WebKit Bugzilla
Attachment 348518 Details for
Bug 189154
: The width of an empty or nullptr TextRun should be zero
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-189154-20180830112620.patch (text/plain), 4.65 KB, created by
Brent Fulgham
on 2018-08-30 11:26:21 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
Brent Fulgham
Created:
2018-08-30 11:26:21 PDT
Size:
4.65 KB
patch
obsolete
>Subversion Revision: 235371 >diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog >index c781a535526bea95d38b185f459b3f1d0a812b59..9da5a1561ec6e59de75792551ed1050b2de63c38 100644 >--- a/Source/WebCore/ChangeLog >+++ b/Source/WebCore/ChangeLog >@@ -1,3 +1,23 @@ >+2018-08-30 Brent Fulgham <bfulgham@apple.com> >+ >+ The width of a nullptr TextRun should be zero >+ https://bugs.webkit.org/show_bug.cgi?id=189154 >+ <rdar://problem/43685926> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ If a page has an empty TextRun and attempts to paint it we can crash with a nullptr. >+ >+ This patch recognizes that an empty TextRun should always produce a zero width, rather than >+ attempt to compute this value from font data. >+ >+ Test: fast/text/null-string-textrun.html >+ >+ * platform/graphics/FontCascade.cpp: >+ (WebCore::FontCascade::widthOfTextRange const): An empty TextRun has zero width. >+ (WebCore::FontCascade::width const): Ditto. >+ (WebCore::FontCascade::codePath const): ASSERT that the TextRun is non-empty. >+ > 2018-08-27 Alex Christensen <achristensen@webkit.org> > > Fix IOSMAC build >diff --git a/Source/WebCore/platform/graphics/FontCascade.cpp b/Source/WebCore/platform/graphics/FontCascade.cpp >index 7648f5bf2693bee26f0598ecebffaf1ac23d042c..2fbd0061bff32ff105dc5c4b5fe3781b507e88dd 100644 >--- a/Source/WebCore/platform/graphics/FontCascade.cpp >+++ b/Source/WebCore/platform/graphics/FontCascade.cpp >@@ -341,6 +341,9 @@ float FontCascade::widthOfTextRange(const TextRun& run, unsigned from, unsigned > ASSERT(from <= to); > ASSERT(to <= run.length()); > >+ if (!run.length()) >+ return 0; >+ > float offsetBeforeRange = 0; > float offsetAfterRange = 0; > float totalWidth = 0; >@@ -385,6 +388,9 @@ float FontCascade::widthOfTextRange(const TextRun& run, unsigned from, unsigned > > float FontCascade::width(const TextRun& run, HashSet<const Font*>* fallbackFonts, GlyphOverflow* glyphOverflow) const > { >+ if (!run.length()) >+ return 0; >+ > CodePath codePathToUse = codePath(run); > if (codePathToUse != Complex) { > // The complex path is more restrictive about returning fallback fonts than the simple path, so we need an explicit test to make their behaviors match. >@@ -604,6 +610,8 @@ FontCascade::CodePath FontCascade::codePath(const TextRun& run, std::optional<un > if (s_codePath != Auto) > return s_codePath; > >+ ASSERT(run.length()); >+ > #if !USE(FREETYPE) > // FIXME: Use the fast code path once it handles partial runs with kerning and ligatures. See http://webkit.org/b/100050 > if ((enableKerning() || requiresShaping()) && (from.value_or(0) || to.value_or(run.length()) != run.length())) >diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog >index cd12c8d77fabcb9d392c865c33ce6e3cac11d54c..e64c149dc30cdb91a1907bd54349136861044726 100644 >--- a/LayoutTests/ChangeLog >+++ b/LayoutTests/ChangeLog >@@ -1,3 +1,14 @@ >+2018-08-30 Brent Fulgham <bfulgham@apple.com> >+ >+ The width of a nullptr TextRun should be zero >+ https://bugs.webkit.org/show_bug.cgi?id=189154 >+ <rdar://problem/43685926> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * fast/text/null-string-textrun-expected.txt: Added. >+ * fast/text/null-string-textrun.html: Added. >+ > 2018-08-27 Per Arne Vollan <pvollan@apple.com> > > Layout Test fast/events/dblclick-event-getModifierState.html is failing >diff --git a/LayoutTests/fast/text/null-string-textrun-expected.txt b/LayoutTests/fast/text/null-string-textrun-expected.txt >new file mode 100644 >index 0000000000000000000000000000000000000000..99d8c8928ee37dbaadfa148b3dc7f111181b3bc4 >--- /dev/null >+++ b/LayoutTests/fast/text/null-string-textrun-expected.txt >@@ -0,0 +1,6 @@ >+This test confirms that a null text run doesn't trigger a crash. It passes if it loads without crashing. >+ >+ >+ >+ >+ >diff --git a/LayoutTests/fast/text/null-string-textrun.html b/LayoutTests/fast/text/null-string-textrun.html >new file mode 100644 >index 0000000000000000000000000000000000000000..b145900dbfe85b5b77aff7171c8cb7cac79f1c41 >--- /dev/null >+++ b/LayoutTests/fast/text/null-string-textrun.html >@@ -0,0 +1,19 @@ >+<!doctype html> >+<head> >+<script> >+if (window.testRunner) >+ testRunner.dumpAsText(); >+</script> >+<head> >+<body> >+ <p>This test confirms that a null text run doesn't trigger a crash. It passes if it loads without crashing.</p> >+ <pre id="pre_tag" dir="RTL" > >+ <style onload="pre_tag.appendChild(meter_tag)"/></style> >+ <select multiple="multiple"> >+ <optgroup/> >+ </select> >+ </pre> >+ <label> >+ <meter id="meter_tag"> >+ </label> >+</body> >\ No newline at end of file
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=348518">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 189154
:
348501
|
348509
|
348518
|
348655
|
348743
|
348825
|
348925