[Webkit-unassigned] [Bug 109596] New: ASSERT(extractedStyle) in ApplyStyleCommand
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Feb 12 10:39:05 PST 2013
https://bugs.webkit.org/show_bug.cgi?id=109596
Summary: ASSERT(extractedStyle) in ApplyStyleCommand
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Linux
Status: NEW
Severity: Normal
Priority: P2
Component: Tables
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: reni at webkit.org
I've got an assertion faulire in ApplyStyleCommand during HTML fuzzing:
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff418f722 in WebCore::ApplyStyleCommand::removeInlineStyleFromElement (this=0x94d820, style=0x860fd0, element=...,
mode=WebCore::ApplyStyleCommand::RemoveAlways, extractedStyle=0x0)
at /media/reni/8b40ba6d-a6c1-4266-9efc-917096aaf88d/reni/REPOS/webkit/Source/WebCore/editing/ApplyStyleCommand.cpp:879
879 ASSERT(extractedStyle);
Test:
<html>
<body>
<table>
<tr>
<td colspan=2 >Artists: <a href="#">Long chains of selectors</a></td>
</tr>
</table>
<script>
document.designMode = "on";
document.execCommand("SelectAll");
document.execCommand("CreateLink", 0, '#');
</script>
</body>
</html>
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list