Skip to site navigation (Press enter)

[webkit-changes] [259605] branches/safari-609-branch/Source/WebKit

alancoon Mon, 06 Apr 2020 16:06:25 -0700

Title: [259605] branches/safari-609-branch/Source/WebKit

Revision: 259605
Author: alanc...@apple.com
Date: 2020-04-06 16:05:26 -0700 (Mon, 06 Apr 2020)

Log Message

Cherry-pick r259580. rdar://problem/61352477


    CrashTracer: MobileSafari at WebKit: WebKit::SystemPreviewController::updateProgress
    https://bugs.webkit.org/show_bug.cgi?id=210040
    rdar://51410841

    Reviewed by Darin Adler.

    It appears that the SystemPreviewController on WebPageProxy can
    become null causing a call to an in-progress download to crash
    as it tries to talk to the QuickLook delegate. Guard against this
    by checking the SystemPreviewController each time.

    * UIProcess/Cocoa/DownloadClient.mm:
    (WebKit::systemPreviewController):
    (WebKit::DownloadClient::didReceiveResponse):
    (WebKit::DownloadClient::didReceiveData):
    (WebKit::DownloadClient::processDidCrash):
    (WebKit::DownloadClient::didFinish):
    (WebKit::DownloadClient::didFail):
    (WebKit::DownloadClient::didCancel):

    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259580 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Modified Paths

branches/safari-609-branch/Source/WebKit/ChangeLog
branches/safari-609-branch/Source/WebKit/UIProcess/Cocoa/DownloadClient.mm

Diff

Modified: branches/safari-609-branch/Source/WebKit/ChangeLog (259604 => 259605)


--- branches/safari-609-branch/Source/WebKit/ChangeLog	2020-04-06 23:05:24 UTC (rev 259604)
+++ branches/safari-609-branch/Source/WebKit/ChangeLog	2020-04-06 23:05:26 UTC (rev 259605)
@@ -1,5 +1,53 @@
 2020-04-06  Alan Coon  <alanc...@apple.com>
 
+        Cherry-pick r259580. rdar://problem/61352477
+
+    CrashTracer: MobileSafari at WebKit: WebKit::SystemPreviewController::updateProgress
+    https://bugs.webkit.org/show_bug.cgi?id=210040
+    rdar://51410841
+    
+    Reviewed by Darin Adler.
+    
+    It appears that the SystemPreviewController on WebPageProxy can
+    become null causing a call to an in-progress download to crash
+    as it tries to talk to the QuickLook delegate. Guard against this
+    by checking the SystemPreviewController each time.
+    
+    * UIProcess/Cocoa/DownloadClient.mm:
+    (WebKit::systemPreviewController):
+    (WebKit::DownloadClient::didReceiveResponse):
+    (WebKit::DownloadClient::didReceiveData):
+    (WebKit::DownloadClient::processDidCrash):
+    (WebKit::DownloadClient::didFinish):
+    (WebKit::DownloadClient::didFail):
+    (WebKit::DownloadClient::didCancel):
+    
+    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259580 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+    2020-04-06  Dean Jackson  <d...@apple.com>
+
+            CrashTracer: MobileSafari at WebKit: WebKit::SystemPreviewController::updateProgress
+            https://bugs.webkit.org/show_bug.cgi?id=210040
+            rdar://51410841
+
+            Reviewed by Darin Adler.
+
+            It appears that the SystemPreviewController on WebPageProxy can
+            become null causing a call to an in-progress download to crash
+            as it tries to talk to the QuickLook delegate. Guard against this
+            by checking the SystemPreviewController each time.
+
+            * UIProcess/Cocoa/DownloadClient.mm:
+            (WebKit::systemPreviewController):
+            (WebKit::DownloadClient::didReceiveResponse):
+            (WebKit::DownloadClient::didReceiveData):
+            (WebKit::DownloadClient::processDidCrash):
+            (WebKit::DownloadClient::didFinish):
+            (WebKit::DownloadClient::didFail):
+            (WebKit::DownloadClient::didCancel):
+
+2020-04-06  Alan Coon  <alanc...@apple.com>
+
         Cherry-pick r259315. rdar://problem/61352448
 
     Regression(r253357) DeviceMotionEvent acceleration and rotationRate are null

Modified: branches/safari-609-branch/Source/WebKit/UIProcess/Cocoa/DownloadClient.mm (259604 => 259605)


