It was found by this existing test LayoutTests\http\tests\websocket\tests\hybi\bad-handshake-crash.html.
Created attachment 335913 [details] PATCH
Comment on attachment 335913 [details] PATCH View in context: https://bugs.webkit.org/attachment.cgi?id=335913&action=review > Source/WebCore/platform/network/curl/SocketStreamHandleImplCurl.cpp:94 > + m_closed = true; In case platformClose() needs to be called elsewhere in the future, we could rewrite it as: if (m_closed) return; m_closed = true; ...
(In reply to youenn fablet from comment #2) > Comment on attachment 335913 [details] > PATCH > > View in context: > https://bugs.webkit.org/attachment.cgi?id=335913&action=review > > > Source/WebCore/platform/network/curl/SocketStreamHandleImplCurl.cpp:94 > > + m_closed = true; > > In case platformClose() needs to be called elsewhere in the future, we could > rewrite it as: > if (m_closed) > return; > m_closed = true; > ... Right. There're many other crashes to be fixed following this bug. Such kind of protection may be required. Thanks for pointing out.
Created attachment 335948 [details] FIX Thanks for r+ @youenn
Comment on attachment 335948 [details] FIX Clearing flags on attachment: 335948 Committed r229681: <https://trac.webkit.org/changeset/229681>
All reviewed patches have been landed. Closing bug.
<rdar://problem/38557767>