RESOLVED FIXED 72222
REGRESSION(99849): NULL-deref in updateLastMediaLine when parsing some media-queries 
https://bugs.webkit.org/show_bug.cgi?id=72222
Summary REGRESSION(99849): NULL-deref in updateLastMediaLine when parsing some media-...
Julien Chaffraix
Reported 2011-11-12 17:06:41 PST
Seems like r99849 missed a code path in CSSGrammar.y: CSSParser* p = static_cast<CSSParser*>(parser); if ($$) $$->appendMediaQuery(p->sinkFloatingMediaQuery($4)); p->updateLastMediaLine($$); ($$ can be null and we would crash in updateLastMediaLine) I had some bandwidth today so I reduced the crashes seen in the wild and came up with a small patch. I will attach it shortly.
Attachments
Proposed fix: extend the NULL-check. Reduced test case from our top-most crashers as test-case. (3.46 KB, patch)
2011-11-12 17:20 PST, Julien Chaffraix 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Julien Chaffraix
Comment 1 2011-11-12 17:20:04 PST
Created attachment 114848 [details] Proposed fix: extend the NULL-check. Reduced test case from our top-most crashers as test-case.
WebKit Review Bot
Comment 2 2011-11-13 09:43:46 PST
Comment on attachment 114848 [details] Proposed fix: extend the NULL-check. Reduced test case from our top-most crashers as test-case. Clearing flags on attachment: 114848 Committed r100092: <http://trac.webkit.org/changeset/100092>
WebKit Review Bot
Comment 3 2011-11-13 09:43:50 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.