Add a nullptr check in blink::RequestCallbacks::onSuccess to fix crash.

third_party/WebKit/Source/modules/credentialmanager/CredentialsContainerTest.cpp

Index: third_party/WebKit/Source/modules/credentialmanager/CredentialsContainerTest.cpp
diff --git a/third_party/WebKit/Source/modules/credentialmanager/CredentialsContainerTest.cpp b/third_party/WebKit/Source/modules/credentialmanager/CredentialsContainerTest.cpp
new file mode 100644
index 0000000000000000000000000000000000000000..d610994fca49de2f5f965b119b769731de9a7be5
--- /dev/null
+++ b/third_party/WebKit/Source/modules/credentialmanager/CredentialsContainerTest.cpp
@@ -0,0 +1,72 @@
+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "modules/credentialmanager/CredentialsContainer.h"
+
+#include <memory>
+
+#include "bindings/core/v8/V8BindingForTesting.h"
+#include "core/testing/DummyPageHolder.h"
+#include "modules/credentialmanager/CredentialManagerClient.h"
+#include "modules/credentialmanager/CredentialRequestOptions.h"
+#include "public/platform/WebCredential.h"
+#include "testing/gmock/include/gmock/gmock.h"
+#include "testing/gtest/include/gtest/gtest.h"
+
+namespace blink {
+
+using ::testing::_;
+using ::testing::SaveArg;
+
+namespace {
+
+class MockCredentialManagerClient : public WebCredentialManagerClient {
+ public:
+  MOCK_METHOD2(DispatchFailedSignIn,
+               void(const WebCredential&, NotificationCallbacks*));
+  MOCK_METHOD2(DispatchStore,
+               void(const WebCredential&, NotificationCallbacks*));
+  MOCK_METHOD1(DispatchRequireUserMediation, void(NotificationCallbacks*));
+  MOCK_METHOD4(DispatchGet,
+               void(bool,
+                    bool,
+                    const WebVector<WebURL>& federations,
+                    RequestCallbacks*));
+};
+
+}  // namespace
+
+// Make a call to CredentialsContainer::get().
+// Clear ScriptState and destroy the frame.
+// Make sure that the renderer doesn't crash if got a credential.
+TEST(CredentialsContainerTest, TestGetWithDocumentDestroyed) {
+  CredentialsContainer* credential_container = CredentialsContainer::Create();
+  std::unique_ptr<WebCredentialManagerClient::RequestCallbacks> get_callback;
+  RefPtr<ScriptState> script_state;
+  {
+    // Set up.
+    V8TestingScope scope;
+    scope.GetDocument().SetSecurityOrigin(
+        SecurityOrigin::CreateFromString("https://example.test"));
+    testing::StrictMock<MockCredentialManagerClient> mock_client;
+    ProvideCredentialManagerClientTo(scope.GetPage(),
+                                     new CredentialManagerClient(&mock_client));
+    script_state = scope.GetScriptState();
+
+    // Request a credential.
+    WebCredentialManagerClient::RequestCallbacks* callback = nullptr;
+    EXPECT_CALL(mock_client, DispatchGet(_, _, _, _))
+        .WillOnce(SaveArg<3>(&callback));
+    credential_container->get(script_state.Get(), CredentialRequestOptions());
+
+    ASSERT_TRUE(callback);
+    get_callback.reset(callback);
+  }
+
+  // Clear ScriptState explicitly. Invoking the callback shouldn't crash.
+  script_state->ClearContext();
+  get_callback->OnSuccess(std::unique_ptr<WebCredential>());
+}
+
+}  // namespace blink