Mac: Fix lifetime problem under BookmarkBarController stopPulsingBookmarkNode.

Mac: Fix lifetime problem under BookmarkBarController stopPulsingBookmarkNode.

BookmarkBarController has a weak pointer in a |pulsingButton_| data
member. This is an NSView which can be destroyed in
-[BookmarkBarController redistributeButtonsOnBarAsNeeded] when it is
removed from its superview.

Since bubbles close asynchronously, and fade out, the bookmark bubble
can cause a UAF to |pulsingButton_| via stopPulsingBookmarkNode. This
can occur if a resize triggers redistributeButtonsOnBarAsNeeded while a
bookmark bubble is still alive.

There's no need for this to be a weak pointer. Make it scoped_nsobject
instead.

This affects both Cocoa and MacViews.

BUG=616051
TEST=Added unit_test:
BookmarkBarControllerTest.RedistributeButtonsOnBarAsNeeded

Committed: https://crrev.com/561b5ae646d076efe21e2cc759b6d97ebb04ab0d
Cr-Commit-Position: refs/heads/master@{#437954}

[tapted, 2016-12-12 04:31:15]

The CQ bit was checked by tapted@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-12-12 04:31:32]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[tapted, 2016-12-12 04:41:12]

Description was changed from

==========
Fix lifetime problem

BUG=616051
==========

to

==========
Mac: Fix lifetime problem under BookmarkBarController stopPulsingBookmarkNode.

BookmarkBarController has a weak pointer in |pulsingButton_|, an NSView
which can be destroyed in -[BookmarkBarController
redistributeButtonsOnBarAsNeeded]. There's no need for this to be a weak
pointer.

Since bubbles close asynchronously, and fade out, the bookmark bubble
can cause a UAF to |pulsingButton_| via stopPulsingBookmarkNode.

This affects both Cocoa and MacViews.

BUG=616051
TEST=Added unit_test: BookmarkBarControllerTest.RedistributeButtonsOnBarAsNeeded
==========

[tapted, 2016-12-12 04:41:12]

tapted@chromium.org changed reviewers:
+ rsesek@chromium.org

[tapted, 2016-12-12 04:42:22]

Description was changed from

==========
Mac: Fix lifetime problem under BookmarkBarController stopPulsingBookmarkNode.

BookmarkBarController has a weak pointer in |pulsingButton_|, an NSView
which can be destroyed in -[BookmarkBarController
redistributeButtonsOnBarAsNeeded]. There's no need for this to be a weak
pointer.

Since bubbles close asynchronously, and fade out, the bookmark bubble
can cause a UAF to |pulsingButton_| via stopPulsingBookmarkNode.

This affects both Cocoa and MacViews.

BUG=616051
TEST=Added unit_test: BookmarkBarControllerTest.RedistributeButtonsOnBarAsNeeded
==========

to

==========
Mac: Fix lifetime problem under BookmarkBarController stopPulsingBookmarkNode.

BookmarkBarController has a weak pointer in a |pulsingButton_| data
member. This is an NSView which can be destroyed in
-[BookmarkBarController redistributeButtonsOnBarAsNeeded] when it is
removed from its superview.

Since bubbles close asynchronously, and fade out, the bookmark bubble
can cause a UAF to |pulsingButton_| via stopPulsingBookmarkNode.

There's no need for this to be a weak pointer. Make it scoped_nsobject
instead.

This affects both Cocoa and MacViews.

BUG=616051
TEST=Added unit_test:
BookmarkBarControllerTest.RedistributeButtonsOnBarAsNeeded
==========

[tapted, 2016-12-12 04:44:11]

The CQ bit was checked by tapted@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-12-12 04:44:24]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[tapted, 2016-12-12 04:46:50]

Description was changed from

==========
Mac: Fix lifetime problem under BookmarkBarController stopPulsingBookmarkNode.

BookmarkBarController has a weak pointer in a |pulsingButton_| data
member. This is an NSView which can be destroyed in
-[BookmarkBarController redistributeButtonsOnBarAsNeeded] when it is
removed from its superview.

Since bubbles close asynchronously, and fade out, the bookmark bubble
can cause a UAF to |pulsingButton_| via stopPulsingBookmarkNode.

There's no need for this to be a weak pointer. Make it scoped_nsobject
instead.

This affects both Cocoa and MacViews.

BUG=616051
TEST=Added unit_test:
BookmarkBarControllerTest.RedistributeButtonsOnBarAsNeeded
==========

to

==========
Mac: Fix lifetime problem under BookmarkBarController stopPulsingBookmarkNode.

BookmarkBarController has a weak pointer in a |pulsingButton_| data
member. This is an NSView which can be destroyed in
-[BookmarkBarController redistributeButtonsOnBarAsNeeded] when it is
removed from its superview.

Since bubbles close asynchronously, and fade out, the bookmark bubble
can cause a UAF to |pulsingButton_| via stopPulsingBookmarkNode. This
can occur if a resize triggers redistributeButtonsOnBarAsNeeded while a
bookmark bubble is still alive.

There's no need for this to be a weak pointer. Make it scoped_nsobject
instead.

This affects both Cocoa and MacViews.

