[Webkit-unassigned] [Bug 247676] New: jsc_fuz/wktr: null ptr deref in WebCore::ReportingObserver::~ReportingObserver()
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Nov 9 08:03:37 PST 2022
https://bugs.webkit.org/show_bug.cgi?id=247676
Bug ID: 247676
Summary: jsc_fuz/wktr: null ptr deref in
WebCore::ReportingObserver::~ReportingObserver()
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: WebKit Misc.
Assignee: webkit-unassigned at lists.webkit.org
Reporter: a_izquierdogarcia at apple.com
CC: webkit-bug-importer at group.apple.com
Summary:
this crashes:
<script>
new Image().src = 'data:';
new Worker(`data:text/javascript,new ReportingObserver(() => {}).observe();`);
</script>
the Image is there to slightly delay exiting WebKitTestRunner
Steps To Reproduce:
Reproduces in both DumpRenderTree and WebKitTestRunner.
radar link rdar://101630801
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20221109/76b65103/attachment-0001.htm>
More information about the webkit-unassigned
mailing list