183686 2018-03-15 17:22:15 -0700 [Curl] Fix crash on websocket with bad handshake message. 2018-03-16 13:57:20 -0700 1 1 1 Unclassified WebKit WebCore Misc. WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 basuke basuke achristensen basuke commit-queue pvollan rniwa ross.kirsling webkit-bug-importer youennf oldest_to_newest 1406888 0 basuke 2018-03-15 17:22:15 -0700 It was found by this existing test LayoutTests\http\tests\websocket\tests\hybi\bad-handshake-crash.html. 1406892 1 335913 basuke 2018-03-15 17:38:52 -0700 Created attachment 335913 PATCH 1406938 2 335913 youennf 2018-03-15 22:10:43 -0700 Comment on attachment 335913 PATCH View in context: https://bugs.webkit.org/attachment.cgi?id=335913&action=review > Source/WebCore/platform/network/curl/SocketStreamHandleImplCurl.cpp:94 > + m_closed = true; In case platformClose() needs to be called elsewhere in the future, we could rewrite it as: if (m_closed) return; m_closed = true; ... 1406983 3 basuke 2018-03-16 08:23:51 -0700 (In reply to youenn fablet from comment #2) > Comment on attachment 335913 [details] > PATCH > > View in context: > https://bugs.webkit.org/attachment.cgi?id=335913&action=review > > > Source/WebCore/platform/network/curl/SocketStreamHandleImplCurl.cpp:94 > > + m_closed = true; > > In case platformClose() needs to be called elsewhere in the future, we could > rewrite it as: > if (m_closed) > return; > m_closed = true; > ... Right. There're many other crashes to be fixed following this bug. Such kind of protection may be required. Thanks for pointing out. 1407029 4 335948 basuke 2018-03-16 10:11:03 -0700 Created attachment 335948 FIX Thanks for r+ @youenn 1407100 5 335948 commit-queue 2018-03-16 13:56:06 -0700 Comment on attachment 335948 FIX Clearing flags on attachment: 335948 Committed r229681: <https://trac.webkit.org/changeset/229681> 1407101 6 commit-queue 2018-03-16 13:56:07 -0700 All reviewed patches have been landed. Closing bug. 1407102 7 webkit-bug-importer 2018-03-16 13:57:20 -0700 <rdar://problem/38557767> 335913 2018-03-15 17:38:52 -0700 2018-03-16 10:11:03 -0700 PATCH 183686-ac8ea4edd8a.diff text/plain 2531 basuke ZGlmZiAtLWdpdCBhL1NvdXJjZS9XZWJDb3JlL0NoYW5nZUxvZyBiL1NvdXJjZS9XZWJDb3JlL0No YW5nZUxvZwppbmRleCBhZDg1YzRkNmZiMi4uYTZiMjIyOTM1NWEgMTAwNjQ0Ci0tLSBhL1NvdXJj