[webkit-reviews] review denied: [Bug 31680] WebCore::Document::updateLayoutIgnorePendingStylesheets NULL pointer : [Attachment 52021] v3; used asssertion, added null checks more; enhanced test
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Mar 30 12:04:43 PDT 2010
Darin Adler <darin at apple.com> has denied MORITA Hajime <morrita at google.com>'s
request for review:
Bug 31680: WebCore::Document::updateLayoutIgnorePendingStylesheets NULL pointer
https://bugs.webkit.org/show_bug.cgi?id=31680
Attachment 52021: v3; used asssertion, added null checks more; enhanced test
https://bugs.webkit.org/attachment.cgi?id=52021&action=review
------- Additional Comments from Darin Adler <darin at apple.com>
Alexey pointed out what we should really be doing. This should not just be
about null checking.
> + if (node && !node->document()) {
> + ec = INVALID_ACCESS_ERR;
> + return;
> + }
Instead of checking for null we should check that the node is in the document
of m_frame. It's not OK to set this to a node in another document.
> + if ((baseNode && !baseNode->document())
> + || (extentNode && !extentNode->document())) {
> + // We don't know how to "select" ownerless nodes.
> + ec = INVALID_ACCESS_ERR;
> + return;
> + }
Same comment.
> + if (node && !node->document()) {
> + ec = INVALID_ACCESS_ERR;
> + return;
> + }
Same comment.
> + if (!node->document()) {
> + ec = INVALID_ACCESS_ERR;
> + return;
> + }
Ditto.
> - if (!n || selection->isNone())
> + if (!n || !n->document() || selection->isNone())
> return false;
Again.
> + if (!n->document()) {
> + ec = INVALID_ACCESS_ERR;
> + return;
> + }
Again.
More information about the webkit-reviews
mailing list