[Webkit-unassigned] [Bug 161947] null m_lastNodeInserted dereference at ReplaceSelectionCommand::InsertedNodes::lastLeafInserted
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Sep 13 23:34:25 PDT 2016
https://bugs.webkit.org/show_bug.cgi?id=161947
Fujii Hironori <Hironori.Fujii at sony.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|[GTK] SIGSEGV at |null m_lastNodeInserted
|WebCore::Node::lastDescenda |dereference at
|nt in |ReplaceSelectionCommand::In
|editing/inserting/insert-ta |sertedNodes::lastLeafInsert
|ble-in-paragraph-crash.html |ed
Component|WebKit Gtk |HTML Editing
--- Comment #2 from Fujii Hironori <Hironori.Fujii at sony.com> ---
m_lastNodeInserted was null at ReplaceSelectionCommand::InsertedNodes::lastLeafInserted.
I've confirmed this problem happens even in debug build of Gtk port If I apply following patch,
> --- a/Source/WebCore/editing/ReplaceSelectionCommand.h
> +++ b/Source/WebCore/editing/ReplaceSelectionCommand.h
> @@ -68,7 +68,10 @@ private:
> void didReplaceNode(Node*, Node* newNode);
>
> Node* firstNodeInserted() const { return m_firstNodeInserted.get(); }
> - Node* lastLeafInserted() const { return m_lastNodeInserted->lastDescendant(); }
> + Node* lastLeafInserted() const {
> + ASSERT(m_lastNodeInserted);
> + return m_lastNodeInserted->lastDescendant();
> + }
> Node* pastLastLeaf() const
> {
> if (m_lastNodeInserted) {
This bug doesn't seem Gtk port specific.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160914/fb57e000/attachment.html>
More information about the webkit-unassigned
mailing list