Diff
Modified: branches/safari-534.51-branch/LayoutTests/ChangeLog (95219 => 95220)
--- branches/safari-534.51-branch/LayoutTests/ChangeLog 2011-09-15 19:56:21 UTC (rev 95219)
+++ branches/safari-534.51-branch/LayoutTests/ChangeLog 2011-09-15 20:02:31 UTC (rev 95220)
@@ -1,5 +1,20 @@
2011-09-15 Mark Rowe <mr...@apple.com>
+ Merge r89705.
+
+ 2011-06-24 Abhishek Arya <infe...@chromium.org>
+
+ Reviewed by Darin Adler.
+
+ Tests that font size for svg text zoom is clamped and we do not
+ crash on ASSERT(isfinite(s)) in FontDescription.h
+ https://bugs.webkit.org/show_bug.cgi?id=53449
+
+ * svg/text/svg-zoom-large-value-expected.txt: Added.
+ * svg/text/svg-zoom-large-value.xhtml: Added.
+
+2011-09-15 Mark Rowe <mr...@apple.com>
+
Merge r91386.
2011-07-20 Tony Chang <t...@chromium.org>
Added: branches/safari-534.51-branch/LayoutTests/svg/text/svg-zoom-large-value-expected.txt (0 => 95220)
--- branches/safari-534.51-branch/LayoutTests/svg/text/svg-zoom-large-value-expected.txt (rev 0)
+++ branches/safari-534.51-branch/LayoutTests/svg/text/svg-zoom-large-value-expected.txt 2011-09-15 20:02:31 UTC (rev 95220)
@@ -0,0 +1,2 @@
+PASS
+
Added: branches/safari-534.51-branch/LayoutTests/svg/text/svg-zoom-large-value.xhtml (0 => 95220)
--- branches/safari-534.51-branch/LayoutTests/svg/text/svg-zoom-large-value.xhtml (rev 0)
+++ branches/safari-534.51-branch/LayoutTests/svg/text/svg-zoom-large-value.xhtml 2011-09-15 20:02:31 UTC (rev 95220)
@@ -0,0 +1,16 @@
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<style>
+#svg1 { zoom: 10000000044444535353444433333333333333333333333333333333333333333333333333333330000000 }
+</style>
+</head>
+<body>
+<svg id="svg1" xmlns="http://www.w3.org/2000/svg">
+<text x="50" y="50">PASS</text>
+</svg>
+<script>
+if (window.layoutTestController)
+ layoutTestController.dumpAsText();
+</script>
+</body>
+</html>
Modified: branches/safari-534.51-branch/Source/WebCore/ChangeLog (95219 => 95220)
--- branches/safari-534.51-branch/Source/WebCore/ChangeLog 2011-09-15 19:56:21 UTC (rev 95219)
+++ branches/safari-534.51-branch/Source/WebCore/ChangeLog 2011-09-15 20:02:31 UTC (rev 95220)
@@ -1,5 +1,40 @@
2011-09-15 Mark Rowe <mr...@apple.com>
+ Merge r89705.
+
+ 2011-06-24 Abhishek Arya <infe...@chromium.org>
+
+ Reviewed by Darin Adler.
+
+ Add clamping for CSSPrimitiveValues and SVGInlineText font size.
+ https://bugs.webkit.org/show_bug.cgi?id=53449
+
+ Test: svg/text/svg-zoom-large-value.xhtml
+
+ * css/CSSPrimitiveValue.cpp:
+ (WebCore::CSSPrimitiveValue::CSSPrimitiveValue): add asserts to detect if the
+ number created is valid.
+ * css/CSSPrimitiveValue.h: add clamping checks to prevent overflows.
+ (WebCore::CSSPrimitiveValue::getFloatValue):
+ (WebCore::CSSPrimitiveValue::getIntValue):
+ * css/CSSStyleSelector.cpp:
+ (WebCore::CSSStyleSelector::getComputedSizeFromSpecifiedSize): split into two
+ static functions, one specific to CSSStyleSelector and other generic to help
+ in clamping font size for other callers like svg text, etc.
+ * css/CSSStyleSelector.h:
+ * platform/graphics/FontDescription.h: add asserts to detect if the new font
+ size is valid.
+ (WebCore::FontDescription::setComputedSize):
+ (WebCore::FontDescription::setSpecifiedSize):
+ * rendering/svg/RenderSVGInlineText.cpp:
+ (WebCore::RenderSVGInlineText::computeNewScaledFontForStyle): use the new helper
+ from CSSStyleSelector to help in clamping new scaled font size. do not use
+ "smart minimum" since svg allows really small unreadable fonts (tested by existing
+ layout tests). Document's minimum font size clamp (0 in my case) and harmless epsilon
+ check in CSSStyleSelector function should still hold for svg.
+
+2011-09-15 Mark Rowe <mr...@apple.com>
+
Merge r91386.
2011-07-20 Tony Chang <t...@chromium.org>
Modified: branches/safari-534.51-branch/Source/WebCore/css/CSSPrimitiveValue.cpp (95219 => 95220)
--- branches/safari-534.51-branch/Source/WebCore/css/CSSPrimitiveValue.cpp 2011-09-15 19:56:21 UTC (rev 95219)
+++ branches/safari-534.51-branch/Source/WebCore/css/CSSPrimitiveValue.cpp 2011-09-15 20:02:31 UTC (rev 95220)
@@ -36,7 +36,6 @@
#include "RenderStyle.h"
#include <wtf/ASCIICType.h>
#include <wtf/DecimalNumber.h>
-#include <wtf/MathExtras.h>
#include <wtf/StdLibExtras.h>
#include <wtf/text/StringBuffer.h>
@@ -130,6 +129,7 @@
: m_type(type)
, m_hasCachedCSSText(false)
{
+ ASSERT(isfinite(num));
m_value.num = num;
}
@@ -158,6 +158,7 @@
break;
case WebCore::Fixed:
m_type = CSS_PX;
+ ASSERT(isfinite(length.value()));
m_value.num = length.value();
break;
case Intrinsic:
@@ -170,6 +171,7 @@
break;
case Percent:
m_type = CSS_PERCENTAGE;
+ ASSERT(isfinite(length.percent()));
m_value.num = length.percent();
break;
case Relative:
Modified: branches/safari-534.51-branch/Source/WebCore/css/CSSPrimitiveValue.h (95219 => 95220)
--- branches/safari-534.51-branch/Source/WebCore/css/CSSPrimitiveValue.h 2011-09-15 19:56:21 UTC (rev 95219)
+++ branches/safari-534.51-branch/Source/WebCore/css/CSSPrimitiveValue.h 2011-09-15 20:02:31 UTC (rev 95220)
@@ -25,6 +25,7 @@
#include "CSSValue.h"
#include "Color.h"
#include <wtf/Forward.h>
+#include <wtf/MathExtras.h>
#include <wtf/PassRefPtr.h>
namespace WebCore {
@@ -154,13 +155,13 @@
double getDoubleValue() const { return m_value.num; }
void setFloatValue(unsigned short unitType, double floatValue, ExceptionCode&);
- float getFloatValue(unsigned short unitType, ExceptionCode& ec) const { return static_cast<float>(getDoubleValue(unitType, ec)); }
- float getFloatValue(unsigned short unitType) const { return static_cast<float>(getDoubleValue(unitType)); }
- float getFloatValue() const { return static_cast<float>(m_value.num); }
+ float getFloatValue(unsigned short unitType, ExceptionCode& ec) const { return clampToFloat(getDoubleValue(unitType, ec)); }
+ float getFloatValue(unsigned short unitType) const { return clampToFloat(getDoubleValue(unitType)); }
+ float getFloatValue() const { return clampToFloat(m_value.num); }
- int getIntValue(unsigned short unitType, ExceptionCode& ec) const { return static_cast<int>(getDoubleValue(unitType, ec)); }
- int getIntValue(unsigned short unitType) const { return static_cast<int>(getDoubleValue(unitType)); }
- int getIntValue() const { return static_cast<int>(m_value.num); }
+ int getIntValue(unsigned short unitType, ExceptionCode& ec) const { return clampToInteger(getDoubleValue(unitType, ec)); }
+ int getIntValue(unsigned short unitType) const { return clampToInteger(getDoubleValue(unitType)); }
+ int getIntValue() const { return clampToInteger(m_value.num); }
void setStringValue(unsigned short stringType, const String& stringValue, ExceptionCode&);
String getStringValue(ExceptionCode&) const;
Modified: branches/safari-534.51-branch/Source/WebCore/css/CSSStyleSelector.cpp (95219 => 95220)
--- branches/safari-534.51-branch/Source/WebCore/css/CSSStyleSelector.cpp 2011-09-15 19:56:21 UTC (rev 95219)
+++ branches/safari-534.51-branch/Source/WebCore/css/CSSStyleSelector.cpp 2011-09-15 20:02:31 UTC (rev 95220)
@@ -6247,6 +6247,18 @@
float CSSStyleSelector::getComputedSizeFromSpecifiedSize(Document* document, RenderStyle* style, bool isAbsoluteSize, float specifiedSize, bool useSVGZoomRules)
{
+ float zoomFactor = 1.0f;
+ if (!useSVGZoomRules) {
+ zoomFactor = style->effectiveZoom();
+ if (Frame* frame = document->frame())
+ zoomFactor *= frame->textZoomFactor();
+ }
+
+ return CSSStyleSelector::getComputedSizeFromSpecifiedSize(document, zoomFactor, isAbsoluteSize, specifiedSize);
+}
+
+float CSSStyleSelector::getComputedSizeFromSpecifiedSize(Document* document, float zoomFactor, bool isAbsoluteSize, float specifiedSize, ESmartMinimumForFontSize useSmartMinimumForFontSize)
+{
// Text with a 0px font size should not be visible and therefore needs to be
// exempt from minimum font size rules. Acid3 relies on this for pixel-perfect
// rendering. This is also compatible with other browsers that have minimum
@@ -6254,13 +6266,6 @@
if (fabsf(specifiedSize) < std::numeric_limits<float>::epsilon())
return 0.0f;
- float zoomFactor = 1.0f;
- if (!useSVGZoomRules) {
- zoomFactor = style->effectiveZoom();
- if (Frame* frame = document->frame())
- zoomFactor *= frame->textZoomFactor();
- }
-
// We support two types of minimum font size. The first is a hard override that applies to
// all fonts. This is "minSize." The second type of minimum font size is a "smart minimum"
// that is applied only when the Web page can't know what size it really asked for, e.g.,
@@ -6287,7 +6292,7 @@
// after zooming. The font size must either be relative to the user default or the original size
// must have been acceptable. In other words, we only apply the smart minimum whenever we're positive
// doing so won't disrupt the layout.
- if (zoomedSize < minLogicalSize && (specifiedSize >= minLogicalSize || !isAbsoluteSize))
+ if (useSmartMinimumForFontSize && zoomedSize < minLogicalSize && (specifiedSize >= minLogicalSize || !isAbsoluteSize))
zoomedSize = minLogicalSize;
// Also clamp to a reasonable maximum to prevent insane font sizes from causing crashes on various
Modified: branches/safari-534.51-branch/Source/WebCore/css/CSSStyleSelector.h (95219 => 95220)
--- branches/safari-534.51-branch/Source/WebCore/css/CSSStyleSelector.h 2011-09-15 19:56:21 UTC (rev 95219)
+++ branches/safari-534.51-branch/Source/WebCore/css/CSSStyleSelector.h 2011-09-15 20:02:31 UTC (rev 95220)
@@ -35,6 +35,8 @@
namespace WebCore {
+enum ESmartMinimumForFontSize { DoNotUseSmartMinimumForFontSize, UseSmartMinimumForFontFize };
+
class CSSFontSelector;
class CSSMutableStyleDeclaration;
class CSSPageRule;
@@ -151,9 +153,12 @@
void setStyle(PassRefPtr<RenderStyle> s) { m_style = s; } // Used by the document when setting up its root style.
void applyPropertyToStyle(int id, CSSValue*, RenderStyle*);
+
+ static float getComputedSizeFromSpecifiedSize(Document*, float zoomFactor, bool isAbsoluteSize, float specifiedSize, ESmartMinimumForFontSize = UseSmartMinimumForFontFize);
private:
void setFontSize(FontDescription&, float size);
+
static float getComputedSizeFromSpecifiedSize(Document*, RenderStyle*, bool isAbsoluteSize, float specifiedSize, bool useSVGZoomRules);
public:
Color getColorFromPrimitiveValue(CSSPrimitiveValue*) const;
Modified: branches/safari-534.51-branch/Source/WebCore/platform/graphics/FontDescription.h (95219 => 95220)
--- branches/safari-534.51-branch/Source/WebCore/platform/graphics/FontDescription.h 2011-09-15 19:56:21 UTC (rev 95219)
+++ branches/safari-534.51-branch/Source/WebCore/platform/graphics/FontDescription.h 2011-09-15 20:02:31 UTC (rev 95220)
@@ -33,6 +33,7 @@
#include "FontWidthVariant.h"
#include "TextOrientation.h"
#include "TextRenderingMode.h"
+#include <wtf/MathExtras.h>
namespace WebCore {
@@ -115,8 +116,8 @@
FontWidthVariant widthVariant() const { return m_widthVariant; }
void setFamily(const FontFamily& family) { m_familyList = family; }
- void setComputedSize(float s) { m_computedSize = s; }
- void setSpecifiedSize(float s) { m_specifiedSize = s; }
+ void setComputedSize(float s) { ASSERT(isfinite(s)); m_computedSize = s; }
+ void setSpecifiedSize(float s) { ASSERT(isfinite(s)); m_specifiedSize = s; }
void setItalic(FontItalic i) { m_italic = i; }
void setItalic(bool i) { setItalic(i ? FontItalicOn : FontItalicOff); }
void setSmallCaps(FontSmallCaps c) { m_smallCaps = c; }
Modified: branches/safari-534.51-branch/Source/WebCore/rendering/svg/RenderSVGInlineText.cpp (95219 => 95220)
--- branches/safari-534.51-branch/Source/WebCore/rendering/svg/RenderSVGInlineText.cpp 2011-09-15 19:56:21 UTC (rev 95219)
+++ branches/safari-534.51-branch/Source/WebCore/rendering/svg/RenderSVGInlineText.cpp 2011-09-15 20:02:31 UTC (rev 95220)
@@ -250,7 +250,7 @@
}
FontDescription fontDescription(style->fontDescription());
- fontDescription.setComputedSize(fontDescription.computedSize() * scalingFactor);
+ fontDescription.setComputedSize(CSSStyleSelector::getComputedSizeFromSpecifiedSize(document, scalingFactor, fontDescription.isAbsoluteSize(), fontDescription.computedSize(), DoNotUseSmartMinimumForFontSize));
scaledFont = Font(fontDescription, 0, 0);
scaledFont.update(styleSelector->fontSelector());
