Changeset 86200 in webkit
- Timestamp:
- May 10, 2011 5:46:02 PM (13 years ago)
- Location:
- trunk/Source/WebCore
- Files:
-
- 2 edited
-
ChangeLog (modified) (1 diff)
-
platform/network/mac/ResourceHandleMac.mm (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r86199 r86200 1 2011-05-10 Pratik Solanki <psolanki@apple.com> 2 3 Reviewed by Alexey Proskuryakov. 4 5 Protect self in [WebCoreResourceHandleAsDelegate connection:didReceiveDataArray:] 6 https://bugs.webkit.org/show_bug.cgi?id=60594 7 <rdar://problem/9203259> 8 9 No tests since we don't have any bots testing CFNETWORK_DATA_ARRAY_CALLBACK. 10 11 * platform/network/mac/ResourceHandleMac.mm: 12 (-[WebCoreResourceHandleAsDelegate connection:didReceiveDataArray:]): The didReceiveData() 13 callback on client can result in the load being cancelled. This results in the delegate 14 (self) being freed. Protect self during the loop so we can check for m_handle and safely 15 return without crashing. 16 1 17 2011-05-10 Chris Guillory <chris.guillory@google.com> 2 18 -
trunk/Source/WebCore/platform/network/mac/ResourceHandleMac.mm
r85256 r86200 827 827 m_handle->client()->didReceiveDataArray(m_handle, reinterpret_cast<CFArrayRef>(dataArray)); 828 828 else { 829 for (NSData *data in dataArray) 829 // The call to didReceiveData below could cancel a load, which would result in the delegate 830 // (self) being released. 831 RetainPtr<WebCoreResourceHandleAsDelegate> protect(self); 832 for (NSData *data in dataArray) { 833 if (!m_handle) 834 break; 830 835 m_handle->client()->didReceiveData(m_handle, static_cast<const char*>([data bytes]), [data length], static_cast<int>([data length])); 836 } 831 837 } 832 838 return;
Note: See TracChangeset
for help on using the changeset viewer.
