Kalle Olavi Niemitalo <[EMAIL PROTECTED]> writes: > joey <[EMAIL PROTECTED]> writes: > >> I recently ran into a crash bug with elinks. I've provided a backtrace, >> a sample document, and a proposed patch. Basically, html_special() in >> src/document/html/renderer.c sets document->refresh without checking >> to see if document is a valid pointer first (inside the SP_REFRESH >> case).
This was fixed as bug 927 in ELinks 0.11.3, released on 2007-04-15. > The SP_FRAMESET case uses document->frame_desc without checking > whether document is NULL. It would be interesting to know if > that too can be used to crash ELinks. I think this cannot crash, because SP_FRAMESET is called only if SP_USED returns true, which it does only if document != NULL.
pgpE9WcwlRuag.pgp
Description: PGP signature
_______________________________________________ elinks-dev mailing list [email protected] http://linuxfromscratch.org/mailman/listinfo/elinks-dev
