diff options
| author | brettw@google.com <brettw@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-07-30 23:12:20 +0000 |
|---|---|---|
| committer | brettw@google.com <brettw@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-07-30 23:12:20 +0000 |
| commit | 6e79bdd62a59c64cb1590b60c01be72a8860fb66 (patch) | |
| tree | bb3da3cd904c3721780e6dbc3b1dc625db3707f5 | |
| parent | 4bcd82a66d66daf2d6039182669b4d2d915acff9 (diff) | |
| download | chromium_src-6e79bdd62a59c64cb1590b60c01be72a8860fb66.zip chromium_src-6e79bdd62a59c64cb1590b60c01be72a8860fb66.tar.gz chromium_src-6e79bdd62a59c64cb1590b60c01be72a8860fb66.tar.bz2 | |
This changes the assertion somewhat. We get NULL a lot, just with no characters. The case we want to catch is when there is a character count but no characters.
BUG=1296904
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@145 0039d316-1c4b-4281-b951-d872f2087c98
| -rw-r--r-- | webkit/glue/webframe_impl.cc | 27 |
1 files changed, 21 insertions, 6 deletions
diff --git a/webkit/glue/webframe_impl.cc b/webkit/glue/webframe_impl.cc index d6288ed..cdfe972 100644 --- a/webkit/glue/webframe_impl.cc +++ b/webkit/glue/webframe_impl.cc @@ -121,6 +121,7 @@ #include "base/gfx/bitmap_platform_device.h" #include "base/gfx/rect.h" #include "base/gfx/platform_canvas.h" +#include "base/logging.h" #include "base/message_loop.h" #include "base/stats_counters.h" #include "base/string_util.h" @@ -205,13 +206,27 @@ static void FrameContentAsPlainText(int max_chars, Frame* frame, // string conversion. for (TextIterator it(range.get()); !it.atEnd(); it.advance()) { const wchar_t* chars = reinterpret_cast<const wchar_t*>(it.characters()); - if (chars) { - int to_append = std::min(it.length(), - max_chars - static_cast<int>(output->size())); - output->append(chars, to_append); - if (output->size() >= static_cast<size_t>(max_chars)) - return; // Filled up the buffer. + if (!chars) { + // It appears from crash reports that an iterator can get into a state + // where the character count is nonempty but the character pointer is + // NULL. advance()ing it will then just add that many to the NULL + // pointer which won't be caught in a NULL check but will crash. + // + // So as soon as we see a NULL character pointer, we know that the + // iterator is done and we should not continue. + // + // IF YOU CATCH THIS IN A DEBUGGER please let brettw know. We don't + // currently understand the conditions for this to occur. Ideally, the + // iterators would never get into the condition so we should fix them + // if we can. + DCHECK(it.length() == 0); + break; } + int to_append = std::min(it.length(), + max_chars - static_cast<int>(output->size())); + output->append(chars, to_append); + if (output->size() >= static_cast<size_t>(max_chars)) + return; // Filled up the buffer. } } |