138399 – WebContent crash in WebPage::selectWithGesture()

RESOLVED FIXED 138399

WebContent crash in WebPage::selectWithGesture()

https://bugs.webkit.org/show_bug.cgi?id=138399

Summary WebContent crash in WebPage::selectWithGesture()

Jon Honeycutt

Reported 2014-11-04 18:46:41 PST

There is a difficult-to-reproduce null dereference crash that can occur when WebPage::selectWithGesture() receives a “TapAndAHalf” gesture with state “Changed” when having never received a “TapAndAHalf” gesture with state “Began”. To reproduce: 1. Go to data:text/html,<input> 2. Continuously tap, and tap-press into the text field while simultaneously typing <rdar://problem/18550631>

Attachments
Patch (1.89 KB, patch) 2014-11-04 18:49 PST, Jon Honeycutt	simon.fraser: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Jon Honeycutt

Comment 1 2014-11-04 18:49:12 PST

Created attachment 240995 [details] Patch

Jon Honeycutt

Comment 2 2014-11-05 12:55:15 PST

Committed r175636: <http://trac.webkit.org/changeset/175636>

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware Unspecified

OS Unspecified

Product WebKit

Component WebKit Misc.

Assignee

Jon Honeycutt

Reported

2014-11-04 18:46 PST

Modified

2014-11-05 12:55 PST History

CC List

2 users Show

URL

Keywords

Depends on

Blocks