Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 0b0856901df8b016acfa66a7677c7552d7b0f1bb
https://github.com/WebKit/WebKit/commit/0b0856901df8b016acfa66a7677c7552d7b0f1bb
Author: Abrar Rahman Protyasha <a_protya...@apple.com>
Date: 2024-05-25 (Sat, 25 May 2024)
Changed paths:
M Source/WebKit/UIProcess/ViewGestureController.cpp
Log Message:
-----------
UI process crash due to null pointer dereference under
ViewGestureController::applyMagnification()
https://bugs.webkit.org/show_bug.cgi?id=274710
rdar://128521737
Reviewed by Wenson Hsieh.
We have received a few crash reports with the following signature:
```
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000000
Exception Codes: 0x0000000000000001, 0x0000000000000000
Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0 com.apple.WebKit 0x1ada630ec
WebKit::ViewGestureController::applyMagnification() + 208
1 com.apple.WebKit 0x1ad8dee50
WebKit::ViewGestureController::handleMagnificationGestureEvent(NSEvent*,
WebCore::FloatPoint) + 296
2 com.apple.WebKit 0x1ad9160e4
WebKit::WebViewImpl::magnifyWithEvent(NSEvent*) + 164
```
... which is simply a null pointer dereference in applyMagnification().
The only pointer dereference in that function occurs on the
DrawingAreaProxy, so let's speculatively guard said dereference.
* Source/WebKit/UIProcess/ViewGestureController.cpp:
(WebKit::ViewGestureController::applyMagnification):
Canonical link: https://commits.webkit.org/279322@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
