Diff
Modified: trunk/LayoutTests/ChangeLog (99682 => 99683)
--- trunk/LayoutTests/ChangeLog 2011-11-09 11:47:58 UTC (rev 99682)
+++ trunk/LayoutTests/ChangeLog 2011-11-09 11:49:13 UTC (rev 99683)
@@ -1,3 +1,13 @@
+2011-11-08 Pavel Feldman <[email protected]>
+
+ Web Inspector: crash upon InspectorValue serialization that has 0 value / array entry.
+ https://bugs.webkit.org/show_bug.cgi?id=71806
+
+ Reviewed by Yury Semikhatsky.
+
+ * inspector/elements/resolve-alien-node-expected.txt: Added.
+ * inspector/elements/resolve-alien-node.html: Added.
+
2011-11-09 Sergio Villar Senin <[email protected]>
Unreviewed. HiDPI is supported after r97407.
Added: trunk/LayoutTests/inspector/elements/resolve-alien-node-expected.txt (0 => 99683)
--- trunk/LayoutTests/inspector/elements/resolve-alien-node-expected.txt (rev 0)
+++ trunk/LayoutTests/inspector/elements/resolve-alien-node-expected.txt 2011-11-09 11:49:13 UTC (rev 99683)
@@ -0,0 +1,4 @@
+Tests that resolveNode from alien document does not crash. https://bugs.webkit.org/show_bug.cgi?id=71806.
+
+Alien node should resolve to null: null
+
Property changes on: trunk/LayoutTests/inspector/elements/resolve-alien-node-expected.txt
___________________________________________________________________
Added: svn:eol-style
Added: trunk/LayoutTests/inspector/elements/resolve-alien-node.html (0 => 99683)
--- trunk/LayoutTests/inspector/elements/resolve-alien-node.html (rev 0)
+++ trunk/LayoutTests/inspector/elements/resolve-alien-node.html 2011-11-09 11:49:13 UTC (rev 99683)
@@ -0,0 +1,39 @@
+<html>
+<head>
+<script src=""
+<script>
+
+function test()
+{
+ RuntimeAgent.evaluate("var doc = document.implementation.createHTMLDocument(''); doc.lastChild.innerHTML = '<span></span>'; doc.lastChild", step1);
+
+ function step1(error, result, wasThrown)
+ {
+ var spanWrapper = WebInspector.RemoteObject.fromPayload(result);
+ spanWrapper.pushNodeToFrontend(step2);
+ }
+
+ function step2(nodeId)
+ {
+ var node = WebInspector.domAgent.nodeForId(nodeId);
+ InspectorTest.assertTrue(node, "Node object should be resovled");
+ WebInspector.RemoteObject.resolveNode(node, undefined, step3);
+ }
+
+ function step3(remoteObject)
+ {
+ InspectorTest.addResult("Alien node should resolve to null: " + remoteObject);
+ InspectorTest.completeTest();
+ }
+}
+
+</script>
+</head>
+
+<body _onload_="runTest()">
+<p>
+Tests that resolveNode from alien document does not crash. https://bugs.webkit.org/show_bug.cgi?id=71806.
+</p>
+
+</body>
+</html>
Property changes on: trunk/LayoutTests/inspector/elements/resolve-alien-node.html
___________________________________________________________________
Added: svn:eol-style
Modified: trunk/LayoutTests/inspector/elements/set-attribute-expected.txt (99682 => 99683)
--- trunk/LayoutTests/inspector/elements/set-attribute-expected.txt 2011-11-09 11:47:58 UTC (rev 99682)
+++ trunk/LayoutTests/inspector/elements/set-attribute-expected.txt 2011-11-09 11:49:13 UTC (rev 99683)
@@ -26,7 +26,7 @@
<div id="node" foo2="baz2"></div>
Running: testSetMalformedAttributeText
-Error: Could not parse value as attributes.
+Error: Could not parse value as attributes
=== Set malformed attribute as text ===
<div id="node" foo2="baz2"></div>
Modified: trunk/Source/WebCore/ChangeLog (99682 => 99683)
--- trunk/Source/WebCore/ChangeLog 2011-11-09 11:47:58 UTC (rev 99682)
+++ trunk/Source/WebCore/ChangeLog 2011-11-09 11:49:13 UTC (rev 99683)
@@ -1,3 +1,22 @@
+2011-11-08 Pavel Feldman <[email protected]>
+
+ Web Inspector: crash upon InspectorValue serialization that has 0 value / array entry.
+ https://bugs.webkit.org/show_bug.cgi?id=71806
+
+ Reviewed by Yury Semikhatsky.
+
+ Test: inspector/elements/resolve-alien-node.html
+
+ * inspector/InspectorDOMAgent.cpp:
+ (WebCore::InspectorDOMAgent::resolveNode):
+ * inspector/InspectorValues.h:
+ (WebCore::InspectorObject::setValue):
+ (WebCore::InspectorObject::setObject):
+ (WebCore::InspectorObject::setArray):
+ (WebCore::InspectorArray::pushValue):
+ (WebCore::InspectorArray::pushObject):
+ (WebCore::InspectorArray::pushArray):
+
2011-11-08 Andreas Kling <[email protected]>
Move CSSPrimitiveValue bitfields up into CSSValue.
