From a9191b26d228f2359a302a09a29a8d061f56fb75 Mon Sep 17 00:00:00 2001
From: Marshall Greenblatt <magreenblatt@gmail.com>
Date: Tue, 3 Mar 2015 18:40:52 +0000
Subject: [PATCH] Fix heap-use-after-free when shutting down CEF with DevTools
 remote debugging enabled (issue #1557).

git-svn-id: https://chromiumembedded.googlecode.com/svn/trunk@2041 5089003a-bbd8-11dd-ad1f-f1f9622dbc98
---
 libcef/browser/devtools_delegate.cc | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/libcef/browser/devtools_delegate.cc b/libcef/browser/devtools_delegate.cc
index 500d5e3b4..5ab22b926 100644
--- a/libcef/browser/devtools_delegate.cc
+++ b/libcef/browser/devtools_delegate.cc
@@ -149,8 +149,11 @@ CefDevToolsDelegate::~CefDevToolsDelegate() {
 }
 
 void CefDevToolsDelegate::Stop() {
-  // The call below deletes |this|.
-  devtools_http_handler_.reset();
+  // Release the reference before deleting the handler. Deleting the handler
+  // will delete |this| and no members of |this| should be accessed after that
+  // call.
+  content::DevToolsHttpHandler* handler = devtools_http_handler_.release();
+  delete handler;
 }
 
 std::string CefDevToolsDelegate::GetDiscoveryPageHTML() {