BUG=616051
TEST=Added unit_test:
BookmarkBarControllerTest.RedistributeButtonsOnBarAsNeeded
==========

[commit-bot: I haz the power, 2016-12-12 05:09:29]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-12-12 05:09:30]

Dry run: This issue passed the CQ dry run.

[tapted, 2016-12-12 05:32:46]

Hi Robert, please take a look

[Robert Sesek, 2016-12-12 18:05:27]

LGTM

[tapted, 2016-12-12 22:42:15]

The CQ bit was checked by tapted@chromium.org

[commit-bot: I haz the power, 2016-12-12 22:43:46]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-12-12 23:25:04]

CQ is committing da patch.

Bot data: {"patchset_id": 20001, "attempt_start_ts": 1481582535744030,
"parent_rev": "1fe21d7d04327d79b0fafc107a89f93546e387b0", "commit_rev":
"38a0d9d782cfd28ef2347416468dda4dab737282"}

[commit-bot: I haz the power, 2016-12-12 23:25:31]

Description was changed from

==========
Mac: Fix lifetime problem under BookmarkBarController stopPulsingBookmarkNode.

BookmarkBarController has a weak pointer in a |pulsingButton_| data
member. This is an NSView which can be destroyed in
-[BookmarkBarController redistributeButtonsOnBarAsNeeded] when it is
removed from its superview.

Since bubbles close asynchronously, and fade out, the bookmark bubble
can cause a UAF to |pulsingButton_| via stopPulsingBookmarkNode. This
can occur if a resize triggers redistributeButtonsOnBarAsNeeded while a
bookmark bubble is still alive.

There's no need for this to be a weak pointer. Make it scoped_nsobject
instead.

This affects both Cocoa and MacViews.

BUG=616051
TEST=Added unit_test:
BookmarkBarControllerTest.RedistributeButtonsOnBarAsNeeded
==========

to

==========
Mac: Fix lifetime problem under BookmarkBarController stopPulsingBookmarkNode.

BookmarkBarController has a weak pointer in a |pulsingButton_| data
member. This is an NSView which can be destroyed in
-[BookmarkBarController redistributeButtonsOnBarAsNeeded] when it is
removed from its superview.

Since bubbles close asynchronously, and fade out, the bookmark bubble
can cause a UAF to |pulsingButton_| via stopPulsingBookmarkNode. This
can occur if a resize triggers redistributeButtonsOnBarAsNeeded while a
bookmark bubble is still alive.

There's no need for this to be a weak pointer. Make it scoped_nsobject
instead.

This affects both Cocoa and MacViews.

BUG=616051
TEST=Added unit_test:
BookmarkBarControllerTest.RedistributeButtonsOnBarAsNeeded

Review-Url: https://codereview.chromium.org/2567973002
==========

[commit-bot: I haz the power, 2016-12-12 23:25:40]

Committed patchset #2 (id:20001)

[commit-bot: I haz the power, 2016-12-12 23:29:05]

Description was changed from

==========
Mac: Fix lifetime problem under BookmarkBarController stopPulsingBookmarkNode.

BookmarkBarController has a weak pointer in a |pulsingButton_| data
member. This is an NSView which can be destroyed in
-[BookmarkBarController redistributeButtonsOnBarAsNeeded] when it is
removed from its superview.

Since bubbles close asynchronously, and fade out, the bookmark bubble
can cause a UAF to |pulsingButton_| via stopPulsingBookmarkNode. This
can occur if a resize triggers redistributeButtonsOnBarAsNeeded while a
bookmark bubble is still alive.

There's no need for this to be a weak pointer. Make it scoped_nsobject
instead.

This affects both Cocoa and MacViews.

BUG=616051
TEST=Added unit_test:
BookmarkBarControllerTest.RedistributeButtonsOnBarAsNeeded

Review-Url: https://codereview.chromium.org/2567973002
==========

to

==========
Mac: Fix lifetime problem under BookmarkBarController stopPulsingBookmarkNode.

BookmarkBarController has a weak pointer in a |pulsingButton_| data
member. This is an NSView which can be destroyed in
-[BookmarkBarController redistributeButtonsOnBarAsNeeded] when it is
removed from its superview.

Since bubbles close asynchronously, and fade out, the bookmark bubble
can cause a UAF to |pulsingButton_| via stopPulsingBookmarkNode. This
can occur if a resize triggers redistributeButtonsOnBarAsNeeded while a
bookmark bubble is still alive.

There's no need for this to be a weak pointer. Make it scoped_nsobject
instead.

This affects both Cocoa and MacViews.

BUG=616051
TEST=Added unit_test:
BookmarkBarControllerTest.RedistributeButtonsOnBarAsNeeded

Committed: https://crrev.com/561b5ae646d076efe21e2cc759b6d97ebb04ab0d
Cr-Commit-Position: refs/heads/master@{#437954}
==========

[commit-bot: I haz the power, 2016-12-12 23:29:06]

Patchset 2 (id:??) landed as
https://crrev.com/561b5ae646d076efe21e2cc759b6d97ebb04ab0d
Cr-Commit-Position: refs/heads/master@{#437954}