RESOLVED FIXED 160823
Dereferenced NULL pointer in StyleResolver 
https://bugs.webkit.org/show_bug.cgi?id=160823
Summary Dereferenced NULL pointer in StyleResolver
Jonathan Bedard
Reported 2016-08-12 14:44:28 PDT
In StyleResolver::CascadedProperties::addMatch(...) a point which is sometimes NULL is dereferenced before being provided as an argument to StyleResolver::CascadedProperties::addStyleProperties(...).
Attachments
Patch (3.37 KB, patch)
2016-08-12 14:48 PDT, Jonathan Bedard 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Jonathan Bedard
Comment 1 2016-08-12 14:48:54 PDT
Created attachment 285955 [details] Patch
Sam Weinig
Comment 2 2016-08-13 15:27:23 PDT
I don't understand how fixing a nullptr dereference can be no change in behavior? Dereferencing a nullptr will crash the program, so removing it would fix the crash and therefore be testable. Is that not the case here somehow?
Darin Adler
Comment 3 2016-08-14 14:53:29 PDT
(In reply to comment #2) > I don't understand how fixing a nullptr dereference can be no change in > behavior? Dereferencing a nullptr will crash the program, so removing it > would fix the crash and therefore be testable. Is that not the case here > somehow? Dereferencing a null pointer and then passing the resulting reference does not necessarily crash the program; as you know under the hood references are implemented almost the same way that pointers are. But Jonathan is using some kind of "undefined behavior testing mode" for clang, and so he was able to detect that the value is null. The rest of us are using clang in its normal compilation mode and like all the other compilers it just passes null to the function, which ignores the passed-in reference.
WebKit Commit Bot
Comment 4 2016-08-14 15:40:31 PDT
Comment on attachment 285955 [details] Patch Clearing flags on attachment: 285955 Committed r204455: <http://trac.webkit.org/changeset/204455>
WebKit Commit Bot
Comment 5 2016-08-14 15:40:35 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.