Reviewed by David Kilzer.
(Landed by Dirk Pranke).
Check for a null frame before setting drag selection.
https://bugs.webkit.org/show_bug.cgi?id=38893
Same Layout test as https://bugs.webkit.org/show_bug.cgi?id=37168.
Test: editing/pasteboard/drag-drop-iframe-refresh-crash.html
Note that you need to run the test manually 20-30 times for the crash
to reproduce.
* editing/SelectionController.cpp:
(WebCore::SelectionController::setSelection):
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@61365
268f45cc-cd09-0410-ab3c-
d52691b4dbfc
+2010-06-17 Abhishek Arya <inferno@chromium.org>
+
+ Reviewed by David Kilzer.
+
+ (Landed by Dirk Pranke).
+
+ Check for a null frame before setting drag selection.
+ https://bugs.webkit.org/show_bug.cgi?id=38893
+ Same Layout test as https://bugs.webkit.org/show_bug.cgi?id=37168.
+
+ Test: editing/pasteboard/drag-drop-iframe-refresh-crash.html
+
+ Note that you need to run the test manually 20-30 times for the crash
+ to reproduce.
+
+ * editing/SelectionController.cpp:
+ (WebCore::SelectionController::setSelection):
+
2010-06-17 Benjamin Poulain <benjamin.poulain@nokia.com>
Reviewed by Simon Hausmann.
// <http://bugs.webkit.org/show_bug.cgi?id=23464>: Infinite recursion at SelectionController::setSelection
// if document->frame() == m_frame we can get into an infinite loop
- if (document && document->frame() != m_frame && document != m_frame->document()) {
+ if (document && document->frame() && document->frame() != m_frame && document != m_frame->document()) {
document->frame()->selection()->setSelection(s, closeTyping, clearTypingStyle, userTriggered);
return;
}
git://git.webkit.org / WebKit.git / commitdiff