Title: [229038] branches/safari-605-branch/Source/WebKit
- Revision
- 229038
- Author
- [email protected]
- Date
- 2018-02-26 13:02:14 -0800 (Mon, 26 Feb 2018)
Log Message
Cherry-pick r229031. rdar://problem/37912128
Modified Paths
Diff
Modified: branches/safari-605-branch/Source/WebKit/ChangeLog (229037 => 229038)
--- branches/safari-605-branch/Source/WebKit/ChangeLog 2018-02-26 20:44:50 UTC (rev 229037)
+++ branches/safari-605-branch/Source/WebKit/ChangeLog 2018-02-26 21:02:14 UTC (rev 229038)
@@ -1,5 +1,27 @@
2018-02-26 Jason Marcell <[email protected]>
+ Cherry-pick r229031. rdar://problem/37912128
+
+ 2018-02-26 Chris Dumez <[email protected]>
+
+ Regression(r223431): Crash under didReceiveChallenge in NetworkSessionCocoa
+ https://bugs.webkit.org/show_bug.cgi?id=183134
+ <rdar://problem/36339049>
+
+ Reviewed by Alex Christensen.
+
+ Like other delegates functions in this file, it is possible for didReceiveChallenge to get called
+ after _session has been nulled out. Other delegate functions already had early returns when
+ _session is null. However, such early return was missing in didReceiveChallenge.
+
+ This patch ends the early return to didReceiveChallenge so that we do not end up calling
+ _session->downloadID(taskIdentifier) on a null _session.
+
+ * NetworkProcess/cocoa/NetworkSessionCocoa.mm:
+ (-[WKNetworkSessionDelegate URLSession:task:didReceiveChallenge:completionHandler:]):
+
+2018-02-26 Jason Marcell <[email protected]>
+
Cherry-pick r228978. rdar://problem/37909154
2018-02-25 Chris Dumez <[email protected]>
Modified: branches/safari-605-branch/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm (229037 => 229038)
--- branches/safari-605-branch/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm 2018-02-26 20:44:50 UTC (rev 229037)
+++ branches/safari-605-branch/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm 2018-02-26 21:02:14 UTC (rev 229038)
@@ -291,6 +291,11 @@
- (void)URLSession:(NSURLSession *)session task:(NSURLSessionTask *)task didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *credential))completionHandler
{
+ if (!_session) {
+ completionHandler(NSURLSessionAuthChallengeCancelAuthenticationChallenge, nil);
+ return;
+ }
+
auto taskIdentifier = task.taskIdentifier;
LOG(NetworkSession, "%llu didReceiveChallenge", taskIdentifier);
@@ -344,7 +349,7 @@
};
networkDataTask->didReceiveChallenge(challenge, WTFMove(challengeCompletionHandler));
} else {
- auto downloadID = _session->downloadID(task.taskIdentifier);
+ auto downloadID = _session->downloadID(taskIdentifier);
if (downloadID.downloadID()) {
if (auto* download = WebKit::NetworkProcess::singleton().downloadManager().download(downloadID)) {
// Received an authentication challenge for a download being resumed.
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
