RESOLVED FIXED 8469
CRASH: WebCore::CSSParser::parseDashboardRegions when attr() is passed 
https://bugs.webkit.org/show_bug.cgi?id=8469
Summary CRASH: WebCore::CSSParser::parseDashboardRegions when attr() is passed
Thomas Stromberg
Reported 2006-04-18 19:27:58 PDT
Using iExploder 1.3.0 I found the following crash in the Nightly-420+ r13911-2006-04-18 build: Safari.crash.log - 2006-04-18 22:25:04.670 -0400 =================================================== Thread 0 Crashed: 0 com.apple.WebCore 0x01179810 WebCore::CSSParser::parseDashboardRegions(int, bool) + 496 1 com.apple.WebCore 0x0117d69c WebCore::CSSParser::parseValue(int, bool) + 1388 2 com.apple.WebCore 0x01289d94 cssyyparse(void*) + 7476 3 com.apple.WebCore 0x0117a560 WebCore::CSSParser::parseDeclaration(WebCore::CSSMutableStyleDeclaration*, WebCore::String const&) + 96 4 com.apple.WebCore 0x0116fbac WebCore::CSSMutableStyleDeclaration::parseDeclaration(WebCore::String const&) + 60 5 com.apple.WebCore 0x012965fc WebCore::StyledElement::parseMappedAttribute(WebCore::MappedAttribute*) + 700
Attachments
Testcase: table style="-webkit-dashboard-region: attr("a");" (143 bytes, text/html)
2006-04-18 19:29 PDT, Thomas Stromberg 		no flags
Details
Add missing null check (3.99 KB, patch)
2006-04-19 03:43 PDT, mitz 		eric: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Thomas Stromberg
Comment 1 2006-04-18 19:29:07 PDT
Created attachment 7814 [details] Testcase: table style="-webkit-dashboard-region: attr("a");"
Alexey Proskuryakov
Comment 2 2006-04-18 21:59:57 PDT
Reproducible crash = P1.
mitz
Comment 3 2006-04-19 03:43:30 PDT
Created attachment 7821 [details] Add missing null check I looked for other places missing this check and found none.
Eric Seidel (no email)
Comment 4 2006-04-19 03:45:22 PDT
Comment on attachment 7821 [details] Add missing null check Looks fine. r=me.
Eric Seidel (no email)
Comment 5 2006-04-19 03:45:23 PDT
Comment on attachment 7821 [details] Add missing null check Looks fine. r=me.
Note You need to log in before you can comment on or make changes to this bug.