Title: [88652] trunk
- Revision
- 88652
- Author
- [email protected]
- Date
- 2011-06-13 10:59:28 -0700 (Mon, 13 Jun 2011)
Log Message
2011-06-13 Tim Horton <[email protected]>
Reviewed by Simon Fraser.
REGRESSION(87152): Crash on page with svg fonts
https://bugs.webkit.org/show_bug.cgi?id=61556
We can't assume that the parent of a SVG-font-styled
text node won't be an anonymous block.
Test: svg/text/text-font-anonymous-parent.xhtml
* rendering/svg/SVGTextRunRenderingContext.cpp:
(WebCore::firstParentRendererForNonTextNode):
(WebCore::SVGTextRunWalker::walk):
(WebCore::floatWidthOfSubStringUsingSVGFont):
(WebCore::SVGTextRunRenderingContext::drawTextUsingSVGFont):
Modified Paths
Added Paths
Diff
Added: trunk/LayoutTests/svg/text/text-font-anonymous-parent-expected.txt (0 => 88652)
--- trunk/LayoutTests/svg/text/text-font-anonymous-parent-expected.txt (rev 0)
+++ trunk/LayoutTests/svg/text/text-font-anonymous-parent-expected.txt 2011-06-13 17:59:28 UTC (rev 88652)
@@ -0,0 +1,3 @@
+This test is to ensure that we do not crash when applying an SVG font to a text node with an anonymous parent. It passes if it does not crash.
+!
+!
Added: trunk/LayoutTests/svg/text/text-font-anonymous-parent.xhtml (0 => 88652)
--- trunk/LayoutTests/svg/text/text-font-anonymous-parent.xhtml (rev 0)
+++ trunk/LayoutTests/svg/text/text-font-anonymous-parent.xhtml 2011-06-13 17:59:28 UTC (rev 88652)
@@ -0,0 +1,18 @@
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <script>
+ if (window.layoutTestController)
+ layoutTestController.dumpAsText();
+ </script>
+ <body>
+ This test is to ensure that we do not crash when applying an SVG font to a text node with an anonymous parent. It passes if it does not crash.
+ <svg xmlns="http://www.w3.org/2000/svg" style="display: none;">
+ <defs>
+ <font id="ValidTestFont" horiz-adv-x="450" >
+ <font-face font-family="ValidTestFont" />
+ <glyph glyph-name="exclam" unicode="!" horiz-adv-x="350" d="M 100 100 L 100 300 L 300 300 L 300 100 z" />
+ </font>
+ </defs>
+ </svg>
+ <div style="font-family: ValidTestFont">!<div>!</div></div>
+ </body>
+</html>
Modified: trunk/Source/WebCore/ChangeLog (88651 => 88652)
--- trunk/Source/WebCore/ChangeLog 2011-06-13 17:49:03 UTC (rev 88651)
+++ trunk/Source/WebCore/ChangeLog 2011-06-13 17:59:28 UTC (rev 88652)
@@ -1,3 +1,21 @@
+2011-06-13 Tim Horton <[email protected]>
+
+ Reviewed by Simon Fraser.
+
+ REGRESSION(87152): Crash on page with svg fonts
+ https://bugs.webkit.org/show_bug.cgi?id=61556
+
+ We can't assume that the parent of a SVG-font-styled
+ text node won't be an anonymous block.
+
+ Test: svg/text/text-font-anonymous-parent.xhtml
+
+ * rendering/svg/SVGTextRunRenderingContext.cpp:
+ (WebCore::firstParentRendererForNonTextNode):
+ (WebCore::SVGTextRunWalker::walk):
+ (WebCore::floatWidthOfSubStringUsingSVGFont):
+ (WebCore::SVGTextRunRenderingContext::drawTextUsingSVGFont):
+
2011-06-13 Tony Chang <[email protected]>
Reviewed by Adam Barth.
Modified: trunk/Source/WebCore/rendering/svg/SVGTextRunRenderingContext.cpp (88651 => 88652)
--- trunk/Source/WebCore/rendering/svg/SVGTextRunRenderingContext.cpp 2011-06-13 17:49:03 UTC (rev 88651)
+++ trunk/Source/WebCore/rendering/svg/SVGTextRunRenderingContext.cpp 2011-06-13 17:59:28 UTC (rev 88652)
@@ -76,8 +76,6 @@
{
ASSERT(renderer);
RenderObject* newRenderer = renderer->isText() ? renderer->parent() : renderer;
- ASSERT(newRenderer->node());
- ASSERT(newRenderer->node()->isElementNode());
return newRenderer;
}
@@ -131,7 +129,7 @@
bool haveAltGlyph = false;
SVGGlyph altGlyphIdentifier;
Node* node = parentRenderObject->node();
- if (node->hasTagName(SVGNames::altGlyphTag)) {
+ if (node && node->hasTagName(SVGNames::altGlyphTag)) {
if (SVGGlyphElement* glyphElement = static_cast<SVGAltGlyphElement*>(node)->glyphElement()) {
haveAltGlyph = true;
altGlyphIdentifier = glyphElement->buildGlyphIdentifier();
@@ -267,9 +265,12 @@
data.length = 0.0f;
RenderObject* renderObject = referencingRenderObjectFromRun(run);
- RenderObject* parentRenderObject = firstParentRendererForNonTextNode(renderObject);
+ RenderObject* parentRenderObject = firstParentRendererForNonTextNode(renderObject);
- String language = toElement(parentRenderObject->node())->getAttribute(XMLNames::langAttr);
+ String language;
+ if (SVGElement* element = static_cast<SVGElement*>(parentRenderObject->node()))
+ language = element->getAttribute(XMLNames::langAttr);
+
bool isVerticalText = isVerticalWritingMode(parentRenderObject->style()->svgStyle());
SVGTextRunWalker<SVGTextRunWalkerMeasuredLengthData> runWalker(fontData, fontElement, data, floatWidthUsingSVGFontCallback, floatWidthMissingGlyphCallback);
@@ -348,8 +349,9 @@
float xStartOffset = floatWidthOfSubStringUsingSVGFont(font, run, 0, run.rtl() ? to : 0, run.rtl() ? run.length() : from, charsConsumed, glyphName);
FloatPoint glyphOrigin;
- Node* node = parentRenderObject->node();
- String language = toElement(node)->getAttribute(XMLNames::langAttr);
+ String language;
+ if (SVGElement* element = static_cast<SVGElement*>(parentRenderObject->node()))
+ language = element->getAttribute(XMLNames::langAttr);
RenderStyle* parentRenderObjectStyle = parentRenderObject->style();
bool isVerticalText = isVerticalWritingMode(parentRenderObjectStyle->svgStyle());
_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes
