Bug 196276

Summary: API::Data::createWithoutCopying should do a null check before calling CFRelease
Product: WebKit Reporter: Jiewen Tan <jiewen_tan>
Component: WebKit Misc.Assignee: Jiewen Tan <jiewen_tan>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, alecflett, beidson, commit-queue, ddkilzer, ews-watchlist, jiewen_tan, jsbell, sihui_liu, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on: 196319    
Bug Blocks:    
Attachments:
Description Flags
Patch
none
Patch none

Description Jiewen Tan 2019-03-26 15:31:18 PDT
API::Data::createWithoutCopying should do a null check before calling CFRelease.
Comment 1 Jiewen Tan 2019-03-26 15:31:35 PDT
<rdar://problem/48059859>
Comment 2 Jiewen Tan 2019-03-26 15:45:19 PDT
Created attachment 366016 [details]
Patch
Comment 3 Jiewen Tan 2019-03-26 15:46:27 PDT
Comment on attachment 366016 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=366016&action=review

> Source/WebCore/Modules/indexeddb/IDBRequest.cpp:342
>          m_transaction->abortDueToFailedRequest(DOMException::create(AbortError, "IDBTransaction will abort due to uncaught exception in an event handler"_s));

This is where causing the null pointer dereference.
Comment 4 Jiewen Tan 2019-03-27 14:37:52 PDT
Comment on attachment 366016 [details]
Patch

Per personal conversation with Brady, we agree to separate the IndexedDB fix from this bug. Will have a new patch soon.
Comment 5 Jiewen Tan 2019-03-27 17:35:08 PDT
A patch is uploaded in Bug 196319 for the indexed db fix. Since the test of the above patch depends on that other patch to not crash, I will upload a patch here after that one is landed.
Comment 6 Jiewen Tan 2019-03-28 14:29:58 PDT
Created attachment 366205 [details]
Patch
Comment 7 Jiewen Tan 2019-03-28 14:34:34 PDT
Comment on attachment 366205 [details]
Patch

Thanks, Alex.
Comment 8 WebKit Commit Bot 2019-03-28 16:47:06 PDT
Comment on attachment 366205 [details]
Patch

Clearing flags on attachment: 366205

Committed r243631: <https://trac.webkit.org/changeset/243631>
Comment 9 WebKit Commit Bot 2019-03-28 16:47:08 PDT
All reviewed patches have been landed.  Closing bug.