[prev in list] [next in list] [prev in thread] [next in thread]
List: kfm-devel
Subject: PATCH: fixed crash with JS partially enabled
From: David Faure <david () mandrakesoft ! com>
Date: 2002-03-24 3:19:44
[Download RAW message or body]
Several reports indicated that having JS partially enabled (using the per domain settings)
could easily lead to crashes... Window::retrieve() wasn't handling correctly the case
of another window or frame with disabled JS. It was creating an Object with a null
imp, which is currently forbidden by KJS (leads to crashes later on, when using the object).
This patch fixes this, using Undefined() in such a case. Needs a small API change,
hence size of patch. Please review.
--
David FAURE, david@mandrakesoft.com, faure@kde.org
http://people.mandrakesoft.com/~david/, http://www.konqueror.org/
KDE, Making The Future of Computing Available Today
["crashfix.diff" (text/x-diff)]
? convertor.sh
? fixincludes
? log
? spec_dom2_core.html
? spec_dom2_html.html
? tentative.kjs_dom.storing_as_attribute.diff
Index: kjs_html.cpp
===================================================================
RCS file: /home/kde/kdelibs/khtml/ecma/kjs_html.cpp,v
retrieving revision 1.170
diff -u -p -b -r1.170 kjs_html.cpp
--- kjs_html.cpp 2002/03/20 00:57:26 1.170
+++ kjs_html.cpp 2002/03/24 03:16:50
@@ -986,10 +986,10 @@ Value KJS::HTMLElement::tryGet(ExecState
if ( doc && doc->view() ) {
KHTMLPart* part = doc->view()->part();
if ( part ) {
- Object globalObject = Window::retrieve( part );
+ Object globalObject = Object::dynamicCast( Window::retrieve( part ) );
// Calling hasProperty on a Window object doesn't work, it always says \
true. // Hence we need to use getDirect instead.
- if ( static_cast<ObjectImp *>(globalObject.imp())->getDirect( propertyName \
) ) + if ( !globalObject.isNull() && static_cast<ObjectImp \
*>(globalObject.imp())->getDirect( propertyName ) ) return globalObject.get( exec, \
propertyName ); }
}
Index: kjs_window.cpp
===================================================================
RCS file: /home/kde/kdelibs/khtml/ecma/kjs_window.cpp,v
retrieving revision 1.252
diff -u -p -b -r1.252 kjs_window.cpp
--- kjs_window.cpp 2002/03/20 00:59:31 1.252
+++ kjs_window.cpp 2002/03/24 03:16:51
@@ -266,18 +266,20 @@ Window::~Window()
Window *Window::retrieveWindow(KHTMLPart *p)
{
- ValueImp *imp = retrieve( p ).imp();
+ Object obj = Object::dynamicCast( retrieve( p ) );
#ifndef NDEBUG
- // imp should never be 0L, except when javascript has been disabled in that part.
+ // obj should never be null, except when javascript has been disabled in that \
part. if ( p && p->jScriptEnabled() )
{
- assert( imp );
+ assert( !obj.isNull() );
#ifndef QWS
- assert( dynamic_cast<KJS::Window*>(imp) );
+ assert( dynamic_cast<KJS::Window*>(obj.imp()) ); // type checking
#endif
}
#endif
- return static_cast<KJS::Window*>(imp);
+ if ( obj.isNull() ) // JS disabled
+ return 0;
+ return static_cast<KJS::Window*>(obj.imp());
}
Window *Window::retrieveActive(ExecState *exec)
@@ -290,7 +292,7 @@ Window *Window::retrieveActive(ExecState
return static_cast<KJS::Window*>(imp);
}
-Object Window::retrieve(KHTMLPart *p)
+Value Window::retrieve(KHTMLPart *p)
{
assert(p);
KJSProxy *proxy = KJSProxy::proxy( p );
@@ -300,7 +302,7 @@ Object Window::retrieve(KHTMLPart *p)
#endif
return proxy->interpreter()->globalObject(); // the Global object is the \
"window" } else
- return Object();
+ return Undefined(); // This can happen with JS disabled on the domain of that \
window }
Location *Window::location() const
@@ -638,8 +640,10 @@ Value Window::get(ExecState *exec, const
// give access to functions (and variables ?) from parent frameset
if (m_part->parentPart())
+ {
+ Object parentObject = Object::dynamicCast( retrieve(m_part->parentPart()) );
+ if ( !parentObject.isNull() )
{
- Object parentObject = retrieve(m_part->parentPart());
Value ret = parentObject.get(exec,p);
if (ret.type() != UndefinedType ) {
#ifdef KJS_VERBOSE
@@ -648,6 +652,7 @@ Value Window::get(ExecState *exec, const
return ret;
}
}
+ }
// This isn't necessarily a bug. Some code uses if(!window.blah) window.blah=1
// But it can also mean something isn't loaded or implemented, hence the WARNING \
to help grepping. @@ -1095,6 +1100,7 @@ Value WindowFunc::tryCall(ExecState *exe
khtmlpart->write("<HTML><BODY>");
khtmlpart->end();
if ( part->docImpl() ) {
+ kdDebug(6070) << "Setting domain to " << \
part->docImpl()->domain().string() << endl; khtmlpart->docImpl()->setDomain( \
part->docImpl()->domain(), true ); khtmlpart->docImpl()->setBaseURL( \
part->docImpl()->baseURL() ); }
@@ -1421,7 +1427,12 @@ Value FrameArray::get(ExecState *exec, c
if (p == "length")
return Number(len);
else if (p== "location") // non-standard property, but works in NS and IE
- return Window::retrieve( part ).get( exec, "location" );
+ {
+ Object obj = Object::dynamicCast( Window::retrieve( part ) );
+ if ( !obj.isNull() )
+ return obj.get( exec, "location" );
+ return Undefined();
+ }
// check for the name or number
KParts::ReadOnlyPart *frame = part->findFrame(p.qstring());
Index: kjs_window.h
===================================================================
RCS file: /home/kde/kdelibs/khtml/ecma/kjs_window.h,v
retrieving revision 1.77
diff -u -p -b -r1.77 kjs_window.h
--- kjs_window.h 2002/03/01 22:02:05 1.77
+++ kjs_window.h 2002/03/24 03:16:51
@@ -71,7 +71,7 @@ namespace KJS {
* for the specified part p this will be returned in order to have unique
* bindings.
*/
- static Object retrieve(KHTMLPart *p);
+ static Value retrieve(KHTMLPart *p);
/**
* Returns the Window object for a given HTML part
*/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic