Title: [224995] trunk/Source/WebCore
- Revision
- 224995
- Author
- [email protected]
- Date
- 2017-11-17 15:34:09 -0800 (Fri, 17 Nov 2017)
Log Message
REGRESSION(r224390): Revert unneeded Ref use.
https://bugs.webkit.org/show_bug.cgi?id=179844
<rdar://problem/35624718>
Reviewed by Chris Dumez.
A Ref was added to a simple code path used for type checking, which introduced a nullptr
deref. The original change was not needed, so let's revert it.
* html/HTMLFrameOwnerElement.cpp:
(WebCore::HTMLFrameOwnerElement::contentDocument const): Use 'nullptr' instead of 0.
(WebCore::HTMLFrameOwnerElement::contentWindow const): Ditto.
(WebCore::HTMLFrameOwnerElement::getSVGDocument const): Revert to original code here.
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (224994 => 224995)
--- trunk/Source/WebCore/ChangeLog 2017-11-17 23:32:49 UTC (rev 224994)
+++ trunk/Source/WebCore/ChangeLog 2017-11-17 23:34:09 UTC (rev 224995)
@@ -1,3 +1,19 @@
+2017-11-17 Brent Fulgham <[email protected]>
+
+ REGRESSION(r224390): Revert unneeded Ref use.
+ https://bugs.webkit.org/show_bug.cgi?id=179844
+ <rdar://problem/35624718>
+
+ Reviewed by Chris Dumez.
+
+ A Ref was added to a simple code path used for type checking, which introduced a nullptr
+ deref. The original change was not needed, so let's revert it.
+
+ * html/HTMLFrameOwnerElement.cpp:
+ (WebCore::HTMLFrameOwnerElement::contentDocument const): Use 'nullptr' instead of 0.
+ (WebCore::HTMLFrameOwnerElement::contentWindow const): Ditto.
+ (WebCore::HTMLFrameOwnerElement::getSVGDocument const): Revert to original code here.
+
2017-11-17 Nan Wang <[email protected]>
AX: AOM: Implement boolean type properties
Modified: trunk/Source/WebCore/html/HTMLFrameOwnerElement.cpp (224994 => 224995)
--- trunk/Source/WebCore/html/HTMLFrameOwnerElement.cpp 2017-11-17 23:32:49 UTC (rev 224994)
+++ trunk/Source/WebCore/html/HTMLFrameOwnerElement.cpp 2017-11-17 23:34:09 UTC (rev 224995)
@@ -93,12 +93,12 @@
Document* HTMLFrameOwnerElement::contentDocument() const
{
- return m_contentFrame ? m_contentFrame->document() : 0;
+ return m_contentFrame ? m_contentFrame->document() : nullptr;
}
DOMWindow* HTMLFrameOwnerElement::contentWindow() const
{
- return m_contentFrame ? m_contentFrame->document()->domWindow() : 0;
+ return m_contentFrame ? m_contentFrame->document()->domWindow() : nullptr;
}
void HTMLFrameOwnerElement::setSandboxFlags(SandboxFlags flags)
@@ -113,9 +113,9 @@
ExceptionOr<Document&> HTMLFrameOwnerElement::getSVGDocument() const
{
- auto document = makeRef(*contentDocument());
+ auto* document = contentDocument();
if (is<SVGDocument>(document))
- return document.get();
+ return *document;
// Spec: http://www.w3.org/TR/SVG/struct.html#InterfaceGetSVGDocument
return Exception { NotSupportedError };
}
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
