Avoid nullptr deref when requesting http auth for non-webcontents requests

chrome/browser/ui/login/login_handler.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/ui/login/login_handler.h"
 
 #include <string>
 #include <vector>
 
 #include "base/bind.h"
@@ skipping 98 matching lines @@
       password_manager_(NULL),
       login_model_(NULL) {
   // This constructor is called on the I/O thread, so we cannot load the nib
   // here. BuildViewImpl() will be invoked on the UI thread later, so wait with
   // loading the nib until then.
   DCHECK(request_) << "LoginHandler constructed with NULL request";
   DCHECK(auth_info_.get()) << "LoginHandler constructed with NULL auth info";
 
   AddRef();  // matched by LoginHandler::ReleaseSoon().
 
-  BrowserThread::PostTask(
-      BrowserThread::UI, FROM_HERE,
-      base::Bind(&LoginHandler::AddObservers, this));
-
   const content::ResourceRequestInfo* info =
       ResourceRequestInfo::ForRequest(request);
   DCHECK(info);
   web_contents_getter_ = info->GetWebContentsGetterForRequest();
+
+  BrowserThread::PostTask(
+      BrowserThread::UI, FROM_HERE,
+      base::Bind(&LoginHandler::AddObservers, this));
 }
 
 void LoginHandler::OnRequestCancelled() {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)) <<
       "Why is OnRequestCancelled called from the UI thread?";
 
   // Reference is no longer valid.
   request_ = NULL;
 
   // Give up on auth if the request was cancelled. Since the dialog was canceled
@@ skipping 194 matching lines @@
 
   // This is probably OK; we need to listen to everything and we break out of
   // the Observe() if we aren't handling the same auth_info().
   registrar_.reset(new content::NotificationRegistrar);
   registrar_->Add(this, chrome::NOTIFICATION_AUTH_SUPPLIED,
                   content::NotificationService::AllBrowserContextsAndSources());
   registrar_->Add(this, chrome::NOTIFICATION_AUTH_CANCELLED,
                   content::NotificationService::AllBrowserContextsAndSources());
 
 #if !defined(OS_ANDROID)
-  dialog_helper_.reset(new AppModalDialogHelper(GetWebContentsForLogin()));
+  WebContents* requesting_contents = GetWebContentsForLogin();
+  if (requesting_contents)
+    dialog_helper_.reset(new AppModalDialogHelper(requesting_contents));
 #endif
 }
 
 void LoginHandler::RemoveObservers() {
   DCHECK_CURRENTLY_ON(BrowserThread::UI);
 
   registrar_.reset();
 }
 
 void LoginHandler::NotifyAuthSupplied(const base::string16& username,
@@ skipping 305 matching lines @@
   bool is_main_frame =
       (request->load_flags() & net::LOAD_MAIN_FRAME_DEPRECATED) != 0;
   LoginHandler* handler = LoginHandler::Create(auth_info, request);
   BrowserThread::PostTask(
       BrowserThread::UI, FROM_HERE,
       base::Bind(&LoginHandler::LoginDialogCallback, request->url(),
                  base::RetainedRef(auth_info), base::RetainedRef(handler),
                  is_main_frame));
   return handler;
 }