Title: [154698] trunk
- Revision
- 154698
- Author
- [email protected]
- Date
- 2013-08-27 10:20:28 -0700 (Tue, 27 Aug 2013)
Log Message
Missing null-check of parent renderer in WebCore::HTMLEmbedElement::rendererIsNeeded()
https://bugs.webkit.org/show_bug.cgi?id=120343
Reviewed by Darin Adler.
Source/WebCore:
Null-check the parent renderer of HTMLEmbedElement in WebCore::HTMLEmbedElement::rendererIsNeeded()
and early return.
Test: fast/html/HTMLEmbedElement_without_parent_renderer_assert_crash.html
* html/HTMLEmbedElement.cpp:
(WebCore::HTMLEmbedElement::rendererIsNeeded):
LayoutTests:
Test for the handling of null parent renderer.
* fast/html/HTMLEmbedElement_without_parent_renderer_assert_crash-expected.txt: Added.
* fast/html/HTMLEmbedElement_without_parent_renderer_assert_crash.html: Added.
Modified Paths
Added Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (154697 => 154698)
--- trunk/LayoutTests/ChangeLog 2013-08-27 17:16:03 UTC (rev 154697)
+++ trunk/LayoutTests/ChangeLog 2013-08-27 17:20:28 UTC (rev 154698)
@@ -1,3 +1,15 @@
+2013-08-27 Renata Hodovan <[email protected]>
+
+ Missing null-check of parent renderer in WebCore::HTMLEmbedElement::rendererIsNeeded()
+ https://bugs.webkit.org/show_bug.cgi?id=120343
+
+ Reviewed by Darin Adler.
+
+ Test for the handling of null parent renderer.
+
+ * fast/html/HTMLEmbedElement_without_parent_renderer_assert_crash-expected.txt: Added.
+ * fast/html/HTMLEmbedElement_without_parent_renderer_assert_crash.html: Added.
+
2013-08-27 Denis Nomiyama <[email protected]>
[GTK] Missing DRT AccessibilityUIElement::addNotificationListener implementation
Added: trunk/LayoutTests/fast/html/HTMLEmbedElement_without_parent_renderer_assert_crash-expected.txt (0 => 154698)
--- trunk/LayoutTests/fast/html/HTMLEmbedElement_without_parent_renderer_assert_crash-expected.txt (rev 0)
+++ trunk/LayoutTests/fast/html/HTMLEmbedElement_without_parent_renderer_assert_crash-expected.txt 2013-08-27 17:20:28 UTC (rev 154698)
@@ -0,0 +1 @@
+PASS. WebKit didn't crash.
Added: trunk/LayoutTests/fast/html/HTMLEmbedElement_without_parent_renderer_assert_crash.html (0 => 154698)
--- trunk/LayoutTests/fast/html/HTMLEmbedElement_without_parent_renderer_assert_crash.html (rev 0)
+++ trunk/LayoutTests/fast/html/HTMLEmbedElement_without_parent_renderer_assert_crash.html 2013-08-27 17:20:28 UTC (rev 154698)
@@ -0,0 +1,14 @@
+<html>
+ <div style="-webkit-flow-from:thread;">
+ <object>
+ <embed width="100">
+ </object>
+ </div>
+
+ <script>
+ if (window.testRunner)
+ testRunner.dumpAsText();
+
+ document.body.innerHTML = "PASS. WebKit didn't crash.";
+ </script>
+</html>
Modified: trunk/Source/WebCore/ChangeLog (154697 => 154698)
--- trunk/Source/WebCore/ChangeLog 2013-08-27 17:16:03 UTC (rev 154697)
+++ trunk/Source/WebCore/ChangeLog 2013-08-27 17:20:28 UTC (rev 154698)
@@ -1,3 +1,18 @@
+2013-08-27 Renata Hodovan <[email protected]>
+
+ Missing null-check of parent renderer in WebCore::HTMLEmbedElement::rendererIsNeeded()
+ https://bugs.webkit.org/show_bug.cgi?id=120343
+
+ Reviewed by Darin Adler.
+
+ Null-check the parent renderer of HTMLEmbedElement in WebCore::HTMLEmbedElement::rendererIsNeeded()
+ and early return.
+
+ Test: fast/html/HTMLEmbedElement_without_parent_renderer_assert_crash.html
+
+ * html/HTMLEmbedElement.cpp:
+ (WebCore::HTMLEmbedElement::rendererIsNeeded):
+
2013-08-27 Brent Fulgham <[email protected]>
[Windows] Correct method call for characteristic update.
Modified: trunk/Source/WebCore/html/HTMLEmbedElement.cpp (154697 => 154698)
--- trunk/Source/WebCore/html/HTMLEmbedElement.cpp 2013-08-27 17:16:03 UTC (rev 154697)
+++ trunk/Source/WebCore/html/HTMLEmbedElement.cpp 2013-08-27 17:20:28 UTC (rev 154698)
@@ -186,7 +186,8 @@
// should be ignored and not get a renderer.
ContainerNode* p = parentNode();
if (p && p->hasTagName(objectTag)) {
- ASSERT(p->renderer());
+ if (!p->renderer())
+ return false;
if (!static_cast<HTMLObjectElement*>(p)->useFallbackContent()) {
ASSERT(!p->renderer()->isEmbeddedObject());
return false;
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
