Skip to site navigation (Press enter)

[webkit-changes] [196110] trunk/Tools

carlosgc Wed, 03 Feb 2016 23:35:11 -0800

Title: [196110] trunk/Tools

Revision: 196110
Author: [email protected]
Date: 2016-02-03 23:34:55 -0800 (Wed, 03 Feb 2016)

Log Message

[WTR] Crash in EventSendingController::contextClick() when context menu event is not handled
https://bugs.webkit.org/show_bug.cgi?id=153835


Reviewed by Martin Robinson.

WKBundlePageCopyContextMenuAtPointInWindow() returns nullptr when
the context menu event is not hanlded, but we are using the
returned value without null checking it.

* WebKitTestRunner/InjectedBundle/EventSendingController.cpp:
(WTR::EventSendingController::contextClick):

Modified Paths

trunk/Tools/ChangeLog
trunk/Tools/WebKitTestRunner/InjectedBundle/EventSendingController.cpp

Diff

Modified: trunk/Tools/ChangeLog (196109 => 196110)


--- trunk/Tools/ChangeLog	2016-02-04 06:07:21 UTC (rev 196109)
+++ trunk/Tools/ChangeLog	2016-02-04 07:34:55 UTC (rev 196110)
@@ -1,3 +1,17 @@
+2016-02-03  Carlos Garcia Campos  <[email protected]>
+
+        [WTR] Crash in EventSendingController::contextClick() when context menu event is not handled
+        https://bugs.webkit.org/show_bug.cgi?id=153835
+
+        Reviewed by Martin Robinson.
+
+        WKBundlePageCopyContextMenuAtPointInWindow() returns nullptr when
+        the context menu event is not hanlded, but we are using the
+        returned value without null checking it.
+
+        * WebKitTestRunner/InjectedBundle/EventSendingController.cpp:
+        (WTR::EventSendingController::contextClick):
+
 2016-02-03  Jason Marcell  <[email protected]>
 
         Format revisions for display according to repository type

Modified: trunk/Tools/WebKitTestRunner/InjectedBundle/EventSendingController.cpp (196109 => 196110)


--- trunk/Tools/WebKitTestRunner/InjectedBundle/EventSendingController.cpp	2016-02-04 06:07:21 UTC (rev 196109)
+++ trunk/Tools/WebKitTestRunner/InjectedBundle/EventSendingController.cpp	2016-02-04 07:34:55 UTC (rev 196110)
@@ -554,6 +554,9 @@
     WKRetainPtr<WKArrayRef> menuEntries = adoptWK(WKBundlePageCopyContextMenuAtPointInWindow(page, m_position));
 #endif
     JSValueRef arrayResult = JSObjectMakeArray(context, 0, 0, 0);
+    if (!menuEntries)
+        return arrayResult;
+
     JSObjectRef arrayObj = JSValueToObject(context, arrayResult, 0);
     size_t entriesSize = WKArrayGetSize(menuEntries.get());
     for (size_t i = 0; i < entriesSize; ++i) {

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes