[SCM] WebKit Debian packaging branch, debian/experimental, updated. upstream/1.3.3-9427-gc2be6fc
benm at google.com
benm at google.com
Wed Dec 22 16:33:08 UTC 2010
The following commit has been merged in the debian/experimental branch:
commit a83d040e5de58e82a071306eed3f29e36d447c01
Author: benm at google.com <benm at google.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Thu Nov 25 18:36:21 2010 +0000
2010-11-25 Ben Murdoch <benm at google.com>
Reviewed by Steve Block.
Potential crash in JavaClassV8.cpp
https://bugs.webkit.org/show_bug.cgi?id=50016
It is possible that we attempt to free uninitialised
memory in the JavaClass destrctor when using V8 in the
case that the JVM could not find the class in the constructor.
It turns out that the troublesome m_name is not acutally
used anywhere, so we remove it in this patch.
No new tests, just removing dead code.
* bridge/jni/v8/JavaClassV8.cpp: Remove unused m_name.
* bridge/jni/v8/JavaClassV8.h: Ditto.
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@72740 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index 403ef8f..8335354 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,22 @@
+2010-11-25 Ben Murdoch <benm at google.com>
+
+ Reviewed by Steve Block.
+
+ Potential crash in JavaClassV8.cpp
+ https://bugs.webkit.org/show_bug.cgi?id=50016
+
+ It is possible that we attempt to free uninitialised
+ memory in the JavaClass destrctor when using V8 in the
+ case that the JVM could not find the class in the constructor.
+
+ It turns out that the troublesome m_name is not acutally
+ used anywhere, so we remove it in this patch.
+
+ No new tests, just removing dead code.
+
+ * bridge/jni/v8/JavaClassV8.cpp: Remove unused m_name.
+ * bridge/jni/v8/JavaClassV8.h: Ditto.
+
2010-11-25 Hans Wennborg <hans at chromium.org>
Reviewed by Jeremy Orlow.
diff --git a/WebCore/bridge/jni/v8/JavaClassV8.cpp b/WebCore/bridge/jni/v8/JavaClassV8.cpp
index 04f8822..1d381af 100644
--- a/WebCore/bridge/jni/v8/JavaClassV8.cpp
+++ b/WebCore/bridge/jni/v8/JavaClassV8.cpp
@@ -26,7 +26,6 @@
#include "config.h"
#include "JavaClassV8.h"
-
using namespace JSC::Bindings;
JavaClass::JavaClass(jobject anInstance)
@@ -38,11 +37,6 @@ JavaClass::JavaClass(jobject anInstance)
return;
}
- jstring className = static_cast<jstring>(callJNIMethod<jobject>(aClass, "getName", "()Ljava/lang/String;"));
- const char* classNameC = getCharactersFromJString(className);
- m_name = strdup(classNameC);
- releaseCharactersForJString(className, classNameC);
-
int i;
JNIEnv* env = getJNIEnv();
@@ -82,8 +76,6 @@ JavaClass::JavaClass(jobject anInstance)
JavaClass::~JavaClass()
{
- free(const_cast<char*>(m_name));
-
deleteAllValues(m_fields);
m_fields.clear();
diff --git a/WebCore/bridge/jni/v8/JavaClassV8.h b/WebCore/bridge/jni/v8/JavaClassV8.h
index 0c1d627..99137f1 100644
--- a/WebCore/bridge/jni/v8/JavaClassV8.h
+++ b/WebCore/bridge/jni/v8/JavaClassV8.h
@@ -49,7 +49,6 @@ public:
JavaField* fieldNamed(const char* name) const;
private:
- const char* m_name;
MethodListMap m_methods;
FieldMap m_fields;
};
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list