[webkit-dev] Lets use PassRefPtr for arguments less; lets use RefPtr for locals and data members more
rniwa at webkit.org
Sun Jun 19 14:03:20 PDT 2011
On Sun, Jun 19, 2011 at 12:48 PM, Darin Adler <darin at apple.com> wrote:
> > Con (of abandoning PassRefPtr for function arguments entirely):
> > Possible accidental freed memory access bugs.
> I think the reverse of this Con is one of the stronger Pro arguments for
> using PassRefPtr even more for arguments rather than my proposal to use it
> less. Object lifetime mistakes are much less likely when raw pointers are
> kept to an absolute minimum. I thought about this when reviewing the design
> of Automatic Reference Counting. The ARC design largely eliminates raw
> pointers for Objective-C objects.
One of the most common security bugs I have seen in editing is that we keep
a raw pointer to a node and call some helper method that modifies DOM
(therefore invoking scripts).
I'm sometimes tempted to replace all instances of Node* in the editing
component by RefPtr/PassRefPtr.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the webkit-dev