Closed Bug 281833 Opened 20 years ago Closed 20 years ago

nsIDOMLocation::Assign crashes if called from C++ while page is loading.

Categories

(Core :: DOM: Core & HTML, defect)

x86
All
defect
Not set
critical

Tracking

()

RESOLVED FIXED

People

(Reporter: doronr, Unassigned)

Details

(Keywords: crash)

Attachments

(1 file)

http://lxr.mozilla.org/seamonkey/source/dom/src/base/nsLocation.cpp#329, loadInfo is null. This happens during laying out of the page, calling from C++. I have a weak ref domElement, then ->GetOwnerDocument(), get a nsIDOMDocumentView, then the nsIDOMAbstractView, then a nsIDOMWindowInternal, from which I get nsIDOMLocation and call ->Assign() with an url. Crash. So basically changing the location before the page has completed loading and rendering.
Severity: normal → critical
Keywords: crash
jst, the problem is that the CheckURL code bails out if it has no JS context, and never creates the loadinfo.... I'm not quite sure what the right fix is here. For example, what should we use for the security check, if anything?
Doron, wanna test this? This skips the security check n' all that if called from C++. And in addition, the loadinfo object that we create won't have an owner or referrer, so your milage may vary if you use this. There's better ways to load pages from C++ code than to use the DOM API, but that's a different story...
I am fine using nsIWebNavigation - we just should't crash :)
Doron, were you able to test this patch?
patch worked, ->Assign modifed the loaded URL, no crash!
Attachment #174095 - Flags: superreview?(bzbarsky)
Attachment #174095 - Flags: review?(bzbarsky)
Comment on attachment 174095 [details] [diff] [review] Maybe just like this? r+sr=bzbarsky
Attachment #174095 - Flags: superreview?(bzbarsky)
Attachment #174095 - Flags: superreview+
Attachment #174095 - Flags: review?(bzbarsky)
Attachment #174095 - Flags: review+
Fixed.
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED
Component: DOM → DOM: Core & HTML
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: