[webkit-reviews] review denied: [Bug 22834] Mismatched memory free in the new CSSSelectorList : [Attachment 26026] Patch v2
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Dec 15 14:53:09 PST 2008
Darin Adler <darin at apple.com> has denied Brett Wilson (Google)
<brettw at chromium.org>'s request for review:
Bug 22834: Mismatched memory free in the new CSSSelectorList
https://bugs.webkit.org/show_bug.cgi?id=22834
Attachment 26026: Patch v2
https://bugs.webkit.org/attachment.cgi?id=26026&action=review
------- Additional Comments from Darin Adler <darin at apple.com>
Sadly, this is still wrong, but now it's wrong for the case where parsing
failed.
In ~CSSParser(), deleteAllValues(m_floatingSelectors) is called, which will
call delete on any selectors that are still in the m_floatingSelectors HashSet.
So we can't allocate them in a way where delete won't work.
Maybe the best design is to add a function to CSSSelector that causes it to
drop its data, and call it before calling delete in
CSSSelectorList::adoptSelectorVector. It would be enough to just clear out the
m_data union.
More information about the webkit-reviews
mailing list