SerializedScriptValue passed to postMessage() cannot be null

https://bugs.webkit.org/show_bug.cgi?id=178550

Reviewed by Youenn Fablet.

SerializedScriptValue passed to postMessage() cannot be null. Therefore, we
should use Ref<> type, not RefPtr<>.

* dom/MessagePortChannel.h:
* dom/default/PlatformMessagePortChannel.cpp:
(WebCore::MessagePortChannel::postMessageToRemote):
* workers/WorkerGlobalScopeProxy.h:
* workers/WorkerMessagingProxy.cpp:
(WebCore::WorkerMessagingProxy::postMessageToWorkerObject):
(WebCore::WorkerMessagingProxy::postMessageToWorkerGlobalScope):
* workers/WorkerMessagingProxy.h:
* workers/WorkerObjectProxy.h:
* workers/service/context/ServiceWorkerThread.cpp:

Canonical link: https://commits.webkit.org/194744@main
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@223732 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebCore/ChangeLog

@@ -1,3 +1,24 @@
+2017-10-19  Chris Dumez  <cdumez@apple.com>
+
+        SerializedScriptValue passed to postMessage() cannot be null
+        https://bugs.webkit.org/show_bug.cgi?id=178550
+
+        Reviewed by Youenn Fablet.
+
+        SerializedScriptValue passed to postMessage() cannot be null. Therefore, we
+        should use Ref<> type, not RefPtr<>.
+
+        * dom/MessagePortChannel.h:
+        * dom/default/PlatformMessagePortChannel.cpp:
+        (WebCore::MessagePortChannel::postMessageToRemote):
+        * workers/WorkerGlobalScopeProxy.h:
+        * workers/WorkerMessagingProxy.cpp:
+        (WebCore::WorkerMessagingProxy::postMessageToWorkerObject):
+        (WebCore::WorkerMessagingProxy::postMessageToWorkerGlobalScope):
+        * workers/WorkerMessagingProxy.h:
+        * workers/WorkerObjectProxy.h:
+        * workers/service/context/ServiceWorkerThread.cpp:
+
 2017-10-19  Daniel Bates  <dabates@apple.com>
 
         Use "= default" to denote default constructor or destructor

Source/WebCore/dom/MessagePortChannel.h

@@ -82,7 +82,7 @@ namespace WebCore {
         bool hasPendingActivity();
 
         // Sends a message and optional cloned port to the remote port.
-        void postMessageToRemote(Ref<SerializedScriptValue>&&, std::unique_ptr<MessagePortChannelArray>);
+        void postMessageToRemote(Ref<SerializedScriptValue>&&, std::unique_ptr<MessagePortChannelArray>&&);
 
         // Extracts a message from the message queue for this port.
         std::unique_ptr<EventData> takeMessageFromRemote();

Source/WebCore/dom/default/PlatformMessagePortChannel.cpp

@@ -80,7 +80,7 @@ void MessagePortChannel::disentangle()
         remote->setRemotePort(nullptr);
 }
 
-void MessagePortChannel::postMessageToRemote(Ref<SerializedScriptValue>&& message, std::unique_ptr<MessagePortChannelArray> channels)
+void MessagePortChannel::postMessageToRemote(Ref<SerializedScriptValue>&& message, std::unique_ptr<MessagePortChannelArray>&& channels)
 {
     LockHolder lock(m_channel->m_mutex);
     if (!m_channel->m_outgoingQueue)

Source/WebCore/workers/WorkerGlobalScopeProxy.h

@@ -52,7 +52,7 @@ class WorkerGlobalScopeProxy {
 
     virtual void startWorkerGlobalScope(const URL& scriptURL, const String& userAgent, const String& sourceCode, const ContentSecurityPolicyResponseHeaders&, bool shouldBypassMainWorldContentSecurityPolicy, MonotonicTime timeOrigin, JSC::RuntimeFlags, PAL::SessionID) = 0;
     virtual void terminateWorkerGlobalScope() = 0;
-    virtual void postMessageToWorkerGlobalScope(RefPtr<SerializedScriptValue>&&, std::unique_ptr<MessagePortChannelArray>) = 0;
+    virtual void postMessageToWorkerGlobalScope(Ref<SerializedScriptValue>&&, std::unique_ptr<MessagePortChannelArray>&&) = 0;
     virtual bool hasPendingActivity() const = 0;
     virtual void workerObjectDestroyed() = 0;
     virtual void notifyNetworkStateChange(bool isOnline) = 0;

