47842 – NULL deref in SVGUseElement updateContainerSize

RESOLVED WORKSFORME 47842

NULL deref in SVGUseElement updateContainerSize

https://bugs.webkit.org/show_bug.cgi?id=47842

Summary NULL deref in SVGUseElement updateContainerSize

Justin Schuh

Reported 2010-10-18 12:09:46 PDT

The following SVG triggers a deref of a NULL shadowTree in updateContainerSize: <svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> <use id="use"> <symbol></symbol> </use> <use xlink:href="url(#use)" > </use> </svg>

Attachments
Add attachment proposed patch, testcase, etc.

Cosmin Truta

Comment 1 2010-12-01 12:23:04 PST

Has this been fixed elsewhere? It's no longer crashing. Tested with WebKit r72986.

Justin Schuh

Comment 2 2010-12-03 10:15:27 PST

Yeah, it looks like this got fixed in one of the recent use element patches over the last few months. If I had to guess I'd say it was probably: http://trac.webkit.org/changeset/69936

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution WORKSFORME

Priority P2

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware PC

OS OS X 10.5

Product WebKit

Component SVG

Assignee

Nobody

Reported

2010-10-18 12:09 PDT

Modified

2010-12-03 10:15 PST History

CC List

3 users Show

URL

Keywords

Depends on

Blocks