diff options
Diffstat (limited to 'www-client/chromium/files/chromium-114-sigsegv-dom.patch')
-rw-r--r-- | www-client/chromium/files/chromium-114-sigsegv-dom.patch | 73 |
1 files changed, 0 insertions, 73 deletions
diff --git a/www-client/chromium/files/chromium-114-sigsegv-dom.patch b/www-client/chromium/files/chromium-114-sigsegv-dom.patch deleted file mode 100644 index fe4c2809693c..000000000000 --- a/www-client/chromium/files/chromium-114-sigsegv-dom.patch +++ /dev/null @@ -1,73 +0,0 @@ -https://chromium.googlesource.com/chromium/src.git/+/2af2d08972d14d5bdd91e0515eb5b15b4444aee9 -blink::HTMLMediaElement::ShouldReusePlayer: avoid dereferencing a potentally NULL domWindow - -The domWindow() method of the Document class can potentially return nullptr -as noted in renderer/core/dom/document.h - -> // A document may or may not have a browsing context -> // (https://html.spec.whatwg.org/#browsing-context). A document with a browsing -> // context is created by navigation, and has a non-null domWindow(), GetFrame(), -> // Loader(), etc., and is visible to the user. It will have a valid -> // GetExecutionContext(), which will be equal to domWindow(). If the Document -> // constructor receives a DocumentInit created WithDocumentLoader(), it will -> // have a browsing context. -> // Documents created by all other APIs do not have a browsing context. These -> // Documents still have a valid GetExecutionContext() (i.e., the domWindow() of -> // the Document in which they were created), so they can still access -> // script, but return null for domWindow(), GetFrame() and Loader(). Generally, -> // they should not downcast the ExecutionContext to a LocalDOMWindow and access -> // the properties of the window directly. - -Upon checking further, the offending document returns null for GetFrame() and -Loader() aswell so this was likely just an oversight and no invariants are being -violated - -Introduced in https://chromium-review.googlesource.com/c/chromium/src/+/4202152 - -More details https://bugs.chromium.org/p/chromium/issues/detail?id=1447388 - -Fixed: 1447388 -Change-Id: I85a6ef52baaac0ec7f5ec188d5d5bb2c518a8ecd -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4546610 -Reviewed-by: Fredrik Söderquist <fs@opera.com> -Commit-Queue: Fredrik Söderquist <fs@opera.com> -Cr-Commit-Position: refs/heads/main@{#1147184} - ---- a/AUTHORS -+++ b/AUTHORS - -@@ -1012,6 +1012,7 @@ - Prashant Hiremath <prashhir@cisco.com> - Prashant Nevase <prashant.n@samsung.com> - Prashant Patil <prashant.patil@imgtec.com> -+Pratham <prathamIN@proton.me> - Praveen Akkiraju <praveen.anp@samsung.com> - Preeti Nayak <preeti.nayak@samsung.com> - Pritam Nikam <pritam.nikam@samsung.com> - ---- a/third_party/blink/renderer/core/html/media/html_media_element.cc -+++ b/third_party/blink/renderer/core/html/media/html_media_element.cc - -@@ -648,6 +648,11 @@ - - bool HTMLMediaElement::ShouldReusePlayer(Document& old_document, - Document& new_document) const { -+ // A NULL frame implies a NULL domWindow, so just check one of them -+ if (!old_document.GetFrame() || !new_document.GetFrame()) { -+ return false; -+ } -+ - // Don't reuse player if the Document Picture-in-Picture API is disabled for - // both documents. - if (!RuntimeEnabledFeatures::DocumentPictureInPictureAPIEnabled( -@@ -657,10 +662,6 @@ - return false; - } - -- if (!old_document.GetFrame() || !new_document.GetFrame()) { -- return false; -- } -- - auto* new_origin = new_document.GetFrame() - ->LocalFrameRoot() - .GetSecurityContext() |