| commit | 8465b19d0c3f9b48b8aec4ad2a64ffce37a07d29 | |
| author | Kalle Olavi Niemitalo <kon@iki.fi> | |
| Sat, 4 Apr 2009 18:56:53 +0000 (4 21:56 +0300) | ||
| committer | Kalle Olavi Niemitalo <Kalle@Astalo.kon.iki.fi> | |
| Sat, 4 Apr 2009 18:56:53 +0000 (4 21:56 +0300) | ||
| tree | 395dab58a2fda79054f0b86d9ab35de7b54a5518 | treesnapshot (tar.gz zip) |
| parent | 22fe77d14fbee4309c62d649f641b5ca31909a59 | commitdiff |
Bug 1071: Fix null-ptr crash in get_dom_node_child
struct dom_node contains a union that contains various structs that
have members of type struct dom_node * in them.
get_dom_node_list_by_type returns the address (struct dom_node **) of
one of those members, or NULL. However the member itself can also be
NULL if no nodes have been added to the list and the list has thus not
yet been allocated. (add_to_dom_node_list lazily allocates the lists.)
get_dom_node_child did not expect a null pointer there and crashed, as
shown in bug 1071. Fix by adding a check so that it treats a NULL list
as an empty list.
struct dom_node contains a union that contains various structs that
have members of type struct dom_node * in them.
get_dom_node_list_by_type returns the address (struct dom_node **) of
one of those members, or NULL. However the member itself can also be
NULL if no nodes have been added to the list and the list has thus not
yet been allocated. (add_to_dom_node_list lazily allocates the lists.)
get_dom_node_child did not expect a null pointer there and crashed, as
shown in bug 1071. Fix by adding a check so that it treats a NULL list
as an empty list.
| src/dom/node.c | diffblobblamehistory |