[Webkit-unassigned] [Bug 17771] New: SVGImage accesses m_frame w/o checking for NULL
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Mar 11 09:34:35 PDT 2008
http://bugs.webkit.org/show_bug.cgi?id=17771
Summary: SVGImage accesses m_frame w/o checking for NULL
Product: WebKit
Version: 525+ (Nightly build)
Platform: PC
URL: http://www.trilulilu.ro/audio/cele-mai-recente/
OS/Version: Mac OS X 10.5
Status: NEW
Keywords: NeedsReduction
Severity: Normal
Priority: P2
Component: SVG
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: eric at webkit.org
SVGImage accesses m_frame w/o checking for NULL
I don't know how to get real crashlogs out of this machine (I'm on windows for
the moment). But the top of the stack was something like this:
Frame::document()
SVGImage::hasRelativeWidth()
RenderImage::calcReplacedWidth()
RenderImage::calcPrefWidths()
RenderBox::minPrefWidth()
Looking at SVGImage.cpp it's clear we have many instances of un-guarded usage
of m_frame. I'm sure there are other crashes like this to be found.
We'll need to create a reduction (by staring @ the SVGImage source code)
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list