Bug 20298
| Summary: | NULL pointer crash triggered by execCommand | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Berend-Jan Wever <skylined> |
| Component: | New Bugs | Assignee: | Nobody <webkit-unassigned> |
| Status: | RESOLVED WORKSFORME | ||
| Severity: | Critical | CC: | aroben |
| Priority: | P2 | Keywords: | InRadar |
| Version: | 525.x (Safari 3.1) | ||
| Hardware: | PC | ||
| OS: | Windows Vista | ||
| URL: | http://skypher.com/SkyLined/Repro/Safari/AccessViolationRead%5B18%5D@WebKit+2e33e2%20%23a68321a8/repro.html | ||
Berend-Jan Wever
A NULL pointer is triggered by loading the follow HTML:
<BODY></BODY>
<SCRIPT>
document.execCommand('SelectAll');
document.designMode = 'on';
document.execCommand('insertparagraph');
document.execCommand('JustifyNone');
document.execCommand('InsertOrderedList');
document.execCommand('InsertHTML', false, '<tr>')
document.execCommand('indent');
setTimeout(function () {
document.execCommand('inserthorizontalrule');
document.execCommand('undo');
document.execCommand('selectall');
document.execCommand('RemoveFormat');
}, 1);
</SCRIPT>
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Mark Rowe (bdash)
<rdar://problem/6131018>
Adam Roben (:aroben)
Thanks for the bug report! Can you please try this in a nightly build from <http://nightly.webkit.org/>?
Mark Rowe (bdash)
Reporter, can you please test this in a nightly build as requested? This appears to have been fixed, and would like confirmation that it does not occur for you in a recent nightly build.
Berend-Jan Wever
Tested in nightly - does not repro. I'm closing this bug.