[Payment Request] Crash in PaymentRequest::canMakePayment() when Apple Pay payment...
authoraestes@apple.com <aestes@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 9 Feb 2018 19:07:28 +0000 (19:07 +0000)
committeraestes@apple.com <aestes@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 9 Feb 2018 19:07:28 +0000 (19:07 +0000)
commitaab330d18c86776b960a09ec324e1d1d5a008187
tree28028757b45fdfdb3099ee9da4099a29967e369f
parentee339885ecfe35ca57ee709127b19e2d96e4c437
[Payment Request] Crash in PaymentRequest::canMakePayment() when Apple Pay payment method data is missing required fields
https://bugs.webkit.org/show_bug.cgi?id=182631

Reviewed by Mark Lam.

Source/WebCore:

PaymentRequest::canMakePayment() needs to parse each payment method's serialized data to
determine if it is a supported payment method. If parsing fails by raising an exception, we
intend to skip over that payment method and try the next one. If all payment method data
fail to parse, we resolve the returned promise with false. At no point do we intend to
propagate the parsing exception up to the calling script, however.

Even though we intend to swallow any exceptions from parsing, we failed to clear the
JavaScript VM's exception state. The next time WebCore tries to execute JavaScript, a
release assertion is raised due to seeing an unexpected exception in the VM.

Fix this by using a CatchScope in PaymentRequest::canMakePayment(), and calling
CatchScope::clearException() in the places we intend to swallow exceptions.

Added a test case to http/tests/paymentrequest/payment-request-canmakepayment-method.https.html.

* Modules/paymentrequest/PaymentRequest.cpp:
(WebCore::PaymentRequest::canMakePayment):

LayoutTests:

* http/tests/paymentrequest/payment-request-canmakepayment-method.https-expected.txt:
* http/tests/paymentrequest/payment-request-canmakepayment-method.https.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@228331 268f45cc-cd09-0410-ab3c-d52691b4dbfc
LayoutTests/ChangeLog
LayoutTests/http/tests/paymentrequest/payment-request-canmakepayment-method.https-expected.txt
LayoutTests/http/tests/paymentrequest/payment-request-canmakepayment-method.https.html
Source/WebCore/ChangeLog
Source/WebCore/Modules/paymentrequest/PaymentRequest.cpp