Changeset 111125 in webkit


Ignore:
Timestamp:
Mar 17, 2012 12:23:28 PM (12 years ago)
Author:
mitz@apple.com
Message:

<rdar://problem/10263562> Crash in WebCore::Range::startPosition() when dismissing the Press and Hold panel by clicking in the menu bar
https://bugs.webkit.org/show_bug.cgi?id=81454

Reviewed by Ada Chan.

When the Press and Hold panel is dismissed by clicking in the menu bar,
-insertText:replacementRange: is called with an NSRange whose location is NSNotFound - 1
(see <rdar://problem/11069374>). Trying to convert this bogus range to a WebCore Range
returns 0, which leads to the crash.

  • WebProcess/WebPage/mac/WebPageMac.mm:

(WebKit::WebPage::insertText): Added a null check, to protect the code from bogus ranges.

Location:
trunk/Source/WebKit2
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/Source/WebKit2/ChangeLog

    r111097 r111125  
     12012-03-17  Dan Bernstein  <mitz@apple.com>
     2
     3        <rdar://problem/10263562> Crash in WebCore::Range::startPosition() when dismissing the Press and Hold panel by clicking in the menu bar
     4        https://bugs.webkit.org/show_bug.cgi?id=81454
     5
     6        Reviewed by Ada Chan.
     7
     8        When the Press and Hold panel is dismissed by clicking in the menu bar,
     9        -insertText:replacementRange: is called with an NSRange whose location is NSNotFound - 1
     10        (see <rdar://problem/11069374>). Trying to convert this bogus range to a WebCore Range
     11        returns 0, which leads to the crash.
     12
     13        * WebProcess/WebPage/mac/WebPageMac.mm:
     14        (WebKit::WebPage::insertText): Added a null check, to protect the code from bogus ranges.
     15
    1162012-03-16  Stephanie Lewis  <slewis@apple.com>
    217
  • trunk/Source/WebKit2/WebProcess/WebPage/mac/WebPageMac.mm

    r110425 r111125  
    269269    Frame* frame = m_page->focusController()->focusedOrMainFrame();
    270270
    271     RefPtr<Range> replacementRange;
    272271    if (replacementRangeStart != NSNotFound) {
    273         replacementRange = convertToRange(frame, NSMakeRange(replacementRangeStart, replacementRangeEnd - replacementRangeStart));
    274         frame->selection()->setSelection(VisibleSelection(replacementRange.get(), SEL_DEFAULT_AFFINITY));
     272        RefPtr<Range> replacementRange = convertToRange(frame, NSMakeRange(replacementRangeStart, replacementRangeEnd - replacementRangeStart));
     273        if (replacementRange)
     274            frame->selection()->setSelection(VisibleSelection(replacementRange.get(), SEL_DEFAULT_AFFINITY));
    275275    }
    276276
Note: See TracChangeset for help on using the changeset viewer.