[Webkit-unassigned] [Bug 16279] New: VisiblePosition::canonicalPosition can wrongly return a Position object with a null m_node
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Dec 3 11:28:48 PST 2007
http://bugs.webkit.org/show_bug.cgi?id=16279
Summary: VisiblePosition::canonicalPosition can wrongly return a
Position object with a null m_node
Product: WebKit
Version: 525+ (Nightly build)
Platform: Macintosh
OS/Version: Mac OS X 10.4
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: HTML Editing
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: andybons at google.com
The only case in which canonicalPosition should ever return a Position object
with a null m_node is when the passed-in Position object has a null m_node
itself. In the case where there is no suitable upstream or downstream
candidate and (!nextIsInSameEditableElement && !prevIsInSameEditableElement)
evaluates to true, it will return Position(), which itself has a null m_node.
This will crash the browser due to a null reference.
This needs a whittled down test case, and I am working on it, but any advice on
how to reach this codepath before I find one would be greatly appreciated.
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list