Changeset 69514 in webkit


Ignore:
Timestamp:
Oct 11, 2010 12:03:08 PM (13 years ago)
Author:
Joseph Pecoraro
Message:

2010-10-11 Joseph Pecoraro <Joseph Pecoraro>

Reviewed by Eric Carlson.

CRASH at WebCore::HTMLSourceElement::scheduleErrorEvent
https://bugs.webkit.org/show_bug.cgi?id=46777

Another case that could lead to an improper set of states between
m_currentNode and m_loadingState. Also added an ASSERT and early
return to prevent crashes if this case can still happen in other ways.

  • html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::prepareForLoad):
Location:
trunk/WebCore
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/WebCore/ChangeLog

    r69509 r69514  
     12010-10-11  Joseph Pecoraro  <joepeck@webkit.org>
     2
     3        Reviewed by Eric Carlson.
     4
     5        CRASH at WebCore::HTMLSourceElement::scheduleErrorEvent
     6        https://bugs.webkit.org/show_bug.cgi?id=46777
     7
     8        Another case that could lead to an improper set of states between
     9        m_currentNode and m_loadingState. Also added an ASSERT and early
     10        return to prevent crashes if this case can still happen in other ways.
     11
     12        * html/HTMLMediaElement.cpp:
     13        (WebCore::HTMLMediaElement::prepareForLoad):
     14
    1152010-10-11  Ryosuke Niwa  <rniwa@webkit.org>
    216
  • trunk/WebCore/html/HTMLMediaElement.cpp

    r69043 r69514  
    531531
    532532    // 1 - Abort any already-running instance of the resource selection algorithm for this element.
     533    m_loadState = WaitingForSource;
    533534    m_currentSourceNode = 0;
    534535
     
    874875        // <source> children, schedule the next one
    875876        if (m_readyState < HAVE_METADATA && m_loadState == LoadingFromSourceElement) {
     877            ASSERT(m_currentSourceNode);
     878            if (!m_currentSourceNode)
     879                return;
     880
    876881            m_currentSourceNode->scheduleErrorEvent();
    877882            if (havePotentialSourceChild()) {
Note: See TracChangeset for help on using the changeset viewer.