[Webkit-unassigned] [Bug 41129] CSSSelector: Avoid chaining tagHistory of CSSSelector, which causes stack overflow.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Jul 13 02:40:12 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=41129
Shinichiro Hamaji <hamaji at chromium.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #60092|review? |review-
Flag| |
--- Comment #11 from Shinichiro Hamaji <hamaji at chromium.org> 2010-07-13 02:40:12 PST ---
(From update of attachment 60092)
WebCore/css/CSSParser.h:172
+ CSSSelector* connectFloatingSelector(CSSSelector* ownerSelector, CSSSelector* sinkingSelector, CSSSelector::Relation);
Do we need to return a value?
WebCore/css/CSSParser.cpp:185
+ deleteAllKeys(m_floatingSelectors);
I'm not sure, but now it seems we don't sink floating selectors, so all selectors will be deleted when a parser is destructed?
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list