Bug 172135 - Web Inspector: CRASH seen with DOM.setOuterHTML when there is no documentElement
Summary: Web Inspector: CRASH seen with DOM.setOuterHTML when there is no documentElement
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Web Inspector (show other bugs)
Version: WebKit Nightly Build
Hardware: All All
: P2 Normal
Assignee: Joseph Pecoraro
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2017-05-15 14:30 PDT by Joseph Pecoraro
Modified: 2017-05-15 15:45 PDT (History)
5 users (show)

See Also:

Attachments
[PATCH] Proposed Fix (3.80 KB, patch)
2017-05-15 14:32 PDT, Joseph Pecoraro 		bburg: review+
Details | Formatted Diff | Diff
[PATCH] For Landing (3.79 KB, patch)
2017-05-15 15:12 PDT, Joseph Pecoraro 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Joseph Pecoraro 2017-05-15 14:30:23 PDT 
Summary:
CRASH seen with DOM.setOuterHTML when there is no documentElement

Steps to Reproduce
1. Inspect this page
2. js> document.documentElement.remove()
3. Open inspector²
4. js> DOMAgent.setOuterHTML(1, "Test")
  => CRASH

Notes:
Not exactly sure how to reproduce this outside of sending the raw commands, but it shouldn't be possible. to cause a crash no matter the steps.
Comment 1 Joseph Pecoraro 2017-05-15 14:30:30 PDT 
<rdar://problem/32175860>
Comment 2 Joseph Pecoraro 2017-05-15 14:32:08 PDT 
Created attachment 310168 [details]
[PATCH] Proposed Fix
Comment 3 BJ Burg 2017-05-15 14:42:07 PDT 
Comment on attachment 310168 [details]
[PATCH] Proposed Fix

View in context: https://bugs.webkit.org/attachment.cgi?id=310168&action=review

r=me

> Source/WebCore/ChangeLog:13
> +        Null check the document element whic might not exist.

Typo: which
Comment 4 Joseph Pecoraro 2017-05-15 15:12:00 PDT 
Created attachment 310174 [details]
[PATCH] For Landing
Comment 5 WebKit Commit Bot 2017-05-15 15:32:30 PDT 
Comment on attachment 310174 [details]
[PATCH] For Landing

Clearing flags on attachment: 310174

Committed r216883: <http://trac.webkit.org/changeset/216883>