[webkit-changes] [WebKit/WebKit] 151396: CRASH at WebKit::VideoFullscreenManager::ensureMod...
Jer Noble
noreply at github.com
Mon Nov 7 08:56:17 PST 2022
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 1513963400a6fab88f9f5420b8a96c32a1e10cd6
https://github.com/WebKit/WebKit/commit/1513963400a6fab88f9f5420b8a96c32a1e10cd6
Author: Jer Noble <jer.noble at apple.com>
Date: 2022-11-07 (Mon, 07 Nov 2022)
Changed paths:
M Source/WebKit/WebProcess/cocoa/VideoFullscreenManager.mm
Log Message:
-----------
CRASH at WebKit::VideoFullscreenManager::ensureModelAndInterface
https://bugs.webkit.org/show_bug.cgi?id=247520
rdar://67069959
Reviewed by Eric Carlson.
In VideoFullscreenManager::exitVideoFullscreenToModeWithoutAnimation(), the HTMLVideoElement
parameter is search for in a HashMap storing those media element's matching contextIDs. If,
however, the media element was never in that HashMap, or if it was already removed from that
hash map, (or more unlikely, if an invalid contextID was inserted into that HashMap), attempting
to use that invalid contextID as the key to other HashMaps will cause failures, as the map will
treat that contextID as the "deleted value" key.
In this exceptional scenario, just bail out.
* Source/WebKit/WebProcess/cocoa/VideoFullscreenManager.mm:
(WebKit::VideoFullscreenManager::exitVideoFullscreenToModeWithoutAnimation):
Canonical link: https://commits.webkit.org/256409@main
More information about the webkit-changes
mailing list