[Webkit-unassigned] [Bug 8509] New: document.importNode(null) crashes

bugzilla-daemon at opendarwin.org bugzilla-daemon at opendarwin.org
Fri Apr 21 00:04:53 PDT 2006 

http://bugzilla.opendarwin.org/show_bug.cgi?id=8509

           Summary: document.importNode(null) crashes
           Product: WebKit
           Version: 420+ (nightly)
          Platform: Macintosh
               URL: javascript:document.importNode(null)
        OS/Version: Mac OS X 10.0
            Status: NEW
          Severity: normal
          Priority: P2
         Component: XML DOM
        AssignedTo: webkit-unassigned at opendarwin.org
        ReportedBy: mjs at apple.com


Doing document.importNode(null) causes a crash with the following backtrace:

Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_PROTECTION_FAILURE at address: 0x00000000
0x01de03af in WebCore::Document::importNode (this=0xf103c00, importedNode=0x0,
deep=false, ec=@0xbfffe518) at
/Volumes/Data/mjs/Work/src/Safari/OpenSource/WebCore/dom/Document.cpp:457
(gdb) bt
#0  0x01de03af in WebCore::Document::importNode (this=0xf103c00,
importedNode=0x0, deep=false, ec=@0xbfffe518) at
/Volumes/Data/mjs/Work/src/Safari/OpenSource/WebCore/dom/Document.cpp:457
#1  0x01f569ab in WebCore::JSDocumentProtoFunc::callAsFunction
(this=0x230ac490, exec=0xbfffe8e8, thisObj=0x230ac3b0, args=@0xbfffe748) at
/Users/mjs/Work/symroots/Debug/DerivedSources/WebCore/JSDocument.cpp:301
#2  0x015ce96c in KJS::JSObject::call (this=0x230ac490, exec=0xbfffe8e8,
thisObj=0x230ac3b0, args=@0xbfffe748) at
/Volumes/Data/mjs/Work/src/Safari/OpenSource/JavaScriptCore/kjs/object.cpp:96
#3  0x015c58cb in KJS::FunctionCallDotNode::evaluate (this=0x231a8900,
exec=0xbfffe8e8) at
/Volumes/Data/mjs/Work/src/Safari/OpenSource/JavaScriptCore/kjs/nodes.cpp:758
#4  0x015c312e in KJS::ExprStatementNode::execute (this=0x231a8a00,
exec=0xbfffe8e8) at
/Volumes/Data/mjs/Work/src/Safari/OpenSource/JavaScriptCore/kjs/nodes.cpp:1712

Looks like just lack of a null check.


-- 
Configure bugmail: http://bugzilla.opendarwin.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list