53957 – Crash after incorrectly restoring bogus session state.

Bug 53957 - Crash after incorrectly restoring bogus session state.

Summary: Crash after incorrectly restoring bogus session state.

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebKit2 (show other bugs)
Version:	528+ (Nightly build)
Hardware:	All All

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2011-02-07 16:13 PST by Brady Eidson
Modified:	2011-02-07 16:22 PST (History)
CC List:	1 user (show)

See Also:

Attachments
Patch v1 (2.51 KB, patch) 2011-02-07 16:21 PST, Brady Eidson	andersca: review+ beidson: commit-queue-	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Brady Eidson 2011-02-07 16:13:42 PST

If a WebBackForwardList is restored with a certain bogus session state as input (current index pointing past the end of the entry list), the page involved is likely to crash later down the line when that wrong entry is accessed.

In radar as <rdar://problem/8960434>

Comment 1 Brady Eidson 2011-02-07 16:21:06 PST

Created attachment 81549 [details]
Patch v1

Comment 2 Brady Eidson 2011-02-07 16:22:59 PST

Landed in r77861