[Webkit-unassigned] [Bug 193996] New: iOS: Nullptr crash in WebPage::getPositionInformation dereferencing an input element for data list
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Jan 29 16:37:09 PST 2019
https://bugs.webkit.org/show_bug.cgi?id=193996
Bug ID: 193996
Summary: iOS: Nullptr crash in WebPage::getPositionInformation
dereferencing an input element for data list
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: WebKit2
Assignee: webkit-unassigned at lists.webkit.org
Reporter: rniwa at webkit.org
We're crashing in the middle in the following code because hitNode can be nullptr here.
#if ENABLE(DATALIST_ELEMENT)
if (is<HTMLInputElement>(*hitNode)) {
const HTMLInputElement& input = downcast<HTMLInputElement>(*hitNode);
if (input.list()) {
HitTestResult result = m_page->mainFrame().eventHandler().hitTestResultAtPoint(request.point, HitTestRequest::ReadOnly | HitTestRequest::Active);
if (result.innerNode() == input.dataListButtonElement())
info.preventTextInteraction = true;
}
}
#endif
<rdar://problem/31247273>
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20190130/e69d8f9f/attachment-0001.html>
More information about the webkit-unassigned
mailing list