[webkit-changes] [259513] trunk/Source/WebCore

Fri, 03 Apr 2020 14:06:25 -0700

Title: [259513] trunk/Source/WebCore
Revision
259513
Author
[email protected]
Date
2020-04-03 14:05:19 -0700 (Fri, 03 Apr 2020)

Log Message

HTMLFormElement should use WeakPtr to keep track of its FormNamedItem
https://bugs.webkit.org/show_bug.cgi?id=209925

Reviewed by Wenson Hsieh.

Like r259393, this patch replaces the HashMap of AtomString to the raw pointer of a FormNamedItem
by a HashMap of AtomString to WeakPtr of a FormNamedItem.

It also replaces a bunch of ASSERT_WITH_SECURITY_IMPLICATIONs with ASSERTs since there are no more
security implications left after this patch.

* html/HTMLFormElement.cpp:
(WebCore::HTMLFormElement::formElementIndex):
(WebCore::HTMLFormElement::removeFormElement):
(WebCore::HTMLFormElement::assertItemCanBeInPastNamesMap const):
(WebCore::HTMLFormElement::elementFromPastNamesMap const):
(WebCore::HTMLFormElement::addToPastNamesMap):
(WebCore::HTMLFormElement::removeFromPastNamesMap):
* html/HTMLFormElement.h:

Modified Paths

Diff

Modified: trunk/Source/WebCore/ChangeLog (259512 => 259513)


--- trunk/Source/WebCore/ChangeLog	2020-04-03 20:55:39 UTC (rev 259512)
+++ trunk/Source/WebCore/ChangeLog	2020-04-03 21:05:19 UTC (rev 259513)
@@ -1,3 +1,25 @@
+2020-04-02  Ryosuke Niwa  <[email protected]>
+
+        HTMLFormElement should use WeakPtr to keep track of its FormNamedItem
+        https://bugs.webkit.org/show_bug.cgi?id=209925
+
+        Reviewed by Wenson Hsieh.
+
+        Like r259393, this patch replaces the HashMap of AtomString to the raw pointer of a FormNamedItem
+        by a HashMap of AtomString to WeakPtr of a FormNamedItem.
+
+        It also replaces a bunch of ASSERT_WITH_SECURITY_IMPLICATIONs with ASSERTs since there are no more
+        security implications left after this patch.
+
+        * html/HTMLFormElement.cpp:
+        (WebCore::HTMLFormElement::formElementIndex):
+        (WebCore::HTMLFormElement::removeFormElement):
+        (WebCore::HTMLFormElement::assertItemCanBeInPastNamesMap const):
+        (WebCore::HTMLFormElement::elementFromPastNamesMap const):
+        (WebCore::HTMLFormElement::addToPastNamesMap):
+        (WebCore::HTMLFormElement::removeFromPastNamesMap):
+        * html/HTMLFormElement.h:
+
 2020-04-03  Tim Horton  <[email protected]>
 
         Add a visual debug indicator for locating and identifying all kinds of WebViews

Modified: trunk/Source/WebCore/html/HTMLFormElement.cpp (259512 => 259513)


--- trunk/Source/WebCore/html/HTMLFormElement.cpp	2020-04-03 20:55:39 UTC (rev 259512)
+++ trunk/Source/WebCore/html/HTMLFormElement.cpp	2020-04-03 21:05:19 UTC (rev 259513)
@@ -504,7 +504,7 @@
     // for performance consideration.
     if (associatedHTMLElement.hasAttributeWithoutSynchronization(formAttr) && associatedHTMLElement.isConnected()) {
         unsigned short position = compareDocumentPosition(associatedHTMLElement);
-        ASSERT_WITH_SECURITY_IMPLICATION(!(position & DOCUMENT_POSITION_DISCONNECTED));
+        ASSERT(!(position & DOCUMENT_POSITION_DISCONNECTED));
         if (position & DOCUMENT_POSITION_PRECEDING) {
             ++m_associatedElementsBeforeIndex;
             ++m_associatedElementsAfterIndex;
@@ -560,7 +560,7 @@
 void HTMLFormElement::removeFormElement(FormAssociatedElement* e)
 {
     unsigned index = m_associatedElements.find(&e->asHTMLElement());
-    ASSERT_WITH_SECURITY_IMPLICATION(index < m_associatedElements.size());
+    ASSERT(index < m_associatedElements.size());
     if (index < m_associatedElementsBeforeIndex)
         --m_associatedElementsBeforeIndex;
     if (index < m_associatedElementsAfterIndex)
@@ -764,58 +764,56 @@
     return validateInteractively();
 }
 
