[webkit-reviews] review granted: [Bug 53267] NULL pointer crash in TextIterator::handleTextBox() : [Attachment 80378] Proposed patch to check for empty vector as above.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Jan 28 12:22:29 PST 2011
Eric Seidel <eric at webkit.org> has granted Thomas Sepez <tsepez at chromium.org>'s
request for review:
Bug 53267: NULL pointer crash in TextIterator::handleTextBox()
https://bugs.webkit.org/show_bug.cgi?id=53267
Attachment 80378: Proposed patch to check for empty vector as above.
https://bugs.webkit.org/attachment.cgi?id=80378&action=review
------- Additional Comments from Eric Seidel <eric at webkit.org>
View in context: https://bugs.webkit.org/attachment.cgi?id=80378&action=review
Looks sane.
> Source/WebCore/editing/TextIterator.cpp:546
> + InlineTextBox* firstTextBox = renderer->containsReversedText() ?
(m_sortedTextBoxes.isEmpty() ? 0 : m_sortedTextBoxes[0]) :
renderer->firstTextBox();
vector really wants a version of it's .at() call which can handle oversized
indicies and return a defautl value.
More information about the webkit-reviews
mailing list