Bug 303438

Summary: [WebXR Hit Test] Crashing due to empty Ref<WebXRHitTestResult> returned by WebXRFrame::getHitTestResults
Product: WebKit Reporter: Fujii Hironori <fujii.hironori>
Component: WebXRAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: djg, kkinnunen, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 300754    

Fujii Hironori
Reported 2025-12-02 16:54:18 PST
[WebXR Hit Test] Crashing due to empty Ref<WebXRHitTestResult> returned by WebXRFrame::getHitTestResults > Vector<Ref<WebXRHitTestResult>> results(platformResults->value.size()); > for (auto& platformResult : platformResults->value) > results.append(WebXRHitTestResult::create(*this, platformResult)); > return results; This is misuse of Vector. This code adds empty items to results.
Attachments
Add attachment proposed patch, testcase, etc.
Fujii Hironori
Comment 1 2025-12-02 17:06:13 PST
Pull request: https://github.com/WebKit/WebKit/pull/54739
EWS
Comment 2 2025-12-03 00:09:05 PST
Committed 303814@main (1bac13ec19e9): <https://commits.webkit.org/303814@main> Reviewed commits have been landed. Closing PR #54739 and removing active labels.
Radar WebKit Bug Importer
Comment 3 2025-12-03 00:10:12 PST
<rdar://problem/165745682>
Note You need to log in before you can comment on or make changes to this bug.