60062 – (CVE-2011-2336) Interrupted transitions are not correctly removed

RESOLVED FIXED 60062

CVE-2011-2336 Interrupted transitions are not correctly removed

https://bugs.webkit.org/show_bug.cgi?id=60062

Summary Interrupted transitions are not correctly removed

Dean Jackson

Reported 2011-05-03 14:07:06 PDT

When a CompositeAnimation creates a new transition for a property, it removes an existing transition if one exists. At the moment it simply deletes it from its list, but since it could potentially be in the list of animations waiting for start time, it isn't being cleared. <rdar://problem/9326422>

Attachments
Sample test (1.36 KB, text/html) 2011-05-03 14:56 PDT, Dean Jackson	no flags	Details
Patch (4.26 KB, patch) 2011-05-03 16:15 PDT, Dean Jackson	simon.fraser: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Dean Jackson

Comment 1 2011-05-03 14:56:28 PDT

Created attachment 92139 [details] Sample test Incomplete test

Dean Jackson

Comment 2 2011-05-03 16:15:34 PDT

Created attachment 92156 [details] Patch

Dean Jackson

Comment 3 2011-05-03 17:32:23 PDT

http://trac.webkit.org/changeset/85693

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware All

OS OS X 10.5

Product WebKit

Component CSS

Assignee

Dean Jackson

Reported

2011-05-03 14:07 PDT

Modified

2011-06-03 11:17 PDT History

CC List

3 users Show

URL

Keywords InRadar

Depends on

Blocks