RESOLVED FIXED311707
CredentialsContainer: performCommonChecks() should return RefPtr<Document> instead of bool 
https://bugs.webkit.org/show_bug.cgi?id=311707
Summary CredentialsContainer: performCommonChecks() should return RefPtr<Document&...
Marcos Caceres
Reported 2026-04-07 22:44:00 PDT
In CredentialsContainer.cpp, `get()` and `isCreate()` both call `performCommonChecks()` which checks for a null document internally via RefPtr, then immediately re-acquire the document via `Ref document = *this->document()` — relying on an implicit contract that the document is still non-null. ```cpp void CredentialsContainer::get(CredentialRequestOptions&& options, CredentialPromise&& promise) { if (!performCommonChecks(options, promise)) return; Ref document = *this->document(); // unsafe: re-acquires WeakPtr without null check ... } ``` The fix is to change `performCommonChecks()` to return `RefPtr<Document>` (or null on failure), so callers receive the document directly without re-acquiring the WeakPtr: ```cpp void CredentialsContainer::get(CredentialRequestOptions&& options, CredentialPromise&& promise) { RefPtr document = performCommonChecks(options, promise); if (!document) return; ... } ``` This makes the null-safety contract explicit and eliminates the implicit assumption. Note: This is pre-existing code. In practice the implicit contract holds soundly under WebKit's single-threaded execution model, but it violates the spirit of WebKit's safer-cpp guidelines.
Attachments
Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2026-04-07 22:44:07 PDT
<rdar://problem/174293959>
Marcos Caceres
Comment 2 2026-04-08 00:03:53 PDT
Pull request: https://github.com/WebKit/WebKit/pull/62256
EWS
Comment 3 2026-04-08 08:09:32 PDT
Committed 310779@main (acecc70c2382): <https://commits.webkit.org/310779@main> Reviewed commits have been landed. Closing PR #62256 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.