Title: [186179] trunk/Source/WebKit/mac
Revision
186179
Author
beid...@apple.com
Date
2015-07-01 10:13:04 -0700 (Wed, 01 Jul 2015)

Log Message

REGRESSION (185319): Reproducible crash in WebHistoryItem launching FluidApp.
<rdar://problem/21598293> and https://bugs.webkit.org/show_bug.cgi?id=146494

Reviewed by Darin Adler.

* History/WebHistoryItem.mm:
(-[WebHistoryItem initFromDictionaryRepresentation:]): Don’t reference members of a Vector
  that don’t exist.

Modified Paths

Diff

Modified: trunk/Source/WebKit/mac/ChangeLog (186178 => 186179)


--- trunk/Source/WebKit/mac/ChangeLog	2015-07-01 16:53:20 UTC (rev 186178)
+++ trunk/Source/WebKit/mac/ChangeLog	2015-07-01 17:13:04 UTC (rev 186179)
@@ -1,3 +1,14 @@
+2015-07-01  Brady Eidson  <beid...@apple.com>
+
+        REGRESSION (185319): Reproducible crash in WebHistoryItem launching FluidApp.
+        <rdar://problem/21598293> and https://bugs.webkit.org/show_bug.cgi?id=146494
+
+        Reviewed by Darin Adler.
+
+        * History/WebHistoryItem.mm:
+        (-[WebHistoryItem initFromDictionaryRepresentation:]): Don’t reference members of a Vector
+          that don’t exist.
+
 2015-06-30  Andy VanWagoner  <thetalecraf...@gmail.com>
 
         Implement ECMAScript Internationalization API

Modified: trunk/Source/WebKit/mac/History/WebHistoryItem.mm (186178 => 186179)


--- trunk/Source/WebKit/mac/History/WebHistoryItem.mm	2015-07-01 16:53:20 UTC (rev 186178)
+++ trunk/Source/WebKit/mac/History/WebHistoryItem.mm	2015-07-01 17:13:04 UTC (rev 186179)
@@ -360,15 +360,14 @@
         core(_private)->setLastVisitWasFailure(true);
     
     if (NSArray *redirectURLs = [dict _webkit_arrayForKey:redirectURLsKey]) {
-        NSUInteger size = [redirectURLs count];
         auto redirectURLsVector = std::make_unique<Vector<String>>();
+        redirectURLsVector->reserveInitialCapacity([redirectURLs count]);
 
-        for (NSUInteger i = 0; i < size; ++i) {
-            id redirectURL = [redirectURLs objectAtIndex:i];
+        for (id redirectURL in redirectURLs) {
             if (![redirectURL isKindOfClass:[NSString class]])
                 continue;
 
-            (*redirectURLsVector)[i] = (NSString *)redirectURL;
+            redirectURLsVector->uncheckedAppend((NSString *)redirectURL);
         }
 
         core(_private)->setRedirectURLs(WTF::move(redirectURLsVector));
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to