Skip to site navigation (Press enter)

[webkit-changes] [259595] trunk

shihchieh_lee Mon, 06 Apr 2020 14:45:25 -0700

Title: [259595] trunk

Revision: 259595
Author: [email protected]
Date: 2020-04-06 14:44:11 -0700 (Mon, 06 Apr 2020)

Log Message

Nullptr crash in CompositeEditCommand::moveParagraphContentsToNewBlockIfNecessary with draggable text
https://bugs.webkit.org/show_bug.cgi?id=209999
<rdar://problem/58978340>


Reviewed by Ryosuke Niwa.

Source/WebCore:

VisibleParagraphStart/End may return empty VisiblePosition if no proper element or node
can be used as position candidate. Add null check for the returned VisiblePositions.

Test: fast/css/style-change-draggable-text.html

* editing/CompositeEditCommand.cpp:
(WebCore::CompositeEditCommand::moveParagraphContentsToNewBlockIfNecessary):

LayoutTests:

Added a regression test for the crash.

* fast/css/style-change-draggable-text-expected.txt: Added.
* fast/css/style-change-draggable-text.html: Added.

Modified Paths

trunk/LayoutTests/ChangeLog
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/editing/CompositeEditCommand.cpp

Added Paths

trunk/LayoutTests/fast/css/style-change-draggable-text-expected.txt
trunk/LayoutTests/fast/css/style-change-draggable-text.html

Diff

Modified: trunk/LayoutTests/ChangeLog (259594 => 259595)


--- trunk/LayoutTests/ChangeLog	2020-04-06 20:53:56 UTC (rev 259594)
+++ trunk/LayoutTests/ChangeLog	2020-04-06 21:44:11 UTC (rev 259595)
@@ -1,3 +1,16 @@
+2020-04-06  Jack Lee  <[email protected]>
+
+        Nullptr crash in CompositeEditCommand::moveParagraphContentsToNewBlockIfNecessary with draggable text
+        https://bugs.webkit.org/show_bug.cgi?id=209999
+        <rdar://problem/58978340>
+
+        Reviewed by Ryosuke Niwa.
+
+        Added a regression test for the crash.
+
+        * fast/css/style-change-draggable-text-expected.txt: Added.
+        * fast/css/style-change-draggable-text.html: Added.
+
 2020-04-06  Jer Noble  <[email protected]>
 
         [ Mac wk2 ] http/tests/media/track-in-band-hls-metadata.html is flaky crashing.

Added: trunk/LayoutTests/fast/css/style-change-draggable-text-expected.txt (0 => 259595)


--- trunk/LayoutTests/fast/css/style-change-draggable-text-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/fast/css/style-change-draggable-text-expected.txt	2020-04-06 21:44:11 UTC (rev 259595)
@@ -0,0 +1 @@
+Test changing style with draggable text. The test passes if WebKit doesn't crash or hit an assertiona

Added: trunk/LayoutTests/fast/css/style-change-draggable-text.html (0 => 259595)


--- trunk/LayoutTests/fast/css/style-change-draggable-text.html	                        (rev 0)
+++ trunk/LayoutTests/fast/css/style-change-draggable-text.html	2020-04-06 21:44:11 UTC (rev 259595)
@@ -0,0 +1,14 @@
+<style>
+    #SHADOW { initial; -webkit-user-select: text; }
+    #LABEL { -webkit-user-select: all; }
+</style>
+<script>
+    if (window.testRunner)
+        testRunner.dumpAsText();
+
+    window._onload_ = () =>  {
+        window.getSelection().collapse(SHADOW);
+        document.execCommand("justifyCenter", false);
+    }
+</script>
+<span>Test changing style with draggable text. The test passes if WebKit doesn't crash or hit an assertion</span><label id=LABEL contenteditable="true"><shadow id=SHADOW></shadow><span draggable="true">a

Modified: trunk/Source/WebCore/ChangeLog (259594 => 259595)


--- trunk/Source/WebCore/ChangeLog	2020-04-06 20:53:56 UTC (rev 259594)
+++ trunk/Source/WebCore/ChangeLog	2020-04-06 21:44:11 UTC (rev 259595)
@@ -1,3 +1,19 @@
+2020-04-06  Jack Lee  <[email protected]>
+
+        Nullptr crash in CompositeEditCommand::moveParagraphContentsToNewBlockIfNecessary with draggable text
+        https://bugs.webkit.org/show_bug.cgi?id=209999
+        <rdar://problem/58978340>
+
+        Reviewed by Ryosuke Niwa.
+
+        VisibleParagraphStart/End may return empty VisiblePosition if no proper element or node
+        can be used as position candidate. Add null check for the returned VisiblePositions.
+
+        Test: fast/css/style-change-draggable-text.html
+
+        * editing/CompositeEditCommand.cpp:
+        (WebCore::CompositeEditCommand::moveParagraphContentsToNewBlockIfNecessary):
+
 2020-04-06  Jer Noble  <[email protected]>
 
         Strengthen the ASSERT in ImageDecoderAVFObjC::storeSampleBuffer().

Modified: trunk/Source/WebCore/editing/CompositeEditCommand.cpp (259594 => 259595)


--- trunk/Source/WebCore/editing/CompositeEditCommand.cpp	2020-04-06 20:53:56 UTC (rev 259594)
+++ trunk/Source/WebCore/editing/CompositeEditCommand.cpp	2020-04-06 21:44:11 UTC (rev 259595)
@@ -1159,6 +1159,9 @@
     VisiblePosition visiblePos(pos, VP_DEFAULT_AFFINITY);
     VisiblePosition visibleParagraphStart(startOfParagraph(visiblePos));
     VisiblePosition visibleParagraphEnd = endOfParagraph(visiblePos);
+    if (visibleParagraphStart.isNull() || visibleParagraphEnd.isNull())
+        return nullptr;
+
     VisiblePosition next = visibleParagraphEnd.next();
     VisiblePosition visibleEnd = next.isNotNull() ? next : visibleParagraphEnd;

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes