[webkit-changes] [284574] trunk/Source/WebKit

Wed, 20 Oct 2021 14:50:00 -0700

Title: [284574] trunk/Source/WebKit
Revision
284574
Author
[email protected]
Date
2021-10-20 14:49:11 -0700 (Wed, 20 Oct 2021)

Log Message

Fix crash when calling setUsernameForLocalCredentialWithID
https://bugs.webkit.org/show_bug.cgi?id=231986
<rdar://problem/84425279>

Patch by John Pascoe <[email protected]> on 2021-10-20
Reviewed by David Kilzer.

Using a copy here results in a crash when the NSData deallocs because the
[NSData dataWithBytesNoCopy] was used a buffer that was not allocated with malloc.
This is fixed by instead using [NSData initWithBytes] and RetainPtr.

* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
(+[_WKWebAuthenticationPanel setUsernameForLocalCredentialWithID:username:]):

Modified Paths

Diff

Modified: trunk/Source/WebKit/ChangeLog (284573 => 284574)


--- trunk/Source/WebKit/ChangeLog	2021-10-20 21:45:13 UTC (rev 284573)
+++ trunk/Source/WebKit/ChangeLog	2021-10-20 21:49:11 UTC (rev 284574)
@@ -1,3 +1,18 @@
+2021-10-20  John Pascoe  <[email protected]>
+
+        Fix crash when calling setUsernameForLocalCredentialWithID
+        https://bugs.webkit.org/show_bug.cgi?id=231986
+        <rdar://problem/84425279>
+
+        Reviewed by David Kilzer.
+
+        Using a copy here results in a crash when the NSData deallocs because the
+        [NSData dataWithBytesNoCopy] was used a buffer that was not allocated with malloc.
+        This is fixed by instead using [NSData initWithBytes] and RetainPtr.
+
+        * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
+        (+[_WKWebAuthenticationPanel setUsernameForLocalCredentialWithID:username:]):
+
 2021-10-20  Alex Christensen  <[email protected]>
 
         Remove com.apple.webkit.adattributiond.plist from build temporarily

Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm (284573 => 284574)


--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm	2021-10-20 21:45:13 UTC (rev 284573)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm	2021-10-20 21:49:11 UTC (rev 284574)
@@ -337,10 +337,11 @@
         return;
     }
     auto updatedTag = cbor::CBORWriter::write(cbor::CBORValue(WTFMove(updatedUserMap)));
-    auto secAttrApplicationTag = [NSData dataWithBytesNoCopy:updatedTag->data() length:updatedTag->size()];
 
+    auto secAttrApplicationTag = adoptNS([[NSData alloc] initWithBytes:updatedTag->data() length:updatedTag->size()]);
+
     NSDictionary *updateParams = @{
-        (__bridge id)kSecAttrApplicationTag: secAttrApplicationTag,
+        (__bridge id)kSecAttrApplicationTag: secAttrApplicationTag.get(),
     };
 
     [query setDictionary:@{

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to