[Webkit-unassigned] [Bug 130900] New: Null pointer crash in String::append(UChar).

Fri Mar 28 10:04:16 PDT 2014

https://bugs.webkit.org/show_bug.cgi?id=130900

           Summary: Null pointer crash in String::append(UChar).
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
        OS/Version: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Web Template Framework
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: peavo at outlook.com

A couple of days ago, I was getting many null pointer crashes in String::append(UChar).
This can happen if the string is empty (m_impl member == 0), and it is called with a character value less than or equal to 0xff.
In the first line of the method, the is8Bit() method will then be called, which accesses the m_impl member, which is null, causing a crash.
This can be fixed by first checking if the m_impl member is null, in the same way as in the method String::append(LChar).

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.