nsFocusController::GetControllers does not handle a null nsIFocusManager* fm well

RESOLVED FIXED

Status

()

Core
Event Handling
--
critical
RESOLVED FIXED
9 years ago
4 years ago

People

(Reporter: timeless, Assigned: timeless)

Tracking

({coverity, crash})

Trunk
coverity, crash
Points:
---
Bug Flags:
wanted1.9.2 ?

Firefox Tracking Flags

(Not tracked)

Details

(URL)

Attachments

(1 attachment)

(Assignee)

Description

9 years ago
94 nsFocusController::GetControllers(nsIControllers** aResult)
95 {
99   nsCOMPtr<nsIDOMElement> focusedElement;
100   nsIFocusManager* fm = nsFocusManager::GetFocusManager();
101   if (fm)
102     fm->GetFocusedElement(getter_AddRefs(focusedElement));

here we carefully checked for a null focusmanager, if it was null, then focusedElement will not be set to non null

so this condition will be false:
104   if (focusedElement) {
131   }
132   else {
and off we go to try to get a window:
133     nsCOMPtr<nsIDOMWindow> focusedWindow;
... from the null focus manager:
134     fm->GetFocusedWindow(getter_AddRefs(focusedWindow));
(Assignee)

Comment 1

9 years ago
Created attachment 390911 [details] [diff] [review]
patch
Assignee: nobody → timeless
Status: NEW → ASSIGNED
Attachment #390911 - Flags: review?(Olli.Pettay)
Attachment #390911 - Flags: review?(Olli.Pettay) → review+
Flags: wanted1.9.2?
(Assignee)

Comment 2

9 years ago
http://hg.mozilla.org/mozilla-central/rev/ddf35389f5a4
Status: ASSIGNED → RESOLVED
Last Resolved: 9 years ago
Resolution: --- → FIXED
I believe this issue exists on 1.9.2 as well? Crash fix, wanted?
You need to log in before you can comment on or make changes to this bug.