Title: [178268] releases/WebKitGTK/webkit-2.6
- Revision
- 178268
- Author
- carlo...@webkit.org
- Date
- 2015-01-12 08:50:53 -0800 (Mon, 12 Jan 2015)
Log Message
Merge r176454 - Crash when setting 'font' CSS property to 'calc(2 * 3)'
https://bugs.webkit.org/show_bug.cgi?id=138933
Reviewed by Darin Adler.
Source/WebCore:
The CSS Parser was not handling calculated values when parsing the font
weight. This would lead us to hit an assertion when parsing a font
property whose weight is set to a calculated value.
This patch updates parseFontWeight() to properly handle calculated
values.
Test: fast/css/font-calculated-value.html
* css/CSSParser.cpp:
(WebCore::CSSParser::parseFontWeight):
LayoutTests:
Add a layout test to cover the case where the 'font' CSS property is
set to a value whose weight is a calculated value, to make sure it
does not crash and behaves as intended.
* fast/css/font-calculated-value-expected.txt: Added.
* fast/css/font-calculated-value.html: Added.
Modified Paths
Added Paths
Diff
Modified: releases/WebKitGTK/webkit-2.6/LayoutTests/ChangeLog (178267 => 178268)
--- releases/WebKitGTK/webkit-2.6/LayoutTests/ChangeLog 2015-01-12 16:47:11 UTC (rev 178267)
+++ releases/WebKitGTK/webkit-2.6/LayoutTests/ChangeLog 2015-01-12 16:50:53 UTC (rev 178268)
@@ -1,3 +1,17 @@
+2014-11-21 Chris Dumez <cdu...@apple.com>
+
+ Crash when setting 'font' CSS property to 'calc(2 * 3)'
+ https://bugs.webkit.org/show_bug.cgi?id=138933
+
+ Reviewed by Darin Adler.
+
+ Add a layout test to cover the case where the 'font' CSS property is
+ set to a value whose weight is a calculated value, to make sure it
+ does not crash and behaves as intended.
+
+ * fast/css/font-calculated-value-expected.txt: Added.
+ * fast/css/font-calculated-value.html: Added.
+
2014-11-20 Zalan Bujtas <za...@apple.com>
REGRESSION (174986): CSS clip property is ignored when border-radius is present.
Added: releases/WebKitGTK/webkit-2.6/LayoutTests/fast/css/font-calculated-value-expected.txt (0 => 178268)
--- releases/WebKitGTK/webkit-2.6/LayoutTests/fast/css/font-calculated-value-expected.txt (rev 0)
+++ releases/WebKitGTK/webkit-2.6/LayoutTests/fast/css/font-calculated-value-expected.txt 2015-01-12 16:50:53 UTC (rev 178268)
@@ -0,0 +1,13 @@
+Tests assigning a calculated value to 'font' CSS property.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS testDiv.style['font'] is ""
+testDiv.style['font'] = 'italic small-caps calc(100 * 9) 12px arial'
+PASS testDiv.style['font'] is "italic small-caps 900 12px arial"
+PASS window.getComputedStyle(testDiv).getPropertyValue('font') is "italic small-caps 900 12px/normal arial"
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
Added: releases/WebKitGTK/webkit-2.6/LayoutTests/fast/css/font-calculated-value.html (0 => 178268)
--- releases/WebKitGTK/webkit-2.6/LayoutTests/fast/css/font-calculated-value.html (rev 0)
+++ releases/WebKitGTK/webkit-2.6/LayoutTests/fast/css/font-calculated-value.html 2015-01-12 16:50:53 UTC (rev 178268)
@@ -0,0 +1,17 @@
+<!DOCTYPE html>
+<body>
+<script src=""
+<div id="testDiv""></div>
+<script>
+description("Tests assigning a calculated value to 'font' CSS property.");
+
+var testDiv = document.getElementById("testDiv");
+
+shouldBeEmptyString("testDiv.style['font']");
+evalAndLog("testDiv.style['font'] = 'italic small-caps calc(100 * 9) 12px arial'");
+shouldBeEqualToString("testDiv.style['font']", "italic small-caps 900 12px arial");
+shouldBeEqualToString("window.getComputedStyle(testDiv).getPropertyValue('font')", "italic small-caps 900 12px/normal arial");
+
+</script>
+<script src=""
+</body>
Modified: releases/WebKitGTK/webkit-2.6/Source/WebCore/ChangeLog (178267 => 178268)
--- releases/WebKitGTK/webkit-2.6/Source/WebCore/ChangeLog 2015-01-12 16:47:11 UTC (rev 178267)
+++ releases/WebKitGTK/webkit-2.6/Source/WebCore/ChangeLog 2015-01-12 16:50:53 UTC (rev 178268)
@@ -1,3 +1,22 @@
+2014-11-21 Chris Dumez <cdu...@apple.com>
+
+ Crash when setting 'font' CSS property to 'calc(2 * 3)'
+ https://bugs.webkit.org/show_bug.cgi?id=138933
+
+ Reviewed by Darin Adler.
+
+ The CSS Parser was not handling calculated values when parsing the font
+ weight. This would lead us to hit an assertion when parsing a font
+ property whose weight is set to a calculated value.
+
+ This patch updates parseFontWeight() to properly handle calculated
+ values.
+
+ Test: fast/css/font-calculated-value.html
+
+ * css/CSSParser.cpp:
+ (WebCore::CSSParser::parseFontWeight):
+
2014-11-20 Zalan Bujtas <za...@apple.com>
REGRESSION (174986): CSS clip property is ignored when border-radius is present.
Modified: releases/WebKitGTK/webkit-2.6/Source/WebCore/css/CSSParser.cpp (178267 => 178268)
--- releases/WebKitGTK/webkit-2.6/Source/WebCore/css/CSSParser.cpp 2015-01-12 16:47:11 UTC (rev 178267)
+++ releases/WebKitGTK/webkit-2.6/Source/WebCore/css/CSSParser.cpp 2015-01-12 16:50:53 UTC (rev 178268)
@@ -6430,7 +6430,7 @@
return true;
}
if (validUnit(value, FInteger | FNonNeg, CSSQuirksMode)) {
- int weight = static_cast<int>(value->fValue);
+ int weight = static_cast<int>(parsedDouble(value, ReleaseParsedCalcValue));
if (!(weight % 100) && weight >= 100 && weight <= 900) {
addProperty(CSSPropertyFontWeight, cssValuePool().createIdentifierValue(createFontWeightValueKeyword(weight)), important);
return true;
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
