From: Ben Murdoch <benm@google.com>
Date: Fri, 16 Sep 2011 11:24:38 +0000 (+0100)
Subject: Fix crash in WebViewCore::scrollNodeIntoView
X-Git-Url: http://git.osdn.net/view?a=commitdiff_plain;h=238df8af72e1d93e547e14b706765bc369319359;p=android-x86%2Fexternal-webkit.git

Fix crash in WebViewCore::scrollNodeIntoView

Fix crash when traversing the node hierarchy. Need to
stop when parent() returns null.

Bug: 5244036
Change-Id: I4120d4b6ea14c0a20c84f6bb789573d03e1915b3
---

diff --git a/Source/WebKit/android/jni/WebViewCore.cpp b/Source/WebKit/android/jni/WebViewCore.cpp
index 9b5a6fa5c..6976e0076 100644
--- a/Source/WebKit/android/jni/WebViewCore.cpp
+++ b/Source/WebKit/android/jni/WebViewCore.cpp
@@ -2219,12 +2219,16 @@ void WebViewCore::scrollNodeIntoView(Frame* frame, Node* node)
     if (!node->isElementNode()) {
         HTMLElement* body = frame->document()->body();
         do {
-            if (!node || node == body)
+            if (node == body)
                 return;
             node = node->parentNode();
-        } while (!node->isElementNode() && !isVisible(node));
+        } while (node && !node->isElementNode() && !isVisible(node));
     }
 
+    // Couldn't find a visible predecessor.
+    if (!node)
+        return;
+
     elementNode = static_cast<Element*>(node);
     elementNode->scrollIntoViewIfNeeded(true);
 }