Skip to site navigation (Press enter)

[webkit-changes] [200184] trunk/Source/WebCore

carlosgc Thu, 28 Apr 2016 03:08:46 -0700

Title: [200184] trunk/Source/WebCore

Revision: 200184
Author: [email protected]
Date: 2016-04-28 03:07:22 -0700 (Thu, 28 Apr 2016)

Log Message

REGRESSION(r199659): Web Process crash when RenderTheme::adjustMenuListStyle is called with a null element
https://bugs.webkit.org/show_bug.cgi?id=157127


Reviewed by Sergio Villar Senin.

This happens for example with tests fast/css/appearance-with-pseudo-elements-in-quirks-mode.html and
fast/css/appearance-with-pseudo-elements.html.

* rendering/RenderThemeGtk.cpp:
(WebCore::RenderThemeGtk::adjustMenuListStyle): Do not change the style color if the given element is nullptr.

Modified Paths

trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/rendering/RenderThemeGtk.cpp

Diff

Modified: trunk/Source/WebCore/ChangeLog (200183 => 200184)


--- trunk/Source/WebCore/ChangeLog	2016-04-28 10:01:20 UTC (rev 200183)
+++ trunk/Source/WebCore/ChangeLog	2016-04-28 10:07:22 UTC (rev 200184)
@@ -1,3 +1,16 @@
+2016-04-28  Carlos Garcia Campos  <[email protected]>
+
+        REGRESSION(r199659): Web Process crash when RenderTheme::adjustMenuListStyle is called with a null element
+        https://bugs.webkit.org/show_bug.cgi?id=157127
+
+        Reviewed by Sergio Villar Senin.
+
+        This happens for example with tests fast/css/appearance-with-pseudo-elements-in-quirks-mode.html and
+        fast/css/appearance-with-pseudo-elements.html.
+
+        * rendering/RenderThemeGtk.cpp:
+        (WebCore::RenderThemeGtk::adjustMenuListStyle): Do not change the style color if the given element is nullptr.
+
 2016-04-28  Sergio Villar Senin  <[email protected]>
 
         [css-grid] Store auto-repeat information in style

Modified: trunk/Source/WebCore/rendering/RenderThemeGtk.cpp (200183 => 200184)


--- trunk/Source/WebCore/rendering/RenderThemeGtk.cpp	2016-04-28 10:01:20 UTC (rev 200183)
+++ trunk/Source/WebCore/rendering/RenderThemeGtk.cpp	2016-04-28 10:07:22 UTC (rev 200184)
@@ -803,7 +803,8 @@
     // We cannot give a proper rendering when border radius is active, unfortunately.
     style.resetBorderRadius();
 
-    style.setColor(menuListColor(element));
+    if (element)
+        style.setColor(menuListColor(element));
 }
 
 void RenderThemeGtk::adjustMenuListButtonStyle(StyleResolver& styleResolver, RenderStyle& style, const Element* e) const

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes