RESOLVED FIXED 276961
WebAuthn credential creation attempt causes a crash 
https://bugs.webkit.org/show_bug.cgi?id=276961
Summary WebAuthn credential creation attempt causes a crash
justin
Reported 2024-07-23 09:18:38 PDT
Created attachment 471946 [details] Javascript to cause crash OS: 15.0 Beta (24A5289h) Browser: Safari Technical Preview Release 199 (Safari 18.0, WebKit 20619.1.22.5) Safari crashes when trying to create a WebAuthn credential using the attached Javascript. This is happening on both iPhone and Mac. Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 AuthenticationServices 0x1028b3e1c 0x102848000 + 441884 1 AuthenticationServices 0x1028cde88 0x102848000 + 548488 2 WebKit 0x10ce6d2a4 WebKit::WebAuthenticatorCoordinatorProxy::requestsForAssertion(WebCore::PublicKeyCredentialRequestOptions const&, WebCore::SecurityOriginData const&, std::__1::optional<WebCore::SecurityOriginData> const&) + 2304 3 WebKit 0x10ce7b5e0 WebKit::WebAuthenticatorCoordinatorProxy::constructASController(WebKit::WebAuthenticationRequestData const&)::$_1::operator()(WebCore::PublicKeyCredentialRequestOptions const&) const + 60 4 WebKit 0x10ce7b598 decltype(std::declval<WTF::Visitor<WebKit::WebAuthenticatorCoordinatorProxy::constructASController(WebKit::WebAuthenticationRequestData const&)::$_0, WebKit::WebAuthenticatorCoordinatorProxy::constructASController(WebKit::WebAuthenticationRequestData const&)::$_1>>()(std::declval<WebCore::PublicKeyCredentialRequestOptions const&>())) std::__1::__invoke[abi:sn180100]<WTF::Visitor<WebKit::WebAuthenticatorCoordinatorProxy::constructASController(WebKit::WebAuthenticationRequestData const&)::$_0, WebKit::WebAuthenticatorCoordinatorProxy::constructASController(WebKit::WebAuthenticationRequestData const&)::$_1>, WebCore::PublicKeyCredentialRequestOptions const&>(WTF::Visitor<WebKit::WebAuthenticatorCoordinatorProxy::constructASController(WebKit::WebAuthenticationRequestData const&)::$_0, WebKit::WebAuthenticatorCoordinatorProxy::constructASController(WebKit::WebAuthenticationRequestData const&)::$_1>&&, WebCore::PublicKeyCredentialRequestOptions const&) + 40 5 WebKit 0x10ce7b560 decltype(auto) std::__1::__variant_detail::__visitation::__variant::__value_visitor<WTF::Visitor<WebKit::WebAuthenticatorCoordinatorProxy::constructASController(WebKit::WebAuthenticationRequestData const&)::$_0, WebKit::WebAuthenticatorCoordinatorProxy::constructASController(WebKit::WebAuthenticationRequestData const&)::$_1>>::operator()[abi:sn180100]<std::__1::__variant_detail::__alt<1ul, WebCore::PublicKeyCredentialRequestOptions> const&>(std::__1::__variant_detail::__alt<1ul, WebCore::PublicKeyCredentialRequestOptions> const&) const + 48
Attachments
Javascript to cause crash (2.29 KB, text/html)
2024-07-23 09:18 PDT, justin 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2024-07-23 12:31:11 PDT
<rdar://problem/132344331>
pascoe@apple.com
Comment 2 2024-07-23 13:23:28 PDT
https://github.com/WebKit/WebKit/pull/31126
EWS
Comment 3 2024-07-24 13:15:39 PDT
Committed 281310@main (7ab47afe1dea): <https://commits.webkit.org/281310@main> Reviewed commits have been landed. Closing PR #31126 and removing active labels.
EWS
Comment 4 2024-07-24 19:51:18 PDT
Committed 280938.120@safari-7619-branch (9561ec86a894): <https://commits.webkit.org/280938.120@safari-7619-branch> Reviewed commits have been landed. Closing PR #1487 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.