PR #50032 | Electron Releases

Back to PR Lookup

View on GitHub

#50032: fix: prevent use-after-free in permission request callbacks

Merged

codebytere

Created: Mar 2, 2026, 11:37:51 AM

Merged: Mar 2, 2026, 6:01:25 PM

4 comments

Target: main

Description of Change

EnterFullscreenModeForTab, RequestPointerLock, and RequestKeyboardLock bind callbacks with base::Unretained(this); fullscreen also captures a raw RenderFrameHost*. These callbacks may be invoked by the app's JS permission handler after the WebContents or RenderFrameHost is destroyed.

Use GetWeakPtr() in all three call sites, and capture a GlobalRenderFrameHostToken instead of the raw RenderFrameHost* for fullscreen so the pointer is resolved and null-checked only when the
callback fires. Cancel in-flight permission requests from ~WebContents() via ElectronPermissionManager::CancelPendingRequests() so stale callbacks are never handed back to JS.

Checklist

PR description included
npm test passes
PR release notes describe the change in a way relevant to app developers, and are capitalized, punctuated, and past tense.

Release Notes

Notes: none

Backports

39-x-y

Merged

PR Number

#50035

Merged At

Mar 3, 2026, 8:13:37 AM

Released In

v39.8.0

Release Date

Mar 3, 2026, 10:03:24 AM

40-x-y

Merged

PR Number

#50036

Merged At

Mar 2, 2026, 10:44:51 PM

Released In

v40.7.0

Release Date

Mar 3, 2026, 10:03:33 AM

41-x-y

Merged

PR Number

#50034

Merged At

Mar 2, 2026, 10:45:46 PM

Released In

Not yet

Release Date

Not yet

Semver Impact

Major

Breaking changes

Minor

New features

Patch

Bug fixes

None

Docs, tests, etc.

Semantic Versioning helps users understand the impact of updates:

Major (X.y.z): Breaking changes that may require code modifications
Minor (x.Y.z): New features that maintain backward compatibility
Patch (x.y.Z): Bug fixes that don't change the API
None: Changes that don't affect using facing parts of Electron