summaryrefslogtreecommitdiffstats
path: root/dom
diff options
context:
space:
mode:
authorMatt A. Tobin <email@mattatobin.com>2020-04-17 06:10:23 -0400
committerMatt A. Tobin <email@mattatobin.com>2020-04-17 06:10:23 -0400
commit70c8ff8e5af7d2661b64fb92a158f2860af7766c (patch)
treee7fd37d81858a7dfa06fbf59880d837d9e7fa256 /dom
parent53428ad3f04ff1e01f0596ef0c592bdbe5fdd15b (diff)
downloadUXP-70c8ff8e5af7d2661b64fb92a158f2860af7766c.tar
UXP-70c8ff8e5af7d2661b64fb92a158f2860af7766c.tar.gz
UXP-70c8ff8e5af7d2661b64fb92a158f2860af7766c.tar.lz
UXP-70c8ff8e5af7d2661b64fb92a158f2860af7766c.tar.xz
UXP-70c8ff8e5af7d2661b64fb92a158f2860af7766c.zip
Bug 1377978 - Make nsRange use uint32_t to offset
Tag #1375
Diffstat (limited to 'dom')
-rw-r--r--dom/base/nsContentUtils.cpp7
-rw-r--r--dom/base/nsContentUtils.h7
-rw-r--r--dom/base/nsDocumentEncoder.cpp17
-rw-r--r--dom/base/nsFocusManager.cpp8
-rw-r--r--dom/base/nsRange.cpp331
-rw-r--r--dom/base/nsRange.h76
-rw-r--r--dom/html/HTMLMediaElement.cpp2
-rw-r--r--dom/interfaces/range/nsIDOMRange.idl12
8 files changed, 283 insertions, 177 deletions
diff --git a/dom/base/nsContentUtils.cpp b/dom/base/nsContentUtils.cpp
index c53b3d834..f4828b162 100644
--- a/dom/base/nsContentUtils.cpp
+++ b/dom/base/nsContentUtils.cpp
@@ -2391,6 +2391,9 @@ nsContentUtils::ComparePoints(nsINode* aParent1, int32_t aOffset1,
bool* aDisconnected)
{
if (aParent1 == aParent2) {
+ // XXX This is odd. aOffset1 and/or aOffset2 may be -1, e.g., it's result
+ // of nsINode::IndexOf(), but this compares such invalid offset with
+ // valid offset.
return aOffset1 < aOffset2 ? -1 :
aOffset1 > aOffset2 ? 1 :
0;
@@ -2441,10 +2444,14 @@ nsContentUtils::ComparePoints(nsINode* aParent1, int32_t aOffset1,
if (!pos1) {
nsINode* child2 = parents2.ElementAt(--pos2);
+ // XXX aOffset1 may be -1 as mentioned above. So, why does this return
+ // it's *before* of the valid DOM point?
return aOffset1 <= parent->IndexOf(child2) ? -1 : 1;
}
nsINode* child1 = parents1.ElementAt(--pos1);
+ // XXX aOffset2 may be -1 as mentioned above. So, why does this return it's
+ // *after* of the valid DOM point?
return parent->IndexOf(child1) < aOffset2 ? -1 : 1;
}
diff --git a/dom/base/nsContentUtils.h b/dom/base/nsContentUtils.h
index 4ccc1aa25..c34f7e102 100644
--- a/dom/base/nsContentUtils.h
+++ b/dom/base/nsContentUtils.h
@@ -339,6 +339,13 @@ public:
* NOTE! If the two nodes aren't in the same connected subtree,
* the result is 1, and the optional aDisconnected parameter
* is set to true.
+ *
+ * XXX aOffset1 and aOffset2 should be uint32_t since valid offset value is
+ * between 0 - UINT32_MAX. However, these methods work even with
+ * negative offset values! E.g., when aOffset1 is -1 and aOffset is 0,
+ * these methods return -1. Some root callers depend on this behavior.
+ * On the other hand, nsINode can have ATTRCHILD_ARRAY_MAX_CHILD_COUN
+ * (0x3FFFFF) at most. Therefore, they can be int32_t for now.
*/
static int32_t ComparePoints(nsINode* aParent1, int32_t aOffset1,
nsINode* aParent2, int32_t aOffset2,
diff --git a/dom/base/nsDocumentEncoder.cpp b/dom/base/nsDocumentEncoder.cpp
index 34eb6ed38..de41a7331 100644
--- a/dom/base/nsDocumentEncoder.cpp
+++ b/dom/base/nsDocumentEncoder.cpp
@@ -1588,10 +1588,13 @@ nsHTMLCopyEncoder::IncludeInContext(nsINode *aNode)
nsresult
nsHTMLCopyEncoder::PromoteRange(nsIDOMRange *inRange)
{
- if (!inRange) return NS_ERROR_NULL_POINTER;
+ RefPtr<nsRange> range = static_cast<nsRange*>(inRange);
+ if (!range) {
+ return NS_ERROR_NULL_POINTER;
+ }
nsresult rv;
nsCOMPtr<nsIDOMNode> startNode, endNode, common;
- int32_t startOffset, endOffset;
+ uint32_t startOffset, endOffset;
rv = inRange->GetCommonAncestorContainer(getter_AddRefs(common));
NS_ENSURE_SUCCESS(rv, rv);
@@ -1609,9 +1612,11 @@ nsHTMLCopyEncoder::PromoteRange(nsIDOMRange *inRange)
int32_t opStartOffset, opEndOffset;
// examine range endpoints.
