bcarrella/cef
1
0
Fork 0
mirror of https://bitbucket.org/chromiumembedded/cef synced 2025-06-05 21:39:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix unintentional state transfer in DetachToUserFree (fixes issue #3309)

Browse Source 
Calling DetachToUserFree() on a CefString holding a reference should copy the
value instead of transferring ownership.

A new `StringTest.Ownership` test has been added for this behavior.
This commit is contained in:
Marshall Greenblatt
2022-04-13 14:33:23 -04:00
parent d8db6fa9da
commit 4921dc2213
2 changed files with 129 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
include/internal/cef_string_wrappers.h
View File

@ -584,10 +584,16 @@ class CefStringBase {
return NULL;
userfree_struct_type str = traits::userfree_alloc();
memcpy(str, string_, sizeof(struct_type));
if (owner_) {
// Transfer ownership of the data to |str|.
memcpy(str, string_, sizeof(struct_type));
// Free this class' structure but not the data.
memset(string_, 0, sizeof(struct_type));
} else {
// Copy the data to |str|.
traits::set(string_->str, string_->length, str, /*copy=*/true);
}
// Free this class' structure but not the data.
memset(string_, 0, sizeof(struct_type));
ClearAndFree();
return str;