Changeset 247369 in webkit


Ignore:
Timestamp:
Jul 11, 2019 3:22:57 PM (5 years ago)
Author:
timothy_horton@apple.com
Message:

Null deref of Range under WebPage::startAutoscrollAtPosition
https://bugs.webkit.org/show_bug.cgi?id=199724
<rdar://problem/41127089>

Reviewed by Dean Jackson.

  • WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::startAutoscrollAtPosition):
Refactor this function to be early-return-y, and add one more
early return if the Range is null.

Location:
trunk/Source/WebKit
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/WebKit/ChangeLog

    r247367 r247369  
     12019-07-11  Tim Horton  <timothy_horton@apple.com>
     2
     3        Null deref of Range under WebPage::startAutoscrollAtPosition
     4        https://bugs.webkit.org/show_bug.cgi?id=199724
     5        <rdar://problem/41127089>
     6
     7        Reviewed by Dean Jackson.
     8
     9        * WebProcess/WebPage/ios/WebPageIOS.mm:
     10        (WebKit::WebPage::startAutoscrollAtPosition):
     11        Refactor this function to be early-return-y, and add one more
     12        early return if the Range is null.
     13
    1142019-07-11  Pablo Saavedra  <psaavedra@igalia.com>
    215

  • trunk/Source/WebKit/WebProcess/WebPage/ios/WebPageIOS.mm

    r247344 r247369  
    17641764void WebPage::startAutoscrollAtPosition(const WebCore::FloatPoint& positionInWindow)
    17651765{
    1766     if (m_focusedElement && m_focusedElement->renderer())
     1766    if (m_focusedElement && m_focusedElement->renderer()) {
    17671767        m_page->mainFrame().eventHandler().startSelectionAutoscroll(m_focusedElement->renderer(), positionInWindow);
    1768     else {
    1769         Frame& frame = m_page->focusController().focusedOrMainFrame();
    1770         VisibleSelection selection = frame.selection().selection();
    1771         if (selection.isRange()) {
    1772             RefPtr<Range> range = frame.selection().toNormalizedRange();
    1773             Node& node = range->startContainer();
    1774             auto* renderer = node.renderer();
    1775             if (renderer)
    1776                 m_page->mainFrame().eventHandler().startSelectionAutoscroll(renderer, positionInWindow);
    1777         }
    1778     }
     1768        return;
     1769    }
     1770   
     1771    Frame& frame = m_page->focusController().focusedOrMainFrame();
     1772    VisibleSelection selection = frame.selection().selection();
     1773    if (!selection.isRange())
     1774        return;
     1775    RefPtr<Range> range = frame.selection().toNormalizedRange();
     1776    if (!range)
     1777        return;
     1778    auto* renderer = range->startContainer().renderer();
     1779    if (!renderer)
     1780        return;
     1781
     1782    m_page->mainFrame().eventHandler().startSelectionAutoscroll(renderer, positionInWindow);
    17791783}
    17801784   
Note: See TracChangeset for help on using the changeset viewer.