Bug 214699 - [IPC hardening] Add nullptr checks for WebPage::m_activeColorChooser
Summary: [IPC hardening] Add nullptr checks for WebPage::m_activeColorChooser
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit2 (show other bugs)
Version: Other
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: David Kilzer (:ddkilzer)
URL:
Keywords: InRadar
Depends on:
Blocks: 214748
  Show dependency treegraph
 
Reported: 2020-07-23 14:20 PDT by David Kilzer (:ddkilzer)
Modified: 2020-09-08 17:02 PDT (History)
4 users (show)

See Also:


Attachments
Patch v1 (1.61 KB, patch)
2020-07-23 14:21 PDT, David Kilzer (:ddkilzer)
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description David Kilzer (:ddkilzer) 2020-07-23 14:20:04 PDT
Add nullptr checks for WebPage::m_activeColorChooser.

WebPage::m_activeColorChooser is a pointer that's initialized to nullptr, so it is not always set.

<rdar://problem/65850975>
Comment 1 David Kilzer (:ddkilzer) 2020-07-23 14:21:12 PDT
Created attachment 405077 [details]
Patch v1
Comment 2 Darin Adler 2020-07-23 15:00:57 PDT
Comment on attachment 405077 [details]
Patch v1

Not clear what this has to do with IPC. Also, are there eventually test cases coming for this?
Comment 3 David Kilzer (:ddkilzer) 2020-07-23 17:19:38 PDT
(In reply to Darin Adler from comment #2)
> Comment on attachment 405077 [details]
> Patch v1
> 
> Not clear what this has to do with IPC. Also, are there eventually test
> cases coming for this?

Replied in radar.
Comment 4 David Kilzer (:ddkilzer) 2020-07-24 10:36:14 PDT
(In reply to David Kilzer (:ddkilzer) from comment #3)
> (In reply to Darin Adler from comment #2)
> > Comment on attachment 405077 [details]
> > Patch v1
> > 
> > Not clear what this has to do with IPC. Also, are there eventually test
> > cases coming for this?
> 
> Replied in radar.

Filed this to track adding a test case:

Bug 214748: Add test case for nullptr checks in WebPage::m_activeColorChooser
<https://bugs.webkit.org/show_bug.cgi?id=214748>

This has to do with IPC since nullptr deref crashes can be hit in WebPage when sending unexpected IPC messages.
Comment 5 EWS 2020-07-24 10:40:28 PDT
Committed r264842: <https://trac.webkit.org/changeset/264842>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 405077 [details].