[webkit-reviews] review denied: [Bug 12283] SVG wastes time in
stringToLengthType,
should use CSS parser (or atoms) instead : [Attachment 12716] First
attempt
bugzilla-request-daemon at macosforge.org
bugzilla-request-daemon at macosforge.org
Sun Jan 28 18:15:51 PST 2007
Darin Adler <darin at apple.com> has denied Darin Adler <darin at apple.com>'s
request for review:
Bug 12283: SVG wastes time in stringToLengthType, should use CSS parser (or
atoms) instead
http://bugs.webkit.org/show_bug.cgi?id=12283
Attachment 12716: First attempt
http://bugs.webkit.org/attachment.cgi?id=12716&action=edit
------- Additional Comments from Darin Adler <darin at apple.com>
I think this code has a buffer overrun. It looks at ptr[1] without checking if
end is == ptr + 1.
Also, I think that String::endsWith should have a fast case for a char*
parameter that avoids creating a String. There's really no need to rewrite this
code to avoid allocating those String objects -- that should be fixed in the
String class.
This patch also changes behavior -- it adds a new "isWhitespace" check, and it
checks after the current ptr value rather than looking at the end of the string
-- the old code would allow arbitrary text between the number and the unit
type. The new code allows arbitrary text after the unit type. I'm not sure
either of these is correcet.
We need a test case showing the change in behavior and if possible,
systematically testing as many of the edge cases as possible.
More information about the webkit-reviews
mailing list