Summary: | Don't let CSSPropertyWebkitPerspective dereference primitiveValue without null check. | ||||||
---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Luke Macpherson <macpherson> | ||||
Component: | New Bugs | Assignee: | Luke Macpherson <macpherson> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | Normal | CC: | cmarrin, dbates, macpherson, menard, simon.fraser, webkit.review.bot | ||||
Priority: | P2 | ||||||
Version: | 528+ (Nightly build) | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Attachments: |
|
Description
Luke Macpherson
2012-04-09 19:11:21 PDT
Created attachment 136373 [details]
Patch
Comment on attachment 136373 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=136373&action=review > Source/WebCore/ChangeLog:12 > + Coverity pointed out that we potentially dereference primitiveValue here without checking for null. > + I've added an early out for that case to make sure it can't ever happen. I don't know if it's actually > + possible to exercise that code path or not - probably the parser prevents it from being hit in practice. Have you tried writing a test? I've read the parser code and can't see an obvious way to exercise this code path. I still think it's best to make the code obviously correct (and reduce false-positives coming from static analysis). Comment on attachment 136373 [details] Patch Clearing flags on attachment: 136373 Committed r113676: <http://trac.webkit.org/changeset/113676> All reviewed patches have been landed. Closing bug. |