Fix possible memory leak when dismissing a color picker
authorbfulgham@apple.com <bfulgham@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 21 Mar 2019 15:51:07 +0000 (15:51 +0000)
committerbfulgham@apple.com <bfulgham@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 21 Mar 2019 15:51:07 +0000 (15:51 +0000)
https://bugs.webkit.org/show_bug.cgi?id=196026
<rdar://problem/48778568>

Reviewed by Wenson Hsieh.

Fix a problem with WebPageProxy::endColorPicker where an early return could leave a color picker
with a +1 reference count after dismissing it.

* UIProcess/WebColorPicker.cpp:
(WebKit::WebColorPicker::endPicker):
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::endColorPicker):
(WebKit::WebPageProxy::didEndColorPicker):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243291 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit/ChangeLog
Source/WebKit/UIProcess/WebColorPicker.cpp
Source/WebKit/UIProcess/WebPageProxy.cpp

index 279c034..a11b880 100644 (file)
@@ -1,3 +1,20 @@
+2019-03-21  Brent Fulgham  <bfulgham@apple.com>
+
+        Fix possible memory leak when dismissing a color picker
+        https://bugs.webkit.org/show_bug.cgi?id=196026
+        <rdar://problem/48778568>
+
+        Reviewed by Wenson Hsieh.
+
+        Fix a problem with WebPageProxy::endColorPicker where an early return could leave a color picker
+        with a +1 reference count after dismissing it.
+
+        * UIProcess/WebColorPicker.cpp:
+        (WebKit::WebColorPicker::endPicker):
+        * UIProcess/WebPageProxy.cpp:
+        (WebKit::WebPageProxy::endColorPicker):
+        (WebKit::WebPageProxy::didEndColorPicker):
+
 2019-03-21  Carlos Garcia Campos  <cgarcia@igalia.com>
 
         [GTK][WPE] Add API to provide geolocation information
index 60263d7..4fbf333 100644 (file)
@@ -1,5 +1,6 @@
 /*
  * Copyright (C) 2012 Samsung Electronics. All rights reserved.
+ * Copyright (C) 2019 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -44,8 +45,8 @@ void WebColorPicker::endPicker()
     if (!m_client)
         return;
 
-    m_client->didEndColorPicker();
-    m_client = nullptr;
+    if (auto client = std::exchange(m_client, nullptr))
+        client->didEndColorPicker();
 }
 
 void WebColorPicker::setSelectedColor(const WebCore::Color& color)
index 7d7e489..7efaf3a 100644 (file)
@@ -5475,10 +5475,10 @@ void WebPageProxy::didChooseColor(const WebCore::Color& color)
 
 void WebPageProxy::didEndColorPicker()
 {
+    m_colorPicker = nullptr;
     if (!hasRunningProcess())
         return;
 
-    m_colorPicker = nullptr;
     m_process->send(Messages::WebPage::DidEndColorPicker(), m_pageID);
 }
 #endif