Branch: refs/heads/webkitglib/2.40
Home: https://github.com/WebKit/WebKit
Commit: 65b6e65017be1193706c8e3f38e5f4de57dd1ec6
https://github.com/WebKit/WebKit/commit/65b6e65017be1193706c8e3f38e5f4de57dd1ec6
Author: Vitaly Dyachkov <[email protected]>
Date: 2023-02-27 (Mon, 27 Feb 2023)
Changed paths:
M LayoutTests/platform/gtk/TestExpectations
M Source/WebCore/rendering/style/RenderStyleConstants.h
Log Message:
-----------
Cherry-pick 260882@main (1516848f1a90).
https://bugs.webkit.org/show_bug.cgi?id=229740
[WPE][GTK] Prevent HarfBuzz advance overflow
https://bugs.webkit.org/show_bug.cgi?id=229740
Reviewed by Carlos Garcia Campos.
When taking the complex text path we get glyph advances by calling
`hb_buffer_get_glyph_positions`.
HarfBuzz uses `hb_position_t` aka `int32_t` type to store advances and
offset,
where the first 16 bits are used to store the integer part and the second
16 bits to store the fractional precision part. Since this type is singed
we are left with only 15 bits for maximum positive advance value which gives
us 32767 or `std::numeric_limits<short>::max()`.
Fixes `fast/box-shadow/box-shadow-huge-area-crash.html`.
* LayoutTests/platform/gtk/TestExpectations:
* Source/WebCore/rendering/style/RenderStyleConstants.h:
Canonical link: https://commits.webkit.org/260882@main
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
