Skip to site navigation (Press enter)

[webkit-changes] [244850] trunk/Source/WebKit

achristensen Wed, 01 May 2019 14:20:29 -0700

Title: [244850] trunk/Source/WebKit

Revision: 244850
Author: [email protected]
Date: 2019-05-01 14:19:24 -0700 (Wed, 01 May 2019)

Log Message

Protect against null crash in fetchDiskCacheEntries
https://bugs.webkit.org/show_bug.cgi?id=197399
<rdar://problem/47759337>


Reviewed by Antti Koivisto.

If the call to Entry::decodeStorageRecord returns nullptr in Storage::traverse, do not call the traverseHandler, which expects
that when it is called with nullptr that is the end of the traversal.

* NetworkProcess/cache/NetworkCache.cpp:
(WebKit::NetworkCache::Cache::traverse):

Modified Paths

trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/NetworkProcess/cache/NetworkCache.cpp

Diff

Modified: trunk/Source/WebKit/ChangeLog (244849 => 244850)


--- trunk/Source/WebKit/ChangeLog	2019-05-01 21:08:38 UTC (rev 244849)
+++ trunk/Source/WebKit/ChangeLog	2019-05-01 21:19:24 UTC (rev 244850)
@@ -1,3 +1,17 @@
+2019-05-01  Alex Christensen  <[email protected]>
+
+        Protect against null crash in fetchDiskCacheEntries
+        https://bugs.webkit.org/show_bug.cgi?id=197399
+        <rdar://problem/47759337>
+
+        Reviewed by Antti Koivisto.
+
+        If the call to Entry::decodeStorageRecord returns nullptr in Storage::traverse, do not call the traverseHandler, which expects
+        that when it is called with nullptr that is the end of the traversal.
+
+        * NetworkProcess/cache/NetworkCache.cpp:
+        (WebKit::NetworkCache::Cache::traverse):
+
 2019-05-01  Wenson Hsieh  <[email protected]>
 
         [iOS] Add a version of viewport shrink-to-fit heuristics that preserves page layout

Modified: trunk/Source/WebKit/NetworkProcess/cache/NetworkCache.cpp (244849 => 244850)


--- trunk/Source/WebKit/NetworkProcess/cache/NetworkCache.cpp	2019-05-01 21:08:38 UTC (rev 244849)
+++ trunk/Source/WebKit/NetworkProcess/cache/NetworkCache.cpp	2019-05-01 21:19:24 UTC (rev 244850)
@@ -478,10 +478,8 @@
         }
 
         auto entry = Entry::decodeStorageRecord(*record);
-        if (!entry) {
-            traverseHandler(nullptr);
+        if (!entry)
             return;
-        }
 
         TraversalEntry traversalEntry { *entry, recordInfo };
         traverseHandler(&traversalEntry);

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes