[Webkit-unassigned] [Bug 65316] Potential NULL-pointer vulnerability in [RenderLayer::updateLayerPosition]

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Oct 18 09:57:05 PDT 2012


https://bugs.webkit.org/show_bug.cgi?id=65316





--- Comment #6 from Julien Chaffraix <jchaffraix at webkit.org>  2012-10-18 09:58:00 PST ---
(In reply to comment #5)
> (In reply to comment #4)
> > (From update of attachment 169084 [details] [details])
> > Can you write a test that triggers this issue?
> 
> Seems that is possible in custom ports only (JavaFX port as an example - the scenario was described in bug synopsis). That happen in slow message queue.

If the bug requires a custom port, it is possibly not a WebCore issue.

> Any way that is a bug form static code analyzer - it have to be fixed.

No, it doesn't *have to* (see http://lists.webkit.org/pipermail/webkit-dev/2012-April/020365.html). I am not convinced the change is right as updateLayerPosition should be called only on an attached tree, which means that |curr| cannot be NULL as we are not called on the RenderView (renderer()->parent()) and the RenderView always has a RenderLayer.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.


More information about the webkit-unassigned mailing list