Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(280)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/WebCore/dom/StyleElement.cpp

Issue 6670019: Merge 80787 (Closed) Base URL: http://svn.webkit.org/repository/webkit/branches/chromium/648/
Patch Set: Created 9 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2006, 2007 Rob Buis 2 * Copyright (C) 2006, 2007 Rob Buis
3 * Copyright (C) 2008 Apple, Inc. All rights reserved. 3 * Copyright (C) 2008 Apple, Inc. All rights reserved.
4 * 4 *
5 * This library is free software; you can redistribute it and/or 5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Library General Public 6 * modify it under the terms of the GNU Library General Public
7 * License as published by the Free Software Foundation; either 7 * License as published by the Free Software Foundation; either
8 * version 2 of the License, or (at your option) any later version. 8 * version 2 of the License, or (at your option) any later version.
9 * 9 *
10 * This library is distributed in the hope that it will be useful, 10 * This library is distributed in the hope that it will be useful,
(...skipping 83 matching lines...) Expand 10 before | Expand all | Expand 10 after
94 m_createdByParser = false; 94 m_createdByParser = false;
95 } 95 }
96 96
97 void StyleElement::process(Element* e) 97 void StyleElement::process(Element* e)
98 { 98 {
99 if (!e || !e->inDocument()) 99 if (!e || !e->inDocument())
100 return; 100 return;
101 101
102 unsigned resultLength = 0; 102 unsigned resultLength = 0;
103 for (Node* c = e->firstChild(); c; c = c->nextSibling()) { 103 for (Node* c = e->firstChild(); c; c = c->nextSibling()) {
104 if (isValidStyleChild(c)) 104 if (isValidStyleChild(c)) {
105 resultLength += c->nodeValue().length(); 105 unsigned length = c->nodeValue().length();
106 if (length > std::numeric_limits<unsigned>::max() - resultLength)
107 CRASH();
108 resultLength += length;
109 }
106 } 110 }
107 UChar* text; 111 UChar* text;
108 String sheetText = String::createUninitialized(resultLength, text); 112 String sheetText = String::createUninitialized(resultLength, text);
109 113
110 UChar* p = text; 114 UChar* p = text;
111 for (Node* c = e->firstChild(); c; c = c->nextSibling()) { 115 for (Node* c = e->firstChild(); c; c = c->nextSibling()) {
112 if (isValidStyleChild(c)) { 116 if (isValidStyleChild(c)) {
113 String nodeValue = c->nodeValue(); 117 String nodeValue = c->nodeValue();
114 unsigned nodeLength = nodeValue.length(); 118 unsigned nodeLength = nodeValue.length();
115 memcpy(p, nodeValue.characters(), nodeLength * sizeof(UChar)); 119 memcpy(p, nodeValue.characters(), nodeLength * sizeof(UChar));
(...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after
164 { 168 {
165 ASSERT(document); 169 ASSERT(document);
166 if (isLoading()) 170 if (isLoading())
167 return false; 171 return false;
168 172
169 document->removePendingSheet(); 173 document->removePendingSheet();
170 return true; 174 return true;
171 } 175 }
172 176
173 } 177 }
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698