[webkit-changes] [191605] trunk

Mon, 26 Oct 2015 15:50:40 -0700

Title: [191605] trunk
Revision
191605
Author
[email protected]
Date
2015-10-26 15:49:50 -0700 (Mon, 26 Oct 2015)

Log Message

Null dereference loading Blink layout test editing/execCommand/insert-ordered-list-crash.html
https://bugs.webkit.org/show_bug.cgi?id=150209
<rdar://problem/23137198>

Patch by Jiewen Tan <[email protected]> on 2015-10-26
Reviewed by Chris Dumez.

Source/WebCore:

This is a merge from Blink r168006:
https://codereview.chromium.org/181283002

Test: editing/execCommand/insert-ordered-list-crash.html

* editing/InsertListCommand.cpp:
(WebCore::InsertListCommand::doApply):
setEndingSelection() might change endingSelection(), we should check again.

LayoutTests:

* editing/execCommand/insert-ordered-list-crash-expected.txt: Added.
* editing/execCommand/insert-ordered-list-crash.html: Added.

Modified Paths

Added Paths

Diff

Modified: trunk/LayoutTests/ChangeLog (191604 => 191605)


--- trunk/LayoutTests/ChangeLog	2015-10-26 22:03:55 UTC (rev 191604)
+++ trunk/LayoutTests/ChangeLog	2015-10-26 22:49:50 UTC (rev 191605)
@@ -1,5 +1,16 @@
 2015-10-26  Jiewen Tan  <[email protected]>
 
+        Null dereference loading Blink layout test editing/execCommand/insert-ordered-list-crash.html
+        https://bugs.webkit.org/show_bug.cgi?id=150209
+        <rdar://problem/23137198>
+
+        Reviewed by Chris Dumez.
+
+        * editing/execCommand/insert-ordered-list-crash-expected.txt: Added.
+        * editing/execCommand/insert-ordered-list-crash.html: Added.
+
+2015-10-26  Jiewen Tan  <[email protected]>
+
         Null dereference loading Blink layout test editing/execCommand/insert-html-to-document-element-crash.html
         https://bugs.webkit.org/show_bug.cgi?id=149294
         <rdar://problem/22746657>

Added: trunk/LayoutTests/editing/execCommand/insert-ordered-list-crash-expected.txt (0 => 191605)


--- trunk/LayoutTests/editing/execCommand/insert-ordered-list-crash-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/editing/execCommand/insert-ordered-list-crash-expected.txt	2015-10-26 22:49:50 UTC (rev 191605)
@@ -0,0 +1 @@
+Pass if not crash.

Added: trunk/LayoutTests/editing/execCommand/insert-ordered-list-crash.html (0 => 191605)


--- trunk/LayoutTests/editing/execCommand/insert-ordered-list-crash.html	                        (rev 0)
+++ trunk/LayoutTests/editing/execCommand/insert-ordered-list-crash.html	2015-10-26 22:49:50 UTC (rev 191605)
@@ -0,0 +1,34 @@
+<!DOCTYPE html>
+<html>
+<body>
+    <script>
+        document.addEventListener("DOMContentLoaded", function () {
+            document.execCommand("SelectAll", false);
+            window.getSelection().deleteFromDocument();
+        }, true);
+
+        var count = 0;
+        document.addEventListener("DOMSubtreeModified", function () {
+            count++;
+            if (count < 3) {
+                var src = ""
+                src.contentEditable = "true";
+                src.innerHTML = '<div></div>';
+                document.execCommand('InsertOrderedList', false, false);
+            }
+            else if (count == 6)
+                document.write('Pass if not crash.')
+        }, false);
+
+        if (window.testRunner)
+            testRunner.dumpAsText();
+    </script>
+    <h5>
+        aa
+        <textarea></textarea>
+    </h5>
+    <dl>
+        aa
+    </dl>
+</body>
+</html>
\ No newline at end of file

Modified: trunk/Source/WebCore/ChangeLog (191604 => 191605)


--- trunk/Source/WebCore/ChangeLog	2015-10-26 22:03:55 UTC (rev 191604)
+++ trunk/Source/WebCore/ChangeLog	2015-10-26 22:49:50 UTC (rev 191605)
@@ -1,5 +1,22 @@
 2015-10-26  Jiewen Tan  <[email protected]>
 
+        Null dereference loading Blink layout test editing/execCommand/insert-ordered-list-crash.html
+        https://bugs.webkit.org/show_bug.cgi?id=150209
+        <rdar://problem/23137198>
+
+        Reviewed by Chris Dumez.
+
+        This is a merge from Blink r168006:
+        https://codereview.chromium.org/181283002
+
+        Test: editing/execCommand/insert-ordered-list-crash.html
+
+        * editing/InsertListCommand.cpp:
+        (WebCore::InsertListCommand::doApply):
+        setEndingSelection() might change endingSelection(), we should check again.
+
+2015-10-26  Jiewen Tan  <[email protected]>
+
         Null dereference loading Blink layout test editing/execCommand/insert-html-to-document-element-crash.html
         https://bugs.webkit.org/show_bug.cgi?id=149294
         <rdar://problem/22746657>

Modified: trunk/Source/WebCore/editing/InsertListCommand.cpp (191604 => 191605)


--- trunk/Source/WebCore/editing/InsertListCommand.cpp	2015-10-26 22:03:55 UTC (rev 191604)
+++ trunk/Source/WebCore/editing/InsertListCommand.cpp	2015-10-26 22:49:50 UTC (rev 191605)
@@ -127,8 +127,11 @@
     // FIXME: We paint the gap before some paragraphs that are indented with left 
     // margin/padding, but not others.  We should make the gap painting more consistent and 
     // then use a left margin/padding rule here.
-    if (visibleEnd != visibleStart && isStartOfParagraph(visibleEnd, CanSkipOverEditingBoundary))
+    if (visibleEnd != visibleStart && isStartOfParagraph(visibleEnd, CanSkipOverEditingBoundary)) {
         setEndingSelection(VisibleSelection(visibleStart, visibleEnd.previous(CannotCrossEditingBoundary), endingSelection().isDirectional()));
+        if (!endingSelection().rootEditableElement())
+            return;
+    }
 
     auto& listTag = (m_type == OrderedList) ? olTag : ulTag;
     if (endingSelection().isRange()) {

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to