Bug 1265273 - Add two missing get_PBrowserParent() null checks. r=jimm.
authorNicholas Nethercote <nnethercote@mozilla.com>
Fri, 22 Apr 2016 08:05:23 +1000
changeset 332262 8b29568cb7e23d313b054d5cfcb02a62d24b504e
parent 332261 3d46eafd05b975b83d95a9c28f77c2e153422f2f
child 332263 98b498a402eb0589e394d839ac0bcc59c54a2d60
push id6048
push userkmoir@mozilla.com
push dateMon, 06 Jun 2016 19:02:08 +0000
treeherdermozilla-beta@46d72a56c57d [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjimm
bugs1265273
milestone48.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1265273 - Add two missing get_PBrowserParent() null checks. r=jimm. Most calls to get_PBrowserParent() have their return value null checked, but two don't. This patch adds checks for those two calls.
dom/ipc/TabContext.cpp
--- a/dom/ipc/TabContext.cpp
+++ b/dom/ipc/TabContext.cpp
@@ -245,16 +245,21 @@ MaybeInvalidTabContext::MaybeInvalidTabC
 
   switch(aParams.type()) {
     case IPCTabContext::TPopupIPCTabContext: {
       const PopupIPCTabContext &ipcContext = aParams.get_PopupIPCTabContext();
 
       TabContext *context;
       if (ipcContext.opener().type() == PBrowserOrId::TPBrowserParent) {
         context = TabParent::GetFrom(ipcContext.opener().get_PBrowserParent());
+        if (!context) {
+          mInvalidReason = "Child is-browser process tried to "
+                           "open a null tab.";
+          return;
+        }
         if (context->IsMozBrowserElement() &&
             !ipcContext.isMozBrowserElement()) {
           // If the TabParent corresponds to a browser element, then it can only
           // open other browser elements, for security reasons.  We should have
           // checked this before calling the TabContext constructor, so this is
           // a fatal error.
           mInvalidReason = "Child is-browser process tried to "
                            "open a non-browser tab.";