[webkit-changes] [98936] trunk/Source/WebCore

Mon, 31 Oct 2011 22:43:18 -0700

Title: [98936] trunk/Source/WebCore
Revision
98936
Author
aes...@apple.com
Date
2011-10-31 22:43:09 -0700 (Mon, 31 Oct 2011)

Log Message

Document pointer not null-checked in FrameView::isOnActivePage()
https://bugs.webkit.org/show_bug.cgi?id=71265
<rdar://problem/10374427>

Reviewed by Dan Bernstein.

Return false in FrameView::isOnActivePage() if m_frame->document() is
null. Other calls to m_frame->document() in FrameView also have a null
check. The frame can have a null document if the FrameLoader is loading
the initial empty document.

No test possible without triggering assertions in debug builds. This is
tracked by <http://webkit.org/b/71264>.

* page/FrameView.cpp:
(WebCore::FrameView::isOnActivePage):

Modified Paths

Diff

Modified: trunk/Source/WebCore/ChangeLog (98935 => 98936)


--- trunk/Source/WebCore/ChangeLog	2011-11-01 04:24:08 UTC (rev 98935)
+++ trunk/Source/WebCore/ChangeLog	2011-11-01 05:43:09 UTC (rev 98936)
@@ -1,3 +1,22 @@
+2011-10-31  Andy Estes  <aes...@apple.com>
+
+        Document pointer not null-checked in FrameView::isOnActivePage()
+        https://bugs.webkit.org/show_bug.cgi?id=71265
+        <rdar://problem/10374427>
+
+        Reviewed by Dan Bernstein.
+
+        Return false in FrameView::isOnActivePage() if m_frame->document() is
+        null. Other calls to m_frame->document() in FrameView also have a null
+        check. The frame can have a null document if the FrameLoader is loading
+        the initial empty document.
+
+        No test possible without triggering assertions in debug builds. This is
+        tracked by <http://webkit.org/b/71264>.
+
+        * page/FrameView.cpp:
+        (WebCore::FrameView::isOnActivePage):
+
 2011-10-31  Jeremy Apthorp  <jere...@google.com>
 
         Fix a crash relating to anonymous block merging in

Modified: trunk/Source/WebCore/page/FrameView.cpp (98935 => 98936)


--- trunk/Source/WebCore/page/FrameView.cpp	2011-11-01 04:24:08 UTC (rev 98935)
+++ trunk/Source/WebCore/page/FrameView.cpp	2011-11-01 05:43:09 UTC (rev 98936)
@@ -2431,7 +2431,9 @@
 {
     if (m_frame->view() != this)
         return false;
-    return !m_frame->document()->inPageCache();
+    if (Document* document = m_frame->document())
+        return !document->inPageCache();
+    return false;
 }
 
 ScrollableArea* FrameView::enclosingScrollableArea() const

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes

Reply via email to