Changeset 88456 in webkit


Ignore:
Timestamp:
Jun 9, 2011, 9:15:29 AM (14 years ago)
Author:
inferno@chromium.org
Message:

2011-06-08 Abhishek Arya <inferno@chromium.org>

Reviewed by Ryosuke Niwa.

Make indexForVisiblePosition and isSelectableElement static.
https://bugs.webkit.org/show_bug.cgi?id=62329

This protects us when converting frame->selection->start() or end()
to VisiblePosition which blows away the RenderTextControl from
underneath (due to layout update).

Test: fast/forms/text-control-selection-crash.html

  • accessibility/AccessibilityRenderObject.cpp: (WebCore::AccessibilityRenderObject::indexForVisiblePosition):
  • rendering/RenderTextControl.cpp: (WebCore::RenderTextControl::selectionStart): (WebCore::RenderTextControl::selectionEnd): (WebCore::RenderTextControl::isSelectableElement): (WebCore::RenderTextControl::indexForVisiblePosition):
  • rendering/RenderTextControl.h:

2011-06-08 Abhishek Arya <inferno@chromium.org>

Reviewed by Ryosuke Niwa.

Tests that setting selection on a text control does not result in crash.
https://bugs.webkit.org/show_bug.cgi?id=62329

  • fast/forms/text-control-selection-crash-expected.txt: Added.
  • fast/forms/text-control-selection-crash.html: Added.
Location:
trunk
Files:
2 added
5 edited

Legend:

Unmodified
Added
Removed

  • trunk/LayoutTests/ChangeLog

    r88452 r88456  
     12011-06-08  Abhishek Arya  <inferno@chromium.org>
     2
     3        Reviewed by Ryosuke Niwa.
     4
     5        Tests that setting selection on a text control does not result in crash.
     6        https://bugs.webkit.org/show_bug.cgi?id=62329
     7
     8        * fast/forms/text-control-selection-crash-expected.txt: Added.
     9        * fast/forms/text-control-selection-crash.html: Added.
     10
    1112011-06-09  Csaba Osztrogonác  <ossy@webkit.org>
    212

  • trunk/Source/WebCore/ChangeLog

    r88454 r88456  
     12011-06-08  Abhishek Arya  <inferno@chromium.org>
     2
     3        Reviewed by Ryosuke Niwa.
     4
     5        Make indexForVisiblePosition and isSelectableElement static.
     6        https://bugs.webkit.org/show_bug.cgi?id=62329
     7
     8        This protects us when converting frame->selection->start() or end()
     9        to VisiblePosition which blows away the RenderTextControl from
     10        underneath (due to layout update).
     11
     12        Test: fast/forms/text-control-selection-crash.html
     13
     14        * accessibility/AccessibilityRenderObject.cpp:
     15        (WebCore::AccessibilityRenderObject::indexForVisiblePosition):
     16        * rendering/RenderTextControl.cpp:
     17        (WebCore::RenderTextControl::selectionStart):
     18        (WebCore::RenderTextControl::selectionEnd):
     19        (WebCore::RenderTextControl::isSelectableElement):
     20        (WebCore::RenderTextControl::indexForVisiblePosition):
     21        * rendering/RenderTextControl.h:
     22
    1232011-06-09  Ben Murdoch  <benm@google.com>
    224

  • trunk/Source/WebCore/accessibility/AccessibilityRenderObject.cpp

    r87856 r88456  
    25002500{
    25012501    if (isNativeTextControl())
    2502         return toRenderTextControl(m_renderer)->indexForVisiblePosition(pos);
     2502        return RenderTextControl::indexForVisiblePosition(toRenderTextControl(m_renderer)->innerTextElement(), pos);
    25032503   
    25042504    if (!isTextControl())

  • trunk/Source/WebCore/rendering/RenderTextControl.cpp

    r88251 r88456  
    178178    if (!frame)
    179179        return 0;
    180     return indexForVisiblePosition(frame->selection()->start());
     180   
     181    HTMLElement* innerText = innerTextElement();
     182    // Do not call innerTextElement() in the function arguments as creating a VisiblePosition
     183    // from frame->selection->start() can blow us from underneath. Also, function ordering is
     184    // usually dependent on the compiler.
     185    return RenderTextControl::indexForVisiblePosition(innerText, frame->selection()->start());
    181186}
    182187
     
    186191    if (!frame)
    187192        return 0;
    188     return indexForVisiblePosition(frame->selection()->end());
     193
     194    HTMLElement* innerText = innerTextElement();
     195    // Do not call innerTextElement() in the function arguments as creating a VisiblePosition
     196    // from frame->selection->end() can blow us from underneath. Also, function ordering is
     197    // usually dependent on the compiler.
     198    return RenderTextControl::indexForVisiblePosition(innerText, frame->selection()->end());
    189199}
    190200
     
    230240}
    231241
    232 bool RenderTextControl::isSelectableElement(Node* node) const
    233 {
    234     if (!node)
     242bool RenderTextControl::isSelectableElement(HTMLElement* innerText, Node* node)
     243{
     244    if (!node || !innerText)
    235245        return false;
    236246
    237     HTMLElement* innerText = innerTextElement();
    238     if (!innerText)
    239         return false;
    240    
    241247    if (node->rootEditableElement() == innerText)
    242248        return true;
     
    313319}
    314320
    315 int RenderTextControl::indexForVisiblePosition(const VisiblePosition& pos) const
     321int RenderTextControl::indexForVisiblePosition(HTMLElement* innerTextElement, const VisiblePosition& pos)
    316322{
    317323    Position indexPosition = pos.deepEquivalent();
    318     if (!isSelectableElement(indexPosition.deprecatedNode()))
     324    if (!RenderTextControl::isSelectableElement(innerTextElement, indexPosition.deprecatedNode()))
    319325        return 0;
    320326    ExceptionCode ec = 0;
    321     RefPtr<Range> range = Range::create(document());
    322     range->setStart(innerTextElement(), 0, ec);
     327    RefPtr<Range> range = Range::create(indexPosition.document());
     328    range->setStart(innerTextElement, 0, ec);
    323329    ASSERT(!ec);
    324330    range->setEnd(indexPosition.deprecatedNode(), indexPosition.deprecatedEditingOffset(), ec);

  • trunk/Source/WebCore/rendering/RenderTextControl.h

    r88251 r88456  
    5151
    5252    VisiblePosition visiblePositionForIndex(int index) const;
    53     int indexForVisiblePosition(const VisiblePosition&) const;
     53    static int indexForVisiblePosition(HTMLElement*, const VisiblePosition&);
    5454
    5555    void updatePlaceholderVisibility(bool, bool);
     
    103103    bool hasVisibleTextArea() const;
    104104    friend void setSelectionRange(Node*, int start, int end);
    105     bool isSelectableElement(Node*) const;
     105    static bool isSelectableElement(HTMLElement*, Node*);
    106106   
    107107    virtual int textBlockInsetLeft() const = 0;
Note: See TracChangeset for help on using the changeset viewer.