WebKit2: Crash when InjectedBundlePageLoaderClient::willSendRequestForFrame returns...
authorbweinstein@apple.com <bweinstein@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Sat, 5 Feb 2011 02:04:58 +0000 (02:04 +0000)
committerbweinstein@apple.com <bweinstein@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Sat, 5 Feb 2011 02:04:58 +0000 (02:04 +0000)
https://bugs.webkit.org/show_bug.cgi?id=53829

Reviewed by Maciej Stachowiak.

Store the result of m_client.willSendRequestForFrame in a RefPtr, and null check it before
calling resourceRequest() on it.

* WebProcess/InjectedBundle/InjectedBundlePageLoaderClient.cpp:
(WebKit::InjectedBundlePageLoaderClient::willSendRequestForFrame):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@77713 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit2/ChangeLog
Source/WebKit2/WebProcess/InjectedBundle/InjectedBundlePageLoaderClient.cpp

index 751efb6499ac56991cbb31d33848ec7b5685bb09..3fdc413ea95202e6b35aae249590d7fc6069515b 100644 (file)
@@ -1,3 +1,16 @@
+2011-02-04  Brian Weinstein  <bweinstein@apple.com>
+
+        Reviewed by Maciej Stachowiak.
+
+        WebKit2: Crash when InjectedBundlePageLoaderClient::willSendRequestForFrame returns a null WKURLRequestRef
+        https://bugs.webkit.org/show_bug.cgi?id=53829
+        
+        Store the result of m_client.willSendRequestForFrame in a RefPtr, and null check it before
+        calling resourceRequest() on it.
+
+        * WebProcess/InjectedBundle/InjectedBundlePageLoaderClient.cpp:
+        (WebKit::InjectedBundlePageLoaderClient::willSendRequestForFrame):
+
 2011-02-04  Anders Carlsson  <andersca@apple.com>
 
         Fix build.
index a322baac0e150c421ccd6be56722e17c8d53ae1f..c55b29a0874a4648d5062a9eb695f6be0c483ae3 100644 (file)
@@ -181,7 +181,11 @@ void InjectedBundlePageLoaderClient::willSendRequestForFrame(WebPage* page, WebF
     if (!m_client.willSendRequestForFrame)
         return;
 
-    request = toImpl(m_client.willSendRequestForFrame(toAPI(page), toAPI(frame), identifier, toAPI(request), toAPI(redirectResponse), m_client.clientInfo))->resourceRequest();
+    RefPtr<WebURLRequest> returnedRequest = toImpl(m_client.willSendRequestForFrame(toAPI(page), toAPI(frame), identifier, toAPI(request), toAPI(redirectResponse), m_client.clientInfo));
+    if (returnedRequest)
+        request = returnedRequest->resourceRequest();
+    else
+        request = ResourceRequest();
 }
 
 void InjectedBundlePageLoaderClient::didClearWindowObjectForFrame(WebPage* page, WebFrame* frame, DOMWrapperWorld* world)