Summary: | [GTK] Crash in WebKitFaviconDatabase when pageURL is unset | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Michael Catanzaro <mcatanzaro> | ||||||
Component: | WebKitGTK | Assignee: | Michael Catanzaro <mcatanzaro> | ||||||
Status: | RESOLVED FIXED | ||||||||
Severity: | Normal | CC: | ap, berto, bugs-noreply, calvaris, cgarcia, commit-queue, ews-watchlist, gustavo, mcatanzaro, mishra.dhiraj95, omarandemad, soyunhombrevirtual | ||||||
Priority: | P2 | ||||||||
Version: | WebKit Nightly Build | ||||||||
Hardware: | PC | ||||||||
OS: | Linux | ||||||||
Attachments: |
|
Description
Michael Catanzaro
2018-05-31 15:02:35 PDT
Created attachment 341696 [details]
Patch
Thanks for the patch. If this patch contains new public API please make sure it follows the guidelines for new WebKit2 GTK+ API. See http://trac.webkit.org/wiki/WebKitGTK/AddingNewWebKit2API Comment on attachment 341696 [details] Patch Attachment 341696 [details] did not pass win-ews (win): Output: http://webkit-queues.webkit.org/results/7915536 New failing tests: http/tests/security/canvas-remote-read-remote-video-blocked-no-crossorigin.html Created attachment 341727 [details]
Archive of layout-test-results from ews202 for win-future
The attached test failures were seen while running run-webkit-tests on the win-ews.
Bot: ews202 Port: win-future Platform: CYGWIN_NT-6.1-2.9.0-0.318-5-3-x86_64-64bit
Comment on attachment 341696 [details] Patch Clearing flags on attachment: 341696 Committed r232397: <https://trac.webkit.org/changeset/232397> All reviewed patches have been landed. Closing bug. PS: CVE-2018-11646 was assigned to this. Please note, the CVE description is: "webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as distributed in Safari Technology Preview Release 57, mishandle an unset pageURL, leading to an application crash." But this code is GLib-specific. It is not built or used by Safari. (In reply to Michael Catanzaro from comment #8) > But this code is GLib-specific. It is not built or used by Safari. These functions are not built for WPE either, so only WebKitGTK+ is affected. (In reply to Michael Catanzaro from comment #8) > Please note, the CVE description is: > > "webkitFaviconDatabaseSetIconForPageURL and > webkitFaviconDatabaseSetIconURLForPageURL in > UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as distributed in > Safari Technology Preview Release 57, mishandle an unset pageURL, leading to > an application crash." > > But this code is GLib-specific. It is not built or used by Safari. I've submitted a description update request to MITRE. |