Bug 47842 - NULL deref in SVGUseElement updateContainerSize
Summary: NULL deref in SVGUseElement updateContainerSize
Status: RESOLVED WORKSFORME
Alias: None
Product: WebKit
Classification: Unclassified
Component: SVG (show other bugs)
Version: 528+ (Nightly build)
Hardware: PC OS X 10.5
: P2 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-10-18 12:09 PDT by Justin Schuh
Modified: 2010-12-03 10:15 PST (History)
3 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Justin Schuh 2010-10-18 12:09:46 PDT
The following SVG triggers a deref of a NULL shadowTree in updateContainerSize:

<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
    <use id="use">
        <symbol></symbol>
    </use>
    <use xlink:href="url(#use)" >
    </use>
</svg>
Comment 1 Cosmin Truta 2010-12-01 12:23:04 PST
Has this been fixed elsewhere? It's no longer crashing.
Tested with WebKit r72986.
Comment 2 Justin Schuh 2010-12-03 10:15:27 PST
Yeah, it looks like this got fixed in one of the recent use element patches over the last few months. If I had to guess I'd say it was probably: http://trac.webkit.org/changeset/69936