RESOLVED FIXED 21526
The hashmap webPreferencesInstances in WebPreferences.cpp can potentially hold onto stale instances of WebPreferences 
https://bugs.webkit.org/show_bug.cgi?id=21526
Summary The hashmap webPreferencesInstances in WebPreferences.cpp can potentially hol...
Ada Chan
Reported 2008-10-10 11:50:15 PDT
webPreferencesInstances does not keep a reference to all the instances it holds. So if you call WebPreferences::initWithIdentifier() to make a WebPreferences object and then release it, the hashmap still holds a stale pointer to that instance, and next time initWithIdentifier() is called again with the same identifier, it'll return the stale object.
Attachments
Patch (4.44 KB, patch)
2008-10-10 12:37 PDT, Ada Chan 		aroben: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Ada Chan
Comment 1 2008-10-10 12:37:42 PDT
Created attachment 24270 [details] Patch
Adam Roben (:aroben)
Comment 2 2008-10-10 12:59:24 PDT
Comment on attachment 24270 [details] Patch 3 https://bugs.webkit.org/show_bug.cgi?id=21526 We normally put the title of the bug in the ChangeLog as well. 619 preferences = 0; 620 if (identifier) { 621 WebPreferences::removeReferenceForIdentifier(identifier); 622 SysFreeString(identifier); 623 } It might be worth adding a comment here about why we release preferences first. r=me
Ada Chan
Comment 3 2008-10-10 13:36:51 PDT
Will address feedback from aroben
Ada Chan
Comment 4 2008-10-10 13:43:41 PDT
Fixed in r37489
Note You need to log in before you can comment on or make changes to this bug.