Electron Releases

Back to PR Lookup
GitHubView on GitHub
codebytere

#49947: fix: potential std::stoi crash in Windows Toasts

Merged
codebytere
Created: Feb 25, 2026, 7:48:39 AM
Merged: Feb 25, 2026, 4:14:45 PM
3 comments
Target: main

Description of Change

Refs #48132

Fixes a bug that could occur if action_index_str contains a non-numeric value. In this case std::stoi throws std::invalid_argument or std::out_of_range, which without exception support crashes the process:

Received fatal exception 0xe06d7363
KERNELBASE!LoadLibraryExW [0x7ffe63023c28+1ea398]

Electron exited with code 3221226505.

Can be reproduced with:

const { Notification, app } = require('electron')

app.whenReady().then(() => {
  const n = new Notification({
    toastXml: `
      <toast launch="type=action&amp;action=NOTANUMBER&amp;tag=12345">
        <visual>
          <binding template="ToastGeneric">
            <text>Crash Test</text>
            <text>Click me to trigger std::stoi crash</text>
          </binding>
        </visual>
        <actions>
          <action content="Bad Button" arguments="type=action&amp;action=NOTANUMBER&amp;tag=12345" activationType="foreground"/>
        </actions>
      </toast>`
  })
  n.show()
})

Checklist

Release Notes

Notes: Fixed an issue where malformed custom toastXml could cause a Notification crash.

Backports

40-x-y
Merged
PR Number
#49952
Merged At
Feb 26, 2026, 1:58:04 AM
Released In
Not yet
Release Date
Not yet
41-x-y
Merged
PR Number
#49953
Merged At
Feb 26, 2026, 12:58:29 AM
Released In
Not yet
Release Date
Not yet

Semver Impact

Major
Breaking changes
Minor
New features
Patch
Bug fixes
None
Docs, tests, etc.

Semantic Versioning helps users understand the impact of updates:

  • Major (X.y.z): Breaking changes that may require code modifications
  • Minor (x.Y.z): New features that maintain backward compatibility
  • Patch (x.y.Z): Bug fixes that don't change the API
  • None: Changes that don't affect using facing parts of Electron