Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(163)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/loader/FrameLoader.cpp

Issue 203493005: Add more checks to prevent crashes when accessing name/opener properties (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Rebase results Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « Source/core/frame/DOMWindow.cpp ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights reserv ed. 2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights reserv ed.
3 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) 3 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies)
4 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t orchmobile.com/) 4 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t orchmobile.com/)
5 * Copyright (C) 2008 Alp Toker <alp@atoker.com> 5 * Copyright (C) 2008 Alp Toker <alp@atoker.com>
6 * Copyright (C) Research In Motion Limited 2009. All rights reserved. 6 * Copyright (C) Research In Motion Limited 2009. All rights reserved.
7 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com> 7 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com>
8 * Copyright (C) 2011 Google Inc. All rights reserved. 8 * Copyright (C) 2011 Google Inc. All rights reserved.
9 * 9 *
10 * Redistribution and use in source and binary forms, with or without 10 * Redistribution and use in source and binary forms, with or without
(...skipping 526 matching lines...) Expand 10 before | Expand all | Expand 10 after
537 } 537 }
538 538
539 void FrameLoader::scheduleCheckCompleted() 539 void FrameLoader::scheduleCheckCompleted()
540 { 540 {
541 m_shouldCallCheckCompleted = true; 541 m_shouldCallCheckCompleted = true;
542 startCheckCompleteTimer(); 542 startCheckCompleteTimer();
543 } 543 }
544 544
545 LocalFrame* FrameLoader::opener() 545 LocalFrame* FrameLoader::opener()
546 { 546 {
547 ASSERT(m_client);
548 // FIXME: Temporary hack to stage converting locations that really should be Frame. 547 // FIXME: Temporary hack to stage converting locations that really should be Frame.
549 return toLocalFrame(m_client->opener()); 548 return m_client ? toLocalFrame(m_client->opener()) : 0;
550 } 549 }
551 550
552 void FrameLoader::setOpener(LocalFrame* opener) 551 void FrameLoader::setOpener(LocalFrame* opener)
553 { 552 {
554 ASSERT(m_client); 553 // If the frame is already detached, the opener has already been cleared.
555 m_client->setOpener(opener); 554 if (m_client)
555 m_client->setOpener(opener);
556 } 556 }
557 557
558 bool FrameLoader::allowPlugins(ReasonForCallingAllowPlugins reason) 558 bool FrameLoader::allowPlugins(ReasonForCallingAllowPlugins reason)
559 { 559 {
560 Settings* settings = m_frame->settings(); 560 Settings* settings = m_frame->settings();
561 bool allowed = m_client->allowPlugins(settings && settings->pluginsEnabled() ); 561 bool allowed = m_client->allowPlugins(settings && settings->pluginsEnabled() );
562 if (!allowed && reason == AboutToInstantiatePlugin) 562 if (!allowed && reason == AboutToInstantiatePlugin)
563 m_client->didNotAllowPlugins(); 563 m_client->didNotAllowPlugins();
564 return allowed; 564 return allowed;
565 } 565 }
(...skipping 903 matching lines...) Expand 10 before | Expand all | Expand 10 after
1469 { 1469 {
1470 SandboxFlags flags = m_forcedSandboxFlags; 1470 SandboxFlags flags = m_forcedSandboxFlags;
1471 if (LocalFrame* parentFrame = m_frame->tree().parent()) 1471 if (LocalFrame* parentFrame = m_frame->tree().parent())
1472 flags |= parentFrame->document()->sandboxFlags(); 1472 flags |= parentFrame->document()->sandboxFlags();
1473 if (HTMLFrameOwnerElement* ownerElement = m_frame->ownerElement()) 1473 if (HTMLFrameOwnerElement* ownerElement = m_frame->ownerElement())
1474 flags |= ownerElement->sandboxFlags(); 1474 flags |= ownerElement->sandboxFlags();
1475 return flags; 1475 return flags;
1476 } 1476 }
1477 1477
1478 } // namespace WebCore 1478 } // namespace WebCore
OLDNEW
« no previous file with comments | « Source/core/frame/DOMWindow.cpp ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698