[Webkit-unassigned] [Bug 167030] New: Avoid nullptr frame dereference when scrollTo is called on a disconnected DOMWindow

Fri Jan 13 16:04:15 PST 2017

https://bugs.webkit.org/show_bug.cgi?id=167030

            Bug ID: 167030
           Summary: Avoid nullptr frame dereference when scrollTo is
                    called on a disconnected DOMWindow
    Classification: Unclassified
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Keywords: InRadar
          Severity: Normal
          Priority: P2
         Component: Layout and Rendering
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: bfulgham at webkit.org
                CC: bfulgham at webkit.org, simon.fraser at apple.com,
                    zalan at apple.com

All of the functions in DOMWindow properly check that the frame is non-nullptr before using it. All, except for DOMWindow::scrollTo.

This patch corrects this oversight and avoids a potential crash.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170114/8133d654/attachment.html>