diff options
| author | ananta@chromium.org <ananta@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-01-07 22:15:13 +0000 |
|---|---|---|
| committer | ananta@chromium.org <ananta@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-01-07 22:15:13 +0000 |
| commit | 61e1f782242a5e85098fdff8179daab0e862e66a (patch) | |
| tree | 65ba6183167e0c3092cbadeb41c1f9bd2a458658 /base/file_util_unittest.cc | |
| parent | 86bb90c138020c272bb9e05ef63332c593ddba46 (diff) | |
| download | chromium_src-61e1f782242a5e85098fdff8179daab0e862e66a.zip chromium_src-61e1f782242a5e85098fdff8179daab0e862e66a.tar.gz chromium_src-61e1f782242a5e85098fdff8179daab0e862e66a.tar.bz2 | |
Fix for a plugin crasher which occurs in the context of NPP_Destroy. The plugin invokes NPN_MemFree
in this context and we crash while invoking the destructor of the PluginHost as the reference
count of the PluginHost object is 0. It is not clear as to why this happens as the PluginHost
object is implemented as a singleton with a static scoped_refptr object around to ensure
that the ref count is at least 1 until the CRT is around. From the dump it appears that CRT
is still valid.
In any case we don't need to validate the host pointers in NPN_MemAlloc and NPN_MemFree.
Will look further in the code to see if there is any misuse of the PluginHost pointer.
BUG=68767
TESt=none
Review URL: http://codereview.chromium.org/6134001
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@70791 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'base/file_util_unittest.cc')
0 files changed, 0 insertions, 0 deletions