From 9b759976fec55ad944eba534a560c9c83400ed91 Mon Sep 17 00:00:00 2001 From: John Reck Date: Mon, 27 Feb 2012 15:40:02 -0800 Subject: Fix content detector crashes Bug: 6075831 Add some sanity checks to AndroidHitTestResult Update DOMTextContentWalker to latest which had some extra checks Change-Id: If6d129e78712c8cfc5ec84e48487e32cc585680f --- Source/WebCore/dom/DOMTextContentWalker.cpp | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) (limited to 'Source/WebCore/dom') diff --git a/Source/WebCore/dom/DOMTextContentWalker.cpp b/Source/WebCore/dom/DOMTextContentWalker.cpp index ccbe1ec..5e77db1 100644 --- a/Source/WebCore/dom/DOMTextContentWalker.cpp +++ b/Source/WebCore/dom/DOMTextContentWalker.cpp @@ -44,15 +44,20 @@ DOMTextContentWalker::DOMTextContentWalker(const VisiblePosition& position, unsi : m_hitOffsetInContent(0) { const unsigned halfMaxLength = maxLength / 2; - CharacterIterator forwardChar(makeRange(position, endOfDocument(position)).get(), TextIteratorStopsOnFormControls); + RefPtr forwardRange = makeRange(position, endOfDocument(position)); + if (!forwardRange) + return; + CharacterIterator forwardChar(forwardRange.get(), TextIteratorStopsOnFormControls); forwardChar.advance(maxLength - halfMaxLength); // No forward contents, started inside form control. - RefPtr range = getRange(position.deepEquivalent(), forwardChar.range()->startPosition()); - if (!range.get() || range->text().length() == 0) + if (getRange(position.deepEquivalent(), forwardChar.range()->startPosition())->text().length() == 0) return; - BackwardsCharacterIterator backwardsChar(makeRange(startOfDocument(position), position).get(), TextIteratorStopsOnFormControls); + RefPtr backwardsRange = makeRange(startOfDocument(position), position); + if (!backwardsRange) + return; + BackwardsCharacterIterator backwardsChar(backwardsRange.get(), TextIteratorStopsOnFormControls); backwardsChar.advance(halfMaxLength); m_hitOffsetInContent = getRange(backwardsChar.range()->endPosition(), position.deepEquivalent())->text().length(); -- cgit v1.1