From 75c3bf048030d8541ff266d87f01303cdc453dfa Mon Sep 17 00:00:00 2001 From: Marshall Greenblatt Date: Tue, 11 Jul 2023 09:41:47 +0300 Subject: [PATCH] Don't run UI thread tasks after calling CefQuitMessageLoop This avoids a situation where misbehaving clients may cause the application to continue running indefinitely by posting new UI thread tasks after calling CefQuitMessageLoop. --- libcef/browser/main_runner.cc | 8 ++++---- libcef/browser/main_runner.h | 2 +- libcef/common/chrome/chrome_main_runner_delegate.cc | 6 +++--- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/libcef/browser/main_runner.cc b/libcef/browser/main_runner.cc index 824e2b24f..80c96262c 100644 --- a/libcef/browser/main_runner.cc +++ b/libcef/browser/main_runner.cc @@ -273,8 +273,8 @@ void CefMainRunner::Shutdown(base::OnceClosure shutdown_on_ui_thread, void CefMainRunner::RunMessageLoop() { base::RunLoop run_loop; - DCHECK(quit_when_idle_callback_.is_null()); - quit_when_idle_callback_ = run_loop.QuitWhenIdleClosure(); + DCHECK(quit_callback_.is_null()); + quit_callback_ = run_loop.QuitClosure(); main_delegate_->BeforeMainMessageLoopRun(&run_loop); @@ -283,11 +283,11 @@ void CefMainRunner::RunMessageLoop() { } void CefMainRunner::QuitMessageLoop() { - if (!quit_when_idle_callback_.is_null()) { + if (!quit_callback_.is_null()) { if (main_delegate_->HandleMainMessageLoopQuit()) { return; } - std::move(quit_when_idle_callback_).Run(); + std::move(quit_callback_).Run(); } } diff --git a/libcef/browser/main_runner.h b/libcef/browser/main_runner.h index 3b612fd17..2ad0e6fc8 100644 --- a/libcef/browser/main_runner.h +++ b/libcef/browser/main_runner.h @@ -89,7 +89,7 @@ class CefMainRunner : public CefMainRunnerHandler { std::unique_ptr ui_thread_; // Used to quit the current base::RunLoop. - base::OnceClosure quit_when_idle_callback_; + base::OnceClosure quit_callback_; }; #endif // CEF_LIBCEF_BROWSER_MAIN_RUNNER_H_ diff --git a/libcef/common/chrome/chrome_main_runner_delegate.cc b/libcef/common/chrome/chrome_main_runner_delegate.cc index 2413c2276..004f98998 100644 --- a/libcef/common/chrome/chrome_main_runner_delegate.cc +++ b/libcef/common/chrome/chrome_main_runner_delegate.cc @@ -61,19 +61,19 @@ void ChromeMainRunnerDelegate::BeforeMainMessageLoopRun( keep_alive_ = std::make_unique( KeepAliveOrigin::APP_CONTROLLER, KeepAliveRestartOption::DISABLED); - // The idle callback will be executed from BrowserProcessImpl::Unpin() via + // The QuitClosure will be executed from BrowserProcessImpl::Unpin() via // KeepAliveRegistry when the last ScopedKeepAlive is released. // ScopedKeepAlives are also held by Browser objects. DCHECK(g_browser_process); static_cast(g_browser_process) - ->SetQuitClosure(run_loop->QuitWhenIdleClosure()); + ->SetQuitClosure(run_loop->QuitClosure()); } bool ChromeMainRunnerDelegate::HandleMainMessageLoopQuit() { // May be called multiple times. See comments in RunMainMessageLoopBefore. keep_alive_.reset(); - // Cancel direct execution of the QuitWhenIdleClosure() in + // Cancel direct execution of the QuitClosure() in // CefMainRunner::QuitMessageLoop. We instead wait for all Chrome browser // windows to exit. return true;