Title: [254662] trunk
- Revision
- 254662
- Author
- rn...@webkit.org
- Date
- 2020-01-15 19:02:24 -0800 (Wed, 15 Jan 2020)
Log Message
Nullptr crash in DocumentLoader::clearMainResourceLoader
https://bugs.webkit.org/show_bug.cgi?id=206204
Source/WebCore:
Patch by Pinki Gyanchandani <pgyanchand...@apple.com> on 2020-01-15
Reviewed by Ryosuke Niwa.
Test: loader/change-src-during-iframe-load-crash.html
* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::frameLoader const):
(WebCore::DocumentLoader::clearMainResourceLoader):
LayoutTests:
Added a NULL pointer check for FrameLoader. If FramLoader is NULL then return instead of
accessing activeDocumentLoader.
Patch by Pinki Gyanchandani <pgyanchand...@apple.com> on 2020-01-15
Reviewed by Ryosuke Niwa.
* loader/change-src-during-iframe-load-crash-expected.txt: Added.
* loader/change-src-during-iframe-load-crash.html: Added.
Modified Paths
Added Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (254661 => 254662)
--- trunk/LayoutTests/ChangeLog 2020-01-16 02:23:39 UTC (rev 254661)
+++ trunk/LayoutTests/ChangeLog 2020-01-16 03:02:24 UTC (rev 254662)
@@ -1,3 +1,16 @@
+2020-01-15 Pinki Gyanchandani <pgyanchand...@apple.com>
+
+ Nullptr crash in DocumentLoader::clearMainResourceLoader
+ https://bugs.webkit.org/show_bug.cgi?id=206204
+
+ Added a NULL pointer check for FrameLoader. If FramLoader is NULL then return instead of
+ accessing activeDocumentLoader.
+
+ Reviewed by Ryosuke Niwa.
+
+ * loader/change-src-during-iframe-load-crash-expected.txt: Added.
+ * loader/change-src-during-iframe-load-crash.html: Added.
+
2020-01-15 Said Abou-Hallawa <sabouhall...@apple.com>
[SVG2]: Implement support for the 'pathLength' attribute
Added: trunk/LayoutTests/loader/change-src-during-iframe-load-crash-expected.txt (0 => 254662)
--- trunk/LayoutTests/loader/change-src-during-iframe-load-crash-expected.txt (rev 0)
+++ trunk/LayoutTests/loader/change-src-during-iframe-load-crash-expected.txt 2020-01-16 03:02:24 UTC (rev 254662)
@@ -0,0 +1 @@
+The test is declared pass if there is no crash observed.
Added: trunk/LayoutTests/loader/change-src-during-iframe-load-crash.html (0 => 254662)
--- trunk/LayoutTests/loader/change-src-during-iframe-load-crash.html (rev 0)
+++ trunk/LayoutTests/loader/change-src-during-iframe-load-crash.html 2020-01-16 03:02:24 UTC (rev 254662)
@@ -0,0 +1,27 @@
+<html>
+<script>
+
+let didLoad = false;
+let didFinishTesting = false;
+
+function load() {
+ document.body.innerHTML = 'The test is declared pass if there is no crash observed.';
+ didLoad =true;
+ if (window.testRunner) {
+ testRunner.dumpAsText();
+ if(!didFinishTesting)
+ testRunner.waitUntilDone();
+ }
+}
+
+function didLoadFrame2() {
+ iframe1.srcdoc = "x";
+ didFinishTesting = true;
+ if (window.testRunner && didLoad)
+ testRunner.notifyDone();
+}
+
+</script>
+<body _onload_="load()">
+<iframe id="iframe1" src=""
+<iframe id="iframe2" _onload_="didLoadFrame2()" srcdoc="y">
Modified: trunk/Source/WebCore/ChangeLog (254661 => 254662)
--- trunk/Source/WebCore/ChangeLog 2020-01-16 02:23:39 UTC (rev 254661)
+++ trunk/Source/WebCore/ChangeLog 2020-01-16 03:02:24 UTC (rev 254662)
@@ -1,3 +1,16 @@
+2020-01-15 Pinki Gyanchandani <pgyanchand...@apple.com>
+
+ Nullptr crash in DocumentLoader::clearMainResourceLoader
+ https://bugs.webkit.org/show_bug.cgi?id=206204
+
+ Reviewed by Ryosuke Niwa.
+
+ Test: loader/change-src-during-iframe-load-crash.html
+
+ * loader/DocumentLoader.cpp:
+ (WebCore::DocumentLoader::frameLoader const):
+ (WebCore::DocumentLoader::clearMainResourceLoader):
+
2020-01-15 Zalan Bujtas <za...@apple.com>
[LFC][IFC] LineBreaker::shouldWrapInlineContent should take the candidate content width
Modified: trunk/Source/WebCore/loader/DocumentLoader.cpp (254661 => 254662)
--- trunk/Source/WebCore/loader/DocumentLoader.cpp 2020-01-16 02:23:39 UTC (rev 254661)
+++ trunk/Source/WebCore/loader/DocumentLoader.cpp 2020-01-16 03:02:24 UTC (rev 254662)
@@ -1272,7 +1272,12 @@
{
m_loadingMainResource = false;
- if (this == frameLoader()->activeDocumentLoader())
+ auto* frameLoader = this->frameLoader();
+
+ if (!frameLoader)
+ return;
+
+ if (this == frameLoader->activeDocumentLoader())
checkLoadComplete();
}
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes