Fix a used-after-free caused by an unremoved Observer.

Fix a used-after-free caused by an unremoved Observer.

ProfileInfoHandler starts observing the ProfileInfoCache when it receives the
JavascriptAllowed event and stops on JavascriptDisallowed, which isn't always
called. This CL uses ScopedObserver to ensure ProfileInfoHandler instances are
never freed without removing themselves as Observers.

BUG=607921
Committed: https://crrev.com/7426febf7c71bba00d58289d4066753012a04d81
Cr-Commit-Position: refs/heads/master@{#391320}

[anthonyvd, 2016-05-03 17:18:01]

Description was changed from

==========
Fix a used-after-free caused by an unremoved Observer.

BUG=607921
==========

to

==========
Fix a used-after-free caused by an unremoved Observer.

ProfileInfoHandler starts observing the ProfileInfoCache when it receives the
JavascriptAllowed event and stops on JavascriptDisallowed, which isn't always
called. This CL uses ScopedObserver to ensure ProfileInfoHandler instances are
never freed without removing themselves as Observers.

BUG=607921
==========

[anthonyvd, 2016-05-03 17:18:56]

Description was changed from

==========
Fix a used-after-free caused by an unremoved Observer.

ProfileInfoHandler starts observing the ProfileInfoCache when it receives the
JavascriptAllowed event and stops on JavascriptDisallowed, which isn't always
called. This CL uses ScopedObserver to ensure ProfileInfoHandler instances are
never freed without removing themselves as Observers.

BUG=607921
==========

to

==========
Fix a used-after-free caused by an unremoved Observer.

ProfileInfoHandler starts observing the ProfileInfoCache when it receives the
JavascriptAllowed event and stops on JavascriptDisallowed, which isn't always
called. This CL uses ScopedObserver to ensure ProfileInfoHandler instances are
never freed without removing themselves as Observers.

BUG=607921
==========

[anthonyvd, 2016-05-03 17:19:20]

anthonyvd@chromium.org changed reviewers:
+ tommycli@chromium.org

[anthonyvd, 2016-05-03 17:19:20]

Hi tommycli@,

Can you please take a look at this CL that fixes a UAF crash?

Thanks!

[tommycli, 2016-05-03 17:23:48]

lgtm.

Sorry you were assigned to clean up my mess. Thank you for doing it though! :)

https://codereview.chromium.org/1942323002/diff/1/chrome/browser/ui/webui/set...
File chrome/browser/ui/webui/settings/profile_info_handler.h (right):

https://codereview.chromium.org/1942323002/diff/1/chrome/browser/ui/webui/set...
chrome/browser/ui/webui/settings/profile_info_handler.h:67:
ScopedObserver<ProfileAttributesStorage, ProfileInfoHandler> scoped_observer_;
Can we call this profile_observer_ just to be clear?

[anthonyvd, 2016-05-03 18:12:10]

No problem at all. Thanks for the quick review!

https://codereview.chromium.org/1942323002/diff/1/chrome/browser/ui/webui/set...
File chrome/browser/ui/webui/settings/profile_info_handler.h (right):

https://codereview.chromium.org/1942323002/diff/1/chrome/browser/ui/webui/set...
chrome/browser/ui/webui/settings/profile_info_handler.h:67:
ScopedObserver<ProfileAttributesStorage, ProfileInfoHandler> scoped_observer_;
On 2016/05/03 17:23:48, tommycli wrote:
> Can we call this profile_observer_ just to be clear?

Done.

[anthonyvd, 2016-05-03 18:12:15]

The CQ bit was checked by anthonyvd@chromium.org

[anthonyvd, 2016-05-03 18:12:16]

The patchset sent to the CQ was uploaded after l-g-t-m from
tommycli@chromium.org
Link to the patchset: https://codereview.chromium.org/1942323002/#ps20001
(title: "Address feedback")

[commit-bot: I haz the power, 2016-05-03 18:12:40]

CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/1942323002/20001
View timeline at
 https://chromium-cq-status.appspot.com/patch-timeline/1942323002/20001

[commit-bot: I haz the power, 2016-05-03 19:11:18]

Description was changed from

==========
Fix a used-after-free caused by an unremoved Observer.

ProfileInfoHandler starts observing the ProfileInfoCache when it receives the
JavascriptAllowed event and stops on JavascriptDisallowed, which isn't always
called. This CL uses ScopedObserver to ensure ProfileInfoHandler instances are
never freed without removing themselves as Observers.

BUG=607921
==========

to

==========
Fix a used-after-free caused by an unremoved Observer.

ProfileInfoHandler starts observing the ProfileInfoCache when it receives the
JavascriptAllowed event and stops on JavascriptDisallowed, which isn't always
called. This CL uses ScopedObserver to ensure ProfileInfoHandler instances are
never freed without removing themselves as Observers.

BUG=607921
==========

[commit-bot: I haz the power, 2016-05-03 19:11:19]

Committed patchset #2 (id:20001)

[commit-bot: I haz the power, 2016-05-03 19:12:43]

Description was changed from

==========
Fix a used-after-free caused by an unremoved Observer.

ProfileInfoHandler starts observing the ProfileInfoCache when it receives the
JavascriptAllowed event and stops on JavascriptDisallowed, which isn't always
called. This CL uses ScopedObserver to ensure ProfileInfoHandler instances are
never freed without removing themselves as Observers.

BUG=607921
==========

to

==========
Fix a used-after-free caused by an unremoved Observer.

ProfileInfoHandler starts observing the ProfileInfoCache when it receives the
JavascriptAllowed event and stops on JavascriptDisallowed, which isn't always
called. This CL uses ScopedObserver to ensure ProfileInfoHandler instances are
never freed without removing themselves as Observers.

BUG=607921

Committed: https://crrev.com/7426febf7c71bba00d58289d4066753012a04d81
Cr-Commit-Position: refs/heads/master@{#391320}
==========

[commit-bot: I haz the power, 2016-05-03 19:12:44]

Patchset 2 (id:??) landed as
https://crrev.com/7426febf7c71bba00d58289d4066753012a04d81
Cr-Commit-Position: refs/heads/master@{#391320}