Bug 1381541 - queryCommandState should consider that parent node of selection is null. r=masayuki, a=gchang
authorMakoto Kato <m_kato@ga2.so-net.ne.jp>
Fri, 18 Aug 2017 14:48:39 +0900
changeset 421364 4572266eacb3
parent 421363 3ff79328db1c
child 421365 ad3f7419411b
push id7661
push userryanvm@gmail.com
push dateThu, 24 Aug 2017 12:30:44 +0000
treeherdermozilla-beta@05183e252fc3 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmasayuki, gchang
bugs1381541
milestone56.0
Bug 1381541 - queryCommandState should consider that parent node of selection is null. r=masayuki, a=gchang When parent node of selected node is null, crash might occur in GetCSSBackgroundColorState. So when parent is null, we should return default value. In this situation, Edge and Blink don't throw error, Gecko shouldn't return error too. MozReview-Commit-ID: 5C6jSAFkCso
editor/libeditor/HTMLEditor.cpp
editor/libeditor/crashtests/1381541.html
editor/libeditor/crashtests/crashtests.list
--- a/editor/libeditor/HTMLEditor.cpp
+++ b/editor/libeditor/HTMLEditor.cpp
@@ -1843,16 +1843,20 @@ HTMLEditor::GetCSSBackgroundColorState(b
     }
   }
   else {
     // no, we are querying the text background for the Text Highlight button
     if (IsTextNode(nodeToExamine)) {
       // if the node of interest is a text node, let's climb a level
       nodeToExamine = nodeToExamine->GetParentNode();
     }
+    // Return default value due to no parent node
+    if (!nodeToExamine) {
+      return NS_OK;
+    }
     do {
       // is the node to examine a block ?
       if (NodeIsBlockStatic(nodeToExamine)) {
         // yes it is a block; in that case, the text background color is transparent
         aOutColor.AssignLiteral("transparent");
         break;
       } else {
         // no, it's not; let's retrieve the computed style of background-color for the
new file mode 100644
--- /dev/null
+++ b/editor/libeditor/crashtests/1381541.html
@@ -0,0 +1,20 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script type="application/javascript">
+      var editable = document.createElement('div');
+      document.documentElement.appendChild(editable);
+      editable.contentEditable = 'true';
+      var div = document.createElement('div');
+      document.documentElement.appendChild(div);
+      // Flush content
+      div.offsetLeft;
+      document.execCommand('styleWithCSS', false, true);
+
+      var range = new Range();
+      window.getSelection().addRange(range);
+      range.setStart(document.createTextNode(''), 0);
+      document.queryCommandState('backcolor');
+    </script>
+  </head>
+</html>
--- a/editor/libeditor/crashtests/crashtests.list
+++ b/editor/libeditor/crashtests/crashtests.list
@@ -73,9 +73,10 @@ load 1317704.html
 load 1317718.html
 load 1324505.html
 needs-focus load 1343918.html
 load 1345015.html
 load 1348851.html
 load 1350772.html
 load 1366176.html
 load 1375131.html
+load 1381541.html
 load 1383755.html