Bug 211846 - Null pointer access in DOMGuarded::guarded on 64b build
Summary: Null pointer access in DOMGuarded::guarded on 64b build
Status: RESOLVED INVALID
Alias: None
Product: WebKit
Classification: Unclassified
Component: Bindings (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-05-13 09:17 PDT by xc.o.c.1180@gmail.com
Modified: 2020-06-01 08:28 PDT (History)
4 users (show)

See Also:

Attachments
patch (1.02 KB, text/plain)
2020-05-13 09:17 PDT, xc.o.c.1180@gmail.com 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description xc.o.c.1180@gmail.com 2020-05-13 09:17:00 PDT 
Created attachment 399271 [details]
patch

Should check null before jsDynamicCast.

Also, guardedObject() should just return JSCell*, this saves a branch in jsDynamicCast.
Comment 1 Yusuke Suzuki 2020-05-30 23:19:04 PDT 
(In reply to xc.o.c.1180@gmail.com from comment #0)
> Created attachment 399271 [details]
> patch
> 
> Should check null before jsDynamicCast.
> 
> Also, guardedObject() should just return JSCell*, this saves a branch in
> jsDynamicCast.

Could you add a test case showing the crash?
Comment 2 xc.o.c.1180@gmail.com 2020-06-01 07:42:19 PDT 
Sorry, this is a mistake, please discard it.
Comment 3 Yusuke Suzuki 2020-06-01 08:28:56 PDT 
(In reply to xc.o.c.1180@gmail.com from comment #2)
> Sorry, this is a mistake, please discard it.

OK, no problem! Thanks for filing an issue :D