[webkit-changes] [172497] trunk/Source/WebKit2

[enrica]

Title: [172497] trunk/Source/WebKit2

Revision

172497

Author

enr...@apple.com

Date

2014-08-12 15:32:43 -0700 (Tue, 12 Aug 2014)

Log Message

Crash at com.apple.WebKit.WebContent at com.apple.WebKit: WebKit::expandForGap
https://bugs.webkit.org/show_bug.cgi?id=135859
<rdar://problem/17994679>

Reviewed by Tim Horton.

expandForGap made the assumption that the selection rects were always three.
This was not true even before http://trac.webkit.org/changeset/172395 but
was more likely to happen after that change.
        
* WebProcess/WebPage/mac/ServicesOverlayController.mm:
(WebKit::expandForGap):

Modified Paths

• trunk/Source/WebKit2/ChangeLog
• trunk/Source/WebKit2/WebProcess/WebPage/mac/ServicesOverlayController.mm

Diff

Modified: trunk/Source/WebKit2/ChangeLog (172496 => 172497)

--- trunk/Source/WebKit2/ChangeLog	2014-08-12 22:30:32 UTC (rev 172496)
+++ trunk/Source/WebKit2/ChangeLog	2014-08-12 22:32:43 UTC (rev 172497)
@@ -1,3 +1,18 @@
+2014-08-12  Enrica Casucci  <enr...@apple.com>
+
+        Crash at com.apple.WebKit.WebContent at com.apple.WebKit: WebKit::expandForGap
+        https://bugs.webkit.org/show_bug.cgi?id=135859
+        <rdar://problem/17994679>
+
+        Reviewed by Tim Horton.
+
+        expandForGap made the assumption that the selection rects were always three.
+        This was not true even before http://trac.webkit.org/changeset/172395 but
+        was more likely to happen after that change.
+        
+        * WebProcess/WebPage/mac/ServicesOverlayController.mm:
+        (WebKit::expandForGap):
+
 2014-08-12  Tim Horton  <timothy_hor...@apple.com>
 
         Don't show the combined menu if there are no services available

Modified: trunk/Source/WebKit2/WebProcess/WebPage/mac/ServicesOverlayController.mm (172496 => 172497)

--- trunk/Source/WebKit2/WebProcess/WebPage/mac/ServicesOverlayController.mm	2014-08-12 22:30:32 UTC (rev 172496)
+++ trunk/Source/WebKit2/WebProcess/WebPage/mac/ServicesOverlayController.mm	2014-08-12 22:32:43 UTC (rev 172497)
@@ -239,7 +239,7 @@
 {
     if (!gap.left().isEmpty()) {
         LayoutUnit leftEdge = gap.left().x();
-        for (unsigned i = 0; i < 3; ++i) {
+        for (unsigned i = 0; i < rects.size(); ++i) {
             if (alignments[i] & AlignmentLeft)
                 rects[i].shiftXEdgeTo(leftEdge);
         }
@@ -247,7 +247,7 @@
 
     if (!gap.right().isEmpty()) {
         LayoutUnit rightEdge = gap.right().maxX();
-        for (unsigned i = 0; i < 3; ++i) {
+        for (unsigned i = 0; i < rects.size(); ++i) {
             if (alignments[i] & AlignmentRight)
                 rects[i].shiftMaxXEdgeTo(rightEdge);
         }

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes