RESOLVED FIXED 183686
[Curl] Fix crash on websocket with bad handshake message. 
https://bugs.webkit.org/show_bug.cgi?id=183686
Summary [Curl] Fix crash on websocket with bad handshake message.
Basuke Suzuki
Reported 2018-03-15 17:22:15 PDT
It was found by this existing test LayoutTests\http\tests\websocket\tests\hybi\bad-handshake-crash.html.
Attachments
PATCH (2.47 KB, patch)
2018-03-15 17:38 PDT, Basuke Suzuki 		youennf: review+
DetailsFormatted DiffDiff
FIX (2.48 KB, patch)
2018-03-16 10:11 PDT, Basuke Suzuki 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Basuke Suzuki
Comment 1 2018-03-15 17:38:52 PDT
Created attachment 335913 [details] PATCH
youenn fablet
Comment 2 2018-03-15 22:10:43 PDT
Comment on attachment 335913 [details] PATCH View in context: https://bugs.webkit.org/attachment.cgi?id=335913&action=review > Source/WebCore/platform/network/curl/SocketStreamHandleImplCurl.cpp:94 > + m_closed = true; In case platformClose() needs to be called elsewhere in the future, we could rewrite it as: if (m_closed) return; m_closed = true; ...
Basuke Suzuki
Comment 3 2018-03-16 08:23:51 PDT
(In reply to youenn fablet from comment #2) > Comment on attachment 335913 [details] > PATCH > > View in context: > https://bugs.webkit.org/attachment.cgi?id=335913&action=review > > > Source/WebCore/platform/network/curl/SocketStreamHandleImplCurl.cpp:94 > > + m_closed = true; > > In case platformClose() needs to be called elsewhere in the future, we could > rewrite it as: > if (m_closed) > return; > m_closed = true; > ... Right. There're many other crashes to be fixed following this bug. Such kind of protection may be required. Thanks for pointing out.
Basuke Suzuki
Comment 4 2018-03-16 10:11:03 PDT
Created attachment 335948 [details] FIX Thanks for r+ @youenn
WebKit Commit Bot
Comment 5 2018-03-16 13:56:06 PDT
Comment on attachment 335948 [details] FIX Clearing flags on attachment: 335948 Committed r229681: <https://trac.webkit.org/changeset/229681>
WebKit Commit Bot
Comment 6 2018-03-16 13:56:07 PDT
All reviewed patches have been landed. Closing bug.
Radar WebKit Bug Importer
Comment 7 2018-03-16 13:57:20 PDT
<rdar://problem/38557767>
Note You need to log in before you can comment on or make changes to this bug.