projects / profile / ivi / webkit-efl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2e53075) | patch
Heap-use-after-free in WebKit::MainThreadFileSystemCallbacks
authorkinuko@chromium.org <kinuko@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 25 Jun 2012 16:30:49 +0000 (16:30 +0000)
committerkinuko@chromium.org <kinuko@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 25 Jun 2012 16:30:49 +0000 (16:30 +0000)
commit0967721522030e7e44eda89b0015f27de56019a1
tree0e90def0010ec764bf7c6253ca0b21f631c96891tree | snapshot
parent2e53075daf31a5db8b44d2caebb6d8c330366b43commit | diff
Heap-use-after-free in WebKit::MainThreadFileSystemCallbacks
https://bugs.webkit.org/show_bug.cgi?id=87019

Reviewed by David Levin.

Should not access the CallbacksBridge's member field after it's freed.

* src/WorkerFileSystemCallbacksBridge.cpp:
(WebKit::WorkerFileSystemCallbacksBridge::cleanUpAfterCallback):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@121160 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Source/WebKit/chromium/ChangeLog diff | blob | history
Source/WebKit/chromium/src/WorkerFileSystemCallbacksBridge.cpp diff | blob | history
Domain: Web Framework / Uncategorized;