[webkit-reviews] review granted: [Bug 94998] [Crash] Null pointer in CSSParser::parseMixFunction() : [Attachment 160555] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sat Aug 25 01:12:24 PDT 2012
Benjamin Poulain <benjamin at webkit.org> has granted Michelangelo De Simone
<michelangelo at webkit.org>'s request for review:
Bug 94998: [Crash] Null pointer in CSSParser::parseMixFunction()
https://bugs.webkit.org/show_bug.cgi?id=94998
Attachment 160555: Patch
https://bugs.webkit.org/attachment.cgi?id=160555&action=review
------- Additional Comments from Benjamin Poulain <benjamin at webkit.org>
View in context: https://bugs.webkit.org/attachment.cgi?id=160555&action=review
The patch looks correct.
> Source/WebCore/ChangeLog:3
> + [Crash] Dangling pointer in CSSParser::parseMixFunction()
The title need to be updated.
>
LayoutTests/css3/filters/script-tests/custom-filter-property-parsing-invalid.js
:50
> +testInvalidFilterRule("Mix function with comma terminator", "custom(none
mix(url(shader), multiply clear,))");
I would also have the minimum parsing that would lead to the crash. probably:
mix(,).
More information about the webkit-reviews
mailing list