Title: [218572] releases/WebKitGTK/webkit-2.16
- Revision
- 218572
- Author
- carlo...@webkit.org
- Date
- 2017-06-20 01:52:13 -0700 (Tue, 20 Jun 2017)
Log Message
Merge r217958 - Crash inside InsertNodeBeforeCommand via InsertParagraphSeparatorCommand
https://bugs.webkit.org/show_bug.cgi?id=173085
Source/WebCore:
<rdar://problem/32575059>
Reviewed by Wenson Hsieh.
The crash was caused by the condition to check for special cases failing when visiblePos is null.
Exit early in these extreme cases.
Also replaced the use of deprecatedNode and deprecatedEditingOffset to modern idioms.
Test: editing/inserting/insert-horizontal-rule-in-empty-document-crash.html
* editing/InsertParagraphSeparatorCommand.cpp:
(WebCore::InsertParagraphSeparatorCommand::doApply):
LayoutTests:
Reviewed by Wenson Hsieh.
Added a regresion test.
* editing/inserting/insert-horizontal-rule-in-empty-document-crash-expected.txt: Added.
* editing/inserting/insert-horizontal-rule-in-empty-document-crash.html: Added.
Modified Paths
Added Paths
Diff
Modified: releases/WebKitGTK/webkit-2.16/LayoutTests/ChangeLog (218571 => 218572)
--- releases/WebKitGTK/webkit-2.16/LayoutTests/ChangeLog 2017-06-20 08:43:28 UTC (rev 218571)
+++ releases/WebKitGTK/webkit-2.16/LayoutTests/ChangeLog 2017-06-20 08:52:13 UTC (rev 218572)
@@ -1,3 +1,15 @@
+2017-06-08 Ryosuke Niwa <rn...@webkit.org>
+
+ Crash inside InsertNodeBeforeCommand via InsertParagraphSeparatorCommand
+ https://bugs.webkit.org/show_bug.cgi?id=173085
+
+ Reviewed by Wenson Hsieh.
+
+ Added a regresion test.
+
+ * editing/inserting/insert-horizontal-rule-in-empty-document-crash-expected.txt: Added.
+ * editing/inserting/insert-horizontal-rule-in-empty-document-crash.html: Added.
+
2017-06-08 Xabier Rodriguez Calvar <calva...@igalia.com>
MediaTime class has rounding issues in different platforms
Added: releases/WebKitGTK/webkit-2.16/LayoutTests/editing/inserting/insert-horizontal-rule-in-empty-document-crash-expected.txt (0 => 218572)
--- releases/WebKitGTK/webkit-2.16/LayoutTests/editing/inserting/insert-horizontal-rule-in-empty-document-crash-expected.txt (rev 0)
+++ releases/WebKitGTK/webkit-2.16/LayoutTests/editing/inserting/insert-horizontal-rule-in-empty-document-crash-expected.txt 2017-06-20 08:52:13 UTC (rev 218572)
@@ -0,0 +1 @@
+PASS. WebKit did not crash.
Added: releases/WebKitGTK/webkit-2.16/LayoutTests/editing/inserting/insert-horizontal-rule-in-empty-document-crash.html (0 => 218572)
--- releases/WebKitGTK/webkit-2.16/LayoutTests/editing/inserting/insert-horizontal-rule-in-empty-document-crash.html (rev 0)
+++ releases/WebKitGTK/webkit-2.16/LayoutTests/editing/inserting/insert-horizontal-rule-in-empty-document-crash.html 2017-06-20 08:52:13 UTC (rev 218572)
@@ -0,0 +1,21 @@
+<html>
+<head>
+<script>
+function runTest()
+{
+ document.execCommand("selectAll", true);
+ document['designMode'] = 'on';
+ document.execCommand("insertHorizontalRule", true);
+ document.body.replaceWith(document.createElement('div'));
+ document.execCommand("insertHorizontalRule", true);
+ if (window.testRunner) {
+ testRunner.dumpAsText();
+ document.documentElement.textContent = 'PASS. WebKit did not crash.';
+ }
+}
+window._onload_ = runTest;
+</script>
+</head>
+<body>
+</body>
+</html>
Modified: releases/WebKitGTK/webkit-2.16/Source/WebCore/ChangeLog (218571 => 218572)
--- releases/WebKitGTK/webkit-2.16/Source/WebCore/ChangeLog 2017-06-20 08:43:28 UTC (rev 218571)
+++ releases/WebKitGTK/webkit-2.16/Source/WebCore/ChangeLog 2017-06-20 08:52:13 UTC (rev 218572)
@@ -1,3 +1,21 @@
+2017-06-08 Ryosuke Niwa <rn...@webkit.org>
+
+ Crash inside InsertNodeBeforeCommand via InsertParagraphSeparatorCommand
+ https://bugs.webkit.org/show_bug.cgi?id=173085
+ <rdar://problem/32575059>
+
+ Reviewed by Wenson Hsieh.
+
+ The crash was caused by the condition to check for special cases failing when visiblePos is null.
+ Exit early in these extreme cases.
+
+ Also replaced the use of deprecatedNode and deprecatedEditingOffset to modern idioms.
+
+ Test: editing/inserting/insert-horizontal-rule-in-empty-document-crash.html
+
+ * editing/InsertParagraphSeparatorCommand.cpp:
+ (WebCore::InsertParagraphSeparatorCommand::doApply):
+
2017-06-06 Zalan Bujtas <za...@apple.com>
Safari doesn't load newest The Order of the Stick comic.
Modified: releases/WebKitGTK/webkit-2.16/Source/WebCore/editing/InsertParagraphSeparatorCommand.cpp (218571 => 218572)
--- releases/WebKitGTK/webkit-2.16/Source/WebCore/editing/InsertParagraphSeparatorCommand.cpp 2017-06-20 08:43:28 UTC (rev 218571)
+++ releases/WebKitGTK/webkit-2.16/Source/WebCore/editing/InsertParagraphSeparatorCommand.cpp 2017-06-20 08:52:13 UTC (rev 218572)
@@ -185,6 +185,9 @@
// Adjust the insertion position after the delete
insertionPosition = positionAvoidingSpecialElementBoundary(insertionPosition);
VisiblePosition visiblePos(insertionPosition, affinity);
+ if (visiblePos.isNull())
+ return;
+
calculateStyleBeforeInsertion(insertionPosition);
//---------------------------------------------------------------------
@@ -265,9 +268,8 @@
// startBlock should always have children, otherwise isLastInBlock would be true and it's handled above.
ASSERT(startBlock->firstChild());
refNode = startBlock->firstChild();
- }
- else if (insertionPosition.deprecatedNode() == startBlock && nestNewBlock) {
- refNode = startBlock->traverseToChildAt(insertionPosition.deprecatedEditingOffset());
+ } else if (insertionPosition.containerNode() == startBlock && nestNewBlock) {
+ refNode = startBlock->traverseToChildAt(insertionPosition.computeOffsetInContainerNode());
ASSERT(refNode); // must be true or we'd be in the end of block case
} else
refNode = insertionPosition.deprecatedNode();
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
