[SCM] WebKit Debian packaging branch, debian/experimental, updated. upstream/1.3.3-9427-gc2be6fc

enrica at apple.com enrica at apple.com
Wed Dec 22 13:56:08 UTC 2010 

The following commit has been merged in the debian/experimental branch:
commit de818a695c4f1d30765f0aefda588cb4e5321740
Author: enrica at apple.com <enrica at apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date:   Thu Sep 30 00:11:04 2010 +0000

    Crash at lineBreakExistsAtPosition + 125
    <rdar://problem/7028809>
    https://bugs.webkit.org/show_bug.cgi?id=46770
    
    Reviewed by Darin Adler.
    
    lineBreakExistsAtPosition is called from InsertTextCommand::input,
    where we compute the downstream position of the endingSelection().
    Downstream can return the original position, that comes from a VisibleSelection
    but there is no guarantee that its renderer is still there. Everywhere we dereference
    a renderer we check if it's null.
    
    There is no regression test.
    
    * editing/htmlediting.cpp:
    (WebCore::lineBreakExistsAtPosition): Added check that the renderer is not null
    before dereferencing it.
    
    
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@68727 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index a08ff24..787240e 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,23 @@
+2010-09-29  Enrica Casucci  <enrica at apple.com>
+
+        Reviewed by Darin Adler.
+
+        Crash at lineBreakExistsAtPosition + 125
+        <rdar://problem/7028809> 
+        https://bugs.webkit.org/show_bug.cgi?id=46770
+        
+        lineBreakExistsAtPosition is called from InsertTextCommand::input,
+        where we compute the downstream position of the endingSelection().
+        Downstream can return the original position, that comes from a VisibleSelection
+        but there is no guarantee that its renderer is still there. Everywhere we dereference
+        a renderer we check if it's null.
+        
+        There is no regression test.
+        
+        * editing/htmlediting.cpp:
+        (WebCore::lineBreakExistsAtPosition): Added check that the renderer is not null
+        before dereferencing it.
+
 2010-09-29  Sam Weinig  <sam at webkit.org>
 
         Reviewed by Darin Adler.
diff --git a/WebCore/editing/htmlediting.cpp b/WebCore/editing/htmlediting.cpp
index 53b5d7e..9ec71e7 100644
--- a/WebCore/editing/htmlediting.cpp
+++ b/WebCore/editing/htmlediting.cpp
@@ -1069,6 +1069,9 @@ bool lineBreakExistsAtPosition(const Position& position)
     if (position.anchorNode()->hasTagName(brTag) && position.atFirstEditingPositionForNode())
         return true;
     
+    if (!position.anchorNode()->renderer())
+        return false;
+    
     if (!position.anchorNode()->isTextNode() || !position.anchorNode()->renderer()->style()->preserveNewline())
         return false;
     

-- 
WebKit Debian packaging

More information about the Pkg-webkit-commits mailing list