Bug 136492

Summary: [Win] Potential overrelease of AVCFURLAssetRef
Product: WebKit Reporter: Brent Fulgham <bfulgham>
Component: MediaAssignee: Brent Fulgham <bfulgham>
Status: RESOLVED FIXED    
Severity: Major CC: bfulgham, commit-queue, eric.carlson, glenn, jer.noble, philipj, sergio, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: 528+ (Nightly build)   
Hardware: PC   
OS: All   
Attachments:
Description Flags
Patch eric.carlson: review+

Description Brent Fulgham 2014-09-03 12:08:17 PDT 
Very rarely, the AVCFURLAssetRef associated with a media element can change from its original state. When this happens, we adopt the new AVCFURLAssetRef without incrementing its retain count. Later, when the AVFWrapper is destroyed it calls Release on this item causing a double-release.
Comment 1 Brent Fulgham 2014-09-03 12:08:47 PDT 
<rdar://problem/18206746>
Comment 2 Brent Fulgham 2014-09-03 12:16:46 PDT 
Created attachment 237568 [details]
Patch
Comment 3 Brent Fulgham 2014-09-03 12:22:31 PDT 
Committed r173216: <http://trac.webkit.org/changeset/173216>