Patch against Webkit-0 for CVE-2009-0945, bug 271861.

diff -ru a/WebKit-r40220/WebCore/svg/SVGList.h b/WebKit-r40220/WebCore/svg/SVGList.h
--- a/WebKit-r40220/WebCore/svg/SVGList.h	2009-01-21 06:14:24.000000000 +0100
+++ b/WebKit-r40220/WebCore/svg/SVGList.h	2009-06-27 01:47:15.000000000 +0200
@@ -96,7 +96,11 @@
 
         Item insertItemBefore(Item newItem, unsigned int index, ExceptionCode&)
         {
-            m_vector.insert(index, newItem);
+            if (index < m_vector.size()) {
+                m_vector.insert(index, newItem);
+            } else {
+                m_vector.append(newItem);
+            }
             return newItem;
         }