225999 – CRASH: Null-pointer deref in MediaSessionManagerCocoa::setNowPlayingInfo()

Bug 225999 - CRASH: Null-pointer deref in MediaSessionManagerCocoa::setNowPlayingInfo()

Summary: CRASH: Null-pointer deref in MediaSessionManagerCocoa::setNowPlayingInfo()

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	New Bugs (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Jer Noble

URL:
Keywords:	InRadar

Depends on:	225183
Blocks:
	Show dependency tree / graph

Reported:	2021-05-19 18:00 PDT by Jer Noble
Modified:	2021-05-20 17:26 PDT (History)
CC List:	8 users (show)

See Also:	226058

Attachments
Patch (1.97 KB, patch) 2021-05-19 18:02 PDT, Jer Noble	no flags	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jer Noble 2021-05-19 18:00:06 PDT

CRASH: Null-pointer deref in MediaSessionManagerCocoa::setNowPlayingInfo()

Comment 1 Jer Noble 2021-05-19 18:00:32 PDT

<rdar://78232970>

Comment 2 Jer Noble 2021-05-19 18:02:14 PDT

Created attachment 429125 [details]
Patch

Comment 3 Jean-Yves Avenard [:jya] 2021-05-20 02:25:02 PDT

Following https://bugs.webkit.org/show_bug.cgi?id=225183 ; nowPlayingInfo.artwork->imageData can never be null.

Comment 4 Jer Noble 2021-05-20 08:37:04 PDT

(In reply to Jean-Yves Avenard [:jya] from comment #3)
> Following https://bugs.webkit.org/show_bug.cgi?id=225183 ;
> nowPlayingInfo.artwork->imageData can never be null.

Unfortunately, we're still seeing crashes even after that change landed.

If imageData can truly never be null, it should be a Ref<> and not a RefPtr<>, which would enforce this at compile time.

Comment 5 EWS 2021-05-20 08:41:48 PDT

Committed r277784 (237945@main): <https://commits.webkit.org/237945@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 429125 [details].