Changeset 196287 in webkit
- Timestamp:
- Feb 8, 2016 7:04:20 PM (8 years ago)
- Location:
- trunk
- Files:
-
- 2 added
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r196284 r196287 1 2016-02-08 Nan Wang <n_wang@apple.com> 2 3 AX: crash at WebCore::Range::selectNodeContents(WebCore::Node*, int&) 4 https://bugs.webkit.org/show_bug.cgi?id=154018 5 6 Reviewed by Chris Fleizach. 7 8 * accessibility/text-marker/text-marker-range-stale-node-crash-expected.txt: Added. 9 * accessibility/text-marker/text-marker-range-stale-node-crash.html: Added. 10 1 11 2016-02-08 Joseph Pecoraro <pecoraro@apple.com> 2 12 -
trunk/Source/WebCore/ChangeLog
r196286 r196287 1 2016-02-08 Nan Wang <n_wang@apple.com> 2 3 AX: crash at WebCore::Range::selectNodeContents(WebCore::Node*, int&) 4 https://bugs.webkit.org/show_bug.cgi?id=154018 5 6 Reviewed by Chris Fleizach. 7 8 Sometimes rangeForUnorderedCharacterOffsets call is accessing derefed node objects 9 and leading to a crash. Fixed it by checking isNodeInUse before creating the CharacterOffset 10 object. 11 12 Test: accessibility/text-marker/text-marker-range-stale-node-crash.html 13 14 * accessibility/AXObjectCache.cpp: 15 (WebCore::AXObjectCache::visiblePositionForTextMarkerData): 16 (WebCore::AXObjectCache::characterOffsetForTextMarkerData): 17 (WebCore::AXObjectCache::traverseToOffsetInRange): 18 * accessibility/AXObjectCache.h: 19 * accessibility/mac/WebAccessibilityObjectWrapperMac.mm: 20 (-[WebAccessibilityObjectWrapper rangeForTextMarkerRange:]): 21 (characterOffsetForTextMarker): 22 (-[WebAccessibilityObjectWrapper characterOffsetForTextMarker:]): 23 (textMarkerForVisiblePosition): 24 1 25 2016-02-08 Andreas Kling <akling@apple.com> 2 26 -
trunk/Source/WebCore/accessibility/AXObjectCache.cpp
r196167 r196287 1424 1424 } 1425 1425 1426 CharacterOffset AXObjectCache::characterOffsetForTextMarkerData(TextMarkerData& textMarkerData) 1427 { 1428 if (!isNodeInUse(textMarkerData.node)) 1429 return CharacterOffset(); 1430 1431 if (textMarkerData.ignored) 1432 return CharacterOffset(); 1433 1434 return CharacterOffset(textMarkerData.node, textMarkerData.characterStartIndex, textMarkerData.characterOffset); 1435 } 1436 1426 1437 CharacterOffset AXObjectCache::traverseToOffsetInRange(RefPtr<Range>range, int offset, bool toNodeEnd, bool stayWithinRange) 1427 1438 { -
trunk/Source/WebCore/accessibility/AXObjectCache.h
r196216 r196287 186 186 void textMarkerDataForVisiblePosition(TextMarkerData&, const VisiblePosition&); 187 187 VisiblePosition visiblePositionForTextMarkerData(TextMarkerData&); 188 CharacterOffset characterOffsetForTextMarkerData(TextMarkerData&); 188 189 void textMarkerDataForCharacterOffset(TextMarkerData&, Node&, int, bool toNodeEnd = false); 189 190 void startOrEndTextMarkerDataForRange(TextMarkerData&, RefPtr<Range>, bool); -
trunk/Source/WebCore/accessibility/mac/WebAccessibilityObjectWrapperMac.mm
r195463 r196287 901 901 } 902 902 903 - (CharacterOffset)characterOffsetForTextMarker:(id)textMarker 904 { 905 if (! textMarker || isTextMarkerIgnored(textMarker))903 static CharacterOffset characterOffsetForTextMarker(AXObjectCache* cache, CFTypeRef textMarker) 904 { 905 if (!cache || !textMarker) 906 906 return CharacterOffset(); 907 907 … … 910 910 return CharacterOffset(); 911 911 912 return CharacterOffset(textMarkerData.node, textMarkerData.characterStartIndex, textMarkerData.characterOffset); 912 return cache->characterOffsetForTextMarkerData(textMarkerData); 913 } 914 915 - (CharacterOffset)characterOffsetForTextMarker:(id)textMarker 916 { 917 return characterOffsetForTextMarker(m_object->axObjectCache(), textMarker); 913 918 } 914 919
Note: See TracChangeset
for help on using the changeset viewer.