Bug 130900

Summary: Null pointer crash in String::append(UChar).
Product: WebKit Reporter: peavo
Component: Web Template FrameworkAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: benjamin, bfulgham, cmarcelo, commit-queue, msaboff
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Description peavo 2014-03-28 10:04:36 PDT 
A couple of days ago, I was getting many null pointer crashes in String::append(UChar).
This can happen if the string is empty (m_impl member == 0), and it is called with a character value less than or equal to 0xff.
In the first line of the method, the is8Bit() method will then be called, which accesses the m_impl member, which is null, causing a crash.
This can be fixed by first checking if the m_impl member is null, in the same way as in the method String::append(LChar).
Comment 1 peavo 2014-03-28 10:11:06 PDT 
Created attachment 228061 [details]
Patch
Comment 2 Michael Saboff 2014-03-28 10:22:08 PDT 
Comment on attachment 228061 [details]
Patch

r=me
Comment 3 peavo 2014-03-28 10:29:11 PDT 
(In reply to comment #2)
> (From update of attachment 228061 [details])
> r=me

Thanks!
Comment 4 WebKit Commit Bot 2014-03-28 10:59:23 PDT 
Comment on attachment 228061 [details]
Patch

Clearing flags on attachment: 228061

Committed r166414: <http://trac.webkit.org/changeset/166414>
Comment 5 WebKit Commit Bot 2014-03-28 10:59:27 PDT 
All reviewed patches have been landed.  Closing bug.