Commit 8e70816b authored by tony@chromium.org's avatar tony@chromium.org

2010-12-03 Daniel Cheng <dcheng@chromium.org>

        Reviewed by Tony Chang.

        Dragging and dropping into an empty document crashes WebKit.
        https://bugs.webkit.org/show_bug.cgi?id=48793

        Remove the assert and update callers to check for a null return value.

        Test: manual-tests/drop-in-empty-doc.html

        * manual-tests/drop-in-empty-doc.html: Added.
        * manual-tests/resources/drop-in-empty-doc.xhtml: Added.
        * page/DragController.cpp:
        (WebCore::elementUnderMouse):
        (WebCore::DragController::tryDocumentDrag):
        (WebCore::DragController::concludeEditDrag):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@73276 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent b8d82a06
2010-12-03 Daniel Cheng <dcheng@chromium.org>
Reviewed by Tony Chang.
Dragging and dropping into an empty document crashes WebKit.
https://bugs.webkit.org/show_bug.cgi?id=48793
Remove the assert and update callers to check for a null return value.
Test: manual-tests/drop-in-empty-doc.html
* manual-tests/drop-in-empty-doc.html: Added.
* manual-tests/resources/drop-in-empty-doc.xhtml: Added.
* page/DragController.cpp:
(WebCore::elementUnderMouse):
(WebCore::DragController::tryDocumentDrag):
(WebCore::DragController::concludeEditDrag):
2010-12-03 Patrick Gansterer <paroga@webkit.org> 2010-12-03 Patrick Gansterer <paroga@webkit.org>
Reviewed by Andreas Kling. Reviewed by Andreas Kling.
<!DOCTYPE html>
<html>
<body>
<p>Click <a href="javascript:window.open('resources/drop-in-empty-doc.xhtml')">here</a> to open a new window. Drag and drop a file over the new window. It should not crash.
</body>
</html>
...@@ -268,6 +268,7 @@ static HTMLInputElement* asFileInput(Node* node) ...@@ -268,6 +268,7 @@ static HTMLInputElement* asFileInput(Node* node)
return inputElement; return inputElement;
} }
// This can return null if an empty document is loaded.
static Element* elementUnderMouse(Document* documentUnderMouse, const IntPoint& p) static Element* elementUnderMouse(Document* documentUnderMouse, const IntPoint& p)
{ {
Frame* frame = documentUnderMouse->frame(); Frame* frame = documentUnderMouse->frame();
...@@ -284,7 +285,6 @@ static Element* elementUnderMouse(Document* documentUnderMouse, const IntPoint& ...@@ -284,7 +285,6 @@ static Element* elementUnderMouse(Document* documentUnderMouse, const IntPoint&
if (n) if (n)
n = n->shadowAncestorNode(); n = n->shadowAncestorNode();
ASSERT(n);
return static_cast<Element*>(n); return static_cast<Element*>(n);
} }
...@@ -327,6 +327,8 @@ bool DragController::tryDocumentDrag(DragData* dragData, DragDestinationAction a ...@@ -327,6 +327,8 @@ bool DragController::tryDocumentDrag(DragData* dragData, DragDestinationAction a
IntPoint point = frameView->windowToContents(dragData->clientPosition()); IntPoint point = frameView->windowToContents(dragData->clientPosition());
Element* element = elementUnderMouse(m_documentUnderMouse.get(), point); Element* element = elementUnderMouse(m_documentUnderMouse.get(), point);
if (!element)
return false;
if (!asFileInput(element)) { if (!asFileInput(element)) {
VisibleSelection dragCaret = m_documentUnderMouse->frame()->visiblePositionForPoint(point); VisibleSelection dragCaret = m_documentUnderMouse->frame()->visiblePositionForPoint(point);
m_page->dragCaretController()->setSelection(dragCaret); m_page->dragCaretController()->setSelection(dragCaret);
...@@ -386,6 +388,8 @@ bool DragController::concludeEditDrag(DragData* dragData) ...@@ -386,6 +388,8 @@ bool DragController::concludeEditDrag(DragData* dragData)
IntPoint point = m_documentUnderMouse->view()->windowToContents(dragData->clientPosition()); IntPoint point = m_documentUnderMouse->view()->windowToContents(dragData->clientPosition());
Element* element = elementUnderMouse(m_documentUnderMouse.get(), point); Element* element = elementUnderMouse(m_documentUnderMouse.get(), point);
if (!element)
return false;
Frame* innerFrame = element->ownerDocument()->frame(); Frame* innerFrame = element->ownerDocument()->frame();
ASSERT(innerFrame); ASSERT(innerFrame);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment