[Webkit-unassigned] [Bug 137902] REGRESSION (r165385): Crash when text area exceeded
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Dec 17 17:55:19 PST 2014
https://bugs.webkit.org/show_bug.cgi?id=137902
Darin Adler <darin at apple.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #243466|review? |review-
Flags| |
--- Comment #3 from Darin Adler <darin at apple.com> ---
Comment on attachment 243466
--> https://bugs.webkit.org/attachment.cgi?id=243466
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=243466&action=review
> Source/WebCore/editing/TextIterator.cpp:1098
> - ASSERT(!atEnd());
> + if (atEnd())
> + return nullptr;
It’s the caller’s responsibility to check atEnd(). This is a design change. I don’t think we should change the design of TextIterator. Instead we should fix the caller that is not checking atEnd(). In fact, I think this function should return Ref<Range> and not PassRefPtr<Range> in the future.
> Source/WebCore/editing/TextIterator.cpp:1389
> - ASSERT(!atEnd());
> + if (atEnd())
> + return nullptr;
Ditto.
> Source/WebCore/editing/TextIterator.cpp:1473
> + if (!start)
> + return nullptr;
This should be if (it.atEnd()) return nullptr; *before* calling it.range().
> Source/WebCore/editing/TextIterator.cpp:1479
> + if (!end)
> + return nullptr;
Ditto.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20141218/e779a284/attachment-0002.html>
More information about the webkit-unassigned
mailing list