[g-a-devel]yet another NULL pointer indirection ...

[Michael Meeks <michael ximian com>]

This is really bad news,

	I find it hard to believe that there are so many un-checked NULL
pointer dereferences going on in gail; is it possible that some-one
could audit every list pointer usage - a grep on GList would be good.

	This is the latest:

(gdb) bt
#0  get_image_from_button (button=0x80839f8) at gailbutton.c:588
#1  0x40a72700 in gail_button_get_image_description (image=0x8134860) at
gailbutton.c:611
#2  0x40485646 in atk_image_get_image_description (image=0x8134860) at
atkimage.c:60
#3  0x40aaff75 in impl__get_imageDescription (servant=0x8135264,
ev=0xbfffea80) at image.c:109
#4  0x40abc92f in
_ORBIT_skel_small_Accessibility_Image__get_imageDescription
(_o_servant=0x8135264, _o_retval=0xbfffe960, _o_args=0x0, 
    _o_ctx=0xbfffe9b0, _o_ev=0xbfffea80,
_impl__get_imageDescription=0x40aaff0c <impl__get_imageDescription>) at
Accessibility-skels.c:776
#5  0x4054d498 in ORBit_POAObject_invoke (pobj=0x8135298,
ret=0xbfffe960, args=0x0, ctx=0xbfffe9b0, data=0xbfffea20,
ev=0xbfffea80) at poa.c:891
#6  0x405501e3 in ORBit_OAObject_invoke (adaptor_obj=0x8135298,
ret=0xbfffe960, args=0x0, ctx=0xbfffe9b0, data=0xbfffea20,
ev=0xbfffea80)
    at orbit-adaptor.c:116
#7  0x40541106 in ORBit_small_invoke_adaptor (adaptor_obj=0x8135298,
recv_buffer=0x8113cc0, m_data=0x40acdc70, data=0xbfffea20,
ev=0xbfffea80)
    at orbit-small.c:772
#8  0x4054d953 in ORBit_POAObject_handle_request (pobj=0x8135298,
opname=0x813cfb8 "_get_imageDescription", ret=0x0, args=0x0, ctx=0x0, 
    recv_buffer=0x8113cc0, ev=0xbfffea80) at poa.c:1085
#9  0x4054db86 in ORBit_POA_handle_request (poa=0x8061fc0,
recv_buffer=0x8113cc0, objkey=0x8113cd8) at poa.c:1172
#10 0x4055016e in ORBit_handle_request (orb=0x8061f40,
recv_buffer=0x8113cc0) at orbit-adaptor.c:79
#11 0x4053c91a in giop_connection_handle_input (lcnx=0x8121c00) at
giop-recv-buffer.c:951
#12 0x4059253b in linc_connection_io_handler (gioc=0x0,
condition=G_IO_IN, data=0x8121c00) at linc-connection.c:840
#13 0x40593e60 in linc_source_dispatch (source=0x8121c68,
callback=0x405924d0 <linc_connection_io_handler>, user_data=0x8121c00)
at linc-source.c:56
#14 0x4060b696 in g_main_dispatch (context=0x805dd90) at gmain.c:1617
#15 0x4060c4ad in g_main_context_dispatch (context=0x805dd90) at
gmain.c:2161
#16 0x4060c840 in g_main_context_iterate (context=0x805dd90, block=1,
dispatch=1, self=0x8054e80) at gmain.c:2242
#17 0x4060cee6 in g_main_loop_run (loop=0x811b0d0) at gmain.c:2462
#18 0x400ebec2 in bonobo_main () at bonobo-main.c:290
#19 0x0804b1c6 in main (argc=1, argv=0xbffff6b4) at test-ui.c:485
#20 0x40699306 in __libc_start_main (main=0x804a0d0 <main>, argc=1,
ubp_av=0xbffff6b4, init=0x80496b8 <_init>, fini=0x804bc30 <_fini>, 
    rtld_fini=0x4000d2dc <_dl_fini>, stack_end=0xbffff6ac) at
../sysdeps/generic/libc-start.c:129
(gdb) dir /opt/ngnome2/src/gail/gail
Source directories searched: /opt/ngnome2/src/gail/gail:$cdir:$cwd
(gdb) l
583	  if (GTK_IS_ALIGNMENT (child))
584	    child = gtk_bin_get_child (GTK_BIN (child));
585	  if (GTK_IS_BOX (child))
586	    {
587	      list = gtk_container_children (GTK_CONTAINER (child));
588	      if (GTK_IS_IMAGE (list->data))
589	        image = GTK_IMAGE (list->data);
590	      g_list_free (list);
591	    }
592	
(gdb) p list
$1 = (GList *) 0x0

	I'd fix it instantly, but it's too much pain to go around the approval
loop.

	Regards,

		Michael.

-- 
 mmeeks gnu org  <><, Pseudo Engineer, itinerant idiot