From 90d884a150e7b281231566381c220563cac278ab Mon Sep 17 00:00:00 2001
From: Jelle Raaijmakers <jelle@ladybird.org>
Date: Mon, 2 Dec 2024 16:40:44 +0100
Subject: [PATCH] LibWeb: Prevent crash when editing outside of <body>

Step 9 of this algorithm might end up at the document node, which does
not have a parent.
---
 Libraries/LibWeb/Editing/Commands.cpp | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/Libraries/LibWeb/Editing/Commands.cpp b/Libraries/LibWeb/Editing/Commands.cpp
index 4348d1ef1d2..64f62a5640b 100644
--- a/Libraries/LibWeb/Editing/Commands.cpp
+++ b/Libraries/LibWeb/Editing/Commands.cpp
@@ -203,6 +203,11 @@ bool command_delete_action(DOM::Document& document, String const&)
 
     // 9. Repeat the following steps:
     while (true) {
+        // AD-HOC: If start node is not a Node, return false. This prevents a crash by dereferencing a null pointer in
+        //         step 1 below. Edits outside of <body> might be prohibited: https://github.com/w3c/editing/issues/405
+        if (!start_node)
+            return false;
+
         // 1. If start offset is zero, set start offset to the index of start node and then set
         //    start node to its parent.
         if (start_offset == 0) {