Bug 39681 - Web Inspector: Fixes chromium crasher due to passing an empty handle to toWebCoreString()
Summary: Web Inspector: Fixes chromium crasher due to passing an empty handle to toWeb...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Web Inspector (Deprecated) (show other bugs)
Version: 528+ (Nightly build)
Hardware: All All
: P2 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-05-25 11:51 PDT by jaimeyap
Modified: 2010-05-26 19:16 PDT (History)
5 users (show)

See Also:

Attachments
Fixes http://code.google.com/p/chromium/issues/detail?id=45004 (2.02 KB, patch)
2010-05-25 11:59 PDT, jaimeyap 		pfeldman: review+
Details | Formatted Diff | Diff
Returns "" instead of asking toWebCoreString() to stringify Undefined. (1.99 KB, patch)
2010-05-25 12:42 PDT, jaimeyap 		pfeldman: review+
Details | Formatted Diff | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description jaimeyap 2010-05-25 11:51:36 PDT 
toWebCoreString() in V8Binding.cpp in WebCore will null pointer deref if passed an empty handle.

Sometimes when invoking ScriptCallStack::callLocation(), we would get an empty handle for the script name.

See:
http://code.google.com/p/chromium/issues/detail?id=45004
Comment 2 Pavel Feldman 2010-05-25 12:05:48 PDT 
Comment on attachment 57035 [details]
Fixes http://code.google.com/p/chromium/issues/detail?id=45004

WebCore/bindings/v8/ScriptCallStack.cpp:75
 +      *functionName = toWebCoreString(functionNameValue.IsEmpty() ? v8::Undefined() : functionNameValue);
You know what toWebCoreString from undefined will look like? (I am not sure). Is that what you need?
Comment 3 jaimeyap 2010-05-25 12:42:11 PDT 
Created attachment 57037 [details]
Returns "" instead of asking toWebCoreString() to stringify Undefined.
Comment 4 Tony Chang 2010-05-26 19:16:04 PDT 
Committed r60266: <http://trac.webkit.org/changeset/60266>