[SCM] WebKit Debian packaging branch, debian/experimental, updated. upstream/1.3.3-9427-gc2be6fc
andreas.kling at nokia.com
andreas.kling at nokia.com
Wed Dec 22 13:28:33 UTC 2010
The following commit has been merged in the debian/experimental branch:
commit 5116be2c8d0d660d3ebf09b136cd7a394fb6100f
Author: andreas.kling at nokia.com <andreas.kling at nokia.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Thu Sep 16 17:21:02 2010 +0000
2010-09-16 Andreas Kling <andreas.kling at nokia.com>
Reviewed by Simon Fraser.
CSS: Fix crash in getTimingFunctionValue()
https://bugs.webkit.org/show_bug.cgi?id=45896
Use a RefPtr to avoid deleting the TimingFunction prematurely.
This is covered by existing tests, e.g transitions/inherit-other-props.html
but will only actually crash on picky platforms (or in valgrind.)
* css/CSSComputedStyleDeclaration.cpp:
(WebCore::getTimingFunctionValue):
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@67634 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index f50b62d..688d49c 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,18 @@
+2010-09-16 Andreas Kling <andreas.kling at nokia.com>
+
+ Reviewed by Simon Fraser.
+
+ CSS: Fix crash in getTimingFunctionValue()
+ https://bugs.webkit.org/show_bug.cgi?id=45896
+
+ Use a RefPtr to avoid deleting the TimingFunction prematurely.
+
+ This is covered by existing tests, e.g transitions/inherit-other-props.html
+ but will only actually crash on picky platforms (or in valgrind.)
+
+ * css/CSSComputedStyleDeclaration.cpp:
+ (WebCore::getTimingFunctionValue):
+
2010-09-16 Pavel Feldman <pfeldman at chromium.org>
Reviewed by Yury Semikhatsky.
diff --git a/WebCore/css/CSSComputedStyleDeclaration.cpp b/WebCore/css/CSSComputedStyleDeclaration.cpp
index ce96e1c..ab96347 100644
--- a/WebCore/css/CSSComputedStyleDeclaration.cpp
+++ b/WebCore/css/CSSComputedStyleDeclaration.cpp
@@ -527,12 +527,12 @@ static PassRefPtr<CSSValue> getTimingFunctionValue(const AnimationList* animList
}
} else {
// Note that initialAnimationTimingFunction() is used for both transitions and animations
- const TimingFunction* tf = Animation::initialAnimationTimingFunction().get();
+ RefPtr<TimingFunction> tf = Animation::initialAnimationTimingFunction();
if (tf->isCubicBezierTimingFunction()) {
- const CubicBezierTimingFunction* ctf = static_cast<const CubicBezierTimingFunction*>(tf);
+ const CubicBezierTimingFunction* ctf = static_cast<const CubicBezierTimingFunction*>(tf.get());
list->append(CSSCubicBezierTimingFunctionValue::create(ctf->x1(), ctf->y1(), ctf->x2(), ctf->y2()));
} else if (tf->isStepsTimingFunction()) {
- const StepsTimingFunction* stf = static_cast<const StepsTimingFunction*>(tf);
+ const StepsTimingFunction* stf = static_cast<const StepsTimingFunction*>(tf.get());
list->append(CSSStepsTimingFunctionValue::create(stf->numberOfSteps(), stf->stepAtStart()));
} else {
list->append(CSSLinearTimingFunctionValue::create());
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list