[Webkit-unassigned] [Bug 201215] New: [WebKit] WKURLCopyString crashes if null WKURL is passed

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Aug 28 04:44:40 PDT 2019 

https://bugs.webkit.org/show_bug.cgi?id=201215

            Bug ID: 201215
           Summary: [WebKit] WKURLCopyString crashes if null WKURL is
                    passed
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit2
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: Hironori.Fujii at sony.com

[WebKit] WKURLCopyString crashes if null WKURL is passed

WKPageCopyActiveURL returns null WKURL if MiniBrowser.exe is executed with an invalid URL.

.\WebKitBuild\Release\bin64\MiniBrowser.exe http://abcdefg.hijklm

Callstack:

> WTF.dll!WTF::String::isolatedCopy() Line 635	C++
> [Inline Frame] WebKit2.dll!API::String::create(const WTF::String &) Line 47	C++
> [Inline Frame] WebKit2.dll!WebKit::toCopiedAPI(const WTF::String &) Line 165	C++
> WebKit2.dll!WKURLCopyString(const OpaqueWKURL * url) Line 48	C++
> [Inline Frame] MiniBrowserLib.dll!createString(const OpaqueWKURL *) Line 53	C++
> MiniBrowserLib.dll!WebKitBrowserWindow::didChangeActiveURL(const void * clientInfo) Line 331	C++
> WebKit2.dll!WebKit::PageLoadState::callObserverCallback(void(WebKit::PageLoadState::Observer::*)() callback) Line 454	C++
> WebKit2.dll!WebKit::PageLoadState::commitChanges() Line 140	C++
> WebKit2.dll!WebKit::WebPageProxy::didFailProvisionalLoadForFrameShared(WTF::Ref<WebKit::WebProcessProxy,WTF::DumbPtrTraits<WebKit::WebProcessProxy> > && process, WTF::ObjectIdentifier<enum WebCore::FrameIdentifierType> frameID, const WebCore::SecurityOriginData & frameSecurityOrigin, unsigned __int64 navigationID, const WTF::String & provisionalURL, const WebCore::ResourceError & error, WebCore::WillContinueLoading willContinueLoading, const WebKit::UserData & userData) Line 4181	C++
> WebKit2.dll!WebKit::WebPageProxy::didFailProvisionalLoadForFrame(WTF::ObjectIdentifier<enum WebCore::FrameIdentifierType> frameID, const WebCore::SecurityOriginData & frameSecurityOrigin, unsigned __int64 navigationID, const WTF::String & provisionalURL, const WebCore::ResourceError & error, WebCore::WillContinueLoading willContinueLoading, const WebKit::UserData & userData) Line 4145	C++
> [Inline Frame] WebKit2.dll!IPC::callMemberFunctionImpl(WebKit::WebPageProxy *)	C++
> [Inline Frame] WebKit2.dll!IPC::callMemberFunction(std::tuple<WTF::ObjectIdentifier<enum WebCore::FrameIdentifierType>,WebCore::SecurityOriginData,unsigned __int64,WTF::String,WebCore::ResourceError,enum WebCore::WillContinueLoading,WebKit::UserData> &&)	C++
> WebKit2.dll!IPC::handleMessage<Messages::WebPageProxy::DidFailProvisionalLoadForFrame,WebKit::WebPageProxy,void (__cdecl WebKit::WebPageProxy::*)(WTF::ObjectIdentifier<enum WebCore::FrameIdentifierType>,WebCore::SecurityOriginData const &,unsigned __int64,WTF::String const &,WebCore::ResourceError const &,enum WebCore::WillContinueLoading,WebKit::UserData const &)>(IPC::Decoder & decoder, WebKit::WebPageProxy * object, void(WebKit::WebPageProxy::*)(WTF::ObjectIdentifier<enum WebCore::FrameIdentifierType>, const WebCore::SecurityOriginData &, unsigned __int64, const WTF::String &, const WebCore::ResourceError &, WebCore::WillContinueLoading, const WebKit::UserData &) function) Line 121	C++
> WebKit2.dll!WebKit::WebPageProxy::didReceiveMessage(IPC::Connection & connection, IPC::Decoder & decoder) Line 1010	C++
> WebKit2.dll!IPC::MessageReceiverMap::dispatchMessage(IPC::Connection & connection, IPC::Decoder & decoder) Line 128	C++
> WebKit2.dll!WebKit::WebProcessProxy::didReceiveMessage(IPC::Connection & connection, IPC::Decoder & decoder) Line 657	C++
> WebKit2.dll!IPC::Connection::dispatchMessage(IPC::Decoder & decoder) Line 939	C++
> WebKit2.dll!IPC::Connection::dispatchMessage(std::unique_ptr<IPC::Decoder,std::default_delete<IPC::Decoder> > message) Line 993	C++
> WebKit2.dll!IPC::Connection::dispatchIncomingMessages() Line 1097	C++
> [Inline Frame] WebKit2.dll!IPC::Connection::enqueueIncomingMessage::__l2::<lambda_358f200b3b860a7bdb941200db902cbe>::operator()()	C++
> WebKit2.dll!WTF::Detail::CallableWrapper<<lambda_358f200b3b860a7bdb941200db902cbe>,void>::call() Line 52	C++
> [Inline Frame] WTF.dll!WTF::Function<void __cdecl(void)>::operator()()	C++
> WTF.dll!WTF::RunLoop::performWork() Line 108	C++
> [Inline Frame] WTF.dll!WTF::RunLoop::wndProc(HWND__ *) Line 57	C++
> WTF.dll!WTF::RunLoop::RunLoopWndProc(HWND__ * hWnd, unsigned int message, unsigned __int64 wParam, __int64 lParam) Line 39	C++
> [External Code]	
> WebKit.dll!WebKitMessageLoop::run(HACCEL__ * hAccelTable) Line 89	C++
> MiniBrowserLib.dll!wWinMain(HINSTANCE__ * hInstance, HINSTANCE__ * hPrevInstance, wchar_t * lpstrCmdLine, int nCmdShow) Line 99	C++
> MiniBrowser.exe!wWinMain(HINSTANCE__ * hInstance, HINSTANCE__ * hPrevInstance, wchar_t * lpstrCmdLine, int nCmdShow) Line 232	C++
> [External Code]

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20190828/8d80acf1/attachment-0001.html>

More information about the webkit-unassigned mailing list