[webkit-changes] [178814] branches/safari-600.1.4.15-branch/Source/WebKit2

Wed, 21 Jan 2015 00:13:26 -0800

Title: [178814] branches/safari-600.1.4.15-branch/Source/WebKit2
Revision
178814
Author
[email protected]
Date
2015-01-21 00:13:04 -0800 (Wed, 21 Jan 2015)

Log Message

Merged r175636.  rdar://problem/19419798


Modified Paths

Diff

Modified: branches/safari-600.1.4.15-branch/Source/WebKit2/ChangeLog (178813 => 178814)


--- branches/safari-600.1.4.15-branch/Source/WebKit2/ChangeLog	2015-01-21 08:12:09 UTC (rev 178813)
+++ branches/safari-600.1.4.15-branch/Source/WebKit2/ChangeLog	2015-01-21 08:13:04 UTC (rev 178814)
@@ -1,5 +1,28 @@
 2015-01-21  Babak Shafiei  <[email protected]>
 
+        Merge r175636.
+
+    2014-11-04  Jon Honeycutt  <[email protected]>
+
+            WebContent crash in WebPage::selectWithGesture()
+
+            <https://bugs.webkit.org/show_bug.cgi?id=138399>
+            <rdar://problem/18550631>
+
+            This crash occurs when the web process receives a "TapAndAHalf" gesture
+            with the "Changed" state without having received a "TapAndAHalf"
+            gesture with the "Began" state.
+
+            No test possible.
+
+            Reviewed by Simon Fraser.
+
+            * WebProcess/WebPage/ios/WebPageIOS.mm:
+            (WebKit::WebPage::selectWithGesture):
+            Null check m_currentWordRange before dereferencing it.
+
+2015-01-21  Babak Shafiei  <[email protected]>
+
         Merge r175334.
 
     2014-10-29  Joseph Pecoraro  <[email protected]>

Modified: branches/safari-600.1.4.15-branch/Source/WebKit2/WebProcess/WebPage/ios/WebPageIOS.mm (178813 => 178814)


--- branches/safari-600.1.4.15-branch/Source/WebKit2/WebProcess/WebPage/ios/WebPageIOS.mm	2015-01-21 08:12:09 UTC (rev 178813)
+++ branches/safari-600.1.4.15-branch/Source/WebKit2/WebProcess/WebPage/ios/WebPageIOS.mm	2015-01-21 08:13:04 UTC (rev 178814)
@@ -894,6 +894,8 @@
             m_currentWordRange = Range::create(*frame.document(), range->startPosition(), range->endPosition());
             break;
         case GestureRecognizerState::Changed:
+            if (!m_currentWordRange)
+                break;
             range = Range::create(*frame.document(), m_currentWordRange->startPosition(), m_currentWordRange->endPosition());
             if (position < range->startPosition())
                 range->setStart(position.deepEquivalent(), ASSERT_NO_EXCEPTION);

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to