[webkit-reviews] review granted: [Bug 234862] null ptr deref in WebCore::ModifySelectionListLevelCommand::appendSiblingNodeRange : [Attachment 448558] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sat Jan 8 10:17:07 PST 2022
Darin Adler <darin at apple.com> has granted Gabriel Nava Marino
<gnavamarino at apple.com>'s request for review:
Bug 234862: null ptr deref in
WebCore::ModifySelectionListLevelCommand::appendSiblingNodeRange
https://bugs.webkit.org/show_bug.cgi?id=234862
Attachment 448558: Patch
https://bugs.webkit.org/attachment.cgi?id=448558&action=review
--- Comment #12 from Darin Adler <darin at apple.com> ---
Comment on attachment 448558
--> https://bugs.webkit.org/attachment.cgi?id=448558
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=448558&action=review
> Source/WebCore/editing/VisibleUnits.cpp:1199
> + if (r->isBR() || is<HTMLBRElement>(n) || isBlock(n))
Is there a correctness implication here? Can a <br> element be styled so it is
inline and not a block? Just want to be cautious about testing only the
crashing aspect of this.
More information about the webkit-reviews
mailing list