- rv = GetPromotedPoint( kStart, startNode, startOffset, address_of(opStartNode), &opStartOffset, common);
+ rv = GetPromotedPoint(kStart, startNode, static_cast<int32_t>(startOffset),
+ address_of(opStartNode), &opStartOffset, common);
NS_ENSURE_SUCCESS(rv, rv);
- rv = GetPromotedPoint( kEnd, endNode, endOffset, address_of(opEndNode), &opEndOffset, common);
+ rv = GetPromotedPoint(kEnd, endNode, static_cast<int32_t>(endOffset),
+ address_of(opEndNode), &opEndOffset, common);
NS_ENSURE_SUCCESS(rv, rv);
// if both range endpoints are at the common ancestor, check for possible inclusion of ancestors
@@ -1623,9 +1628,9 @@ nsHTMLCopyEncoder::PromoteRange(nsIDOMRange *inRange)
}
// set the range to the new values
- rv = inRange->SetStart(opStartNode, opStartOffset);
+ rv = inRange->SetStart(opStartNode, static_cast<uint32_t>(opStartOffset));
NS_ENSURE_SUCCESS(rv, rv);
- rv = inRange->SetEnd(opEndNode, opEndOffset);
+ rv = inRange->SetEnd(opEndNode, static_cast<uint32_t>(opEndOffset));
return rv;
}
diff --git a/dom/base/nsFocusManager.cpp b/dom/base/nsFocusManager.cpp
index 01c1944be..c14087c8a 100644
--- a/dom/base/nsFocusManager.cpp
+++ b/dom/base/nsFocusManager.cpp
@@ -2457,7 +2457,7 @@ nsFocusManager::GetSelectionLocation(nsIDocument* aDocument,
nsCOMPtr<nsIDOMNode> startNode, endNode;
bool isCollapsed = false;
nsCOMPtr<nsIContent> startContent, endContent;
- int32_t startOffset = 0;
+ uint32_t startOffset = 0;
if (domSelection) {
domSelection->GetIsCollapsed(&isCollapsed);
nsCOMPtr<nsIDOMRange> domRange;
@@ -2471,7 +2471,6 @@ nsFocusManager::GetSelectionLocation(nsIDocument* aDocument,
startContent = do_QueryInterface(startNode);
if (startContent && startContent->IsElement()) {
- NS_ASSERTION(startOffset >= 0, "Start offset cannot be negative");
childContent = startContent->GetChildAt(startOffset);
if (childContent) {
startContent = childContent;
@@ -2480,9 +2479,8 @@ nsFocusManager::GetSelectionLocation(nsIDocument* aDocument,
endContent = do_QueryInterface(endNode);
if (endContent && endContent->IsElement()) {
- int32_t endOffset = 0;
+ uint32_t endOffset = 0;
domRange->GetEndOffset(&endOffset);
- NS_ASSERTION(endOffset >= 0, "End offset cannot be negative");
childContent = endContent->GetChildAt(endOffset);
if (childContent) {
endContent = childContent;
@@ -2510,7 +2508,7 @@ nsFocusManager::GetSelectionLocation(nsIDocument* aDocument,
bool isFormControl =
startContent->IsNodeOfType(nsINode::eHTML_FORM_CONTROL);
- if (nodeValue.Length() == (uint32_t)startOffset && !isFormControl &&
+ if (nodeValue.Length() == startOffset && !isFormControl &&
startContent != aDocument->GetRootElement()) {
// Yes, indeed we were at the end of the last node
nsCOMPtr<nsIFrameEnumerator> frameTraversal;
diff --git a/dom/base/nsRange.cpp b/dom/base/nsRange.cpp
index 154b3428f..a3704a1de 100644
--- a/dom/base/nsRange.cpp
+++ b/dom/base/nsRange.cpp
@@ -111,31 +111,37 @@ nsRange::CompareNodeToRange(nsINode* aNode, nsRange* aRange,
// so instead represent it by (node,0) and (node,numChildren)
parent = aNode;
nodeStart = 0;
- nodeEnd = aNode->GetChildCount();
+ uint32_t childCount = aNode->GetChildCount();
+ MOZ_ASSERT(childCount <= INT32_MAX,
+ "There shouldn't be over INT32_MAX children");
+ nodeEnd = static_cast<int32_t>(childCount);
}
else {
nodeStart = parent->IndexOf(aNode);
nodeEnd = nodeStart + 1;
+ MOZ_ASSERT(nodeStart < nodeEnd, "nodeStart shouldn't be INT32_MAX");
}
nsINode* rangeStartParent = aRange->GetStartParent();
nsINode* rangeEndParent = aRange->GetEndParent();
- int32_t rangeStartOffset = aRange->StartOffset();
- int32_t rangeEndOffset = aRange->EndOffset();
+ uint32_t rangeStartOffset = aRange->StartOffset();
+ uint32_t rangeEndOffset = aRange->EndOffset();
// is RANGE(start) <= NODE(start) ?
bool disconnected = false;
- *outNodeBefore = nsContentUtils::ComparePoints(rangeStartParent,
- rangeStartOffset,
- parent, nodeStart,
- &disconnected) > 0;
+ *outNodeBefore =
+ nsContentUtils::ComparePoints(rangeStartParent,
+ static_cast<int32_t>(rangeStartOffset),
+ parent, nodeStart,
+ &disconnected) > 0;
NS_ENSURE_TRUE(!disconnected, NS_ERROR_DOM_WRONG_DOCUMENT_ERR);
// is RANGE(end) >= NODE(end) ?
- *outNodeAfter = nsContentUtils::ComparePoints(rangeEndParent,
- rangeEndOffset,
- parent, nodeEnd,
- &disconnected) < 0;
+ *outNodeAfter =
+ nsContentUtils::ComparePoints(rangeEndParent,
+ static_cast<int32_t>(rangeEndOffset),
+ parent, nodeEnd,
+ &disconnected) < 0;
NS_ENSURE_TRUE(!disconnected, NS_ERROR_DOM_WRONG_DOCUMENT_ERR);
return NS_OK;
}
@@ -164,13 +170,17 @@ struct IsItemInRangeComparator
int operator()(const nsRange* const aRange) const
{
- int32_t cmp = nsContentUtils::ComparePoints(mNode, mEndOffset,
- aRange->GetStartParent(),
- aRange->StartOffset());
+ int32_t cmp =
+ nsContentUtils::ComparePoints(
+ mNode, static_cast<int32_t>(mEndOffset),
+ aRange->GetStartParent(),
+ static_cast<int32_t>(aRange->StartOffset()));
if (cmp == 1) {
- cmp = nsContentUtils::ComparePoints(mNode, mStartOffset,
- aRange->GetEndParent(),
- aRange->EndOffset());
+ cmp =
+ nsContentUtils::ComparePoints(
+ mNode, static_cast<int32_t>(mStartOffset),
+ aRange->GetEndParent(),
+ static_cast<int32_t>(aRange->EndOffset()));
if (cmp == -1) {
return 0;
}
@@ -266,8 +276,8 @@ nsRange::nsRange(nsINode* aNode)
/* static */
nsresult
-nsRange::CreateRange(nsINode* aStartParent, int32_t aStartOffset,
- nsINode* aEndParent, int32_t aEndOffset,
+nsRange::CreateRange(nsINode* aStartParent, uint32_t aStartOffset,
+ nsINode* aEndParent, uint32_t aEndOffset,
nsRange** aRange)
{
MOZ_ASSERT(aRange);
@@ -285,8 +295,8 @@ nsRange::CreateRange(nsINode* aStartParent, int32_t aStartOffset,
/* static */
nsresult
-nsRange::CreateRange(nsIDOMNode* aStartParent, int32_t aStartOffset,
- nsIDOMNode* aEndParent, int32_t aEndOffset,
+nsRange::CreateRange(nsIDOMNode* aStartParent, uint32_t aStartOffset,
+ nsIDOMNode* aEndParent, uint32_t aEndOffset,
nsRange** aRange)
{
nsCOMPtr<nsINode> startParent = do_QueryInterface(aStartParent);
@@ -296,8 +306,8 @@ nsRange::CreateRange(nsIDOMNode* aStartParent, int32_t aStartOffset,
/* static */
nsresult
-nsRange::CreateRange(nsIDOMNode* aStartParent, int32_t aStartOffset,
- nsIDOMNode* aEndParent, int32_t aEndOffset,
+nsRange::CreateRange(nsIDOMNode* aStartParent, uint32_t aStartOffset,
+ nsIDOMNode* aEndParent, uint32_t aEndOffset,
nsIDOMRange** aRange)
{
RefPtr<nsRange> range;
@@ -455,15 +465,27 @@ nsRange::CharacterDataChanged(nsIDocument* aDocument,
// again (when the new text node is notified).
