[SCM] WebKit Debian packaging branch, debian/experimental, updated. upstream/1.3.3-9427-gc2be6fc
simon.fraser at apple.com
simon.fraser at apple.com
Wed Dec 22 15:27:04 UTC 2010
The following commit has been merged in the debian/experimental branch:
commit 46484e1ad8c80431a49a124fc59478ec5c7b26a9
Author: simon.fraser at apple.com <simon.fraser at apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Wed Nov 3 20:58:55 2010 +0000
2010-11-03 Simon Fraser <simon.fraser at apple.com>
Reviewed by John Sullivan.
Crash when setting context font to bad value
https://bugs.webkit.org/show_bug.cgi?id=48948
Null-check the CSSValue passed to CSSStyleSelector::applyPropertyToStyle(),
since it may be null if the style declaration does not contain a value
for the 'font' property.
Test: fast/canvas/invalid-set-font-crash.html
* css/CSSStyleSelector.cpp:
(WebCore::CSSStyleSelector::applyPropertyToStyle):
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@71266 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
index 9209429..7bc8248 100644
--- a/LayoutTests/ChangeLog
+++ b/LayoutTests/ChangeLog
@@ -1,3 +1,13 @@
+2010-11-03 Simon Fraser <simon.fraser at apple.com>
+
+ Reviewed by John Sullivan.
+
+ Crash when setting context font to bad value
+ https://bugs.webkit.org/show_bug.cgi?id=48948
+
+ * fast/canvas/invalid-set-font-crash-expected.txt: Added.
+ * fast/canvas/invalid-set-font-crash.html: Added.
+
2010-11-03 Adam Roben <aroben at apple.com>
Skip a test that is probably causing the next test to assert
diff --git a/LayoutTests/compositing/images/content-image-expected.txt b/LayoutTests/fast/canvas/invalid-set-font-crash-expected.txt
similarity index 100%
copy from LayoutTests/compositing/images/content-image-expected.txt
copy to LayoutTests/fast/canvas/invalid-set-font-crash-expected.txt
diff --git a/LayoutTests/fast/canvas/invalid-set-font-crash.html b/LayoutTests/fast/canvas/invalid-set-font-crash.html
new file mode 100644
index 0000000..1e04bf7
--- /dev/null
+++ b/LayoutTests/fast/canvas/invalid-set-font-crash.html
@@ -0,0 +1,19 @@
+<html>
+<head>
+ <script type="text/javascript">
+ if (window.layoutTestController)
+ layoutTestController.dumpAsText();
+
+ function init()
+ {
+ var ctx = document.getElementById("canvas").getContext("2d");
+ ctx.font = "font-family: Helvetica; font-size: 48pt; font-color: #000000";
+ ctx.fillText("Hello world", 10, 200);
+ }
+ </script>
+</head>
+<body onload="init()">
+ <p>This test should not crash.</p>
+ <canvas id="canvas" height="300" width="300"></canvas>
+</body>
+</html>
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index b0e0233..57b2e9b 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,19 @@
+2010-11-03 Simon Fraser <simon.fraser at apple.com>
+
+ Reviewed by John Sullivan.
+
+ Crash when setting context font to bad value
+ https://bugs.webkit.org/show_bug.cgi?id=48948
+
+ Null-check the CSSValue passed to CSSStyleSelector::applyPropertyToStyle(),
+ since it may be null if the style declaration does not contain a value
+ for the 'font' property.
+
+ Test: fast/canvas/invalid-set-font-crash.html
+
+ * css/CSSStyleSelector.cpp:
+ (WebCore::CSSStyleSelector::applyPropertyToStyle):
+
2010-11-03 Mike Thole <mthole at apple.com>
Reviewed by Alexey Proskuryakov.
diff --git a/WebCore/css/CSSStyleSelector.cpp b/WebCore/css/CSSStyleSelector.cpp
index d3eedb6..0447f1e 100644
--- a/WebCore/css/CSSStyleSelector.cpp
+++ b/WebCore/css/CSSStyleSelector.cpp
@@ -3093,7 +3093,8 @@ void CSSStyleSelector::applyPropertyToStyle(int id, CSSValue *value, RenderStyle
initElement(0);
initForStyleResolve(0, style);
m_style = style;
- applyProperty(id, value);
+ if (value)
+ applyProperty(id, value);
}
inline bool isValidVisitedLinkProperty(int id)
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list