[webkit-changes] [WebKit/WebKit] 40f4e5: Fix use-after-free in WebCore::StyleGradientImage ...
Commit Queue
noreply at github.com
Sat Dec 10 13:41:30 PST 2022
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 40f4e5e1facea60ca8d6e709d3c5d9d97a33e105
https://github.com/WebKit/WebKit/commit/40f4e5e1facea60ca8d6e709d3c5d9d97a33e105
Author: David Kilzer <ddkilzer at apple.com>
Date: 2022-12-10 (Sat, 10 Dec 2022)
Changed paths:
M Source/WebCore/rendering/style/StyleGradientImage.cpp
Log Message:
-----------
Fix use-after-free in WebCore::StyleGradientImage constructor
https://bugs.webkit.org/show_bug.cgi?id=249061
<rdar://103202572>
Reviewed by Sam Weinig.
Fix use-after-move by replacing `stops` with `m_stops` when
calling stopsAreCacheable() to initialize
`m_knownCacheableBarringFilter`.
* Source/WebCore/rendering/style/StyleGradientImage.cpp:
(WebCore::StyleGradientImage::StyleGradientImage):
Canonical link: https://commits.webkit.org/257686@main
More information about the webkit-changes
mailing list