Bug 86510

Summary:

[BlobBuilder] BlobBuilder not holding references to appended Blobs?

Product:

WebKit

Reporter:

Eric U. <ericu>

Component:

WebCore Misc.

Assignee:

Nobody <webkit-unassigned>

Status:

NEW

Severity:

Normal

CC:

ap, jianli, kinuko, michaeln

Priority:

Version:

528+ (Nightly build)

Hardware:

All

OS:

All

Attachments:

Description	Flags
Repro case	none

Eric U.

Reported 2012-05-15 12:43:56 PDT

Created attachment 142031 [details] Repro case See https://code.google.com/p/chromium/issues/detail?id=128222 for more info, but I'll attach the test file here too just in case. I looks to me like when we call BlobBuilder's append(blob), we don't store a reference to the blob anywhere, so it can get garbage-collected before we try to access its data. So far as I know this only affects chromium currently, but the bug's probably all in webcore.

Attachments
Repro case (1.39 KB, text/html) 2012-05-15 12:43 PDT, Eric U.	no flags	Details
View All Add attachment proposed patch, testcase, etc.

Note You need to log in before you can comment on or make changes to this bug.