[Webkit-unassigned] [Bug 77817] CachedResourceLoader is destroyed before CSSFontSelector is destroyed
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sat Feb 4 18:49:09 PST 2012
https://bugs.webkit.org/show_bug.cgi?id=77817
Ryosuke Niwa <rniwa at webkit.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|Use-after-free: |CachedResourceLoader is
|CachedResourceLoader is |destroyed before
|destroyed before |CSSFontSelector is
|CSSFontSelector is |destroyed
|destroyed |
Product|Security |WebKit
Version|Other |528+ (Nightly build)
Component|Security |Page Loading
AssignedTo|webkit-security-unassigned@ |webkit-unassigned at lists.web
|lists.webkit.org |kit.org
Group|Security-Sensitive |
--- Comment #6 from Ryosuke Niwa <rniwa at webkit.org> 2012-02-04 18:49:07 PST ---
Actually, this isn't a use-after-free since CSSFontSelector accesses CachedResourceLoader through Document.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list