Skip to site navigation (Press enter)

[webkit-changes] [197402] trunk/Source/WebKit2

carlosgc Tue, 01 Mar 2016 09:43:02 -0800

Title: [197402] trunk/Source/WebKit2

Revision: 197402
Author: [email protected]
Date: 2016-03-01 09:42:35 -0800 (Tue, 01 Mar 2016)

Log Message

NetworkCache: Web process leaks resource buffer when using shareable reasources
https://bugs.webkit.org/show_bug.cgi?id=154852


Reviewed by Darin Adler.

ResourceLoader::didReceiveBuffer() expects a PassRefPtr, but we
are passing a raw pointer making PassRefPtr to take another
reference instead of transfering the ownership as expected.

* WebProcess/Network/WebResourceLoader.cpp:
(WebKit::WebResourceLoader::didReceiveResource):

Modified Paths

trunk/Source/WebKit2/ChangeLog
trunk/Source/WebKit2/WebProcess/Network/WebResourceLoader.cpp

Diff

Modified: trunk/Source/WebKit2/ChangeLog (197401 => 197402)


--- trunk/Source/WebKit2/ChangeLog	2016-03-01 17:33:47 UTC (rev 197401)
+++ trunk/Source/WebKit2/ChangeLog	2016-03-01 17:42:35 UTC (rev 197402)
@@ -1,3 +1,17 @@
+2016-03-01  Carlos Garcia Campos  <[email protected]>
+
+        NetworkCache: Web process leaks resource buffer when using shareable reasources
+        https://bugs.webkit.org/show_bug.cgi?id=154852
+
+        Reviewed by Darin Adler.
+
+        ResourceLoader::didReceiveBuffer() expects a PassRefPtr, but we
+        are passing a raw pointer making PassRefPtr to take another
+        reference instead of transfering the ownership as expected.
+
+        * WebProcess/Network/WebResourceLoader.cpp:
+        (WebKit::WebResourceLoader::didReceiveResource):
+
 2016-02-29  Zan Dobersek  <[email protected]>
 
         ThreadedCompositor: clean up composition-specific resources before shutting down the thread

Modified: trunk/Source/WebKit2/WebProcess/Network/WebResourceLoader.cpp (197401 => 197402)


--- trunk/Source/WebKit2/WebProcess/Network/WebResourceLoader.cpp	2016-03-01 17:33:47 UTC (rev 197401)
+++ trunk/Source/WebKit2/WebProcess/Network/WebResourceLoader.cpp	2016-03-01 17:42:35 UTC (rev 197402)
@@ -194,8 +194,8 @@
     Ref<WebResourceLoader> protect(*this);
 
     // Only send data to the didReceiveData callback if it exists.
-    if (buffer->size())
-        m_coreLoader->didReceiveBuffer(buffer.get(), buffer->size(), DataPayloadWholeResource);
+    if (unsigned bufferSize = buffer->size())
+        m_coreLoader->didReceiveBuffer(buffer.release(), bufferSize, DataPayloadWholeResource);
 
     if (!m_coreLoader)
         return;

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes