Bug 225999

Summary:

CRASH: Null-pointer deref in MediaSessionManagerCocoa::setNowPlayingInfo()

Product:

WebKit

Reporter:

Jer Noble <jer.noble>

Component:

New Bugs

Assignee:

Jer Noble <jer.noble>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

eric.carlson, ews-watchlist, glenn, jean-yves.avenard, peng.liu6, philipj, sergio, webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

See Also:

https://bugs.webkit.org/show_bug.cgi?id=226058

Bug Depends on:

225183

Bug Blocks:

Attachments:

Description	Flags
Patch	none

Description Jer Noble 2021-05-19 18:00:06 PDT

CRASH: Null-pointer deref in MediaSessionManagerCocoa::setNowPlayingInfo()

Comment 1 Jer Noble 2021-05-19 18:00:32 PDT

<rdar://78232970>

Comment 2 Jer Noble 2021-05-19 18:02:14 PDT

Created attachment 429125 [details]
Patch

Comment 3 Jean-Yves Avenard [:jya] 2021-05-20 02:25:02 PDT

Following https://bugs.webkit.org/show_bug.cgi?id=225183 ; nowPlayingInfo.artwork->imageData can never be null.

Comment 4 Jer Noble 2021-05-20 08:37:04 PDT

(In reply to Jean-Yves Avenard [:jya] from comment #3)
> Following https://bugs.webkit.org/show_bug.cgi?id=225183 ;
> nowPlayingInfo.artwork->imageData can never be null.

Unfortunately, we're still seeing crashes even after that change landed.

If imageData can truly never be null, it should be a Ref<> and not a RefPtr<>, which would enforce this at compile time.

Comment 5 EWS 2021-05-20 08:41:48 PDT

Committed r277784 (237945@main): <https://commits.webkit.org/237945@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 429125 [details].