Bug 60062 (CVE-2011-2336) - Interrupted transitions are not correctly removed
Summary: Interrupted transitions are not correctly removed
Status: RESOLVED FIXED
Alias: CVE-2011-2336
Product: WebKit
Classification: Unclassified
Component: CSS (show other bugs)
Version: 528+ (Nightly build)
Hardware: All OS X 10.5
: P2 Normal
Assignee: Dean Jackson
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2011-05-03 14:07 PDT by Dean Jackson
Modified: 2011-06-03 11:17 PDT (History)
3 users (show)

See Also:

Attachments
Sample test (1.36 KB, text/html)
2011-05-03 14:56 PDT, Dean Jackson 		no flags Details
Patch (4.26 KB, patch)
2011-05-03 16:15 PDT, Dean Jackson 		simon.fraser: review+
Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Dean Jackson 2011-05-03 14:07:06 PDT 
When a CompositeAnimation creates a new transition for a property, it removes an existing transition if one exists. At the moment it simply deletes it from its list, but since it could potentially be in the list of animations waiting for start time, it isn't being cleared. 

<rdar://problem/9326422>
Comment 1 Dean Jackson 2011-05-03 14:56:28 PDT 
Created attachment 92139 [details]
Sample test

Incomplete test
Comment 2 Dean Jackson 2011-05-03 16:15:34 PDT 
Created attachment 92156 [details]
Patch
Comment 3 Dean Jackson 2011-05-03 17:32:23 PDT 
http://trac.webkit.org/changeset/85693