RESOLVED FIXED Bug 31023
Safari crashes when calling execCommand on formatted html in special case 
https://bugs.webkit.org/show_bug.cgi?id=31023
Summary Safari crashes when calling execCommand on formatted html in special case
Enrica Casucci
Reported 2009-11-02 11:52:07 PST
Imagine to use your WebMail allowing to compose a message in HTML format. You obtain a new message and wants to reply, so: 1. have specially crafted HTML text, e.g.: <span> Line 1. <br> <b>Select all text in this line and use justify command. Actual result: Safari crashes.</b> <br> Line 3. </span> 2. select all text in the 2nd line 3. try to center the line: document.execCommand('JustifyCenter', false, null) is called Actual result: unexpected crash
Attachments
Patch (4.20 KB, patch)
2009-11-02 11:58 PST, Enrica Casucci 		adele: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Enrica Casucci
Comment 1 2009-11-02 11:58:23 PST
Created attachment 42332 [details] Patch
Adele Peterson
Comment 2 2009-11-02 12:01:16 PST
Comment on attachment 42332 [details] Patch You should add a newline at the end of your test to prevent that warning. r=me!
mitz
Comment 3 2009-11-02 12:01:54 PST
Comment on attachment 42332 [details] Patch > + RenderObject* cb = containingBlock(); > + if (cb) > + cb->setSelectionState(state); We usually combine such cases into if (RenderObject* cb = containingBlock()) cb->setSelectionState(state); I think you can also use a RenderBlock* because that’s the return type of containingBlock(). > +</html> > \ No newline at end of file Please add a newline.
Enrica Casucci
Comment 4 2009-11-02 17:07:50 PST
Committed revision 50433.
Note You need to log in before you can comment on or make changes to this bug.