On Sun, Jun 19, 2011 at 12:48 PM, Darin Adler <da...@apple.com> wrote: > > > Con (of abandoning PassRefPtr for function arguments entirely): > > > Possible accidental freed memory access bugs. > > I think the reverse of this Con is one of the stronger Pro arguments for > using PassRefPtr even more for arguments rather than my proposal to use it > less. Object lifetime mistakes are much less likely when raw pointers are > kept to an absolute minimum. I thought about this when reviewing the design > of Automatic Reference Counting. The ARC design largely eliminates raw > pointers for Objective-C objects. >
One of the most common security bugs I have seen in editing is that we keep a raw pointer to a node and call some helper method that modifies DOM (therefore invoking scripts). I'm sometimes tempted to replace all instances of Node* in the editing component by RefPtr/PassRefPtr. - Ryosuke
_______________________________________________ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev