[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kfm-devel
Subject:    Two possible problems in khtml
From:       Ismail Donmez <ismail () pardus ! org ! tr>
Date:       2006-03-31 12:47:11
Message-ID: 200603311547.12034.ismail () pardus ! org ! tr
[Download RAW message or body]


Hi,

Someone in #khtml told us that he run a statistical code checker against khtml 
source code ( not full khtml he told but only limited parts ), and it show up 
two obvious bugs.

First is dom2_traversalimpl.cpp line starting 588 :

=======================================================
if( _tempCurrent )
    {
        _result = isAccepted( _tempCurrent );
        switch ( _result )
        {
       [..]
    }
    // now the case if we don't have previous sibling
    else
    {
        _tempCurrent = _tempCurrent->parentNode(); <-- _tempCurrent is NULL so 
this is a null pointer referece.

Looking at similar functions I think it should be :

_tempCurrent = n->parentNode();
=======================================================

Second is css_valueimpl.cpp starting line 804 :

=======================================================
    khtml::DocLoader *docLoader = 0;
    const StyleBaseImpl *root = style;
    while (root->parent())
        root = root->parent();
    if (root->isCSSStyleSheet())
        docLoader = static_cast<const CSSStyleSheetImpl*>(root)->docLoader();

    m_image = docLoader->requestImage(url); <-- docLoader can be NULL
=======================================================

Also the guy told me he can process rest of the khtml if someone can send him 
gcc -E output which doesn't contain any external reference ( references to 
outside headers etc ). I don't know how to do this, if someone can do this I 
can give the contact details in private.

Regards,
ismail
-- 
If at first you don't succeed, redefine success.

[Attachment #3 (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]