Changeset 26740 in webkit

Timestamp:

Oct 18, 2007 12:30:13 AM (17 years ago)

Author:

eseidel

Message:

2007-10-18 Eric Seidel <​eric@webkit.org>

Reviewed by Maciej.

Fix crashers in SVGViewSpec::parseViewSpec
​http://bugs.webkit.org/show_bug.cgi?id=15504

Test is blocked by bug 15503, landed as:

• svg/dom/viewspec-parser.html-disabled

• bindings/scripts/CodeGeneratorObjC.pm: support classes where all parents are interfaces
• ksvg2/svg/SVGViewSpec.cpp: (WebCore::SVGViewSpec::parseViewSpec):
• ksvg2/svg/SVGViewSpec.idl: Added.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/fast/js/resources/js-test-post.js (modified) (1 diff)
• LayoutTests/fast/js/resources/js-test-pre.js (modified) (2 diffs)
• LayoutTests/svg/dom/viewspec-parser.html-disabled (added)
• WebCore/ChangeLog (modified) (1 diff)
• WebCore/bindings/scripts/CodeGeneratorObjC.pm (modified) (2 diffs)
• WebCore/ksvg2/svg/SVGViewSpec.cpp (modified) (5 diffs)
• WebCore/ksvg2/svg/SVGViewSpec.idl (added)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2007-10-18  Eric Seidel  <eric@webkit.org>
+
+        Reviewed by Maciej.
+        
+        Test case for http://bugs.webkit.org/show_bug.cgi?id=15504
+        Landed -disabled as it's blocked by:
+        http://bugs.webkit.org/show_bug.cgi?id=15503
+
+        * fast/js/resources/js-test-post.js: add support for XHTML
+        * fast/js/resources/js-test-pre.js: add support for XHTML
+        * svg/dom/viewspec-parser.html-disabled: Added.
+
 2007-10-17  Rob Buis  <buis@kde.org>
 

trunk/LayoutTests/fast/js/resources/js-test-post.js

@@ -1 +1 @@
 shouldBeTrue("successfullyParsed");
-debug('<br><span class="pass">TEST COMPLETE</span>');
+debug('<br /><span class="pass">TEST COMPLETE</span>');

trunk/LayoutTests/fast/js/resources/js-test-pre.js

@@ -17 +17 @@
 {
     var span = document.createElement("span");
-    span.innerHTML = msg + '<br>';
-    document.getElementById("console").appendChild(span);
+    document.getElementById("console").appendChild(span); // insert it first so XHTML knows the namespace
+    span.innerHTML = msg + '<br />';
 }
 
@@ -28 +28 @@
 function testPassed(msg)
 {
-    debug('<span class="pass">PASS</span> ' + escapeHTML(msg) + '</span>');
+    debug('<span><span class="pass">PASS</span> ' + escapeHTML(msg) + '</span>');
 }
 
 function testFailed(msg)
 {
-    debug('<span class="fail">FAIL</span> ' + escapeHTML(msg) + '</span>');
+    debug('<span><span class="fail">FAIL</span> ' + escapeHTML(msg) + '</span>');
 }
 

trunk/WebCore/ChangeLog

@@ +1 @@
+2007-10-18  Eric Seidel  <eric@webkit.org>
+
+        Reviewed by Maciej.
+
+        Fix crashers in SVGViewSpec::parseViewSpec
+        http://bugs.webkit.org/show_bug.cgi?id=15504
+
+        Test is blocked by bug 15503, landed as:
+        * svg/dom/viewspec-parser.html-disabled
+
+        * bindings/scripts/CodeGeneratorObjC.pm: support classes where all parents are interfaces
+        * ksvg2/svg/SVGViewSpec.cpp:
+        (WebCore::SVGViewSpec::parseViewSpec):
+        * ksvg2/svg/SVGViewSpec.idl: Added.
+
 2007-10-17  Rob Buis  <buis@kde.org>
 

trunk/WebCore/bindings/scripts/CodeGeneratorObjC.pm

@@ -205 +205 @@
 
 # Uppercase the first letter, while respecting WebKit style guidelines. 
-# E.g., xmlEncoding becomes XMLEncoding, but xmlllang becomes Xmllang.
+# E.g., xmlEncoding becomes XMLEncoding, but xmllang becomes Xmllang.
 sub WK_ucfirst
 {
@@ -387 +387 @@
         if (IsProtocolType($firstParent)) {
             push(@protocols, "DOM" . $firstParent);
+            if (!$isProtocol) {
+                $parent = "DOMObject";
+            }
         } else {
             $parent = "DOM" . $firstParent;

trunk/WebCore/ksvg2/svg/SVGViewSpec.cpp

@@ -100 +100 @@
         return false;
 
