Nullptr crash in CompositeEditCommand::moveParagraphs when root editable element...
authorrniwa@webkit.org <rniwa@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 11 Apr 2019 02:12:56 +0000 (02:12 +0000)
committerrniwa@webkit.org <rniwa@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 11 Apr 2019 02:12:56 +0000 (02:12 +0000)
commit6c299b67a9f5dfeed61c60fb5e618c640b40f98e
tree1b4d81b8559863f30854607504bdda50e6a42e6a
parent271061401f381f6225a481f6a0368e42d67b363e
Nullptr crash in CompositeEditCommand::moveParagraphs when root editable element goes away
https://bugs.webkit.org/show_bug.cgi?id=193027

Reviewed by Wenson Hsieh.

Source/WebCore:

Added an early exit when the root editable element (editing host in HTML5 spec terminology) is null
during CompositeEditCommand::moveParagraphs. This could happen when the website does something crazy
like removing contenteditable content attribute during DOM mutations or when the destination becomes
disconnected (orphaned) from the document due to bugs elsewhere in the codebase.

Test: editing/deleting/merge-paragraphs-null-root-editable-element-crash.html

* editing/CompositeEditCommand.cpp:
(WebCore::CompositeEditCommand::moveParagraphs): Added an early exit.

LayoutTests:

Added a regression test. Note that the test works around debug assertions in moveParagraphs.
These assertions are generally correct & useful unless the website does something crazy like
removing the contenteditable content attribute during editing operations.

* editing/deleting/merge-paragraphs-null-root-editable-element-crash-expected.txt: Added.
* editing/deleting/merge-paragraphs-null-root-editable-element-crash.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244181 268f45cc-cd09-0410-ab3c-d52691b4dbfc
LayoutTests/ChangeLog
LayoutTests/editing/deleting/merge-paragraphs-null-root-editable-element-crash-expected.txt [new file with mode: 0644]
LayoutTests/editing/deleting/merge-paragraphs-null-root-editable-element-crash.html [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/editing/CompositeEditCommand.cpp