[webkit-changes] [269620] trunk/Source/WebKit

Wed, 11 Nov 2020 07:54:59 -0800

Title: [269620] trunk/Source/WebKit
Revision
269620
Author
[email protected]
Date
2020-11-10 01:03:04 -0800 (Tue, 10 Nov 2020)

Log Message

[GTK] Crash in WebKit::DropTarget::drop
https://bugs.webkit.org/show_bug.cgi?id=217482

Reviewed by Michael Catanzaro.

If we don't have selection data when drop is called, just return early to let leave continue. Also change
accept() to receive the drop context and position to be set after leaving any previous operation.

* UIProcess/API/gtk/DropTarget.h:
* UIProcess/API/gtk/DropTargetGtk3.cpp:
(WebKit::DropTarget::DropTarget):
(WebKit::DropTarget::accept):
(WebKit::DropTarget::drop):
* UIProcess/API/gtk/DropTargetGtk4.cpp:
(WebKit::DropTarget::DropTarget):
(WebKit::DropTarget::accept):

Modified Paths

Diff

Modified: trunk/Source/WebKit/ChangeLog (269619 => 269620)


--- trunk/Source/WebKit/ChangeLog	2020-11-10 08:59:03 UTC (rev 269619)
+++ trunk/Source/WebKit/ChangeLog	2020-11-10 09:03:04 UTC (rev 269620)
@@ -1,5 +1,24 @@
 2020-11-10  Carlos Garcia Campos  <[email protected]>
 
+        [GTK] Crash in WebKit::DropTarget::drop
+        https://bugs.webkit.org/show_bug.cgi?id=217482
+
+        Reviewed by Michael Catanzaro.
+
+        If we don't have selection data when drop is called, just return early to let leave continue. Also change
+        accept() to receive the drop context and position to be set after leaving any previous operation.
+
+        * UIProcess/API/gtk/DropTarget.h:
+        * UIProcess/API/gtk/DropTargetGtk3.cpp:
+        (WebKit::DropTarget::DropTarget):
+        (WebKit::DropTarget::accept):
+        (WebKit::DropTarget::drop):
+        * UIProcess/API/gtk/DropTargetGtk4.cpp:
+        (WebKit::DropTarget::DropTarget):
+        (WebKit::DropTarget::accept):
+
+2020-11-10  Carlos Garcia Campos  <[email protected]>
+
         [GTK][WPE] WEBKIT_PLUGIN_ERROR_WILL_HANDLE_LOAD returned when plugins are disabled
         https://bugs.webkit.org/show_bug.cgi?id=216123

Modified: trunk/Source/WebKit/UIProcess/API/gtk/DropTarget.h (269619 => 269620)


--- trunk/Source/WebKit/UIProcess/API/gtk/DropTarget.h	2020-11-10 08:59:03 UTC (rev 269619)
+++ trunk/Source/WebKit/UIProcess/API/gtk/DropTarget.h	2020-11-10 09:03:04 UTC (rev 269620)
@@ -39,9 +39,11 @@
 
 #if USE(GTK4)
 typedef struct _GdkDrop GdkDrop;
+using PlatformDropContext = GdkDrop;
 #else
 typedef struct _GdkDragContext GdkDragContext;
 typedef struct _GtkSelectionData GtkSelectionData;
+using PlatformDropContext = GdkDragContext;
 #endif
 
 namespace WebKit {
@@ -57,7 +59,7 @@
     void didPerformAction();
 
 private:
-    void accept(unsigned = 0);
+    void accept(PlatformDropContext*, Optional<WebCore::IntPoint> = WTF::nullopt, unsigned = 0);
     void enter(WebCore::IntPoint&&, unsigned = 0);
     void update(WebCore::IntPoint&&, unsigned = 0);
     void leave();

Modified: trunk/Source/WebKit/UIProcess/API/gtk/DropTargetGtk3.cpp (269619 => 269620)


--- trunk/Source/WebKit/UIProcess/API/gtk/DropTargetGtk3.cpp	2020-11-10 08:59:03 UTC (rev 269619)
+++ trunk/Source/WebKit/UIProcess/API/gtk/DropTargetGtk3.cpp	2020-11-10 09:03:04 UTC (rev 269620)
@@ -59,9 +59,7 @@
     g_signal_connect_after(m_webView, "drag-motion", G_CALLBACK(+[](GtkWidget*, GdkDragContext* context, gint x, gint y, guint time, gpointer userData) -> gboolean {
         auto& drop = *static_cast<DropTarget*>(userData);
         if (drop.m_drop != context) {
-            drop.m_drop = context;
-            drop.m_position = IntPoint(x, y);
-            drop.accept(time);
+            drop.accept(context, IntPoint(x, y), time);
         } else if (drop.m_drop == context)
             drop.update({ x, y }, time);
         return TRUE;
@@ -97,7 +95,7 @@
     g_signal_handlers_disconnect_by_data(m_webView, this);
 }
 
-void DropTarget::accept(unsigned time)
+void DropTarget::accept(GdkDragContext* drop, Optional<WebCore::IntPoint> position, unsigned time)
 {
     if (m_leaveTimer.isActive()) {
         m_leaveTimer.stop();
@@ -104,6 +102,8 @@
         leaveTimerFired();
     }
 
+    m_drop = drop;
+    m_position = position;
     m_dataRequestCount = 0;
     m_selectionData = WTF::nullopt;
 
@@ -259,6 +259,10 @@
 
 void DropTarget::drop(IntPoint&& position, unsigned time)
 {
+    // If we don't have data at this point, allow the leave timer to fire, ending the drop operation.
+    if (!m_selectionData)
+        return;
+
     if (m_leaveTimer.isActive())
         m_leaveTimer.stop();

Modified: trunk/Source/WebKit/UIProcess/API/gtk/DropTargetGtk4.cpp (269619 => 269620)


--- trunk/Source/WebKit/UIProcess/API/gtk/DropTargetGtk4.cpp	2020-11-10 08:59:03 UTC (rev 269619)
+++ trunk/Source/WebKit/UIProcess/API/gtk/DropTargetGtk4.cpp	2020-11-10 09:03:04 UTC (rev 269620)
@@ -54,8 +54,7 @@
         static_cast<GdkDragAction>(GDK_ACTION_COPY | GDK_ACTION_MOVE | GDK_ACTION_LINK));
     g_signal_connect(target, "accept", G_CALLBACK(+[](GtkDropTargetAsync*, GdkDrop* gdkDrop, gpointer userData) -> gboolean {
         auto& drop = *static_cast<DropTarget*>(userData);
-        drop.m_drop = gdkDrop;
-        drop.accept();
+        drop.accept(gdkDrop);
         return TRUE;
     }), this);
 
@@ -102,9 +101,10 @@
     g_cancellable_cancel(m_cancellable.get());
 }
 
-void DropTarget::accept(unsigned)
+void DropTarget::accept(GdkDrop* drop, Optional<WebCore::IntPoint> position, unsigned)
 {
-    m_position = WTF::nullopt;
+    m_drop = drop;
+    m_position = position;
     m_selectionData = SelectionData();
     m_dataRequestCount = 0;
     m_cancellable = adoptGRef(g_cancellable_new());

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to