[SCM] WebKit Debian packaging branch, webkit-1.3, updated. upstream/1.3.7-4207-g178b198

yurys at chromium.org yurys at chromium.org
Sun Feb 20 23:58:53 UTC 2011 

The following commit has been merged in the webkit-1.3 branch:
commit 3991a0bc78e7fcb6a253af9df5ab318c7a30a660
Author: yurys at chromium.org <yurys at chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date:   Thu Jan 27 12:38:09 2011 +0000

    2011-01-27  Yury Semikhatsky  <yurys at chromium.org>
    
            Reviewed by Pavel Feldman.
    
            [V8] Crash in WebCore::addMessageToConsole
            https://bugs.webkit.org/show_bug.cgi?id=53227
    
            * bindings/v8/V8Proxy.cpp: check that the Frame where the error
            occured still has a page before getting a console object from it.
            (WebCore::V8Proxy::reportUnsafeAccessTo):
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@76786 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog
index 467366a..e17d002 100644
--- a/Source/WebCore/ChangeLog
+++ b/Source/WebCore/ChangeLog
@@ -1,3 +1,14 @@
+2011-01-27  Yury Semikhatsky  <yurys at chromium.org>
+
+        Reviewed by Pavel Feldman.
+
+        [V8] Crash in WebCore::addMessageToConsole
+        https://bugs.webkit.org/show_bug.cgi?id=53227
+
+        * bindings/v8/V8Proxy.cpp: check that the Frame where the error
+        occured still has a page before getting a console object from it.
+        (WebCore::V8Proxy::reportUnsafeAccessTo):
+
 2011-01-27  Hans Wennborg  <hans at chromium.org>
 
         Reviewed by Jeremy Orlow.
diff --git a/Source/WebCore/bindings/v8/V8Proxy.cpp b/Source/WebCore/bindings/v8/V8Proxy.cpp
index 46989c8..5d09482 100644
--- a/Source/WebCore/bindings/v8/V8Proxy.cpp
+++ b/Source/WebCore/bindings/v8/V8Proxy.cpp
@@ -153,10 +153,15 @@ void V8Proxy::reportUnsafeAccessTo(Frame* target)
         return;
 
     Frame* source = V8Proxy::retrieveFrameForEnteredContext();
-    if (!source || !source->document())
-        return; // Ignore error if the source document is gone.
+    if (!source)
+        return;
+    Page* page = source->page();
+    if (!page)
+        return;
 
     Document* sourceDocument = source->document();
+    if (!sourceDocument)
+        return; // Ignore error if the source document is gone.
 
     // FIXME: This error message should contain more specifics of why the same
     // origin check has failed.
@@ -170,7 +175,7 @@ void V8Proxy::reportUnsafeAccessTo(Frame* target)
     // NOTE: Safari prints the message in the target page, but it seems like
     // it should be in the source page. Even for delayed messages, we put it in
     // the source page.
-    addMessageToConsole(source->page(), str, kSourceID, kLineNumber);
+    addMessageToConsole(page, str, kSourceID, kLineNumber);
 }
 
 static void handleFatalErrorInV8()

-- 
WebKit Debian packaging

More information about the Pkg-webkit-commits mailing list