From b7f45ca80b42a295cc654d8b50ff6d99517bd054 Mon Sep 17 00:00:00 2001
From: Kalle Olavi Niemitalo <kon@iki.fi>
Date: Sat, 4 Apr 2009 22:41:43 +0300
Subject: [PATCH] Bug 1071: Add NULL check in get_dom_node_list_index

If the parent parameter of get_dom_node_list_index referred to a node
that did not have children, then get_dom_node_list called by it could
return the address of a null pointer, and get_dom_node_list_index would
then pass that null pointer to get_dom_node_list_pos, which would crash.
That would be the same kind of crash as the one in get_dom_node_child.
It never happened in practice though: because all calls are in the form
get_dom_node_list_index(node->parent, node), the list must contain at
least the given node, and the pointer cannot be null.  The documentation
of get_dom_node_list_index allows arbitrary nodes as arguments however,
so it's best to add a check.
---
 src/dom/node.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/dom/node.c b/src/dom/node.c
index 4eeabe405..4e4d929f2 100644
--- a/src/dom/node.c
+++ b/src/dom/node.c
@@ -247,7 +247,7 @@ get_dom_node_list_index(struct dom_node *parent, struct dom_node *node)
 {
 	struct dom_node_list **list = get_dom_node_list(parent, node);
 
-	return list ? get_dom_node_list_pos(*list, node) : -1;
+	return (list && *list) ? get_dom_node_list_pos(*list, node) : -1;
 }
 
 struct dom_node *