Null deref under performActionMenuHitTestAtLocation
authortimothy_horton@apple.com <timothy_horton@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 29 Oct 2014 23:13:15 +0000 (23:13 +0000)
committertimothy_horton@apple.com <timothy_horton@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 29 Oct 2014 23:13:15 +0000 (23:13 +0000)
https://bugs.webkit.org/show_bug.cgi?id=138197
<rdar://problem/18817803>

Reviewed by Beth Dakin.

* WebProcess/WebPage/mac/WebPageMac.mm:
(WebKit::scanForDataDetectedItems):
Null-check the expanded range.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@175353 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit2/ChangeLog
Source/WebKit2/WebProcess/WebPage/mac/WebPageMac.mm

index 33cd642e679763cfe0614ed24aa6667a2dd72568..5ffc41f5f2a7917878076b5c290f996bdabf68b3 100644 (file)
@@ -1,3 +1,15 @@
+2014-10-29  Tim Horton  <timothy_horton@apple.com>
+
+        Null deref under performActionMenuHitTestAtLocation
+        https://bugs.webkit.org/show_bug.cgi?id=138197
+        <rdar://problem/18817803>
+
+        Reviewed by Beth Dakin.
+
+        * WebProcess/WebPage/mac/WebPageMac.mm:
+        (WebKit::scanForDataDetectedItems):
+        Null-check the expanded range.
+
 2014-10-28  Ada Chan  <adachan@apple.com>
 
         Implement WKPageSetMuted(bool).
index f9e6f756523b44fd1d6bd22da666726ccf6a06e4..02ae36d7459a12fa313aef56324251851d778b39 100644 (file)
@@ -1072,6 +1072,9 @@ static RetainPtr<DDActionContext> scanForDataDetectedItems(const HitTestResult&
         position = firstPositionInOrBeforeNode(node);
 
     RefPtr<Range> contextRange = rangeExpandedAroundPosition(position, 4);
+    if (!contextRange)
+        return nullptr;
+
     String fullPlainTextString = plainText(contextRange.get());
     int hitLocation = TextIterator::rangeLength(makeRange(contextRange->startPosition(), position).get());