Changeset 72685 in webkit for trunk/WebCore/css/CSSParser.cpp


Ignore:
Timestamp:
Nov 24, 2010, 10:13:25 AM (14 years ago)
Author:
inferno@chromium.org
Message:

2010-11-24 Cris Neckar <cdn@chromium.org>

Reviewed by Adam Barth.

Added check when parsing local fonts to ensure that a value's unit type is either string or ident.
https://bugs.webkit.org/show_bug.cgi?id=49883

Test: fast/css/local_font_invalid.html

  • css/CSSParser.cpp: (WebCore::CSSParser::parseFontFaceSrc):

2010-11-24 Cris Neckar <cdn@chromium.org>

Reviewed by Adam Barth.

Test for crash with invalid local fonts.
https://bugs.webkit.org/show_bug.cgi?id=49883

  • fast/css/local_font_invalid-expected.txt: Added.
  • fast/css/local_font_invalid.html: Added.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/WebCore/css/CSSParser.cpp

    r72500 r72685  
    36313631            CSSParserValueList* args = val->function->args.get();
    36323632            if (args && args->size() == 1) {
    3633                 if (equalIgnoringCase(val->function->name, "local(") && !expectComma) {
     3633                if (equalIgnoringCase(val->function->name, "local(") && !expectComma && (args->current()->unit == CSSPrimitiveValue::CSS_STRING || args->current()->unit == CSSPrimitiveValue::CSS_IDENT)) {
    36343634                    expectComma = true;
    36353635                    allowFormat = false;
Note: See TracChangeset for help on using the changeset viewer.