Skip to site navigation (Press enter)

[webkit-changes] [191603] trunk

commit-queue Mon, 26 Oct 2015 15:02:00 -0700

Title: [191603] trunk

Revision: 191603
Author: [email protected]
Date: 2015-10-26 15:01:03 -0700 (Mon, 26 Oct 2015)

Log Message

Null dereference loading Blink layout test editing/execCommand/indent-nested-blockquotes-crash.html
https://bugs.webkit.org/show_bug.cgi?id=149291
<rdar://problem/22746473>


Patch by Jiewen Tan <[email protected]> on 2015-10-26
Reviewed by Darin Adler.

Source/WebCore:

This is a merge of Blink r172967:
https://codereview.chromium.org/251723003

Test: editing/execCommand/indent-nested-blockquotes-crash.html

* editing/CompositeEditCommand.cpp:
(WebCore::CompositeEditCommand::insertNodeAfter):

LayoutTests:

* editing/execCommand/indent-nested-blockquotes-crash-expected.txt: Added.
* editing/execCommand/indent-nested-blockquotes-crash.html: Added.

Modified Paths

trunk/LayoutTests/ChangeLog
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/editing/CompositeEditCommand.cpp

Added Paths

trunk/LayoutTests/editing/execCommand/indent-nested-blockquotes-crash-expected.txt
trunk/LayoutTests/editing/execCommand/indent-nested-blockquotes-crash.html

Diff

Modified: trunk/LayoutTests/ChangeLog (191602 => 191603)


--- trunk/LayoutTests/ChangeLog	2015-10-26 21:45:59 UTC (rev 191602)
+++ trunk/LayoutTests/ChangeLog	2015-10-26 22:01:03 UTC (rev 191603)
@@ -1,5 +1,16 @@
 2015-10-26  Jiewen Tan  <[email protected]>
 
+        Null dereference loading Blink layout test editing/execCommand/indent-nested-blockquotes-crash.html
+        https://bugs.webkit.org/show_bug.cgi?id=149291
+        <rdar://problem/22746473>
+
+        Reviewed by Darin Adler.
+
+        * editing/execCommand/indent-nested-blockquotes-crash-expected.txt: Added.
+        * editing/execCommand/indent-nested-blockquotes-crash.html: Added.
+
+2015-10-26  Jiewen Tan  <[email protected]>
+
         Null dereference loading Blink layout test editing/execCommand/indent-inline-box-crash.html
         https://bugs.webkit.org/show_bug.cgi?id=149290
         <rdar://problem/22746435>

Added: trunk/LayoutTests/editing/execCommand/indent-nested-blockquotes-crash-expected.txt (0 => 191603)


--- trunk/LayoutTests/editing/execCommand/indent-nested-blockquotes-crash-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/editing/execCommand/indent-nested-blockquotes-crash-expected.txt	2015-10-26 22:01:03 UTC (rev 191603)
@@ -0,0 +1 @@
+Pass if not crash.

Added: trunk/LayoutTests/editing/execCommand/indent-nested-blockquotes-crash.html (0 => 191603)


--- trunk/LayoutTests/editing/execCommand/indent-nested-blockquotes-crash.html	                        (rev 0)
+++ trunk/LayoutTests/editing/execCommand/indent-nested-blockquotes-crash.html	2015-10-26 22:01:03 UTC (rev 191603)
@@ -0,0 +1,22 @@
+<!DOCTYPE html>
+<html>
+<head>
+<style>
+* { display: -webkit-inline-box; }
+.CLASS11 { float: right; }
+</style>
+<script>
+if (window.testRunner)
+    testRunner.dumpAsText();
+
+window._onload_ = function () {
+    document.designMode = 'on';
+    document.execCommand('SelectAll', false)
+    document.execCommand('Indent', false, false);
+    document.execCommand('Indent', false, false);
+    document.documentElement.innerHTML = 'Pass if not crash.';
+};
+</script>
+</head>
+<body>aaa<div class="CLASS11"></div><div>bbb</div></body>
+</html>
\ No newline at end of file

Modified: trunk/Source/WebCore/ChangeLog (191602 => 191603)


--- trunk/Source/WebCore/ChangeLog	2015-10-26 21:45:59 UTC (rev 191602)
+++ trunk/Source/WebCore/ChangeLog	2015-10-26 22:01:03 UTC (rev 191603)
@@ -1,3 +1,19 @@
+2015-10-26  Jiewen Tan  <[email protected]>
+
+        Null dereference loading Blink layout test editing/execCommand/indent-nested-blockquotes-crash.html
+        https://bugs.webkit.org/show_bug.cgi?id=149291
+        <rdar://problem/22746473>
+
+        Reviewed by Darin Adler.
+
+        This is a merge of Blink r172967:
+        https://codereview.chromium.org/251723003
+
+        Test: editing/execCommand/indent-nested-blockquotes-crash.html
+
+        * editing/CompositeEditCommand.cpp:
+        (WebCore::CompositeEditCommand::insertNodeAfter):
+
 2015-10-26  Brady Eidson  <[email protected]>
 
         Modern IDB: Backing store objectStores (plumbing for b/150468).

Modified: trunk/Source/WebCore/editing/CompositeEditCommand.cpp (191602 => 191603)


--- trunk/Source/WebCore/editing/CompositeEditCommand.cpp	2015-10-26 21:45:59 UTC (rev 191602)
+++ trunk/Source/WebCore/editing/CompositeEditCommand.cpp	2015-10-26 22:01:03 UTC (rev 191603)
@@ -350,7 +350,9 @@
     ASSERT(insertChild);
     ASSERT(refChild);
     ContainerNode* parent = refChild->parentNode();
-    ASSERT(parent);
+    if (!parent)
+        return;
+
     ASSERT(!parent->isShadowRoot());
     if (parent->lastChild() == refChild)
         appendNode(insertChild, parent);

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes