[PATCH] khtml/rendering/table_layout.cpp, crash while displaying MyEbay

[Sebastian Pohle]

Hi kdelibs-team,

as enthusiastic user of konqueror I've been bothered by a bug in the kdelibs 
that caused konqueror to crash while displaying (the German) ebay - MyEbay 
page.
A (deterministic:-) short example crash file is attached: crash1.html.

The bug(s) is(are) located in
	kdelibs-3.5.9/khtml/rendering/table_layout.cpp
which is contributes to the library
	libkhtml.so.4.2.0

The problem is that in the MyEbay-HTML-Source there is a table 
(table-layout:fixed; width:100%) defined; and a cell (width:0%).

In "table_layout.cpp" the variable int totalPercent is used to sum up 
width-values. If all thes width-values are 0, then totalPercent is also 0. In 
an upcoming division by totalPercent - a div by zero is caused :-(

Though, in this a little quick&dirty patch the 0-value is checked before the 
division (and a few other operations) are made.
It could be that this bug has been reported is a similar way - I'll look 
tomorrow, when bugs.kde.org is online again...

I'd be glad to get an answer, even if this patch is not good (it's my first 
and I've been in a hurry - the auction time of the ebay article was running 
out:-)

Bye,
Sebastian

-- 
Sebastian Pohle, Mobil +49 174 6767697
-------------- next part --------------
A non-text attachment was scrubbed...
Name: patch.table_td_width_0percent_totalPercent_divByZero_crash.diff
Type: text/x-diff
Size: 1800 bytes
Desc: not available
Url : http://mail.kde.org/pipermail/kdelibs-bugs/attachments/20081020/a1651786/attachment.bin 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.kde.org/pipermail/kdelibs-bugs/attachments/20081020/a1651786/attachment.html