[Webkit-unassigned] [Bug 53267] NULL pointer crash in TextIterator::handleTextBox()
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Jan 28 12:22:30 PST 2011
https://bugs.webkit.org/show_bug.cgi?id=53267
Eric Seidel <eric at webkit.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #80378|review? |review+, commit-queue+
Flag| |
--- Comment #2 from Eric Seidel <eric at webkit.org> 2011-01-28 12:22:30 PST ---
(From update of attachment 80378)
View in context: https://bugs.webkit.org/attachment.cgi?id=80378&action=review
Looks sane.
> Source/WebCore/editing/TextIterator.cpp:546
> + InlineTextBox* firstTextBox = renderer->containsReversedText() ? (m_sortedTextBoxes.isEmpty() ? 0 : m_sortedTextBoxes[0]) : renderer->firstTextBox();
vector really wants a version of it's .at() call which can handle oversized indicies and return a defautl value.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list