109596 – ASSERT(extractedStyle) in ApplyStyleCommand::removeInlineStyleFromElement

RESOLVED DUPLICATE of bug 119672 109596

ASSERT(extractedStyle) in ApplyStyleCommand::removeInlineStyleFromElement

https://bugs.webkit.org/show_bug.cgi?id=109596

Summary ASSERT(extractedStyle) in ApplyStyleCommand::removeInlineStyleFromElement

Renata Hodovan

Reported 2013-02-12 10:41:19 PST

I've got an assertion faulire in ApplyStyleCommand during HTML fuzzing: Program received signal SIGSEGV, Segmentation fault. 0x00007ffff418f722 in WebCore::ApplyStyleCommand::removeInlineStyleFromElement (this=0x94d820, style=0x860fd0, element=..., mode=WebCore::ApplyStyleCommand::RemoveAlways, extractedStyle=0x0) at /media/reni/8b40ba6d-a6c1-4266-9efc-917096aaf88d/reni/REPOS/webkit/Source/WebCore/editing/ApplyStyleCommand.cpp:879 879 ASSERT(extractedStyle); Test: <html> <body> <table> <tr> <td colspan=2 >Artists: <a href="#">Long chains of selectors</a></td> </tr> </table> <script> document.designMode = "on"; document.execCommand("SelectAll"); document.execCommand("CreateLink", 0, '#'); </script> </body> </html>

Attachments
Add attachment proposed patch, testcase, etc.

Renata Hodovan

Comment 1 2013-08-30 05:09:55 PDT

*** This bug has been marked as a duplicate of bug 119672 ***

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution DUPLICATE

of bug 119672

Priority P2

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware Unspecified

OS Linux

Product WebKit

Component Tables

Assignee

Nobody

Reported

2013-02-12 10:41 PST

Modified

2013-08-30 05:09 PDT History

CC List

2 users Show

URL

Keywords

Depends on

Blocks

116980

Dependencies

tree graph