Bug 136492

Summary:

[Win] Potential overrelease of AVCFURLAssetRef

Product:

WebKit

Reporter:

Brent Fulgham <bfulgham>

Component:

Media

Assignee:

Brent Fulgham <bfulgham>

Status:

RESOLVED FIXED

Severity:

Major

CC:

bfulgham, commit-queue, eric.carlson, glenn, jer.noble, philipj, sergio, webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

528+ (Nightly build)

Hardware:

OS:

All

Attachments:

Description	Flags
Patch	eric.carlson: review+

Brent Fulgham

Reported 2014-09-03 12:08:17 PDT

Very rarely, the AVCFURLAssetRef associated with a media element can change from its original state. When this happens, we adopt the new AVCFURLAssetRef without incrementing its retain count. Later, when the AVFWrapper is destroyed it calls Release on this item causing a double-release.

Attachments
Patch (1.56 KB, patch) 2014-09-03 12:16 PDT, Brent Fulgham	eric.carlson: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Brent Fulgham

Comment 1 2014-09-03 12:08:47 PDT

<rdar://problem/18206746>

Brent Fulgham

Comment 2 2014-09-03 12:16:46 PDT

Created attachment 237568 [details] Patch

Brent Fulgham

Comment 3 2014-09-03 12:22:31 PDT

Committed r173216: <http://trac.webkit.org/changeset/173216>

Note You need to log in before you can comment on or make changes to this bug.