Closed Bug 620275 Opened 15 years ago Closed 11 years ago

remove inconsistent null check of aContent from nsSubDocumentFrame::Init

Categories

(Core :: Layout, defect)

Product:
Core
Component:
Layout
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla36

People

(Reporter: timeless, Assigned: timeless)

References

(Blocks 1 open bug)

Details

(Keywords: coverity, crash)

Attachments

(2 files, 1 obsolete file)

alternative
1.02 KB, patch
bzbarsky
: review-
bzbarsky
: approval2.0-
Details | Diff | Splinter Review
unbitrotted
1.27 KB, patch
MatsPalmgren_bugz
: review+
Details | Diff | Splinter Review
161 nsSubDocumentFrame::Init(nsIContent* aContent, 162 nsIFrame* aParent, 163 nsIFrame* aPrevInFlow) 164 { i'm not sure you actually need an if here anyway, since do_QI is null safe, and perhaps you want to pick a value if !aContent since you're Init()ing something... 165 // determine if we are a <frame> or <iframe> 166 if (aContent) { 167 nsCOMPtr<nsIDOMHTMLFrameElement> frameElem = do_QueryInterface(aContent); 168 mIsInline = frameElem ? PR_FALSE : PR_TRUE; 169 } this is actually null safe: 171 nsresult rv = nsLeafFrame::Init(aContent, aParent, aPrevInFlow); we'll crash here: 191 aContent->SetPrimaryFrame(this);
Attached patch proposal (obsolete) — Splinter Review
Assignee: nobody → timeless
Status: NEW → ASSIGNED
Attachment #498679 - Flags: review?(dbaron)
Attachment #498679 - Flags: approval2.0?
Comment on attachment 498679 [details] [diff] [review] proposal I don't think it's valid to create any frame other than the root frame with a null content node (or *maybe* part of the root scrollframe construction). I think the right thing here is to remove the other null-check, but bzbarsky is probably a better reviewer than I am.
Attachment #498679 - Flags: review?(dbaron)
Attachment #498679 - Flags: review-
Attachment #498679 - Flags: approval2.0?
Attached patch alternativeSplinter Review
Attachment #498679 - Attachment is obsolete: true
Attachment #498909 - Flags: review?(bzbarsky)
Attachment #498909 - Flags: approval2.0?
Comment on attachment 498909 [details] [diff] [review] alternative That null-check is bogus. Just remove it.
Attachment #498909 - Flags: review?(bzbarsky)
Attachment #498909 - Flags: review-
Attachment #498909 - Flags: approval2.0?
Attachment #498909 - Flags: approval2.0-
Summary: crash [@ nsSubDocumentFrame::Init] if !aContent → remove inconsistent null check of aContent from nsSubDocumentFrame::Init
Comment on attachment 498909 [details] [diff] [review] alternative (In reply to Boris Zbarsky [:bz] from comment #4) > Comment on attachment 498909 [details] [diff] [review] > alternative > > That null-check is bogus. Just remove it. This patch looks fine to me (with a little unbitrotting applied), so I'm not sure which null-check you were referring to. The 'frameElem' null-check is still needed to check if it's a <frame> or <iframe> as the comment says. I don't see any other null-checks.
Flags: needinfo?(bzbarsky)
Er, I have no idea what I was thinking then, sorry. I agree that the patch looks right.
Flags: needinfo?(bzbarsky)
Attachment #8511400 - Flags: review+
https://hg.mozilla.org/mozilla-central/rev/e122c5300afc
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla36
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: