Bug 53811 - Null deref in DOMURL
Summary: Null deref in DOMURL
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebCore Misc. (show other bugs)
Version: 528+ (Nightly build)
Hardware: PC OS X 10.5
: P2 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-02-04 14:03 PST by Cris Neckar
Modified: 2011-02-07 23:45 PST (History)
2 users (show)

See Also:

Attachments
Patch (3.10 KB, patch)
2011-02-04 15:26 PST, Cris Neckar 		no flags Details | Formatted Diff | Diff
Patch (3.12 KB, patch)
2011-02-07 16:05 PST, Cris Neckar 		no flags Details | Formatted Diff | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Cris Neckar 2011-02-04 14:03:54 PST 
Just fixing a null deref in DOMURL when the script execution context doesn't exist at the time of creation. I'll post a patch in a minute.
Comment 1 Cris Neckar 2011-02-04 15:26:41 PST 
Created attachment 81304 [details]
Patch
Comment 2 Jian Li 2011-02-07 15:42:46 PST 
Comment on attachment 81304 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=81304&action=review

> Source/WebCore/ChangeLog:5
> +        fix null deref in DOMURL

Please capitalize the 1st character.

> LayoutTests/ChangeLog:9
> +        * fast/dom/domurl-script-execution-context-crash.html: Added.

Since DOMURL is only used for blob URL, I think we'd better put this new test under fast/files.

> LayoutTests/fast/dom/domurl-script-execution-context-crash.html:6
> +        e.apply(w,['webkitURL']);

Please add a space after comma.

> LayoutTests/fast/dom/domurl-script-execution-context-crash.html:16
> +    setTimeout(crash,30);

ditto.

> LayoutTests/fast/dom/domurl-script-execution-context-crash.html:26
> +e=(w=open()).eval;

Please add space before and after 2 "=" operators.
Comment 3 Cris Neckar 2011-02-07 16:05:12 PST 
Created attachment 81547 [details]
Patch
Comment 4 WebKit Commit Bot 2011-02-07 23:43:36 PST 
The commit-queue encountered the following flaky tests while processing attachment 81547 [details]:

inspector/debugger-scripts.html bug 53982 (authors: pfeldman@chromium.org and podivilov@chromium.org)
The commit-queue is continuing to process your patch.
Comment 5 WebKit Commit Bot 2011-02-07 23:45:01 PST 
Comment on attachment 81547 [details]
Patch

Clearing flags on attachment: 81547

Committed r77914: <http://trac.webkit.org/changeset/77914>
Comment 6 WebKit Commit Bot 2011-02-07 23:45:06 PST 
All reviewed patches have been landed.  Closing bug.