Changeset 239546 in webkit


Ignore:
Timestamp:
Dec 23, 2018 3:51:30 PM (5 years ago)
Author:
Wenson Hsieh
Message:

Fix fast/ruby/ruby-base-merge-block-children-crash-2.html after r239543
https://bugs.webkit.org/show_bug.cgi?id=193015
<rdar://problem/46583527>

Reviewed by Tim Horton.

Fix the crash by gracefully handling integer overflow when computing the area of a very large editable element.

  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _elementDidFocus:userIsInteracting:blurPreviousNode:changingActivityState:userObject:]):
(-[WKContentView _updateChangedSelection:]):

Location:
trunk/Source/WebKit
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/WebKit/ChangeLog

    r239543 r239546  
     12018-12-23  Wenson Hsieh  <wenson_hsieh@apple.com>
     2
     3        Fix fast/ruby/ruby-base-merge-block-children-crash-2.html after r239543
     4        https://bugs.webkit.org/show_bug.cgi?id=193015
     5        <rdar://problem/46583527>
     6
     7        Reviewed by Tim Horton.
     8
     9        Fix the crash by gracefully handling integer overflow when computing the area of a very large editable element.
     10
     11        * UIProcess/ios/WKContentViewInteraction.mm:
     12        (-[WKContentView _elementDidFocus:userIsInteracting:blurPreviousNode:changingActivityState:userObject:]):
     13        (-[WKContentView _updateChangedSelection:]):
     14
    1152018-12-22  Wenson Hsieh  <wenson_hsieh@apple.com>
    216

  • trunk/Source/WebKit/UIProcess/ios/WKContentViewInteraction.mm

    r239543 r239546  
    44774477        [self _stopSuppressingSelectionAssistantForReason:WebKit::FocusedElementIsTransparent];
    44784478
    4479     if (information.elementRect.area() < minimumFocusedElementAreaForSuppressingSelectionAssistant)
     4479    auto elementArea = information.elementRect.area<RecordOverflow>();
     4480    if (!elementArea.hasOverflowed() && elementArea < minimumFocusedElementAreaForSuppressingSelectionAssistant)
    44804481        [self _beginSuppressingSelectionAssistantForReason:WebKit::FocusedElementIsTooSmall];
    44814482    else
     
    50145015            [self _stopSuppressingSelectionAssistantForReason:WebKit::FocusedElementIsTransparent];
    50155016
    5016         if (postLayoutData.focusedElementRect.area() < minimumFocusedElementAreaForSuppressingSelectionAssistant)
     5017        auto elementArea = postLayoutData.focusedElementRect.area<RecordOverflow>();
     5018        if (!elementArea.hasOverflowed() && elementArea < minimumFocusedElementAreaForSuppressingSelectionAssistant)
    50175019            [self _beginSuppressingSelectionAssistantForReason:WebKit::FocusedElementIsTooSmall];
    50185020        else
Note: See TracChangeset for help on using the changeset viewer.