Changeset 73634 in webkit


Ignore:
Timestamp:
Dec 9, 2010 11:36:44 AM (13 years ago)
Author:
yael.aharon@nokia.com
Message:

2010-12-09 Yael Aharon <yael.aharon@nokia.com>

Reviewed by Antonio Gomes.

Spatial Navigation: Crash when handling iframe of size 0.
https://bugs.webkit.org/show_bug.cgi?id=50730

  • fast/spatial-navigation/snav-hidden-iframe-zero-size-expected.txt: Added.
  • fast/spatial-navigation/snav-hidden-iframe-zero-size.html: Added.

2010-12-09 Yael Aharon <yael.aharon@nokia.com>

Reviewed by Antonio Gomes.

Spatial Navigation: Crash when handling iframe of size 0.
https://bugs.webkit.org/show_bug.cgi?id=50730

if we have a frame of size 0, we would get into infinite loop and eventually crash. The reason is
that when the algorithm sees a starting rect of size 0, it assumes that there is no focused node,
thus restarts itself. The solution is to avoid considering iframes with size 0 for the spatial
navigation algorithm.

Test: fast/spatial-navigation/snav-hidden-iframe-zero-size.html

  • page/FocusController.cpp: (WebCore::updateFocusCandidateIfNeeded):
Location:
trunk
Files:
2 added
3 edited

Legend:

Unmodified
Added
Removed

  • trunk/LayoutTests/ChangeLog

    r73633 r73634  
     12010-12-09  Yael Aharon  <yael.aharon@nokia.com>
     2
     3        Reviewed by Antonio Gomes.
     4
     5        Spatial Navigation: Crash when handling iframe of size 0.
     6        https://bugs.webkit.org/show_bug.cgi?id=50730
     7
     8        * fast/spatial-navigation/snav-hidden-iframe-zero-size-expected.txt: Added.
     9        * fast/spatial-navigation/snav-hidden-iframe-zero-size.html: Added.
     10
    1112010-12-09  Sheriff Bot  <webkit.review.bot@gmail.com>
    212

  • trunk/WebCore/ChangeLog

    r73633 r73634  
     12010-12-09  Yael Aharon  <yael.aharon@nokia.com>
     2
     3        Reviewed by Antonio Gomes.
     4
     5        Spatial Navigation: Crash when handling iframe of size 0.
     6        https://bugs.webkit.org/show_bug.cgi?id=50730
     7
     8        if we have a frame of size 0, we would get into infinite loop and eventually crash. The reason is
     9        that when the algorithm sees a starting rect of size 0, it assumes that there is no focused node,
     10        thus restarts itself. The solution is to avoid considering iframes with size 0 for the spatial
     11        navigation algorithm.
     12
     13        Test: fast/spatial-navigation/snav-hidden-iframe-zero-size.html
     14
     15        * page/FocusController.cpp:
     16        (WebCore::updateFocusCandidateIfNeeded):
     17
    1182010-12-09  Sheriff Bot  <webkit.review.bot@gmail.com>
    219

  • trunk/WebCore/page/FocusController.cpp

    r73627 r73634  
    421421
    422422    // Ignore iframes that don't have a src attribute
    423     if (candidate.visibleNode->isFrameOwnerElement() && !static_cast<HTMLFrameOwnerElement*>(candidate.visibleNode)->contentFrame())
     423    if (candidate.visibleNode->isFrameOwnerElement() && (!static_cast<HTMLFrameOwnerElement*>(candidate.visibleNode)->contentFrame() || candidate.rect.isEmpty()))
    424424        return;
    425425
Note: See TracChangeset for help on using the changeset viewer.