Title: [275786] trunk/Source/WebKit
- Revision
- 275786
- Author
- [email protected]
- Date
- 2021-04-09 17:03:58 -0700 (Fri, 09 Apr 2021)
Log Message
Web process crashes if image extraction is requested for an element that is pending image extraction
https://bugs.webkit.org/show_bug.cgi?id=224397
<rdar://problem/76472254>
Reviewed by Tim Horton.
Add a missing null check, so that we don't append (and then end up attempting to call) a null completion handler
in the case where image extraction is re-requested for an element that already has a pending image extraction
request.
This is currently not possible to reliably test this; in a future patch, I will add testing infrastructure that
will allow us to simulate image extraction requests and responses at the client layer.
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::requestImageExtraction):
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (275785 => 275786)
--- trunk/Source/WebKit/ChangeLog 2021-04-09 23:56:59 UTC (rev 275785)
+++ trunk/Source/WebKit/ChangeLog 2021-04-10 00:03:58 UTC (rev 275786)
@@ -1,3 +1,21 @@
+2021-04-09 Wenson Hsieh <[email protected]>
+
+ Web process crashes if image extraction is requested for an element that is pending image extraction
+ https://bugs.webkit.org/show_bug.cgi?id=224397
+ <rdar://problem/76472254>
+
+ Reviewed by Tim Horton.
+
+ Add a missing null check, so that we don't append (and then end up attempting to call) a null completion handler
+ in the case where image extraction is re-requested for an element that already has a pending image extraction
+ request.
+
+ This is currently not possible to reliably test this; in a future patch, I will add testing infrastructure that
+ will allow us to simulate image extraction requests and responses at the client layer.
+
+ * WebProcess/WebPage/WebPage.cpp:
+ (WebKit::WebPage::requestImageExtraction):
+
2021-04-09 Sihui Liu <[email protected]>
Unreviewed, fix for test crashes after r275779.
Modified: trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp (275785 => 275786)
--- trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp 2021-04-09 23:56:59 UTC (rev 275785)
+++ trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp 2021-04-10 00:03:58 UTC (rev 275786)
@@ -7299,7 +7299,8 @@
});
if (matchIndex != notFound) {
- m_elementsPendingImageExtraction[matchIndex].second.append(WTFMove(completion));
+ if (completion)
+ m_elementsPendingImageExtraction[matchIndex].second.append(WTFMove(completion));
return;
}
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