Modified: trunk/Source/WebCore/inspector/InspectorDOMAgent.cpp (99682 => 99683)
--- trunk/Source/WebCore/inspector/InspectorDOMAgent.cpp 2011-11-09 11:47:58 UTC (rev 99682)
+++ trunk/Source/WebCore/inspector/InspectorDOMAgent.cpp 2011-11-09 11:49:13 UTC (rev 99683)
@@ -615,7 +615,7 @@
ExceptionCode ec = 0;
element->setAttribute(name, value, ec);
if (ec)
- *errorString = "Internal error: could not set attribute value.";
+ *errorString = "Internal error: could not set attribute value";
}
void InspectorDOMAgent::setAttributesAsText(ErrorString* errorString, int elementId, const String& text, const String* const name)
@@ -627,19 +627,19 @@
ExceptionCode ec = 0;
RefPtr<Element> parsedElement = element->document()->createElement("span", ec);
if (ec) {
- *errorString = "Internal error: could not set attribute value.";
+ *errorString = "Internal error: could not set attribute value";
return;
}
toHTMLElement(parsedElement.get())->setInnerHTML("<span " + text + "></span>", ec);
if (ec) {
- *errorString = "Could not parse value as attributes.";
+ *errorString = "Could not parse value as attributes";
return;
}
Node* child = parsedElement->firstChild();
if (!child) {
- *errorString = "Could not parse value as attributes.";
+ *errorString = "Could not parse value as attributes";
return;
}
@@ -647,7 +647,7 @@
if (!attrMap && name) {
element->removeAttribute(*name, ec);
if (ec)
- *errorString = "Could not remove attribute.";
+ *errorString = "Could not remove attribute";
return;
}
@@ -659,7 +659,7 @@
foundOriginalAttribute = foundOriginalAttribute || (name && attribute->name().toString() == *name);
element->setAttribute(attribute->name(), attribute->value(), ec);
if (ec) {
- *errorString = "Internal error: could not set attribute value.";
+ *errorString = "Internal error: could not set attribute value";
return;
}
}
@@ -667,7 +667,7 @@
if (!foundOriginalAttribute && name) {
element->removeAttribute(*name, ec);
if (ec)
- *errorString = "Could not remove attribute.";
+ *errorString = "Could not remove attribute";
return;
}
}
@@ -1161,7 +1161,7 @@
if (!anchorNode)
return;
if (anchorNode->parentNode() != targetElement) {
- *error = "Anchor node must be child of the target element.";
+ *error = "Anchor node must be child of the target element";
return;
}
}
@@ -1169,7 +1169,7 @@
ExceptionCode ec = 0;
bool success = targetElement->insertBefore(node, anchorNode, ec);
if (ec || !success) {
- *error = "Could not drop node.";
+ *error = "Could not drop node";
return;
}
*newNodeId = pushNodePathToFrontend(node);
@@ -1180,10 +1180,15 @@
String objectGroupName = objectGroup ? *objectGroup : "";
Node* node = nodeForId(nodeId);
if (!node) {
- *error = "No node with given id found.";
+ *error = "No node with given id found";
return;
}
- *result = resolveNode(node, objectGroupName);
+ RefPtr<InspectorObject> object = resolveNode(node, objectGroupName);
+ if (!object) {
+ *error = "Node with given id does not belong to the document";
+ return;
+ }
+ *result = object;
}
void InspectorDOMAgent::getAttributes(ErrorString* errorString, int nodeId, RefPtr<InspectorArray>* result)
Modified: trunk/Source/WebCore/inspector/InspectorValues.h (99682 => 99683)
--- trunk/Source/WebCore/inspector/InspectorValues.h 2011-11-09 11:47:58 UTC (rev 99682)
+++ trunk/Source/WebCore/inspector/InspectorValues.h 2011-11-09 11:49:13 UTC (rev 99683)
@@ -267,18 +267,21 @@
inline void InspectorObject::setValue(const String& name, PassRefPtr<InspectorValue> value)
{
+ ASSERT(value);
if (m_data.set(name, value).second)
m_order.append(name);
}
inline void InspectorObject::setObject(const String& name, PassRefPtr<InspectorObject> value)
{
+ ASSERT(value);
if (m_data.set(name, value).second)
m_order.append(name);
}
inline void InspectorObject::setArray(const String& name, PassRefPtr<InspectorArray> value)
{
+ ASSERT(value);
if (m_data.set(name, value).second)
m_order.append(name);
}
@@ -300,16 +303,19 @@
inline void InspectorArray::pushValue(PassRefPtr<InspectorValue> value)
{
+ ASSERT(value);
m_data.append(value);
}
inline void InspectorArray::pushObject(PassRefPtr<InspectorObject> value)
{
+ ASSERT(value);
m_data.append(value);
}
inline void InspectorArray::pushArray(PassRefPtr<InspectorArray> value)
{
+ ASSERT(value);
m_data.append(value);
}
