Bug 127600 - DebuggerCallFrame::evaluateWithCallFrame() should not execute a null executable
Summary: DebuggerCallFrame::evaluateWithCallFrame() should not execute a null executable
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Mark Lam
Depends on:
Reported: 2014-01-24 18:58 PST by Mark Lam
Modified: 2014-02-03 13:21 PST (History)
7 users (show)

See Also:

the patch. (1.69 KB, patch)
2014-01-24 19:08 PST, Mark Lam
oliver: review+
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Mark Lam 2014-01-24 18:58:10 PST
In DebuggerCallFrame::evaluateWithCallFrame(), if the script string that is passed in is bad, it will fail to create an Executable i.e. EvalExecutable::create() returns null.  However, DebuggerCallFrame::evaluateWithCallFrame() currently just clears the exception and proceeds to attempt to execute the Executable (which again is null).  A crash ensues.

DebuggerCallFrame::evaluateWithCallFrame() should abort if the Executable pointer is null.

Patch coming.
Comment 1 Mark Lam 2014-01-24 19:08:09 PST
Created attachment 222183 [details]
the patch.
Comment 2 Mark Lam 2014-01-24 19:11:36 PST
Thanks.  Landed in r162752: <http://trac.webkit.org/r162752>.
Comment 3 Geoffrey Garen 2014-01-27 11:40:30 PST
Regression test?
Comment 4 Mark Lam 2014-02-03 13:21:10 PST
(In reply to comment #3)
> Regression test?

Will work on regression test at https://bugs.webkit.org/show_bug.cgi?id=128121.