Bug 21845

Summary:

m_frame null checked but then dereferenced

Product:

WebKit

Reporter:

Darin Fisher (:fishd, Google) <fishd>

Component:

WebCore Misc.

Assignee:

Darin Fisher (:fishd, Google) <fishd>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

oliver

Priority:

Version:

528+ (Nightly build)

Hardware:

All

OS:

All

Attachments:

Description	Flags
v1 patch: add early return	eric: review+

Darin Fisher (:fishd, Google)

Reported 2008-10-23 17:57:40 PDT

m_frame null checked but then dereferenced in EventHandler::allowDHTMLDrag, it appears that a return statement is missing. it looks like this code was introduced in http://trac.webkit.org/changeset/19230 this was found using a static analysis tool. i don't know if it is actually possible for m_frame to be null, so i don't know how to judge the severity of this bug. maybe the null checking code should just be removed.

Attachments
v1 patch: add early return (1.04 KB, patch) 2008-10-23 17:59 PDT, Darin Fisher (:fishd, Google)	eric: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Darin Fisher (:fishd, Google)

Comment 1 2008-10-23 17:59:53 PDT

Created attachment 24629 [details] v1 patch: add early return

Eric Seidel (no email)

Comment 2 2008-10-23 18:01:12 PDT

Comment on attachment 24629 [details] v1 patch: add early return This looks to me like what the author intended in their original code. Certainly the existing code is incorrect.

Eric Seidel (no email)

Comment 3 2008-10-23 18:01:53 PDT

Please add a comment to your changelog when landing about how this was found using a static analysis tool and thus there are no reproduction steps for a test case.

Darin Fisher (:fishd, Google)

Comment 4 2008-10-23 18:05:39 PDT

http://trac.webkit.org/changeset/37834

Note You need to log in before you can comment on or make changes to this bug.