nsINode* parentNode = aContent->GetParentNode();
int32_t index = -1;
- if (parentNode == mEndParent && mEndOffset > 0 &&
- (index = parentNode->IndexOf(aContent)) + 1 == mEndOffset) {
- ++mEndOffset;
- mEndOffsetWasIncremented = true;
+ if (parentNode == mEndParent && mEndOffset > 0) {
+ index = parentNode->IndexOf(aContent);
+ NS_WARNING_ASSERTION(index >= 0,
+ "Shouldn't be called during removing the node or something");
+ if (static_cast<uint32_t>(index + 1) == mEndOffset) {
+ newEndNode = mEndParent;
+ newEndOffset = mEndOffset + 1;
+ MOZ_ASSERT(IsValidOffset(newEndOffset));
+ mEndOffsetWasIncremented = true;
+ }
}
- if (parentNode == mStartParent && mStartOffset > 0 &&
- (index != -1 ? index : parentNode->IndexOf(aContent)) + 1 == mStartOffset) {
- ++mStartOffset;
- mStartOffsetWasIncremented = true;
+ if (parentNode == mStartParent && mStartOffset > 0) {
+ if (index <= 0) {
+ index = parentNode->IndexOf(aContent);
+ }
+ if (static_cast<uint32_t>(index + 1) == mStartOffset) {
+ newStartNode = mStartParent;
+ newStartOffset = mStartOffset + 1;
+ MOZ_ASSERT(IsValidOffset(newStartOffset));
+ mStartOffsetWasIncremented = true;
+ }
}
#ifdef DEBUG
if (mStartOffsetWasIncremented || mEndOffsetWasIncremented) {
@@ -476,16 +498,15 @@ nsRange::CharacterDataChanged(nsIDocument* aDocument,
// If the changed node contains our start boundary and the change starts
// before the boundary we'll need to adjust the offset.
- if (aContent == mStartParent &&
- aInfo->mChangeStart < static_cast<uint32_t>(mStartOffset)) {
+ if (aContent == mStartParent && aInfo->mChangeStart < mStartOffset) {
if (aInfo->mDetails) {
// splitText(), aInfo->mDetails->mNextSibling is the new text node
NS_ASSERTION(aInfo->mDetails->mType ==
CharacterDataChangeInfo::Details::eSplit,
"only a split can start before the end");
- NS_ASSERTION(static_cast<uint32_t>(mStartOffset) <= aInfo->mChangeEnd + 1,
+ NS_ASSERTION(mStartOffset <= aInfo->mChangeEnd + 1,
"mStartOffset is beyond the end of this node");
- newStartOffset = static_cast<uint32_t>(mStartOffset) - aInfo->mChangeStart;
+ newStartOffset = mStartOffset - aInfo->mChangeStart;
newStartNode = aInfo->mDetails->mNextSibling;
if (MOZ_UNLIKELY(aContent == mRoot)) {
newRoot = IsValidBoundary(newStartNode);
@@ -502,7 +523,7 @@ nsRange::CharacterDataChanged(nsIDocument* aDocument,
} else {
// If boundary is inside changed text, position it before change
// else adjust start offset for the change in length.
- mStartOffset = static_cast<uint32_t>(mStartOffset) <= aInfo->mChangeEnd ?
+ mStartOffset = mStartOffset <= aInfo->mChangeEnd ?
aInfo->mChangeStart :
mStartOffset + aInfo->mChangeStart - aInfo->mChangeEnd +
aInfo->mReplaceLength;
@@ -512,16 +533,15 @@ nsRange::CharacterDataChanged(nsIDocument* aDocument,
// Do the same thing for the end boundary, except for splitText of a node
// with no parent then only switch to the new node if the start boundary
// did so too (otherwise the range would end up with disconnected nodes).
- if (aContent == mEndParent &&
- aInfo->mChangeStart < static_cast<uint32_t>(mEndOffset)) {
+ if (aContent == mEndParent && aInfo->mChangeStart < mEndOffset) {
if (aInfo->mDetails && (aContent->GetParentNode() || newStartNode)) {
// splitText(), aInfo->mDetails->mNextSibling is the new text node
NS_ASSERTION(aInfo->mDetails->mType ==
CharacterDataChangeInfo::Details::eSplit,
"only a split can start before the end");
- NS_ASSERTION(static_cast<uint32_t>(mEndOffset) <= aInfo->mChangeEnd + 1,
+ NS_ASSERTION(mEndOffset <= aInfo->mChangeEnd + 1,
"mEndOffset is beyond the end of this node");
- newEndOffset = static_cast<uint32_t>(mEndOffset) - aInfo->mChangeStart;
+ newEndOffset = mEndOffset - aInfo->mChangeStart;
newEndNode = aInfo->mDetails->mNextSibling;
bool isCommonAncestor = IsInSelection() && mStartParent == mEndParent;
@@ -534,7 +554,7 @@ nsRange::CharacterDataChanged(nsIDocument* aDocument,
newEndNode->SetDescendantOfCommonAncestorForRangeInSelection();
}
} else {
- mEndOffset = static_cast<uint32_t>(mEndOffset) <= aInfo->mChangeEnd ?
+ mEndOffset = mEndOffset <= aInfo->mChangeEnd ?
aInfo->mChangeStart :
mEndOffset + aInfo->mChangeStart - aInfo->mChangeEnd +
aInfo->mReplaceLength;
@@ -547,14 +567,14 @@ nsRange::CharacterDataChanged(nsIDocument* aDocument,
// that will be removed
nsIContent* removed = aInfo->mDetails->mNextSibling;
if (removed == mStartParent) {
- newStartOffset = static_cast<uint32_t>(mStartOffset) + aInfo->mChangeStart;
+ newStartOffset = mStartOffset + aInfo->mChangeStart;
newStartNode = aContent;
if (MOZ_UNLIKELY(removed == mRoot)) {
newRoot = IsValidBoundary(newStartNode);
}
}
if (removed == mEndParent) {
- newEndOffset = static_cast<uint32_t>(mEndOffset) + aInfo->mChangeStart;
+ newEndOffset = mEndOffset + aInfo->mChangeStart;
newEndNode = aContent;
if (MOZ_UNLIKELY(removed == mRoot)) {
newRoot = IsValidBoundary(newEndNode);
@@ -568,13 +588,13 @@ nsRange::CharacterDataChanged(nsIDocument* aDocument,
// point before the first child is never affected by normalize().)
nsINode* parentNode = aContent->GetParentNode();
if (parentNode == mStartParent && mStartOffset > 0 &&
- uint32_t(mStartOffset) < parentNode->GetChildCount() &&
+ mStartOffset < parentNode->GetChildCount() &&
removed == parentNode->GetChildAt(mStartOffset)) {
newStartNode = aContent;
newStartOffset = aInfo->mChangeStart;
}
if (parentNode == mEndParent && mEndOffset > 0 &&
- uint32_t(mEndOffset) < parentNode->GetChildCount() &&
+ mEndOffset < parentNode->GetChildCount() &&
removed == parentNode->GetChildAt(mEndOffset)) {
newEndNode = aContent;
newEndOffset = aInfo->mChangeEnd;
@@ -639,13 +659,19 @@ nsRange::ContentInserted(nsIDocument* aDocument,
nsINode* container = NODE_FROM(aContainer, aDocument);
// Adjust position if a sibling was inserted.
