[SCM] WebKit Debian packaging branch, debian/unstable, updated. debian/1.1.15-1-40151-g37bb677
mjs
mjs at 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Sat Sep 26 07:50:22 UTC 2009
The following commit has been merged in the debian/unstable branch:
commit 1fb168d8a2971fd425a8684fcb02aa0a94b02b07
Author: mjs <mjs at 268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Wed Aug 6 20:36:37 2003 +0000
Reviewed by Darin and Dave.
- fixed 3364433 - repro crash in khtml::RenderBlock::nodeAtPoint
* khtml/rendering/render_object.cpp:
(RenderObject::removeFromObjectLists): When finding the right
parent block to remove a float from, don't stop at floating or
positioned elements. They could well have floats in their
m_floatingObjects list due to overhang, and failing to remove them
leads to crashes.
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@4776 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/WebCore/ChangeLog-2003-10-25 b/WebCore/ChangeLog-2003-10-25
index ed8338f..14c68d8 100644
--- a/WebCore/ChangeLog-2003-10-25
+++ b/WebCore/ChangeLog-2003-10-25
@@ -1,3 +1,16 @@
+2003-08-06 Maciej Stachowiak <mjs at apple.com>
+
+ Reviewed by Darin and Dave.
+
+ - fixed 3364433 - repro crash in khtml::RenderBlock::nodeAtPoint
+
+ * khtml/rendering/render_object.cpp:
+ (RenderObject::removeFromObjectLists): When finding the right
+ parent block to remove a float from, don't stop at floating or
+ positioned elements. They could well have floats in their
+ m_floatingObjects list due to overhang, and failing to remove them
+ leads to crashes.
+
2003-08-05 Maciej Stachowiak <mjs at apple.com>
Reviewed by John.
diff --git a/WebCore/ChangeLog-2005-08-23 b/WebCore/ChangeLog-2005-08-23
index ed8338f..14c68d8 100644
--- a/WebCore/ChangeLog-2005-08-23
+++ b/WebCore/ChangeLog-2005-08-23
@@ -1,3 +1,16 @@
+2003-08-06 Maciej Stachowiak <mjs at apple.com>
+
+ Reviewed by Darin and Dave.
+
+ - fixed 3364433 - repro crash in khtml::RenderBlock::nodeAtPoint
+
+ * khtml/rendering/render_object.cpp:
+ (RenderObject::removeFromObjectLists): When finding the right
+ parent block to remove a float from, don't stop at floating or
+ positioned elements. They could well have floats in their
+ m_floatingObjects list due to overhang, and failing to remove them
+ leads to crashes.
+
2003-08-05 Maciej Stachowiak <mjs at apple.com>
Reviewed by John.
diff --git a/WebCore/khtml/rendering/render_object.cpp b/WebCore/khtml/rendering/render_object.cpp
index 0e26ccb..dbc2270 100644
--- a/WebCore/khtml/rendering/render_object.cpp
+++ b/WebCore/khtml/rendering/render_object.cpp
@@ -1201,7 +1201,7 @@ void RenderObject::removeFromObjectLists()
if (isFloating()) {
RenderBlock* outermostBlock = containingBlock();
for (RenderBlock* p = outermostBlock;
- p && !p->isCanvas() && p->containsFloat(this) && !p->isFloatingOrPositioned();
+ p && !p->isCanvas() && p->containsFloat(this);
outermostBlock = p, p = p->containingBlock());
if (outermostBlock)
outermostBlock->markAllDescendantsWithFloatsForLayout(this);
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list