[webkit-changes] [260299] trunk/Source/WebKit

[ddkilzer]

Title: [260299] trunk/Source/WebKit

Revision

260299

Author

ddkil...@apple.com

Date

2020-04-17 16:06:59 -0700 (Fri, 17 Apr 2020)

Log Message

Bug 210646: REGRESSION (r260112): createArchiveList() leaks malloc memory on early returns due to an error
<https://webkit.org/b/210646>
<rdar://problem/61928031>

Reviewed by Darin Adler.

* Shared/mac/WebCoreArgumentCodersMac.mm:
(IPC::createArchiveList):
- Move early returns for protocolProperties, protocolProperties
  and mimeType above memory allocation to fix the memory leak.

Modified Paths

• trunk/Source/WebKit/ChangeLog
• trunk/Source/WebKit/Shared/mac/WebCoreArgumentCodersMac.mm

Diff

Modified: trunk/Source/WebKit/ChangeLog (260298 => 260299)

--- trunk/Source/WebKit/ChangeLog	2020-04-17 23:05:37 UTC (rev 260298)
+++ trunk/Source/WebKit/ChangeLog	2020-04-17 23:06:59 UTC (rev 260299)
@@ -1,3 +1,16 @@
+2020-04-17  David Kilzer  <ddkil...@apple.com>
+
+        Bug 210646: REGRESSION (r260112): createArchiveList() leaks malloc memory on early returns due to an error
+        <https://webkit.org/b/210646>
+        <rdar://problem/61928031>
+
+        Reviewed by Darin Adler.
+
+        * Shared/mac/WebCoreArgumentCodersMac.mm:
+        (IPC::createArchiveList):
+        - Move early returns for protocolProperties, protocolProperties
+          and mimeType above memory allocation to fix the memory leak.
+
 2020-04-17  Brady Eidson  <beid...@apple.com>
 
         Pass sandbox extensions for back/forward list navigations after the policy is decided at process-swap time.

Modified: trunk/Source/WebKit/Shared/mac/WebCoreArgumentCodersMac.mm (260298 => 260299)

--- trunk/Source/WebKit/Shared/mac/WebCoreArgumentCodersMac.mm	2020-04-17 23:05:37 UTC (rev 260298)
+++ trunk/Source/WebKit/Shared/mac/WebCoreArgumentCodersMac.mm	2020-04-17 23:06:59 UTC (rev 260299)
@@ -124,6 +124,13 @@
     if (bufferSize.hasOverflowed())
         return false;
 
+    if (!extractDictionaryValue(representation, CFSTR("protocolProperties"), protocolProperties))
+        return false;
+    if (!extractDictionaryValue(representation, CFSTR("expectedContentLength"), expectedContentLength))
+        return false;
+    if (!extractDictionaryValue(representation, CFSTR("mimeType"), mimeType))
+        return false;
+
     *objectCount = archiveListArrayCount;
     *objects = static_cast<CFTypeRef*>(malloc(bufferSize.unsafeGet()));
 
@@ -133,13 +140,6 @@
             (*objects)[i] = nullptr;
     }
 
-    if (!extractDictionaryValue(representation, CFSTR("protocolProperties"), protocolProperties))
-        return false;
-    if (!extractDictionaryValue(representation, CFSTR("expectedContentLength"), expectedContentLength))
-        return false;
-    if (!extractDictionaryValue(representation, CFSTR("mimeType"), mimeType))
-        return false;
-
     return true;
 }
 

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes