[SCM] WebKit Debian packaging branch, webkit-1.1, updated. upstream/1.1.17-1283-gcf603cf

eric at webkit.org eric at webkit.org
Tue Jan 5 23:53:20 UTC 2010 

The following commit has been merged in the webkit-1.1 branch:
commit 2f0a76a45a8f6c13ce1bd3620a4d0eb1cf44836b
Author: eric at webkit.org <eric at webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date:   Fri Dec 18 06:12:35 2009 +0000

    2009-12-17  Justin Schuh  <jschuh at chromium.org>
    
            Reviewed by Dan Bernstein.
    
            Bug 32357: SVG test case crashes WebKit (invalid font URL)
            https://bugs.webkit.org/show_bug.cgi?id=32357
    
            Added check for NULL return value from DocLoader::requestFont()
    
            * svg/text/text-font-uri-invalid-expected.txt: Added.
            * svg/text/text-font-uri-invalid.svg: Added.
    2009-12-17  Justin Schuh  <jschuh at chromium.org>
    
            Reviewed by Dan Bernstein.
    
            Bug 32357: SVG test case crashes WebKit (invalid font URL)
            https://bugs.webkit.org/show_bug.cgi?id=32357
    
            Added check for NULL return value from DocLoader::requestFont()
    
            * svg/SVGFontFaceUriElement.cpp:
            (WebCore::SVGFontFaceUriElement::loadFont):
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@52300 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
index b839819..ac94ce7 100644
--- a/LayoutTests/ChangeLog
+++ b/LayoutTests/ChangeLog
@@ -1,3 +1,15 @@
+2009-12-17  Justin Schuh  <jschuh at chromium.org>
+
+        Reviewed by Dan Bernstein.
+
+        Bug 32357: SVG test case crashes WebKit (invalid font URL)
+        https://bugs.webkit.org/show_bug.cgi?id=32357
+
+        Added check for NULL return value from DocLoader::requestFont()
+
+        * svg/text/text-font-uri-invalid-expected.txt: Added.
+        * svg/text/text-font-uri-invalid.svg: Added.
+
 2009-12-17  Shinichiro Hamaji  <hamaji at chromium.org>
 
         Reviewed by Dan Bernstein.
diff --git a/LayoutTests/svg/text/text-font-uri-invalid-expected.txt b/LayoutTests/svg/text/text-font-uri-invalid-expected.txt
new file mode 100644
index 0000000..5f7dc29
--- /dev/null
+++ b/LayoutTests/svg/text/text-font-uri-invalid-expected.txt
@@ -0,0 +1,3 @@
+This test is to ensure that we do not crash when loading a SVG image with an invalid font-face-uri
+PASS: Did not crash when rendering the SVG image.
+
diff --git a/LayoutTests/svg/text/text-font-uri-invalid.svg b/LayoutTests/svg/text/text-font-uri-invalid.svg
new file mode 100644
index 0000000..44ce028
--- /dev/null
+++ b/LayoutTests/svg/text/text-font-uri-invalid.svg
@@ -0,0 +1,29 @@
+<html xmlns="http://www.w3.org/1999/xhtml">  
+  <body>
+    This test is to ensure that we do not crash when loading a SVG image with an invalid font-face-uri
+    <div id="log"><span style='color: red;'>FAIL:</span> Did not complete test</div>
+    <svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1">
+      <g>
+        <defs>
+          <font-face>
+            <font-face-src>
+              <font-face-uri xlink:href="http://1234123!%#$!%#$%"/>
+            </font-face-src>
+          </font-face>
+        </defs>
+      </g>
+    </svg>
+    <script>
+        if (window.layoutTestController)
+            layoutTestController.dumpAsText();
+        var log = document.getElementById("log");
+        while (log.childNodes.length)
+            log.removeChild(log.firstChild);
+        var msg = document.createElementNS("http://www.w3.org/1999/xhtml", "span");
+        msg.style.color = "green";
+        msg.appendChild(document.createTextNode("PASS:"));
+        log.appendChild(msg);
+        log.appendChild(document.createTextNode(" Did not crash when rendering the SVG image."));
+    </script>
+  </body>
+</html>
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index dd318a1..3b55a2e 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,15 @@
+2009-12-17  Justin Schuh  <jschuh at chromium.org>
+
+        Reviewed by Dan Bernstein.
+
+        Bug 32357: SVG test case crashes WebKit (invalid font URL)
+        https://bugs.webkit.org/show_bug.cgi?id=32357
+
+        Added check for NULL return value from DocLoader::requestFont()
+
+        * svg/SVGFontFaceUriElement.cpp:
+        (WebCore::SVGFontFaceUriElement::loadFont):
+
 2009-12-17  Shinichiro Hamaji  <hamaji at chromium.org>
 
         Reviewed by Dan Bernstein.
diff --git a/WebCore/svg/SVGFontFaceUriElement.cpp b/WebCore/svg/SVGFontFaceUriElement.cpp
index 096f0c2..bfcda70 100644
--- a/WebCore/svg/SVGFontFaceUriElement.cpp
+++ b/WebCore/svg/SVGFontFaceUriElement.cpp
@@ -91,9 +91,11 @@ void SVGFontFaceUriElement::loadFont()
     if (!href.isNull()) {        
         DocLoader* docLoader = document()->docLoader();
         m_cachedFont = docLoader->requestFont(href);
-        m_cachedFont->setSVGFont(true);
-        m_cachedFont->addClient(this);
-        m_cachedFont->beginLoadIfNeeded(docLoader);
+        if (m_cachedFont) {
+            m_cachedFont->setSVGFont(true);
+            m_cachedFont->addClient(this);
+            m_cachedFont->beginLoadIfNeeded(docLoader);
+        }
     } else
         m_cachedFont = 0;
 }

-- 
WebKit Debian packaging

More information about the Pkg-webkit-commits mailing list