Changeset 192582 in webkit


Ignore:
Timestamp:
Nov 18, 2015 11:07:54 AM (8 years ago)
Author:
Chris Dumez
Message:

Null dereference in Performance::Performance(WebCore::Frame*)
https://bugs.webkit.org/show_bug.cgi?id=151390

Reviewed by Brady Eidson.

Based on the stack trace, it appears the DocumentLoader can be null
when constructing the Performance object. This patch thus adds a null
check before trying to dereference it.

No new tests, was not able to reproduce.

  • page/DOMWindow.cpp:

(WebCore::DOMWindow::navigator):
(WebCore::DOMWindow::performance):

  • page/Performance.cpp:

(WebCore::Performance::Performance):
(WebCore::Performance::scriptExecutionContext):

  • page/Performance.h:
Location:
trunk/Source/WebCore
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • trunk/Source/WebCore/ChangeLog

    r192578 r192582  
     12015-11-18  Chris Dumez  <cdumez@apple.com>
     2
     3        Null dereference in Performance::Performance(WebCore::Frame*)
     4        https://bugs.webkit.org/show_bug.cgi?id=151390
     5
     6        Reviewed by Brady Eidson.
     7
     8        Based on the stack trace, it appears the DocumentLoader can be null
     9        when constructing the Performance object. This patch thus adds a null
     10        check before trying to dereference it.
     11
     12        No new tests, was not able to reproduce.
     13
     14        * page/DOMWindow.cpp:
     15        (WebCore::DOMWindow::navigator):
     16        (WebCore::DOMWindow::performance):
     17        * page/Performance.cpp:
     18        (WebCore::Performance::Performance):
     19        (WebCore::Performance::scriptExecutionContext):
     20        * page/Performance.h:
     21
    1222015-11-18  Per Arne Vollan  <peavo@outlook.com>
    223
  • trunk/Source/WebCore/page/DOMWindow.cpp

    r192354 r192582  
    724724{
    725725    if (!isCurrentlyDisplayedInFrame())
    726         return 0;
     726        return nullptr;
    727727    if (!m_navigator)
    728728        m_navigator = Navigator::create(m_frame);
     
    734734{
    735735    if (!isCurrentlyDisplayedInFrame())
    736         return 0;
     736        return nullptr;
    737737    if (!m_performance)
    738         m_performance = Performance::create(m_frame);
     738        m_performance = Performance::create(*m_frame);
    739739    return m_performance.get();
    740740}
  • trunk/Source/WebCore/page/Performance.cpp

    r186208 r192582  
    3131
    3232#include "config.h"
     33
     34#if ENABLE(WEB_TIMING)
    3335#include "Performance.h"
    3436
    3537#include "Document.h"
    3638#include "DocumentLoader.h"
     39#include "Frame.h"
    3740#include "PerformanceEntry.h"
    3841#include "PerformanceNavigation.h"
     
    4346#include <wtf/CurrentTime.h>
    4447
    45 #if ENABLE(WEB_TIMING)
    46 
    47 #include "Frame.h"
    48 
    4948namespace WebCore {
    5049
     
    5352#endif
    5453
    55 Performance::Performance(Frame* frame)
    56     : DOMWindowProperty(frame)
     54Performance::Performance(Frame& frame)
     55    : DOMWindowProperty(&frame)
    5756#if ENABLE(RESOURCE_TIMING)
    5857    , m_resourceTimingBufferSize(defaultResourceTimingBufferSize)
    5958#endif // ENABLE(RESOURCE_TIMING)
    60     , m_referenceTime(frame->document()->loader()->timing().referenceMonotonicTime())
     59    , m_referenceTime(frame.document()->loader() ? frame.document()->loader()->timing().referenceMonotonicTime() : monotonicallyIncreasingTime())
    6160#if ENABLE(USER_TIMING)
    6261    , m_userTiming(nullptr)
     
    7372{
    7473    if (!frame())
    75         return 0;
     74        return nullptr;
    7675    return frame()->document();
    7776}
     
    232231double Performance::now() const
    233232{
    234     double nowSeconds = WTF::monotonicallyIncreasingTime() - m_referenceTime;
     233    double nowSeconds = monotonicallyIncreasingTime() - m_referenceTime;
    235234    const double resolutionSeconds = 0.000005;
    236235    return 1000.0 * floor(nowSeconds / resolutionSeconds) * resolutionSeconds;
  • trunk/Source/WebCore/page/Performance.h

    r184066 r192582  
    5555class Performance final : public ScriptWrappable, public RefCounted<Performance>, public DOMWindowProperty, public EventTargetWithInlineData {
    5656public:
    57     static Ref<Performance> create(Frame* frame) { return adoptRef(*new Performance(frame)); }
     57    static Ref<Performance> create(Frame& frame) { return adoptRef(*new Performance(frame)); }
    5858    ~Performance();
    5959
     
    9090
    9191private:
    92     explicit Performance(Frame*);
     92    explicit Performance(Frame&);
    9393
    9494    virtual void refEventTarget() override { ref(); }
Note: See TracChangeset for help on using the changeset viewer.