Gabriel Li created WEEX-217:
-------------------------------
Summary: WXTransform should not crash while parsing 'translate(0)'
Key: WEEX-217
URL: https://issues.apache.org/jira/browse/WEEX-217
Project: Weex
Issue Type: Bug
Components: iOS
Reporter: Gabriel Li
Assignee: Adam Feng
According to the latest published W3C specification about [CSS
Transforms|https://www.w3.org/TR/css-transforms-1/)]:
{code:java}
translate() = translate( <length-percentage> [, <length-percentage> ]? )
specifies a 2D translation by the vector [tx, ty], where tx is the first
translation-value parameter and ty is the optional second translation-value
parameter. If <ty> is not provided, ty has zero as a value.
{code}
, _translate(tx)_ is equal to _translate(tx, 0)_. In the previous _version of
Weex_, we removed the array length check in method [WXTransform parseTranslate:]
{code:java}
- (void)parseTranslate:(NSArray *)value
{
[self parseTranslatex:@[value[0]]];
[self parseTranslatey:@[value[1]]];
}{code}
so if the parser encounter a '_translate(0)_', the array contains only one
single value inside, parseTranslate will fetch the element at index 1 from the
array, which causes a typical _out-of-bounds_ exception, and lead to an app
crash eventually.
As we known in many js packing procedures, '_translate(x, 0)_' will be
compressed/minified to the form 'translate(x)', Weex should avoid such
inconsistent implementations and conforms the W3C specifications.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
