127600 – DebuggerCallFrame::evaluateWithCallFrame() should not execute a null executable

Bug 127600 - DebuggerCallFrame::evaluateWithCallFrame() should not execute a null executable

Summary: DebuggerCallFrame::evaluateWithCallFrame() should not execute a null executable

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	JavaScriptCore (show other bugs)
Version:	528+ (Nightly build)
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Mark Lam

URL:
Keywords:

Depends on:
Blocks:

Reported:	2014-01-24 18:58 PST by Mark Lam
Modified:	2014-02-03 13:21 PST (History)
CC List:	7 users (show)

See Also:

Attachments
the patch. (1.69 KB, patch) 2014-01-24 19:08 PST, Mark Lam	oliver: review+	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Mark Lam 2014-01-24 18:58:10 PST

In DebuggerCallFrame::evaluateWithCallFrame(), if the script string that is passed in is bad, it will fail to create an Executable i.e. EvalExecutable::create() returns null.  However, DebuggerCallFrame::evaluateWithCallFrame() currently just clears the exception and proceeds to attempt to execute the Executable (which again is null).  A crash ensues.

DebuggerCallFrame::evaluateWithCallFrame() should abort if the Executable pointer is null.

Patch coming.

Comment 1 Mark Lam 2014-01-24 19:08:09 PST

Created attachment 222183 [details]
the patch.

Comment 2 Mark Lam 2014-01-24 19:11:36 PST

Thanks.  Landed in r162752: <http://trac.webkit.org/r162752>.

Comment 3 Geoffrey Garen 2014-01-27 11:40:30 PST

Regression test?

Comment 4 Mark Lam 2014-02-03 13:21:10 PST

(In reply to comment #3)
> Regression test?

Will work on regression test at https://bugs.webkit.org/show_bug.cgi?id=128121.