Title: [226372] trunk
- Revision
- 226372
- Author
- an...@apple.com
- Date
- 2018-01-03 13:21:09 -0800 (Wed, 03 Jan 2018)
Log Message
Crash beneath CSSValue::equals @ csas.cz
https://bugs.webkit.org/show_bug.cgi?id=181243
<rdar://problem/35990826>
Reviewed by Alex Christensen.
Source/WebCore:
Test: fast/text/oblique-degree-equals-crash.html
* css/CSSFontStyleValue.cpp:
(WebCore::CSSFontStyleValue::equals const):
Null check both oblique pointers.
LayoutTests:
* fast/text/oblique-degree-equals-crash-expected.txt: Added.
* fast/text/oblique-degree-equals-crash.html: Added.
Modified Paths
Added Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (226371 => 226372)
--- trunk/LayoutTests/ChangeLog 2018-01-03 20:17:12 UTC (rev 226371)
+++ trunk/LayoutTests/ChangeLog 2018-01-03 21:21:09 UTC (rev 226372)
@@ -1,3 +1,14 @@
+2018-01-03 Antti Koivisto <an...@apple.com>
+
+ Crash beneath CSSValue::equals @ csas.cz
+ https://bugs.webkit.org/show_bug.cgi?id=181243
+ <rdar://problem/35990826>
+
+ Reviewed by Alex Christensen.
+
+ * fast/text/oblique-degree-equals-crash-expected.txt: Added.
+ * fast/text/oblique-degree-equals-crash.html: Added.
+
2018-01-03 Joseph Pecoraro <pecor...@apple.com>
Web Inspector: Slow open time enumerating system fonts (FontCache::systemFontFamilies)
Added: trunk/LayoutTests/fast/text/oblique-degree-equals-crash-expected.txt (0 => 226372)
--- trunk/LayoutTests/fast/text/oblique-degree-equals-crash-expected.txt (rev 0)
+++ trunk/LayoutTests/fast/text/oblique-degree-equals-crash-expected.txt 2018-01-03 21:21:09 UTC (rev 226372)
@@ -0,0 +1,2 @@
+This test passes if it doesn't crash.
+
Added: trunk/LayoutTests/fast/text/oblique-degree-equals-crash.html (0 => 226372)
--- trunk/LayoutTests/fast/text/oblique-degree-equals-crash.html (rev 0)
+++ trunk/LayoutTests/fast/text/oblique-degree-equals-crash.html 2018-01-03 21:21:09 UTC (rev 226372)
@@ -0,0 +1,9 @@
+<script>
+if (window.testRunner)
+ testRunner.dumpAsText();
+</script>
+This test passes if it doesn't crash.
+<div id=a style="font-style: oblique 10deg"><div>
+<script>
+a.style.fontStyle = "oblique";
+</script>
Modified: trunk/Source/WebCore/ChangeLog (226371 => 226372)
--- trunk/Source/WebCore/ChangeLog 2018-01-03 20:17:12 UTC (rev 226371)
+++ trunk/Source/WebCore/ChangeLog 2018-01-03 21:21:09 UTC (rev 226372)
@@ -1,3 +1,18 @@
+2018-01-03 Antti Koivisto <an...@apple.com>
+
+ Crash beneath CSSValue::equals @ csas.cz
+ https://bugs.webkit.org/show_bug.cgi?id=181243
+ <rdar://problem/35990826>
+
+ Reviewed by Alex Christensen.
+
+ Test: fast/text/oblique-degree-equals-crash.html
+
+ * css/CSSFontStyleValue.cpp:
+ (WebCore::CSSFontStyleValue::equals const):
+
+ Null check both oblique pointers.
+
2018-01-03 Joseph Pecoraro <pecor...@apple.com>
Web Inspector: Slow open time enumerating system fonts (FontCache::systemFontFamilies)
Modified: trunk/Source/WebCore/css/CSSFontStyleValue.cpp (226371 => 226372)
--- trunk/Source/WebCore/css/CSSFontStyleValue.cpp 2018-01-03 20:17:12 UTC (rev 226371)
+++ trunk/Source/WebCore/css/CSSFontStyleValue.cpp 2018-01-03 21:21:09 UTC (rev 226372)
@@ -44,10 +44,10 @@
bool CSSFontStyleValue::equals(const CSSFontStyleValue& other) const
{
- if (!obliqueValue)
+ if (!obliqueValue && !other.obliqueValue)
return fontStyleValue.get() == other.fontStyleValue.get();
return fontStyleValue.get() == other.fontStyleValue.get()
- && *obliqueValue == *other.obliqueValue;
+ && obliqueValue && other.obliqueValue && *obliqueValue == *other.obliqueValue;
}
}
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes