Changeset 149253 in webkit


Ignore:
Timestamp:
Apr 27, 2013 8:38:57 PM (11 years ago)
Author:
ap@apple.com
Message:

<rdar://problem/13757007> Crashes in NetworkResourceLoader::didReceiveResponseAsync
https://bugs.webkit.org/show_bug.cgi?id=115318

Reviewed by Darin Adler.

sendAbortingOnFailure may actually fail, and abort the request, making m_handle null.

  • NetworkProcess/NetworkResourceLoader.cpp: (WebKit::NetworkResourceLoader::didReceiveResponseAsync): Null check m_handle after sending a message, because the request will cancelled when connection is invalid. (WebKit::NetworkResourceLoader::didReceiveBuffer): Assert that m_handle matches the handle that we are called with. (WebKit::NetworkResourceLoader::didFinishLoading): Ditto. (WebKit::NetworkResourceLoader::didFail): Ditto. (WebKit::NetworkResourceLoader::willSendRequestAsync): Ditto. (WebKit::NetworkResourceLoader::didSendData): Ditto. (WebKit::NetworkResourceLoader::shouldUseCredentialStorage): Ditto. (WebKit::NetworkResourceLoader::shouldUseCredentialStorageAsync): Ditto. (WebKit::NetworkResourceLoader::didReceiveAuthenticationChallenge): Ditto. (WebKit::NetworkResourceLoader::didCancelAuthenticationChallenge): Ditto. (WebKit::NetworkResourceLoader::canAuthenticateAgainstProtectionSpaceAsync): Ditto.
Location:
trunk/Source/WebKit2
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/WebKit2/ChangeLog

    r149251 r149253  
     12013-04-27  Alexey Proskuryakov  <ap@apple.com>
     2
     3        <rdar://problem/13757007> Crashes in NetworkResourceLoader::didReceiveResponseAsync
     4        https://bugs.webkit.org/show_bug.cgi?id=115318
     5
     6        Reviewed by Darin Adler.
     7
     8        sendAbortingOnFailure may actually fail, and abort the request, making m_handle null.
     9
     10        * NetworkProcess/NetworkResourceLoader.cpp:
     11        (WebKit::NetworkResourceLoader::didReceiveResponseAsync): Null check m_handle after
     12        sending a message, because the request will cancelled when connection is invalid.
     13        (WebKit::NetworkResourceLoader::didReceiveBuffer): Assert that m_handle matches
     14        the handle that we are called with.
     15        (WebKit::NetworkResourceLoader::didFinishLoading): Ditto.
     16        (WebKit::NetworkResourceLoader::didFail): Ditto.
     17        (WebKit::NetworkResourceLoader::willSendRequestAsync): Ditto.
     18        (WebKit::NetworkResourceLoader::didSendData): Ditto.
     19        (WebKit::NetworkResourceLoader::shouldUseCredentialStorage): Ditto.
     20        (WebKit::NetworkResourceLoader::shouldUseCredentialStorageAsync): Ditto.
     21        (WebKit::NetworkResourceLoader::didReceiveAuthenticationChallenge): Ditto.
     22        (WebKit::NetworkResourceLoader::didCancelAuthenticationChallenge): Ditto.
     23        (WebKit::NetworkResourceLoader::canAuthenticateAgainstProtectionSpaceAsync): Ditto.
     24
    1252013-04-27  Alexey Proskuryakov  <ap@apple.com>
    226

  • trunk/Source/WebKit2/NetworkProcess/NetworkResourceLoader.cpp

    r149251 r149253  
    147147}
    148148
    149 void NetworkResourceLoader::didReceiveResponseAsync(ResourceHandle*, const ResourceResponse& response)
    150 {
     149void NetworkResourceLoader::didReceiveResponseAsync(ResourceHandle* handle, const ResourceResponse& response)
     150{
     151    ASSERT_UNUSED(handle, handle == m_handle);
     152
    151153    // FIXME (NetworkProcess): Cache the response.
    152154    if (FormData* formData = request().httpBody())
     
    155157    sendAbortingOnFailure(Messages::WebResourceLoader::DidReceiveResponseWithCertificateInfo(response, PlatformCertificateInfo(response), isLoadingMainResource()));
    156158
     159    // m_handle will be 0 if the request got aborted above.
     160    if (!m_handle)
     161        return;
     162
    157163    if (!isLoadingMainResource()) {
    158164        // For main resources, the web process is responsible for sending back a NetworkResourceLoader::ContinueDidReceiveResponse message.
    159165        m_handle->continueDidReceiveResponse();
    160         return;
    161166    }
    162167}
     
    169174}
    170175
    171 void NetworkResourceLoader::didReceiveBuffer(WebCore::ResourceHandle*, PassRefPtr<WebCore::SharedBuffer> buffer, int encodedDataLength)
    172 {
     176void NetworkResourceLoader::didReceiveBuffer(ResourceHandle* handle, PassRefPtr<SharedBuffer> buffer, int encodedDataLength)
     177{
     178    ASSERT_UNUSED(handle, handle == m_handle);
     179
    173180    // FIXME (NetworkProcess): For the memory cache we'll also need to cache the response data here.
    174181    // Such buffering will need to be thread safe, as this callback is happening on a background thread.
     
