Skip to site navigation (Press enter)

[webkit-changes] [124065] branches/safari-536.26-branch

lforschler Mon, 30 Jul 2012 11:44:38 -0700

Title: [124065] branches/safari-536.26-branch

Revision: 124065
Author: [email protected]
Date: 2012-07-30 11:44:44 -0700 (Mon, 30 Jul 2012)

Log Message

Merged r117289.  <rdar://problem/11932472>


Modified Paths

branches/safari-536.26-branch/LayoutTests/ChangeLog
branches/safari-536.26-branch/Source/WebCore/ChangeLog
branches/safari-536.26-branch/Source/WebCore/svg/SVGSVGElement.cpp


Added Paths

branches/safari-536.26-branch/LayoutTests/svg/custom/intersection-list-null-expected.txt
branches/safari-536.26-branch/LayoutTests/svg/custom/intersection-list-null.svg

Diff

Modified: branches/safari-536.26-branch/LayoutTests/ChangeLog (124064 => 124065)


--- branches/safari-536.26-branch/LayoutTests/ChangeLog	2012-07-30 18:39:53 UTC (rev 124064)
+++ branches/safari-536.26-branch/LayoutTests/ChangeLog	2012-07-30 18:44:44 UTC (rev 124065)
@@ -1,5 +1,22 @@
 2012-07-30  Lucas Forschler  <[email protected]>
 
+    Merge 117289
+
+    2012-05-16  Rob Buis  <[email protected]>
+
+            SVGSVGElement checkIntersection and checkEnclosure Mem corruption
+            https://bugs.webkit.org/show_bug.cgi?id=67923
+
+            Reviewed by Nikolas Zimmermann.
+
+            Add test to check that checkIntersection/checkEnclosure do not
+            crash when null is used for the element parameter.
+
+            * svg/custom/intersection-list-null-expected.txt: Added.
+            * svg/custom/intersection-list-null.svg: Added.
+
+2012-07-30  Lucas Forschler  <[email protected]>
+
     Merge 117161
 
     2012-05-15  Abhishek Arya  <[email protected]>

Copied: branches/safari-536.26-branch/LayoutTests/svg/custom/intersection-list-null-expected.txt (from rev 117289, trunk/LayoutTests/svg/custom/intersection-list-null-expected.txt) (0 => 124065)


--- branches/safari-536.26-branch/LayoutTests/svg/custom/intersection-list-null-expected.txt	                        (rev 0)
+++ branches/safari-536.26-branch/LayoutTests/svg/custom/intersection-list-null-expected.txt	2012-07-30 18:44:44 UTC (rev 124065)
@@ -0,0 +1 @@
+PASS

Copied: branches/safari-536.26-branch/LayoutTests/svg/custom/intersection-list-null.svg (from rev 117289, trunk/LayoutTests/svg/custom/intersection-list-null.svg) (0 => 124065)


--- branches/safari-536.26-branch/LayoutTests/svg/custom/intersection-list-null.svg	                        (rev 0)
+++ branches/safari-536.26-branch/LayoutTests/svg/custom/intersection-list-null.svg	2012-07-30 18:44:44 UTC (rev 124065)
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<svg id="root" xmlns="http://www.w3.org/2000/svg" _onload_="runTest()">
+  <script>
+    function runTest() {
+        if (window.layoutTestController)
+            layoutTestController.dumpAsText();
+        var root = document.documentElement;
+        root.checkIntersection(null, root.createSVGRect());
+        root.checkEnclosure(null, root.createSVGRect());
+    }
+  </script>
+  <!-- This test passes if it does not crash. -->
+  <text>PASS</text>
+</svg>

Modified: branches/safari-536.26-branch/Source/WebCore/ChangeLog (124064 => 124065)


--- branches/safari-536.26-branch/Source/WebCore/ChangeLog	2012-07-30 18:39:53 UTC (rev 124064)
+++ branches/safari-536.26-branch/Source/WebCore/ChangeLog	2012-07-30 18:44:44 UTC (rev 124065)
@@ -1,5 +1,24 @@
 2012-07-30  Lucas Forschler  <[email protected]>
 
+    Merge 117289
+
+    2012-05-16  Rob Buis  <[email protected]>
+
+            SVGSVGElement checkIntersection and checkEnclosure Mem corruption
+            https://bugs.webkit.org/show_bug.cgi?id=67923
+
+            Reviewed by Nikolas Zimmermann.
+
+            Only call checkIntersection/checkEnclosure when we have a valid renderer.
+
+            Test: svg/custom/intersection-list-null.svg
+
+            * svg/SVGSVGElement.cpp:
+            (WebCore::SVGSVGElement::checkIntersection):
+            (WebCore::SVGSVGElement::checkEnclosure):
+
+2012-07-30  Lucas Forschler  <[email protected]>
+
     Merge 117161
 
     2012-05-15  Abhishek Arya  <[email protected]>

Modified: branches/safari-536.26-branch/Source/WebCore/svg/SVGSVGElement.cpp (124064 => 124065)


--- branches/safari-536.26-branch/Source/WebCore/svg/SVGSVGElement.cpp	2012-07-30 18:39:53 UTC (rev 124064)
+++ branches/safari-536.26-branch/Source/WebCore/svg/SVGSVGElement.cpp	2012-07-30 18:44:44 UTC (rev 124065)
@@ -371,11 +371,15 @@
 
 bool SVGSVGElement::checkIntersection(SVGElement* element, const FloatRect& rect) const
 {
+    if (!element)
+        return false;
     return RenderSVGModelObject::checkIntersection(element->renderer(), rect);
 }
 
 bool SVGSVGElement::checkEnclosure(SVGElement* element, const FloatRect& rect) const
 {
+    if (!element)
+        return false;
     return RenderSVGModelObject::checkEnclosure(element->renderer(), rect);
 }

_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo/webkit-changes