- Revision
- 178628
- Author
- [email protected]
- Date
- 2015-01-17 14:51:47 -0800 (Sat, 17 Jan 2015)
Log Message
[SVG -> OTF Converter] Crashes when SVG font is invalid
https://bugs.webkit.org/show_bug.cgi?id=140378
Reviewed by Antti Koivisto.
Because CachedSVGFonts are cached, they have to be able to be used
in subsequent documents regardless how the first document left it.
Tests: fast/css/font-face-svg-decoding-error.html
svg/custom/svg-fonts-in-html.html
svg/text/text-overflow-ellipsis-svgfont-kerning-ligatures.html
* loader/cache/CachedFont.cpp:
(WebCore::CachedFont::ensureCustomFontData):
* loader/cache/CachedFont.h:
* loader/cache/CachedSVGFont.cpp:
(WebCore::CachedSVGFont::getFontData):
(WebCore::CachedSVGFont::ensureCustomFontData):
(WebCore::CachedSVGFont::maybeInitializeExternalSVGFontElement):
* loader/cache/CachedSVGFont.h:
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (178627 => 178628)
--- trunk/Source/WebCore/ChangeLog 2015-01-17 17:18:23 UTC (rev 178627)
+++ trunk/Source/WebCore/ChangeLog 2015-01-17 22:51:47 UTC (rev 178628)
@@ -1,3 +1,26 @@
+2015-01-17 Myles C. Maxfield <[email protected]>
+
+ [SVG -> OTF Converter] Crashes when SVG font is invalid
+ https://bugs.webkit.org/show_bug.cgi?id=140378
+
+ Reviewed by Antti Koivisto.
+
+ Because CachedSVGFonts are cached, they have to be able to be used
+ in subsequent documents regardless how the first document left it.
+
+ Tests: fast/css/font-face-svg-decoding-error.html
+ svg/custom/svg-fonts-in-html.html
+ svg/text/text-overflow-ellipsis-svgfont-kerning-ligatures.html
+
+ * loader/cache/CachedFont.cpp:
+ (WebCore::CachedFont::ensureCustomFontData):
+ * loader/cache/CachedFont.h:
+ * loader/cache/CachedSVGFont.cpp:
+ (WebCore::CachedSVGFont::getFontData):
+ (WebCore::CachedSVGFont::ensureCustomFontData):
+ (WebCore::CachedSVGFont::maybeInitializeExternalSVGFontElement):
+ * loader/cache/CachedSVGFont.h:
+
2015-01-17 Chris Dumez <[email protected]>
Converting time, angle and frequency units in CSS calc() function
Modified: trunk/Source/WebCore/loader/cache/CachedFont.cpp (178627 => 178628)
--- trunk/Source/WebCore/loader/cache/CachedFont.cpp 2015-01-17 17:18:23 UTC (rev 178627)
+++ trunk/Source/WebCore/loader/cache/CachedFont.cpp 2015-01-17 22:51:47 UTC (rev 178628)
@@ -94,13 +94,13 @@
bool CachedFont::ensureCustomFontData(bool, const AtomicString&)
{
- return ensureCustomFontData(m_data.copyRef());
+ return ensureCustomFontData(m_data.get());
}
-bool CachedFont::ensureCustomFontData(RefPtr<SharedBuffer>&& data)
+bool CachedFont::ensureCustomFontData(SharedBuffer* data)
{
if (!m_fontData && !errorOccurred() && !isLoading() && data) {
- RefPtr<SharedBuffer> buffer = data;
+ RefPtr<SharedBuffer> buffer(data);
#if (!PLATFORM(MAC) || __MAC_OS_X_VERSION_MIN_REQUIRED <= 1090) && (!PLATFORM(IOS) || __IPHONE_OS_VERSION_MIN_REQUIRED < 80000)
if (isWOFF(buffer.get())) {
Modified: trunk/Source/WebCore/loader/cache/CachedFont.h (178627 => 178628)
--- trunk/Source/WebCore/loader/cache/CachedFont.h 2015-01-17 17:18:23 UTC (rev 178627)
+++ trunk/Source/WebCore/loader/cache/CachedFont.h 2015-01-17 22:51:47 UTC (rev 178628)
@@ -57,7 +57,7 @@
protected:
FontPlatformData platformDataFromCustomData(float size, bool bold, bool italic, FontOrientation = Horizontal, FontWidthVariant = RegularWidth, FontRenderingMode = NormalRenderingMode);
- bool ensureCustomFontData(RefPtr<SharedBuffer>&& data);
+ bool ensureCustomFontData(SharedBuffer* data);
private:
virtual void checkNotify() override;
Modified: trunk/Source/WebCore/loader/cache/CachedSVGFont.cpp (178627 => 178628)
--- trunk/Source/WebCore/loader/cache/CachedSVGFont.cpp 2015-01-17 17:18:23 UTC (rev 178627)
+++ trunk/Source/WebCore/loader/cache/CachedSVGFont.cpp 2015-01-17 22:51:47 UTC (rev 178628)
@@ -53,13 +53,16 @@
PassRefPtr<SimpleFontData> CachedSVGFont::getFontData(const FontDescription& fontDescription, const AtomicString& remoteURI, bool syntheticBold, bool syntheticItalic, bool externalSVG)
{
-#if !ENABLE(SVG_OTF_CONVERTER)
+#if ENABLE(SVG_OTF_CONVERTER)
+ if (!externalSVG || firstFontFace(remoteURI))
+ return CachedFont::getFontData(fontDescription, remoteURI, syntheticBold, syntheticItalic, externalSVG);
+#else
if (!externalSVG)
-#endif
return CachedFont::getFontData(fontDescription, remoteURI, syntheticBold, syntheticItalic, externalSVG);
if (SVGFontFaceElement* firstFontFace = this->firstFontFace(remoteURI))
return SimpleFontData::create(std::make_unique<SVGFontData>(firstFontFace), fontDescription.computedPixelSize(), syntheticBold, syntheticItalic);
+#endif
return nullptr;
}
@@ -79,21 +82,31 @@
m_externalSVGDocument = SVGDocument::create(nullptr, URL());
RefPtr<TextResourceDecoder> decoder = TextResourceDecoder::create("application/xml");
m_externalSVGDocument->setContent(decoder->decodeAndFlush(m_data->data(), m_data->size()));
+#if !ENABLE(SVG_OTF_CONVERTER)
if (decoder->sawError())
m_externalSVGDocument = nullptr;
-#if ENABLE(SVG_OTF_CONVERTER)
- firstFontFace(remoteURI); // Sets m_externalSVGFontElement
- if (m_externalSVGFontElement) {
- Vector<char> convertedFont = convertSVGToOTFFont(*m_externalSVGFontElement);
- return CachedFont::ensureCustomFontData(SharedBuffer::adoptVector(convertedFont));
- }
+#else
+ if (decoder->sawError())
+ m_externalSVGDocument = nullptr;
+ else
+ maybeInitializeExternalSVGFontElement(remoteURI);
+ if (!m_externalSVGFontElement)
+ return false;
+ Vector<char> convertedFont = convertSVGToOTFFont(*m_externalSVGFontElement);
+ m_convertedFont = SharedBuffer::adoptVector(convertedFont);
#endif
}
+
+#if !ENABLE(SVG_OTF_CONVERTER)
return m_externalSVGDocument;
+#else
+ return m_externalSVGDocument && CachedFont::ensureCustomFontData(m_convertedFont.get());
+#endif
}
SVGFontElement* CachedSVGFont::getSVGFontById(const String& fontName) const
{
+ ASSERT(m_externalSVGDocument);
auto elements = descendantsOfType<SVGFontElement>(*m_externalSVGDocument);
if (fontName.isEmpty())
@@ -106,17 +119,21 @@
return nullptr;
}
+SVGFontElement* CachedSVGFont::maybeInitializeExternalSVGFontElement(const AtomicString& remoteURI)
+{
+ if (m_externalSVGFontElement)
+ return m_externalSVGFontElement;
+ String fragmentIdentifier;
+ size_t start = remoteURI.find('#');
+ if (start != notFound)
+ fragmentIdentifier = remoteURI.string().substring(start + 1);
+ m_externalSVGFontElement = getSVGFontById(fragmentIdentifier);
+ return m_externalSVGFontElement;
+}
+
SVGFontFaceElement* CachedSVGFont::firstFontFace(const AtomicString& remoteURI)
{
- if (!m_externalSVGFontElement) {
- String fragmentIdentifier;
- size_t start = remoteURI.find('#');
- if (start != notFound)
- fragmentIdentifier = remoteURI.string().substring(start + 1);
- m_externalSVGFontElement = getSVGFontById(fragmentIdentifier);
- }
-
- if (!m_externalSVGFontElement)
+ if (!maybeInitializeExternalSVGFontElement(remoteURI))
return nullptr;
if (auto* firstFontFace = childrenOfType<SVGFontFaceElement>(*m_externalSVGFontElement).first())
Modified: trunk/Source/WebCore/loader/cache/CachedSVGFont.h (178627 => 178628)
--- trunk/Source/WebCore/loader/cache/CachedSVGFont.h 2015-01-17 17:18:23 UTC (rev 178627)
+++ trunk/Source/WebCore/loader/cache/CachedSVGFont.h 2015-01-17 22:51:47 UTC (rev 178628)
@@ -47,8 +47,12 @@
SVGFontElement* getSVGFontById(const String&) const;
+ SVGFontElement* maybeInitializeExternalSVGFontElement(const AtomicString& remoteURI);
SVGFontFaceElement* firstFontFace(const AtomicString& remoteURI);
+#if ENABLE(SVG_OTF_CONVERTER)
+ RefPtr<SharedBuffer> m_convertedFont;
+#endif
RefPtr<SVGDocument> m_externalSVGDocument;
SVGFontElement* m_externalSVGFontElement;
};