-    if (*currViewSpec != '(' )
+    if (currViewSpec >= end || *currViewSpec != '(' )
         return false;
     currViewSpec++;
 
-    while (*currViewSpec != ')' && currViewSpec < end) {
+    while (currViewSpec < end && *currViewSpec != ')') {
         if (*currViewSpec == 'v') {
             if (skipString(currViewSpec, end, viewBoxSpec, sizeof(viewBoxSpec) / sizeof(UChar))) {
-                if (*currViewSpec != '(')
+                if (currViewSpec >= end || *currViewSpec != '(')
                     return false;
                 currViewSpec++;
@@ -114 +114 @@
                     return false;
                 setViewBoxBaseValue(FloatRect(x, y, w, h));
-                if (*currViewSpec != ')')
+                if (currViewSpec >= end || *currViewSpec != ')')
                     return false;
                 currViewSpec++;
             } else if (skipString(currViewSpec, end, viewTargetSpec, sizeof(viewTargetSpec) / sizeof(UChar))) {
-                if (*currViewSpec != '(')
+                if (currViewSpec >= end || *currViewSpec != '(')
                     return false;
                 const UChar* viewTargetStart = ++currViewSpec;
-                while (*currViewSpec != ')' && currViewSpec <= end)
+                while (currViewSpec < end && *currViewSpec != ')')
                     currViewSpec++;
-                if (currViewSpec > end)
+                if (currViewSpec >= end)
                     return false;
                 setViewTargetString(String(viewTargetStart, currViewSpec - viewTargetStart));
@@ -132 +132 @@
             if (!skipString(currViewSpec, end, zoomAndPanSpec, sizeof(zoomAndPanSpec) / sizeof(UChar)))
                 return false;
-            if (*currViewSpec != '(')
+            if (currViewSpec >= end || *currViewSpec != '(')
                 return false;
             currViewSpec++;
             if (!parseZoomAndPan(currViewSpec, end))
                 return false;
-            if (*currViewSpec != ')')
+            if (currViewSpec >= end || *currViewSpec != ')')
                 return false;
             currViewSpec++;
@@ -143 +143 @@
             if (!skipString(currViewSpec, end, preserveAspectRatioSpec, sizeof(preserveAspectRatioSpec) / sizeof(UChar)))
                 return false;
-            if (*currViewSpec != '(')
+            if (currViewSpec >= end || *currViewSpec != '(')
                 return false;
             currViewSpec++;
             if (!preserveAspectRatioBaseValue()->parsePreserveAspectRatio(currViewSpec, end, false))
                 return false;
-            if (*currViewSpec != ')')
+            if (currViewSpec >= end || *currViewSpec != ')')
                 return false;
             currViewSpec++;
@@ -154 +154 @@
             if (!skipString(currViewSpec, end, transformSpec, sizeof(transformSpec) / sizeof(UChar)))
                 return false;
-            if (*currViewSpec != '(')
+            if (currViewSpec >= end || *currViewSpec != '(')
                 return false;
             currViewSpec++;
             SVGTransformable::parseTransformAttribute(m_transform.get(), currViewSpec, end);
-            if (*currViewSpec != ')')
+            if (currViewSpec >= end || *currViewSpec != ')')
                 return false;
             currViewSpec++;
-        }
+        } else
+            return false;
 
-        if (*currViewSpec == ';')
+        if (currViewSpec < end && *currViewSpec == ';')
             currViewSpec++;
     }
-    if (currViewSpec >= end)
-        return false;
-
-    if (*currViewSpec != ')')
+    
+    if (currViewSpec >= end || *currViewSpec != ')')
         return false;