Cherry-pick 1d32f0c. rdar://123161979

Add some missing null checks for WebAuthn extension options rdar://123161979 Reviewed by Brent Fulgham. Add some missing null checks for WebAuthn extension options. * Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm: (WebKit::WebAuthenticatorCoordinatorProxy::requestsForRegisteration): (WebKit::WebAuthenticatorCoordinatorProxy::requestsForAssertion): Canonical link: https://commits.webkit.org/274952@main Canonical link: https://commits.webkit.org/272448.577@safari-7618.1.15.10-branch
WebKit · Feb 18, 2024 · 61a02ce · 61a02ce
1 parent eb07012
commit 61a02ce
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm b/Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm
@@ -215,7 +215,7 @@ static inline ASAuthorizationPublicKeyCredentialLargeBlobSupportRequirement toAS
             request.get().attestationPreference = toAttestationConveyancePreference(options.attestation).get();
         if (options.authenticatorSelection)
             request.get().userVerificationPreference = toASUserVerificationPreference(options.authenticatorSelection->userVerification).get();
-        if (options.extensions->largeBlob) {
+        if (options.extensions && options.extensions->largeBlob) {
             // These are satisfied by validation in AuthenticatorCoordinator.
             ASSERT(!options.extensions->largeBlob->read && !options.extensions->largeBlob->write);
             request.get().largeBlob = adoptNS([allocASAuthorizationPublicKeyCredentialLargeBlobRegistrationInputInstance() initWithSupportRequirement:toASAuthorizationPublicKeyCredentialLargeBlobSupportRequirement(options.extensions->largeBlob->support)]).get();
@@ -271,7 +271,7 @@ static inline ASAuthorizationPublicKeyCredentialLargeBlobSupportRequirement toAS
         RetainPtr request = adoptNS([[allocASAuthorizationPlatformPublicKeyCredentialProviderInstance() initWithRelyingPartyIdentifier:options.rpId] createCredentialAssertionRequestWithClientData:clientData.get()]);
         if (platformAllowedCredentials)
             request.get().allowedCredentials = platformAllowedCredentials.get();
-        if (options.extensions->largeBlob) {
+        if (options.extensions && options.extensions->largeBlob) {
             // These are satisfied by validation in AuthenticatorCoordinator.
             ASSERT(!options.extensions->largeBlob->support);
             ASSERT(!(options.extensions->largeBlob->read && options.extensions->largeBlob->write));