Closed
Bug 236812
Opened 20 years ago
Closed 20 years ago
When getting IHtmlElement::parentElement property the control crashes
Categories
(Core Graveyard :: Embedding: ActiveX Wrapper, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: atremon, Assigned: atremon)
Details
(Keywords: crash)
Attachments
(1 file)
|
704 bytes,
patch
|
adamlock
:
review+
jst
:
superreview+
|
Details | Diff | Splinter Review |
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; fr-FR; rv:1.7b) Gecko/20040303 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; fr-FR; rv:1.7b) Gecko/20040303 In CIEHtmlElement::get_parentElement(), IDispatch *pDisp = reinterpret_cast<IDispatch *>(mParent); pDisp->QueryInterface(IID_IHTMLElement, (void **) p); results in a crash. Reproducible: Always Steps to Reproduce:
|
Assignee | |
Updated•20 years ago
|
Assignee: adamlock → atremon
|
|
Assignee | |
Updated•20 years ago
|
Summary: Whenne getting IHtmlElement::parentElement property the control crashes → When getting IHtmlElement::parentElement property the control crashes
|
|
Assignee | |
Comment 1•20 years ago
|
||
Reinterpret_cast doesn't move the pointer, so a static_cast should be necessary. But the compiler won't allow this because it doesn't know that the IDispatch and CIEHtmlNode are related. The solution is simply to cast to a CIEHtmlElement
|
|
Assignee | |
Updated•20 years ago
|
Attachment #143289 -
Flags: review?(adamlock)
|
|
Assignee | |
Comment 2•20 years ago
|
||
I'm not sure this does necessarily result in a crash, but might sometimes only
return a void pointer.
Steps to Reproduce: with #import <mshtml.tlb>
MSHTML::IHTMLElementPtr pEl = m_pHtmlDoc2->body;
MSHTML::IHTMLElementCollectionPtr pColl = pEl->children;
long pL;
pColl->get_length(&pL);
TRACE1("%d\n", pL);
COleVariant oleVar;
oleVar.vt = VT_I2;
oleVar.iVal = 0;
MSHTML::IHTMLElementPtr pEl2 = pColl->item(oleVar);
TRACE(pEl2->tagName);
MSHTML::IHTMLElementPtr pEl3 = pEl2->parentElement;
Attachment #143289 -
Flags: review?(adamlock) → review+
|
|
Assignee | |
Updated•20 years ago
|
Attachment #143289 -
Flags: superreview?(jst)
|
||
Comment 3•20 years ago
|
||
Comment on attachment 143289 [details] [diff] [review] Replace the reinterpret_cast to IDispatch by a static_cast to CIEHtmlElement There's no way that mParent node is *not* an element (CIEHtmlElement) object here, right? If so, sr=jst
Attachment #143289 -
Flags: superreview?(jst) → superreview+
|
|
Assignee | |
Comment 4•20 years ago
|
||
Well, actually, mParent is changed by PopulateFromDOMHTMLCollection when get_images, get_applets, get_links, etc. is called on IHTMLDocument, which for me is wrong (eg. images are not a direct child of the document). So I would remove the SetParent call from PopulateFromDOMHTMLCollection. The same happens from CreateFromParentNode, either because of a call to get_all in IHTMLDocument or IHTMLElement, or because of a call to get_children. I would only leave the SetParent call in this last case, (and then mParent is *always* a CIEHtmlElement), and remove it for a call to get_all (get_all returns elements that are not necessarily a direct child of the element or document we make the call on). I could update the patch for bug http://bugzilla.mozilla.org/show_bug.cgi?id=236894, explaining this, before checking in this one.
The parentElement can definitely be null if the element is the topmost in the document, but I think the cast inside the pointer check should be fine. The parent of an element should be another element, implemented by CIEHtmlElement.
Fix is checked in
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED
|
||
Updated•12 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•