[webkit-reviews] review denied: [Bug 186560] [GTK][WPE] WebDriver: handle acceptInsecureCertificates capability : [Attachment 342527] Patch

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Jun 12 16:10:44 PDT 2018

Brian Burg <bburg at apple.com> has denied Carlos Garcia Campos
<cgarcia at igalia.com>'s request for review:
Bug 186560: [GTK][WPE] WebDriver: handle acceptInsecureCertificates capability

Attachment 342527: Patch


--- Comment #6 from Brian Burg <bburg at apple.com> ---
Comment on attachment 342527
  --> https://bugs.webkit.org/attachment.cgi?id=342527

View in context: https://bugs.webkit.org/attachment.cgi?id=342527&action=review

Everything else looks fine except the issue noted.

> Source/WebDriver/ChangeLog:9
> +	   cabaility is sent.

Nit: capability

> Source/WebKit/UIProcess/Cocoa/AutomationClient.mm:89
> +    dispatch_async(dispatch_get_main_queue(), ^{

r- because this causes a UAF (which I only caught by applying manually and
running tests ;-)). You need to do the following outside the block:

NSString *requestedSessionIdentifier = sessionIdentifier;

then use that NSString as the argument rather than applying the type conversion
inside the block. The WTFString may no longer be around at that time.

More information about the webkit-reviews mailing list