Bug 1457273 - Limit selection offsets after recovering from IME error; r=esawin
authorJim Chen <nchen@mozilla.com>
Thu, 15 Nov 2018 16:30:48 +0000
changeset 503087 4187b44086624b243b7163c4346d86db44164565
parent 503086 3c9736576736aba5810577e6b89ae00e5e9a6b98
child 503088 ef83f24a68ac59080fda9efaff9dadc276ef6f73
push id10290
push userffxbld-merge
push dateMon, 03 Dec 2018 16:23:23 +0000
treeherdermozilla-beta@700bed2445e6 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersesawin
bugs1457273
milestone65.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1457273 - Limit selection offsets after recovering from IME error; r=esawin Sometimes, when recovering from an IME error, we get selection offsets that are out of bounds. Limit the offsets in that case so we don't crash. Differential Revision: https://phabricator.services.mozilla.com/D11990
widget/android/GeckoEditableSupport.cpp
--- a/widget/android/GeckoEditableSupport.cpp
+++ b/widget/android/GeckoEditableSupport.cpp
@@ -865,16 +865,26 @@ GeckoEditableSupport::FlushIMEChanges(Fl
         widget->DispatchEvent(&event, status);
 
         if (shouldAbort(NS_WARN_IF(!event.mSucceeded))) {
             return;
         }
 
         selStart = int32_t(event.GetSelectionStart());
         selEnd = int32_t(event.GetSelectionEnd());
+
+        if (aFlags == FLUSH_FLAG_RECOVER) {
+            // Sometimes we get out-of-bounds selection during recovery.
+            // Limit the offsets so we don't crash.
+            for (const TextRecord& record : textTransaction) {
+                const int32_t end = record.start + record.text.Length();
+                selStart = std::min(selStart, end);
+                selEnd = std::min(selEnd, end);
+            }
+        }
     }
 
     JNIEnv* const env = jni::GetGeckoThreadEnv();
     auto flushOnException = [=] () -> bool {
         if (!env->ExceptionCheck()) {
             return false;
         }
         if (aFlags != FLUSH_FLAG_RECOVER) {