8509 2006-04-21 00:04:50 -0700 document.importNode(null) crashes 2019-02-06 09:02:55 -0800 1 1 1 Unclassified WebKit DOM 420+ Mac OS X 10.4 RESOLVED FIXED javascript:document.importNode(null) EasyFix P1 Normal --- 1 mjs ggaren cdumez oldest_to_newest 40012 0 mjs 2006-04-21 00:04:50 -0700 Doing document.importNode(null) causes a crash with the following backtrace: Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_PROTECTION_FAILURE at address: 0x00000000 0x01de03af in WebCore::Document::importNode (this=0xf103c00, importedNode=0x0, deep=false, ec=@0xbfffe518) at /Volumes/Data/mjs/Work/src/Safari/OpenSource/WebCore/dom/Document.cpp:457 (gdb) bt #0 0x01de03af in WebCore::Document::importNode (this=0xf103c00, importedNode=0x0, deep=false, ec=@0xbfffe518) at /Volumes/Data/mjs/Work/src/Safari/OpenSource/WebCore/dom/Document.cpp:457 #1 0x01f569ab in WebCore::JSDocumentProtoFunc::callAsFunction (this=0x230ac490, exec=0xbfffe8e8, thisObj=0x230ac3b0, args=@0xbfffe748) at /Users/mjs/Work/symroots/Debug/DerivedSources/WebCore/JSDocument.cpp:301 #2 0x015ce96c in KJS::JSObject::call (this=0x230ac490, exec=0xbfffe8e8, thisObj=0x230ac3b0, args=@0xbfffe748) at /Volumes/Data/mjs/Work/src/Safari/OpenSource/JavaScriptCore/kjs/object.cpp:96 #3 0x015c58cb in KJS::FunctionCallDotNode::evaluate (this=0x231a8900, exec=0xbfffe8e8) at /Volumes/Data/mjs/Work/src/Safari/OpenSource/JavaScriptCore/kjs/nodes.cpp:758 #4 0x015c312e in KJS::ExprStatementNode::execute (this=0x231a8a00, exec=0xbfffe8e8) at /Volumes/Data/mjs/Work/src/Safari/OpenSource/JavaScriptCore/kjs/nodes.cpp:1712 Looks like just lack of a null check. 40043 1 ggaren 2006-04-21 10:44:27 -0700 I'm on it. 40048 2 7878 ggaren 2006-04-21 11:49:21 -0700 Created attachment 7878 Fix 40073 3 7878 sullivan 2006-04-21 16:27:48 -0700 Comment on attachment 7878 Fix Looks good. 40087 4 7878 darin 2006-04-21 22:20:52 -0700 Comment on attachment 7878 Fix Geoff, there's a reason I used this style: case DOCUMENT_TYPE_NODE: case DOCUMENT_FRAGMENT_NODE: case NOTATION_NODE: - break; + default: + ec = NOT_SUPPORTED_ERR; + return 