Skip to site navigation (Press enter)

[webkit-changes] [212420] trunk/Source/WebCore

jer . noble Wed, 15 Feb 2017 20:24:54 -0800

Title: [212420] trunk/Source/WebCore

Revision: 212420
Author: jer.no...@apple.com
Date: 2017-02-15 20:25:22 -0800 (Wed, 15 Feb 2017)

Log Message

REGRESSION (r212311): NULL-dereference in HTMLMediaElement::prepareToPlay()
https://bugs.webkit.org/show_bug.cgi?id=168404
<rdar://problem/30547188>


Reviewed by Brian Weinstein.

Prior to r212311, m_player was always guaranteed to be initialized when calling
prepareToPlay(). r212311 began calling prepareToPlay() on a subsequent run-loop iteration
after creating m_player. So now check whether m_player is NULL before calling methods on it.

* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::prepareToPlay):

Modified Paths

trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/html/HTMLMediaElement.cpp

Diff

Modified: trunk/Source/WebCore/ChangeLog (212419 => 212420)


--- trunk/Source/WebCore/ChangeLog	2017-02-16 04:23:23 UTC (rev 212419)
+++ trunk/Source/WebCore/ChangeLog	2017-02-16 04:25:22 UTC (rev 212420)
@@ -1,3 +1,18 @@
+2017-02-15  Jer Noble  <jer.no...@apple.com>
+
+        REGRESSION (r212311): NULL-dereference in HTMLMediaElement::prepareToPlay()
+        https://bugs.webkit.org/show_bug.cgi?id=168404
+        <rdar://problem/30547188>
+
+        Reviewed by Brian Weinstein.
+
+        Prior to r212311, m_player was always guaranteed to be initialized when calling
+        prepareToPlay(). r212311 began calling prepareToPlay() on a subsequent run-loop iteration
+        after creating m_player. So now check whether m_player is NULL before calling methods on it.
+
+        * html/HTMLMediaElement.cpp:
+        (WebCore::HTMLMediaElement::prepareToPlay):
+
 2017-02-15  Eric Carlson  <eric.carl...@apple.com>
 
         [MediaStream] delete CaptureDeviceInfo struct

Modified: trunk/Source/WebCore/html/HTMLMediaElement.cpp (212419 => 212420)


--- trunk/Source/WebCore/html/HTMLMediaElement.cpp	2017-02-16 04:23:23 UTC (rev 212419)
+++ trunk/Source/WebCore/html/HTMLMediaElement.cpp	2017-02-16 04:25:22 UTC (rev 212420)
@@ -2558,7 +2558,8 @@
     if (m_havePreparedToPlay)
         return;
     m_havePreparedToPlay = true;
-    m_player->prepareToPlay();
+    if (m_player)
+        m_player->prepareToPlay();
 }
 
 void HTMLMediaElement::fastSeek(double time)

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes