Null check parent node in InsertListCommand::unlistifyParagraph
https://bugs.webkit.org/show_bug.cgi?id=241889
Reviewed by Wenson Hsieh.
* Source/WebCore/editing/InsertListCommand.cpp:
(WebCore::InsertListCommand::doApplyForSingleParagraph):
(WebCore::InsertListCommand::unlistifyParagraph):
* Source/WebCore/editing/InsertListCommand.h:
Canonical link: https://commits.webkit.org/251769@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295764 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/Source/WebCore/editing/InsertListCommand.cpp b/Source/WebCore/editing/InsertListCommand.cpp
index 774f5ee..9560bad 100644
--- a/Source/WebCore/editing/InsertListCommand.cpp
+++ b/Source/WebCore/editing/InsertListCommand.cpp
@@ -273,21 +273,21 @@
return;
}
- unlistifyParagraph(endingSelection().visibleStart(), listNode.get(), listChildNode);
+ unlistifyParagraph(endingSelection().visibleStart(), *listNode, listChildNode);
}
if (!listChildNode || switchListType || forceCreateList)
m_listElement = listifyParagraph(endingSelection().visibleStart(), listTag);
}
-void InsertListCommand::unlistifyParagraph(const VisiblePosition& originalStart, HTMLElement* listNode, Node* listChildNode)
+void InsertListCommand::unlistifyParagraph(const VisiblePosition& originalStart, HTMLElement& listNode, Node* listChildNode)
{
RefPtr<Node> nextListChild;
RefPtr<Node> previousListChild;
VisiblePosition start;
VisiblePosition end;
- if (!listNode->parentNode()->hasEditableStyle())
+ if (!listNode.parentNode() || !listNode.parentNode()->hasEditableStyle())
return;
if (listChildNode->hasTagName(liTag)) {
@@ -299,9 +299,9 @@
// A paragraph is visually a list item minus a list marker. The paragraph will be moved.
start = startOfParagraph(originalStart, CanSkipOverEditingBoundary);
end = endOfParagraph(start, CanSkipOverEditingBoundary);
- nextListChild = enclosingListChild(end.next().deepEquivalent().deprecatedNode(), listNode);
+ nextListChild = enclosingListChild(end.next().deepEquivalent().deprecatedNode(), &listNode);
ASSERT(nextListChild != listChildNode);
- previousListChild = enclosingListChild(start.previous().deepEquivalent().deprecatedNode(), listNode);
+ previousListChild = enclosingListChild(start.previous().deepEquivalent().deprecatedNode(), &listNode);
ASSERT(previousListChild != listChildNode);
}
@@ -314,7 +314,7 @@
RefPtr<Element> nodeToInsert = placeholder.copyRef();
// If the content of the list item will be moved into another list, put it in a list item
// so that we don't create an orphaned list child.
- if (enclosingList(listNode)) {
+ if (enclosingList(&listNode)) {
nodeToInsert = HTMLLIElement::create(document());
appendNode(placeholder.copyRef(), *nodeToInsert);
}
@@ -327,18 +327,18 @@
// FIXME: We appear to split at nextListChild as opposed to listChildNode so that when we remove
// listChildNode below in moveParagraphs, previousListChild will be removed along with it if it is
// unrendered. But we ought to remove nextListChild too, if it is unrendered.
- splitElement(*listNode, *splitTreeToNode(*nextListChild, *listNode));
- insertNodeBefore(nodeToInsert.releaseNonNull(), *listNode);
- } else if (nextListChild || listChildNode->parentNode() != listNode) {
+ splitElement(listNode, *splitTreeToNode(*nextListChild, listNode));
+ insertNodeBefore(nodeToInsert.releaseNonNull(), listNode);
+ } else if (nextListChild || listChildNode->parentNode() != &listNode) {
// Just because listChildNode has no previousListChild doesn't mean there isn't any content
// in listNode that comes before listChildNode, as listChildNode could have ancestors
// between it and listNode. So, we split up to listNode before inserting the placeholder
// where we're about to move listChildNode to.
- if (RefPtr listChildNodeParentNode { listChildNode->parentNode() }; listChildNodeParentNode && listChildNodeParentNode != listNode)
- splitElement(*listNode, *splitTreeToNode(*listChildNode, *listNode).get());
- insertNodeBefore(nodeToInsert.releaseNonNull(), *listNode);
+ if (RefPtr listChildNodeParentNode { listChildNode->parentNode() }; listChildNodeParentNode && listChildNodeParentNode != &listNode)
+ splitElement(listNode, *splitTreeToNode(*listChildNode, listNode).get());
+ insertNodeBefore(nodeToInsert.releaseNonNull(), listNode);
} else
- insertNodeAfter(nodeToInsert.releaseNonNull(), *listNode);
+ insertNodeAfter(nodeToInsert.releaseNonNull(), listNode);
VisiblePosition insertionPoint = VisiblePosition(positionBeforeNode(placeholder.ptr()));
moveParagraphs(start, end, insertionPoint, true);
diff --git a/Source/WebCore/editing/InsertListCommand.h b/Source/WebCore/editing/InsertListCommand.h
index 4199f69..00c0f02 100644
--- a/Source/WebCore/editing/InsertListCommand.h
+++ b/Source/WebCore/editing/InsertListCommand.h
@@ -55,7 +55,7 @@
bool selectionHasListOfType(const VisibleSelection& selection, const QualifiedName&);
Ref<HTMLElement> mergeWithNeighboringLists(HTMLElement&);
void doApplyForSingleParagraph(bool forceCreateList, const HTMLQualifiedName&, SimpleRange& currentSelection);
- void unlistifyParagraph(const VisiblePosition& originalStart, HTMLElement* listNode, Node* listChildNode);
+ void unlistifyParagraph(const VisiblePosition& originalStart, HTMLElement& listNode, Node* listChildNode);
RefPtr<HTMLElement> listifyParagraph(const VisiblePosition& originalStart, const QualifiedName& listTag);
RefPtr<HTMLElement> m_listElement;
Type m_type;
