Bug 98234
| Summary: | HTMLFormElement::m_elementAliases might cause a leak | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | WebKit Review Bot <webkit.review.bot> |
| Component: | New Bugs | Assignee: | Adam Barth <abarth> |
| Status: | RESOLVED CONFIGURATION CHANGED | ||
| Severity: | Normal | CC: | abarth, deepak.deepakmittal, joepeck |
| Priority: | P2 | ||
| Version: | 528+ (Nightly build) | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
WebKit Review Bot
HTMLFormElement::m_elementAliases might cause a leak
Requested by abarth on #webkit.
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Adam Barth
From inspecting the code, it looks like the following will cause HTMLFormElement::m_elementAliases to hold a RefPtr to a parent of the form element.
1) Get a form element by name (so that the form element is stored in m_elementAliases).
2) Reparent the <form> under that element
Note: I haven't actually tested this issue.
It likely can be fixed by clearing m_elementAliases when HTMLFormElement is moved.
Adam Barth
11:15 PM <othermaciej> There's also I think an attribute to explicitly make a form association, rather than implicitly; not sure if that could also cause the problem
11:15 PM <othermaciej> the form="" attribute
11:16 PM <othermaciej> it looks like <object> will respect the form="" attribute in our implementation, which may be a bug
11:17 PM <othermaciej> nope, correct per spec
11:17 PM <othermaciej> an <object>, <textarea> or <select> could be the ancestor of its associated form just in markup, w/o reparenting
Adam Barth
11:19 PM <othermaciej> oh, I guess <object> is not an HTMLFormConrolElement so can't be in the alias map
Deepak Mittal
I am not able to find m_elementAliases in HTMLFormElement.cpp/h files, I think the code has been changed the issue has been filed..
please check the issue on the latest code..so that we can work on this or close this issue..
Deepak Mittal
Joseph Pecoraro
Yep, this member no longer exists. Closing.