RESOLVED FIXED 187823
Null pointer dereference under WebPage::autofillLoginCredentials() 
https://bugs.webkit.org/show_bug.cgi?id=187823
Summary Null pointer dereference under WebPage::autofillLoginCredentials()
Chris Dumez
Reported 2018-07-19 15:02:58 PDT
Null pointer dereference under WebPage::autofillLoginCredentials(): Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Subtype: KERN_INVALID_ADDRESS at 0x0000000000000014 VM Region Info: 0x14 is not in any region. Bytes before following region: 4372545516 REGION TYPE START - END [ VSIZE] PRT/MAX SHRMOD REGION DETAIL UNUSED SPACE AT START ---> __TEXT 00000001049fc000-0000000104a00000 [ 16K] r-x/r-x SM=COW ...it.WebContent Termination Signal: Segmentation fault: 11 Termination Reason: Namespace SIGNAL, Code 0xb Terminating Process: exc handler [319] Triggered by Thread: 0 Thread 0 name: Dispatch queue: com.apple.main-thread Thread 0 Crashed ↩: 0 WebKit 0x000000020a860a4c WebKit::WebPage::autofillLoginCredentials(WTF::String const&, WTF::String const&) + 28 (HTMLElement.h:159) 1 WebKit 0x000000020a867710 WebKit::WebPage::didReceiveWebPageMessage(IPC::Connection&, IPC::Decoder&) + 6832 (HandleMessage.h:41) 2 WebKit 0x000000020a867710 WebKit::WebPage::didReceiveWebPageMessage(IPC::Connection&, IPC::Decoder&) + 6832 (HandleMessage.h:41) 3 WebKit 0x000000020a68f5bc IPC::MessageReceiverMap::dispatchMessage(IPC::Connection&, IPC::Decoder&) + 120 (MessageReceiverMap.cpp:0) 4 WebKit 0x000000020a8e39e8 WebKit::WebProcess::didReceiveMessage(IPC::Connection&, IPC::Decoder&) + 36 (WebProcess.cpp:642) 5 WebKit 0x000000020a651d6c IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >) + 176 (Connection.cpp:940) 6 WebKit 0x000000020a654ea0 IPC::Connection::dispatchOneIncomingMessage() + 232 (Connection.cpp:1036) 7 JavaScriptCore 0x00000002020664a8 WTF::RunLoop::performWork() + 276 (Function.h:56) 8 JavaScriptCore 0x0000000202066770 WTF::RunLoop::performWork(void*) + 36 (RunLoopCF.cpp:38) 9 CoreFoundation 0x00000001fa3493cc __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 24 (CFRunLoop.c:1980) 10 CoreFoundation 0x00000001fa34934c __CFRunLoopDoSource0 + 88 (CFRunLoop.c:2015) 11 CoreFoundation 0x00000001fa348c2c __CFRunLoopDoSources0 + 176 (CFRunLoop.c:2051) 12 CoreFoundation 0x00000001fa343ad0 __CFRunLoopRun + 1044 (CFRunLoop.c:2922) 13 CoreFoundation 0x00000001fa343398 CFRunLoopRunSpecific + 436 (CFRunLoop.c:3247) 14 Foundation 0x00000001fad34a84 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 300 (NSRunLoop.m:367) 15 Foundation 0x00000001fad7081c -[NSRunLoop(NSRunLoop) run] + 88 (NSRunLoop.m:389) 16 libxpc.dylib 0x00000001fa014040 _xpc_objc_main + 532 (main.m:170) 17 libxpc.dylib 0x00000001fa016a80 xpc_main + 184 (init.c:1471) 18 com.apple.WebKit.WebContent 0x00000001049ff59c main + 380 (XPCServiceMain.mm:160) 19 libdyld.dylib 0x00000001f9e02f34 start + 4
Attachments
Patch (1.62 KB, patch)
2018-07-19 15:04 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Chris Dumez
Comment 1 2018-07-19 15:03:17 PDT
<rdar://problem/37152195>
Chris Dumez
Comment 2 2018-07-19 15:04:15 PDT
Created attachment 345388 [details] Patch
David Kilzer (:ddkilzer)
Comment 3 2018-07-19 20:27:57 PDT
Comment on attachment 345388 [details] Patch r=me
WebKit Commit Bot
Comment 4 2018-07-19 21:54:06 PDT
Comment on attachment 345388 [details] Patch Clearing flags on attachment: 345388 Committed r234023: <https://trac.webkit.org/changeset/234023>
WebKit Commit Bot
Comment 5 2018-07-19 21:54:08 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.