Title: [154889] trunk/Source/WebCore
- Revision
- 154889
- Author
- [email protected]
- Date
- 2013-08-30 09:40:01 -0700 (Fri, 30 Aug 2013)
Log Message
Possible dangling CachedResourceClient of StyleRuleImport and XSLImportRule
https://bugs.webkit.org/show_bug.cgi?id=120479
Patch by Leo Yang <[email protected]> on 2013-08-30
Reviewed by Darin Adler.
In StyleRuleImport::requestStyleSheet() and XSLImportRule::loadSheet() we
didn't call removeClient() for m_cachedSheet before assigning m_cachedSheet
a new value. This could leave the client as a client of the old cached
sheet and dangling after the client is deleted. Fix them by calling removeClient()
before assigning m_cacheSheet a new value.
Found by code inspection. Seems no way to test it automatically.
* css/StyleRuleImport.cpp:
(WebCore::StyleRuleImport::requestStyleSheet):
* xml/XSLImportRule.cpp:
(WebCore::XSLImportRule::loadSheet):
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (154888 => 154889)
--- trunk/Source/WebCore/ChangeLog 2013-08-30 16:39:12 UTC (rev 154888)
+++ trunk/Source/WebCore/ChangeLog 2013-08-30 16:40:01 UTC (rev 154889)
@@ -1,3 +1,23 @@
+2013-08-30 Leo Yang <[email protected]>
+
+ Possible dangling CachedResourceClient of StyleRuleImport and XSLImportRule
+ https://bugs.webkit.org/show_bug.cgi?id=120479
+
+ Reviewed by Darin Adler.
+
+ In StyleRuleImport::requestStyleSheet() and XSLImportRule::loadSheet() we
+ didn't call removeClient() for m_cachedSheet before assigning m_cachedSheet
+ a new value. This could leave the client as a client of the old cached
+ sheet and dangling after the client is deleted. Fix them by calling removeClient()
+ before assigning m_cacheSheet a new value.
+
+ Found by code inspection. Seems no way to test it automatically.
+
+ * css/StyleRuleImport.cpp:
+ (WebCore::StyleRuleImport::requestStyleSheet):
+ * xml/XSLImportRule.cpp:
+ (WebCore::XSLImportRule::loadSheet):
+
2013-08-30 Gabor Abraham <[email protected]>
Fix unused parameter warning in graphics/cairo/GraphicsContextCairo.cpp file.
Modified: trunk/Source/WebCore/css/StyleRuleImport.cpp (154888 => 154889)
--- trunk/Source/WebCore/css/StyleRuleImport.cpp 2013-08-30 16:39:12 UTC (rev 154888)
+++ trunk/Source/WebCore/css/StyleRuleImport.cpp 2013-08-30 16:40:01 UTC (rev 154889)
@@ -119,6 +119,8 @@
CachedResourceRequest request(ResourceRequest(absURL), m_parentStyleSheet->charset());
request.setInitiator(cachedResourceRequestInitiators().css);
+ if (m_cachedSheet)
+ m_cachedSheet->removeClient(&m_styleSheetClient);
if (m_parentStyleSheet->isUserStyleSheet())
m_cachedSheet = cachedResourceLoader->requestUserCSSStyleSheet(request);
else
Modified: trunk/Source/WebCore/xml/XSLImportRule.cpp (154888 => 154889)
--- trunk/Source/WebCore/xml/XSLImportRule.cpp 2013-08-30 16:39:12 UTC (rev 154888)
+++ trunk/Source/WebCore/xml/XSLImportRule.cpp 2013-08-30 16:40:01 UTC (rev 154889)
@@ -100,6 +100,8 @@
}
CachedResourceRequest request(ResourceRequest(cachedResourceLoader->document()->completeURL(absHref)));
+ if (m_cachedSheet)
+ m_cachedSheet->removeClient(this);
m_cachedSheet = cachedResourceLoader->requestXSLStyleSheet(request);
if (m_cachedSheet) {
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
