[Win] Null pointer crash under WebView::scrollOffset.
authorpvollan@apple.com <pvollan@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 6 Sep 2016 18:21:26 +0000 (18:21 +0000)
committerpvollan@apple.com <pvollan@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 6 Sep 2016 18:21:26 +0000 (18:21 +0000)
https://bugs.webkit.org/show_bug.cgi?id=161620

Reviewed by Darin Adler.

Added null pointer checks.

* WebView.cpp:
(WebView::scrollOffset):
(WebView::scrollBy):
(WebView::visibleContentRect):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@205495 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit/win/ChangeLog
Source/WebKit/win/WebView.cpp

index 33211e7..349dec7 100644 (file)
@@ -1,3 +1,17 @@
+2016-09-06  Per Arne Vollan  <pvollan@apple.com>
+
+        [Win] Null pointer crash under WebView::scrollOffset.
+        https://bugs.webkit.org/show_bug.cgi?id=161620
+
+        Reviewed by Darin Adler.
+
+        Added null pointer checks.
+
+        * WebView.cpp:
+        (WebView::scrollOffset):
+        (WebView::scrollBy):
+        (WebView::visibleContentRect):
+
 2016-09-03  Darin Adler  <darin@apple.com>
 
         Streamline DOMImplementation, and move it to our new DOM exception system
index a4646c5..980edeb 100644 (file)
@@ -5493,6 +5493,9 @@ HRESULT WebView::scrollOffset(_Out_ LPPOINT offset)
     if (!offset)
         return E_POINTER;
 
+    if (!m_page || !m_page->mainFrame().view())
+        return E_FAIL;
+
     IntPoint scrollPosition = m_page->mainFrame().view()->scrollPosition();
     float scaleFactor = deviceScaleFactor();
     scrollPosition.scale(scaleFactor, scaleFactor);
@@ -5507,6 +5510,9 @@ HRESULT WebView::scrollBy(_In_ LPPOINT offset)
     if (!offset)
         return E_POINTER;
 
+    if (!m_page || !m_page->mainFrame().view())
+        return E_FAIL;
+
     IntSize scrollDelta(offset->x, offset->y);
     scrollDelta.scale(1.0f / deviceScaleFactor());
     m_page->mainFrame().view()->scrollBy(scrollDelta);
@@ -5518,6 +5524,9 @@ HRESULT WebView::visibleContentRect(_Out_ LPRECT rect)
     if (!rect)
         return E_POINTER;
 
+    if (!m_page || !m_page->mainFrame().view())
+        return E_FAIL;
+
     FloatRect visibleContent = m_page->mainFrame().view()->visibleContentRect();
     visibleContent.scale(deviceScaleFactor());
     rect->left = (LONG) visibleContent.x();