Bug#834761: Improve handling of 'sourceURL' on JSEvaluateScript (and avoid segmentation fault)

Sergio Durigan Junior sergiodj at sergiodj.net
Thu Aug 18 18:36:08 UTC 2016

Package: libjavascriptcoregtk-1.0-0
Version: 2.4.11-2+b2
Tags: patch

Hi there,

As reported on #688640 and #834236, a recent update of
libjavascriptcore-1.0-0 broke Midori 0.5.11-ds1-3, causing a
segmentation fault right on startup.

The reason for this is the incorrect/not-so-strict handling of the
'sourceURL' argument on JSEvaluateScript (from
Source/JavaScriptCore/API/JSBase.cpp).  Midori passes 'sourceURL' as
NULL (and always did), but recently, because JSEvaluateScript tries to
call the ->string() method of the object, the code crashes there.

Anyway, I fixed this on Midori by passing an empty JSString object to
JSEvaluateScript, but I see that WebKit upstream takes better care of
the 'sourceURL' argument and checks if it is not NULL before accessing
its members.  Therefore, I'd like to propose the attached fix (which is
basically a backport of the upstream code) for the current version of
WebKit.  I haven't tested it as I am currently in a not very powerful
machine, so I appreciate reviews and tests.

Also, the bug number on 'Closes' is invalid (because I still don't have
the bug number), so please adjust it before applying the patch.

Let me know if there is anything else you need.


GPG key ID: 237A 54B1 0287 28BF 00EF  31F4 D0EB 7628 65FC 5E36
Please send encrypted e-mail if possible

-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Improve-handling-of-sourceURL-on-JSEvaluateScript.patch
Type: text/x-diff
Size: 3900 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-webkit-maintainers/attachments/20160818/840e2a06/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 818 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-webkit-maintainers/attachments/20160818/840e2a06/attachment.sig>

More information about the Pkg-webkit-maintainers mailing list