0; } - - ec = NOT_SUPPORTED_ERR; - return 0; } If you don't have a "default" in your switch statement, gcc will give you a warning if you leave any enum values out. So I often write switch statements in a slightly awkward way, just to avoid putting a default in. Here your patch is undoing that. 40119 5 ggaren 2006-04-22 00:29:34 -0700 Reverted code Darin mentioned, then landed. 1502867 6 lforschler 2019-02-06 09:02:55 -0800 Mass moving XML DOM bugs to the "DOM" Component. 7878 2006-04-21 11:49:21 -0700 2006-04-21 16:27:48 -0700 Fix patch-importnode.txt text/plain 4292 ggaren SW5kZXg6IExheW91dFRlc3RzL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBMYXlvdXRUZXN0cy9D aGFuZ2VMb2cJKHJldmlzaW9uIDE0MDAwKQorKysgTGF5b3V0VGVzdHMvQ2hhbmdlTG9nCSh3b3Jr aW5nIGNvcHkpCkBAIC0xLDMgKzEsMTEgQEAKKzIwMDYtMDQtMjEgIEdlb2ZmcmV5IEdhcmVuICA8 Z2dhcmVuQGFwcGxlLmNvbT4KKworICAgICAgICBMYXlvdXQgdGVzdCBmb3IgaHR0cDovL2J1Z3pp bGxhLm9wZW5kYXJ3aW4ub3JnL3Nob3dfYnVnLmNnaT9pZD04NTA5CisgICAgICAgIGphdmFzY3Jp cHQ6ZG9jdW1lbnQuaW1wb3J0Tm9kZShudWxsKQorICAgICAgICAKKyAgICAgICAgKiBmYXN0L2Rv bS9pbXBvcnROb2RlLW51bGwtZXhwZWN0ZWQudHh0OiBBZGRlZC4KKyAgICAgICAgKiBmYXN0L2Rv bS9pbXBvcnROb2RlLW51bGwuaHRtbDogQWRkZWQuCisKIDIwMDYtMDQtMjEgIEJldGggRGFraW4g IDxiZGFraW5AYXBwbGUuY29tPgogCiAgICAgICAgIEFkZGluZyBhIGZldyBtb3JlIGJhY2tncm91 bmQtc2l6ZSB0ZXN0cyB0aGF0IGluY2x1ZGUgYmFja2dyb3VuZC0KSW5kZXg6IExheW91dFRlc3Rz L2Zhc3QvZG9tL2ltcG9ydE5vZGUtbnVsbC1leHBlY3RlZC50eHQKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gTGF5 b3V0VGVzdHMvZmFzdC9kb20vaW1wb3J0Tm9kZS1udWxsLWV4cGVjdGVkLnR4dAkocmV2aXNpb24g MCkKKysrIExheW91dFRlc3RzL2Zhc3QvZG9tL2ltcG9ydE5vZGUtbnVsbC1leHBlY3RlZC50eHQJ KHJldmlzaW9uIDApCkBAIC0wLDAgKzEsNSBAQAorVGhpcyBwYWdlIHRlc3RzIGNhbGxpbmcgZG9j dW1lbnQuaW1wb3J0Tm9kZShudWxsKS4gSWYgaXQgcGFzc2VzLCB5b3UnbGwgc2VlIGEgIlBBU1Mi IG1lc3NhZ2UgYmVsb3cuCisKK2NhdWdodCBleGNlcHRpb246IEVycm9yOiBOT1RfU1VQUE9SVEVE X0VSUjogRE9NIEV4Y2VwdGlvbiA5CitQQVNTOiBpbXBvcnROb2RlKG51bGwpIGRpZG4ndCBjcmFz aAorCkluZGV4OiBMYXlvdXRUZXN0cy9mYXN0L2RvbS9pbXBvcnROb2RlLW51bGwuaHRtbAo9PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09Ci0tLSBMYXlvdXRUZXN0cy9mYXN0L2RvbS9pbXBvcnROb2RlLW51bGwuaHRtbAkocmV2 aXNpb24gMCkKKysrIExheW91dFRlc3RzL2Zhc3QvZG9tL2ltcG9ydE5vZGUtbnVsbC5odG1sCShy ZXZpc2lvbiAwKQpAQCAtMCwwICsxLDM1IEBACis8aHRtbD4KKzxoZWFkPgorPHNjcmlwdD4KK2Z1 bmN0aW9uIHByaW50KG1lc3NhZ2UsIGNvbG9yKSAKK3sKKyAgICB2YXIgcGFyYWdyYXBoID0gZG9j dW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iik7CisgICAgcGFyYWdyYXBoLmFwcGVuZENoaWxkKGRv Y3VtZW50LmNyZWF0ZVRleHROb2RlKG1lc3NhZ2UpKTsKKyAgICBwYXJhZ3JhcGguc3R5bGUuZm9u dEZhbWlseSA9ICJtb25vc3BhY2UiOworICAgIGlmIChjb2xvcikKKyAgICAgICAgcGFyYWdyYXBo LnN0eWxlLmNvbG9yID0gY29sb3I7CisgICAgZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoImNvbnNv bGUiKS5hcHBlbmRDaGlsZChwYXJhZ3JhcGgpOworfQorCitmdW5jdGlvbiB0ZXN0KCkgCit7Cisg ICAgaWYgKHdpbmRvdy5sYXlvdXRUZXN0Q29udHJvbGxlcikKKyAgICAgICAgbGF5b3V0VGVzdENv bnRyb2xsZXIuZHVtcEFzVGV4dCgpOworICAgICAgICAKKyAgICB0cnkgeworICAgICAgICBkb2N1 bWVudC5pbXBvcnROb2RlKG51bGwpOworICAgIH0gY2F0Y2goZSkgeworICAgICAgICBwcmludCgi Y2F1Z2h0IGV4Y2VwdGlvbjogIiArIGUpOworICAgIH0gZmluYWxseSB7CisgICAgICAgIHByaW50 KCJQQVNTOiBpbXBvcnROb2RlKG51bGwpIGRpZG4ndCBjcmFzaCIsICJncmVlbiIpOworICAgIH0K K30KKzwvc2NyaXB0PgorPC9oZWFkPgorPGJvZHkgb25sb2FkPSJ0ZXN0KCk7Ij4KKzxwPlRoaXMg cGFnZSB0ZXN0cyBjYWxsaW5nIGRvY3VtZW50LmltcG9ydE5vZGUobnVsbCkuIElmIGl0IHBhc3Nl cywgeW91J2xsIAorICAgc2VlIGEgIlBBU1MiIG1lc3NhZ2UgYmVsb3cuPC9wPgorPGhyPgorPGRp diBpZD0nY29uc29sZSc+PC9kaXY+Cis8L2JvZHk+Cis8L2h0bWw+CkluZGV4OiBXZWJDb3JlL2Rv bS9Eb2N1bWVudC5jcHAKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gV2ViQ29yZS9kb20vRG9jdW1lbnQuY3BwCShy ZXZpc2lvbiAxMzk5NikKKysrIFdlYkNvcmUvZG9tL0RvY3VtZW50LmNwcAkod29ya2luZyBjb3B5 KQpAQCAtNDUzLDYgKzQ1MywxMSBAQCBQYXNzUmVmUHRyPENTU1N0eWxlRGVjbGFyYXRpb24+IERv Y3VtZW50CiBQYXNzUmVmUHRyPE5vZGU+IERvY3VtZW50OjppbXBvcnROb2RlKE5vZGUqIGltcG9y dGVkTm9kZSwgYm9vbCBkZWVwLCBFeGNlcHRpb25Db2RlJiBlYykKIHsKICAgICBlYyA9IDA7Cisg ICAgCisgICAgaWYgKCFpbXBvcnRlZE5vZGUpIHsKKyAgICAgICAgZWMgPSBOT1RfU1VQUE9SVEVE X0VSUjsKKyAgICAgICAgcmV0dXJuIDA7CisgICAgfQogCiAgICAgc3dpdGNoIChpbXBvcnRlZE5v ZGUtPm5vZGVUeXBlKCkpIHsKICAgICAgICAgY2FzZSBURVhUX05PREU6CkBAIC01MDQsMjMgKzUw OSwyMyBAQCBQYXNzUmVmUHRyPE5vZGU+IERvY3VtZW50OjppbXBvcnROb2RlKE5vCiAgICAgICAg IGNhc2UgRE9DVU1FTlRfVFlQRV9OT0RFOgogICAgICAgICBjYXNlIERPQ1VNRU5UX0ZSQUdNRU5U X05PREU6CiAgICAgICAgIGNhc2UgTk9UQVRJT05fTk9ERToKLSAgICAgICAgICAgIGJyZWFrOwor ICAgICAgICBkZWZhdWx0OgorICAgICAgICAgICAgZWMgPSBOT1RfU1VQUE9SVEVEX0VSUjsKKyAg ICAgICAgICAgIHJldHVybiAwOwogICAgIH0KLQotICAgIGVjID0gTk9UX1NVUFBPUlRFRF9FUlI7 Ci0gICAgcmV0dXJuIDA7CiB9CiAKIAogUGFzc1JlZlB0cjxOb2RlPiBEb2N1bWVudDo6YWRvcHRO b2RlKFBhc3NSZWZQdHI8Tm9kZT4gc291cmNlLCBFeGNlcHRpb25Db2RlJiBlYykKIHsKLSAgICBp ZiAoIXNvdXJjZSkKKyAgICBpZiAoIXNvdXJjZSkgeworICAgICAgICBlYyA9IE5PVF9TVVBQT1JU RURfRVJSOwogICAgICAgICByZXR1cm4gMDsKKyAgICB9CiAgICAgCiAgICAgc3dpdGNoIChzb3Vy Y2UtPm5vZGVUeXBlKCkpIHsKICAgICAgICAgY2FzZSBFTlRJVFlfTk9ERToKICAgICAgICAgY2Fz ZSBOT1RBVElPTl9OT0RFOgotICAgICAgICAgICAgcmV0dXJuIDA7CiAgICAgICAgIGNhc2UgRE9D VU1FTlRfTk9ERToKICAgICAgICAgY2FzZSBET0NVTUVOVF9UWVBFX05PREU6CiAgICAgICAgICAg ICBlYyA9IE5PVF9TVVBQT1JURURfRVJSOwpJbmRleDogV2ViQ29yZS9DaGFuZ2VMb2cKPT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PQotLS0gV2ViQ29yZS9DaGFuZ2VMb2cJKHJldmlzaW9uIDE0MDAwKQorKysgV2ViQ29yZS9D aGFuZ2VMb2cJKHdvcmtpbmcgY29weSkKQEAgLTEsNSArMSwxNyBAQAogMjAwNi0wNC0yMSAgR2Vv ZmZyZXkgR2FyZW4gIDxnZ2FyZW5AYXBwbGUuY29tPgogCisgICAgICAgIC0gRml4ZWQgaHR0cDov L2J1Z3ppbGxhLm9wZW5kYXJ3aW4ub3JnL3Nob3dfYnVnLmNnaT9pZD04NTA5CisgICAgICAgIGph dmFzY3JpcHQ6ZG9jdW1lbnQuaW1wb3J0Tm9kZShudWxsKQorICAgICAgICAKKyAgICAgICAgKiBk b20vRG9jdW1lbnQuY3BwOgorICAgICAgICAoV2ViQ29yZTo6RG9jdW1lbnQ6OmltcG9ydE5vZGUp OiBUaHJvdyBhbiBlcnJvciBpZiB0aGUgbm9kZSBpcyBudWxsLgorICAgICAgICBUaGlzIGhhcHBl bnMgd2hlbiB0aGUgb2JqZWN0IHByb3ZpZGVkIGluIHRoZSBKYXZhU2NyaXB0IGNhbGwgaXMgbm90 CisgICAgICAgIGEgbm9kZS4KKyAgICAgICAgKFdlYkNvcmU6OkRvY3VtZW50OjphZG9wdE5vZGUp OiBTZXQgdGhlIERPTSBleGNlcHRpb24gY29kZSBpbiBhbGwgZXJyb3IKKyAgICAgICAgY2FzZXMg aW5zdGVhZCBvZiBqdXN0IGEgZmV3LCBiZWNhdXNlIHRoYXQncyB3aGF0IHRoZSBzcGVjIHJlcXVp cmVzLgorCisyMDA2LTA0LTIxICBHZW9mZnJleSBHYXJlbiAgPGdnYXJlbkBhcHBsZS5jb20+CisK ICAgICAgICAgLSBBbmQgYWdhaW4uCiAKICAgICAgICAgKiBXZWJDb3JlLnZjcHJvai9XZWJDb3Jl L1dlYkNvcmUudmNwcm9qOgo=