[webkit-changes] [210061] trunk/Source/WebCore

[eric . carlson]

Title: [210061] trunk/Source/WebCore

Revision

210061

Author

eric.carl...@apple.com

Date

2016-12-21 10:30:36 -0800 (Wed, 21 Dec 2016)

Log Message

[MediaStream] MediaPlayerPrivateMediaStreamAVFObjC::ensureLayer can be called before it has a media stream
https://bugs.webkit.org/show_bug.cgi?id=166344
<rdar://problem/29763143>

Reviewed by Jer Noble.

There is a very narrow window during which a MediaStream player can be asked for its layer
before it has a steam, resulting in a NULL dereference and crash. Don't do that.

Unable to reproduce.

* platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayer):

Modified Paths

• trunk/Source/WebCore/ChangeLog
• trunk/Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm

Diff

Modified: trunk/Source/WebCore/ChangeLog (210060 => 210061)

--- trunk/Source/WebCore/ChangeLog	2016-12-21 17:37:14 UTC (rev 210060)
+++ trunk/Source/WebCore/ChangeLog	2016-12-21 18:30:36 UTC (rev 210061)
@@ -1,3 +1,19 @@
+2016-12-21  Eric Carlson  <eric.carl...@apple.com>
+
+        [MediaStream] MediaPlayerPrivateMediaStreamAVFObjC::ensureLayer can be called before it has a media stream
+        https://bugs.webkit.org/show_bug.cgi?id=166344
+        <rdar://problem/29763143>
+
+        Reviewed by Jer Noble.
+
+        There is a very narrow window during which a MediaStream player can be asked for its layer 
+        before it has a steam, resulting in a NULL dereference and crash. Don't do that.
+
+        Unable to reproduce.
+
+        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
+        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayer):
+
 2016-12-21  Nael Ouedraogo  <nael.ouedra...@crf.canon.fr>
 
         [Readable Streams API] Fix test in readableByteStreamCallPullIfNeeded

Modified: trunk/Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm (210060 => 210061)

--- trunk/Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm	2016-12-21 17:37:14 UTC (rev 210060)
+++ trunk/Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm	2016-12-21 18:30:36 UTC (rev 210061)
@@ -197,7 +197,7 @@
 
 void MediaPlayerPrivateMediaStreamAVFObjC::ensureLayer()
 {
-    if (haveVideoLayer())
+    if (!m_mediaStreamPrivate || haveVideoLayer())
         return;
 
     CALayer *videoLayer = nil;

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes