bcarrella
/
cef
mirror of https://bitbucket.org/chromiumembedded/cef
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix heap-use-after-free in CefBrowserMessageFilter::OnFrameFocused (issue #1567). 

git-svn-id: https://chromiumembedded.googlecode.com/svn/trunk@2049 5089003a-bbd8-11dd-ad1f-f1f9622dbc98
This commit is contained in:
Marshall Greenblatt 2015-03-04 19:24:16 +00:00
parent 5f3df0b702
commit a4c4246897
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
libcef/browser/browser_message_filter.cc
View File

@ -35,6 +35,8 @@ void CefBrowserMessageFilter::OnFilterAdded(IPC::Sender* sender) {
}
void CefBrowserMessageFilter::OnFilterRemoved() {
host_ = NULL;
sender_ = NULL;
}
bool CefBrowserMessageFilter::OnMessageReceived(const IPC::Message& message) {
@ -124,6 +126,9 @@ void CefBrowserMessageFilter::OnFrameFocused(int32 render_frame_routing_id) {
return;
}
if (!host_)
return;
CefRefPtr<CefBrowserHostImpl> browser =
CefBrowserHostImpl::GetBrowserForFrame(host_->GetID(),
render_frame_routing_id);