[webkit-changes] [88956] trunk/Source/WebKit2

Wed, 15 Jun 2011 10:33:21 -0700

Title: [88956] trunk/Source/WebKit2
Revision
88956
Author
[email protected]
Date
2011-06-15 10:32:30 -0700 (Wed, 15 Jun 2011)

Log Message

2011-06-15  Anders Carlsson  <[email protected]>

        Reviewed by Sam Weinig.

        Fix possible null dereference in webSecKeychainItemCreateFromContentOnMainThread
        https://bugs.webkit.org/show_bug.cgi?id=62736
        <rdar://problem/9601595>

        * WebProcess/mac/KeychainItemShimMethods.mm:
        (WebKit::webSecKeychainItemCreateFromContentOnMainThread):
        SecKeychainItemCreateFromContent can potentially return a null keychain item, so add a null check before trying to retain it.

Modified Paths

Diff

Modified: trunk/Source/WebKit2/ChangeLog (88955 => 88956)


--- trunk/Source/WebKit2/ChangeLog	2011-06-15 17:28:16 UTC (rev 88955)
+++ trunk/Source/WebKit2/ChangeLog	2011-06-15 17:32:30 UTC (rev 88956)
@@ -1,5 +1,17 @@
 2011-06-15  Anders Carlsson  <[email protected]>
 
+        Reviewed by Sam Weinig.
+
+        Fix possible null dereference in webSecKeychainItemCreateFromContentOnMainThread
+        https://bugs.webkit.org/show_bug.cgi?id=62736
+        <rdar://problem/9601595>
+
+        * WebProcess/mac/KeychainItemShimMethods.mm:
+        (WebKit::webSecKeychainItemCreateFromContentOnMainThread):
+        SecKeychainItemCreateFromContent can potentially return a null keychain item, so add a null check before trying to retain it.
+
+2011-06-15  Anders Carlsson  <[email protected]>
+
         Reviewed by Dan Bernstein.
 
         Ignore responsiveness timer callbacks on closed pages

Modified: trunk/Source/WebKit2/WebProcess/mac/KeychainItemShimMethods.mm (88955 => 88956)


--- trunk/Source/WebKit2/WebProcess/mac/KeychainItemShimMethods.mm	2011-06-15 17:28:16 UTC (rev 88955)
+++ trunk/Source/WebKit2/WebProcess/mac/KeychainItemShimMethods.mm	2011-06-15 17:32:30 UTC (rev 88956)
@@ -234,8 +234,9 @@
         ASSERT_NOT_REACHED();
         return;
     }
-        
-    CFRetain(response.keychainItem());
+
+    if (response.keychainItem())
+        CFRetain(response.keychainItem());
     context->item = response.keychainItem();
     context->resultCode = response.resultCode();
 }

_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes

Reply via email to