- if (container == mStartParent && aIndexInContainer < mStartOffset &&
+ if (container == mStartParent &&
+ (NS_WARN_IF(aIndexInContainer < 0) ||
+ static_cast<uint32_t>(aIndexInContainer) < mStartOffset) &&
!mStartOffsetWasIncremented) {
++mStartOffset;
+ MOZ_ASSERT(IsValidOffset(mStartOffset));
}
- if (container == mEndParent && aIndexInContainer < mEndOffset &&
+ if (container == mEndParent &&
+ (NS_WARN_IF(aIndexInContainer < 0) ||
+ static_cast<uint32_t>(aIndexInContainer) < mEndOffset) &&
!mEndOffsetWasIncremented) {
++mEndOffset;
+ MOZ_ASSERT(IsValidOffset(mEndOffset));
}
if (container->IsSelectionDescendant() &&
!aChild->IsDescendantOfCommonAncestorForRangeInSelection()) {
@@ -684,7 +710,7 @@ nsRange::ContentRemoved(nsIDocument* aDocument,
// Adjust position if a sibling was removed...
if (container == mStartParent) {
- if (aIndexInContainer < mStartOffset) {
+ if (aIndexInContainer < static_cast<int32_t>(mStartOffset)) {
--mStartOffset;
}
} else { // ...or gravitate if an ancestor was removed.
@@ -694,7 +720,7 @@ nsRange::ContentRemoved(nsIDocument* aDocument,
// Do same thing for end boundry.
if (container == mEndParent) {
- if (aIndexInContainer < mEndOffset) {
+ if (aIndexInContainer < static_cast<int32_t>(mEndOffset)) {
--mEndOffset;
}
} else if (didCheckStartParentDescendant && mStartParent == mEndParent) {
@@ -753,12 +779,15 @@ nsRange::ParentChainChanged(nsIContent *aContent)
* Utilities for comparing points: API from nsIDOMRange
******************************************************/
NS_IMETHODIMP
-nsRange::IsPointInRange(nsIDOMNode* aParent, int32_t aOffset, bool* aResult)
+nsRange::IsPointInRange(nsIDOMNode* aParent, uint32_t aOffset, bool* aResult)
{
nsCOMPtr<nsINode> parent = do_QueryInterface(aParent);
if (!parent) {
return NS_ERROR_DOM_NOT_OBJECT_ERR;
}
+ if (NS_WARN_IF(!IsValidOffset(aOffset))) {
+ return NS_ERROR_DOM_INDEX_SIZE_ERR;
+ }
ErrorResult rv;
*aResult = IsPointInRange(*parent, aOffset, rv);
@@ -781,7 +810,7 @@ nsRange::IsPointInRange(nsINode& aParent, uint32_t aOffset, ErrorResult& aRv)
// returns -1 if point is before range, 0 if point is in range,
// 1 if point is after range.
NS_IMETHODIMP
-nsRange::ComparePoint(nsIDOMNode* aParent, int32_t aOffset, int16_t* aResult)
+nsRange::ComparePoint(nsIDOMNode* aParent, uint32_t aOffset, int16_t* aResult)
{
nsCOMPtr<nsINode> parent = do_QueryInterface(aParent);
NS_ENSURE_TRUE(parent, NS_ERROR_DOM_HIERARCHY_REQUEST_ERR);
@@ -815,14 +844,18 @@ nsRange::ComparePoint(nsINode& aParent, uint32_t aOffset, ErrorResult& aRv)
return 0;
}
- int32_t cmp;
- if ((cmp = nsContentUtils::ComparePoints(&aParent, aOffset,
- mStartParent, mStartOffset)) <= 0) {
-
+ int32_t cmp =
+ nsContentUtils::ComparePoints(&aParent,
+ static_cast<int32_t>(aOffset),
+ mStartParent,
+ static_cast<int32_t>(mStartOffset));
+ if (cmp <= 0) {
return cmp;
}
- if (nsContentUtils::ComparePoints(mEndParent, mEndOffset,
- &aParent, aOffset) == -1) {
+ if (nsContentUtils::ComparePoints(mEndParent,
+ static_cast<int32_t>(mEndOffset),
+ &aParent,
+ static_cast<int32_t>(aOffset)) == -1) {
return 1;
}
@@ -865,12 +898,15 @@ nsRange::IntersectsNode(nsINode& aNode, ErrorResult& aRv)
// Steps 6-7.
// Note: if disconnected is true, ComparePoints returns 1.
bool disconnected = false;
- bool result = nsContentUtils::ComparePoints(mStartParent, mStartOffset,
- parent, nodeIndex + 1,
- &disconnected) < 0 &&
- nsContentUtils::ComparePoints(parent, nodeIndex,
- mEndParent, mEndOffset,
- &disconnected) < 0;
+ bool result =
+ nsContentUtils::ComparePoints(mStartParent,
+ static_cast<int32_t>(mStartOffset),
+ parent, nodeIndex + 1,
+ &disconnected) < 0 &&
+ nsContentUtils::ComparePoints(parent, nodeIndex,
+ mEndParent,
+ static_cast<int32_t>(mEndOffset),
+ &disconnected) < 0;
// Step 2.
