Patch for 68523

Germain Garand germain at ebooksfrance.org
Wed Sep 29 17:48:51 BST 2004


Le Mercredi 29 Septembre 2004 14:03, Allan Sandfeld Jensen a écrit :
> Hi
>
> I have a possible patch for bug 68523
> <http://bugs.kde.org/show_bug.cgi?id=68523>, and would like to have it
> reviewed.
>
> Basically the crash happens when a subcall of the
> htmltokenizer::executeScript ends up deleting the tokenizer itself. This
> can create crashes several different places.

mmh indeed, but this should not be possible because if it is executing a 
script, then it is parsing. And when it is parsing, it can't be deleted, 
there are safeguards everywhere for that. 

I see that the incriminated script calls document.close()... 
if it does close the document, then it can only mean parsing() is false at 
this moment, and that is the real bug.

See attached patch.

>
> This patch adds a function isExecutingScript which docimpl.cpp will check
> before deleting the tokenizer. As far as I can see, the tokenizer will
> still be deleted later by the nofityFinished()

nope. We aren't waiting for any job, just for a script to finish, so there's 
no planned callback.

Greetings,
Germain
-------------- next part --------------
A non-text attachment was scrubbed...
Name: patch.diff
Type: text/x-diff
Size: 570 bytes
Desc: not available
URL: <https://mail.kde.org/mailman/private/kfm-devel/attachments/20040929/2ca7c74f/attachment.diff>


More information about the kfm-devel mailing list