From 56fd0d61e416df68be6a0577e41c4d63161632e8 Mon Sep 17 00:00:00 2001
From: Marshall Greenblatt <magreenblatt@gmail.com>
Date: Tue, 3 Mar 2015 18:41:46 +0000
Subject: [PATCH] Fix heap-use-after-free when shutting down CEF with DevTools
 remote debugging enabled (issue #1557).

git-svn-id: https://chromiumembedded.googlecode.com/svn/branches/2272@2042 5089003a-bbd8-11dd-ad1f-f1f9622dbc98
---
 libcef/browser/devtools_delegate.cc | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/libcef/browser/devtools_delegate.cc b/libcef/browser/devtools_delegate.cc
index 89b635e5c..8c8942e6b 100644
--- a/libcef/browser/devtools_delegate.cc
+++ b/libcef/browser/devtools_delegate.cc
@@ -139,8 +139,11 @@ CefDevToolsDelegate::~CefDevToolsDelegate() {
 }
 
 void CefDevToolsDelegate::Stop() {
-  // The call below deletes |this|.
-  devtools_http_handler_.reset();
+  // Release the reference before deleting the handler. Deleting the handler
+  // will delete |this| and no members of |this| should be accessed after that
+  // call.
+  content::DevToolsHttpHandler* handler = devtools_http_handler_.release();
+  delete handler;
 }
 
 std::string CefDevToolsDelegate::GetDiscoveryPageHTML() {