Speculative fix for ChromeFrame crash in bug http://code.google.com/p/chromium/issues/detail?id=29025

The crash occurs while dereferencing the automation channel to send out the SetCookie IPC message on the
automation channel to the host browser. Based on what I could see from the crash dump and the code
it seems like there could be a scenario where the AutomationResourceContext object could be destroyed
while the AutomationCookieStore object is still around and thus ends up with a stale pointer which crashes
when dereferenced.

Fix is to ensure that all related code paths hold on to a refcounted AutomationResourceContext instance.

I will look into whether it is possible to come up with a unit test for this.

Bug=29025

Review URL: http://codereview.chromium.org/450020

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@33524 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 2 insertions, 1 deletions

diff --git a/chrome/browser/automation/automation_profile_impl.h b/chrome/browser/automation/automation_profile_impl.h
index f2bc6c2..5bfba8e 100644
--- a/chrome/browser/automation/automation_profile_impl.h
+++ b/chrome/browser/automation/automation_profile_impl.h
@@ -9,6 +9,7 @@
 
 class Profile;
 class ChromeURLRequestContextGetter;
+class AutomationResourceMessageFilter;
 
 namespace AutomationRequestContext {
 
@@ -17,7 +18,7 @@ namespace AutomationRequestContext {
 ChromeURLRequestContextGetter* CreateAutomationURLRequestContextForTab(
     int tab_handle,
     Profile* profile,
-    IPC::Message::Sender* automation_client);
+    AutomationResourceMessageFilter* automation_client);
 
 }