[SCM] WebKit Debian packaging branch, debian/experimental, updated. upstream/1.3.3-9427-gc2be6fc
inferno at chromium.org
inferno at chromium.org
Wed Dec 22 16:29:50 UTC 2010
The following commit has been merged in the debian/experimental branch:
commit ac7f400cf5f8a101348b3ca0c8844ce6d6f308c8
Author: inferno at chromium.org <inferno at chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Wed Nov 24 18:13:25 2010 +0000
2010-11-24 Cris Neckar <cdn at chromium.org>
Reviewed by Adam Barth.
Added check when parsing local fonts to ensure that a value's unit type is either string or ident.
https://bugs.webkit.org/show_bug.cgi?id=49883
Test: fast/css/local_font_invalid.html
* css/CSSParser.cpp:
(WebCore::CSSParser::parseFontFaceSrc):
2010-11-24 Cris Neckar <cdn at chromium.org>
Reviewed by Adam Barth.
Test for crash with invalid local fonts.
https://bugs.webkit.org/show_bug.cgi?id=49883
* fast/css/local_font_invalid-expected.txt: Added.
* fast/css/local_font_invalid.html: Added.
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@72685 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
index 954b2ab..de19485 100644
--- a/LayoutTests/ChangeLog
+++ b/LayoutTests/ChangeLog
@@ -1,3 +1,13 @@
+2010-11-24 Cris Neckar <cdn at chromium.org>
+
+ Reviewed by Adam Barth.
+
+ Test for crash with invalid local fonts.
+ https://bugs.webkit.org/show_bug.cgi?id=49883
+
+ * fast/css/local_font_invalid-expected.txt: Added.
+ * fast/css/local_font_invalid.html: Added.
+
2010-11-24 Andrey Kosyakov <caseq at chromium.org>
Reviewed by Pavel Feldman.
diff --git a/LayoutTests/compositing/overflow/get-transform-from-non-box-container-expected.txt b/LayoutTests/fast/css/local_font_invalid-expected.txt
similarity index 100%
copy from LayoutTests/compositing/overflow/get-transform-from-non-box-container-expected.txt
copy to LayoutTests/fast/css/local_font_invalid-expected.txt
diff --git a/LayoutTests/fast/css/local_font_invalid.html b/LayoutTests/fast/css/local_font_invalid.html
new file mode 100644
index 0000000..35198fd
--- /dev/null
+++ b/LayoutTests/fast/css/local_font_invalid.html
@@ -0,0 +1,10 @@
+<html>
+<script>
+ if (layoutTestController)
+ layoutTestController.dumpAsText();
+</script>
+ <body>
+ <h1 id=1 style="src: local(2097153)" />
+ PASS
+ </body>
+</html>
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index fcc74ab..a3cfe54 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,15 @@
+2010-11-24 Cris Neckar <cdn at chromium.org>
+
+ Reviewed by Adam Barth.
+
+ Added check when parsing local fonts to ensure that a value's unit type is either string or ident.
+ https://bugs.webkit.org/show_bug.cgi?id=49883
+
+ Test: fast/css/local_font_invalid.html
+
+ * css/CSSParser.cpp:
+ (WebCore::CSSParser::parseFontFaceSrc):
+
2010-11-24 Pavel Feldman <pfeldman at chromium.org>
Reviewed by Yury Semikhatsky.
diff --git a/WebCore/css/CSSParser.cpp b/WebCore/css/CSSParser.cpp
index 7b34ef7..3d22897 100644
--- a/WebCore/css/CSSParser.cpp
+++ b/WebCore/css/CSSParser.cpp
@@ -3630,7 +3630,7 @@ bool CSSParser::parseFontFaceSrc()
// There are two allowed functions: local() and format().
CSSParserValueList* args = val->function->args.get();
if (args && args->size() == 1) {
- if (equalIgnoringCase(val->function->name, "local(") && !expectComma) {
+ if (equalIgnoringCase(val->function->name, "local(") && !expectComma && (args->current()->unit == CSSPrimitiveValue::CSS_STRING || args->current()->unit == CSSPrimitiveValue::CSS_IDENT)) {
expectComma = true;
allowFormat = false;
CSSParserValue* a = args->current();
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list