From a21f2617eab8132a228d0947d321a1982b629a7a Mon Sep 17 00:00:00 2001 From: "heikki%netscape.com" Date: Tue, 1 Aug 2000 21:40:38 +0000 Subject: [PATCH] Bug 41599 browser crashes when executing function with certain name such as Click(). Fixed by stopping recursion. r=saari. --- content/html/content/src/nsHTMLInputElement.cpp | 12 ++++++++++++ layout/html/content/src/nsHTMLInputElement.cpp | 12 ++++++++++++ 2 files changed, 24 insertions(+) diff --git a/content/html/content/src/nsHTMLInputElement.cpp b/content/html/content/src/nsHTMLInputElement.cpp index fdf84ead982d..967851d31f6e 100644 --- a/content/html/content/src/nsHTMLInputElement.cpp +++ b/content/html/content/src/nsHTMLInputElement.cpp @@ -206,6 +206,8 @@ protected: mInner.GetAttribute(kNameSpaceID_HTML, nsHTMLAtoms::type, tmp); return tmp.EqualsIgnoreCase("image"); } + + PRBool mHandlingClick; }; // construction, destruction @@ -233,6 +235,7 @@ nsHTMLInputElement::nsHTMLInputElement(nsINodeInfo *aNodeInfo) mForm = nsnull; mSkipFocusEvent = PR_FALSE; //nsTraceRefcnt::Create((nsIFormControl*)this, "nsHTMLFormControlElement", __FILE__, __LINE__); + mHandlingClick = PR_FALSE; } nsHTMLInputElement::~nsHTMLInputElement() @@ -740,6 +743,9 @@ nsHTMLInputElement::Click() { nsresult rv = NS_OK; + if (mHandlingClick) // Fixes crash as in bug 41599 --heikki@netscape.com + return rv; + // first see if we are disabled or not. If disabled then do nothing. nsAutoString disabled; if (NS_CONTENT_ATTR_HAS_VALUE == mInner.GetAttribute(kNameSpaceID_HTML, nsHTMLAtoms::disabled, disabled)) { @@ -775,12 +781,18 @@ nsHTMLInputElement::Click() event.isMeta = PR_FALSE; event.clickCount = 0; event.widget = nsnull; + + mHandlingClick = PR_TRUE; + rv = HandleDOMEvent(context, &event, nsnull, NS_EVENT_FLAG_INIT, &status); + + mHandlingClick = PR_FALSE; } } } } } + return rv; } diff --git a/layout/html/content/src/nsHTMLInputElement.cpp b/layout/html/content/src/nsHTMLInputElement.cpp index fdf84ead982d..967851d31f6e 100644 --- a/layout/html/content/src/nsHTMLInputElement.cpp +++ b/layout/html/content/src/nsHTMLInputElement.cpp @@ -206,6 +206,8 @@ protected: mInner.GetAttribute(kNameSpaceID_HTML, nsHTMLAtoms::type, tmp); return tmp.EqualsIgnoreCase("image"); } + + PRBool mHandlingClick; }; // construction, destruction @@ -233,6 +235,7 @@ nsHTMLInputElement::nsHTMLInputElement(nsINodeInfo *aNodeInfo) mForm = nsnull; mSkipFocusEvent = PR_FALSE; //nsTraceRefcnt::Create((nsIFormControl*)this, "nsHTMLFormControlElement", __FILE__, __LINE__); + mHandlingClick = PR_FALSE; } nsHTMLInputElement::~nsHTMLInputElement() @@ -740,6 +743,9 @@ nsHTMLInputElement::Click() { nsresult rv = NS_OK; + if (mHandlingClick) // Fixes crash as in bug 41599 --heikki@netscape.com + return rv; + // first see if we are disabled or not. If disabled then do nothing. nsAutoString disabled; if (NS_CONTENT_ATTR_HAS_VALUE == mInner.GetAttribute(kNameSpaceID_HTML, nsHTMLAtoms::disabled, disabled)) { @@ -775,12 +781,18 @@ nsHTMLInputElement::Click() event.isMeta = PR_FALSE; event.clickCount = 0; event.widget = nsnull; + + mHandlingClick = PR_TRUE; + rv = HandleDOMEvent(context, &event, nsnull, NS_EVENT_FLAG_INIT, &status); + + mHandlingClick = PR_FALSE; } } } } } + return rv; }