if (disconnected) {
@@ -889,8 +925,8 @@ nsRange::IntersectsNode(nsINode& aNode, ErrorResult& aRv)
// Calling DoSetRange with either parent argument null will collapse
// the range to have both endpoints point to the other node
void
-nsRange::DoSetRange(nsINode* aStartN, int32_t aStartOffset,
- nsINode* aEndN, int32_t aEndOffset,
+nsRange::DoSetRange(nsINode* aStartN, uint32_t aStartOffset,
+ nsINode* aEndN, uint32_t aEndOffset,
nsINode* aRoot, bool aNotInsertedYet)
{
NS_PRECONDITION((aStartN && aEndN && aRoot) ||
@@ -916,6 +952,8 @@ nsRange::DoSetRange(nsINode* aStartN, int32_t aStartOffset,
/*For backward compatibility*/
aRoot->IsNodeOfType(nsINode::eCONTENT))),
"Bad root");
+ MOZ_ASSERT(IsValidOffset(aStartOffset));
+ MOZ_ASSERT(IsValidOffset(aEndOffset));
if (mRoot != aRoot) {
if (mRoot) {
@@ -1028,7 +1066,7 @@ nsRange::GetStartContainer(ErrorResult& aRv) const
}
NS_IMETHODIMP
-nsRange::GetStartOffset(int32_t* aStartOffset)
+nsRange::GetStartOffset(uint32_t* aStartOffset)
{
if (!mIsPositioned)
return NS_ERROR_NOT_INITIALIZED;
@@ -1070,7 +1108,7 @@ nsRange::GetEndContainer(ErrorResult& aRv) const
}
NS_IMETHODIMP
-nsRange::GetEndOffset(int32_t* aEndOffset)
+nsRange::GetEndOffset(uint32_t* aEndOffset)
{
if (!mIsPositioned)
return NS_ERROR_NOT_INITIALIZED;
@@ -1129,10 +1167,10 @@ nsRange::GetCommonAncestorContainer(nsIDOMNode** aCommonParent)
/* static */
bool
-nsRange::IsValidOffset(nsINode* aNode, int32_t aOffset)
+nsRange::IsValidOffset(nsINode* aNode, uint32_t aOffset)
{
return aNode &&
- aOffset >= 0 &&
+ IsValidOffset(aOffset) &&
static_cast<size_t>(aOffset) <= aNode->Length();
}
@@ -1196,7 +1234,7 @@ nsRange::SetStart(nsINode& aNode, uint32_t aOffset, ErrorResult& aRv)
}
NS_IMETHODIMP
-nsRange::SetStart(nsIDOMNode* aParent, int32_t aOffset)
+nsRange::SetStart(nsIDOMNode* aParent, uint32_t aOffset)
{
nsCOMPtr<nsINode> parent = do_QueryInterface(aParent);
if (!parent) {
@@ -1209,7 +1247,7 @@ nsRange::SetStart(nsIDOMNode* aParent, int32_t aOffset)
}
/* virtual */ nsresult
-nsRange::SetStart(nsINode* aParent, int32_t aOffset)
+nsRange::SetStart(nsINode* aParent, uint32_t aOffset)
{
nsINode* newRoot = IsValidBoundary(aParent);
if (!newRoot) {
@@ -1223,8 +1261,10 @@ nsRange::SetStart(nsINode* aParent, int32_t aOffset)
// Collapse if not positioned yet, if positioned in another doc or
// if the new start is after end.
if (!mIsPositioned || newRoot != mRoot ||
- nsContentUtils::ComparePoints(aParent, aOffset,
- mEndParent, mEndOffset) == 1) {
+ nsContentUtils::ComparePoints(aParent,
+ static_cast<int32_t>(aOffset),
+ mEndParent,
+ static_cast<int32_t>(mEndOffset)) == 1) {
DoSetRange(aParent, aOffset, aParent, aOffset, newRoot);
return NS_OK;
@@ -1245,7 +1285,10 @@ nsRange::SetStartBefore(nsINode& aNode, ErrorResult& aRv)
}
AutoInvalidateSelection atEndOfBlock(this);
- int32_t offset = -1;
+ // If the node is being removed from its parent, GetContainerAndOffsetBefore()
+ // returns nullptr. Then, SetStart() will throw
+ // NS_ERROR_DOM_INVALID_NODE_TYPE_ERR.
+ uint32_t offset = UINT32_MAX;
nsINode* parent = GetParentAndOffsetBefore(&aNode, &offset);
aRv = SetStart(parent, offset);
}
@@ -1273,7 +1316,10 @@ nsRange::SetStartAfter(nsINode& aNode, ErrorResult& aRv)
}
AutoInvalidateSelection atEndOfBlock(this);
- int32_t offset = -1;
+ // If the node is being removed from its parent, GetContainerAndOffsetAfter()
+ // returns nullptr. Then, SetStart() will throw
+ // NS_ERROR_DOM_INVALID_NODE_TYPE_ERR.
+ uint32_t offset = UINT32_MAX;
nsINode* parent = GetParentAndOffsetAfter(&aNode, &offset);
aRv = SetStart(parent, offset);
}
@@ -1304,7 +1350,7 @@ nsRange::SetEnd(nsINode& aNode, uint32_t aOffset, ErrorResult& aRv)
}
NS_IMETHODIMP
-nsRange::SetEnd(nsIDOMNode* aParent, int32_t aOffset)
+nsRange::SetEnd(nsIDOMNode* aParent, uint32_t aOffset)
{
nsCOMPtr<nsINode> parent = do_QueryInterface(aParent);
if (!parent) {
@@ -1317,7 +1363,7 @@ nsRange::SetEnd(nsIDOMNode* aParent, int32_t aOffset)
}
/* virtual */ nsresult
-nsRange::SetEnd(nsINode* aParent, int32_t aOffset)
+nsRange::SetEnd(nsINode* aParent, uint32_t aOffset)
{
nsINode* newRoot = IsValidBoundary(aParent);
if (!newRoot) {
@@ -1331,8 +1377,10 @@ nsRange::SetEnd(nsINode* aParent, int32_t aOffset)
// Collapse if not positioned yet, if positioned in another doc or
// if the new end is before start.
if (!mIsPositioned || newRoot != mRoot ||
- nsContentUtils::ComparePoints(mStartParent, mStartOffset,
- aParent, aOffset) == 1) {
+ nsContentUtils::ComparePoints(mStartParent,
+ static_cast<int32_t>(mStartOffset),
+ aParent,
+ static_cast<int32_t>(aOffset)) == 1) {
DoSetRange(aParent, aOffset, aParent, aOffset, newRoot);
return NS_OK;
@@ -1344,8 +1392,8 @@ nsRange::SetEnd(nsINode* aParent, int32_t aOffset)
}
nsresult
-nsRange::SetStartAndEnd(nsINode* aStartParent, int32_t aStartOffset,
- nsINode* aEndParent, int32_t aEndOffset)
+nsRange::SetStartAndEnd(nsINode* aStartParent, uint32_t aStartOffset,
+ nsINode* aEndParent, uint32_t aEndOffset)
{
if (NS_WARN_IF(!aStartParent) || NS_WARN_IF(!aEndParent)) {
return NS_ERROR_INVALID_ARG;
@@ -1390,8 +1438,10 @@ nsRange::SetStartAndEnd(nsINode* aStartParent, int32_t aStartOffset,
// If the end point is before the start point, this should be collapsed at
// the end point.
- if (nsContentUtils::ComparePoints(aStartParent, aStartOffset,
- aEndParent, aEndOffset) == 1) {
+ if (nsContentUtils::ComparePoints(aStartParent,
+ static_cast<int32_t>(aStartOffset),
+ aEndParent,
+ static_cast<int32_t>(aEndOffset)) == 1) {
DoSetRange(aEndParent, aEndOffset, aEndParent, aEndOffset, newEndRoot);
return NS_OK;
}
@@ -1411,7 +1461,10 @@ nsRange::SetEndBefore(nsINode& aNode, ErrorResult& aRv)
}
AutoInvalidateSelection atEndOfBlock(this);
- int32_t offset = -1;
+ // If the node is being removed from its parent, GetContainerAndOffsetBefore()
+ // returns nullptr. Then, SetEnd() will throw
+ // NS_ERROR_DOM_INVALID_NODE_TYPE_ERR.
+ uint32_t offset = UINT32_MAX;
nsINode* parent = GetParentAndOffsetBefore(&aNode, &offset);
aRv = SetEnd(parent, offset);
}
@@ -1439,7 +1492,10 @@ nsRange::SetEndAfter(nsINode& aNode, ErrorResult& aRv)
}
AutoInvalidateSelection atEndOfBlock(this);
- int32_t offset = -1;
+ // If the node is being removed from its parent, GetContainerAndOffsetAfter()
+ // returns nullptr. Then, SetEnd() will throw
+ // NS_ERROR_DOM_INVALID_NODE_TYPE_ERR.
+ uint32_t offset = UINT32_MAX;
nsINode* parent = GetParentAndOffsetAfter(&aNode, &offset);
aRv = SetEnd(parent, offset);
}
@@ -1500,7 +1556,9 @@ nsRange::SelectNode(nsINode& aNode, ErrorResult& aRv)
}
int32_t index = parent->IndexOf(&aNode);
- if (index < 0) {
+ if (NS_WARN_IF(index < 0) ||
+ !IsValidOffset(static_cast<uint32_t>(index)) ||
+ !IsValidOffset(static_cast<uint32_t>(index) + 1)) {
aRv.Throw(NS_ERROR_DOM_INVALID_NODE_TYPE_ERR);
return;
}
@@ -1949,9 +2007,9 @@ nsRange::CutContents(DocumentFragment** aFragment)
// of Range gravity during our edits!
nsCOMPtr<nsINode> startContainer = mStartParent;
- int32_t startOffset = mStartOffset;
+ uint32_t startOffset = mStartOffset;
nsCOMPtr<nsINode> endContainer = mEndParent;
- int32_t endOffset = mEndOffset;
+ uint32_t endOffset = mEndOffset;
if (retval) {
// For extractContents(), abort early if there's a doctype (bug 719533).
@@ -1962,10 +2020,12 @@ nsRange::CutContents(DocumentFragment** aFragment)
RefPtr<DocumentType> doctype = commonAncestorDocument->GetDoctype();
if (doctype &&
- nsContentUtils::ComparePoints(startContainer, startOffset,
+ nsContentUtils::ComparePoints(startContainer,
+ static_cast<int32_t>(startOffset),
doctype, 0) < 0 &&
nsContentUtils::ComparePoints(doctype, 0,
- endContainer, endOffset) < 0) {
+ endContainer,
+ static_cast<int32_t>(endOffset)) < 0) {
return NS_ERROR_DOM_HIERARCHY_REQUEST_ERR;
}
}
@@ -2060,8 +2120,7 @@ nsRange::CutContents(DocumentFragment** aFragment)
rv = charData->GetLength(&dataLength);
NS_ENSURE_SUCCESS(rv, rv);
- if (dataLength >= (uint32_t)startOffset)
- {
+ if (dataLength >= startOffset) {
nsMutationGuard guard;
nsCOMPtr<nsIDOMCharacterData> cutNode;
rv = SplitDataNode(charData, startOffset, getter_AddRefs(cutNode));
@@ -2077,22 +2136,17 @@ nsRange::CutContents(DocumentFragment** aFragment)
else if (node == endContainer)
{
// Delete or extract everything before endOffset.
-
- if (endOffset >= 0)
- {
- nsMutationGuard guard;
- nsCOMPtr<nsIDOMCharacterData> cutNode;
- /* The Range spec clearly states clones get cut and original nodes
- remain behind, so use false as the last parameter.
- */
- rv = SplitDataNode(charData, endOffset, getter_AddRefs(cutNode),
- false);
- NS_ENSURE_SUCCESS(rv, rv);
- NS_ENSURE_STATE(!guard.Mutated(1) ||
- ValidateCurrentNode(this, iter));
- nodeToResult = do_QueryInterface(cutNode);
- }
-
+ nsMutationGuard guard;
+ nsCOMPtr<nsIDOMCharacterData> cutNode;
+ /* The Range spec clearly states clones get cut and original nodes
+ remain behind, so use false as the last parameter.
+ */
+ rv = SplitDataNode(charData, endOffset, getter_AddRefs(cutNode),
+ false);
+ NS_ENSURE_SUCCESS(rv, rv);
+ NS_ENSURE_STATE(!guard.Mutated(1) ||
+ ValidateCurrentNode(this, iter));
+ nodeToResult = do_QueryInterface(cutNode);
handled = true;
}
}
@@ -2102,8 +2156,7 @@ nsRange::CutContents(DocumentFragment** aFragment)
if (node && node->IsElement() &&
((node == endContainer && endOffset == 0) ||
(node == startContainer &&
- int32_t(node->AsElement()->GetChildCount()) == startOffset)))
- {
+ node->AsElement()->GetChildCount() == startOffset))) {
if (retval) {
ErrorResult rv;
nodeToResult = node->CloneNode(false, rv);
@@ -2248,7 +2301,7 @@ nsRange::CompareBoundaryPoints(uint16_t aHow, nsRange& aOtherRange,
}
nsINode *ourNode, *otherNode;
- int32_t ourOffset, otherOffset;
+ uint32_t ourOffset, otherOffset;
switch (aHow) {
case nsIDOMRange::START_TO_START:
@@ -2286,8 +2339,10 @@ nsRange::CompareBoundaryPoints(uint16_t aHow, nsRange& aOtherRange,
return 0;
}
- return nsContentUtils::ComparePoints(ourNode, ourOffset,
- otherNode, otherOffset);
+ return nsContentUtils::ComparePoints(ourNode,
+ static_cast<int32_t>(ourOffset),
+ otherNode,
+ static_cast<int32_t>(otherOffset));
}
/* static */ nsresult
@@ -2404,8 +2459,7 @@ nsRange::CloneContents(ErrorResult& aRv)
bool deepClone = !node->IsElement() ||
(!(node == mEndParent && mEndOffset == 0) &&
!(node == mStartParent &&
- mStartOffset ==
- int32_t(node->AsElement()->GetChildCount())));
+ mStartOffset == node->AsElement()->GetChildCount()));
// Clone the current subtree!
@@ -2435,7 +2489,7 @@ nsRange::CloneContents(ErrorResult& aRv)
return nullptr;
}
- if (dataLength > (uint32_t)mEndOffset)
+ if (dataLength > mEndOffset)
{
aRv = charData->DeleteData(mEndOffset, dataLength - mEndOffset);
if (aRv.Failed()) {
@@ -2593,7 +2647,7 @@ nsRange::InsertNode(nsINode& aNode, ErrorResult& aRv)
return;
}
- int32_t tStartOffset = StartOffset();
+ uint32_t tStartOffset = StartOffset();
nsCOMPtr<nsINode> tStartContainer = GetStartContainer(aRv);
if (aRv.Failed()) {
@@ -2654,18 +2708,20 @@ nsRange::InsertNode(nsINode& aNode, ErrorResult& aRv)
// We might need to update the end to include the new node (bug 433662).
// Ideally we'd only do this if needed, but it's tricky to know when it's
// needed in advance (bug 765799).
