Bug 283307

Summary: CFNetwork URLRequest::initialize(CFDictionaryRef webKitSecureCodingDictionary) crashes when HTTP headers come in String -> String form
Product: WebKit Reporter: Pedro Varangot <pvarangot>
Component: New BugsAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: Other   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Test case
none
Library required to run test case none

Pedro Varangot
Reported 2024-11-18 11:32:18 PST
This is because it's iterating them like this: [headerFields enumerateKeysAndObjectsUsingBlock:^(NSString *name, NSArray<NSString *> *values, BOOL *stop) { for (NSString * value in values) { and that will call countByEnumeratingWithState:objects:count: on a String (it's an array method) and crash with invalid selector.
Attachments
Test case (9.01 KB, text/html)
2024-11-18 11:34 PST, Pedro Varangot 		no flags
Details
Library required to run test case (53.50 KB, application/x-javascript)
2024-11-18 11:35 PST, Pedro Varangot 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Pedro Varangot
Comment 1 2024-11-18 11:34:38 PST
Created attachment 473268 [details] Test case
Pedro Varangot
Comment 2 2024-11-18 11:35:00 PST
Created attachment 473269 [details] Library required to run test case
Pedro Varangot
Comment 3 2024-11-18 11:42:27 PST
Pull request: https://github.com/WebKit/WebKit/pull/36808
Pedro Varangot
Comment 4 2024-11-19 11:51:50 PST
<rdar://problem/139800100>
EWS
Comment 5 2024-11-20 16:36:24 PST
Committed 286883@main (1ad5fb316231): <https://commits.webkit.org/286883@main> Reviewed commits have been landed. Closing PR #36808 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.