Correct crash when processing local cancelled requests.
authorbfulgham@webkit.org <bfulgham@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 17 Aug 2009 19:47:18 +0000 (19:47 +0000)
committerbfulgham@webkit.org <bfulgham@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 17 Aug 2009 19:47:18 +0000 (19:47 +0000)
Reviewed by Kevin Ollivier.

No new tests. Existing fast/images/favicon-as-image.html
displays the problem.

* platform/network/curl/ResourceHandleManager.cpp:
(WebCore::writeCallback): Add check for m_cancelled after
  performing local-file processing.
(WebCore::ResourceHandleManager::downloadTimerCallback): Add
  check for m_cancelled after performing local-file processing.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@47379 268f45cc-cd09-0410-ab3c-d52691b4dbfc

WebCore/ChangeLog
WebCore/platform/network/curl/ResourceHandleManager.cpp

index 0e54b22..ccb24aa 100644 (file)
@@ -1,3 +1,18 @@
+2009-08-17  Brent Fulgham  <bfulgham@webkit.org>
+
+        Reviewed by Kevin Ollivier.
+
+        Correct crash when processing local cancelled requests.
+
+        No new tests. Existing fast/images/favicon-as-image.html
+        displays the problem.
+
+        * platform/network/curl/ResourceHandleManager.cpp:
+        (WebCore::writeCallback): Add check for m_cancelled after
+          performing local-file processing.
+        (WebCore::ResourceHandleManager::downloadTimerCallback): Add
+          check for m_cancelled after performing local-file processing.
+
 2009-08-17  Gustavo Noronha Silva  <gustavo.noronha@collabora.co.uk>
 
         Unreviewed. Reverts 47371, since it breaks GTK+.
index 3ac5a75..baca717 100644 (file)
@@ -150,8 +150,11 @@ static size_t writeCallback(void* ptr, size_t size, size_t nmemb, void* data)
     if (CURLE_OK == err && httpCode >= 300 && httpCode < 400)
         return totalSize;
 
-    if (!d->m_response.responseFired())
-       handleLocalReceiveResponse(h, job, d);
+    if (!d->m_response.responseFired()) {
+        handleLocalReceiveResponse(h, job, d);
+        if (d->m_cancelled)
+            return 0;
+    }
 
     if (d->client())
         d->client()->didReceiveData(job, static_cast<char*>(ptr), totalSize, 0);
@@ -339,8 +342,13 @@ void ResourceHandleManager::downloadTimerCallback(Timer<ResourceHandleManager>*
             continue;
 
         if (CURLE_OK == msg->data.result) {
-            if (!d->m_response.responseFired())
+            if (!d->m_response.responseFired()) {
                 handleLocalReceiveResponse(d->m_handle, job, d);
+                if (d->m_cancelled) {
+                    removeFromCurl(job);
+                    continue;
+                }
+            }
 
             if (d->client())
                 d->client()->didFinishLoading(job);