Bug 83538 - Don't let CSSPropertyWebkitPerspective dereference primitiveValue without null check.
Summary: Don't let CSSPropertyWebkitPerspective dereference primitiveValue without nul...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Luke Macpherson
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-04-09 19:11 PDT by Luke Macpherson
Modified: 2012-04-09 21:48 PDT (History)
6 users (show)

See Also:

Attachments
Patch (1.82 KB, patch)
2012-04-09 19:14 PDT, Luke Macpherson 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Luke Macpherson 2012-04-09 19:11:21 PDT 
Don't let CSSPropertyWebkitPerspective dereference primitiveValue without null check.
Comment 1 Luke Macpherson 2012-04-09 19:14:04 PDT 
Created attachment 136373 [details]
Patch
Comment 2 Daniel Bates 2012-04-09 20:30:53 PDT 
Comment on attachment 136373 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=136373&action=review

> Source/WebCore/ChangeLog:12
> +        Coverity pointed out that we potentially dereference primitiveValue here without checking for null.
> +        I've added an early out for that case to make sure it can't ever happen. I don't know if it's actually
> +        possible to exercise that code path or not - probably the parser prevents it from being hit in practice.

Have you tried writing a test?
Comment 3 Luke Macpherson 2012-04-09 20:53:59 PDT 
I've read the parser code and can't see an obvious way to exercise this code path. I still think it's best to make the code obviously correct (and reduce false-positives coming from static analysis).
Comment 4 WebKit Review Bot 2012-04-09 21:48:10 PDT 
Comment on attachment 136373 [details]
Patch

Clearing flags on attachment: 136373

Committed r113676: <http://trac.webkit.org/changeset/113676>
Comment 5 WebKit Review Bot 2012-04-09 21:48:15 PDT 
All reviewed patches have been landed.  Closing bug.