[Webkit-unassigned] [Bug 14935] New: ResourceLoader should call ResourceHandle::setClient(0) after checking it's still the ResourceHandle's client
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Aug 10 16:33:53 PDT 2007
http://bugs.webkit.org/show_bug.cgi?id=14935
Summary: ResourceLoader should call ResourceHandle::setClient(0)
after checking it's still the ResourceHandle's client
Product: WebKit
Version: 522+ (nightly)
Platform: All
OS/Version: All
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: Page Loading
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: anyang.ren at gmail.com
Revision 24624 added ResourceHandle::setClient(). The only call
to this new method is in ResourceLoader::releaseResources, and it
passes 0 as the 'client' argument.
So it's not clear whether ResourceHandle::setClient() is intended
to be called with a non-NULL 'client' argument. That would allow
someone else to change the client of the ResourceHandle created by
ResourceLoader. When that happens, the m_handle->setClient(0) call
in ResourceLoader::releaseResources() would be messing with this
other client, preventing the ResourceHandle from calling back to
this other client.
I think ResourceHandle::setClient() needs to be changed to only
accept a null 'client' argument (or renamed ResourceHandle::clearClient
with no argument), or ResourceLoader::releaseResources() needs to
validate its assumption that it is still the ResourceHandle's client
before calling m_handle->setClient(0). I will attach a patch that
does the latter.
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list