[Webkit-unassigned] [Bug 111179] [Cairo] Surface pointer passed to asNewNativeImage() might be freed.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Apr 10 10:20:18 PDT 2014
https://bugs.webkit.org/show_bug.cgi?id=111179
--- Comment #20 from Ed Catmur <ed at catmur.co.uk> 2014-04-10 10:20:37 PST ---
Created an attachment (id=229059)
--> (https://bugs.webkit.org/attachment.cgi?id=229059&action=review)
imageframe-use-refcounted-array.patch
Alternative 2: use a RefCountedArray instead of Vector to hold the image data
This is probably more straightforward. copyImageData is a little inefficient (it unnecessarily memsets the array) but we'd need to add to RefCountedArray (maybe a clone() method) to fix that.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list