[Webkit-unassigned] [Bug 177733] New: [curl] Crashes in CurlRequest::setupPUT()

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sun Oct 1 23:48:57 PDT 2017 

https://bugs.webkit.org/show_bug.cgi?id=177733

            Bug ID: 177733
           Summary: [curl] Crashes in CurlRequest::setupPUT()
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Platform
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: Hironori.Fujii at sony.com
                CC: Basuke.Suzuki at sony.com

[curl] Crashes in CurlRequest::setupPUT()

MiniBrowser crashed while browsing CNN and Google News.
I tested with trunk at 222695, WinCairo port, Debug build, MiniBrowser.

Callstack:

> WebKit.dll!WTF::Vector<WebCore::FormDataElement,0,WTF::CrashOnOverflow,16,WTF::FastMalloc>::size() Line 647	C++
> WebKit.dll!WebCore::CurlRequest::setupPUT(WebCore::ResourceRequest & request) Line 384	C++
> WebKit.dll!WebCore::CurlRequest::setupTransfer() Line 159	C++
> WebKit.dll!WebCore::CurlJobList::startJobs(WTF::HashSet<WebCore::CurlJobClient *,WTF::PtrHash<WebCore::CurlJobClient *>,WTF::HashTraits<WebCore::CurlJobClient *> > && jobs) Line 46	C++
> WebKit.dll!WebCore::CurlJobManager::updateJobList(WebCore::CurlJobList & jobs) Line 178	C++
> WebKit.dll!WebCore::CurlJobManager::workerThread() Line 197	C++
> WebKit.dll!WebCore::CurlJobManager::startThreadIfNeeded::__l10::<lambda>() Line 132	C++
> WebKit.dll!WTF::Function<void __cdecl(void)>::CallableWrapper<void <lambda>(void) >::call() Line 101	C++
> WTF.dll!WTF::Function<void __cdecl(void)>::operator()() Line 57	C++
> WTF.dll!WTF::Thread::entryPoint(WTF::Thread::NewThreadContext * newThreadContext) Line 130	C++
> WTF.dll!WTF::wtfThreadEntryPoint(void * data) Line 157	C++
> WTF.dll!thread_start<unsigned int (__cdecl*)(void * __ptr64)>(void * const parameter) Line 115	C++
> [External Code]	


> auto numElements = request.httpBody()->elements().size();

request.httpBody() was null.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20171002/abbfb5bc/attachment.html>

More information about the webkit-unassigned mailing list