RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-10-31 19:12:43 +00:00
Code Issues Activity Actions

LibWeb: Avoid crashing because of empty incumbent settings object stack

Browse source 
This fixes an issue where we end up in a state where we have no
execution context + a main thread event loop with an empty incumbent
settings object stack.
This commit is contained in:
Kenneth Myhra 2023-12-03 17:43:09 +01:00 committed by Andreas Kling
parent 0a80daef90
commit 000ea9d73b
1 changed files with 13 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

14
Userland/Libraries/LibWeb/FileAPI/Blob.cpp
View file

@ -282,7 +282,19 @@ WebIDL::ExceptionOr<JS::NonnullGCPtr<Streams::ReadableStream>> Blob::get_stream(
// 2. Queue a global task on the file reading task source given blobs relevant global object to perform the following steps:
HTML::queue_global_task(HTML::Task::Source::FileReading, realm.global_object(), [stream, bytes = move(bytes)]() {
HTML::TemporaryExecutionContext execution_context { Bindings::host_defined_environment_settings_object(stream->realm()) };
// NOTE: Using an TemporaryExecutionContext here results in a crash in the method HTML::incumbent_settings_object()
// since we end up in a state where we have no execution context + an event loop with an empty incumbent
// settings object stack. We still need an execution context therefore we push the realm's execution context
// onto the realm's VM, and we need an incumbent settings object which is pushed onto the incumbent settings
// object stack by EnvironmentSettings::prepare_to_run_callback().
auto& realm = stream->realm();
auto& environment_settings = Bindings::host_defined_environment_settings_object(realm);
realm.vm().push_execution_context(environment_settings.realm_execution_context());
environment_settings.prepare_to_run_callback();
ScopeGuard const guard = [&environment_settings, &realm] {
environment_settings.clean_up_after_running_callback();
realm.vm().pop_execution_context();
};
// 1. If bytes is failure, then error stream with a failure reason and abort these steps.
// 2. Let chunk be a new Uint8Array wrapping an ArrayBuffer containing bytes. If creating the ArrayBuffer throws an exception, then error stream with that exception and abort these steps.