- int32_t newOffset;
+ uint32_t newOffset;
if (referenceNode) {
- newOffset = IndexOf(referenceNode);
+ int32_t indexInParent = IndexOf(referenceNode);
+ if (NS_WARN_IF(indexInParent < 0)) {
+ aRv.Throw(NS_ERROR_FAILURE);
+ return;
+ }
+ newOffset = static_cast<uint32_t>(indexInParent);
} else {
- uint32_t length;
- aRv = tChildList->GetLength(&length);
+ aRv = tChildList->GetLength(&newOffset);
if (aRv.Failed()) {
return;
}
-
- newOffset = length;
}
if (aNode.NodeType() == nsIDOMNode::DOCUMENT_FRAGMENT_NODE) {
@@ -3021,10 +3077,15 @@ static nsresult GetPartialTextRect(nsLayoutUtils::RectCallback* aCallback,
nsRange::CollectClientRectsAndText(nsLayoutUtils::RectCallback* aCollector,
mozilla::dom::DOMStringList* aTextList,
nsRange* aRange,
- nsINode* aStartParent, int32_t aStartOffset,
- nsINode* aEndParent, int32_t aEndOffset,
+ nsINode* aStartParent, uint32_t aStartOffset,
+ nsINode* aEndParent, uint32_t aEndOffset,
bool aClampToEdge, bool aFlushLayout)
{
+ // Currently, this method is called with start of end offset of nsRange.
+ // So, they must be between 0 - INT32_MAX.
+ MOZ_ASSERT(IsValidOffset(aStartOffset));
+ MOZ_ASSERT(IsValidOffset(aEndOffset));
+
// Hold strong pointers across the flush
nsCOMPtr<nsINode> startContainer = aStartParent;
nsCOMPtr<nsINode> endContainer = aEndParent;
@@ -3055,13 +3116,15 @@ nsRange::CollectClientRectsAndText(nsLayoutUtils::RectCallback* aCollector,
if (textFrame) {
int32_t outOffset;
nsIFrame* outFrame;
- textFrame->GetChildFrameContainingOffset(aStartOffset, false,
- &outOffset, &outFrame);
+ textFrame->GetChildFrameContainingOffset(
+ static_cast<int32_t>(aStartOffset), false,
+ &outOffset, &outFrame);
if (outFrame) {
nsIFrame* relativeTo =
nsLayoutUtils::GetContainingBlockForClientRect(outFrame);
nsRect r = outFrame->GetRectRelativeToSelf();
- ExtractRectFromOffset(outFrame, aStartOffset, &r, false, aClampToEdge);
+ ExtractRectFromOffset(outFrame, static_cast<int32_t>(aStartOffset),
+ &r, false, aClampToEdge);
r.width = 0;
r = nsLayoutUtils::TransformFrameRectToAncestor(outFrame, r, relativeTo);
aCollector->AddRect(r);
@@ -3080,12 +3143,14 @@ nsRange::CollectClientRectsAndText(nsLayoutUtils::RectCallback* aCollector,
if (content->IsNodeOfType(nsINode::eTEXT)) {
if (node == startContainer) {
int32_t offset = startContainer == endContainer ?
- aEndOffset : content->GetText()->GetLength();
- GetPartialTextRect(aCollector, aTextList, content, aStartOffset, offset,
+ static_cast<int32_t>(aEndOffset) : content->GetText()->GetLength();
+ GetPartialTextRect(aCollector, aTextList, content,
+ static_cast<int32_t>(aStartOffset), offset,
aClampToEdge, aFlushLayout);
continue;
} else if (node == endContainer) {
- GetPartialTextRect(aCollector, aTextList, content, 0, aEndOffset,
+ GetPartialTextRect(aCollector, aTextList, content,
+ 0, static_cast<int32_t>(aEndOffset),
aClampToEdge, aFlushLayout);
continue;
}
@@ -3462,7 +3527,7 @@ ElementIsVisibleNoFlush(Element* aElement)
static void
AppendTransformedText(InnerTextAccumulator& aResult,
nsGenericDOMDataNode* aTextNode,
- int32_t aStart, int32_t aEnd)
+ uint32_t aStart, uint32_t aEnd)
{
nsIFrame* frame = aTextNode->GetPrimaryFrame();
if (!IsVisibleAndNotInReplacedElement(frame)) {
@@ -3571,7 +3636,7 @@ nsRange::GetInnerTextNoFlush(DOMString& aValue, ErrorResult& aError,
if (aEndParent->IsNodeOfType(nsINode::eTEXT)) {
endState = AT_NODE;
} else {
- if (uint32_t(aEndOffset) < aEndParent->GetChildCount()) {
+ if (aEndOffset < aEndParent->GetChildCount()) {
endNode = aEndParent->GetChildAt(aEndOffset);
endState = AT_NODE;
}
diff --git a/dom/base/nsRange.h b/dom/base/nsRange.h
index 70911338d..30c17a254 100644
--- a/dom/base/nsRange.h
+++ b/dom/base/nsRange.h
@@ -46,14 +46,14 @@ class nsRange final : public nsIDOMRange,
public:
explicit nsRange(nsINode* aNode);
- static nsresult CreateRange(nsIDOMNode* aStartParent, int32_t aStartOffset,
- nsIDOMNode* aEndParent, int32_t aEndOffset,
+ static nsresult CreateRange(nsIDOMNode* aStartParent, uint32_t aStartOffset,
+ nsIDOMNode* aEndParent, uint32_t aEndOffset,
nsRange** aRange);
- static nsresult CreateRange(nsIDOMNode* aStartParent, int32_t aStartOffset,
- nsIDOMNode* aEndParent, int32_t aEndOffset,
+ static nsresult CreateRange(nsIDOMNode* aStartParent, uint32_t aStartOffset,
+ nsIDOMNode* aEndParent, uint32_t aEndOffset,
nsIDOMRange** aRange);
- static nsresult CreateRange(nsINode* aStartParent, int32_t aStartOffset,
- nsINode* aEndParent, int32_t aEndOffset,
+ static nsresult CreateRange(nsINode* aStartParent, uint32_t aStartOffset,
+ nsINode* aEndParent, uint32_t aEndOffset,
nsRange** aRange);
NS_DECL_CYCLE_COLLECTING_ISUPPORTS
@@ -91,12 +91,12 @@ public:
return mEndParent;
}
- int32_t StartOffset() const
+ uint32_t StartOffset() const
{
return mStartOffset;
}
- int32_t EndOffset() const
+ uint32_t EndOffset() const
{
return mEndOffset;
}
@@ -155,8 +155,8 @@ public:
* When you set both start and end of a range, you should use
* SetStartAndEnd() instead.
*/
- nsresult SetStart(nsINode* aParent, int32_t aOffset);
- nsresult SetEnd(nsINode* aParent, int32_t aOffset);
+ nsresult SetStart(nsINode* aParent, uint32_t aOffset);
+ nsresult SetEnd(nsINode* aParent, uint32_t aOffset);
already_AddRefed<nsRange> CloneRange() const;
@@ -168,15 +168,15 @@ public:
* collapsed at the end point. Similarly, if they are in different root,
* the range will be collapsed at the end point.
*/
- nsresult SetStartAndEnd(nsINode* aStartParent, int32_t aStartOffset,
- nsINode* aEndParent, int32_t aEndOffset);
+ nsresult SetStartAndEnd(nsINode* aStartParent, uint32_t aStartOffset,
+ nsINode* aEndParent, uint32_t aEndOffset);
/**
* CollapseTo() works similar to call both SetStart() and SetEnd() with
* same node and offset. This just calls SetStartAndParent() to set
* collapsed range at aParent and aOffset.
