Speculative fix for ChromeFrame crash in bug http://code.google.com/p/chromium/issues/detail?id=29025

The crash occurs while dereferencing the automation channel to send out the SetCookie IPC message on the
automation channel to the host browser. Based on what I could see from the crash dump and the code
it seems like there could be a scenario where the AutomationResourceContext object could be destroyed
while the AutomationCookieStore object is still around and thus ends up with a stale pointer which crashes
when dereferenced.

Fix is to ensure that all related code paths hold on to a refcounted AutomationResourceContext instance.

I will look into whether it is possible to come up with a unit test for this.

Bug=29025

Review URL: http://codereview.chromium.org/450020

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@33524 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 1 insertions, 1 deletions

diff --git a/chrome/browser/external_tab_container.cc b/chrome/browser/external_tab_container.cc
index ab25698..141a76b 100644
--- a/chrome/browser/external_tab_container.cc
+++ b/chrome/browser/external_tab_container.cc
@@ -401,7 +401,7 @@ bool ExternalTabContainer::CanDownload(int request_id) {
       ::AllowSetForegroundWindow(ASFW_ANY);
 
       ChromeThread::PostTask(ChromeThread::IO, FROM_HERE,
-          NewRunnableMethod(automation_resource_message_filter_,
+          NewRunnableMethod(automation_resource_message_filter_.get(),
               &AutomationResourceMessageFilter::SendDownloadRequestToHost,
               0, tab_handle_, request_id));
     }