[Webkit-unassigned] [Bug 134661] CSS color parsing accepts invalid color identifiers
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Jul 6 16:37:48 PDT 2014
https://bugs.webkit.org/show_bug.cgi?id=134661
Benjamin Poulain <benjamin at webkit.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #234454|review+ |review-
Flag| |
--- Comment #2 from Benjamin Poulain <benjamin at webkit.org> 2014-07-06 16:38:03 PST ---
(From update of attachment 234454)
View in context: https://bugs.webkit.org/attachment.cgi?id=234454&action=review
Hilarious bug, that's a good catch.
I disagree with your fix though. IMHO, we should never pass an invalid ID to systemColor(). You could check that the input ID is in the range alpha->-webkit-text.
I would also like the same test for CSS style resolution in addition to canvas. I know CSSParser::parseSystemColor() is not used for CSS parsing, but it is better to have the test to be on the safe side if the code changes.
Long term, someone should investigate if it would be better to split CSSValueKeywords into tiny perfect hash tables. That's completely out of scope here though :)
> Source/WebCore/ChangeLog:9
> + that if a valid cssValueKeywordID is got from the color string
"is got".
> Source/WebCore/css/CSSParser.cpp:1362
> + color = parsedColor.rgb();
Changing the color when parsedColor.isValid() is false does not seem right.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list