Modified: trunk/Source/WebKit2/ChangeLog (176857 => 176858)
--- trunk/Source/WebKit2/ChangeLog 2014-12-05 19:31:28 UTC (rev 176857)
+++ trunk/Source/WebKit2/ChangeLog 2014-12-05 19:43:03 UTC (rev 176858)
@@ -1,3 +1,27 @@
+2014-12-05 Antti Koivisto <[email protected]>
+
+ In NetworkResourceLoader always bail out after abort()
+ https://bugs.webkit.org/show_bug.cgi?id=139299
+
+ Reviewed by Alexey Proskuryakov.
+
+ Invoking abort() may kill the current object. Take care to bail out after it.
+
+ * NetworkProcess/NetworkResourceLoader.cpp:
+ (WebKit::NetworkResourceLoader::didReceiveResponseAsync):
+ (WebKit::NetworkResourceLoader::didReceiveBuffer):
+ (WebKit::NetworkResourceLoader::didFinishLoading):
+
+ Either make sure sendAbortingOnFailure() is called last in callbacks or the results is explicitly tested.
+
+ (WebKit::NetworkResourceLoader::bufferingTimerFired):
+ (WebKit::NetworkResourceLoader::sendBufferMaybeAborting):
+
+ Rename and return a boolean to indicate if load should continue.
+
+ (WebKit::NetworkResourceLoader::sendBuffer): Deleted.
+ * NetworkProcess/NetworkResourceLoader.h:
+
2014-12-05 Anders Carlsson <[email protected]>
Don't use PLATFORM(IOS) in non-project headers.
Modified: trunk/Source/WebKit2/NetworkProcess/NetworkResourceLoader.cpp (176857 => 176858)
--- trunk/Source/WebKit2/NetworkProcess/NetworkResourceLoader.cpp 2014-12-05 19:31:28 UTC (rev 176857)
+++ trunk/Source/WebKit2/NetworkProcess/NetworkResourceLoader.cpp 2014-12-05 19:43:03 UTC (rev 176858)
@@ -197,13 +197,11 @@
if (isSynchronous())
m_synchronousLoadData->response = response;
- else
- sendAbortingOnFailure(Messages::WebResourceLoader::DidReceiveResponse(response, m_parameters.isMainResource));
+ else {
+ if (!sendAbortingOnFailure(Messages::WebResourceLoader::DidReceiveResponse(response, m_parameters.isMainResource)))
+ return;
+ }
- // m_handle will be null if the request got aborted above.
- if (!m_handle)
- return;
-
// For main resources, the web process is responsible for sending back a NetworkResourceLoader::ContinueDidReceiveResponse message.
if (m_parameters.isMainResource)
return;
@@ -232,7 +230,7 @@
startBufferingTimerIfNeeded();
return;
}
- sendBuffer(buffer.get(), encodedDataLength);
+ sendBufferMaybeAborting(*buffer, encodedDataLength);
}
void NetworkResourceLoader::didFinishLoading(ResourceHandle* handle, double finishTime)
@@ -242,8 +240,12 @@
if (isSynchronous())
sendReplyToSynchronousRequest(*m_synchronousLoadData, m_bufferedData.get());
else {
- if (m_bufferedData && m_bufferedData->size())
- sendBuffer(m_bufferedData.get(), -1);
+ if (m_bufferedData && m_bufferedData->size()) {
+ // FIXME: Pass a real value or remove the encoded data size feature.
+ bool shouldContinue = sendBufferMaybeAborting(*m_bufferedData, -1);
+ if (!shouldContinue)
+ return;
+ }
send(Messages::WebResourceLoader::DidFinishResourceLoad(finishTime));
}
@@ -396,30 +398,30 @@
return;
IPC::SharedBufferDataReference dataReference(m_bufferedData.get());
- sendAbortingOnFailure(Messages::WebResourceLoader::DidReceiveData(dataReference, m_bufferedDataEncodedDataLength));
+ size_t encodedLength = m_bufferedDataEncodedDataLength;
m_bufferedData = WebCore::SharedBuffer::create();
m_bufferedDataEncodedDataLength = 0;
+
+ sendAbortingOnFailure(Messages::WebResourceLoader::DidReceiveData(dataReference, encodedLength));
}
-void NetworkResourceLoader::sendBuffer(WebCore::SharedBuffer* buffer, int encodedDataLength)
+bool NetworkResourceLoader::sendBufferMaybeAborting(WebCore::SharedBuffer& buffer, size_t encodedDataLength)
{
- ASSERT(buffer);
ASSERT(!isSynchronous());
#if PLATFORM(IOS) || (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 1090)
ShareableResource::Handle shareableResourceHandle;
- NetworkResourceLoader::tryGetShareableHandleFromSharedBuffer(shareableResourceHandle, *buffer);
+ NetworkResourceLoader::tryGetShareableHandleFromSharedBuffer(shareableResourceHandle, buffer);
if (!shareableResourceHandle.isNull()) {
- // Since we're delivering this resource by ourselves all at once and don't need any more data or callbacks from the network layer, abort the loader.
+ send(Messages::WebResourceLoader::DidReceiveResource(shareableResourceHandle, currentTime()));
abort();
- send(Messages::WebResourceLoader::DidReceiveResource(shareableResourceHandle, currentTime()));
- return;
+ return false;
}
#endif
- IPC::SharedBufferDataReference dataReference(buffer);
- sendAbortingOnFailure(Messages::WebResourceLoader::DidReceiveData(dataReference, encodedDataLength));
+ IPC::SharedBufferDataReference dataReference(&buffer);
+ return sendAbortingOnFailure(Messages::WebResourceLoader::DidReceiveData(dataReference, encodedDataLength));
}
IPC::Connection* NetworkResourceLoader::messageSenderConnection()
Modified: trunk/Source/WebKit2/NetworkProcess/NetworkResourceLoader.h (176857 => 176858)
--- trunk/Source/WebKit2/NetworkProcess/NetworkResourceLoader.h 2014-12-05 19:31:28 UTC (rev 176857)
+++ trunk/Source/WebKit2/NetworkProcess/NetworkResourceLoader.h 2014-12-05 19:43:03 UTC (rev 176858)
@@ -150,7 +150,7 @@
void startBufferingTimerIfNeeded();
void bufferingTimerFired();
- void sendBuffer(WebCore::SharedBuffer*, int encodedDataLength);
+ bool sendBufferMaybeAborting(WebCore::SharedBuffer&, size_t encodedDataLength);
bool isSynchronous() const;
