Branch: refs/heads/main Home: https://github.com/WebKit/WebKit Commit: 96e3800242ca68458fa29e3ff4450262ce6f179e https://github.com/WebKit/WebKit/commit/96e3800242ca68458fa29e3ff4450262ce6f179e Author: Michael Catanzaro <mcatanz...@redhat.com> Date: 2024-04-12 (Fri, 12 Apr 2024)
Changed paths: M Source/WebCore/html/PDFDocument.cpp M Source/WebCore/html/PDFDocument.h Log Message: ----------- Crash in PDFDocument::injectStyleAndContentScript when downloading PDF https://bugs.webkit.org/show_bug.cgi?id=249872 Reviewed by Tim Nguyen. PDFDocument expects injectStyleAndContentScript to be called exactly once, but it may be called multiple times because the EventListener is never unregistered. So let's start by unregistering it when it's no longer needed (which requires saving a copy of the HTMLScriptElement). I'm not sure whether or not it's possible for a second load to start before the main resource load finishes, so I've added an extra member variable m_injectedStyleAndScript to really make sure we inject the user content only once, for good measure. This fixes a crash when attempting to download certain PDF documents, but does NOT make downloading the document actually work. It only avoids the crash. * Source/WebCore/html/PDFDocument.cpp: (WebCore::PDFDocumentEventListener::handleEvent): (WebCore::PDFDocument::finishedParsing): (WebCore::PDFDocument::finishLoadingPDF): (WebCore::PDFDocument::injectStyleAndContentScript): * Source/WebCore/html/PDFDocument.h: Canonical link: https://commits.webkit.org/277434@main To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications _______________________________________________ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes