[webkit-reviews] review requested: [Bug 10022] REGRESSION: Crash in
WebCore::XMLTokenizer::characters : [Attachment 9578] Patch
bugzilla-request-daemon at opendarwin.org
bugzilla-request-daemon at opendarwin.org
Wed Jul 19 23:49:10 PDT 2006
Mark Rowe (bdash) <opendarwin.org at bdash.net.nz> has asked for review:
Bug 10022: REGRESSION: Crash in WebCore::XMLTokenizer::characters
http://bugzilla.opendarwin.org/show_bug.cgi?id=10022
Attachment 9578: Patch
http://bugzilla.opendarwin.org/attachment.cgi?id=9578&action=edit
------- Additional Comments from Mark Rowe (bdash)
<opendarwin.org at bdash.net.nz>
Occasionally when parsing is paused and then resumed, data may have arrived
that when parsed causes callbacks to be queued. If XMLTokenizer::finish() has
been called while the parser was paused, then we call end() to clean up the
parse. This results in the current node being cleared, which causes a crash
when the callbacks are finally processed.
More information about the webkit-reviews
mailing list