Skip to site navigation (Press enter)

[webkit-changes] [114418] trunk

cfleizach Tue, 17 Apr 2012 12:48:25 -0700

Title: [114418] trunk

Revision: 114418
Author: cfleiz...@apple.com
Date: 2012-04-17 12:48:15 -0700 (Tue, 17 Apr 2012)

Log Message

Crash in invalid index for _textMarkerForIndex
https://bugs.webkit.org/show_bug.cgi?id=84104


Reviewed by Beth Dakin.

Source/WebCore:

Test: platform/mac/accessibility/textmarker-for-index-out-of-bounds-crash.html

* accessibility/mac/WebAccessibilityObjectWrapper.mm:
(-[WebAccessibilityObjectWrapper _textMarkerForIndex:]):

LayoutTests:

* platform/mac/accessibility/textmarker-for-index-out-of-bounds-crash-expected.txt: Added.
* platform/mac/accessibility/textmarker-for-index-out-of-bounds-crash.html: Added.

Modified Paths

trunk/LayoutTests/ChangeLog
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/accessibility/mac/WebAccessibilityObjectWrapper.mm

Added Paths

trunk/LayoutTests/platform/mac/accessibility/textmarker-for-index-out-of-bounds-crash-expected.txt
trunk/LayoutTests/platform/mac/accessibility/textmarker-for-index-out-of-bounds-crash.html

Diff

Modified: trunk/LayoutTests/ChangeLog (114417 => 114418)


--- trunk/LayoutTests/ChangeLog	2012-04-17 19:44:08 UTC (rev 114417)
+++ trunk/LayoutTests/ChangeLog	2012-04-17 19:48:15 UTC (rev 114418)
@@ -1,3 +1,13 @@
+2012-04-17  Chris Fleizach  <cfleiz...@apple.com>
+
+        Crash in invalid index for _textMarkerForIndex
+        https://bugs.webkit.org/show_bug.cgi?id=84104
+
+        Reviewed by Beth Dakin.
+
+        * platform/mac/accessibility/textmarker-for-index-out-of-bounds-crash-expected.txt: Added.
+        * platform/mac/accessibility/textmarker-for-index-out-of-bounds-crash.html: Added.
+
 2012-04-17  Jer Noble  <jer.no...@apple.com>
 
         HTML5 Video Full Screen button broken (looks like white square)

Added: trunk/LayoutTests/platform/mac/accessibility/textmarker-for-index-out-of-bounds-crash-expected.txt (0 => 114418)


--- trunk/LayoutTests/platform/mac/accessibility/textmarker-for-index-out-of-bounds-crash-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/platform/mac/accessibility/textmarker-for-index-out-of-bounds-crash-expected.txt	2012-04-17 19:48:15 UTC (rev 114418)
@@ -0,0 +1,13 @@
+text
+text
+text
+This verifies that textMarkerForIndex for not crash when given an index out of bounds
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS item1.isTextMarkerValid(item1.textMarkerForIndex(99999999999)) is false
+PASS successfullyParsed is true
+
+TEST COMPLETE
+

Added: trunk/LayoutTests/platform/mac/accessibility/textmarker-for-index-out-of-bounds-crash.html (0 => 114418)


--- trunk/LayoutTests/platform/mac/accessibility/textmarker-for-index-out-of-bounds-crash.html	                        (rev 0)
+++ trunk/LayoutTests/platform/mac/accessibility/textmarker-for-index-out-of-bounds-crash.html	2012-04-17 19:48:15 UTC (rev 114418)
@@ -0,0 +1,31 @@
+<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
+<html>
+<script src=""
+<body id="body" tabindex="0">
+
+<div tabindex="0" id="text1">text</div>
+
+text
+
+<div tabindex="0" id="text2">text</div>
+
+<p id="description"></p>
+<div id="console"></div>
+
+<script>
+
+    description("This verifies that textMarkerForIndex for not crash when given an index out of bounds");
+
+    if (window.accessibilityController) {
+        document.getElementById("text1").focus();
+        var item1 = accessibilityController.focusedElement;
+        shouldBeFalse("item1.isTextMarkerValid(item1.textMarkerForIndex(99999999999))");       
+    }
+
+</script>
+
+<script src=""
+
+</body>
+</html>
+

Modified: trunk/Source/WebCore/ChangeLog (114417 => 114418)


--- trunk/Source/WebCore/ChangeLog	2012-04-17 19:44:08 UTC (rev 114417)
+++ trunk/Source/WebCore/ChangeLog	2012-04-17 19:48:15 UTC (rev 114418)
@@ -1,3 +1,15 @@
+2012-04-17  Chris Fleizach  <cfleiz...@apple.com>
+
+        Crash in invalid index for _textMarkerForIndex
+        https://bugs.webkit.org/show_bug.cgi?id=84104
+
+        Reviewed by Beth Dakin.
+
+        Test: platform/mac/accessibility/textmarker-for-index-out-of-bounds-crash.html
+
+        * accessibility/mac/WebAccessibilityObjectWrapper.mm:
+        (-[WebAccessibilityObjectWrapper _textMarkerForIndex:]):
+
 2012-04-17  Jer Noble  <jer.no...@apple.com>
 
         HTML5 Video Full Screen button broken (looks like white square)

Modified: trunk/Source/WebCore/accessibility/mac/WebAccessibilityObjectWrapper.mm (114417 => 114418)


--- trunk/Source/WebCore/accessibility/mac/WebAccessibilityObjectWrapper.mm	2012-04-17 19:44:08 UTC (rev 114417)
+++ trunk/Source/WebCore/accessibility/mac/WebAccessibilityObjectWrapper.mm	2012-04-17 19:48:15 UTC (rev 114418)
@@ -2805,7 +2805,9 @@
         return nil;
     
     PassRefPtr<Range> textRange = TextIterator::rangeFromLocationAndLength(document->documentElement(), textIndex, 0);
-    
+    if (!textRange || !textRange->boundaryPointsValid())
+        return nil;
+
     VisiblePosition position(textRange->startPosition());
     return [self textMarkerForVisiblePosition:position];
 }

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes