[webkit-changes] [190943] releases/WebKitGTK/webkit-2.10

[carlosgc]

Title: [190943] releases/WebKitGTK/webkit-2.10

Revision

190943

Author

carlo...@webkit.org

Date

2015-10-13 03:06:49 -0700 (Tue, 13 Oct 2015)

Log Message

Merge r190339 - Avoid reparsing an XSLT stylesheet after the first failure.
https://bugs.webkit.org/show_bug.cgi?id=149188
<rdar://problem/22709912>

Reviewed by Dave Hyatt.

Patch by Jiewen Tan, jiewen_...@apple.com.

Source/WebCore:

Test: svg/custom/invalid-xslt-crash.svg

* xml/XSLStyleSheet.h:
Add a new member variable m_compilationFailed that tracks whether
compilation has failed. Default value is false.

* xml/XSLStyleSheetLibxslt.cpp:
(WebCore::XSLStyleSheet::compileStyleSheet):
Return early if the compilation has failed before. After compiling the
style sheet, if we failed, set m_compilationFailed to true.

LayoutTests:

* svg/custom/invalid-xslt-crash-expected.txt: Added.
* svg/custom/invalid-xslt-crash.svg: Added.

Modified Paths

• releases/WebKitGTK/webkit-2.10/LayoutTests/ChangeLog
• releases/WebKitGTK/webkit-2.10/Source/WebCore/ChangeLog
• releases/WebKitGTK/webkit-2.10/Source/WebCore/xml/XSLStyleSheet.h
• releases/WebKitGTK/webkit-2.10/Source/WebCore/xml/XSLStyleSheetLibxslt.cpp

Added Paths

• releases/WebKitGTK/webkit-2.10/LayoutTests/svg/custom/invalid-xslt-crash-expected.txt
• releases/WebKitGTK/webkit-2.10/LayoutTests/svg/custom/invalid-xslt-crash.svg

Diff

Modified: releases/WebKitGTK/webkit-2.10/LayoutTests/ChangeLog (190942 => 190943)

--- releases/WebKitGTK/webkit-2.10/LayoutTests/ChangeLog	2015-10-13 10:00:43 UTC (rev 190942)
+++ releases/WebKitGTK/webkit-2.10/LayoutTests/ChangeLog	2015-10-13 10:06:49 UTC (rev 190943)
@@ -1,3 +1,46 @@
+2015-10-08  Jiewen Tan  <jiewen_...@apple.com>
+
+        Cleaning up after revision 190339
+        https://bugs.webkit.org/show_bug.cgi?id=149732
+
+        Reviewed by Myles C. Maxfield.
+
+        * svg/custom/invalid-xslt-crash.svg:
+        * svg/custom/invalid-xslt-crash-expected.txt:
+        Replace render tree dump test with text dump.
+
+2015-10-05  Alexey Proskuryakov  <a...@apple.com>
+
+        Revert LayoutTests parts of r190579, which were incorrect.
+
+        * svg/custom/invalid-xslt-crash-expected.txt: Copied from LayoutTests/svg/custom/invalid-xslt-crash-expected.txt.
+        * svg/custom/invalid-xslt-crash.svg:
+
+2015-10-05  Jiewen Tan  <jiewen_...@apple.com>
+
+        Cleaning up after revision 190339
+        https://bugs.webkit.org/show_bug.cgi?id=149732
+
+        Reviewed by Myles C. Maxfield.
+
+        * svg/custom/invalid-xslt-crash.svg:
+        * svg/custom/invalid-xslt-crash-expected.txt:
+        Replace render tree dump test with text dump.
+        Pass if no crash.
+
+2015-09-29  Jon Honeycutt  <jhoneyc...@apple.com>
+
+        Avoid reparsing an XSLT stylesheet after the first failure.
+        https://bugs.webkit.org/show_bug.cgi?id=149188
+        <rdar://problem/22709912>
+
+        Reviewed by Dave Hyatt.
+
+        Patch by Jiewen Tan, jiewen_...@apple.com.
+
+        * svg/custom/invalid-xslt-crash-expected.txt: Added.
+        * svg/custom/invalid-xslt-crash.svg: Added.
+
 2015-09-29  Chris Dumez  <cdu...@apple.com>
 
         Memory cache revalidations should refresh the network disk cache

Added: releases/WebKitGTK/webkit-2.10/LayoutTests/svg/custom/invalid-xslt-crash-expected.txt (0 => 190943)

--- releases/WebKitGTK/webkit-2.10/LayoutTests/svg/custom/invalid-xslt-crash-expected.txt	                        (rev 0)
+++ releases/WebKitGTK/webkit-2.10/LayoutTests/svg/custom/invalid-xslt-crash-expected.txt	2015-10-13 10:06:49 UTC (rev 190943)
@@ -0,0 +1 @@
+Pass if no crash

Added: releases/WebKitGTK/webkit-2.10/LayoutTests/svg/custom/invalid-xslt-crash.svg (0 => 190943)

--- releases/WebKitGTK/webkit-2.10/LayoutTests/svg/custom/invalid-xslt-crash.svg	                        (rev 0)
+++ releases/WebKitGTK/webkit-2.10/LayoutTests/svg/custom/invalid-xslt-crash.svg	2015-10-13 10:06:49 UTC (rev 190943)
@@ -0,0 +1,12 @@
+<svg xmlns="http://www.w3.org/2000/svg"
+     xmlns:xslt="http://www.w3.org/1999/XSL/Transform"
+     xslt:version="1.0">
+    <script>
+        if (window.testRunner)
+            testRunner.dumpAsText();
+    </script>
+
+    <!-- The test passes if it doesn't crash -->
+    <xslt:attribute nnnnnnnnnnname="fill">lime</xslt:attribute>
+    <text>Pass if no crash</text>
+</svg>

Modified: releases/WebKitGTK/webkit-2.10/Source/WebCore/ChangeLog (190942 => 190943)

--- releases/WebKitGTK/webkit-2.10/Source/WebCore/ChangeLog	2015-10-13 10:00:43 UTC (rev 190942)
+++ releases/WebKitGTK/webkit-2.10/Source/WebCore/ChangeLog	2015-10-13 10:06:49 UTC (rev 190943)
@@ -1,3 +1,35 @@
+2015-10-05  Jiewen Tan  <jiewen_...@apple.com>
+
+        Cleaning up after revision 190339
+        https://bugs.webkit.org/show_bug.cgi?id=149732
+
+        Reviewed by Myles C. Maxfield.
+
+        * xml/XSLStyleSheet.h:
+        * xml/XSLStyleSheetLibxslt.cpp:
+        (WebCore::XSLStyleSheet::compileStyleSheet):
+
+2015-09-29  Jon Honeycutt  <jhoneyc...@apple.com>
+
+        Avoid reparsing an XSLT stylesheet after the first failure.
+        https://bugs.webkit.org/show_bug.cgi?id=149188
+        <rdar://problem/22709912>
+
+        Reviewed by Dave Hyatt.
+
+        Patch by Jiewen Tan, jiewen_...@apple.com.
+
+        Test: svg/custom/invalid-xslt-crash.svg
+
+        * xml/XSLStyleSheet.h:
+        Add a new member variable m_compilationFailed that tracks whether
+        compilation has failed. Default value is false.
+
+        * xml/XSLStyleSheetLibxslt.cpp:
+        (WebCore::XSLStyleSheet::compileStyleSheet):
+        Return early if the compilation has failed before. After compiling the
+        style sheet, if we failed, set m_compilationFailed to true.
+
 2015-09-23  ChangSeok Oh  <changseok...@collabora.com>
 
         [GTK] playbutton in media controls is not changed when it is clicked.

Modified: releases/WebKitGTK/webkit-2.10/Source/WebCore/xml/XSLStyleSheet.h (190942 => 190943)

--- releases/WebKitGTK/webkit-2.10/Source/WebCore/xml/XSLStyleSheet.h	2015-10-13 10:00:43 UTC (rev 190942)
+++ releases/WebKitGTK/webkit-2.10/Source/WebCore/xml/XSLStyleSheet.h	2015-10-13 10:06:49 UTC (rev 190943)
@@ -116,7 +116,8 @@
 
     xmlDocPtr m_stylesheetDoc;
     bool m_stylesheetDocTaken;
-    
+    bool m_compilationFailed { false };
+
     XSLStyleSheet* m_parentStyleSheet;
 };
 

Modified: releases/WebKitGTK/webkit-2.10/Source/WebCore/xml/XSLStyleSheetLibxslt.cpp (190942 => 190943)

--- releases/WebKitGTK/webkit-2.10/Source/WebCore/xml/XSLStyleSheetLibxslt.cpp	2015-10-13 10:00:43 UTC (rev 190942)
+++ releases/WebKitGTK/webkit-2.10/Source/WebCore/xml/XSLStyleSheetLibxslt.cpp	2015-10-13 10:06:49 UTC (rev 190943)
@@ -245,12 +245,19 @@
     if (m_embedded)
         return xsltLoadStylesheetPI(document());
 
+    // Certain libxslt versions are corrupting the xmlDoc on compilation
+    // failures - hence attempting to recompile after a failure is unsafe.
+    if (m_compilationFailed)
+        return nullptr;
+
     // xsltParseStylesheetDoc makes the document part of the stylesheet
     // so we have to release our pointer to it.
     ASSERT(!m_stylesheetDocTaken);
     xsltStylesheetPtr result = xsltParseStylesheetDoc(m_stylesheetDoc);
     if (result)
         m_stylesheetDocTaken = true;
+    else
+        m_compilationFailed = true;
     return result;
 }
 

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes