Bug 214699

Summary: [IPC hardening] Add nullptr checks for WebPage::m_activeColorChooser
Product: WebKit Reporter: David Kilzer (:ddkilzer) <ddkilzer>
Component: WebKit2Assignee: David Kilzer (:ddkilzer) <ddkilzer>
Status: RESOLVED FIXED    
Severity: Normal CC: bfulgham, darin, useafterfree, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: Other   
Hardware: Unspecified   
OS: Unspecified   
See Also: https://bugs.webkit.org/show_bug.cgi?id=148834
Bug Depends on:    
Bug Blocks: 214748    
Attachments:
Description Flags
Patch v1 none

David Kilzer (:ddkilzer)
Reported 2020-07-23 14:20:04 PDT
Add nullptr checks for WebPage::m_activeColorChooser. WebPage::m_activeColorChooser is a pointer that's initialized to nullptr, so it is not always set. <rdar://problem/65850975>
Attachments
Patch v1 (1.61 KB, patch)
2020-07-23 14:21 PDT, David Kilzer (:ddkilzer) 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
David Kilzer (:ddkilzer)
Comment 1 2020-07-23 14:21:12 PDT
Created attachment 405077 [details] Patch v1
Darin Adler
Comment 2 2020-07-23 15:00:57 PDT
Comment on attachment 405077 [details] Patch v1 Not clear what this has to do with IPC. Also, are there eventually test cases coming for this?
David Kilzer (:ddkilzer)
Comment 3 2020-07-23 17:19:38 PDT
(In reply to Darin Adler from comment #2) > Comment on attachment 405077 [details] > Patch v1 > > Not clear what this has to do with IPC. Also, are there eventually test > cases coming for this? Replied in radar.
David Kilzer (:ddkilzer)
Comment 4 2020-07-24 10:36:14 PDT
(In reply to David Kilzer (:ddkilzer) from comment #3) > (In reply to Darin Adler from comment #2) > > Comment on attachment 405077 [details] > > Patch v1 > > > > Not clear what this has to do with IPC. Also, are there eventually test > > cases coming for this? > > Replied in radar. Filed this to track adding a test case: Bug 214748: Add test case for nullptr checks in WebPage::m_activeColorChooser <https://bugs.webkit.org/show_bug.cgi?id=214748> This has to do with IPC since nullptr deref crashes can be hit in WebPage when sending unexpected IPC messages.
EWS
Comment 5 2020-07-24 10:40:28 PDT
Committed r264842: <https://trac.webkit.org/changeset/264842> All reviewed patches have been landed. Closing bug and clearing flags on attachment 405077 [details].
Note You need to log in before you can comment on or make changes to this bug.