229301 – Release assert in ScriptController::canExecuteScripts via WebCore::WebSocket::didReceiveMessage

Bug 229301 - Release assert in ScriptController::canExecuteScripts via WebCore::WebSocket::didReceiveMessage

Summary: Release assert in ScriptController::canExecuteScripts via WebCore::WebSocket:...

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Web Inspector (show other bugs)
Version:	WebKit Nightly Build
Hardware:	All All

Importance:	P2 Normal
Assignee:	Patrick Angle

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2021-08-19 11:23 PDT by Patrick Angle
Modified:	2021-08-20 10:31 PDT (History)
CC List:	8 users (show)

See Also:

Attachments
Patch v1.0 (3.26 KB, patch) 2021-08-19 12:24 PDT, Patrick Angle	no flags	Details \| Formatted Diff \| Diff
Patch v1.1 - Added test coverage (10.58 KB, patch) 2021-08-19 14:13 PDT, Patrick Angle	no flags	Details \| Formatted Diff \| Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Patrick Angle 2021-08-19 11:23:53 PDT

Steps to reproduce:
1. Go to http://socketo.me/demo
2. Enter a test account name, like Test1
3. Click the General Join button above the navy rectangle.
4. In another browser (or another window) go to the same page, enter a second test username, and join the same General room.
5. Have each “user” send a message and confirm it arrives in the other session.
6. Open Web Inspector in the first session and type debugger in the console to pause execution.
7. From the second session, send another message.
8. From the first session, resume script execution from Web Inspector.
9. The web content process crashes with a release security assert in WebCore::ScriptController::canExecuteScripts.

Comment 1 Patrick Angle 2021-08-19 11:24:02 PDT

<rdar://79244774>

Comment 2 Patrick Angle 2021-08-19 12:24:19 PDT

Created attachment 435894 [details]
Patch v1.0

Comment 3 Ryosuke Niwa 2021-08-19 12:35:03 PDT

Comment on attachment 435894 [details]
Patch v1.0

View in context: https://bugs.webkit.org/attachment.cgi?id=435894&action=review

> Source/WebCore/ChangeLog:12
> +

Can we add a test?

Comment 4 Patrick Angle 2021-08-19 14:13:25 PDT

Created attachment 435903 [details]
Patch v1.1 - Added test coverage

Comment 5 EWS 2021-08-20 10:31:44 PDT

Committed r281323 (240740@main): <https://commits.webkit.org/240740@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 435903 [details].