[Webkit-unassigned] [Bug 115677] New: FrameView::setFrameRect can crash when ENABLE(TEXT_AUTOSIZING)
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon May 6 14:34:20 PDT 2013
https://bugs.webkit.org/show_bug.cgi?id=115677
Summary: FrameView::setFrameRect can crash when
ENABLE(TEXT_AUTOSIZING)
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: Text
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: mlattanzio at blackberry.com
The #if ENABLE(TEXT_AUTOSIZING) block of FrameView::setFrameRect looks incorrect.
It loops over all of the frames in the page, but it uses m_frame instead of the loop variable.
Also, it's possible for frame->document() to return 0 on BlackBerry anyway and I suspect that's the case on other ports as well.
We need to check frame->document() before calling frame->document()->textAutosizer()->recalculateMultipliers().
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list