[SCM] WebKit Debian packaging branch, debian/experimental, updated. upstream/1.3.3-9427-gc2be6fc
tony at chromium.org
tony at chromium.org
Wed Dec 22 12:23:11 UTC 2010
The following commit has been merged in the debian/experimental branch:
commit fd37533278fb03df9045be6ea185e4095df1b517
Author: tony at chromium.org <tony at chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Fri Aug 20 19:02:38 2010 +0000
2010-08-20 Tony Chang <tony at chromium.org>
Reviewed by Kent Tamura.
[chromium] fix a null pointer crash when dispatching JS keyboard events
https://bugs.webkit.org/show_bug.cgi?id=44313
* fast/events/initkeyboardevent-crash-expected.txt: Added.
* fast/events/initkeyboardevent-crash.html: Added.
2010-08-20 Tony Chang <tony at chromium.org>
Reviewed by Kent Tamura.
[chromium] fix a null pointer crash when dispatching JS keyboard events
https://bugs.webkit.org/show_bug.cgi?id=44313
* src/WebInputEventConversion.cpp:
(WebKit::WebKeyboardEventBuilder::WebKeyboardEventBuilder):
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@65747 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
index 298134e..de4d4e6 100644
--- a/LayoutTests/ChangeLog
+++ b/LayoutTests/ChangeLog
@@ -1,3 +1,13 @@
+2010-08-20 Tony Chang <tony at chromium.org>
+
+ Reviewed by Kent Tamura.
+
+ [chromium] fix a null pointer crash when dispatching JS keyboard events
+ https://bugs.webkit.org/show_bug.cgi?id=44313
+
+ * fast/events/initkeyboardevent-crash-expected.txt: Added.
+ * fast/events/initkeyboardevent-crash.html: Added.
+
2010-08-20 Simon Fraser <simon.fraser at apple.com>
Reviewed by Dan Bernstein.
diff --git a/LayoutTests/fast/events/initkeyboardevent-crash-expected.txt b/LayoutTests/fast/events/initkeyboardevent-crash-expected.txt
new file mode 100644
index 0000000..3b8d980
--- /dev/null
+++ b/LayoutTests/fast/events/initkeyboardevent-crash-expected.txt
@@ -0,0 +1,5 @@
+This tests that dispatching a keyboard event created via javascript does not crash.
+
+PASSED
+
+
diff --git a/LayoutTests/fast/events/initkeyboardevent-crash.html b/LayoutTests/fast/events/initkeyboardevent-crash.html
new file mode 100644
index 0000000..87c7aac
--- /dev/null
+++ b/LayoutTests/fast/events/initkeyboardevent-crash.html
@@ -0,0 +1,17 @@
+<p>This tests that dispatching a keyboard event created via javascript does
+not crash.</p>
+<p id="results"></p>
+
+<input id="1">
+<script>
+if (window.layoutTestController)
+ layoutTestController.dumpAsText();
+
+var evt = document.createEvent("KeyboardEvent");
+evt.initKeyboardEvent("keydown", true, true, window, 0, 0, 0, 0, 0, 0, "a");
+var elt = document.getElementById("1");
+elt.focus();
+elt.dispatchEvent(evt);
+
+document.getElementById("results").innerText = "PASSED";
+</script>
diff --git a/WebKit/chromium/ChangeLog b/WebKit/chromium/ChangeLog
index 14c013b..4a8d1bb 100644
--- a/WebKit/chromium/ChangeLog
+++ b/WebKit/chromium/ChangeLog
@@ -1,3 +1,13 @@
+2010-08-20 Tony Chang <tony at chromium.org>
+
+ Reviewed by Kent Tamura.
+
+ [chromium] fix a null pointer crash when dispatching JS keyboard events
+ https://bugs.webkit.org/show_bug.cgi?id=44313
+
+ * src/WebInputEventConversion.cpp:
+ (WebKit::WebKeyboardEventBuilder::WebKeyboardEventBuilder):
+
2010-08-20 Jay Civelli <jcivelli at chromium.org>
Reviewed by Darin Fisher.
diff --git a/WebKit/chromium/src/WebInputEventConversion.cpp b/WebKit/chromium/src/WebInputEventConversion.cpp
index f47a4e8..24eb372 100644
--- a/WebKit/chromium/src/WebInputEventConversion.cpp
+++ b/WebKit/chromium/src/WebInputEventConversion.cpp
@@ -332,6 +332,11 @@ WebKeyboardEventBuilder::WebKeyboardEventBuilder(const KeyboardEvent& event)
modifiers = getWebInputModifiers(event);
timeStampSeconds = event.timeStamp() * 1.0e-3;
windowsKeyCode = event.keyCode();
+
+ // The platform keyevent does not exist if the event was created using
+ // initKeyboardEvent.
+ if (!event.keyEvent())
+ return;
nativeKeyCode = event.keyEvent()->nativeVirtualKeyCode();
unsigned int numChars = std::min(event.keyEvent()->text().length(),
static_cast<unsigned int>(WebKeyboardEvent::textLengthCap));
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list