Bug 197115

Summary:

Web Inspector: Timelines: CPU: ensure that tracking stops when disconnecting Web Inspector

Product:

WebKit

Reporter:

Devin Rousso <hi>

Component:

Web Inspector

Assignee:

Devin Rousso <hi>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

commit-queue, ews-watchlist, hi, inspector-bugzilla-changes, joepeck, webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

All

OS:

All

Attachments:

Description	Flags
Patch	none

Description Devin Rousso 2019-04-19 14:02:31 PDT

It may be possible to UAF the `InspectorCPUProfilerAgent`, since it adds itself (via a C++ lambda) as an observer to another object.  If the inspector disconnects while actively recording, we currently don't remove that.

Comment 1 Devin Rousso 2019-04-19 14:02:42 PDT

<rdar://problem/49877875>

Comment 2 Devin Rousso 2019-04-19 14:03:33 PDT

Created attachment 367823 [details]
Patch

Comment 3 Joseph Pecoraro 2019-04-19 16:24:24 PDT

Comment on attachment 367823 [details]
Patch

r=me. Are there any other agents that could benefit from this?

Comment 4 Devin Rousso 2019-04-19 16:27:15 PDT

(In reply to Joseph Pecoraro from comment #3)
> r=me. Are there any other agents that could benefit from this?
I checked the other timelines agents, and all of them either weren't susceptible  or already had a "fix" for this issue.

Comment 5 WebKit Commit Bot 2019-04-19 17:33:26 PDT

Comment on attachment 367823 [details]
Patch

Clearing flags on attachment: 367823

Committed r244478: <https://trac.webkit.org/changeset/244478>

Comment 6 WebKit Commit Bot 2019-04-19 17:33:27 PDT

All reviewed patches have been landed.  Closing bug.