[SCM] WebKit Debian packaging branch, debian/experimental, updated. upstream/1.3.3-9427-gc2be6fc

rniwa at webkit.org rniwa at webkit.org
Wed Dec 22 14:40:38 UTC 2010 

The following commit has been merged in the debian/experimental branch:
commit ac4687c5740d01638a8e9bf9a8ba425d2b46b6d1
Author: rniwa at webkit.org <rniwa at webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date:   Fri Oct 15 18:05:40 2010 +0000

    2010-10-15  Ryosuke Niwa  <rniwa at webkit.org>
    
            Reviewed by Darin Adler.
    
            Crash in WebCore::ApplyStyleCommand::applyBlockStyle
            https://bugs.webkit.org/show_bug.cgi?id=47699
    
            The crash was caused by applyBlockStyle's invalidly assuming that visibleStart and visibleEnd always exist.
            Added an early exit to the function when either visibleStart or visibleEnd is null or orphaned.
    
            Test: editing/style/block-style-progress-crash.html
    
            * editing/ApplyStyleCommand.cpp:
            (WebCore::ApplyStyleCommand::applyBlockStyle):
    2010-10-15  Ryosuke Niwa  <rniwa at webkit.org>
    
            Reviewed by Darin Adler.
    
            Crash in WebCore::ApplyStyleCommand::applyBlockStyle
            https://bugs.webkit.org/show_bug.cgi?id=47699
    
            Added a test to ensure WebKit does not crash when the body is content editable
            and justifying a progress element and '>' following the element to the right.
    
            * editing/style/block-style-progress-crash-expected.txt: Added.
            * editing/style/block-style-progress-crash.html: Added.
    
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@69865 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
index fc145ca..4f777ac 100644
--- a/LayoutTests/ChangeLog
+++ b/LayoutTests/ChangeLog
@@ -1,3 +1,16 @@
+2010-10-15  Ryosuke Niwa  <rniwa at webkit.org>
+
+        Reviewed by Darin Adler.
+
+        Crash in WebCore::ApplyStyleCommand::applyBlockStyle
+        https://bugs.webkit.org/show_bug.cgi?id=47699
+
+        Added a test to ensure WebKit does not crash when the body is content editable
+        and justifying a progress element and '>' following the element to the right.
+
+        * editing/style/block-style-progress-crash-expected.txt: Added.
+        * editing/style/block-style-progress-crash.html: Added.
+
 2010-10-15  Alejandro G. Castro  <alex at igalia.com>
 
         Unreviewed, skipped flaky tests, added followup bug:
diff --git a/LayoutTests/compositing/overflow/get-transform-from-non-box-container-expected.txt b/LayoutTests/editing/style/block-style-progress-crash-expected.txt
similarity index 100%
copy from LayoutTests/compositing/overflow/get-transform-from-non-box-container-expected.txt
copy to LayoutTests/editing/style/block-style-progress-crash-expected.txt
diff --git a/LayoutTests/editing/style/block-style-progress-crash.html b/LayoutTests/editing/style/block-style-progress-crash.html
new file mode 100644
index 0000000..da0f66e
--- /dev/null
+++ b/LayoutTests/editing/style/block-style-progress-crash.html
@@ -0,0 +1,19 @@
+<!DOCTYPE html>
+<html>
+<head>
+<script>
+
+if (window.layoutTestController)
+    layoutTestController.dumpAsText();
+
+function runTest() {
+    var r = document.createRange();
+    getSelection().addRange(r);
+    document.execCommand('justifyRight', null, true);
+    document.body.innerHTML = 'PASS';
+}
+
+</script>
+</head>
+<body onload="runTest()" contentEditable>
+<progress >>
\ No newline at end of file
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index 7a380fe..f8070fc 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,18 @@
+2010-10-15  Ryosuke Niwa  <rniwa at webkit.org>
+
+        Reviewed by Darin Adler.
+
+        Crash in WebCore::ApplyStyleCommand::applyBlockStyle
+        https://bugs.webkit.org/show_bug.cgi?id=47699
+
+        The crash was caused by applyBlockStyle's invalidly assuming that visibleStart and visibleEnd always exist.
+        Added an early exit to the function when either visibleStart or visibleEnd is null or orphaned.
+
+        Test: editing/style/block-style-progress-crash.html
+
+        * editing/ApplyStyleCommand.cpp:
+        (WebCore::ApplyStyleCommand::applyBlockStyle):
+
 2010-10-13  Anders Carlsson  <andersca at apple.com>
 
         Reviewed by Sam Weinig.
diff --git a/WebCore/editing/ApplyStyleCommand.cpp b/WebCore/editing/ApplyStyleCommand.cpp
index 4c31f24..605c1a6 100644
--- a/WebCore/editing/ApplyStyleCommand.cpp
+++ b/WebCore/editing/ApplyStyleCommand.cpp
@@ -640,9 +640,13 @@ void ApplyStyleCommand::applyBlockStyle(CSSMutableStyleDeclaration *style)
         start = end;
         end = swap;
     }
-        
+
     VisiblePosition visibleStart(start);
     VisiblePosition visibleEnd(end);
+
+    if (visibleStart.isNull() || visibleStart.isOrphan() || visibleEnd.isNull() || visibleEnd.isOrphan())
+        return;
+    
     // Save and restore the selection endpoints using their indices in the document, since
     // addBlockStyleIfNeeded may moveParagraphs, which can remove these endpoints.
     // Calculate start and end indices from the start of the tree that they're in.

-- 
WebKit Debian packaging

More information about the Pkg-webkit-commits mailing list