Jeremy Henty wrote:
If you point dillo at http://www.youtube.com/user/zynaddsubfx and scroll down then Dillo will crash before you get to the bottom. [...]
GDB shows that the drawing code is dereferencing a NULL FltkColor*:
OK, StyleEngine::apply() in styleengine.cc sets border colors to NULL when the corresponding CSS property is transparent. Which seems OK. These are used by static functions drawBorder{Top,Left,Bottom,Right}() in dw/style.cc . These functions are clearly intended to handle NULL colors, eg. drawBorderTop() checks whether style->borderColor.top is NULL, and similarly for the others. The bug is that some of these functions may (depending on style->borderStyle) dereference other members of style->borderColor without checking whether they are NULL. In particular: *) drawBorderBottom() may reference style->borderColor.top *) drawBorderLeft() may reference style->borderColor.top So I guess the fix is to add extra guards to the code paths where other members of style->borderColor are referenced. I am puzzled by the lack of symmetry between these functions. Why do drawBorder{Bottom,Left}() sometimes use style->borderColor.top, yet drawBorder{Top,Right} only ever use their *own* color? (This is all specific to FLTK-2.0 .) Comments? Regards, Jeremy Henty