[Webkit-unassigned] [Bug 16279] New: VisiblePosition::canonicalPosition can wrongly return a Position object with a null m_node

Mon Dec 3 11:28:48 PST 2007

http://bugs.webkit.org/show_bug.cgi?id=16279

           Summary: VisiblePosition::canonicalPosition can wrongly return a
                    Position object with a null m_node
           Product: WebKit
           Version: 525+ (Nightly build)
          Platform: Macintosh
        OS/Version: Mac OS X 10.4
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: HTML Editing
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: andybons at google.com

The only case in which canonicalPosition should ever return a Position object
with a null m_node is when the passed-in Position object has a null m_node
itself.  In the case where there is no suitable upstream or downstream
candidate and (!nextIsInSameEditableElement && !prevIsInSameEditableElement)
evaluates to true, it will return Position(), which itself has a null m_node. 
This will crash the browser due to a null reference.

This needs a whittled down test case, and I am working on it, but any advice on
how to reach this codepath before I find one would be greatly appreciated.

-- 
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.