--- branches/safari-609-branch/Source/WebKit/UIProcess/Cocoa/DownloadClient.mm	2020-04-06 23:05:24 UTC (rev 259604)
+++ branches/safari-609-branch/Source/WebKit/UIProcess/Cocoa/DownloadClient.mm	2020-04-06 23:05:26 UTC (rev 259605)
@@ -65,6 +65,16 @@
     m_delegateMethods.downloadProcessDidCrash = [delegate respondsToSelector:@selector(_downloadProcessDidCrash:)];
 }
 
+#if USE(SYSTEM_PREVIEW)
+static SystemPreviewController* systemPreviewController(DownloadProxy& downloadProxy)
+{
+    auto* page = downloadProxy.originatingPage();
+    if (!page)
+        return nullptr;
+    return page->systemPreviewController();
+}
+#endif
+
 void DownloadClient::didStart(DownloadProxy& downloadProxy)
 {
 #if USE(SYSTEM_PREVIEW)
@@ -88,8 +98,8 @@
     if (downloadProxy.isSystemPreviewDownload() && response.isSuccessful()) {
         downloadProxy.setExpectedContentLength(response.expectedContentLength());
         downloadProxy.setBytesLoaded(0);
-        if (auto* webPage = downloadProxy.originatingPage())
-            webPage->systemPreviewController()->updateProgress(0);
+        if (auto* controller = systemPreviewController(downloadProxy))
+            controller->updateProgress(0);
         return;
     }
 #endif
@@ -103,8 +113,8 @@
 #if USE(SYSTEM_PREVIEW)
     if (downloadProxy.isSystemPreviewDownload()) {
         downloadProxy.setBytesLoaded(downloadProxy.bytesLoaded() + length);
-        if (auto* webPage = downloadProxy.originatingPage())
-            webPage->systemPreviewController()->updateProgress(static_cast<float>(downloadProxy.bytesLoaded()) / downloadProxy.expectedContentLength());
+        if (auto* controller = systemPreviewController(downloadProxy))
+            controller->updateProgress(static_cast<float>(downloadProxy.bytesLoaded()) / downloadProxy.expectedContentLength());
         return;
     }
 #endif
@@ -164,8 +174,8 @@
 {
 #if USE(SYSTEM_PREVIEW)
     if (downloadProxy.isSystemPreviewDownload()) {
-        if (auto* webPage = downloadProxy.originatingPage())
-            webPage->systemPreviewController()->cancel();
+        if (auto* controller = systemPreviewController(downloadProxy))
+            controller->cancel();
         releaseActivityTokenIfNecessary(downloadProxy);
         return;
     }
@@ -209,11 +219,11 @@
 {
 #if USE(SYSTEM_PREVIEW)
     if (downloadProxy.isSystemPreviewDownload()) {
-        if (auto* webPage = downloadProxy.originatingPage()) {
+        if (auto* controller = systemPreviewController(downloadProxy)) {
             WTF::URL destinationURL = WTF::URL::fileURLWithFileSystemPath(downloadProxy.destinationFilename());
             if (!destinationURL.fragmentIdentifier().length())
                 destinationURL.setFragmentIdentifier(downloadProxy.request().url().fragmentIdentifier());
-            webPage->systemPreviewController()->finish(destinationURL);
+            controller->finish(destinationURL);
         }
         releaseActivityTokenIfNecessary(downloadProxy);
         return;
@@ -228,8 +238,8 @@
 {
 #if USE(SYSTEM_PREVIEW)
     if (downloadProxy.isSystemPreviewDownload()) {
-        if (auto* webPage = downloadProxy.originatingPage())
-            webPage->systemPreviewController()->fail(error);
+        if (auto* controller = systemPreviewController(downloadProxy))
+            controller->fail(error);
         releaseActivityTokenIfNecessary(downloadProxy);
         return;
     }
@@ -243,8 +253,8 @@
 {
 #if USE(SYSTEM_PREVIEW)
     if (downloadProxy.isSystemPreviewDownload()) {
-        if (auto* webPage = downloadProxy.originatingPage())
-            webPage->systemPreviewController()->cancel();
+        if (auto* controller = systemPreviewController(downloadProxy))
+            controller->cancel();
         releaseActivityTokenIfNecessary(downloadProxy);
         return;
     }

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes