From 5890aebcd013c54724d818781463cc9c50b8218e Mon Sep 17 00:00:00 2001 From: Daniel Holbert Date: Wed, 23 Apr 2025 09:44:00 +0000 Subject: [PATCH] Bug 1961975: Gracefully handle nsIFrame::GetContent() being null in SVGObserverUtils.cpp. r=emilio nsPageFrame is one example of a frame with a null mContent pointer that can have a CSS filter applied (making it hit the SVGFilterObserverListForCSSProp code in this patch). So we need to allow for the possibility that mContent could be nullptr. Differential Revision: https://phabricator.services.mozilla.com/D246368 --- layout/svg/SVGObserverUtils.cpp | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/layout/svg/SVGObserverUtils.cpp b/layout/svg/SVGObserverUtils.cpp index b74f5f72692c..14a5732ccbef 100644 --- a/layout/svg/SVGObserverUtils.cpp +++ b/layout/svg/SVGObserverUtils.cpp @@ -495,6 +495,18 @@ void SVGIDRenderingObserver::OnRenderingChange() { } } +// Convenience function to return aFrame->GetContent() as an Element* if the +// content pointer is non-null (or just return nullptr otherwise). +// (AsElement itself isn't callable on null pointers.) +static Element* GetFrameContentAsElement(nsIFrame* aFrame) { + MOZ_ASSERT(aFrame, "Expecting a non-null frame"); + auto* content = aFrame->GetContent(); + if (content) { + return content->AsElement(); + } + return nullptr; +} + class SVGRenderingObserverProperty : public SVGIDRenderingObserver { public: NS_DECL_ISUPPORTS @@ -504,7 +516,7 @@ class SVGRenderingObserverProperty : public SVGIDRenderingObserver { uint32_t aCallbacks = kAttributeChanged | kContentAppended | kContentInserted | kContentWillBeRemoved, TargetIsValidCallback aTargetIsValidCallback = nullptr) - : SVGIDRenderingObserver(aReference, aFrame->GetContent()->AsElement(), + : SVGIDRenderingObserver(aReference, GetFrameContentAsElement(aFrame), aReferenceImage, aCallbacks, aTargetIsValidCallback), mFrameReference(aFrame) {} @@ -935,7 +947,7 @@ class SVGFilterObserverListForCSSProp final : public SVGFilterObserverList { SVGFilterObserverListForCSSProp(Span aFilters, nsIFrame* aFilteredFrame) : SVGFilterObserverList(aFilters, - aFilteredFrame->GetContent()->AsElement(), + GetFrameContentAsElement(aFilteredFrame), aFilteredFrame) {} protected: @@ -1080,7 +1092,7 @@ class SVGTemplateElementObserver : public SVGIDRenderingObserver { SVGTemplateElementObserver(SVGReference* aReference, nsIFrame* aFrame, bool aReferenceImage) - : SVGIDRenderingObserver(aReference, aFrame->GetContent()->AsElement(), + : SVGIDRenderingObserver(aReference, GetFrameContentAsElement(aFrame), aReferenceImage, kAttributeChanged | kContentAppended | kContentInserted | kContentWillBeRemoved), @@ -1752,8 +1764,8 @@ SVGPaintServerFrame* SVGObserverUtils::GetAndObservePaintServer( } void SVGObserverUtils::UpdateEffects(nsIFrame* aFrame) { - NS_ASSERTION(aFrame->GetContent()->IsElement(), - "aFrame's content should be an element"); + NS_ASSERTION(!aFrame->GetContent() || aFrame->GetContent()->IsElement(), + "aFrame's content (if non-null) should be an element"); aFrame->RemoveProperty(BackdropFilterProperty()); aFrame->RemoveProperty(FilterProperty());