Ignore:
Timestamp:
Jan 24, 2020, 5:37:20 PM (5 years ago)
Author:
[email protected]
Message:

Null Ptr Deref READ @ WebCore::RenderMultiColumnFlow::lastMultiColumnSet const
https://bugs.webkit.org/show_bug.cgi?id=206106

Patch by Jack Lee <Jack Lee> on 2020-01-24
Reviewed by Ryosuke Niwa.

Could not write a reproducible fast test case for this.

  • rendering/RenderMultiColumnFlow.cpp:

(WebCore::RenderMultiColumnFlow::lastMultiColumnSet const):

  • rendering/updating/RenderTreeBuilderMultiColumn.cpp:

(WebCore::RenderTreeBuilder::MultiColumn::processPossibleSpannerDescendant):

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/WebCore/rendering/RenderMultiColumnFlow.cpp

    r248846 r255113  
    7575RenderMultiColumnSet* RenderMultiColumnFlow::lastMultiColumnSet() const
    7676{
     77    ASSERT(multiColumnBlockFlow());
     78
    7779    for (RenderObject* sibling = multiColumnBlockFlow()->lastChild(); sibling; sibling = sibling->previousSibling()) {
    7880        if (is<RenderMultiColumnSet>(*sibling))
Note: See TracChangeset for help on using the changeset viewer.