[Webkit-unassigned] [Bug 18282] WebKit crashes with deeply nested divs

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Mar 15 19:23:37 PDT 2010


--- Comment #22 from TAMURA, Kent <tkent at chromium.org>  2010-03-15 19:23:37 PST ---
(In reply to comment #21)
> (From update of attachment 50688 [details])
> Does Chromium want this?


> Aren't ports going to want to control MAX_DOM_TREE_DEPTH?  I guess they can
> already by setting both ENABLE and MAX_DOM_TREE_DEPTH.

Do you mean no configure.ac change for MAX_DOM_TREE_DEPTH?

> Are you sure this is the order you want?
> +    if (m_nodeDepth > MAX_DOM_TREE_DEPTH)
> +        return;
> +#endif
>      exitText();

Yes. In parseStartElement(). the check should be put after exitText(), and the
check should be put before exitText().  It's because exitText() in
parseStartElement() is for text *before* the start tag.

> +        handleError(nonFatal, "Too deep tree.", lineNumber(), columnNumber());
> "DOM tree is too deep" would be more clear to my eyes.  What sort of message
> does FireFox provide here?  I'm pretty sure they have a limit.

Ok, I'll update the message.
Firefox has a limit for HTML DOM:
but it doesn't show any message like WebKit doesn't for HTML.
I couldn't find a limit for XML parsing in Firefox.

Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list