[Webkit-unassigned] [Bug 143188] AX: WebKitWebProcess crashes in a11y code for some websites
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Nov 16 14:01:21 PST 2022
https://bugs.webkit.org/show_bug.cgi?id=143188
--- Comment #5 from Ahmad Saleem <ahmad.saleem792 at gmail.com> ---
(In reply to Tyler Wilcock from comment #4)
> (In reply to Ahmad Saleem from comment #2)
> > It is something which was detected by fuzzer in Chrome / Blink and fixed in
> > this commit:
> >
> > Link - https://src.chromium.org/viewvc/blink?view=revision&revision=194543
> >
> > https://github.com/WebKit/WebKit/blob/
> > d5220e254917f82a86e5d6235224f82a03d25acb/Source/WebCore/accessibility/
> > AccessibilityMenuList.cpp#L45
> >
> > Adding
> >
> > if(!renderer)
> > return false;
> >
> > https://github.com/WebKit/WebKit/blob/
> > d5220e254917f82a86e5d6235224f82a03d25acb/Source/WebCore/accessibility/
> > AccessibilityMenuList.cpp#L89
> >
> > Adding
> >
> > if (!renderer)
> > return true;
> >
> > It fixed crashes in - AccessibilityMenuList::isCollapsed
> Both of your suggested changes sound good to me. Would you be interested in
> submitting a patch for them?
>
> Also, were you able to reproduce this crash? Your comment implies so, but
> want to confirm.
Nah! I didn't checked or tried to reproduce, I was just looking through some bugs and came across fix for it. I just thought to post, I am happy to do PR.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20221116/6f601360/attachment.htm>
More information about the webkit-unassigned
mailing list