Patch: Crash: blocking JS alert and deleting a window

David Faure david at mandrakesoft.com
Fri Oct 18 16:18:08 BST 2002


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Friday 18 October 2002 17:05, Koos Vriezen wrote:
> Btw, I'm trying very hard finding cases where this would lead to crashes
> too. 

I'm right now looking at #49068, which still crashes :(

> Didn't succeed yet, even:
>   <html><head><script>
>     setTimeout('self.location.replace("http://slashdot.org")', 3000);
>   </script></head>
>   <body><INPUT TYPE=TEXT onFocus='alert(somevar);this.value="some text";'>
>   </body></html>
> this evil script doesn't cause a crash (click on the INPUT within three
> seconds). However one may ask if the alert box shouldn't disappear after a
> reload/replace. Shouldn't there be something similar in
> KHTMLPart::closeURL() too?

Hmm, maybe this would fix it?

But globally, I'm very surprised that simply hiding modal dialogs is enough.
Does that make their exec() call return?
The problem in 49068 is that the dialog is destroyed as a child widget,
and later on exec() tries to access result(), in the deleted dialog.
That's the first error detected by valgrind, there are many more afterwards...

- -- 
David FAURE, david at mandrakesoft.com, faure at kde.org
http://people.mandrakesoft.com/~david/
Contributing to: http://www.konqueror.org/, http://www.koffice.org/
Get the latest KOffice - http://download.kde.org/stable/koffice-1.2/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE9sCYw72KcVAmwbhARAk25AJ9Y7NWi3lbL1TOAGYlzbNsNGypTbgCgnaZY
82yFyn7X+iHWTqDnlpjNWUM=
=XAIW
-----END PGP SIGNATURE-----





More information about the kfm-devel mailing list