Changeset 293819 in webkit


Ignore:
Timestamp:
May 4, 2022 9:45:27 PM (2 years ago)
Author:
commit-queue@webkit.org
Message:

Crash in WindowProxy::setDOMWindow
https://bugs.webkit.org/show_bug.cgi?id=232763

Patch by Alex Christensen <achristensen@webkit.org> on 2022-05-04
Reviewed by Chris Dumez.

Source/WebCore:

Add a few null checks here and there.

Test: fast/dom/set-dom-window-without-page.html

  • bindings/js/WindowProxy.cpp:

(WebCore::WindowProxy::setDOMWindow):

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::findFrameForNavigation):

LayoutTests:

  • fast/dom/set-dom-window-without-page-expected.txt: Added.
  • fast/dom/set-dom-window-without-page.html: Added.
Location:
trunk
Files:
2 added
4 edited

Legend:

Unmodified
Added
Removed

  • trunk/LayoutTests/ChangeLog

    r293814 r293819  
     12022-05-04  Alex Christensen  <achristensen@webkit.org>
     2
     3        Crash in WindowProxy::setDOMWindow
     4        https://bugs.webkit.org/show_bug.cgi?id=232763
     5
     6        Reviewed by Chris Dumez.
     7
     8        * fast/dom/set-dom-window-without-page-expected.txt: Added.
     9        * fast/dom/set-dom-window-without-page.html: Added.
     10
    1112022-05-04  Simon Fraser  <simon.fraser@apple.com>
    212

  • trunk/Source/WebCore/ChangeLog

    r293814 r293819  
     12022-05-04  Alex Christensen  <achristensen@webkit.org>
     2
     3        Crash in WindowProxy::setDOMWindow
     4        https://bugs.webkit.org/show_bug.cgi?id=232763
     5
     6        Reviewed by Chris Dumez.
     7
     8        Add a few null checks here and there.
     9
     10        Test: fast/dom/set-dom-window-without-page.html
     11
     12        * bindings/js/WindowProxy.cpp:
     13        (WebCore::WindowProxy::setDOMWindow):
     14        * loader/FrameLoader.cpp:
     15        (WebCore::FrameLoader::findFrameForNavigation):
     16
    1172022-05-04  Simon Fraser  <simon.fraser@apple.com>
    218

  • trunk/Source/WebCore/bindings/js/WindowProxy.cpp

    r292929 r293819  
    187187
    188188        windowProxy->attachDebugger(page ? page->debugger() : nullptr);
    189         if (page)
     189        if (page) {
    190190            windowProxy->window()->setProfileGroup(page->group().identifier());
    191         windowProxy->window()->setConsoleClient(page->console());
     191            windowProxy->window()->setConsoleClient(page->console());
     192        }
    192193    }
    193194}

  • trunk/Source/WebCore/loader/FrameLoader.cpp

    r293656 r293819  
    37453745        activeDocument = m_frame.document();
    37463746
     3747    if (!activeDocument)
     3748        return nullptr;
     3749
    37473750    auto* frame = m_frame.tree().find(name, activeDocument->frame() ? *activeDocument->frame() : m_frame);
    37483751
Note: See TracChangeset for help on using the changeset viewer.