Changeset 128431 in webkit
- Timestamp:
- Sep 13, 2012, 2:11:04 AM (13 years ago)
- Location:
- trunk/Source/WebCore
- Files:
-
- 2 edited
-
ChangeLog (modified) (1 diff)
-
platform/efl/RenderThemeEfl.cpp (modified) (4 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r128428 r128431 1 2012-09-13 Mikhail Pozdnyakov <mikhail.pozdnyakov@intel.com> 2 3 [EFL] REGRESSION (r128274): fast/overflow/overflow-height-float-not-removed-crash.html 4 https://bugs.webkit.org/show_bug.cgi?id=96619 5 6 Reviewed by Kenneth Rohde Christiansen. 7 8 ThemePartCacheEntry::create() can return '0' if creation fails, this was not checked 9 while Theme Part cache populating. A NULL pointer was dereferenced then causing crash. 10 11 Test: fast/overflow/overflow-height-float-not-removed-crash.html. 12 13 * platform/efl/RenderThemeEfl.cpp: 14 (WebCore::RenderThemeEfl::getThemePartFromCache): 15 1 16 2012-09-13 Filip Pizlo <fpizlo@apple.com> 2 17 -
trunk/Source/WebCore/platform/efl/RenderThemeEfl.cpp
r128311 r128431 279 279 for (size_t i = 0; it != end; i++, it++) { 280 280 ThemePartCacheEntry* entry = *it; 281 ASSERT(entry); 281 282 if (entry->size == size) { 282 283 if (entry->type == type) … … 288 289 if (m_partCache.size() < RENDER_THEME_EFL_PART_CACHE_MAX) { 289 290 ThemePartCacheEntry* entry = ThemePartCacheEntry::create(themePath(), type, size); 290 m_partCache.prepend(entry); 291 if (entry) // Can be '0', if creation fails. Do not store it in this case. 292 m_partCache.prepend(entry); 291 293 return entry; 292 294 } … … 297 299 if (lastWithRequestedSize != notFound && lastWithRequestedSize != 1) { 298 300 ThemePartCacheEntry* entry = m_partCache.at(lastWithRequestedSize); 301 ASSERT(entry); 299 302 entry->reuse(themePath(), type); 300 303 m_partCache.remove(lastWithRequestedSize); … … 304 307 305 308 ThemePartCacheEntry* entry = m_partCache.last(); 309 ASSERT(entry); 306 310 entry->reuse(themePath(), type, size); 307 311 m_partCache.removeLast();
Note:
See TracChangeset
for help on using the changeset viewer.
