Changeset 57263 in webkit
- Timestamp:
- Apr 8, 2010 1:19:18 AM (14 years ago)
- Location:
- trunk
- Files:
-
- 2 added
- 3 edited
-
LayoutTests/ChangeLog (modified) (1 diff)
-
LayoutTests/fast/images/svg-nested-expected.txt (added)
-
LayoutTests/fast/images/svg-nested.html (added)
-
WebCore/ChangeLog (modified) (1 diff)
-
WebCore/dom/XMLTokenizer.cpp (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r57261 r57263 1 2010-04-08 Chris Evans <cevans@chromium.org> 2 3 Reviewed by Adam Barth. 4 5 Add test for SVG image with excessive nesting. 6 https://bugs.webkit.org/show_bug.cgi?id=37247 7 8 * fast/images/svg-nested.html: added 9 * fast/images/svg-nested-expected.txt: added 10 1 11 2010-04-08 Adam Barth <abarth@webkit.org> 2 12 -
trunk/WebCore/ChangeLog
r57245 r57263 1 2010-04-08 Chris Evans <cevans@chromium.org> 2 3 Reviewed by Adam Barth. 4 5 Sanity: apply a max node depth to XML parsing. 6 7 https://bugs.webkit.org/show_bug.cgi?id=37247 8 9 Test: fast/images/svg-nested.html 10 11 * dom/XMLTokenizer.cpp: 12 (WebCore::XMLTokenizer::pushCurrentNode): 13 Error out the parse upon a really large node depth. 14 1 15 2010-04-07 Dumitru Daniliuc <dumi@chromium.org> 2 16 -
trunk/WebCore/dom/XMLTokenizer.cpp
r56825 r57263 68 68 69 69 const int maxErrors = 25; 70 const size_t maxNestingDepth = 4096; 70 71 71 72 #if ENABLE(WML) … … 87 88 m_currentNodeStack.append(m_currentNode); 88 89 m_currentNode = n; 90 if (m_currentNodeStack.size() > maxNestingDepth) 91 handleError(fatal, "Excessive node nesting.", lineNumber(), columnNumber()); 89 92 } 90 93
Note: See TracChangeset
for help on using the changeset viewer.
