Clicking on bookmarklet crashes at NavigationState::willRecordNavigationSnapshot
authortimothy_horton@apple.com <timothy_horton@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 11 Oct 2018 23:48:19 +0000 (23:48 +0000)
committertimothy_horton@apple.com <timothy_horton@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 11 Oct 2018 23:48:19 +0000 (23:48 +0000)
https://bugs.webkit.org/show_bug.cgi?id=190476
<rdar://problem/32757191>

Reviewed by Megan Gardner.

Source/WebKit:

* UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _saveBackForwardSnapshotForItem:]):
The WKBackForwardListItem can be nil. Then we retrieve a reference from it.
An Objective-C method that returns a reference is a great way to get
a null reference. Other code then assumes it's not null and crashes.
Add a nil check.

Tools:

* TestWebKitAPI/Tests/WebKitCocoa/SnapshotStore.mm:
(TEST):
Add a test that we don't crash.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@237055 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit/ChangeLog
Source/WebKit/UIProcess/API/Cocoa/WKWebView.mm
Tools/ChangeLog
Tools/TestWebKitAPI/Tests/WebKitCocoa/SnapshotStore.mm

index 81518ad..c1109b8 100644 (file)
@@ -1,5 +1,20 @@
 2018-10-11  Tim Horton  <timothy_horton@apple.com>
 
+        Clicking on bookmarklet crashes at NavigationState::willRecordNavigationSnapshot
+        https://bugs.webkit.org/show_bug.cgi?id=190476
+        <rdar://problem/32757191>
+
+        Reviewed by Megan Gardner.
+
+        * UIProcess/API/Cocoa/WKWebView.mm:
+        (-[WKWebView _saveBackForwardSnapshotForItem:]):
+        The WKBackForwardListItem can be nil. Then we retrieve a reference from it.
+        An Objective-C method that returns a reference is a great way to get
+        a null reference. Other code then assumes it's not null and crashes.
+        Add a nil check.
+
+2018-10-11  Tim Horton  <timothy_horton@apple.com>
+
         Hardware keyboard arrow keys/spacebar don't scroll PDFs (works for web content)
         https://bugs.webkit.org/show_bug.cgi?id=190495
         <rdar://problem/22734616>
index 8bbd126..e6532d4 100644 (file)
@@ -4987,6 +4987,8 @@ static inline WebKit::FindOptions toFindOptions(_WKFindOptions wkFindOptions)
 
 - (void)_saveBackForwardSnapshotForItem:(WKBackForwardListItem *)item
 {
+    if (!item)
+        return;
     _page->recordNavigationSnapshot(item._item);
 }
 
index 370f746..acccbd0 100644 (file)
@@ -1,5 +1,17 @@
 2018-10-11  Tim Horton  <timothy_horton@apple.com>
 
+        Clicking on bookmarklet crashes at NavigationState::willRecordNavigationSnapshot
+        https://bugs.webkit.org/show_bug.cgi?id=190476
+        <rdar://problem/32757191>
+
+        Reviewed by Megan Gardner.
+
+        * TestWebKitAPI/Tests/WebKitCocoa/SnapshotStore.mm:
+        (TEST):
+        Add a test that we don't crash.
+
+2018-10-11  Tim Horton  <timothy_horton@apple.com>
+
         REGRESSION (r237037): Cannot use webkit-patch upload, always fails with unknown 'cc_radar'
 
         * Scripts/webkitpy/tool/steps/options.py:
index 1af8605..696e3f6 100644 (file)
@@ -205,4 +205,10 @@ TEST(SnapshotStore, SnapshotsForNeverLoadedPagesDoNotChangeUponNavigation)
     EXPECT_TRUE(imagesAreEqual(initialSnapshot.get(), snapshotAfterNavigation.get()));
 }
 
+TEST(SnapshotStore, SnapshottingNullBackForwardItemShouldNotCrash)
+{
+    RetainPtr<SnapshotTestWKWebView> webView = adoptNS([[SnapshotTestWKWebView alloc] init]);
+    [webView _saveBackForwardSnapshotForItem:nil];
+}
+
 #endif // WK_API_ENABLED && PLATFORM(MAC)