Ignore the invalid offset instead of crash

Bug: 1496460 Change-Id: I1c8d74dfd9bb9e7923a8aed86b08da8b34beb152 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4984492 Reviewed-by: Jinsuk Kim <jinsukkim@chromium.org> Commit-Queue: Gang Wu <gangwu@chromium.org> Cr-Commit-Position: refs/heads/main@{#1216733}
chromium · Oct 30, 2023 · 9397594 · 9397594
1 parent a7969b7
commit 9397594
Showing 1 changed file with 2 additions and 7 deletions.
diff --git a/content/browser/android/selection/selection_popup_controller.cc b/content/browser/android/selection/selection_popup_controller.cc
@@ -19,7 +19,6 @@
 #include "content/public/android/content_jni_headers/SelectionPopupControllerImpl_jni.h"
 #include "content/public/browser/context_menu_params.h"
 #include "content/public/common/content_features.h"
-#include "mojo/public/cpp/bindings/message.h"
 #include "third_party/blink/public/common/context_menu_data/edit_flags.h"
 #include "third_party/blink/public/mojom/context_menu/context_menu.mojom.h"
 #include "third_party/blink/public/mojom/input/input_handler.mojom-blink.h"
@@ -278,15 +277,11 @@ void SelectionPopupController::OnSelectAroundCaretAck(
   if (obj.is_null()) {
     return;
   }
-  if (result.is_null()) {
+  if (result.is_null() || !IsOffsetAdjustValid(startOffset, endOffset,
+                                               surroundingTextLength, result)) {
     Java_SelectionPopupControllerImpl_onSelectAroundCaretFailure(env, obj);
     return;
   }
-  if (!IsOffsetAdjustValid(startOffset, endOffset, surroundingTextLength,
-                           result)) {
-    mojo::ReportBadMessage("SelectAroundCaretResult's offset is invalid.");
-    return;
-  }
 
   Java_SelectionPopupControllerImpl_onSelectAroundCaretSuccess(
       env, obj, result->extended_start_adjust, result->extended_end_adjust,