[Webkit-unassigned] [Bug 14498] New: RenderContainer::positionForCoordinates contains an order of operations error
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Jul 2 11:31:40 PDT 2007
http://bugs.webkit.org/show_bug.cgi?id=14498
Summary: RenderContainer::positionForCoordinates contains an
order of operations error
Product: WebKit
Version: 522+ (nightly)
Platform: All
OS/Version: All
Status: NEW
Severity: Normal
Priority: P2
Component: Layout and Rendering
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: aroben at apple.com
CC: hyatt at apple.com, mitz at webkit.org
Here's the code from RenderContainer::positionForCoordinates (also visible at
http://trac.webkit.org/projects/webkit/browser/trunk/WebCore/rendering/RenderContainer.cpp#L58
):
int top = borderTop() + paddingTop() + isTableRow() ? 0 :
renderer->xPos();
int bottom = top + renderer->contentHeight();
int left = borderLeft() + paddingLeft() + isTableRow() ? 0 :
renderer->yPos();
int right = left + renderer->contentWidth();
The problem (spotted by prefast) is that the + operator has higher precedence
than the ternary operator, so the code evaluates like this (note the
parentheses):
int top = (borderTop() + paddingTop() + isTableRow()) ? 0 :
renderer->xPos();
int bottom = top + renderer->contentHeight();
int left = (borderLeft() + paddingLeft() + isTableRow()) ? 0 :
renderer->yPos();
int right = left + renderer->contentWidth();
It's easy to fix (just put parentheses around the ternary expression), but I'm
not sure how to make a test case.
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list