[SCM] WebKit Debian packaging branch, debian/unstable, updated. debian/1.1.15-1-40151-g37bb677

mjs mjs at 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Sat Sep 26 07:59:44 UTC 2009 

The following commit has been merged in the debian/unstable branch:
commit 497cf209f6f37a39098ad66b25594e4e3e7c760d
Author: mjs <mjs at 268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date:   Mon Oct 6 20:28:50 2003 +0000

    	Reviewed by Ken.
    
    	- fixed 3444255 - REGRESSION: www.aa.com crashes (innerHTML)
    
            * khtml/html/html_elementimpl.cpp:
            (HTMLElementImpl::createContextualFragment): Keep the fragment
    	ref'd since the tokenizer will ref and deref it. Then turn
    	TreeShared's evil against itself to get the fragment back in the
    	floating 0-ref state.
            * khtml/html/html_elementimpl.h: Remove stray whitespace.
            * khtml/html/htmlparser.cpp:
            (KHTMLParser::KHTMLParser): Initialize current to 0 in the other
    	constructor too.
    
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@5139 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/WebCore/ChangeLog-2003-10-25 b/WebCore/ChangeLog-2003-10-25
index b291eb2..14bb709 100644
--- a/WebCore/ChangeLog-2003-10-25
+++ b/WebCore/ChangeLog-2003-10-25
@@ -1,3 +1,19 @@
+2003-10-05  Maciej Stachowiak  <mjs at apple.com>
+
+	Reviewed by Ken.
+
+	- fixed 3444255 - REGRESSION: www.aa.com crashes (innerHTML)
+
+        * khtml/html/html_elementimpl.cpp:
+        (HTMLElementImpl::createContextualFragment): Keep the fragment
+	ref'd since the tokenizer will ref and deref it. Then turn
+	TreeShared's evil against itself to get the fragment back in the
+	floating 0-ref state.
+        * khtml/html/html_elementimpl.h: Remove stray whitespace.
+        * khtml/html/htmlparser.cpp:
+        (KHTMLParser::KHTMLParser): Initialize current to 0 in the other
+	constructor too.
+
 2003-10-06  Darin Adler  <darin at apple.com>
 
         * khtml/ecma/kjs_css.lut.h:
diff --git a/WebCore/ChangeLog-2005-08-23 b/WebCore/ChangeLog-2005-08-23
index b291eb2..14bb709 100644
--- a/WebCore/ChangeLog-2005-08-23
+++ b/WebCore/ChangeLog-2005-08-23
@@ -1,3 +1,19 @@
+2003-10-05  Maciej Stachowiak  <mjs at apple.com>
+
+	Reviewed by Ken.
+
+	- fixed 3444255 - REGRESSION: www.aa.com crashes (innerHTML)
+
+        * khtml/html/html_elementimpl.cpp:
+        (HTMLElementImpl::createContextualFragment): Keep the fragment
+	ref'd since the tokenizer will ref and deref it. Then turn
+	TreeShared's evil against itself to get the fragment back in the
+	floating 0-ref state.
+        * khtml/html/html_elementimpl.h: Remove stray whitespace.
+        * khtml/html/htmlparser.cpp:
+        (KHTMLParser::KHTMLParser): Initialize current to 0 in the other
+	constructor too.
+
 2003-10-06  Darin Adler  <darin at apple.com>
 
         * khtml/ecma/kjs_css.lut.h:
diff --git a/WebCore/khtml/html/html_elementimpl.cpp b/WebCore/khtml/html/html_elementimpl.cpp
index 0628e63..495e7d2 100644
--- a/WebCore/khtml/html/html_elementimpl.cpp
+++ b/WebCore/khtml/html/html_elementimpl.cpp
@@ -416,6 +416,7 @@ DocumentFragmentImpl *HTMLElementImpl::createContextualFragment( const DOMString
         return NULL;
 
     DocumentFragmentImpl *fragment = new DocumentFragmentImpl( docPtr() );
+    fragment->ref();
     {
         HTMLTokenizer tok( docPtr(), fragment );
         tok.begin();
@@ -461,6 +462,12 @@ DocumentFragmentImpl *HTMLElementImpl::createContextualFragment( const DOMString
 	}
     }
 
+    // Trick to get the fragment back to the floating state, with 0
+    // refs but not destroyed.
+    fragment->setParent(this);
+    fragment->deref();
+    fragment->setParent(0);
+
     return fragment;
 }
 
diff --git a/WebCore/khtml/html/html_elementimpl.h b/WebCore/khtml/html/html_elementimpl.h
index 0d90cc7..331e86c 100644
--- a/WebCore/khtml/html/html_elementimpl.h
+++ b/WebCore/khtml/html/html_elementimpl.h
@@ -30,7 +30,7 @@ namespace DOM {
 class DOMString;
 class CSSStyleDeclarationImpl;
 class HTMLFormElementImpl;
- class DocumentFragmentImpl;
+class DocumentFragmentImpl;
 
 class HTMLElementImpl : public ElementImpl
 {
diff --git a/WebCore/khtml/html/htmlparser.cpp b/WebCore/khtml/html/htmlparser.cpp
index 63927bd..0988fb5 100644
--- a/WebCore/khtml/html/htmlparser.cpp
+++ b/WebCore/khtml/html/htmlparser.cpp
@@ -132,6 +132,7 @@ KHTMLParser::KHTMLParser( KHTMLView *_parent, DocumentPtr *doc)
 }
 
 KHTMLParser::KHTMLParser( DOM::DocumentFragmentImpl *i, DocumentPtr *doc )
+    : current(0)
 {
     HTMLWidget = 0;
     document = doc;

-- 
WebKit Debian packaging

More information about the Pkg-webkit-commits mailing list