-#ifndef NDEBUG
+#if ASSERT_ENABLED
 void HTMLFormElement::assertItemCanBeInPastNamesMap(FormNamedItem* item) const
 {
-    ASSERT_WITH_SECURITY_IMPLICATION(item);
+    ASSERT(item);
     HTMLElement& element = item->asHTMLElement();
-    ASSERT_WITH_SECURITY_IMPLICATION(element.form() == this);
+    ASSERT(element.form() == this);
 
     if (item->isFormAssociatedElement()) {
-        ASSERT_WITH_SECURITY_IMPLICATION(m_associatedElements.find(&element) != notFound);
+        ASSERT(m_associatedElements.find(&element) != notFound);
         return;
     }
 
-    ASSERT_WITH_SECURITY_IMPLICATION(element.hasTagName(imgTag));
-    ASSERT_WITH_SECURITY_IMPLICATION(m_imageElements.find(&downcast<HTMLImageElement>(element)) != notFound);
+    ASSERT(element.hasTagName(imgTag));
+    ASSERT(m_imageElements.find(&downcast<HTMLImageElement>(element)) != notFound);
 }
-#else
-inline void HTMLFormElement::assertItemCanBeInPastNamesMap(FormNamedItem*) const
-{
-}
 #endif
 
 RefPtr<HTMLElement> HTMLFormElement::elementFromPastNamesMap(const AtomString& pastName) const
 {
-    if (pastName.isEmpty() || !m_pastNamesMap)
+    if (pastName.isEmpty() || m_pastNamesMap.isEmpty())
         return nullptr;
-    FormNamedItem* item = m_pastNamesMap->get(pastName.impl());
-    if (!item)
+    auto weakElement = m_pastNamesMap.get(pastName);
+    if (!weakElement)
         return nullptr;
-    assertItemCanBeInPastNamesMap(item);
-    return &item->asHTMLElement();
+    auto element = makeRefPtr(weakElement.get());
+#if ASSERT_ENABLED
+    assertItemCanBeInPastNamesMap(element->asFormNamedItem());
+#endif
+    return element;
 }
 
 void HTMLFormElement::addToPastNamesMap(FormNamedItem* item, const AtomString& pastName)
 {
+#if ASSERT_ENABLED || ENABLE(SECURITY_ASSERTIONS)
     assertItemCanBeInPastNamesMap(item);
+#endif
     if (pastName.isEmpty())
         return;
-    if (!m_pastNamesMap)
-        m_pastNamesMap = makeUnique<PastNamesMap>();
-    m_pastNamesMap->set(pastName.impl(), item);
+    m_pastNamesMap.set(pastName.impl(), makeWeakPtr(item->asHTMLElement()));
 }
 
 void HTMLFormElement::removeFromPastNamesMap(FormNamedItem* item)
 {
     ASSERT(item);
-    if (!m_pastNamesMap)
+    if (m_pastNamesMap.isEmpty())
         return;
 
-    for (auto& pastName : m_pastNamesMap->values()) {
-        if (pastName == item)
-            pastName = nullptr; // Keep looping. Single element can have multiple names.
-    }
+    m_pastNamesMap.removeIf([&element = item->asHTMLElement()] (auto& iterator) {
+        return iterator.value == &element;
+    });
 }
 
 bool HTMLFormElement::matchesValidPseudoClass() const

Modified: trunk/Source/WebCore/html/HTMLFormElement.h (259512 => 259513)


--- trunk/Source/WebCore/html/HTMLFormElement.h	2020-04-03 20:55:39 UTC (rev 259512)
+++ trunk/Source/WebCore/html/HTMLFormElement.h	2020-04-03 21:05:19 UTC (rev 259513)
@@ -156,7 +156,9 @@
 
     RefPtr<HTMLElement> elementFromPastNamesMap(const AtomString&) const;
     void addToPastNamesMap(FormNamedItem*, const AtomString& pastName);
+#if ASSERT_ENABLED
     void assertItemCanBeInPastNamesMap(FormNamedItem*) const;
+#endif
     void removeFromPastNamesMap(FormNamedItem*);
 
     bool matchesValidPseudoClass() const final;
@@ -164,10 +166,8 @@
 
     void resetAssociatedFormControlElements();
 
-    typedef HashMap<RefPtr<AtomStringImpl>, FormNamedItem*> PastNamesMap;
-
     FormSubmission::Attributes m_attributes;
-    std::unique_ptr<PastNamesMap> m_pastNamesMap;
+    HashMap<AtomString, WeakPtr<HTMLElement>> m_pastNamesMap;
 
     RadioButtonGroups m_radioButtonGroups;
     mutable WeakPtr<HTMLFormControlElement> m_defaultButton;

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to