_session_pause_message: assertion `SOUP_IS_MESSAGE (msg)' failed
> 
> (epiphany:11485): libsoup-CRITICAL **: soup_session_unpause_message: assertion `SOUP_IS_MESSAGE (msg)' failed
> zsh: segmentation fault  epiphany-browser -p 'data:foo/bar;baz,'
> $ 
> 
> data urls work with html, eg
> $ epiphany-browser -p 'data:text/html;urlencode,<strong>hello%20world</strong>'

Entirely reproducible here, it looks like a webkit bug.

Here are the relevants bits of the backtrace:


#4  <signal handler called>
No symbol table info available.
#5  0x00007f409a9d7a08 in parseDataUrl (callback_data=<value optimized out>)
    at ../WebCore/platform/network/soup/ResourceHandleSoup.cpp:407
        handle = 0x7f4085d041c8
        client = 0x7f4085d03b00
        d = 0x7f4085bf9800
        url = {m_impl = {<WTF::FastAllocBase> = {<No data fields>}, 
            m_ptr = 0x7f40886b5f78}}
        index = <value optimized out>
        mediaType = {m_impl = {<WTF::FastAllocBase> = {<No data fields>}, 
            m_ptr = 0x7f4085c96e00}}
        data = {m_impl = {<WTF::FastAllocBase> = {<No data fields>}, 
            m_ptr = 0x7f40885d33e0}}
        isBase64 = false
        mimeType = {m_impl = {<WTF::FastAllocBase> = {<No data fields>}, 
            m_ptr = 0x7f4085b1a6c0}}
        charset = {m_impl = {<WTF::FastAllocBase> = {<No data fields>}, 
            m_ptr = 0x0}}
        response = {<WebCore::ResourceResponseBase> = {m_url = {m_string = {
                m_impl = {<WTF::FastAllocBase> = {<No data fields>}, 
                  m_ptr = 0x0}}, m_isValid = false, 
              m_protocolInHTTPFamily = false, m_schemeEnd = 0, 
              m_userStart = 0, m_userEnd = 0, m_passwordEnd = 0, 
              m_hostEnd = 0, m_portEnd = 0, m_pathAfterLastSlash = 0, 
              m_pathEnd = 0, m_queryEnd = 0, m_fragmentEnd = 0}, 
            m_mimeType = {
              m_impl = {<WTF::FastAllocBase> = {<No data fields>}, 
                m_ptr = 0x7f4085b1a6c0}}, m_expectedContentLength = 0, 
            m_textEncodingName = {
              m_impl = {<WTF::FastAllocBase> = {<No data fields>}, 
                m_ptr = 0x7f4085b1c030}}, m_suggestedFilename = {
              m_impl = {<WTF::FastAllocBase> = {<No data fields>}, 
                m_ptr = 0x0}}, m_httpStatusCode = 0, m_httpStatusText = {
              m_impl = {<WTF::FastAllocBase> = {<No data fields>}, 
                m_ptr = 0x0}}, 
            m_httpHeaderFields = {<WTF::HashMap<WebCore::AtomicString, WebCore::String, WebCore::CaseFoldingHash, WTF::HashTraits<WebCore::AtomicString>, WTF::HashTraits<WebCore::String> >> = {<WTF::FastAllocBase> = {<No data fields>}, 
                m_impl = {static m_minTableSize = <optimized out>, 
                  static m_maxLoad = <optimized out>, 
                  static m_minLoad = <optimized out>, m_table = 0x0, 
                  m_tableSize = 0, m_tableSizeMask = 0, m_keyCount = 0, 
                  m_deletedCount = 0}}, <No data fields>}, 
            m_lastModifiedDate = 0, m_isNull = false, 
            m_haveParsedCacheControlHeader = false, 
            m_haveParsedAgeHeader = false, m_haveParsedDateHeader = false, 
            m_haveParsedExpiresHeader = false, 
            m_haveParsedLastModifiedHeader = false, 
            m_cacheControlContainsNoCache = false, 
            m_cacheControlContainsNoStore = false, 
            m_cacheControlContainsMustRevalidate = false, 
            m_cacheControlMaxAge = 0, m_age = 0, m_date = 0, m_expires = 0, 
            m_lastModified = 0}, <No data fields>}
#6  0x00007f4097f7c8fe in g_main_dispatch (context=0x721e10)
    at /build/buildd/glib2.0-2.22.3/glib/gmain.c:1960
        dispatch = 0x7f4097f7aac0 <g_idle_dispatch>
        user_data = 0x7f4085d041c8
        callback = 0x7f409a9d75c0 <parseDataUrl>
        cb_funcs = 0x7f4098205e50
        cb_data = 0x833250
        current_source_link = {data = 0x1591000, next = 0x0}
        source = 0x1591000
        current = 0x762020
        i = 2
#7  IA__g_main_context_dispatch (context=0x721e10)
    at /build/buildd/glib2.0-2.22.3/glib/gmain.c:2513
#8  0x00007f4097f802b8 in g_main_context_iterate (context=0x721e10, 
    block=<value optimized out>, dispatch=<value optimized out>, 
    self=<value optimized out>)
    at /build/buildd/glib2.0-2.22.3/glib/gmain.c:2591
#9  0x00007f4097f80715 in IA__g_main_loop_run (loop=0x7cd2a0)
    at /build/buildd/glib2.0-2.22.3/glib/gmain.c:2799
#10 0x00007f409981ef87 in IA__gtk_main ()
    at /build/buildd-gtk+2.0_2.18.5-1-amd64-Nathc9/gtk+2.0-2.18.5/gtk/gtkmain.c:1218
#11 0x0000000000434250 in main (argc=1, argv=0x7fff55448e68)
    at /epiphany-browser-2.29.3/src/ephy-main.c:780

Cheers, 
-- 
 .''`.      Josselin Mouette
: :' :
`. `'   “I recommend you to learn English in hope that you in
  `-     future understand things”  -- Jörg Schilling
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: Ceci est une partie de message num?riquement sign?e
URL: <http://lists.alioth.debian.org/pipermail/pkg-webkit-maintainers/attachments/20100104/ba6ef85f/attachment.pgp>

More information about the Pkg-webkit-maintainers mailing list