Commit 7bc041d6 authored by commit-queue@webkit.org's avatar commit-queue@webkit.org
Browse files

Crashes in WebCore::ReplaceSelectionCommand::doApply

https://bugs.webkit.org/show_bug.cgi?id=67762

Patch by Shinya Kawanaka <shinyak@google.com> on 2011-09-08
Reviewed by Ryosuke Niwa.

Source/WebCore:

WebCore::enclosingBlock may return null, but its return value was not checked. This patch checks it.

Tests: editing/inserting/insert-without-enclosing-block.html

* editing/ReplaceSelectionCommand.cpp:
(WebCore::ReplaceSelectionCommand::doApply): Added null check.

LayoutTests:

WebCore::enclosingBlock may return NULL, but its return value was not checked. This patch checks it.

* editing/inserting/insert-without-enclosing-block-expected.txt: Added.
* editing/inserting/insert-without-enclosing-block.html: Added.

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@94793 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent 67f89746
2011-09-08 Shinya Kawanaka <shinyak@google.com>
Crashes in WebCore::ReplaceSelectionCommand::doApply
https://bugs.webkit.org/show_bug.cgi?id=67762
Reviewed by Ryosuke Niwa.
WebCore::enclosingBlock may return NULL, but its return value was not checked. This patch checks it.
* editing/inserting/insert-without-enclosing-block-expected.txt: Added.
* editing/inserting/insert-without-enclosing-block.html: Added.
2011-09-08 Nate Chapin <japhet@chromium.org>
 
Chromium baselines for new tests added in r94775 and r94779.
<feSpotLight><sub id="div" contenteditable="true"><script>
if (window.layoutTestController)
layoutTestController.dumpAsText();
window.getSelection().setPosition(div, 0);
document.execCommand("InsertHTML", false, "<dl>");
document.writeln('This test ensures WebKit does not crash.<br><br>PASS');
</script>
2011-09-08 Shinya Kawanaka <shinyak@google.com>
Crashes in WebCore::ReplaceSelectionCommand::doApply
https://bugs.webkit.org/show_bug.cgi?id=67762
Reviewed by Ryosuke Niwa.
WebCore::enclosingBlock may return null, but its return value was not checked. This patch checks it.
Tests: editing/inserting/insert-without-enclosing-block.html
* editing/ReplaceSelectionCommand.cpp:
(WebCore::ReplaceSelectionCommand::doApply): Added null check.
2011-09-08 Sheriff Bot <webkit.review.bot@gmail.com>
 
Unreviewed, rolling out r94784.
......@@ -994,7 +994,7 @@ void ReplaceSelectionCommand::doApply()
Node* blockStart = enclosingBlock(insertionPos.deprecatedNode());
if ((isListElement(refNode.get()) || (isLegacyAppleStyleSpan(refNode.get()) && isListElement(refNode->firstChild())))
&& blockStart->renderer()->isListItem())
&& blockStart && blockStart->renderer()->isListItem())
refNode = insertAsListItems(refNode, blockStart, insertionPos);
else
insertNodeAtAndUpdateNodesInserted(refNode, insertionPos);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment