Bug 1381541 - queryCommandState should consider that parent node of selection is null. r?masayuki draft
authorMakoto Kato <m_kato@ga2.so-net.ne.jp>
Fri, 18 Aug 2017 14:48:39 +0900
changeset 648742 33e401087393
parent 648573 a6a1f5c1d971
child 726924 e97fda2f3340
push id74865
push userbmo:m_kato@ga2.so-net.ne.jp
push dateFri, 18 Aug 2017 08:13:15 +0000
reviewersmasayuki
bugs1381541
milestone57.0a1
Bug 1381541 - queryCommandState should consider that parent node of selection is null. r?masayuki When parent node of selected node is null, crash might occur in GetCSSBackgroundColorState. So when parent is null, we should return default value. In this situation, Edge and Blink don't throw error, Gecko shouldn't return error too. MozReview-Commit-ID: 5C6jSAFkCso
editor/libeditor/HTMLEditor.cpp
editor/libeditor/crashtests/1381541.html
editor/libeditor/crashtests/crashtests.list
--- a/editor/libeditor/HTMLEditor.cpp
+++ b/editor/libeditor/HTMLEditor.cpp
@@ -1848,16 +1848,20 @@ HTMLEditor::GetCSSBackgroundColorState(b
     }
   }
   else {
     // no, we are querying the text background for the Text Highlight button
     if (IsTextNode(nodeToExamine)) {
       // if the node of interest is a text node, let's climb a level
       nodeToExamine = nodeToExamine->GetParentNode();
     }
+    // Return default value due to no parent node
+    if (!nodeToExamine) {
+      return NS_OK;
+    }
     do {
       // is the node to examine a block ?
       if (NodeIsBlockStatic(nodeToExamine)) {
         // yes it is a block; in that case, the text background color is transparent
         aOutColor.AssignLiteral("transparent");
         break;
       } else {
         // no, it's not; let's retrieve the computed style of background-color for the
new file mode 100644
--- /dev/null
+++ b/editor/libeditor/crashtests/1381541.html
@@ -0,0 +1,20 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script type="application/javascript">
+      var editable = document.createElement('div');
+      document.documentElement.appendChild(editable);
+      editable.contentEditable = 'true';
+      var div = document.createElement('div');
+      document.documentElement.appendChild(div);
+      // Flush content
+      div.offsetLeft;
+      document.execCommand('styleWithCSS', false, true);
+
+      var range = new Range();
+      window.getSelection().addRange(range);
+      range.setStart(document.createTextNode(''), 0);
+      document.queryCommandState('backcolor');
+    </script>
+  </head>
+</html>
--- a/editor/libeditor/crashtests/crashtests.list
+++ b/editor/libeditor/crashtests/crashtests.list
@@ -73,9 +73,10 @@ load 1317704.html
 load 1317718.html
 load 1324505.html
 needs-focus load 1343918.html
 load 1345015.html
 load 1348851.html
 load 1350772.html
 load 1366176.html
 load 1375131.html
+load 1381541.html
 load 1383755.html