| Summary: | Null pointer access in DOMGuarded::guarded on 64b build | ||||||
|---|---|---|---|---|---|---|---|
| Product: | WebKit | Reporter: | xc.o.c.1180 <xc.o.c.1180> | ||||
| Component: | Bindings | Assignee: | Nobody <webkit-unassigned> | ||||
| Status: | RESOLVED INVALID | ||||||
| Severity: | Normal | CC: | cdumez, mark.lam, youennf, ysuzuki | ||||
| Priority: | P2 | ||||||
| Version: | WebKit Nightly Build | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Attachments: |
|
||||||
(In reply to xc.o.c.1180@gmail.com from comment #0) > Created attachment 399271 [details] > patch > > Should check null before jsDynamicCast. > > Also, guardedObject() should just return JSCell*, this saves a branch in > jsDynamicCast. Could you add a test case showing the crash? Sorry, this is a mistake, please discard it. (In reply to xc.o.c.1180@gmail.com from comment #2) > Sorry, this is a mistake, please discard it. OK, no problem! Thanks for filing an issue :D |
Created attachment 399271 [details] patch Should check null before jsDynamicCast. Also, guardedObject() should just return JSCell*, this saves a branch in jsDynamicCast.