*/
- nsresult CollapseTo(nsINode* aParent, int32_t aOffset)
+ nsresult CollapseTo(nsINode* aParent, uint32_t aOffset)
{
return SetStartAndEnd(aParent, aOffset, aParent, aOffset);
}
@@ -185,23 +185,36 @@ public:
* Retrieves node and offset for setting start or end of a range to
* before or after aNode.
*/
- static nsINode* GetParentAndOffsetAfter(nsINode* aNode, int32_t* aOffset)
+ static nsINode* GetParentAndOffsetAfter(nsINode* aNode, uint32_t* aOffset)
{
MOZ_ASSERT(aNode);
MOZ_ASSERT(aOffset);
+ *aOffset = 0;
nsINode* parentNode = aNode->GetParentNode();
- *aOffset = parentNode ? parentNode->IndexOf(aNode) : -1;
- if (*aOffset >= 0) {
- (*aOffset)++;
+ if (!parentNode) {
+ return nullptr;
}
+ int32_t indexInParent = parentNode->IndexOf(aNode);
+ if (NS_WARN_IF(indexInParent < 0)) {
+ return nullptr;
+ }
+ *aOffset = static_cast<uint32_t>(indexInParent) + 1;
return parentNode;
}
- static nsINode* GetParentAndOffsetBefore(nsINode* aNode, int32_t* aOffset)
+ static nsINode* GetParentAndOffsetBefore(nsINode* aNode, uint32_t* aOffset)
{
MOZ_ASSERT(aNode);
MOZ_ASSERT(aOffset);
+ *aOffset = 0;
nsINode* parentNode = aNode->GetParentNode();
- *aOffset = parentNode ? parentNode->IndexOf(aNode) : -1;
+ if (!parentNode) {
+ return nullptr;
+ }
+ int32_t indexInParent = parentNode->IndexOf(aNode);
+ if (NS_WARN_IF(indexInParent < 0)) {
+ return nullptr;
+ }
+ *aOffset = static_cast<uint32_t>(indexInParent);
return parentNode;
}
@@ -316,8 +329,8 @@ public:
static void CollectClientRectsAndText(nsLayoutUtils::RectCallback* aCollector,
mozilla::dom::DOMStringList* aTextList,
nsRange* aRange,
- nsINode* aStartParent, int32_t aStartOffset,
- nsINode* aEndParent, int32_t aEndOffset,
+ nsINode* aStartParent, uint32_t aStartOffset,
+ nsINode* aEndParent, uint32_t aEndOffset,
bool aClampToEdge, bool aFlushLayout);
/**
@@ -338,14 +351,25 @@ protected:
void RegisterCommonAncestor(nsINode* aNode);
void UnregisterCommonAncestor(nsINode* aNode);
nsINode* IsValidBoundary(nsINode* aNode);
- static bool IsValidOffset(nsINode* aNode, int32_t aOffset);
+
+ /**
+ * XXX nsRange should accept 0 - UINT32_MAX as offset. However, users of
+ * nsRange treat offset as int32_t. Additionally, some other internal
+ * APIs like nsINode::IndexOf() use int32_t. Therefore, nsRange should
+ * accept only 0 - INT32_MAX as valid offset for now.
+ */
+ static bool IsValidOffset(uint32_t aOffset)
+ {
+ return aOffset <= INT32_MAX;
+ }
+ static bool IsValidOffset(nsINode* aNode, uint32_t aOffset);
// CharacterDataChanged set aNotInsertedYet to true to disable an assertion
// and suppress re-registering a range common ancestor node since
// the new text node of a splitText hasn't been inserted yet.
// CharacterDataChanged does the re-registering when needed.
- void DoSetRange(nsINode* aStartN, int32_t aStartOffset,
- nsINode* aEndN, int32_t aEndOffset,
+ void DoSetRange(nsINode* aStartN, uint32_t aStartOffset,
+ nsINode* aEndN, uint32_t aEndOffset,
nsINode* aRoot, bool aNotInsertedYet = false);
/**
@@ -393,8 +417,8 @@ protected:
nsCOMPtr<nsINode> mStartParent;
nsCOMPtr<nsINode> mEndParent;
RefPtr<mozilla::dom::Selection> mSelection;
- int32_t mStartOffset;
- int32_t mEndOffset;
+ uint32_t mStartOffset;
+ uint32_t mEndOffset;
bool mIsPositioned : 1;
bool mMaySpanAnonymousSubtrees : 1;
diff --git a/dom/html/HTMLMediaElement.cpp b/dom/html/HTMLMediaElement.cpp
index 05eaf3e8b..cbb86edac 100644
--- a/dom/html/HTMLMediaElement.cpp
+++ b/dom/html/HTMLMediaElement.cpp
@@ -5631,7 +5631,7 @@ nsIContent* HTMLMediaElement::GetNextSource()
"Should only iterate over direct children");
#endif
- int32_t startOffset = 0;
+ uint32_t startOffset = 0;
rv = mSourcePointer->GetStartOffset(&startOffset);
NS_ENSURE_SUCCESS(rv, nullptr);
diff --git a/dom/interfaces/range/nsIDOMRange.idl b/dom/interfaces/range/nsIDOMRange.idl
index 2dc40ac98..7c74ddaf2 100644
--- a/dom/interfaces/range/nsIDOMRange.idl
+++ b/dom/interfaces/range/nsIDOMRange.idl
@@ -16,14 +16,14 @@
interface nsIDOMRange : nsISupports
{
readonly attribute nsIDOMNode startContainer;
- readonly attribute long startOffset;
+ readonly attribute unsigned long startOffset;
readonly attribute nsIDOMNode endContainer;
- readonly attribute long endOffset;
+ readonly attribute unsigned long endOffset;
readonly attribute boolean collapsed;
readonly attribute nsIDOMNode commonAncestorContainer;
- void setStart(in nsIDOMNode refNode, in long offset);
- void setEnd(in nsIDOMNode refNode, in long offset);
+ void setStart(in nsIDOMNode refNode, in unsigned long offset);
+ void setEnd(in nsIDOMNode refNode, in unsigned long offset);
void setStartBefore(in nsIDOMNode refNode);
void setStartAfter(in nsIDOMNode refNode);
void setEndBefore(in nsIDOMNode refNode);
@@ -56,14 +56,14 @@ interface nsIDOMRange : nsISupports
// This returns true if parent+offset equals either
// of the boundary points or is between them.
boolean isPointInRange(in nsIDOMNode parent,
- in long offset);
+ in unsigned long offset);
// comparePoint returns
// -1 if point is before the start boundary point,
// 0 if point is either of the boundary points or between them,
// 1 if point is after the end boundary point.
// Sort of a strcmp for ranges.
- short comparePoint(in nsIDOMNode parent, in long offset);
+ short comparePoint(in nsIDOMNode parent, in unsigned long offset);
/**
* Returns whether the range intersects node.