File CVE-2018-11396.patch of Package epiphany.11237

Overview Repositories Revisions Requests Users Attributes Meta

File CVE-2018-11396.patch of Package epiphany.11237

From 4f4eb2c353cf038daac01dd91473907b93adda93 Mon Sep 17 00:00:00 2001
From: Michael Catanzaro <mcatanzaro@igalia.com>
Date: Tue, 22 May 2018 21:06:32 -0500
Subject: [PATCH] session: Fix crash when JS opens an invalid URI

https://bugzilla.gnome.org/show_bug.cgi?id=795740
---
 src/ephy-session.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/ephy-session.c b/src/ephy-session.c
index 8a86ceaaa..532930e05 100644
--- a/src/ephy-session.c
+++ b/src/ephy-session.c
@@ -828,8 +828,15 @@ session_seems_sane (GList *windows)
       SoupURI *uri;
       gboolean sane = FALSE;
 
+      /* NULL URLs are possible when an invalid URL is opened by JS.
+       * E.g. <script>win = window.open("blah", "WIN");</script>
+       */
+      if (url == NULL)
+        continue;
+
       /* Blank URLs can occur in some situations. Just ignore these, as they
-       * are harmless and not an indicator of a corrupted session. */
+       * are harmless and not an indicator of a corrupted session.
+       */
       if (strcmp (url, "") == 0)
         continue;
 
-- 
2.23.0

Places

File CVE-2018-11396.patch of Package epiphany.11237

Places