diff options
| author | ananta@chromium.org <ananta@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-09-22 18:24:35 +0000 |
|---|---|---|
| committer | ananta@chromium.org <ananta@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-09-22 18:24:35 +0000 |
| commit | 3afd25e007e53469c2312cc180f089b868bf9b06 (patch) | |
| tree | 91b1e261f2991d18ea14ce32af25e32a4613b358 /webkit | |
| parent | 70ccf7061242e1b405f58fb423dab470d9ec69ab (diff) | |
| download | chromium_src-3afd25e007e53469c2312cc180f089b868bf9b06.zip chromium_src-3afd25e007e53469c2312cc180f089b868bf9b06.tar.gz chromium_src-3afd25e007e53469c2312cc180f089b868bf9b06.tar.bz2 | |
Fix a flash plugin process crash on Windows which occurs on the field in the context of the SetCursor Windows API
call. We intercept this API to ensure that custom cursors set by flash plugin can be marshaled back to the browser
process. Based on the callstack the crash occurs while clearing the custom data vector in the WebCursor object
in the plugin process. As this field is not used on Windows, it is not clear why this crash occurs. It may well
be due to the fact that the global plugin instance pointer is pointing to an invalid plugin instance. Code inspection
did not reveal much.
We don't need to save away the plugin cursor in the SetCursor intercept. This can be safely done in the HandleEvent
handler, which simplifies the code and should hopefully fix this crash.
Fixes bug http://code.google.com/p/chromium/issues/detail?id=96282
BUG=96282
Review URL: http://codereview.chromium.org/7988009
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@102313 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'webkit')
| -rw-r--r-- | webkit/plugins/npapi/webplugin_delegate_impl_win.cc | 15 |
1 files changed, 2 insertions, 13 deletions
diff --git a/webkit/plugins/npapi/webplugin_delegate_impl_win.cc b/webkit/plugins/npapi/webplugin_delegate_impl_win.cc index d0b1888..07102c1 100644 --- a/webkit/plugins/npapi/webplugin_delegate_impl_win.cc +++ b/webkit/plugins/npapi/webplugin_delegate_impl_win.cc @@ -1359,6 +1359,7 @@ bool WebPluginDelegateImpl::PlatformHandleInputEvent( ret = true; if (np_event.event == WM_MOUSEMOVE) { + current_windowless_cursor_.InitFromExternalCursor(GetCursor()); // Snag a reference to the current cursor ASAP in case the plugin modified // it. There is a nasty race condition here with the multiprocess browser // as someone might be setting the cursor in the main process as well. @@ -1460,19 +1461,7 @@ HCURSOR WINAPI WebPluginDelegateImpl::SetCursorPatch(HCURSOR cursor) { } return current_cursor; } - - if (!g_current_plugin_instance->IsWindowless()) { - return ::SetCursor(cursor); - } - - // It is ok to pass NULL here to GetCursor as we are not looking for cursor - // types defined by Webkit. - HCURSOR previous_cursor = - g_current_plugin_instance->current_windowless_cursor_.GetCursor(NULL); - - g_current_plugin_instance->current_windowless_cursor_.InitFromExternalCursor( - cursor); - return previous_cursor; + return ::SetCursor(cursor); } LONG WINAPI WebPluginDelegateImpl::RegEnumKeyExWPatch( |