Title: [202814] trunk
- Revision
- 202814
- Author
- [email protected]
- Date
- 2016-07-04 23:43:42 -0700 (Mon, 04 Jul 2016)
Log Message
[GTK] Null Node dereference in FrameSelection::notifyAccessibilityForSelectionChange of FrameSelectionAtk.cpp
https://bugs.webkit.org/show_bug.cgi?id=159411
Patch by Fujii Hironori <[email protected]> on 2016-07-04
Reviewed by Carlos Garcia Campos.
Source/WebCore:
Tests:
editing/selection/selection-in-iframe-removed-crash.html
* editing/atk/FrameSelectionAtk.cpp:
(WebCore::FrameSelection::notifyAccessibilityForSelectionChange):
Added a null check for the return value of containerNode().
LayoutTests:
* platform/gtk/TestExpectations: Removed a crash expectation of
editing/selection/selection-in-iframe-removed-crash.html.
Modified Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (202813 => 202814)
--- trunk/LayoutTests/ChangeLog 2016-07-05 06:35:42 UTC (rev 202813)
+++ trunk/LayoutTests/ChangeLog 2016-07-05 06:43:42 UTC (rev 202814)
@@ -1,3 +1,13 @@
+2016-07-04 Fujii Hironori <[email protected]>
+
+ [GTK] Null Node dereference in FrameSelection::notifyAccessibilityForSelectionChange of FrameSelectionAtk.cpp
+ https://bugs.webkit.org/show_bug.cgi?id=159411
+
+ Reviewed by Carlos Garcia Campos.
+
+ * platform/gtk/TestExpectations: Removed a crash expectation of
+ editing/selection/selection-in-iframe-removed-crash.html.
+
2016-07-04 Youenn Fablet <[email protected]>
Shield WebRTC JS built-ins from user scripts
Modified: trunk/LayoutTests/platform/gtk/TestExpectations (202813 => 202814)
--- trunk/LayoutTests/platform/gtk/TestExpectations 2016-07-05 06:35:42 UTC (rev 202813)
+++ trunk/LayoutTests/platform/gtk/TestExpectations 2016-07-05 06:43:42 UTC (rev 202814)
@@ -730,8 +730,6 @@
webkit.org/b/110695 http/tests/security/cross-origin-local-storage.html [ Crash Pass ]
webkit.org/b/110695 http/tests/security/cross-origin-plugin-allowed.html [ Crash Pass ]
-webkit.org/b/111451 [ Debug ] editing/selection/selection-in-iframe-removed-crash.html [ Crash Pass ]
-
webkit.org/b/111902 [ Debug ] http/tests/security/XFrameOptions/x-frame-options-deny-multiple-clients.html [ Crash ]
webkit.org/b/118422 [ Debug ] http/tests/security/XFrameOptions/x-frame-options-cached.html [ Crash Pass ]
Modified: trunk/Source/WebCore/ChangeLog (202813 => 202814)
--- trunk/Source/WebCore/ChangeLog 2016-07-05 06:35:42 UTC (rev 202813)
+++ trunk/Source/WebCore/ChangeLog 2016-07-05 06:43:42 UTC (rev 202814)
@@ -1,3 +1,17 @@
+2016-07-04 Fujii Hironori <[email protected]>
+
+ [GTK] Null Node dereference in FrameSelection::notifyAccessibilityForSelectionChange of FrameSelectionAtk.cpp
+ https://bugs.webkit.org/show_bug.cgi?id=159411
+
+ Reviewed by Carlos Garcia Campos.
+
+ Tests:
+ editing/selection/selection-in-iframe-removed-crash.html
+
+ * editing/atk/FrameSelectionAtk.cpp:
+ (WebCore::FrameSelection::notifyAccessibilityForSelectionChange):
+ Added a null check for the return value of containerNode().
+
2016-07-04 Gyuyoung Kim <[email protected]>
[EFL] Remove mac configuration dependency in WebKit Version definition
Modified: trunk/Source/WebCore/editing/atk/FrameSelectionAtk.cpp (202813 => 202814)
--- trunk/Source/WebCore/editing/atk/FrameSelectionAtk.cpp 2016-07-05 06:35:42 UTC (rev 202813)
+++ trunk/Source/WebCore/editing/atk/FrameSelectionAtk.cpp 2016-07-05 06:43:42 UTC (rev 202814)
@@ -92,12 +92,15 @@
if (!m_selection.start().isNotNull() || !m_selection.end().isNotNull())
return;
- RenderObject* focusedNode = m_selection.end().containerNode()->renderer();
+ Node* focusedNode = m_selection.end().containerNode();
+ if (!focusedNode)
+ return;
+
AXObjectCache* cache = m_frame->document()->existingAXObjectCache();
if (!cache)
return;
- AccessibilityObject* accessibilityObject = cache->getOrCreate(focusedNode);
+ AccessibilityObject* accessibilityObject = cache->getOrCreate(focusedNode->renderer());
if (!accessibilityObject)
return;
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
