From 01be928a16dbbd3bea79755face8d6c880b7a0a2 Mon Sep 17 00:00:00 2001 From: Pratyush Nair Date: Fri, 5 Sep 2025 10:22:47 +0530 Subject: [PATCH] LibWeb: Avoid dereferencing a null pointer to document --- Libraries/LibWeb/CSS/Parser/RuleParsing.cpp | 7 ++++++- .../Text/expected/DOM/replaceSync-Property.txt | 1 + .../Text/input/DOM/replaceSync-Property.html | 17 +++++++++++++++++ 3 files changed, 24 insertions(+), 1 deletion(-) create mode 100644 Tests/LibWeb/Text/expected/DOM/replaceSync-Property.txt create mode 100644 Tests/LibWeb/Text/input/DOM/replaceSync-Property.html diff --git a/Libraries/LibWeb/CSS/Parser/RuleParsing.cpp b/Libraries/LibWeb/CSS/Parser/RuleParsing.cpp index 3c893d9040f..2c76197d269 100644 --- a/Libraries/LibWeb/CSS/Parser/RuleParsing.cpp +++ b/Libraries/LibWeb/CSS/Parser/RuleParsing.cpp @@ -754,7 +754,12 @@ GC::Ptr Parser::convert_to_property_rule(AtRule const& rule) return {}; } - auto parsing_params = CSS::Parser::ParsingParams { *document() }; + CSS::Parser::ParsingParams parsing_params; + if (document()) + parsing_params = CSS::Parser::ParsingParams { *document() }; + else + parsing_params = CSS::Parser::ParsingParams { realm() }; + auto syntax_component_values = parse_component_values_list(parsing_params, syntax_maybe.value()); auto maybe_syntax = parse_as_syntax(syntax_component_values); diff --git a/Tests/LibWeb/Text/expected/DOM/replaceSync-Property.txt b/Tests/LibWeb/Text/expected/DOM/replaceSync-Property.txt new file mode 100644 index 00000000000..35c957db0f3 --- /dev/null +++ b/Tests/LibWeb/Text/expected/DOM/replaceSync-Property.txt @@ -0,0 +1 @@ +PASS (Didn't crash) diff --git a/Tests/LibWeb/Text/input/DOM/replaceSync-Property.html b/Tests/LibWeb/Text/input/DOM/replaceSync-Property.html new file mode 100644 index 00000000000..8c5ca3bcdcd --- /dev/null +++ b/Tests/LibWeb/Text/input/DOM/replaceSync-Property.html @@ -0,0 +1,17 @@ + + +