Title: [229031] trunk/Source/WebKit
- Revision
- 229031
- Author
- [email protected]
- Date
- 2018-02-26 11:53:09 -0800 (Mon, 26 Feb 2018)
Log Message
Regression(r223431): Crash under didReceiveChallenge in NetworkSessionCocoa
https://bugs.webkit.org/show_bug.cgi?id=183134
<rdar://problem/36339049>
Reviewed by Alex Christensen.
Like other delegates functions in this file, it is possible for didReceiveChallenge to get called
after _session has been nulled out. Other delegate functions already had early returns when
_session is null. However, such early return was missing in didReceiveChallenge.
This patch ends the early return to didReceiveChallenge so that we do not end up calling
_session->downloadID(taskIdentifier) on a null _session.
* NetworkProcess/cocoa/NetworkSessionCocoa.mm:
(-[WKNetworkSessionDelegate URLSession:task:didReceiveChallenge:completionHandler:]):
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (229030 => 229031)
--- trunk/Source/WebKit/ChangeLog 2018-02-26 19:43:50 UTC (rev 229030)
+++ trunk/Source/WebKit/ChangeLog 2018-02-26 19:53:09 UTC (rev 229031)
@@ -1,3 +1,21 @@
+2018-02-26 Chris Dumez <[email protected]>
+
+ Regression(r223431): Crash under didReceiveChallenge in NetworkSessionCocoa
+ https://bugs.webkit.org/show_bug.cgi?id=183134
+ <rdar://problem/36339049>
+
+ Reviewed by Alex Christensen.
+
+ Like other delegates functions in this file, it is possible for didReceiveChallenge to get called
+ after _session has been nulled out. Other delegate functions already had early returns when
+ _session is null. However, such early return was missing in didReceiveChallenge.
+
+ This patch ends the early return to didReceiveChallenge so that we do not end up calling
+ _session->downloadID(taskIdentifier) on a null _session.
+
+ * NetworkProcess/cocoa/NetworkSessionCocoa.mm:
+ (-[WKNetworkSessionDelegate URLSession:task:didReceiveChallenge:completionHandler:]):
+
2018-02-26 Youenn Fablet <[email protected]>
MessagePort is not always destroyed in the right thread
Modified: trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm (229030 => 229031)
--- trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm 2018-02-26 19:43:50 UTC (rev 229030)
+++ trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm 2018-02-26 19:53:09 UTC (rev 229031)
@@ -289,6 +289,11 @@
- (void)URLSession:(NSURLSession *)session task:(NSURLSessionTask *)task didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *credential))completionHandler
{
+ if (!_session) {
+ completionHandler(NSURLSessionAuthChallengeCancelAuthenticationChallenge, nil);
+ return;
+ }
+
auto taskIdentifier = task.taskIdentifier;
LOG(NetworkSession, "%llu didReceiveChallenge", taskIdentifier);
@@ -342,7 +347,7 @@
};
networkDataTask->didReceiveChallenge(challenge, WTFMove(challengeCompletionHandler));
} else {
- auto downloadID = _session->downloadID(task.taskIdentifier);
+ auto downloadID = _session->downloadID(taskIdentifier);
if (downloadID.downloadID()) {
if (auto* download = WebKit::NetworkProcess::singleton().downloadManager().download(downloadID)) {
// Received an authentication challenge for a download being resumed.
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