ZS9XZWJDb3JlL0NoYW5nZUxvZworKysgYi9Tb3VyY2UvV2ViQ29yZS9DaGFuZ2VMb2cKQEAgLTEs MyArMSwyMSBAQAorMjAxOC0wMy0xNSAgQmFzdWtlIFN1enVraSAgPEJhc3VrZS5TdXp1a2lAc29u eS5jb20+CisKKyAgICAgICAgW0N1cmxdIEZpeCBjcmFzaCBvbiB3ZWJzb2NrZXQgd2l0aCBiYWQg aGFuZHNoYWtlIG1lc3NhZ2UuCisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3df YnVnLmNnaT9pZD0xODM2ODYKKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4K KworICAgICAgICBUaGUgY2xvc2luZyBjbGVhbnVwIHdhcyBjYWxsZWQgbXVsdGlwbGUgdGltZXMu IEFkZCBmbGFnIHRvIGRldGVjdAorICAgICAgICBpdCBpcyBhbHJlYWR5IGNsb3NlZCBvciBub3Qu CisKKyAgICAgICAgTm8gbmV3IHRlc3RzIGJlY2F1c2UgaXQgaXMgY292ZXJlZCBieSBleGlzdGlu ZyB0ZXN0OgorICAgICAgICAtIExheW91dFRlc3RzL2h0dHAvdGVzdHMvd2Vic29ja2V0L3Rlc3Rz L2h5YmkvYmFkLWhhbmRzaGFrZS1jcmFzaC5odG1sCisKKyAgICAgICAgKiBwbGF0Zm9ybS9uZXR3 b3JrL2N1cmwvU29ja2V0U3RyZWFtSGFuZGxlSW1wbC5oOgorICAgICAgICAqIHBsYXRmb3JtL25l dHdvcmsvY3VybC9Tb2NrZXRTdHJlYW1IYW5kbGVJbXBsQ3VybC5jcHA6CisgICAgICAgIChXZWJD b3JlOjpTb2NrZXRTdHJlYW1IYW5kbGVJbXBsOjpwbGF0Zm9ybUNsb3NlKToKKyAgICAgICAgKFdl YkNvcmU6OlNvY2tldFN0cmVhbUhhbmRsZUltcGw6OmRpZFJlY2VpdmVEYXRhKToKKwogMjAxOC0w My0xMiAgSm9obiBXaWxhbmRlciAgPHdpbGFuZGVyQGFwcGxlLmNvbT4KIAogICAgICAgICBSZXNv dXJjZSBMb2FkIFN0YXRpc3RpY3M6IEltbWVkaWF0ZWx5IGZvcndhcmQgY29va2llIGFjY2VzcyBh dCB1c2VyIGludGVyYWN0aW9uIHdoZW4gdGhlcmUncyBhbiBvcGVuZXIgZG9jdW1lbnQKZGlmZiAt LWdpdCBhL1NvdXJjZS9XZWJDb3JlL3BsYXRmb3JtL25ldHdvcmsvY3VybC9Tb2NrZXRTdHJlYW1I YW5kbGVJbXBsLmggYi9Tb3VyY2UvV2ViQ29yZS9wbGF0Zm9ybS9uZXR3b3JrL2N1cmwvU29ja2V0 U3RyZWFtSGFuZGxlSW1wbC5oCmluZGV4IDVjNGNhMjkxNWZjLi5jYTdlZDJkYTkwYSAxMDA2NDQK LS0tIGEvU291cmNlL1dlYkNvcmUvcGxhdGZvcm0vbmV0d29yay9jdXJsL1NvY2tldFN0cmVhbUhh bmRsZUltcGwuaAorKysgYi9Tb3VyY2UvV2ViQ29yZS9wbGF0Zm9ybS9uZXR3b3JrL2N1cmwvU29j a2V0U3RyZWFtSGFuZGxlSW1wbC5oCkBAIC0xMDAsNiArMTAwLDcgQEAgcHJpdmF0ZToKICAgICBM b2NrIG1fbXV0ZXhSZWNlaXZlOwogICAgIERlcXVlPFNvY2tldERhdGE+IG1fc2VuZERhdGE7CiAg ICAgRGVxdWU8U29ja2V0RGF0YT4gbV9yZWNlaXZlRGF0YTsKKyAgICBib29sIG1fY2xvc2VkIHsg ZmFsc2UgfTsKIAogICAgIFN0cmVhbUJ1ZmZlcjxjaGFyLCAxMDI0ICogMTAyND4gbV9idWZmZXI7 CiAgICAgc3RhdGljIGNvbnN0IHVuc2lnbmVkIG1heEJ1ZmZlclNpemUgPSAxMDAgKiAxMDI0ICog MTAyNDsKZGlmZiAtLWdpdCBhL1NvdXJjZS9XZWJDb3JlL3BsYXRmb3JtL25ldHdvcmsvY3VybC9T b2NrZXRTdHJlYW1IYW5kbGVJbXBsQ3VybC5jcHAgYi9Tb3VyY2UvV2ViQ29yZS9wbGF0Zm9ybS9u ZXR3b3JrL2N1cmwvU29ja2V0U3RyZWFtSGFuZGxlSW1wbEN1cmwuY3BwCmluZGV4IDVhNDVkZDhk YjUyLi43MmFmNTI2ZTEwMCAxMDA2NDQKLS0tIGEvU291cmNlL1dlYkNvcmUvcGxhdGZvcm0vbmV0 d29yay9jdXJsL1NvY2tldFN0cmVhbUhhbmRsZUltcGxDdXJsLmNwcAorKysgYi9Tb3VyY2UvV2Vi Q29yZS9wbGF0Zm9ybS9uZXR3b3JrL2N1cmwvU29ja2V0U3RyZWFtSGFuZGxlSW1wbEN1cmwuY3Bw CkBAIC05MSw2ICs5MSw3IEBAIHZvaWQgU29ja2V0U3RyZWFtSGFuZGxlSW1wbDo6cGxhdGZvcm1D bG9zZSgpCiAgICAgc3RvcFRocmVhZCgpOwogCiAgICAgbV9jbGllbnQuZGlkQ2xvc2VTb2NrZXRT dHJlYW0oKnRoaXMpOworICAgIG1fY2xvc2VkID0gdHJ1ZTsKIH0KIAogYm9vbCBTb2NrZXRTdHJl YW1IYW5kbGVJbXBsOjpyZWFkRGF0YShDVVJMKiBjdXJsSGFuZGxlKQpAQCAtMjY4LDcgKzI2OSw3 IEBAIHZvaWQgU29ja2V0U3RyZWFtSGFuZGxlSW1wbDo6ZGlkUmVjZWl2ZURhdGEoKQogICAgICAg ICBpZiAoc29ja2V0RGF0YS5zaXplID4gMCkgewogICAgICAgICAgICAgaWYgKHN0YXRlKCkgPT0g T3BlbikKICAgICAgICAgICAgICAgICBtX2NsaWVudC5kaWRSZWNlaXZlU29ja2V0U3RyZWFtRGF0 YSgqdGhpcywgc29ja2V0RGF0YS5kYXRhLmdldCgpLCBzb2NrZXREYXRhLnNpemUpOwotICAgICAg ICB9IGVsc2UKKyAgICAgICAgfSBlbHNlIGlmICghbV9jbG9zZWQpCiAgICAgICAgICAgICBwbGF0 Zm9ybUNsb3NlKCk7CiAgICAgfQogfQo= 335948 2018-03-16 10:11:03 -0700 2018-03-16 13:56:06 -0700 FIX 183686-ac8ea4edd8a.diff text/plain 2540 basuke ZGlmZiAtLWdpdCBhL1NvdXJjZS9XZWJDb3JlL0NoYW5nZUxvZyBiL1NvdXJjZS9XZWJDb3JlL0No YW5nZUxvZwppbmRleCBhZDg1YzRkNmZiMi4uZWQ1Mjc0Yzg0ZjkgMTAwNjQ0Ci0tLSBhL1NvdXJj ZS9XZWJDb3JlL0NoYW5nZUxvZworKysgYi9Tb3VyY2UvV2ViQ29yZS9DaGFuZ2VMb2cKQEAgLTEs MyArMSwyMSBAQAorMjAxOC0wMy0xNSAgQmFzdWtlIFN1enVraSAgPEJhc3VrZS5TdXp1a2lAc29u eS5jb20+CisKKyAgICAgICAgW0N1cmxdIEZpeCBjcmFzaCBvbiB3ZWJzb2NrZXQgd2l0aCBiYWQg aGFuZHNoYWtlIG1lc3NhZ2UuCisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3df YnVnLmNnaT9pZD0xODM2ODYKKworICAgICAgICBSZXZpZXdlZCBieSBZb3Vlbm4gRmFibGV0Lgor CisgICAgICAgIFRoZSBjbG9zaW5nIGNsZWFudXAgd2FzIGNhbGxlZCBtdWx0aXBsZSB0aW1lcy4g QWRkIGZsYWcgdG8gZGV0ZWN0CisgICAgICAgIGl0IGlzIGFscmVhZHkgY2xvc2VkIG9yIG5vdC4K KworICAgICAgICBObyBuZXcgdGVzdHMgYmVjYXVzZSBpdCBpcyBjb3ZlcmVkIGJ5IGV4aXN0aW5n IHRlc3Q6CisgICAgICAgIC0gTGF5b3V0VGVzdHMvaHR0cC90ZXN0cy93ZWJzb2NrZXQvdGVzdHMv aHliaS9iYWQtaGFuZHNoYWtlLWNyYXNoLmh0bWwKKworICAgICAgICAqIHBsYXRmb3JtL25ldHdv cmsvY3VybC9Tb2NrZXRTdHJlYW1IYW5kbGVJbXBsLmg6CisgICAgICAgICogcGxhdGZvcm0vbmV0 d29yay9jdXJsL1NvY2tldFN0cmVhbUhhbmRsZUltcGxDdXJsLmNwcDoKKyAgICAgICAgKFdlYkNv cmU6OlNvY2tldFN0cmVhbUhhbmRsZUltcGw6OnBsYXRmb3JtQ2xvc2UpOgorICAgICAgICAoV2Vi