[Webkit-unassigned] [Bug 45835] New: Fix incorrect usage of dissolveDragImageToFraction

Wed Sep 15 14:03:40 PDT 2010

https://bugs.webkit.org/show_bug.cgi?id=45835

           Summary: Fix incorrect usage of dissolveDragImageToFraction
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: PC
        OS/Version: Mac OS X 10.5
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: Platform
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: dcheng at chromium.org

createDragImageForSelection() was ignoring the return value of dissolveDragImageToFraction(). This didn't happen to crash on most platforms, since most implementations simply modified the image that was passed in. However, Chromium Mac's implementation actually creates a new image and returns that instead. This caused us to crash when copying the image from the renderer to the browser process, since the memory had already been freed.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.