RESOLVED FIXED 195741
[Win][WK1] Null dereference in WebFrameNetworkingContext::storageSession 
https://bugs.webkit.org/show_bug.cgi?id=195741
Summary [Win][WK1] Null dereference in WebFrameNetworkingContext::storageSession
Fujii Hironori
Reported 2019-03-14 03:37:25 PDT
[WinCairo][WK1][curl] Null dereference in WebFrameNetworkingContext::storageSession I saw the following crash while browsing web sites with WinCairo WK1 MiniBrowser (trunk@242931). I don't know exact repro steps. frame()->page() was null in WebFrameNetworkingContext::storageSession(). Callstack: > WebKit.dll!PAL::SessionID::isEphemeral() Line 54 C++ > WebKit.dll!WebCore::Page::usesEphemeralSession() Line 602 C++ > WebKit.dll!WebFrameNetworkingContext::storageSession() Line 112 C++ > WebKit.dll!WebCore::handleCookieHeaders(WebCore::ResourceHandleInternal * d, const WebCore::ResourceRequest & request, const WebCore::CurlResponse & response) Line 92 C++ > WebKit.dll!WebCore::CurlResourceHandleDelegate::curlDidReceiveResponse(WebCore::CurlRequest & request, const WebCore::CurlResponse & receivedResponse) Line 117 C++ > WebKit.dll!WebCore::CurlRequest::invokeDidReceiveResponse::<unnamed-tag>::operator()(WebCore::CurlRequest & request, WebCore::CurlRequestClient & client) Line 558 C++ > WebKit.dll!WTF::Function<void (WebCore::CurlRequest &, WebCore::CurlRequestClient &)>::CallableWrapper<`lambda at ..\..\Source\WebCore\platform\network\curl\CurlRequest.cpp:556:16'>::call(WebCore::CurlRequest & in, WebCore::CurlRequestClient & in) Line 102 C++ > WebKit.dll!WTF::Function<void (WebCore::CurlRequest &, WebCore::CurlRequestClient &)>::operator()(WebCore::CurlRequest & in, WebCore::CurlRequestClient & in) Line 57 C++ > WebKit.dll!WebCore::CurlRequest::callClient::<unnamed-tag>::operator()() Line 165 C++ > WebKit.dll!WTF::Function<void ()>::CallableWrapper<`lambda at ..\..\Source\WebCore\platform\network\curl\CurlRequest.cpp:163:21'>::call() Line 102 C++ > WTF.dll!WTF::Function<void ()>::operator()() Line 57 C++ > WTF.dll!WTF::dispatchFunctionsFromMainThread() Line 115 C++ > WTF.dll!WTF::ThreadingWindowWndProc(HWND__ * hWnd, unsigned int message, unsigned __int64 wParam, __int64 lParam) Line 48 C++ > [External Code] > WebKit.dll!WebKitMessageLoop::run(HACCEL__ * hAccelTable) Line 94 C++ > MiniBrowserLib.dll!wWinMain(HINSTANCE__ * hInstance, HINSTANCE__ * hPrevInstance, wchar_t * lpstrCmdLine, int nCmdShow) Line 87 C++ > MiniBrowserLib.dll!dllLauncherEntryPoint(HINSTANCE__ * hInstance, HINSTANCE__ * hPrevInstance, wchar_t * lpstrCmdLine, int nCmdShow) Line 105 C++ > MiniBrowser.exe!wWinMain(HINSTANCE__ * hInstance, HINSTANCE__ * hPrevInstance, wchar_t * lpstrCmdLine, int nCmdShow) Line 232 C++ > [External Code]
Attachments
Patch (3.01 KB, patch)
2019-03-15 02:57 PDT, Fujii Hironori 		no flags
DetailsFormatted DiffDiff
Patch (2.99 KB, patch)
2019-03-15 03:49 PDT, Fujii Hironori 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Fujii Hironori
Comment 1 2019-03-15 02:04:34 PDT
One of LayoutTests crashes with the same backtrace. > python ./Tools/Scripts/run-webkit-tests --debug --wincairo --no-new-test-results --no-retry-failures --dump-render-tree http/tests/ssl/ping-with-unsafe-redirect.html http/tests/ssl/referer-301.html
Fujii Hironori
Comment 2 2019-03-15 02:09:26 PDT
Mac port WK1 fixed it. Windows port should do the same. Bug 183455 – Possible null dereference of the page under WebFrameNetworkingContext::storageSession()
Fujii Hironori
Comment 3 2019-03-15 02:34:24 PDT
Unskpped http/tests/ssl tests. https://trac.webkit.org/changeset/242993/
Fujii Hironori
Comment 4 2019-03-15 02:57:15 PDT
Created attachment 364784 [details] Patch
Fujii Hironori
Comment 5 2019-03-15 03:49:10 PDT
Created attachment 364788 [details] Patch
Fujii Hironori
Comment 6 2019-03-17 19:17:27 PDT
Comment on attachment 364788 [details] Patch Clearing flags on attachment: 364788 Committed r243055: <https://trac.webkit.org/changeset/243055>
Fujii Hironori
Comment 7 2019-03-17 19:17:29 PDT
All reviewed patches have been landed. Closing bug.
Radar WebKit Bug Importer
Comment 8 2019-03-17 19:18:19 PDT
<rdar://problem/48967519>
Note You need to log in before you can comment on or make changes to this bug.