Q29yZTo6U29ja2V0U3RyZWFtSGFuZGxlSW1wbDo6ZGlkUmVjZWl2ZURhdGEpOgorCiAyMDE4LTAz LTEyICBKb2huIFdpbGFuZGVyICA8d2lsYW5kZXJAYXBwbGUuY29tPgogCiAgICAgICAgIFJlc291 cmNlIExvYWQgU3RhdGlzdGljczogSW1tZWRpYXRlbHkgZm9yd2FyZCBjb29raWUgYWNjZXNzIGF0 IHVzZXIgaW50ZXJhY3Rpb24gd2hlbiB0aGVyZSdzIGFuIG9wZW5lciBkb2N1bWVudApkaWZmIC0t Z2l0IGEvU291cmNlL1dlYkNvcmUvcGxhdGZvcm0vbmV0d29yay9jdXJsL1NvY2tldFN0cmVhbUhh bmRsZUltcGwuaCBiL1NvdXJjZS9XZWJDb3JlL3BsYXRmb3JtL25ldHdvcmsvY3VybC9Tb2NrZXRT dHJlYW1IYW5kbGVJbXBsLmgKaW5kZXggNWM0Y2EyOTE1ZmMuLmNhN2VkMmRhOTBhIDEwMDY0NAot LS0gYS9Tb3VyY2UvV2ViQ29yZS9wbGF0Zm9ybS9uZXR3b3JrL2N1cmwvU29ja2V0U3RyZWFtSGFu ZGxlSW1wbC5oCisrKyBiL1NvdXJjZS9XZWJDb3JlL3BsYXRmb3JtL25ldHdvcmsvY3VybC9Tb2Nr ZXRTdHJlYW1IYW5kbGVJbXBsLmgKQEAgLTEwMCw2ICsxMDAsNyBAQCBwcml2YXRlOgogICAgIExv Y2sgbV9tdXRleFJlY2VpdmU7CiAgICAgRGVxdWU8U29ja2V0RGF0YT4gbV9zZW5kRGF0YTsKICAg ICBEZXF1ZTxTb2NrZXREYXRhPiBtX3JlY2VpdmVEYXRhOworICAgIGJvb2wgbV9jbG9zZWQgeyBm YWxzZSB9OwogCiAgICAgU3RyZWFtQnVmZmVyPGNoYXIsIDEwMjQgKiAxMDI0PiBtX2J1ZmZlcjsK ICAgICBzdGF0aWMgY29uc3QgdW5zaWduZWQgbWF4QnVmZmVyU2l6ZSA9IDEwMCAqIDEwMjQgKiAx MDI0OwpkaWZmIC0tZ2l0IGEvU291cmNlL1dlYkNvcmUvcGxhdGZvcm0vbmV0d29yay9jdXJsL1Nv Y2tldFN0cmVhbUhhbmRsZUltcGxDdXJsLmNwcCBiL1NvdXJjZS9XZWJDb3JlL3BsYXRmb3JtL25l dHdvcmsvY3VybC9Tb2NrZXRTdHJlYW1IYW5kbGVJbXBsQ3VybC5jcHAKaW5kZXggNWE0NWRkOGRi NTIuLjQ0MWYzMmQzZWU1IDEwMDY0NAotLS0gYS9Tb3VyY2UvV2ViQ29yZS9wbGF0Zm9ybS9uZXR3 b3JrL2N1cmwvU29ja2V0U3RyZWFtSGFuZGxlSW1wbEN1cmwuY3BwCisrKyBiL1NvdXJjZS9XZWJD b3JlL3BsYXRmb3JtL25ldHdvcmsvY3VybC9Tb2NrZXRTdHJlYW1IYW5kbGVJbXBsQ3VybC5jcHAK QEAgLTg4LDYgKzg4LDEwIEBAIHZvaWQgU29ja2V0U3RyZWFtSGFuZGxlSW1wbDo6cGxhdGZvcm1D bG9zZSgpCiAKICAgICBBU1NFUlQoaXNNYWluVGhyZWFkKCkpOwogCisgICAgaWYgKG1fY2xvc2Vk KQorICAgICAgICByZXR1cm47CisKKyAgICBtX2Nsb3NlZCA9IHRydWU7CiAgICAgc3RvcFRocmVh ZCgpOwogCiAgICAgbV9jbGllbnQuZGlkQ2xvc2VTb2NrZXRTdHJlYW0oKnRoaXMpOwpAQCAtMjY4 LDcgKzI3Miw3IEBAIHZvaWQgU29ja2V0U3RyZWFtSGFuZGxlSW1wbDo6ZGlkUmVjZWl2ZURhdGEo KQogICAgICAgICBpZiAoc29ja2V0RGF0YS5zaXplID4gMCkgewogICAgICAgICAgICAgaWYgKHN0 YXRlKCkgPT0gT3BlbikKICAgICAgICAgICAgICAgICBtX2NsaWVudC5kaWRSZWNlaXZlU29ja2V0 U3RyZWFtRGF0YSgqdGhpcywgc29ja2V0RGF0YS5kYXRhLmdldCgpLCBzb2NrZXREYXRhLnNpemUp OwotICAgICAgICB9IGVsc2UKKyAgICAgICAgfSBlbHNlIGlmICghbV9jbG9zZWQpCiAgICAgICAg ICAgICBwbGF0Zm9ybUNsb3NlKCk7CiAgICAgfQogfQo=