diff options
| author | ananta@chromium.org <ananta@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-12-16 13:59:56 +0000 |
|---|---|---|
| committer | ananta@chromium.org <ananta@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-12-16 13:59:56 +0000 |
| commit | 50008a5084ce41272b4db375f2bc85ee41bf0f37 (patch) | |
| tree | 536373bad8edf1708944be6fe0a61a816c1c99f8 /chrome | |
| parent | 15ebc927185b8f564a937295b203f9d7022160fe (diff) | |
| download | chromium_src-50008a5084ce41272b4db375f2bc85ee41bf0f37.zip chromium_src-50008a5084ce41272b4db375f2bc85ee41bf0f37.tar.gz chromium_src-50008a5084ce41272b4db375f2bc85ee41bf0f37.tar.bz2 | |
Attempt to fix the Save link crash which started occuring since the change to create a resource
message filter to filter IPCs. The crash occurs in the DownloadUrl code path while creating a
SafeBrowsingResourceHandler instance which tries to dereference a NULL filter pointer to
get the process id.
Fix is pass the child id directly to the SafeBrowsingResourceHandler instance in places where
it is created. This reverts back to the old way instead of passing the filter.
BUG=none
TEST=start chrome and right click on a link and select Save as from the menu. It should not crash
Review URL: http://codereview.chromium.org/5866004
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@69402 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome')
4 files changed, 12 insertions, 11 deletions
diff --git a/chrome/browser/renderer_host/resource_dispatcher_host.cc b/chrome/browser/renderer_host/resource_dispatcher_host.cc index d552775..d6de60b 100644 --- a/chrome/browser/renderer_host/resource_dispatcher_host.cc +++ b/chrome/browser/renderer_host/resource_dispatcher_host.cc @@ -465,7 +465,7 @@ void ResourceDispatcherHost::BeginRequest( // Insert safe browsing at the front of the chain, so it gets to decide // on policies first. if (safe_browsing_->enabled()) { - handler = CreateSafeBrowsingResourceHandler(handler, route_id, + handler = CreateSafeBrowsingResourceHandler(handler, child_id, route_id, request_data.resource_type); } @@ -603,9 +603,10 @@ void ResourceDispatcherHost::OnFollowRedirect( } ResourceHandler* ResourceDispatcherHost::CreateSafeBrowsingResourceHandler( - ResourceHandler* handler, int route_id, ResourceType::Type resource_type) { + ResourceHandler* handler, int child_id, int route_id, + ResourceType::Type resource_type) { return new SafeBrowsingResourceHandler( - handler, route_id, resource_type, safe_browsing_, this, filter_); + handler, child_id, route_id, resource_type, safe_browsing_, this); } ResourceDispatcherHostRequestInfo* @@ -690,7 +691,7 @@ void ResourceDispatcherHost::BeginDownload( save_info)); if (safe_browsing_->enabled()) { - handler = CreateSafeBrowsingResourceHandler(handler, route_id, + handler = CreateSafeBrowsingResourceHandler(handler, child_id, route_id, ResourceType::MAIN_FRAME); } diff --git a/chrome/browser/renderer_host/resource_dispatcher_host.h b/chrome/browser/renderer_host/resource_dispatcher_host.h index 81935b5..9d1924d 100644 --- a/chrome/browser/renderer_host/resource_dispatcher_host.h +++ b/chrome/browser/renderer_host/resource_dispatcher_host.h @@ -397,7 +397,8 @@ class ResourceDispatcherHost : public net::URLRequest::Delegate { void OnReleaseDownloadedFile(int request_id); ResourceHandler* CreateSafeBrowsingResourceHandler( - ResourceHandler* handler, int route_id, ResourceType::Type resource_type); + ResourceHandler* handler, int child_id, int route_id, + ResourceType::Type resource_type); // Creates ResourceDispatcherHostRequestInfo for a browser-initiated request // (a download or a page save). |download| should be true if the request diff --git a/chrome/browser/renderer_host/safe_browsing_resource_handler.cc b/chrome/browser/renderer_host/safe_browsing_resource_handler.cc index fbb1a72e..d73f24b0 100644 --- a/chrome/browser/renderer_host/safe_browsing_resource_handler.cc +++ b/chrome/browser/renderer_host/safe_browsing_resource_handler.cc @@ -24,16 +24,16 @@ static const int kCheckUrlTimeoutMs = 5000; SafeBrowsingResourceHandler::SafeBrowsingResourceHandler( ResourceHandler* handler, + int render_process_host_id, int render_view_id, ResourceType::Type resource_type, SafeBrowsingService* safe_browsing, - ResourceDispatcherHost* resource_dispatcher_host, - ResourceMessageFilter* filter) + ResourceDispatcherHost* resource_dispatcher_host) : state_(STATE_NONE), defer_state_(DEFERRED_NONE), deferred_request_id_(-1), next_handler_(handler), - render_process_host_id_(filter->child_id()), + render_process_host_id_(render_process_host_id), render_view_id_(render_view_id), safe_browsing_(safe_browsing), rdh_(resource_dispatcher_host), diff --git a/chrome/browser/renderer_host/safe_browsing_resource_handler.h b/chrome/browser/renderer_host/safe_browsing_resource_handler.h index f2a61fd..e679fdc 100644 --- a/chrome/browser/renderer_host/safe_browsing_resource_handler.h +++ b/chrome/browser/renderer_host/safe_browsing_resource_handler.h @@ -17,7 +17,6 @@ #include "chrome/common/notification_registrar.h" class ResourceDispatcherHost; -class ResourceMessageFilter; // SafeBrowsingResourceHandler checks that URLs are "safe" before navigating // to them. To be considered "safe", a URL must not appear in the @@ -46,11 +45,11 @@ class SafeBrowsingResourceHandler : public ResourceHandler, public NotificationObserver { public: SafeBrowsingResourceHandler(ResourceHandler* handler, + int render_process_host_id, int render_view_id, ResourceType::Type resource_type, SafeBrowsingService* safe_browsing, - ResourceDispatcherHost* resource_dispatcher_host, - ResourceMessageFilter* filter); + ResourceDispatcherHost* resource_dispatcher_host); // ResourceHandler implementation: virtual bool OnUploadProgress(int request_id, uint64 position, uint64 size); |