Bug 77195

Summary:

NULL ptr in WebCore::Node::rendererIsEditable

Product:

WebKit

Reporter:

Berend-Jan Wever <skylined>

Component:

HTML Editing

Assignee:

Nobody <webkit-unassigned>

Status:

NEW

Severity:

Normal

CC:

rniwa

Priority:

P1

Version:

528+ (Nightly build)

Hardware:

PC

OS:

Windows Vista

Attachments:

Description	Flags
Demo	none

Berend-Jan Wever

Reported 2012-01-27 01:38:55 PST

Chromium: http://code.google.com/p/chromium/issues/detail?id=111607 Detailed report: https://cluster-fuzz.appspot.com/testcase?key=15758645 Uploader: skylined@chromium.org Crash Type: UNKNOWN Crash Address: 0x000000000028 Crash State: - crash stack - WebCore::Node::rendererIsEditable WebCore::ReplaceSelectionCommand::removeRedundantStylesAndKeepStyleSpanInline WebCore::ReplaceSelectionCommand::doApply Regressed: https://cluster-fuzz.appspot.com/revisions?range=115632:115640 Minimized Testcase (1.18 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95JprKCXFnziDHRjrgTIGX4sNiMI6UeNc1qD3KmBAiNjakU-jSahnSuaoWb5-j4SYUNo-ZhOTZmjDfk8j8bfhI-xd3J6V6-gfZz0OqqyPaSWxYouH2zHUcfYVusvjQ9Gz_xskC16hVaCtqrbLl85DDxjOmQNw

Attachments
Demo (1.19 KB, text/html) 2012-10-01 15:30 PDT, Ryosuke Niwa	no flags	Details
View All Add attachment proposed patch, testcase, etc.

Ryosuke Niwa

Comment 1 2012-10-01 15:30:13 PDT

Created attachment 166558 [details] Demo

Note You need to log in before you can comment on or make changes to this bug.