Changeset 202762 in webkit

Timestamp:

Jul 1, 2016 4:25:04 PM (8 years ago)

Author:

Chris Dumez

Message:

Possible null Range dereference under AXObjectCache::visiblePositionFromCharacterOffset()
​https://bugs.webkit.org/show_bug.cgi?id=159330
<rdar://problem/27123752>

Reviewed by Benjamin Poulain.

rangeForUnorderedCharacterOffsets() can return a null Range but we failed
to do a null check before dereferencing it.

• accessibility/AXObjectCache.cpp:

(WebCore::AXObjectCache::visiblePositionFromCharacterOffset):

Location:

trunk/Source/WebCore

Files:

• ChangeLog (modified) (1 diff)
• accessibility/AXObjectCache.cpp (modified) (1 diff)

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2016-07-01  Chris Dumez  <cdumez@apple.com>
+
+        Possible null Range dereference under AXObjectCache::visiblePositionFromCharacterOffset()
+        https://bugs.webkit.org/show_bug.cgi?id=159330
+        <rdar://problem/27123752>
+
+        Reviewed by Benjamin Poulain.
+
+        rangeForUnorderedCharacterOffsets() can return a null Range but we failed
+        to do a null check before dereferencing it.
+
+        * accessibility/AXObjectCache.cpp:
+        (WebCore::AXObjectCache::visiblePositionFromCharacterOffset):
+
 2016-07-01  Chris Dumez  <cdumez@apple.com>
 

trunk/Source/WebCore/accessibility/AXObjectCache.cpp

@@ -1959 +1959 @@
     // Create a collapsed range and use that to form a VisiblePosition, so that the case with
     // composed characters will be covered.
-    RefPtr<Range> range = rangeForUnorderedCharacterOffsets(characterOffset, characterOffset);
-    return VisiblePosition(range->startPosition());
+    auto range = rangeForUnorderedCharacterOffsets(characterOffset, characterOffset);
+    return range ? VisiblePosition(range->startPosition()) : VisiblePosition();
 }