Issue 6542053: Merge 78168 - 2011-02-09 Ryosuke Niwa <rniwa@webkit.org>...

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Issue 6542053: Merge 78168 - 2011-02-09 Ryosuke Niwa <rniwa@webkit.org>... (Closed)

Created:
9 years, 10 months ago by rniwa-cr

Modified:
9 years, 6 months ago

Reviewers:
rniwa

CC:
chromium-reviews

Base URL:
http://svn.webkit.org/repository/webkit/branches/chromium/648/

Visibility:
Public.

Description

Merge 78168 - 2011-02-09 Ryosuke Niwa <rniwa@webkit.org>; Reviewed by Darin Adler. REGRESSION(r76107): Crash in VisibleSelection::toNormalizedRange https://bugs.webkit.org/show_bug.cgi?id=54053 The bug was caused by RenderBlock::positionForPoint's improperly returning a shadow node inside RenderFileUploadControl for hit testing and VisibleSelection::toNormalizedRange's always assuming the position variable "s" is not null. Fixed the bug by always returning a null position from RenderFileUploadControl::positionForPoint, and also exiting early when either "s" or "e" is null in VisibleSelection::toNormalizedRange. Test: fast/forms/file-input-hit-test.html * editing/VisibleSelection.cpp: (WebCore::VisibleSelection::toNormalizedRange): * rendering/RenderFileUploadControl.cpp: (WebCore::RenderFileUploadControl::positionForPoint): * rendering/RenderFileUploadControl.h: 2011-02-09 Ryosuke Niwa <rniwa@webkit.org>; Reviewed by Darin Adler. REGRESSION(r76107): Crash in VisibleSelection::toNormalizedRange https://bugs.webkit.org/show_bug.cgi?id=54053 Added a test to ensure WebKit does not crash when a user clicks on a region immediately after a file upload control. * fast/forms/file-input-hit-test-expected.txt: Added. * fast/forms/file-input-hit-test.html: Added. TBR=rniwa@webkit.org Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=79264

Patch Set 1 #

Created: 9 years, 10 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Stats (+9 lines, --1 lines)			Patch
A +	LayoutTests/fast/forms/file-input-hit-test.html	View	0 chunks	+-1 lines, --1 lines	0 comments	Download
A +	LayoutTests/fast/forms/file-input-hit-test-expected.txt	View	0 chunks	+-1 lines, --1 lines	0 comments	Download
M	Source/WebCore/editing/VisibleSelection.cpp	View	1 chunk	+3 lines, -0 lines	0 comments	Download
M	Source/WebCore/rendering/RenderFileUploadControl.h	View	2 chunks	+3 lines, -1 line	0 comments	Download
M	Source/WebCore/rendering/RenderFileUploadControl.cpp	View	1 chunk	+5 lines, -0 lines	0 comments	Download

Messages

Total messages: 1 (0 generated)

Expand Messages | Collapse Messages