Potential null dereference under WebPage::applicationDidBecomeActive()
authorcdumez@apple.com <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 30 Jul 2018 16:50:40 +0000 (16:50 +0000)
committercdumez@apple.com <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 30 Jul 2018 16:50:40 +0000 (16:50 +0000)
https://bugs.webkit.org/show_bug.cgi?id=188170
<rdar://problem/37493418>

Reviewed by Wenson Hsieh.

WebPage::m_page gets nulled out when the page is closed but the WebPage object may receive IPC
until it gets destroyed. Therefore, we need to null-check m_page before using it in IPC message
handlers.

* WebProcess/WebPage/ios/WebPageIOS.mm:
(WebKit::WebPage::applicationDidEnterBackground):
(WebKit::WebPage::applicationWillEnterForeground):
(WebKit::WebPage::applicationDidBecomeActive):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@234369 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit/ChangeLog
Source/WebKit/WebProcess/WebPage/ios/WebPageIOS.mm

index f051f41..3dafd0a 100644 (file)
@@ -1,3 +1,20 @@
+2018-07-30  Chris Dumez  <cdumez@apple.com>
+
+        Potential null dereference under WebPage::applicationDidBecomeActive()
+        https://bugs.webkit.org/show_bug.cgi?id=188170
+        <rdar://problem/37493418>
+
+        Reviewed by Wenson Hsieh.
+
+        WebPage::m_page gets nulled out when the page is closed but the WebPage object may receive IPC
+        until it gets destroyed. Therefore, we need to null-check m_page before using it in IPC message
+        handlers.
+
+        * WebProcess/WebPage/ios/WebPageIOS.mm:
+        (WebKit::WebPage::applicationDidEnterBackground):
+        (WebKit::WebPage::applicationWillEnterForeground):
+        (WebKit::WebPage::applicationDidBecomeActive):
+
 2018-07-29  Wenson Hsieh  <wenson_hsieh@apple.com>
 
         Fix incorrect guards around a method declaration in PageClient.h
index c794493..bd95533 100644 (file)
@@ -2796,7 +2796,8 @@ void WebPage::applicationDidEnterBackground(bool isSuspendedUnderLock)
     m_isSuspendedUnderLock = isSuspendedUnderLock;
     setLayerTreeStateIsFrozen(true);
 
-    m_page->applicationDidEnterBackground();
+    if (m_page)
+        m_page->applicationDidEnterBackground();
 }
 
 void WebPage::applicationDidFinishSnapshottingAfterEnteringBackground()
@@ -2812,13 +2813,15 @@ void WebPage::applicationWillEnterForeground(bool isSuspendedUnderLock)
 
     [[NSNotificationCenter defaultCenter] postNotificationName:WebUIApplicationWillEnterForegroundNotification object:nil userInfo:@{@"isSuspendedUnderLock": @(isSuspendedUnderLock)}];
 
-    m_page->applicationWillEnterForeground();
+    if (m_page)
+        m_page->applicationWillEnterForeground();
 }
 
 void WebPage::applicationDidBecomeActive()
 {
     [[NSNotificationCenter defaultCenter] postNotificationName:WebUIApplicationDidBecomeActiveNotification object:nil];
-    m_page->applicationDidBecomeActive();
+    if (m_page)
+        m_page->applicationDidBecomeActive();
 }
 
 static inline void adjustVelocityDataForBoundedScale(double& horizontalVelocity, double& verticalVelocity, double& scaleChangeRate, double exposedRectScale, double minimumScale, double maximumScale)