Mercurial > mozreview > gecko / changeset / 0029dff2a30398fd07a24403624bac9e5c00820f
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1465162 - don't crash in ContentParent::RecvDeallocateLayerTreeId if the content parent ID doesn't exist; r?jld draft
authorAlex Gaynor <agaynor@mozilla.com>
Tue, 29 May 2018 13:56:12 -0400
changeset 801071 0029dff2a30398fd07a24403624bac9e5c00820f
parent 800874 f01bb6245db1ea2a87e5360104a4110571265137
push id111568
push userbmo:agaynor@mozilla.com
push dateTue, 29 May 2018 17:56:39 +0000
reviewersjld
bugs1465162
milestone62.0a1
Bug 1465162 - don't crash in ContentParent::RecvDeallocateLayerTreeId if the content parent ID doesn't exist; r?jld MozReview-Commit-ID: IyLyhVUsOow
dom/ipc/ContentParent.cpp file | annotate | diff | comparison | revisions 
--- a/dom/ipc/ContentParent.cpp
+++ b/dom/ipc/ContentParent.cpp
@@ -1619,17 +1619,17 @@ ContentParent::RecvAllocateLayerTreeId(c
 mozilla::ipc::IPCResult
 ContentParent::RecvDeallocateLayerTreeId(const ContentParentId& aCpId,
                                          const layers::LayersId& aId)
 {
   GPUProcessManager* gpu = GPUProcessManager::Get();
 
   ContentProcessManager* cpm = ContentProcessManager::GetSingleton();
   RefPtr<ContentParent> contentParent = cpm->GetContentProcessById(aCpId);
-  if (!contentParent->CanCommunicateWith(ChildID())) {
+  if (!contentParent || !contentParent->CanCommunicateWith(ChildID())) {
     return IPC_FAIL(this, "Spoofed DeallocateLayerTreeId call");
   }
 
   if (!gpu->IsLayerTreeIdMapped(aId, contentParent->OtherPid())) {
     // You can't deallocate layer tree ids that you didn't allocate
     KillHard("DeallocateLayerTreeId");
   }
gecko
Deployed from 4e825768105f at 2024-04-08T16:23:59Z.