Bug 138399

Summary:

WebContent crash in WebPage::selectWithGesture()

Product:

WebKit

Reporter:

Jon Honeycutt <jhoneycutt>

Component:

WebKit Misc.

Assignee:

Jon Honeycutt <jhoneycutt>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

benjamin, enrica

Priority:

Version:

528+ (Nightly build)

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
Patch	simon.fraser: review+

Jon Honeycutt

Reported 2014-11-04 18:46:41 PST

There is a difficult-to-reproduce null dereference crash that can occur when WebPage::selectWithGesture() receives a “TapAndAHalf” gesture with state “Changed” when having never received a “TapAndAHalf” gesture with state “Began”. To reproduce: 1. Go to data:text/html,<input> 2. Continuously tap, and tap-press into the text field while simultaneously typing <rdar://problem/18550631>

Attachments
Patch (1.89 KB, patch) 2014-11-04 18:49 PST, Jon Honeycutt	simon.fraser: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Jon Honeycutt

Comment 1 2014-11-04 18:49:12 PST

Created attachment 240995 [details] Patch

Jon Honeycutt

Comment 2 2014-11-05 12:55:15 PST

Committed r175636: <http://trac.webkit.org/changeset/175636>

Note You need to log in before you can comment on or make changes to this bug.