[Webkit-unassigned] [Bug 41447] New: [GTK] Extra nullcheck needed at SelectionControllerGtk.cpp
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Jul 1 00:21:19 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=41447
Summary: [GTK] Extra nullcheck needed at
SelectionControllerGtk.cpp
Product: WebKit
Version: 528+ (Nightly build)
Platform: PC
OS/Version: Linux
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: Accessibility
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: msanchez at igalia.com
In SelectionController::notifyAccessibilityForSelectionChange(), inside SelectionControllerGtk.cpp, we currently have this:
[...]
AccessibilityObject* accessibilityObject = m_frame->document()->axObjectCache()->getOrCreate(focusedNode);
int offset;
// Always report the events w.r.t. the non-linked unignored parent. (i.e. ignoreLinks == true)
AccessibilityObject* object = objectAndOffsetUnignored(accessibilityObject, offset, true);
[...]
The problem with this is that, as getOrCreate() could return 0 under some dark circunstances, we're risking here calling to objectAndOffsetUnignored() with null as first parameter, which will crash for sure as that function won't check that (that's a common assumption in AccessibilityObjectWrapperAtk.cpp).
Hence, an extra null check is needed. Attaching one-liner patch soon...
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list