Source/WebCore/workers/WorkerMessagingProxy.cpp

@@ -94,7 +94,7 @@ void WorkerMessagingProxy::startWorkerGlobalScope(const URL& scriptURL, const St
     m_inspectorProxy->workerStarted(m_scriptExecutionContext.get(), thread.ptr(), scriptURL);
 }
 
-void WorkerMessagingProxy::postMessageToWorkerObject(RefPtr<SerializedScriptValue>&& message, std::unique_ptr<MessagePortChannelArray> channels)
+void WorkerMessagingProxy::postMessageToWorkerObject(Ref<SerializedScriptValue>&& message, std::unique_ptr<MessagePortChannelArray>&& channels)
 {
     m_scriptExecutionContext->postTask([this, channels = WTFMove(channels), message = WTFMove(message)] (ScriptExecutionContext& context) mutable {
         Worker* workerObject = this->workerObject();
@@ -106,7 +106,7 @@ void WorkerMessagingProxy::postMessageToWorkerObject(RefPtr<SerializedScriptValu
     });
 }
 
-void WorkerMessagingProxy::postMessageToWorkerGlobalScope(RefPtr<SerializedScriptValue>&& message, std::unique_ptr<MessagePortChannelArray> channels)
+void WorkerMessagingProxy::postMessageToWorkerGlobalScope(Ref<SerializedScriptValue>&& message, std::unique_ptr<MessagePortChannelArray>&& channels)
 {
     if (m_askedToTerminate)
         return;

Source/WebCore/workers/WorkerMessagingProxy.h

@@ -47,14 +47,14 @@ class WorkerMessagingProxy final : public ThreadSafeRefCounted<WorkerMessagingPr
     // (Only use these functions in the worker object thread.)
     void startWorkerGlobalScope(const URL& scriptURL, const String& userAgent, const String& sourceCode, const ContentSecurityPolicyResponseHeaders&, bool shouldBypassMainWorldContentSecurityPolicy, MonotonicTime timeOrigin, JSC::RuntimeFlags, PAL::SessionID) final;
     void terminateWorkerGlobalScope() final;
-    void postMessageToWorkerGlobalScope(RefPtr<SerializedScriptValue>&&, std::unique_ptr<MessagePortChannelArray>) final;
+    void postMessageToWorkerGlobalScope(Ref<SerializedScriptValue>&&, std::unique_ptr<MessagePortChannelArray>&&) final;
     bool hasPendingActivity() const final;
     void workerObjectDestroyed() final;
     void notifyNetworkStateChange(bool isOnline) final;
 
     // Implementations of WorkerObjectProxy.
     // (Only use these functions in the worker context thread.)
-    void postMessageToWorkerObject(RefPtr<SerializedScriptValue>&&, std::unique_ptr<MessagePortChannelArray>) final;
+    void postMessageToWorkerObject(Ref<SerializedScriptValue>&&, std::unique_ptr<MessagePortChannelArray>&&) final;
     void postExceptionToWorkerObject(const String& errorMessage, int lineNumber, int columnNumber, const String& sourceURL) final;
     void postMessageToPageInspector(const String&) final;
     void confirmMessageFromWorkerObject(bool hasPendingActivity) final;

Source/WebCore/workers/WorkerObjectProxy.h

@@ -41,7 +41,7 @@ namespace WebCore {
     // A proxy to talk to the worker object.
     class WorkerObjectProxy : public WorkerReportingProxy {
     public:
-        virtual void postMessageToWorkerObject(RefPtr<SerializedScriptValue>&&, std::unique_ptr<MessagePortChannelArray>) = 0;
+        virtual void postMessageToWorkerObject(Ref<SerializedScriptValue>&&, std::unique_ptr<MessagePortChannelArray>&&) = 0;
 
         virtual void confirmMessageFromWorkerObject(bool hasPendingActivity) = 0;
         virtual void reportPendingActivity(bool hasPendingActivity) = 0;

Source/WebCore/workers/service/context/ServiceWorkerThread.cpp

@@ -55,7 +55,7 @@ class ServiceWorkerThreadProxy : public WorkerLoaderProxy, public WorkerObjectPr
     void postExceptionToWorkerObject(const String&, int, int, const String&) final { };
     void postMessageToPageInspector(const String&) final { };
     void workerGlobalScopeDestroyed() final { };
-    void postMessageToWorkerObject(RefPtr<SerializedScriptValue>&&, std::unique_ptr<MessagePortChannelArray>) final { };
+    void postMessageToWorkerObject(Ref<SerializedScriptValue>&&, std::unique_ptr<MessagePortChannelArray>&&) final { };
     void confirmMessageFromWorkerObject(bool) final { };
     void reportPendingActivity(bool) final { };
 };