[webkit-changes] [WebKit/WebKit] d7832a: Potential crash under NetworkDataTaskBlob::dispatc...
Chris Dumez
noreply at github.com
Fri Jul 7 09:48:46 PDT 2023
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: d7832a4e54aded809a7ea2d90b9d014d882e0e71
https://github.com/WebKit/WebKit/commit/d7832a4e54aded809a7ea2d90b9d014d882e0e71
Author: Chris Dumez <cdumez at apple.com>
Date: 2023-07-07 (Fri, 07 Jul 2023)
Changed paths:
M Source/WebCore/platform/network/BlobResourceHandle.cpp
M Source/WebCore/platform/network/BlobResourceHandle.h
M Source/WebKit/NetworkProcess/NetworkDataTaskBlob.cpp
M Source/WebKit/NetworkProcess/NetworkDataTaskBlob.h
Log Message:
-----------
Potential crash under NetworkDataTaskBlob::dispatchDidReceiveResponse()
https://bugs.webkit.org/show_bug.cgi?id=258951
rdar://111798349
Reviewed by Youenn Fablet.
In getSizeForNext(), we call seek() and then dispatchDidReceiveResponse().
After 261968 at main, seek() could call fail internally and call didFail().
However, we could still call dispatchDidReceiveResponse() right after in
case of failure.
We now propagate the error state out of seek() and have the caller call
didFail() and then early return instead of calling dispatchDidReceiveResponse().
* Source/WebKit/NetworkProcess/NetworkDataTaskBlob.cpp:
(WebKit::NetworkDataTaskBlob::getSizeForNext):
(WebKit::NetworkDataTaskBlob::seek):
* Source/WebKit/NetworkProcess/NetworkDataTaskBlob.h:
Canonical link: https://commits.webkit.org/265848@main
More information about the webkit-changes
mailing list