Bug 18237

Summary: wrong unref of m_frame causes segfault
Product: WebKit Reporter: Salvatore De Paolis <iwkse>
Component: WebKitGTKAssignee: Nobody <webkit-unassigned>
Status: UNCONFIRMED    
Severity: Normal CC: bugs-noreply
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: PC   
OS: Linux   
Bug Depends on:    
Bug Blocks: 20403    
Attachments:
Description Flags
m_frame unref mrowe: review-

Salvatore De Paolis
Reported 2008-03-31 10:26:28 PDT
m_frame is unref without checking if it's null and it causes a segfault
Attachments
m_frame unref (1.07 KB, patch)
2008-03-31 10:27 PDT, Salvatore De Paolis 		mrowe: review-
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Salvatore De Paolis
Comment 1 2008-03-31 10:27:33 PDT
Created attachment 20237 [details] m_frame unref
Darin Adler
Comment 2 2008-03-31 10:48:48 PDT
Comment on attachment 20237 [details] m_frame unref This looks wrong to me. I don't think this should be done in these detachedFromParent calls, and certainly not in both the (1) and (2) versions!
Salvatore De Paolis
Comment 3 2008-03-31 11:07:08 PDT
(In reply to comment #2) > (From update of attachment 20237 [details] [edit]) > This looks wrong to me. I don't think this should be done in these > detachedFromParent calls, and certainly not in both the (1) and (2) versions! > Actually the only one was the (4) and it segfaulted. Adding the check on m_frame fixed it. I thought it would work similar with the others but I did not find anybody to explain to me how it works with frames. So keep it as WORKSFORME and feel free to update the patch.
Mark Rowe (bdash)
Comment 4 2008-04-10 17:47:47 PDT
Comment on attachment 20237 [details] m_frame unref r- based on Darin's comment.
Note You need to log in before you can comment on or make changes to this bug.