Home Explore 引导页 在线工具 Blog
Register Sign In
Pchen0
/
electron
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

fix: check for destroyed webcontents in converter (#25598)

Jeremy Rose 4 years ago
parent
e6d5fc23a7
commit
96f258b866
2 changed files with 15 additions and 0 deletions
Split View Show Diff Stats
  1. 6 0
      shell/common/gin_converters/content_converter.cc
  2. 9 0
      spec-main/fixtures/crash-cases/webview-attach-destroyed/index.js

+ 6 - 0
shell/common/gin_converters/content_converter.cc
View File 

@@ -237,6 +237,12 @@ v8::Local<v8::Value> Converter<content::WebContents*>::ToV8(
 
 bool Converter<content::WebContents*>::FromV8(v8::Isolate* isolate,
 
                                               v8::Local<v8::Value> val,
 
                                               content::WebContents** out) {
 
+  if (!val->IsObject())
 
+    return false;
 
+  // gin's unwrapping converter doesn't expect the pointer inside to ever be
 
+  // nullptr, so we check here first before attempting to unwrap.
 
+  if (gin_helper::Destroyable::IsDestroyed(val.As<v8::Object>()))
 
+    return false;
 
   electron::api::WebContents* web_contents = nullptr;
 
   if (!gin::ConvertFromV8(isolate, val, &web_contents) || !web_contents)
 
     return false;

+ 9 - 0
spec-main/fixtures/crash-cases/webview-attach-destroyed/index.js
View File 

@@ -0,0 +1,9 @@
 
+const { app, BrowserWindow } = require('electron');
 
+
 
+app.whenReady().then(() => {
 
+  const w = new BrowserWindow({ show: false, webPreferences: { webviewTag: true } });
 
+  w.loadURL('data:text/html,<webview src="data:text/html,hi"></webview>');
 
+  app.on('web-contents-created', () => {
 
+    w.close();
 
+  });
 
+});