Changeset 70637 in webkit


Ignore:
Timestamp:
Oct 27, 2010 5:07:36 AM (13 years ago)
Author:
commit-queue@webkit.org
Message:

2010-10-27 Kimmo Kinnunen <kimmo.t.kinnunen@nokia.com>

Reviewed by Andreas Kling.

[Qt] WebKit2 UI process crashes if web process crashes
https://bugs.webkit.org/show_bug.cgi?id=48400

Check the success of socket write operations.
Avoids crashing the UI process if web process has crashed.
Qt socket code segfaults when write is called for a socket
that has had an error.

  • Platform/CoreIPC/qt/ConnectionQt.cpp: (CoreIPC::Connection::platformInvalidate): Reset m_socket after deletion.

(CoreIPC::Connection::sendOutgoingMessage):
Check error status of write operations and
invalidate socket if writes fail.

Location:
trunk/WebKit2
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/WebKit2/ChangeLog

    r70635 r70637  
     12010-10-27  Kimmo Kinnunen  <kimmo.t.kinnunen@nokia.com>
     2
     3        Reviewed by Andreas Kling.
     4
     5        [Qt] WebKit2 UI process crashes if web process crashes
     6        https://bugs.webkit.org/show_bug.cgi?id=48400
     7
     8        Check the success of socket write operations.
     9        Avoids crashing the UI process if web process has crashed.
     10        Qt socket code segfaults when write is called for a socket
     11        that has had an error.
     12
     13        * Platform/CoreIPC/qt/ConnectionQt.cpp:
     14        (CoreIPC::Connection::platformInvalidate):
     15        Reset m_socket after deletion.
     16
     17        (CoreIPC::Connection::sendOutgoingMessage):
     18        Check error status of write operations and
     19        invalidate socket if writes fail.
     20
    1212010-10-27  Kimmo Kinnunen  <kimmo.t.kinnunen@nokia.com>
    222

  • trunk/WebKit2/Platform/CoreIPC/qt/ConnectionQt.cpp

    r70635 r70637  
    5252{
    5353    delete m_socket;
     54    m_socket = 0;
    5455}
    5556
     
    120121    // Write message size first
    121122    // FIXME: Should  just do a single write.
    122     m_socket->write(reinterpret_cast<char*>(&bufferSize), sizeof(bufferSize));
     123    qint64 bytesWrittenForSize = m_socket->write(reinterpret_cast<char*>(&bufferSize), sizeof(bufferSize));
     124    if (bytesWrittenForSize != sizeof(bufferSize)) {
     125        connectionDidClose();
     126        return false;
     127    }
    123128
    124     qint64 bytesWritten = m_socket->write(reinterpret_cast<char*>(arguments->buffer()), arguments->bufferSize());
     129    qint64 bytesWrittenForBuffer = m_socket->write(reinterpret_cast<char*>(arguments->buffer()), arguments->bufferSize());
     130    if (bytesWrittenForBuffer != arguments->bufferSize()) {
     131        connectionDidClose();
     132        return false;
     133    }
    125134
    126     ASSERT_UNUSED(bytesWritten, bytesWritten == arguments->bufferSize());
    127135    return true;
    128136}
Note: See TracChangeset for help on using the changeset viewer.