Changeset 161137 in webkit
- Timestamp:
- Dec 29, 2013 10:31:41 PM (10 years ago)
- Location:
- trunk
- Files:
-
- 4 deleted
- 3 edited
-
LayoutTests/ChangeLog (modified) (1 diff)
-
LayoutTests/fast/css/first-letter-block-change.html (deleted)
-
LayoutTests/platform/gtk-wk1/fast/css/first-letter-block-change-expected.png (deleted)
-
LayoutTests/platform/gtk-wk2/fast/css (deleted)
-
LayoutTests/platform/gtk/fast/css/first-letter-block-change-expected.txt (deleted)
-
Source/WebCore/ChangeLog (modified) (1 diff)
-
Source/WebCore/rendering/RenderBlock.cpp (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r161129 r161137 1 2013-12-29 Joone Hur <joone.hur@intel.com> 2 3 Reverted r156742. The same fix was reverted from Blink due to heap-use-after-free on ClusterFuzz. 4 https://bugs.webkit.org/show_bug.cgi?id=126275 5 6 https://codereview.chromium.org/102993011 7 8 Reviewed by Darin Adler. 9 10 * fast/css/first-letter-block-change.html: Removed. 11 * platform/gtk-wk1/fast/css/first-letter-block-change-expected.png: Removed. 12 * platform/gtk-wk2/fast/css/first-letter-block-change-expected.png: Removed. 13 * platform/gtk/fast/css/first-letter-block-change-expected.txt: Removed. 14 1 15 2013-12-29 Antti Koivisto <antti@apple.com> 2 16 -
trunk/Source/WebCore/ChangeLog
r161136 r161137 1 2013-12-29 Joone Hur <joone.hur@intel.com> 2 3 Reverted r156742. The same fix was reverted from Blink due to heap-use-after-free on ClusterFuzz. 4 https://bugs.webkit.org/show_bug.cgi?id=126275 5 6 https://codereview.chromium.org/102993011 7 8 Reviewed by Darin Adler. 9 10 * rendering/RenderBlock.cpp: 11 (WebCore::RenderBlock::updateFirstLetter): 12 1 13 2013-12-29 ChangSeok Oh <changseok.oh@collabora.com> 2 14 -
trunk/Source/WebCore/rendering/RenderBlock.cpp
r160966 r161137 4990 4990 return; 4991 4991 4992 // FIXME: We need to destroy the first-letter object if it is no longer the first child. Need to find 4993 // an efficient way to check for that situation though before implementing anything. 4992 4994 RenderElement* firstLetterBlock = findFirstLetterBlock(this); 4993 4995 if (!firstLetterBlock) … … 5021 5023 return; 5022 5024 5025 // If the child already has style, then it has already been created, so we just want 5026 // to update it. 5023 5027 if (descendant->parent()->style().styleType() == FIRST_LETTER) { 5024 // Destroy the first-letter object if it is no longer the first child.5025 RenderObject* remainingText = descendant->parent()->nextSibling();5026 if (remainingText && descendant->node() != remainingText->node()) {5027 if (!remainingText->isText() || remainingText->isBR())5028 return;5029 5030 if (auto oldFirstLetter = descendant->parent()->isBoxModelObject() ? toRenderBoxModelObject(descendant->parent()) : nullptr) {5031 if (auto oldRemainingText = oldFirstLetter->firstLetterRemainingText()) {5032 LayoutStateDisabler layoutStateDisabler(&view());5033 // Destroy the text fragment for the old first-letter and update oldRemainingText with its DOM text.5034 oldRemainingText->setText(oldRemainingText->textNode()->data());5035 createFirstLetterRenderer(firstLetterBlock, toRenderText(remainingText));5036 }5037 }5038 5039 return;5040 }5041 5042 // If the child already has style, then it has already been created, so we just want5043 // to update it.5044 5028 updateFirstLetterStyle(firstLetterBlock, descendant); 5045 5029 return;
Note: See TracChangeset
for help on using the changeset viewer.
