[Webkit-unassigned] [Bug 28710] Copy some forms of text causes Webkit crash in CSSStyleDeclaration::copyPropertiesInSet
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Aug 31 20:25:35 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=28710
--- Comment #9 from Ryosuke Niwa <rniwa at webkit.org> 2009-08-31 20:25:35 PDT ---
In createMarkup, specialCommonAncestor is null normally but it's set to the
html element with text-decoration: inherit property on html element.
The problem is caused by the line 950 of markup.cpp where we find the highest
enclosing node, which is presentational.
On the line 712, we check whether text decoration exist or not by checking
whether it's equal to none or inherit. But we should also ignore inherit
because inherit = none for the purpose of this function.
return !propertyMissingOrEqualToNone(style.get(), CSSPropertyTextDecoration);
http://trac.webkit.org/browser/trunk/WebCore/editing/markup.cpp#L948
http://trac.webkit.org/browser/trunk/WebCore/editing/markup.cpp#L704
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list