RESOLVED FIXED 119231
Null deref under PluginView::handlesPageScaleFactor() 
https://bugs.webkit.org/show_bug.cgi?id=119231
Summary Null deref under PluginView::handlesPageScaleFactor()
Tim Horton
Reported 2013-07-29 17:04:35 PDT
PluginView::handlesPageScaleFactor() doesn't null-check m_plugin, but it should. It should check isInitialized as well! <rdar://problem/14440207>
Attachments
patch (1.83 KB, patch)
2013-07-29 17:07 PDT, Tim Horton 		simon.fraser: review+
DetailsFormatted DiffDiff
another potential null (1.50 KB, patch)
2013-07-29 22:11 PDT, Tim Horton 		no flags
DetailsFormatted DiffDiff
try to make ews go (1.50 KB, patch)
2013-07-29 22:36 PDT, Tim Horton 		darin: review+
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Tim Horton
Comment 1 2013-07-29 17:07:21 PDT
Created attachment 207681 [details] patch
Simon Fraser (smfr)
Comment 2 2013-07-29 17:15:30 PDT
Comment on attachment 207681 [details] patch View in context: https://bugs.webkit.org/attachment.cgi?id=207681&action=review > Source/WebKit2/WebProcess/Plugins/PluginView.h:90 > + bool handlesPageScaleFactor(); Can this be const?
Tim Horton
Comment 3 2013-07-29 17:19:05 PDT
(In reply to comment #2) > (From update of attachment 207681 [details]) > View in context: https://bugs.webkit.org/attachment.cgi?id=207681&action=review > > > Source/WebKit2/WebProcess/Plugins/PluginView.h:90 > > + bool handlesPageScaleFactor(); > > Can this be const? Yep. pageScaleFactor() too! Thanks! http://trac.webkit.org/changeset/153449
Tim Horton
Comment 4 2013-07-29 22:11:46 PDT
Created attachment 207686 [details] another potential null
Tim Horton
Comment 5 2013-07-29 22:35:50 PDT
Reopened for one more patch (so many things can be null).
Tim Horton
Comment 6 2013-07-29 22:36:19 PDT
Created attachment 207689 [details] try to make ews go
Darin Adler
Comment 7 2013-07-30 12:26:41 PDT
Comment on attachment 207689 [details] try to make ews go View in context: https://bugs.webkit.org/attachment.cgi?id=207689&action=review > Source/WebKit2/WebProcess/WebPage/WebFrame.cpp:490 > PluginDocument* pluginDocument = static_cast<PluginDocument*>(m_coreFrame->document()); > - PluginView* pluginView = static_cast<PluginView*>(pluginDocument->pluginWidget()); > + if (PluginView* pluginView = static_cast<PluginView*>(pluginDocument->pluginWidget())) > + return pluginView->handlesPageScaleFactor(); > > - return pluginView->handlesPageScaleFactor(); > + return 0; I prefer early return to nesting the main line code in the if. Or using &&. return pluginView && pluginView->handlesPageScaleFactor();
Tim Horton
Comment 8 2013-07-30 12:37:57 PDT
Thanks, Darin. I went with &&. http://trac.webkit.org/changeset/153486
Note You need to log in before you can comment on or make changes to this bug.