Bug 222126 - Fix null dereferencing in RangeResponseGenerator::giveResponseToTasksWithFinishedRanges
Summary: Fix null dereferencing in RangeResponseGenerator::giveResponseToTasksWithFini...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Alex Christensen
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-02-18 12:58 PST by Alex Christensen
Modified: 2021-02-18 15:14 PST (History)
1 user (show)

See Also:


Attachments
Patch (3.32 KB, patch)
2021-02-18 12:59 PST, Alex Christensen
no flags Details | Formatted Diff | Diff
Patch (3.83 KB, patch)
2021-02-18 13:15 PST, Alex Christensen
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Alex Christensen 2021-02-18 12:58:15 PST
Fix null dereferencing in RangeResponseGenerator::giveResponseToTasksWithFinishedRanges
Comment 1 Alex Christensen 2021-02-18 12:59:27 PST
Created attachment 420864 [details]
Patch
Comment 2 Darin Adler 2021-02-18 13:08:18 PST
Comment on attachment 420864 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=420864&action=review

> Source/WebCore/platform/network/cocoa/RangeResponseGenerator.mm:274
>          m_generator->giveResponseToTasksWithFinishedRanges(*data);

I think it’s clearer to write:

    protectedThis->m_generator->giveResponseToTasksWithFinishedRanges(*data);

But I’m not sure anyone else in this project agrees with me!

Also, I think that Ryosuke said our overall strategy is to protect differently than this; it would be the caller who should be doing ref/deref, not this function protecting itself. So the fix would be in RemoteMediaResourceManager::loadFinished, which should be using a RefPtr for its local variable.
Comment 3 Alex Christensen 2021-02-18 13:15:35 PST
Created attachment 420866 [details]
Patch
Comment 4 Alex Christensen 2021-02-18 15:14:49 PST
r273103