RESOLVED FIXED Bug 230121
Potential crash under CachedRawResource::didAddClient() 
https://bugs.webkit.org/show_bug.cgi?id=230121
Summary Potential crash under CachedRawResource::didAddClient()
Chris Dumez
Reported 2021-09-09 13:26:04 PDT
Potential crash under CachedRawResource::didAddClient(): 50 WebCore: WebCore::SharedBuffer::forEachSegment(WTF::Function<void (WTF::Span<unsigned char const, 18446744073709551615ul> const&)> const&) const <== 50 WebCore: WebCore::CachedRawResource::didAddClient(WebCore::CachedResourceClient&)::$_0::operator()(WebCore::ResourceRequest&&)::'lambda'()::operator()() const 50 WebCore: WTF::Detail::CallableWrapper<WebCore::DocumentLoader::responseReceived(WebCore::ResourceResponse const&, WTF::CompletionHandler<void ()>&&)::$_4, void, WebCore::PolicyAction, WebCore::PolicyCheckIdentifier>::call(WebCore::PolicyAction, WebCore::PolicyCheckIdentifier) 50 WebKit: WebKit::WebFrameLoaderClient::dispatchDecidePolicyForResponse(WebCore::ResourceResponse const&, WebCore::ResourceRequest const&, WebCore::PolicyCheckIdentifier, WTF::String const&, WTF::Function<void (WebCore::PolicyAction, WebCore::PolicyCheckIdentifier)>&&)
Attachments
Patch (2.85 KB, patch)
2021-09-09 13:32 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Chris Dumez
Comment 1 2021-09-09 13:26:19 PDT
<rdar://82936913>
Chris Dumez
Comment 2 2021-09-09 13:32:07 PDT
Created attachment 437776 [details] Patch
EWS
Comment 3 2021-09-09 15:24:49 PDT
Committed r282241 (241524@main): <https://commits.webkit.org/241524@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 437776 [details].
Jean-Yves Avenard [:jya]
Comment 4 2021-12-22 16:05:45 PST
We can probably revert this following bug 233442. The inner Vector can't be modified while a SharedBuffer is in use anymore.
Note You need to log in before you can comment on or make changes to this bug.