[Webkit-unassigned] [Bug 178434] New: [curl] Segfault in WebCore::CurlRequest::setupPOST

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Oct 18 02:52:37 PDT 2017 

https://bugs.webkit.org/show_bug.cgi?id=178434

            Bug ID: 178434
           Summary: [curl] Segfault in WebCore::CurlRequest::setupPOST
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Platform
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: Hironori.Fujii at sony.com
                CC: Basuke.Suzuki at sony.com

[curl] Segfault in WebCore::CurlRequest::setupPOST

1) Start MiniBrowser
2) Open http://amazon.co.jp/
3) Crash

WinCairo port, trunk at 223596, Debug build

Callstack:

> WebKit.dll!WTF::Vector<WebCore::FormDataElement,0,WTF::CrashOnOverflow,16,WTF::FastMalloc>::size() Line 661	C++
> WebKit.dll!WebCore::CurlRequest::setupPOST(WebCore::ResourceRequest & request) Line 421	C++
> WebKit.dll!WebCore::CurlRequest::setupTransfer() Line 159	C++
> WebKit.dll!WebCore::CurlJobList::startJobs(WTF::HashSet<WebCore::CurlJobClient *,WTF::PtrHash<WebCore::CurlJobClient *>,WTF::HashTraits<WebCore::CurlJobClient *> > && jobs) Line 46	C++
> WebKit.dll!WebCore::CurlJobManager::updateJobList(WebCore::CurlJobList & jobs) Line 178	C++
> WebKit.dll!WebCore::CurlJobManager::workerThread() Line 197	C++
> WebKit.dll!WebCore::CurlJobManager::startThreadIfNeeded::__l10::<lambda>() Line 132	C++
> WebKit.dll!WTF::Function<void __cdecl(void)>::CallableWrapper<void <lambda>(void) >::call() Line 101	C++
> WTF.dll!WTF::Function<void __cdecl(void)>::operator()() Line 57	C++
> WTF.dll!WTF::Thread::entryPoint(WTF::Thread::NewThreadContext * newThreadContext) Line 130	C++
> WTF.dll!WTF::wtfThreadEntryPoint(void * data) Line 157	C++
> WTF.dll!thread_start<unsigned int (__cdecl*)(void * __ptr64)>(void * const parameter) Line 115	C++
> [External Code]	


> void CurlRequest::setupPOST(ResourceRequest& request)
> {
>     m_curlHandle->enableHttpPostRequest();
> 
>     auto numElements = request.httpBody()->elements().size();
>     if (!numElements)
>         return;

request.m_httpBody was null.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20171018/ad6e745c/attachment.html>

More information about the webkit-unassigned mailing list