Title: [295650] trunk/Source/WebKit/UIProcess/mac/LegacySessionStateCoding.cpp
- Revision
- 295650
- Author
- beid...@apple.com
- Date
- 2022-06-17 16:56:37 -0700 (Fri, 17 Jun 2022)
Log Message
pas_panic_on_out_of_memory_error decoding large session state data blobs
https://bugs.webkit.org/show_bug.cgi?id=241486 and <rdar://90025974>
Reviewed by Tim Horton.
* Source/WebKit/UIProcess/mac/LegacySessionStateCoding.cpp:
(WebKit::encodeLegacySessionState): Try malloc, and gracefully handle failure.
This will result in some users losing session state blobs in large single tab use cases,
but is better than crashing the UI process.
Better handling these cases will be subject of followup work.
Canonical link: https://commits.webkit.org/251654@main
Modified Paths
Diff
Modified: trunk/Source/WebKit/UIProcess/mac/LegacySessionStateCoding.cpp (295649 => 295650)
--- trunk/Source/WebKit/UIProcess/mac/LegacySessionStateCoding.cpp 2022-06-17 23:56:33 UTC (rev 295649)
+++ trunk/Source/WebKit/UIProcess/mac/LegacySessionStateCoding.cpp 2022-06-17 23:56:37 UTC (rev 295650)
@@ -515,7 +515,9 @@
CFIndex length = CFDataGetLength(data.get());
size_t bufferSize = length + sizeof(uint32_t);
- auto buffer = MallocPtr<uint8_t, HistoryEntryDataEncoderMalloc>::malloc(bufferSize);
+ auto buffer = MallocPtr<uint8_t, HistoryEntryDataEncoderMalloc>::tryMalloc(bufferSize);
+ if (!buffer)
+ return nullptr;
// Put the session state version number at the start of the buffer
buffer.get()[0] = (sessionStateDataVersion & 0xff000000) >> 24;
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
