Patch: Crash: blocking JS alert and deleting a window

Koos Vriezen koos.vriezen at xs4all.nl
Fri Oct 18 17:55:14 BST 2002


On Fri, 18 Oct 2002, David Faure wrote:

> On Friday 18 October 2002 17:05, Koos Vriezen wrote:
> > Btw, I'm trying very hard finding cases where this would lead to crashes
> > too.
>
> I'm right now looking at #49068, which still crashes :(
>
> > Didn't succeed yet, even:
> >   <html><head><script>
> >     setTimeout('self.location.replace("http://slashdot.org")', 3000);
> >   </script></head>
> >   <body><INPUT TYPE=TEXT onFocus='alert(somevar);this.value="some text";'>
> >   </body></html>
> > this evil script doesn't cause a crash (click on the INPUT within three
> > seconds). However one may ask if the alert box shouldn't disappear after a
> > reload/replace. Shouldn't there be something similar in
> > KHTMLPart::closeURL() too?
>
> Hmm, maybe this would fix it?
>
> But globally, I'm very surprised that simply hiding modal dialogs is enough.
> Does that make their exec() call return?
> The problem in 49068 is that the dialog is destroyed as a child widget,
> and later on exec() tries to access result(), in the deleted dialog.
> That's the first error detected by valgrind, there are many more afterwards...

Yes, this:
Index: khtml_part.cpp
===================================================================
RCS file: /home/kde/kdelibs/khtml/khtml_part.cpp,v
retrieving revision 1.755
diff -u -3 -p -r1.755 khtml_part.cpp
--- khtml_part.cpp      2002/10/17 17:23:12     1.755
+++ khtml_part.cpp      2002/10/18 16:52:33
@@ -540,6 +540,11 @@ bool KHTMLPart::closeURL()
   // null node activated.
   emit nodeActivated(Node());

+  QObjectList *dlgs = d->m_view->topLevelWidget()->queryList("QDialog");
+  for (QObject *dlg = dlgs->first(); dlg; dlg = dlgs->next())
+    static_cast<QDialog*>(dlg)->close();
+  delete dlgs;
+
   return true;
 }

does fix it, using close() this time (thanks Harri).

Koos





More information about the kfm-devel mailing list