[webkit-changes] [187128] trunk/Source/WebCore

[timothy_horton]

Title: [187128] trunk/Source/WebCore

Revision

187128

Author

timothy_hor...@apple.com

Date

2015-07-21 15:16:16 -0700 (Tue, 21 Jul 2015)

Log Message

Placing video in fullscreen caused WebKit crash at WebCore::Range::textQuads
https://bugs.webkit.org/show_bug.cgi?id=147166
<rdar://problem/21928558>

Reviewed by Simon Fraser.

* editing/FrameSelection.cpp:
(WebCore::FrameSelection::getClippedVisibleTextRectangles):
Check the Range, as always.

Modified Paths

• trunk/Source/WebCore/ChangeLog
• trunk/Source/WebCore/editing/FrameSelection.cpp

Diff

Modified: trunk/Source/WebCore/ChangeLog (187127 => 187128)

--- trunk/Source/WebCore/ChangeLog	2015-07-21 22:00:44 UTC (rev 187127)
+++ trunk/Source/WebCore/ChangeLog	2015-07-21 22:16:16 UTC (rev 187128)
@@ -1,3 +1,15 @@
+2015-07-21  Tim Horton  <timothy_hor...@apple.com>
+
+        Placing video in fullscreen caused WebKit crash at WebCore::Range::textQuads
+        https://bugs.webkit.org/show_bug.cgi?id=147166
+        <rdar://problem/21928558>
+
+        Reviewed by Simon Fraser.
+
+        * editing/FrameSelection.cpp:
+        (WebCore::FrameSelection::getClippedVisibleTextRectangles):
+        Check the Range, as always.
+
 2015-07-21  Simon Fraser  <simon.fra...@apple.com>
 
         Safari mis-applies "animation-fill-mode: forwards" when using fractional iteration count

Modified: trunk/Source/WebCore/editing/FrameSelection.cpp (187127 => 187128)

--- trunk/Source/WebCore/editing/FrameSelection.cpp	2015-07-21 22:00:44 UTC (rev 187127)
+++ trunk/Source/WebCore/editing/FrameSelection.cpp	2015-07-21 22:16:16 UTC (rev 187128)
@@ -2081,10 +2081,14 @@
     if (!root)
         return;
 
+    RefPtr<Range> range = toNormalizedRange();
+    if (!range)
+        return;
+
     FloatRect visibleContentRect = m_frame->view()->visibleContentRect(ScrollableArea::LegacyIOSDocumentVisibleRect);
 
     Vector<FloatQuad> quads;
-    toNormalizedRange()->textQuads(quads, textRectHeight == TextRectangleHeight::SelectionHeight);
+    range->textQuads(quads, textRectHeight == TextRectangleHeight::SelectionHeight);
 
     size_t size = quads.size();
     for (size_t i = 0; i < size; ++i) {

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes