Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(427)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 212323004: Don't use dangling reference in ReplaceSelectionCommand::removeRedundantStylesAndKeepStyleSpanInline (Closed)

Created:
6 years, 9 months ago by yosin_UTC9
Modified:
6 years, 8 months ago
Reviewers:
Yuta Kitamura
CC:
blink-reviews
Visibility:
Public.

Description

Don't use dangling reference in ReplaceSelectionCommand::removeRedundantStylesAndKeepStyleSpanInline This patch changes to avoid dangling reference in ReplaceSelectionCommand::removeRedundantStylesAndKeepStyleSpanInline(). In this function, we hold pointer to inlineStyle member in ElemendData from |node|. The |node| doesn't change in loop body unless it doesn't have a self-conflicting inline style, e.g. <b style="font-weight: normal">. In this case, we should update |inlineStyle| variable to new value from ElementData of newly created element. Note: Attached test case is failed only on ASAN build by heap-use-after-free. BUG=356517 TEST=LayoutTests/editing/execCommand/remove-redundant-styles-and-keep-style-span-inline-crashed.html Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=170133

Patch Set 1 #

Total comments: 2

Patch Set 2 : 2014-03-27T12:28:22 #

Unified diffs Side-by-side diffs Delta from patch set Stats (+23 lines, -0 lines) Patch
A LayoutTests/editing/execCommand/remove-redundant-styles-and-keep-style-span-inline-crashed.html View 1 1 chunk +21 lines, -0 lines 0 comments Download
A LayoutTests/editing/execCommand/remove-redundant-styles-and-keep-style-span-inline-crashed-expected.txt View 1 1 chunk +1 line, -0 lines 0 comments Download
M Source/core/editing/ReplaceSelectionCommand.cpp View 1 chunk +1 line, -0 lines 0 comments Download

Messages

Total messages: 8 (0 generated)
Yuta Kitamura
Is this ready for review?
6 years, 8 months ago (2014-03-27 01:50:15 UTC) #1
yosin_UTC9
Could you review this patch? Thanks in advance.
6 years, 8 months ago (2014-03-27 01:50:27 UTC) #2
yosin_UTC9
Note: linux-asan-bot failures aren't related to this patch.
6 years, 8 months ago (2014-03-27 01:51:30 UTC) #3
Yuta Kitamura
Just lots of wordsmithing; LGTM. Please wrap the change description for each 80-ish characters. In ...
6 years, 8 months ago (2014-03-27 02:03:22 UTC) #4
yosin_UTC9
Thanks! committing... https://codereview.chromium.org/212323004/diff/1/LayoutTests/editing/execCommand/remove-redundant-styles-and-keep-style-span-inline-crashed.html File LayoutTests/editing/execCommand/remove-redundant-styles-and-keep-style-span-inline-crashed.html (right): https://codereview.chromium.org/212323004/diff/1/LayoutTests/editing/execCommand/remove-redundant-styles-and-keep-style-span-inline-crashed.html#newcode12 LayoutTests/editing/execCommand/remove-redundant-styles-and-keep-style-span-inline-crashed.html:12: <i>PASS if Blink isn't crashed.</i> On 2014/03/27 ...
6 years, 8 months ago (2014-03-27 03:30:09 UTC) #5
yosin_UTC9
The CQ bit was checked by yosin@chromium.org
6 years, 8 months ago (2014-03-27 03:30:13 UTC) #6
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/yosin@chromium.org/212323004/60001
6 years, 8 months ago (2014-03-27 03:30:20 UTC) #7
commit-bot: I haz the power
6 years, 8 months ago (2014-03-27 04:33:34 UTC) #8
Message was sent while issue was closed. 
Change committed as 170133

Powered by Google App Engine
This is Rietveld 408576698