RESOLVED FIXED 193996
iOS: Nullptr crash in WebPage::getPositionInformation dereferencing an input element for data list 
https://bugs.webkit.org/show_bug.cgi?id=193996
Summary iOS: Nullptr crash in WebPage::getPositionInformation dereferencing an input ...
Ryosuke Niwa
Reported 2019-01-29 16:37:09 PST
We're crashing in the middle in the following code because hitNode can be nullptr here. #if ENABLE(DATALIST_ELEMENT) if (is<HTMLInputElement>(*hitNode)) { const HTMLInputElement& input = downcast<HTMLInputElement>(*hitNode); if (input.list()) { HitTestResult result = m_page->mainFrame().eventHandler().hitTestResultAtPoint(request.point, HitTestRequest::ReadOnly | HitTestRequest::Active); if (result.innerNode() == input.dataListButtonElement()) info.preventTextInteraction = true; } } #endif <rdar://problem/31247273>
Attachments
Fixes the bug (1.49 KB, patch)
2019-01-29 16:38 PST, Ryosuke Niwa 		no flags
DetailsFormatted DiffDiff
Patch for landing (1.47 KB, patch)
2019-01-29 16:39 PST, Ryosuke Niwa 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Ryosuke Niwa
Comment 1 2019-01-29 16:38:08 PST
Created attachment 360524 [details] Fixes the bug
Wenson Hsieh
Comment 2 2019-01-29 16:39:07 PST
Comment on attachment 360524 [details] Fixes the bug View in context: https://bugs.webkit.org/attachment.cgi?id=360524&action=review > Source/WebKit/WebProcess/WebPage/ios/WebPageIOS.mm:2251 > + if (hitNode && is<HTMLInputElement>(*hitNode)) { Let's just check is<HTMLInputElement>(hitNode).
Ryosuke Niwa
Comment 3 2019-01-29 16:39:41 PST
Created attachment 360525 [details] Patch for landing
Ryosuke Niwa
Comment 4 2019-01-29 16:40:00 PST
Comment on attachment 360525 [details] Patch for landing Wait for EWS.
Ryosuke Niwa
Comment 5 2019-01-29 18:55:05 PST
Committed r240702: <https://trac.webkit.org/changeset/240702>
Note You need to log in before you can comment on or make changes to this bug.