[Webkit-unassigned] [Bug 206724] Nullptr crash when setting custom properties on detached style
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Jan 27 16:51:36 PST 2020
https://bugs.webkit.org/show_bug.cgi?id=206724
--- Comment #9 from Ryosuke Niwa <rniwa at webkit.org> ---
(In reply to Darin Adler from comment #8)
> Comment on attachment 388631 [details]
> Patch
>
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=388631&action=review
>
> >>> Source/WebCore/css/PropertySetCSSStyleDeclaration.cpp:260
> >>> + ASSERT(document);
> >>
> >> Why is this assertion safe? Since m_lastDocument is a WeakPtr, what guarantees it won’t be null?
> >
> > This assert shouldn't be here, it's a leftover from debugging. setCustomProperty can handle null document, the crash was from assuming there would always be a parentStyleSheet() when there isn't a parentElement().
>
> If parentStyleSheet is null too, then why can't we let document be null? Why
> do we need this m_lastDocument trick?
If document is null, then we wouldn't be able to get to the custom property registry & parse the property as "*" as opposed to whatever syntax currently defined by the author script. On the other hand, that's not a terrible outcome for now since custom registry isn't really something we currently ship.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20200128/940eb667/attachment.htm>
More information about the webkit-unassigned
mailing list