Fix WeakPersistent null deref [chromium/src : main]

[Thomas Guilbert (Gerrit)]

Attention is currently required from: Yutaka Hirano.

Thomas Guilbert would like Yutaka Hirano to review this change.

View Change

Fix WeakPersistent null deref

This CL adds a check to make sure the HTMLVideoElement is still alive
before accessing it. This happens because the posted lambda runs even
if the WeakPersistent is invalidated.

Bug: 1250995, 1251364
Change-Id: Icc81250721bad83041244e8d9ff5153c5f7afdfa
---
M third_party/blink/renderer/core/html/media/html_video_element.cc
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/third_party/blink/renderer/core/html/media/html_video_element.cc b/third_party/blink/renderer/core/html/media/html_video_element.cc
index 3b5dd16..333991b 100644
--- a/third_party/blink/renderer/core/html/media/html_video_element.cc
+++ b/third_party/blink/renderer/core/html/media/html_video_element.cc
@@ -739,7 +739,7 @@
   lazy_load_intersection_observer_ = nullptr;
 
   auto notify_visible = [](HTMLVideoElement* self) {
-    if (self->web_media_player_)
+    if (self && self->web_media_player_)
       self->web_media_player_->OnBecameVisible();
   };
 

To view, visit change 3176371. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-Project: chromium/src

Gerrit-Branch: main

Gerrit-Change-Id: Icc81250721bad83041244e8d9ff5153c5f7afdfa

Gerrit-Change-Number: 3176371

Gerrit-PatchSet: 1

Gerrit-Owner: Thomas Guilbert <tgui...@chromium.org>

Gerrit-Reviewer: Thomas Guilbert <tgui...@chromium.org>

Gerrit-Reviewer: Yutaka Hirano <yhi...@chromium.org>

Gerrit-CC: chromium...@chromium.org

Gerrit-CC: srirama chandra sekhar <srir...@samsung.com>

Gerrit-Attention: Yutaka Hirano <yhi...@chromium.org>

Gerrit-MessageType: newchange

[Thomas Guilbert (Gerrit)]

Attention is currently required from: Yutaka Hirano.

Patch set 1:Auto-Submit +1Commit-Queue +1

View Change

1 comment:

• Patchset:

  • Patch Set #1:

    PTAL, thanks!

To view, visit change 3176371. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-Project: chromium/src

Gerrit-Branch: main

Gerrit-Change-Id: Icc81250721bad83041244e8d9ff5153c5f7afdfa

Gerrit-Change-Number: 3176371

Gerrit-PatchSet: 1

Gerrit-Owner: Thomas Guilbert <tgui...@chromium.org>

Gerrit-Reviewer: Thomas Guilbert <tgui...@chromium.org>

Gerrit-Reviewer: Yutaka Hirano <yhi...@chromium.org>

Gerrit-CC: chromium...@chromium.org

Gerrit-CC: srirama chandra sekhar <srir...@samsung.com>

Gerrit-Attention: Yutaka Hirano <yhi...@chromium.org>

Gerrit-Comment-Date: Wed, 22 Sep 2021 21:18:55 +0000

Gerrit-HasComments: Yes

Gerrit-Has-Labels: Yes

Gerrit-MessageType: comment

[Yutaka Hirano (Gerrit)]

Attention is currently required from: Thomas Guilbert.

Patch set 1:Code-Review +1Commit-Queue +2

View Change

To view, visit change 3176371. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-Project: chromium/src

Gerrit-Branch: main

Gerrit-Change-Id: Icc81250721bad83041244e8d9ff5153c5f7afdfa

Gerrit-Change-Number: 3176371

Gerrit-PatchSet: 1

Gerrit-Owner: Thomas Guilbert <tgui...@chromium.org>

Gerrit-Reviewer: Thomas Guilbert <tgui...@chromium.org>

Gerrit-Reviewer: Yutaka Hirano <yhi...@chromium.org>

Gerrit-CC: Chromium LUCI CQ <chromiu...@luci-project-accounts.iam.gserviceaccount.com>

Gerrit-CC: chromium...@chromium.org

Gerrit-CC: srirama chandra sekhar <srir...@samsung.com>

Gerrit-Attention: Thomas Guilbert <tgui...@chromium.org>

Gerrit-Comment-Date: Thu, 23 Sep 2021 23:48:38 +0000

Gerrit-HasComments: No

Gerrit-Has-Labels: Yes

Gerrit-MessageType: comment

[Chromium LUCI CQ (Gerrit)]

Chromium LUCI CQ submitted this change.

View Change

Approvals: Yutaka Hirano: Looks good to me; Commit Thomas Guilbert: Send CL to CQ automatically after approval

Fix WeakPersistent null deref

This CL adds a check to make sure the HTMLVideoElement is still alive
before accessing it. This happens because the posted lambda runs even
if the WeakPersistent is invalidated.

Bug: 1250995, 1251364
Change-Id: Icc81250721bad83041244e8d9ff5153c5f7afdfa

Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3176371
Auto-Submit: Thomas Guilbert <tgui...@chromium.org>
Commit-Queue: Yutaka Hirano <yhi...@chromium.org>
Reviewed-by: Yutaka Hirano <yhi...@chromium.org>
Cr-Commit-Position: refs/heads/main@{#924577}

---
M third_party/blink/renderer/core/html/media/html_video_element.cc
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/third_party/blink/renderer/core/html/media/html_video_element.cc b/third_party/blink/renderer/core/html/media/html_video_element.cc
index 3b5dd16..333991b 100644
--- a/third_party/blink/renderer/core/html/media/html_video_element.cc
+++ b/third_party/blink/renderer/core/html/media/html_video_element.cc
@@ -739,7 +739,7 @@
   lazy_load_intersection_observer_ = nullptr;
 
   auto notify_visible = [](HTMLVideoElement* self) {
-    if (self->web_media_player_)
+    if (self && self->web_media_player_)
       self->web_media_player_->OnBecameVisible();
   };
 

To view, visit change 3176371. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-Project: chromium/src

Gerrit-Branch: main

Gerrit-Change-Id: Icc81250721bad83041244e8d9ff5153c5f7afdfa

Gerrit-Change-Number: 3176371

Gerrit-PatchSet: 2

Gerrit-Owner: Thomas Guilbert <tgui...@chromium.org>

Gerrit-Reviewer: Chromium LUCI CQ <chromiu...@luci-project-accounts.iam.gserviceaccount.com>

Gerrit-Reviewer: Thomas Guilbert <tgui...@chromium.org>

Gerrit-Reviewer: Yutaka Hirano <yhi...@chromium.org>

Gerrit-CC: chromium...@chromium.org

Gerrit-CC: srirama chandra sekhar <srir...@samsung.com>

Gerrit-MessageType: merged