Changeset 262023 in webkit
- Timestamp:
- May 21, 2020 1:14:36 PM (4 years ago)
- Location:
- trunk
- Files:
-
- 2 added
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r262021 r262023 1 2020-05-21 Pinki Gyanchandani <pgyanchandani@apple.com> 2 3 Null Ptr Deref @ WebCore::ResourceResponse::platformLazyInit 4 https://bugs.webkit.org/show_bug.cgi?id=212224 5 6 Reviewed by Geoffrey Garen. 7 8 Added a regression test. 9 10 * media/continue-load-after-client-cancellation-crash-expected.txt: Added. 11 * media/continue-load-after-client-cancellation-crash.html: Added. 12 1 13 2020-05-21 Peng Liu <peng.liu6@apple.com> 2 14 -
trunk/Source/WebKitLegacy/mac/ChangeLog
r261981 r262023 1 2020-05-21 Pinki Gyanchandani <pgyanchandani@apple.com> 2 3 Null Ptr Deref @ WebCore::ResourceResponse::platformLazyInit 4 https://bugs.webkit.org/show_bug.cgi?id=212224 5 6 Reviewed by Geoffrey Garen. 7 8 Its possible that client can cancel the load implicitly or explicitly after its informed that load is committed, but code continues to assume that 9 loading is still in progress. This was cause of crash. 10 Added nullptr check before dereferencing the documentLoader, after client calls the commit load. 11 12 * WebView/WebHTMLRepresentation.mm: 13 (-[WebHTMLRepresentation receivedData:withDataSource:]): 14 1 15 2020-05-20 Darin Adler <darin@apple.com> 2 16 -
trunk/Source/WebKitLegacy/mac/WebView/WebHTMLRepresentation.mm
r260739 r262023 172 172 - (void)receivedData:(NSData *)data withDataSource:(WebDataSource *)dataSource 173 173 { 174 auto protectedSelf = retainPtr(self); 174 175 WebFrame *webFrame = [dataSource webFrame]; 175 176 if (!webFrame) … … 181 182 // If the document is a stand-alone media document, now is the right time to cancel the WebKit load 182 183 Frame* coreFrame = core(webFrame); 183 if (coreFrame->document()->isMediaDocument() )184 if (coreFrame->document()->isMediaDocument() && coreFrame->loader().documentLoader()) 184 185 coreFrame->loader().documentLoader()->cancelMainResourceLoad(coreFrame->loader().client().pluginWillHandleLoadError(coreFrame->loader().documentLoader()->response())); 185 186
Note: See TracChangeset
for help on using the changeset viewer.