[SCM] WebKit Debian packaging branch, debian/unstable, updated. debian/1.1.15-1-40151-g37bb677

mjs mjs at 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Sat Sep 26 06:25:14 UTC 2009 

The following commit has been merged in the debian/unstable branch:
commit fc49beb14b7a73e88ed5fcece8a5114650ee06c9
Author: mjs <mjs at 268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date:   Thu Jul 18 19:05:34 2002 +0000

    	Avoid throwing an exception while stopping animations. Image
    	renders were getting into the array multiple times, which means
    	the code that iterated over the array backwards could throw an
    	exception, because callling removeObject: on the array would remove
    	all instances of the object.
    
    	This probably fixes the following crashers, and a bunch of huge leaks:
    
    	Radar 2999853 - Uninitialized memory access in plugins on theonion.com
    	Radar 2999892 - Crash disconnecting view from next view chain on theonion.com
    	Radar 2999911 - Infinite loop in [WebHTMLView dealloc], resulting in crash
    
            * WebCoreSupport.subproj/WebImageRenderer.m:
            (-[WebImageRenderer scheduleFrame]): Move adding to array of image
    	renderers from here...
            (-[WebImageRenderer beginAnimationInRect:fromRect:]): To here.
    
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@1590 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/WebKit/ChangeLog b/WebKit/ChangeLog
index a19a2ae..131bece 100644
--- a/WebKit/ChangeLog
+++ b/WebKit/ChangeLog
@@ -1,3 +1,22 @@
+2002-07-18  Maciej Stachowiak  <mjs at apple.com>
+
+	Avoid throwing an exception while stopping animations. Image
+	renders were getting into the array multiple times, which means
+	the code that iterated over the array backwards could throw an
+	exception, because callling removeObject: on the array would remove
+	all instances of the object.
+
+	This probably fixes the following crashers, and a bunch of huge leaks:
+
+	Radar 2999853 - Uninitialized memory access in plugins on theonion.com
+	Radar 2999892 - Crash disconnecting view from next view chain on theonion.com
+	Radar 2999911 - Infinite loop in [WebHTMLView dealloc], resulting in crash
+	
+        * WebCoreSupport.subproj/WebImageRenderer.m:
+        (-[WebImageRenderer scheduleFrame]): Move adding to array of image
+	renderers from here...
+        (-[WebImageRenderer beginAnimationInRect:fromRect:]): To here.
+
 === Alexander-13 ===
 
 2002-07-18  Maciej Stachowiak  <mjs at apple.com>
diff --git a/WebKit/ChangeLog-2002-12-03 b/WebKit/ChangeLog-2002-12-03
index a19a2ae..131bece 100644
--- a/WebKit/ChangeLog-2002-12-03
+++ b/WebKit/ChangeLog-2002-12-03
@@ -1,3 +1,22 @@
+2002-07-18  Maciej Stachowiak  <mjs at apple.com>
+
+	Avoid throwing an exception while stopping animations. Image
+	renders were getting into the array multiple times, which means
+	the code that iterated over the array backwards could throw an
+	exception, because callling removeObject: on the array would remove
+	all instances of the object.
+
+	This probably fixes the following crashers, and a bunch of huge leaks:
+
+	Radar 2999853 - Uninitialized memory access in plugins on theonion.com
+	Radar 2999892 - Crash disconnecting view from next view chain on theonion.com
+	Radar 2999911 - Infinite loop in [WebHTMLView dealloc], resulting in crash
+	
+        * WebCoreSupport.subproj/WebImageRenderer.m:
+        (-[WebImageRenderer scheduleFrame]): Move adding to array of image
+	renderers from here...
+        (-[WebImageRenderer beginAnimationInRect:fromRect:]): To here.
+
 === Alexander-13 ===
 
 2002-07-18  Maciej Stachowiak  <mjs at apple.com>
diff --git a/WebKit/WebCoreSupport.subproj/WebImageRenderer.m b/WebKit/WebCoreSupport.subproj/WebImageRenderer.m
index ae8b1af..aa4fbc3 100644
--- a/WebKit/WebCoreSupport.subproj/WebImageRenderer.m
+++ b/WebKit/WebCoreSupport.subproj/WebImageRenderer.m
@@ -146,11 +146,6 @@ static NSMutableArray *activeImageRenderers;
                                                     selector:@selector(nextFrame:)
                                                     userInfo:nil
                                                     repeats:NO] retain];
-
-    if (!activeImageRenderers) {
-        activeImageRenderers = [[NSMutableArray alloc] init];
-    }
-    [activeImageRenderers addObject:self];
 }
 
 - (void)nextFrame:(id)context
@@ -215,6 +210,10 @@ static NSMutableArray *activeImageRenderers;
         targetRect = ir;
         frameView = [[NSView focusView] retain];
         [self scheduleFrame];
+	if (!activeImageRenderers) {
+	    activeImageRenderers = [[NSMutableArray alloc] init];
+	}
+	[activeImageRenderers addObject:self];
     }
 }
 

-- 
WebKit Debian packaging

More information about the Pkg-webkit-commits mailing list