Bug 167036

Summary:

Correct potential nullptr dereference in RenderLayer::updateLayerPosition()

Product:

WebKit

Reporter:

Brent Fulgham <bfulgham>

Component:

Layout and Rendering

Assignee:

Brent Fulgham <bfulgham>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

bfulgham, commit-queue, esprehn+autocc, glenn, kondapallykalyan, simon.fraser, zalan

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
Patch	none

Brent Fulgham

Reported 2017-01-13 17:00:58 PST

Crash logs indicate an infrequent crash in RenderLayer::updateLayerPosition(). Code inspection reveals that we might dereference a nullptr for elements with enclosing parents with a layer. The search for this parent might end without finding anything, resulting in the ancestor being set to nullptr. This patch adds the missing nullptr check to avoid this possibility.

Attachments
Patch (1.51 KB, patch) 2017-01-13 17:04 PST, Brent Fulgham	no flags	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Brent Fulgham

Comment 1 2017-01-13 17:01:18 PST

<rdar://problem/30023019>

Brent Fulgham

Comment 2 2017-01-13 17:04:16 PST

Created attachment 298810 [details] Patch

Dean Jackson

Comment 3 2017-01-13 18:45:27 PST

Comment on attachment 298810 [details] Patch Test case?

WebKit Commit Bot

Comment 4 2017-01-13 19:43:38 PST

Comment on attachment 298810 [details] Patch Clearing flags on attachment: 298810 Committed r210760: <http://trac.webkit.org/changeset/210760>

WebKit Commit Bot

Comment 5 2017-01-13 19:43:41 PST

All reviewed patches have been landed. Closing bug.

Note You need to log in before you can comment on or make changes to this bug.