Changeset 196367 in webkit
- Timestamp:
- Feb 10, 2016 9:23:22 AM (8 years ago)
- Location:
- trunk/Source/WebCore
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r196365 r196367 1 2016-02-10 Jer Noble <jer.noble@apple.com> 2 3 REGRESSION(r195770): Use-after-free in ResourceLoaderOptions::cachingPolicy 4 https://bugs.webkit.org/show_bug.cgi?id=153727 5 <rdar://problem/24429886> 6 7 Reviewed by Darin Adler. 8 9 Follow-up after r195965. Only protect those parts of CachedResource::removeClient() which 10 affect the MemoryCache when allowsCaching() is false. 11 12 * loader/cache/CachedResource.cpp: 13 (WebCore::CachedResource::removeClient): 14 1 15 2016-02-10 Csaba Osztrogonác <ossy@webkit.org> 2 16 -
trunk/Source/WebCore/loader/cache/CachedResource.cpp
r195965 r196367 488 488 } 489 489 490 if ( !allowsCaching() ||hasClients())490 if (hasClients()) 491 491 return; 492 492 493 493 auto& memoryCache = MemoryCache::singleton(); 494 if ( inCache()) {494 if (allowsCaching() && inCache()) { 495 495 memoryCache.removeFromLiveResourcesSize(*this); 496 496 memoryCache.removeFromLiveDecodedResourcesList(*this); … … 499 499 allClientsRemoved(); 500 500 destroyDecodedDataIfNeeded(); 501 502 if (!allowsCaching()) 503 return; 504 501 505 if (response().cacheControlContainsNoStore() && url().protocolIs("https")) { 502 506 // RFC2616 14.9.2:
Note: See TracChangeset
for help on using the changeset viewer.