Bug 39681

Summary:

Web Inspector: Fixes chromium crasher due to passing an empty handle to toWebCoreString()

Product:

WebKit

Reporter:

jaimeyap

Component:

Web Inspector (Deprecated)

Assignee:

Nobody <webkit-unassigned>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

mnaganov, pfeldman, tony, tonyg, yurys

Priority:

Version:

528+ (Nightly build)

Hardware:

All

OS:

All

Attachments:

Description	Flags
Fixes http://code.google.com/p/chromium/issues/detail?id=45004	pfeldman: review+
Returns "" instead of asking toWebCoreString() to stringify Undefined.	pfeldman: review+

Description jaimeyap 2010-05-25 11:51:36 PDT

toWebCoreString() in V8Binding.cpp in WebCore will null pointer deref if passed an empty handle.

Sometimes when invoking ScriptCallStack::callLocation(), we would get an empty handle for the script name.

See:
http://code.google.com/p/chromium/issues/detail?id=45004

Comment 1 jaimeyap 2010-05-25 11:59:31 PDT

Created attachment 57035 [details]
Fixes http://code.google.com/p/chromium/issues/detail?id=45004

Comment 2 Pavel Feldman 2010-05-25 12:05:48 PDT

Comment on attachment 57035 [details]
Fixes http://code.google.com/p/chromium/issues/detail?id=45004

WebCore/bindings/v8/ScriptCallStack.cpp:75
 +      *functionName = toWebCoreString(functionNameValue.IsEmpty() ? v8::Undefined() : functionNameValue);
You know what toWebCoreString from undefined will look like? (I am not sure). Is that what you need?

Comment 3 jaimeyap 2010-05-25 12:42:11 PDT

Created attachment 57037 [details]
Returns "" instead of asking toWebCoreString() to stringify Undefined.

Comment 4 Tony Chang 2010-05-26 19:16:04 PDT

Committed r60266: <http://trac.webkit.org/changeset/60266>