Bug 32017 - [V8] Don't crash in DOMWindow event getter in OOM situations
Summary: [V8] Don't crash in DOMWindow event getter in OOM situations
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebCore JavaScript (show other bugs)
Version: 528+ (Nightly build)
Hardware: PC OS X 10.5
: P2 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-12-01 04:36 PST by Mads Ager
Modified: 2009-12-01 07:45 PST (History)
4 users (show)

See Also:


Attachments
Add missing null checks. (1.96 KB, patch)
2009-12-01 04:45 PST, Mads Ager
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Mads Ager 2009-12-01 04:36:51 PST
There are missing null checks in the DOMWindow event property getter and setter.  V8Proxy::context(frame) can return a null handle in OOM situations either if failing to initialize a context or if an OOM is handled gracefully and javascript is disabled.
Comment 1 Mads Ager 2009-12-01 04:45:14 PST
Created attachment 44068 [details]
Add missing null checks.
Comment 2 WebKit Review Bot 2009-12-01 04:48:35 PST
style-queue ran check-webkit-style on attachment 44068 [details] without any errors.
Comment 3 Eric Seidel (no email) 2009-12-01 07:22:58 PST
Comment on attachment 44068 [details]
Add missing null checks.

This makes me wonder about all the other calls to "V8Proxy::context(frame)".

It would be nice if there was some way to restrict the heap size for v8 artificially so as to fake OOM bugs, but I can see how this would be difficult to test.
Comment 4 WebKit Commit Bot 2009-12-01 07:45:31 PST
Comment on attachment 44068 [details]
Add missing null checks.

Clearing flags on attachment: 44068

Committed r51536: <http://trac.webkit.org/changeset/51536>
Comment 5 WebKit Commit Bot 2009-12-01 07:45:36 PST
All reviewed patches have been landed.  Closing bug.