28149 – Ensure embedders can't crash WebKit by updating visited links before Page creation

RESOLVED FIXED Bug 28149

Ensure embedders can't crash WebKit by updating visited links before Page creation

https://bugs.webkit.org/show_bug.cgi?id=28149

Summary Ensure embedders can't crash WebKit by updating visited links before Page cre...

Dimitri Glazkov (Google)

Reported 2009-08-10 09:25:27 PDT

I discovered this while troubleshooting a crash on Chromium, but it seems like it may be applicable to other ports. Depending on how visited link state is managed, the embedder may not be aware that a Page constructor has never been called and invoke visited state change methods prematurely. The logical way to handle this is to exit early (since there's no pages, there's nothing to update).

Attachments
Provide graceful handling for premature visited state change updates, v1. (1.61 KB, patch) 2009-08-10 09:30 PDT, Dimitri Glazkov (Google)	darin: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Dimitri Glazkov (Google)

Comment 1 2009-08-10 09:30:59 PDT

Created attachment 34479 [details] Provide graceful handling for premature visited state change updates, v1. WebCore/ChangeLog | 12 ++++++++++++ WebCore/page/Page.cpp | 8 ++++++-- 2 files changed, 18 insertions(+), 2 deletions(-)

Dimitri Glazkov (Google)

Comment 2 2009-08-10 11:10:57 PDT

Landed as http://trac.webkit.org/changeset/46987.

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware All

OS All

Product WebKit

Component WebCore Misc.

Assignee

Nobody

Reported

2009-08-10 09:25 PDT

Modified

2009-08-10 11:10 PDT History

CC List

1 user Show

URL

Keywords

Depends on

Blocks