Bug 187110

Summary:

Add nullptr check for xpc_connection_t in AuthenticationManager::initializeConnection

Product:

WebKit

Reporter:

Jiewen Tan <jiewen_tan>

Component:

WebKit Misc.

Assignee:

Jiewen Tan <jiewen_tan>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

andersca, bfulgham, commit-queue, ews-watchlist, jiewen_tan, webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
Patch	none
Archive of layout-test-results from ews206 for win-future	none
Patch	none
Patch	none

Jiewen Tan

Reported 2018-06-27 12:20:28 PDT

Add null check for xpc_connection_t in AuthenticationManager::initializeConnection and AuthenticationChallengeProxy::sendClientCertificateCredentialOverXpc.

Attachments
Patch (2.75 KB, patch) 2018-06-27 12:36 PDT, Jiewen Tan	no flags	Details Formatted Diff Diff
Archive of layout-test-results from ews206 for win-future (12.82 MB, application/zip) 2018-06-27 17:14 PDT, EWS Watchlist	no flags	Details
Patch (1.93 KB, patch) 2018-06-28 11:49 PDT, Jiewen Tan	no flags	Details Formatted Diff Diff
Patch (1.93 KB, patch) 2018-06-28 11:51 PDT, Jiewen Tan	no flags	Details Formatted Diff Diff
Show Obsolete (3) View All Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2018-06-27 12:22:51 PDT

<rdar://problem/41536815>

Jiewen Tan

Comment 2 2018-06-27 12:36:20 PDT

Created attachment 343738 [details] Patch

EWS Watchlist

Comment 3 2018-06-27 17:14:37 PDT Comment hidden (obsolete)

Comment on attachment 343738 [details] Patch Attachment 343738 [details] did not pass win-ews (win): Output: https://webkit-queues.webkit.org/results/8364146 New failing tests: http/tests/security/canvas-remote-read-remote-video-blocked-no-crossorigin.html

EWS Watchlist

Comment 4 2018-06-27 17:14:49 PDT Comment hidden (obsolete)

Created attachment 343775 [details] Archive of layout-test-results from ews206 for win-future The attached test failures were seen while running run-webkit-tests on the win-ews. Bot: ews206 Port: win-future Platform: CYGWIN_NT-6.1-2.9.0-0.318-5-3-x86_64-64bit

Jiewen Tan

Comment 5 2018-06-27 17:46:05 PDT

The tree of win EWS bot is red.

Anders Carlsson

Comment 6 2018-06-28 08:26:49 PDT

The ChangeLog doesn't explain why this change is necessary.

Brent Fulgham

Comment 7 2018-06-28 09:39:09 PDT

Comment on attachment 343738 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=343738&action=review > Source/WebKit/Shared/Authentication/cocoa/AuthenticationManagerCocoa.mm:43 > + if (!connection || !connection->xpcConnection()) { I don't understand this change. It seems like you should add your nullptr check, but KEEP the XPC_TYPE_CONNECTION check. Why are you removing the XPC type check? > Source/WebKit/UIProcess/Authentication/cocoa/AuthenticationChallengeProxyCocoa.mm:56 > + if (!m_connection->xpcConnection()) { Is the issue that sometimes we go to relay client certificate data to the network process, but the network process has been terminated?

Jiewen Tan

Comment 8 2018-06-28 11:34:31 PDT

Comment on attachment 343738 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=343738&action=review I will add a description as well. >> Source/WebKit/Shared/Authentication/cocoa/AuthenticationManagerCocoa.mm:43 >> + if (!connection || !connection->xpcConnection()) { > > I don't understand this change. It seems like you should add your nullptr check, but KEEP the XPC_TYPE_CONNECTION check. Why are you removing the XPC type check? I actually make a mistake last time when I added this check. What I was trying to do is to do the nullptr check. Then I discovered xpc_get_type(). Therefore I used it to do a more general check. However, xpc_get_type() doesn't do the nullptr check for its parameters... Therefore, we now crash here. Since nullptr check is what I actually need, I don't have to check the type of the object. >> Source/WebKit/UIProcess/Authentication/cocoa/AuthenticationChallengeProxyCocoa.mm:56 >> + if (!m_connection->xpcConnection()) { > > Is the issue that sometimes we go to relay client certificate data to the network process, but the network process has been terminated? I haven't observed any issues here. I added this just in case there are some future issues. I can remove this check here.

Jiewen Tan

Comment 9 2018-06-28 11:49:56 PDT

Created attachment 343825 [details] Patch

Jiewen Tan

Comment 10 2018-06-28 11:51:45 PDT

Created attachment 343826 [details] Patch

Brent Fulgham

Comment 11 2018-06-28 16:29:11 PDT

Comment on attachment 343826 [details] Patch r=me

Jiewen Tan

Comment 12 2018-06-28 16:30:37 PDT

Comment on attachment 343826 [details] Patch Thanks Brent for r+ this patch.