Changeset 80803 in webkit


Ignore:
Timestamp:
Mar 10, 2011 6:17:14 PM (13 years ago)
Author:
commit-queue@webkit.org
Message:

2011-03-10 Alice Boxhall <aboxhall@chromium.org>

Reviewed by Dimitri Glazkov.

NULL pointer crash when using :empty and :first-line pseudoclass selectors together
https://bugs.webkit.org/show_bug.cgi?id=53316

  • fast/css/empty-first-line-crash-expected.txt: Added.
  • fast/css/empty-first-line-crash.html: Added.

2011-03-10 Alice Boxhall <aboxhall@chromium.org>

Reviewed by Dimitri Glazkov.

NULL pointer crash when using :empty and :first-line pseudoclass selectors together
https://bugs.webkit.org/show_bug.cgi?id=53316

:empty is calculated for each element during parsing, but then not
recalculated after any child elements are attached. Force style
re-calculation on elements which have :empty in their style when
their children are changed.

Test: fast/css/empty-first-line-crash.html

  • dom/Element.cpp: (WebCore::checkForEmptyStyleChange): Pull out empty style checking logic from checkForSiblingStyleChanges(). (WebCore::checkForSiblingStyleChanges): Use new checkForEmptyStyleChanges() method. (WebCore::Element::childrenChanged): Call checkForEmptyStyleChanges() when called with changedByParser = true.
Location:
trunk
Files:
2 added
3 edited

Legend:

Unmodified
Added
Removed

  • trunk/LayoutTests/ChangeLog

    r80799 r80803  
     12011-03-10  Alice Boxhall  <aboxhall@chromium.org>
     2
     3        Reviewed by Dimitri Glazkov.
     4
     5        NULL pointer crash when using :empty and :first-line pseudoclass selectors together
     6        https://bugs.webkit.org/show_bug.cgi?id=53316
     7
     8        * fast/css/empty-first-line-crash-expected.txt: Added.
     9        * fast/css/empty-first-line-crash.html: Added.
     10
    1112011-03-10  Martin Robinson  <mrobinson@igalia.com>
    212

  • trunk/Source/WebCore/ChangeLog

    r80802 r80803  
     12011-03-10  Alice Boxhall  <aboxhall@chromium.org>
     2
     3        Reviewed by Dimitri Glazkov.
     4
     5        NULL pointer crash when using :empty and :first-line pseudoclass selectors together
     6        https://bugs.webkit.org/show_bug.cgi?id=53316
     7
     8        :empty is calculated for each element during parsing, but then not
     9        recalculated after any child elements are attached. Force style
     10        re-calculation on elements which have :empty in their style when
     11        their children are changed.
     12
     13        Test: fast/css/empty-first-line-crash.html
     14
     15        * dom/Element.cpp:
     16        (WebCore::checkForEmptyStyleChange): Pull out empty style checking
     17        logic from checkForSiblingStyleChanges().
     18        (WebCore::checkForSiblingStyleChanges): Use new checkForEmptyStyleChanges()
     19        method.
     20        (WebCore::Element::childrenChanged):  Call checkForEmptyStyleChanges() when
     21        called with changedByParser = true.
     22
    1232011-03-10  Emil A Eklund  <eae@chromium.org>
    224

  • trunk/Source/WebCore/dom/Element.cpp

    r80779 r80803  
    11841184}
    11851185
     1186static void checkForEmptyStyleChange(Element* element, RenderStyle* style)
     1187{
     1188    if (!style)
     1189        return;
     1190
     1191    if (style->affectedByEmpty() && (!style->emptyState() || element->hasChildNodes()))
     1192        element->setNeedsStyleRecalc();
     1193}
     1194
    11861195static void checkForSiblingStyleChanges(Element* e, RenderStyle* style, bool finishedParsingCallback,
    11871196                                        Node* beforeChange, Node* afterChange, int childCountDelta)
     
    12601269   
    12611270    // :empty selector.
    1262     if (style->affectedByEmpty() && (!style->emptyState() || e->hasChildNodes()))
    1263         e->setNeedsStyleRecalc();
     1271    checkForEmptyStyleChange(e, style);
    12641272}
    12651273
     
    12671275{
    12681276    ContainerNode::childrenChanged(changedByParser, beforeChange, afterChange, childCountDelta);
    1269     if (!changedByParser)
     1277    if (changedByParser)
     1278        checkForEmptyStyleChange(this, renderStyle());
     1279    else
    12701280        checkForSiblingStyleChanges(this, renderStyle(), false, beforeChange, afterChange, childCountDelta);
    12711281}
    1272    
     1282
    12731283void Element::beginParsingChildren()
    12741284{
Note: See TracChangeset for help on using the changeset viewer.