On Sun, Jun 19, 2011 at 2:05 PM, Darin Adler <da...@apple.com> wrote:
> On Jun 19, 2011, at 2:03 PM, Ryosuke Niwa wrote: > > > One of the most common security bugs I have seen in editing is that we > keep a raw pointer to a node and call some helper method that modifies DOM > (therefore invoking scripts). > > > > I'm sometimes tempted to replace all instances of Node* in the editing > component by RefPtr/PassRefPtr. > > I suspect that if the data members and local variables had type RefPtr, > then it mostly wouldn’t matter if argument types were PassRefPtr or raw > pointers for this purpose. > Right, although it's tricky to catch cases where we call a function that takes multiple arguments (one of them being Node*) with the return value of a function that modifies DOM. - Ryosuke
_______________________________________________ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev