[webkit-changes] [186181] trunk/Source/WebCore

[bfulgham]

Title: [186181] trunk/Source/WebCore

Revision

186181

Author

bfulg...@apple.com

Date

2015-07-01 10:35:56 -0700 (Wed, 01 Jul 2015)

Log Message

REGRESSION (r185016): Intermittent crash in WebCore::TextTrackList::remove
https://bugs.webkit.org/show_bug.cgi?id=146493
<rdar://problem/21511122>

Reviewed by Eric Carlson.

The m_textTracks member is frequently null checked during other operations, but
was not checked during track removal. This needs to be corrected.

* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::removeTextTrack): Check that m_textTracks is
not null before using it during track removal.

Modified Paths

• trunk/Source/WebCore/ChangeLog
• trunk/Source/WebCore/html/HTMLMediaElement.cpp

Diff

Modified: trunk/Source/WebCore/ChangeLog (186180 => 186181)

--- trunk/Source/WebCore/ChangeLog	2015-07-01 17:22:27 UTC (rev 186180)
+++ trunk/Source/WebCore/ChangeLog	2015-07-01 17:35:56 UTC (rev 186181)
@@ -1,3 +1,18 @@
+2015-07-01  Brent Fulgham  <bfulg...@apple.com>
+
+        REGRESSION (r185016): Intermittent crash in WebCore::TextTrackList::remove
+        https://bugs.webkit.org/show_bug.cgi?id=146493
+        <rdar://problem/21511122>
+
+        Reviewed by Eric Carlson.
+
+        The m_textTracks member is frequently null checked during other operations, but
+        was not checked during track removal. This needs to be corrected.
+
+        * html/HTMLMediaElement.cpp:
+        (WebCore::HTMLMediaElement::removeTextTrack): Check that m_textTracks is
+        not null before using it during track removal.
+
 2015-07-01  Antti Koivisto  <an...@apple.com>
 
         PNG mask images are loaded with Accept:image/svg+xml

Modified: trunk/Source/WebCore/html/HTMLMediaElement.cpp (186180 => 186181)

--- trunk/Source/WebCore/html/HTMLMediaElement.cpp	2015-07-01 17:22:27 UTC (rev 186180)
+++ trunk/Source/WebCore/html/HTMLMediaElement.cpp	2015-07-01 17:35:56 UTC (rev 186181)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2007-2014 Apple Inc. All rights reserved.
+ * Copyright (C) 2007-2015 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -3509,11 +3509,11 @@
         return;
 
     TrackDisplayUpdateScope scope(this);
-    TextTrackCueList* cues = track->cues();
-    if (cues)
+    if (TextTrackCueList* cues = track->cues())
         textTrackRemoveCues(track, cues);
     track->clearClient();
-    m_textTracks->remove(track, scheduleEvent);
+    if (m_textTracks)
+        m_textTracks->remove(track, scheduleEvent);
 
     closeCaptionTracksChanged();
 }

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes