Open Bug 1916340 Opened 5 months ago Updated 5 months ago

Document::ParseHTMLUnsafe may return null, but Document.parseHTMLUnsafe doesn't expect that

Categories

(Core :: DOM: Core & HTML, defect, P3)

defect

Tracking

()

People

(Reporter: smaug, Unassigned)

Details

https://searchfox.org/mozilla-central/rev/aee7c3a0dbf33af0c4f6648f391db62b35895e50/dom/webidl/Document.webidl#154 doesn't allow null values but https://searchfox.org/mozilla-central/rev/aee7c3a0dbf33af0c4f6648f391db62b35895e50/dom/base/Document.cpp#19575,19580,19588,19600 may return null. Null would lead to crashes on the bindings layer.

https://html.spec.whatwg.org/#dom-parsehtmlunsafe looks like "Get Trusted Type compliant string" may throw, so perhaps the method could just throw in problematic cases.

What are the problematic cases? Are they things that should be specified?

Flags: needinfo?(smaug)

Hmm, are those only out-of-memory, in which case we'd have crashed already...

oh, I guess passing > INT32_MAX buffer as the string, I think that would crash in the bindings layer. Implementation detail.

Flags: needinfo?(smaug)

I'm guessing P3/S3 are appropriate here, but feel free to change.

Severity: -- → S3
Priority: -- → P3
You need to log in before you can comment on or make changes to this bug.