167030 – Avoid nullptr frame dereference when scrollTo is called on a disconnected DOMWindow

RESOLVED FIXED 167030

Avoid nullptr frame dereference when scrollTo is called on a disconnected DOMWindow

https://bugs.webkit.org/show_bug.cgi?id=167030

Summary Avoid nullptr frame dereference when scrollTo is called on a disconnected DOM...

Brent Fulgham

Reported 2017-01-13 16:04:15 PST

All of the functions in DOMWindow properly check that the frame is non-nullptr before using it. All, except for DOMWindow::scrollTo. This patch corrects this oversight and avoids a potential crash.

Attachments
Patch (1.35 KB, patch) 2017-01-13 16:09 PST, Brent Fulgham	dino: review+ bfulgham: commit-queue+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Brent Fulgham

Comment 1 2017-01-13 16:04:28 PST

<rdar://problem/29995070>

Brent Fulgham

Comment 2 2017-01-13 16:09:17 PST

Created attachment 298805 [details] Patch

Brent Fulgham

Comment 3 2017-01-13 16:37:58 PST

Committed r210750: <http://trac.webkit.org/changeset/210750>

Simon Fraser (smfr)

Comment 4 2017-01-13 20:03:17 PST

Why is there no test?

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component Layout and Rendering

Assignee

Brent Fulgham

Reported

2017-01-13 16:04 PST

Modified

2017-01-15 13:54 PST History

CC List

5 users Show

URL

Keywords InRadar

Depends on

Blocks