Last Comment Bug 620283 - crash [@ nsHTMLEditor::RemoveStyleInside] if !aAttribute
: crash [@ nsHTMLEditor::RemoveStyleInside] if !aAttribute
Status: RESOLVED FIXED
[post-2.0]
: coverity, crash
Product: Core
Classification: Components
Component: Editor (show other bugs)
: Trunk
: All All
: -- critical (vote)
: mozilla8
Assigned To: Fabien Cazenave [:kaze]
:
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2010-12-19 13:42 PST by timeless
Modified: 2011-07-27 03:43 PDT (History)
2 users (show)
See Also:
Crash Signature:
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---


Attachments
patch proposal (1.28 KB, patch)
2011-07-26 14:39 PDT, Fabien Cazenave [:kaze]
ehsan: review+
Details | Diff | Splinter Review

Description timeless 2010-12-19 13:42:32 PST
649 nsresult nsHTMLEditor::RemoveStyleInside(nsIDOMNode *aNode, 

677     // if we weren't passed an attribute, then we want to 
678     // remove any matching inlinestyles entirely
679     if (!aAttribute || aAttribute->IsEmpty())

764   if ( aProperty == nsEditProperty::font &&    // or node is big or small and we are setting font size
765        (nsHTMLEditUtils::IsBig(aNode) || nsHTMLEditUtils::IsSmall(aNode)) &&
766        aAttribute->LowerCaseEqualsLiteral("size"))
Comment 1 Fabien Cazenave [:kaze] 2011-07-26 14:39:12 PDT
Created attachment 548591 [details] [diff] [review]
patch proposal
Comment 2 Marco Bonardo [::mak] 2011-07-27 03:43:28 PDT
http://hg.mozilla.org/mozilla-central/rev/f6545ec92d4c

Note You need to log in before you can comment on or make changes to this bug.