Changeset 202757 in webkit
- Timestamp:
- Jul 1, 2016 1:59:08 PM (8 years ago)
- Location:
- trunk/Source
- Files:
-
- 5 edited
-
WebCore/ChangeLog (modified) (1 diff)
-
WebCore/editing/Editor.cpp (modified) (1 diff)
-
WebCore/editing/Editor.h (modified) (1 diff)
-
WebKit2/ChangeLog (modified) (1 diff)
-
WebKit2/WebProcess/WebPage/ios/WebPageIOS.mm (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r202753 r202757 1 2016-07-01 Chris Dumez <cdumez@apple.com> 2 3 [iOS] Possible null Range dereference under computeAutocorrectionContext() 4 https://bugs.webkit.org/show_bug.cgi?id=159328 5 <rdar://problem/26766720> 6 7 Reviewed by Benjamin Poulain. 8 9 * editing/Editor.cpp: 10 (WebCore::Editor::compositionRange): 11 * editing/Editor.h: 12 Update to return a RefPtr instead of a PassRefPtr and use nullptr 13 instead of 0 in the implementation. 14 1 15 2016-07-01 Jon Davis <jond@apple.com> 2 16 -
trunk/Source/WebCore/editing/Editor.cpp
r202295 r202757 2824 2824 } 2825 2825 2826 PassRefPtr<Range> Editor::compositionRange() const2826 RefPtr<Range> Editor::compositionRange() const 2827 2827 { 2828 2828 if (!m_compositionNode) 2829 return 0;2829 return nullptr; 2830 2830 unsigned length = m_compositionNode->length(); 2831 2831 unsigned start = std::min(m_compositionStart, length); 2832 2832 unsigned end = std::min(std::max(start, m_compositionEnd), length); 2833 2833 if (start >= end) 2834 return 0;2834 return nullptr; 2835 2835 return Range::create(m_compositionNode->document(), m_compositionNode.get(), start, m_compositionNode.get(), end); 2836 2836 } -
trunk/Source/WebCore/editing/Editor.h
r200696 r202757 305 305 WEBCORE_EXPORT void cancelComposition(); 306 306 bool cancelCompositionIfSelectionIsInvalid(); 307 WEBCORE_EXPORT PassRefPtr<Range> compositionRange() const;307 WEBCORE_EXPORT RefPtr<Range> compositionRange() const; 308 308 WEBCORE_EXPORT bool getCompositionSelection(unsigned& selectionStart, unsigned& selectionEnd) const; 309 309 -
trunk/Source/WebKit2/ChangeLog
r202754 r202757 1 2016-07-01 Chris Dumez <cdumez@apple.com> 2 3 [iOS] Possible null Range dereference under computeAutocorrectionContext() 4 https://bugs.webkit.org/show_bug.cgi?id=159328 5 <rdar://problem/26766720> 6 7 Reviewed by Benjamin Poulain. 8 9 The code in computeAutocorrectionContext() was checking Editor::hasComposition() 10 before dereferencing Editor::compositionRange(). However, compositionRange() 11 can also return null in other cases (e.g. compositionStart == compositionEnd). 12 13 Drop the check for hasComposition() and do a null check on the value returned 14 by compositionRange() instead. 15 16 * WebProcess/WebPage/ios/WebPageIOS.mm: 17 (WebKit::computeAutocorrectionContext): 18 1 19 2016-07-01 Brent Fulgham <bfulgham@apple.com> 2 20 -
trunk/Source/WebKit2/WebProcess/WebPage/ios/WebPageIOS.mm
r202754 r202757 2192 2192 selectedText = plainTextReplacingNoBreakSpace(frame.selection().selection().toNormalizedRange().get()); 2193 2193 2194 if ( frame.editor().hasComposition()) {2195 range = Range::create(*frame.document(), frame.editor().compositionRange()->startPosition(), startPosition);2194 if (auto compositionRange = frame.editor().compositionRange()) { 2195 range = Range::create(*frame.document(), compositionRange->startPosition(), startPosition); 2196 2196 String markedTextBefore; 2197 2197 if (range) 2198 2198 markedTextBefore = plainTextReplacingNoBreakSpace(range.get()); 2199 range = Range::create(*frame.document(), endPosition, frame.editor().compositionRange()->endPosition());2199 range = Range::create(*frame.document(), endPosition, compositionRange->endPosition()); 2200 2200 String markedTextAfter; 2201 2201 if (range)
Note: See TracChangeset
for help on using the changeset viewer.
