diff options
| author | Selim Gurun <sgurun@google.com> | 2011-12-07 10:50:23 -0800 |
|---|---|---|
| committer | Selim Gurun <sgurun@google.com> | 2011-12-07 17:25:54 -0800 |
| commit | 432a3b5a08c1dff5693d7b804b9e9cf19ad92a2e (patch) | |
| tree | 1579dd6d2b0c672c8a1dc81bc2f3aeb1a900b442 | |
| parent | 292448625cf74fa0cbb6776572d5b116d2e7eb15 (diff) | |
| download | external_webkit-432a3b5a08c1dff5693d7b804b9e9cf19ad92a2e.zip external_webkit-432a3b5a08c1dff5693d7b804b9e9cf19ad92a2e.tar.gz external_webkit-432a3b5a08c1dff5693d7b804b9e9cf19ad92a2e.tar.bz2 | |
Prevent native crashes on client cert request
Bug: 4586251
Explicitly manage ref counter for WebUrlLoaderClient. This will
prevent early release of the object.
Change-Id: I4b8e41b470eaacb594ce85afdd650e7827ab4a6d
| -rw-r--r-- | Source/WebKit/android/WebCoreSupport/WebUrlLoaderClient.cpp | 20 | ||||
| -rw-r--r-- | Source/WebKit/android/WebCoreSupport/WebUrlLoaderClient.h | 3 |
2 files changed, 12 insertions, 11 deletions
diff --git a/Source/WebKit/android/WebCoreSupport/WebUrlLoaderClient.cpp b/Source/WebKit/android/WebCoreSupport/WebUrlLoaderClient.cpp index a6e58c8..43037ab 100644 --- a/Source/WebKit/android/WebCoreSupport/WebUrlLoaderClient.cpp +++ b/Source/WebKit/android/WebCoreSupport/WebUrlLoaderClient.cpp @@ -324,16 +324,6 @@ void WebUrlLoaderClient::cancelSslCertError(int cert_error) this->Release(); } -void WebUrlLoaderClient::sslClientCert(EVP_PKEY* pkey, net::X509Certificate* chain) -{ - base::Thread* thread = ioThread(); - scoped_refptr<net::X509Certificate> scopedChain(chain); - if (isActive() && thread) - thread->message_loop()->PostTask(FROM_HERE, NewRunnableMethod(m_request.get(), &WebRequest::sslClientCert, pkey, scopedChain)); - this->Release(); -} - - void WebUrlLoaderClient::finish() { m_finished = true; @@ -492,12 +482,22 @@ void WebUrlLoaderClient::reportSslCertError(int cert_error, net::X509Certificate m_webFrame->reportSslCertError(this, cert_error, chain_bytes[0], m_request->getUrl()); } +void WebUrlLoaderClient::sslClientCert(EVP_PKEY* pkey, net::X509Certificate* chain) +{ + base::Thread* thread = ioThread(); + scoped_refptr<net::X509Certificate> scopedChain(chain); + if (isActive() && thread) + thread->message_loop()->PostTask(FROM_HERE, NewRunnableMethod(m_request.get(), &WebRequest::sslClientCert, pkey, scopedChain)); + this->Release(); +} + void WebUrlLoaderClient::requestClientCert(net::SSLCertRequestInfo* cert_request_info) { if (!isActive()) return; std::string host_and_port = cert_request_info->host_and_port; + this->AddRef(); m_webFrame->requestClientCert(this, host_and_port); } diff --git a/Source/WebKit/android/WebCoreSupport/WebUrlLoaderClient.h b/Source/WebKit/android/WebCoreSupport/WebUrlLoaderClient.h index 5f03339..4463dfb 100644 --- a/Source/WebKit/android/WebCoreSupport/WebUrlLoaderClient.h +++ b/Source/WebKit/android/WebCoreSupport/WebUrlLoaderClient.h @@ -74,7 +74,6 @@ public: void cancelAuth(); void proceedSslCertError(); void cancelSslCertError(int cert_error); - void sslClientCert(EVP_PKEY* pkey, net::X509Certificate* chain); typedef void CallbackFunction(void*); @@ -92,6 +91,8 @@ public: void willSendRequest(PassOwnPtr<WebResponse>); void authRequired(scoped_refptr<net::AuthChallengeInfo>, bool firstTime, bool suppressDialog); void reportSslCertError(int cert_error, net::X509Certificate* cert); + + void sslClientCert(EVP_PKEY* pkey, net::X509Certificate* chain); void requestClientCert(net::SSLCertRequestInfo* cert); // Handle to the chrome IO thread |