Title: [191294] trunk
- Revision
- 191294
- Author
- cdu...@apple.com
- Date
- 2015-10-19 09:52:29 -0700 (Mon, 19 Oct 2015)
Log Message
Null dereference loading Blink layout test fast/forms/color/input-color-onchange-event.html
https://bugs.webkit.org/show_bug.cgi?id=150192
<rdar://problem/23135050>
Reviewed by Darin Adler.
Source/WebCore:
Calling internals.selectColorInColorChooser() with a non-Element would
cause a null dereference. This is because in such case, the implementation
method is passed a null pointer and we would fail to null-check it. This
patch now does the null-check.
No new tests, existing test was updated.
* testing/Internals.cpp:
(WebCore::Internals::selectColorInColorChooser):
LayoutTests:
Import more checks from the corresponding Blink test.
* fast/forms/color/input-color-onchange-event-expected.txt:
* fast/forms/color/input-color-onchange-event.html:
Modified Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (191293 => 191294)
--- trunk/LayoutTests/ChangeLog 2015-10-19 16:36:44 UTC (rev 191293)
+++ trunk/LayoutTests/ChangeLog 2015-10-19 16:52:29 UTC (rev 191294)
@@ -1,3 +1,16 @@
+2015-10-19 Chris Dumez <cdu...@apple.com>
+
+ Null dereference loading Blink layout test fast/forms/color/input-color-onchange-event.html
+ https://bugs.webkit.org/show_bug.cgi?id=150192
+ <rdar://problem/23135050>
+
+ Reviewed by Darin Adler.
+
+ Import more checks from the corresponding Blink test.
+
+ * fast/forms/color/input-color-onchange-event-expected.txt:
+ * fast/forms/color/input-color-onchange-event.html:
+
2015-10-19 Xabier Rodriguez Calvar <calva...@igalia.com>
[Streams API] Update readable-stream-reader tests to latest spec
Modified: trunk/LayoutTests/fast/forms/color/input-color-onchange-event-expected.txt (191293 => 191294)
--- trunk/LayoutTests/fast/forms/color/input-color-onchange-event-expected.txt 2015-10-19 16:36:44 UTC (rev 191293)
+++ trunk/LayoutTests/fast/forms/color/input-color-onchange-event-expected.txt 2015-10-19 16:52:29 UTC (rev 191294)
@@ -4,6 +4,16 @@
On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-value changed to #ff0000
+PASS onChangeCount is 0
+internals.selectColorInColorChooser({}, '#ff0000');
+internals.selectColorInColorChooser(document, '#ff0000');
+PASS onChangeCount is 0
+input event dispatched - value is: #ff0000
+change event dispatched - value changed to #ff0000
+PASS onChangeCount is 1
+PASS onChangeCount is 1
PASS input.value is "#ff0000"
+PASS successfullyParsed is true
+TEST COMPLETE
+
Modified: trunk/LayoutTests/fast/forms/color/input-color-onchange-event.html (191293 => 191294)
--- trunk/LayoutTests/fast/forms/color/input-color-onchange-event.html 2015-10-19 16:36:44 UTC (rev 191293)
+++ trunk/LayoutTests/fast/forms/color/input-color-onchange-event.html 2015-10-19 16:52:29 UTC (rev 191294)
@@ -1,7 +1,7 @@
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<html>
<head>
-<script src=""
+<script src=""
</head>
<body>
<p id="description"></p>
@@ -20,18 +20,32 @@
input.style.width = '20px';
input.style.height = '20px';
+var _onChangeCount_ = 0;
input._onchange_ = function() {
- debug("value changed to " + input.value);
+ debug("change event dispatched - value changed to " + input.value);
+ onChangeCount++;
};
+input._oninput_ = function() {
+ debug("input event dispatched - value is: " + input.value);
+};
+
eventSender.mouseMoveTo(10, 10);
eventSender.mouseDown();
eventSender.mouseUp();
+shouldBe('onChangeCount', '0');
+// Test that incorrect element arguments are (not) handled.
+evalAndLog("internals.selectColorInColorChooser({}, '#ff0000');");
+evalAndLog("internals.selectColorInColorChooser(document, '#ff0000');");
+shouldBe('onChangeCount', '0');
+
// input.onchange should be called
internals.selectColorInColorChooser(input, '#ff0000');
+shouldBe('onChangeCount', '1');
// input.onchange should not be called
internals.selectColorInColorChooser(input, '#ff0000');
+shouldBe('onChangeCount', '1');
shouldBe('input.value', '"#ff0000"');
</script>
Modified: trunk/Source/WebCore/ChangeLog (191293 => 191294)
--- trunk/Source/WebCore/ChangeLog 2015-10-19 16:36:44 UTC (rev 191293)
+++ trunk/Source/WebCore/ChangeLog 2015-10-19 16:52:29 UTC (rev 191294)
@@ -1,3 +1,21 @@
+2015-10-19 Chris Dumez <cdu...@apple.com>
+
+ Null dereference loading Blink layout test fast/forms/color/input-color-onchange-event.html
+ https://bugs.webkit.org/show_bug.cgi?id=150192
+ <rdar://problem/23135050>
+
+ Reviewed by Darin Adler.
+
+ Calling internals.selectColorInColorChooser() with a non-Element would
+ cause a null dereference. This is because in such case, the implementation
+ method is passed a null pointer and we would fail to null-check it. This
+ patch now does the null-check.
+
+ No new tests, existing test was updated.
+
+ * testing/Internals.cpp:
+ (WebCore::Internals::selectColorInColorChooser):
+
2015-10-19 Csaba Osztrogonác <o...@webkit.org>
Fix the !ENABLE(CSS_GRID_LAYOUT) build after r190840
Modified: trunk/Source/WebCore/testing/Internals.cpp (191293 => 191294)
--- trunk/Source/WebCore/testing/Internals.cpp 2015-10-19 16:36:44 UTC (rev 191293)
+++ trunk/Source/WebCore/testing/Internals.cpp 2015-10-19 16:52:29 UTC (rev 191294)
@@ -890,12 +890,10 @@
#if ENABLE(INPUT_TYPE_COLOR)
void Internals::selectColorInColorChooser(Element* element, const String& colorValue)
{
- if (!is<HTMLInputElement>(*element))
+ if (!is<HTMLInputElement>(element))
return;
- HTMLInputElement* inputElement = element->toInputElement();
- if (!inputElement)
- return;
- inputElement->selectColorInColorChooser(Color(colorValue));
+ auto& inputElement = downcast<HTMLInputElement>(*element);
+ inputElement.selectColorInColorChooser(Color(colorValue));
}
#endif
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
