WebKit Bugzilla
Attachment 342156 Details for
Bug 186393
: Crash under Page::scrollingCoordinator()
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-186393-20180607155132.patch (text/plain), 1.75 KB, created by
Antoine Quint
on 2018-06-07 06:51:33 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
Antoine Quint
Created:
2018-06-07 06:51:33 PDT
Size:
1.75 KB
patch
obsolete
>Subversion Revision: 232573 >diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog >index c27e6b45d67d7e440f531184f5f62fab7492d17d..1b2ad015f2d2fce885050654ec0323bf109f85cf 100644 >--- a/Source/WebCore/ChangeLog >+++ b/Source/WebCore/ChangeLog >@@ -1,3 +1,18 @@ >+2018-06-07 Antoine Quint <graouts@apple.com> >+ >+ Crash under Page::scrollingCoordinator() >+ https://bugs.webkit.org/show_bug.cgi?id=186393 >+ <rdar://problem/38424306> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Blind attempt at fixing a crash in Page::scrollingCoordinator(). Looking at the code, we could crash if either >+ m_settings is nullptr or if m_scrollingCoordinator is nullptr and m_settings->scrollingCoordinatorEnabled() is >+ false. So we guard against both scenarios and return nullptr in these situations. >+ >+ * page/Page.cpp: >+ (WebCore::Page::scrollingCoordinator): >+ > 2018-06-06 Youenn Fablet <youenn@apple.com> > > HTTP Header values validation is too strict >diff --git a/Source/WebCore/page/Page.cpp b/Source/WebCore/page/Page.cpp >index 9e9defc8f4b2d74434bfa6a3e4a974f87244b51f..2cd23faded092c0d5b258dbdde4869e28b82d4b6 100644 >--- a/Source/WebCore/page/Page.cpp >+++ b/Source/WebCore/page/Page.cpp >@@ -373,7 +373,10 @@ ViewportArguments Page::viewportArguments() const > > ScrollingCoordinator* Page::scrollingCoordinator() > { >- if (!m_scrollingCoordinator && m_settings->scrollingCoordinatorEnabled()) { >+ if (!m_settings || !m_settings->scrollingCoordinatorEnabled()) >+ return nullptr; >+ >+ if (!m_scrollingCoordinator) { > m_scrollingCoordinator = chrome().client().createScrollingCoordinator(*this); > if (!m_scrollingCoordinator) > m_scrollingCoordinator = ScrollingCoordinator::create(this);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=342156">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
zalan
:
review-
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 186393
: 342156