From 94b36f69bd7ee331a241d186cd23009f737ad28c Mon Sep 17 00:00:00 2001 From: Jonathan Liu Date: Thu, 7 Mar 2013 23:52:03 +1100 Subject: [PATCH] Webkit: Avoid null pointer dereference when canceling resource loading In some cases ResourceLoader::didCancel may run after the load has already completed which results in a null pointer dereference. If the load has already completed - do nothing. This is a partial backport of r86720 in WebKit upstream. Task-number: QTBUG-30081 Change-Id: I1e41594f6d7a81ec6c3d97367391b722918abae2 --- src/3rdparty/webkit/Source/WebCore/loader/ResourceLoader.cpp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/3rdparty/webkit/Source/WebCore/loader/ResourceLoader.cpp b/src/3rdparty/webkit/Source/WebCore/loader/ResourceLoader.cpp index c59acba..09eb190 100644 --- a/src/3rdparty/webkit/Source/WebCore/loader/ResourceLoader.cpp +++ b/src/3rdparty/webkit/Source/WebCore/loader/ResourceLoader.cpp @@ -339,8 +339,11 @@ void ResourceLoader::didFail(const ResourceError& error) void ResourceLoader::didCancel(const ResourceError& error) { + // If the load has already completed - succeeded, failed, or previously cancelled - do nothing. + if (m_reachedTerminalState) + return; + ASSERT(!m_cancelled); - ASSERT(!m_reachedTerminalState); if (FormData* data = m_request.httpBody()) data->removeGeneratedFilesIfNeeded(); -- 1.8.1.4