Bug 192941

Summary:

REGRESSION (r239419): heap-use-after-free in AudioSourceProviderAVFObjC::finalizeCallback()

Product:

WebKit

Reporter:

Jer Noble <jer.noble>

Component:

New Bugs

Assignee:

Jer Noble <jer.noble>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

bfulgham, commit-queue, ews-watchlist, ryanhaddad, webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
Patch	none

Jer Noble

Reported 2018-12-20 11:15:13 PST

REGRESSION (r239419): heap-use-after-free in AudioSourceProviderAVFObjC::finalizeCallback()

Attachments
Patch (1.81 KB, patch) 2018-12-20 11:18 PST, Jer Noble	no flags	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Jer Noble

Comment 1 2018-12-20 11:15:40 PST

<rdar://problem/46874096>

Jer Noble

Comment 2 2018-12-20 11:18:22 PST

Created attachment 357836 [details] Patch

EWS Watchlist

Comment 3 2018-12-20 11:20:41 PST

Attachment 357836 [details] did not pass style-queue: ERROR: Source/WebCore/ChangeLog:3: Please consider whether the use of security-sensitive phrasing could help someone exploit WebKit: use-after-free [changelog/unwantedsecurityterms] [3] Total errors found: 1 in 2 files If any of these errors are false positives, please file a bug against check-webkit-style.

Brent Fulgham

Comment 4 2018-12-20 11:21:32 PST

Comment on attachment 357836 [details] Patch r=me. Lifetimes FTW!

WebKit Commit Bot

Comment 5 2018-12-20 11:48:42 PST

Comment on attachment 357836 [details] Patch Clearing flags on attachment: 357836 Committed r239458: <https://trac.webkit.org/changeset/239458>

WebKit Commit Bot

Comment 6 2018-12-20 11:48:43 PST

All reviewed patches have been landed. Closing bug.

Note You need to log in before you can comment on or make changes to this bug.