Bug 226189

Summary: _WKRemoteObjectRegistry should not call completion handlers if block signatures don't match or can't be found
Product: WebKit Reporter: Julian Gonzalez <julian_a_gonzalez>
Component: WebKit APIAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, beidson, cdumez, ggaren, rniwa, sam
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: macOS 11   
Attachments:
Description Flags
Patch
none
Patch none

Julian Gonzalez
Reported 2021-05-24 15:11:53 PDT
There is code in _WKRemoteObjectRegistry's _invokeMethod() to check reply blocks that does not fire if block signatures are incompatible (or there is no expected block signature). In this case, we'll perform the invocation with a nil reply block (at least in Release builds), which can cause crashes. <rdar://problem/70004926>
Attachments
Patch (2.17 KB, patch)
2021-05-24 15:16 PDT, Julian Gonzalez 		no flags
DetailsFormatted DiffDiff
Patch (2.10 KB, patch)
2021-05-24 15:51 PDT, Julian Gonzalez 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Julian Gonzalez
Comment 1 2021-05-24 15:16:39 PDT
Created attachment 429572 [details] Patch
Julian Gonzalez
Comment 2 2021-05-24 15:21:07 PDT
Rebasing.
Julian Gonzalez
Comment 3 2021-05-24 15:51:16 PDT
Created attachment 429580 [details] Patch
Chris Dumez
Comment 4 2021-05-25 17:39:54 PDT
Comment on attachment 429580 [details] Patch r=me
EWS
Comment 5 2021-05-25 18:19:17 PDT
Committed r278071 (238150@main): <https://commits.webkit.org/238150@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 429580 [details].
Note You need to log in before you can comment on or make changes to this bug.