Reject invalid UTF-8 when deserializing strings from DOM objects.

These are guaranteed to be valid, non-null strings. Getting a null
string here indicates that UTF-8 decode failed, in which case
propagating a null string is not the right thing to do.

Test included. This test would trigger the DCHECK in the linked bug
without this fix.

Bug: 1047753
Change-Id: I9e31d50176563d339b07883bbc2e5b52c4ff7641
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2033568
Commit-Queue: Jeremy Roman <jbroman@chromium.org>
Reviewed-by: Yutaka Hirano <yhirano@chromium.org>
Cr-Commit-Position: refs/heads/master@{#738200}

third_party/blink/renderer/bindings/core/v8/serialization/v8_script_value_deserializer.cc

@@ -220,7 +220,10 @@ bool V8ScriptValueDeserializer::ReadUTF8String(String* string) {
     return false;
   *string =
       String::FromUTF8(reinterpret_cast<const LChar*>(utf8_data), utf8_length);
-  return true;
+
+  // Decoding must have failed; this encoding does not distinguish between null
+  // and empty strings.
+  return !string->IsNull();
 }
 
 ScriptWrappable* V8ScriptValueDeserializer::ReadDOMObject(

third_party/blink/renderer/bindings/core/v8/serialization/v8_script_value_serializer_test.cc

@@ -1919,4 +1919,13 @@ TEST(V8ScriptValueSerializerTest, RoundTripDOMException) {
   EXPECT_EQ(exception->message(), new_exception->message());
 }
 
+TEST(V8ScriptValueSerializerTest, DecodeDOMExceptionWithInvalidNameString) {
+  V8TestingScope scope;
+  scoped_refptr<SerializedScriptValue> input = SerializedValue(
+      {0xff, 0x13, 0xff, 0x0d, 0x5c, 0x78, 0x01, 0xff, 0x00, 0x00});
+  v8::Local<v8::Value> result =
+      V8ScriptValueDeserializer(scope.GetScriptState(), input).Deserialize();
+  EXPECT_TRUE(result->IsNull());
+}
+
 }  // namespace blink