NEW 180054
Dangerous downcast via static_cast for find delegate. 
https://bugs.webkit.org/show_bug.cgi?id=180054
Summary Dangerous downcast via static_cast for find delegate.
Jeremy Jones
Reported 2017-11-27 13:54:18 PST
WKWebView: - (void)_setFindDelegate:(id<_WKFindDelegate>)findDelegate { static_cast<WebKit::FindClient&>(_page->findClient()).setDelegate(findDelegate); } void WebPageProxy::close() ... m_findClient = std::make_unique<API::FindClient>(); Calling _setFindDelegate: after the PageProxy has been closed is unsafe.
Attachments
Patch (3.73 KB, patch)
2017-11-27 14:16 PST, Jeremy Jones 		achristensen: review-
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Jeremy Jones
Comment 1 2017-11-27 14:16:18 PST
Created attachment 327678 [details] Patch
Jeremy Jones
Comment 2 2017-11-27 14:18:51 PST
Related: https://bugs.webkit.org/show_bug.cgi?id=179849
Alex Christensen
Comment 3 2017-11-27 21:04:55 PST
Comment on attachment 327678 [details] Patch This is messy and kind of a layering violation. I think it would be better to set m_findClient to nullptr in WebPageProxy::close and check it for null everywhere we use it. There should also be an API test that exercises the bad behavior before the change.
Note You need to log in before you can comment on or make changes to this bug.