    191198}
    192199
    193 void NetworkResourceLoader::didFinishLoading(ResourceHandle*, double finishTime)
    194 {
     200void NetworkResourceLoader::didFinishLoading(ResourceHandle* handle, double finishTime)
     201{
     202    ASSERT_UNUSED(handle, handle == m_handle);
     203
    195204    // FIXME (NetworkProcess): For the memory cache we'll need to update the finished status of the cached resource here.
    196205    // Such bookkeeping will need to be thread safe, as this callback is happening on a background thread.
     
    201210}
    202211
    203 void NetworkResourceLoader::didFail(ResourceHandle*, const ResourceError& error)
    204 {
     212void NetworkResourceLoader::didFail(ResourceHandle* handle, const ResourceError& error)
     213{
     214    ASSERT_UNUSED(handle, handle == m_handle);
     215
    205216    // FIXME (NetworkProcess): For the memory cache we'll need to update the finished status of the cached resource here.
    206217    // Such bookkeeping will need to be thread safe, as this callback is happening on a background thread.
     
    210221}
    211222
    212 void NetworkResourceLoader::willSendRequestAsync(ResourceHandle*, const ResourceRequest& request, const ResourceResponse& redirectResponse)
    213 {
     223void NetworkResourceLoader::willSendRequestAsync(ResourceHandle* handle, const ResourceRequest& request, const ResourceResponse& redirectResponse)
     224{
     225    ASSERT_UNUSED(handle, handle == m_handle);
     226
    214227    // We only expect to get the willSendRequest callback from ResourceHandle as the result of a redirect.
    215228    ASSERT(!redirectResponse.isNull());
     
    243256}
    244257
    245 void NetworkResourceLoader::didSendData(ResourceHandle*, unsigned long long bytesSent, unsigned long long totalBytesToBeSent)
    246 {
     258void NetworkResourceLoader::didSendData(ResourceHandle* handle, unsigned long long bytesSent, unsigned long long totalBytesToBeSent)
     259{
     260    ASSERT_UNUSED(handle, handle == m_handle);
     261
    247262    send(Messages::WebResourceLoader::DidSendData(bytesSent, totalBytesToBeSent));
    248263}
     
    261276}
    262277
    263 bool NetworkResourceLoader::shouldUseCredentialStorage(WebCore::ResourceHandle*)
    264 {
     278bool NetworkResourceLoader::shouldUseCredentialStorage(ResourceHandle* handle)
     279{
     280    ASSERT_UNUSED(handle, handle == m_handle || !m_handle); // m_handle will be 0 if called from ResourceHandle::start().
     281
    265282    // When the WebProcess is handling loading a client is consulted each time this shouldUseCredentialStorage question is asked.
    266283    // In NetworkProcess mode we ask the WebProcess client up front once and then reuse the cached answer.
     
    273290void NetworkResourceLoader::shouldUseCredentialStorageAsync(ResourceHandle* handle)
    274291{
     292    ASSERT_UNUSED(handle, handle == m_handle);
     293
    275294    handle->continueShouldUseCredentialStorage(shouldUseCredentialStorage(handle));
    276295}
    277296
    278 void NetworkResourceLoader::didReceiveAuthenticationChallenge(ResourceHandle*, const AuthenticationChallenge& challenge)
    279 {
     297void NetworkResourceLoader::didReceiveAuthenticationChallenge(ResourceHandle* handle, const AuthenticationChallenge& challenge)
     298{
     299    ASSERT_UNUSED(handle, handle == m_handle);
     300
    280301    NetworkProcess::shared().authenticationManager().didReceiveAuthenticationChallenge(webPageID(), webFrameID(), challenge);
    281302}
    282303
    283 void NetworkResourceLoader::didCancelAuthenticationChallenge(ResourceHandle*, const AuthenticationChallenge& challenge)
    284 {
     304void NetworkResourceLoader::didCancelAuthenticationChallenge(ResourceHandle* handle, const AuthenticationChallenge& challenge)
     305{
     306    ASSERT_UNUSED(handle, handle == m_handle);
     307
    285308    // This function is probably not needed (see <rdar://problem/8960124>).
    286309    notImplemented();
     
    288311
    289312#if USE(PROTECTION_SPACE_AUTH_CALLBACK)
    290 void NetworkResourceLoader::canAuthenticateAgainstProtectionSpaceAsync(ResourceHandle*, const ProtectionSpace& protectionSpace)
    291 {
    292     ASSERT(isMainThread());
     313void NetworkResourceLoader::canAuthenticateAgainstProtectionSpaceAsync(ResourceHandle* handle, const ProtectionSpace& protectionSpace)
     314{
     315    ASSERT(isMainThread());
     316    ASSERT_UNUSED(handle, handle == m_handle);
    293317
    294318    // This message is DispatchMessageEvenWhenWaitingForSyncReply to avoid a situation where the NetworkProcess is deadlocked
Note: See TracChangeset for help on using the changeset viewer.