Summary: | Correct nullptr deref in selection handling | ||||||
---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Brent Fulgham <bfulgham> | ||||
Component: | HTML Editing | Assignee: | Brent Fulgham <bfulgham> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | Normal | CC: | bfulgham, cdumez, rniwa, wenson_hsieh | ||||
Priority: | P2 | Keywords: | InRadar | ||||
Version: | WebKit Nightly Build | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Attachments: |
|
Description
Brent Fulgham
2017-10-11 15:39:06 PDT
Created attachment 323480 [details]
Patch
Comment on attachment 323480 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=323480&action=review > Source/WebCore/page/DOMSelection.cpp:397 > + auto visibleSelection = selection.selection(); > + if (visibleSelection.isNoneOrOrphaned()) > + return false; There's no reason to check this condition if we're checking null-ty of toNormalizedRange. Please remove it. Committed r223228: <https://trac.webkit.org/changeset/223228> |