[webkit-changes] [259670] trunk/Source/WebKit

[lmoura]

Title: [259670] trunk/Source/WebKit

Revision

259670

Author

lmo...@igalia.com

Date

2020-04-07 14:09:43 -0700 (Tue, 07 Apr 2020)

Log Message

[GLIB] Avoid potential segfault in getPlatformEditorState
https://bugs.webkit.org/show_bug.cgi?id=210149

Reviewed by Carlos Alberto Lopez Perez.

Avoid potential surroundingRange dereference segfault.

* WebProcess/WebPage/glib/WebPageGLib.cpp:
(WebKit::WebPage::getPlatformEditorState const):

Modified Paths

• trunk/Source/WebKit/ChangeLog
• trunk/Source/WebKit/WebProcess/WebPage/glib/WebPageGLib.cpp

Diff

Modified: trunk/Source/WebKit/ChangeLog (259669 => 259670)

--- trunk/Source/WebKit/ChangeLog	2020-04-07 21:00:49 UTC (rev 259669)
+++ trunk/Source/WebKit/ChangeLog	2020-04-07 21:09:43 UTC (rev 259670)
@@ -1,3 +1,15 @@
+2020-04-07  Lauro Moura  <lmo...@igalia.com>
+
+        [GLIB] Avoid potential segfault in getPlatformEditorState
+        https://bugs.webkit.org/show_bug.cgi?id=210149
+
+        Reviewed by Carlos Alberto Lopez Perez.
+
+        Avoid potential surroundingRange dereference segfault.
+
+        * WebProcess/WebPage/glib/WebPageGLib.cpp:
+        (WebKit::WebPage::getPlatformEditorState const):
+
 2020-04-07  Wenson Hsieh  <wenson_hs...@apple.com>
 
         Preventing touch events should not prevent gestures installed above WKWebView from recognizing

Modified: trunk/Source/WebKit/WebProcess/WebPage/glib/WebPageGLib.cpp (259669 => 259670)

--- trunk/Source/WebKit/WebProcess/WebPage/glib/WebPageGLib.cpp	2020-04-07 21:00:49 UTC (rev 259669)
+++ trunk/Source/WebKit/WebProcess/WebPage/glib/WebPageGLib.cpp	2020-04-07 21:09:43 UTC (rev 259670)
@@ -109,7 +109,7 @@
         auto surroundingEnd = endOfEditableContent(selectionStart);
         auto surroundingRange = makeRange(surroundingStart, surroundingEnd);
         auto compositionRange = frame.editor().compositionRange();
-        if (compositionRange && surroundingRange->contains(*compositionRange)) {
+        if (compositionRange && surroundingRange && surroundingRange->contains(*compositionRange)) {
             auto clonedRange = surroundingRange->cloneRange();
             surroundingRange->setEnd(compositionRange->startPosition());
             clonedRange->setStart(compositionRange->endPosition());

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes