|
|
@@ -0,0 +1,35 @@
|
|
|
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
|
+From: Shelley Vohr <[email protected]>
|
|
|
+Date: Thu, 1 Aug 2024 15:30:32 +0200
|
|
|
+Subject: Fix potential draggable region crash when no MainFrameImpl
|
|
|
+
|
|
|
+Fix a crash that can occur when SetSupportsDraggableRegions
|
|
|
+is called with `true` and there is no MainFrameImpl. When MainFrameImpl
|
|
|
+is nullptr, logic currently correctly returns early, but
|
|
|
+supports_draggable_regions_ is set before that happens. As a
|
|
|
+result, when SupportsDraggableRegions() is called, it will return
|
|
|
+true, and thus LocalFrameView::UpdateDocumentDraggableRegions() will
|
|
|
+call DraggableRegionsChanged(). This will trigger a crash in
|
|
|
+WebViewImpl::DraggableRegionsChanged(), as it assumes that
|
|
|
+MainFrameImpl is not null.
|
|
|
+
|
|
|
+Upstreamed in https://chromium-review.googlesource.com/c/chromium/src/+/5756619
|
|
|
+
|
|
|
+diff --git a/third_party/blink/renderer/core/exported/web_view_impl.cc b/third_party/blink/renderer/core/exported/web_view_impl.cc
|
|
|
+index ef68f9cbc63772f50269520fb0198a95e4270947..948cf94e2e4af0bbbf1f9c2322d00075bdaca0b2 100644
|
|
|
+--- a/third_party/blink/renderer/core/exported/web_view_impl.cc
|
|
|
++++ b/third_party/blink/renderer/core/exported/web_view_impl.cc
|
|
|
+@@ -4073,11 +4073,12 @@ bool WebViewImpl::IsFencedFrameRoot() const {
|
|
|
+ }
|
|
|
+
|
|
|
+ void WebViewImpl::SetSupportsDraggableRegions(bool supports_draggable_regions) {
|
|
|
+- supports_draggable_regions_ = supports_draggable_regions;
|
|
|
+ if (!MainFrameImpl() || !MainFrameImpl()->GetFrame()) {
|
|
|
+ return;
|
|
|
+ }
|
|
|
+
|
|
|
++ supports_draggable_regions_ = supports_draggable_regions;
|
|
|
++
|
|
|
+ LocalFrame* local_frame = MainFrameImpl()->GetFrame();
|
|
|
+
|
|
|
+ if (supports_draggable_regions_) {
|
trop[bot]