whitslack
commented
2 months ago Note: The other way this can be fixed is to typedef PlatformPathPtr as QPainterPath rather than as const QPainterPath&. That is the option taken by QtWebKit 5.212:
typedef QPainterPath PlatformPath;/* QPainterPath is valued based */
typedef PlatformPath PlatformPathPtr;Curiously, it has the same typo'd comment but in a different file and with a different typedef, so I wonder whether the dangling reference bug was introduced in movableink/webkit after copying the correct code from qtwebkit/qtwebkit or was fixed in qtwebkit/qtwebkit after copying the incorrect code from movableink/webkit. I'd guess the former.
For reference, here is the related code in movableink/webkit (exclusive of this PR):
WebCore::Path::platformPath()expects to be able to return the return value ofWebCore::PlatformPathImpl::platformPath()as aPlatformPathPtrwithout creating a dangling reference. However,WebCore::PathQt::platformPath()is defined as returning a temporaryQPainterPathobject, which does become a dangling reference when returned by reference, leading to segfaults at runtime.This PR changes the return type of
WebCore::PathQt::platformPath()toPlatformPathPtr(paralleling the definition ofWebCore::PathCG::platformPath()), so as to avoid creating a temporaryQPainterPathobject, thereby avoiding the creation of a dangling reference when returning fromWebCore::Path::platformPath().Fixes: https://github.com/movableink/webkit/issues/37