[webkit-changes] [133207] trunk/Source/WebCore

Thu, 01 Nov 2012 12:00:50 -0700

Title: [133207] trunk/Source/WebCore
Revision
133207
Author
rn...@webkit.org
Date
2012-11-01 12:02:16 -0700 (Thu, 01 Nov 2012)

Log Message

[Mac] Crash in Range::editingStartPosition
https://bugs.webkit.org/show_bug.cgi?id=100972

Reviewed by Enrica Casucci.

Add a missing null pointer check. toNormalizedRange() can return null here, in which case the call to
pastLastNode() will crash.

No new tests since determining the exact condition under which we go through the said code path and
toNormalRange returns null is hard.

* editing/mac/EditorMac.mm:
(WebCore::Editor::fontForSelection):

Modified Paths

Diff

Modified: trunk/Source/WebCore/ChangeLog (133206 => 133207)


--- trunk/Source/WebCore/ChangeLog	2012-11-01 19:01:11 UTC (rev 133206)
+++ trunk/Source/WebCore/ChangeLog	2012-11-01 19:02:16 UTC (rev 133207)
@@ -1,3 +1,19 @@
+2012-11-01  Ryosuke Niwa  <rn...@webkit.org>
+
+        [Mac] Crash in Range::editingStartPosition
+        https://bugs.webkit.org/show_bug.cgi?id=100972
+
+        Reviewed by Enrica Casucci.
+
+        Add a missing null pointer check. toNormalizedRange() can return null here, in which case the call to
+        pastLastNode() will crash.
+
+        No new tests since determining the exact condition under which we go through the said code path and
+        toNormalRange returns null is hard.
+
+        * editing/mac/EditorMac.mm:
+        (WebCore::Editor::fontForSelection):
+
 2012-11-01  Beth Dakin  <bda...@apple.com>
 
         https://bugs.webkit.org/show_bug.cgi?id=100917

Modified: trunk/Source/WebCore/editing/mac/EditorMac.mm (133206 => 133207)


--- trunk/Source/WebCore/editing/mac/EditorMac.mm	2012-11-01 19:01:11 UTC (rev 133206)
+++ trunk/Source/WebCore/editing/mac/EditorMac.mm	2012-11-01 19:02:16 UTC (rev 133207)
@@ -163,7 +163,8 @@
 
     const SimpleFontData* font = 0;
     RefPtr<Range> range = m_frame->selection()->toNormalizedRange();
-    if (Node* startNode = adjustedSelectionStartForStyleComputation(m_frame->selection()->selection()).deprecatedNode()) {
+    Node* startNode = adjustedSelectionStartForStyleComputation(m_frame->selection()->selection()).deprecatedNode();
+    if (range && startNode) {
         Node* pastEnd = range->pastLastNode();
         // In the loop below, n should eventually match pastEnd and not become nil, but we've seen at least one
         // unreproducible case where this didn't happen, so check for null also.

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
http://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to